From 8edb4370f1e2e14ad791efd006d619280c0a07af Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Fri, 12 Apr 2024 12:47:29 +0100
Subject: [PATCH 01/98] Updated HUGO, started spanish localisation

---
 Dockerfile                                    |   19 +-
 src/config/_default/config.toml               |  182 +-
 src/config/_default/languages.toml            |   11 +
 src/config/_default/menus/menus.en.toml       |  174 +
 src/config/_default/menus/menus.es.toml       |  174 +
 .../authors/alexandr-stelnykovych/_index.md   |    0
 .../{ => en}/authors/iain-douglas/_index.md   |    0
 .../{ => en}/authors/juraj-hilje/_index.md    |    0
 .../{ => en}/authors/mirimir/_index.md        |    0
 .../{ => en}/authors/nick-pestell/_index.md   |    0
 .../{ => en}/authors/viktor-vecsei/_index.md  |    0
 .../2010-08-08-the-importance-of-privacy.md   |    0
 .../blog/2010-09-22-the-right-to-privacy.md   |    0
 ...through-controversial-three-strikes-law.md |    0
 ...7-fbi-gives-agents-ok-to-invade-privacy.md |    0
 ...-a-foreign-countrys-online-content-laws.md |    0
 ...-bills-spy-on-individual-surfing-habits.md |    0
 ...fbi-wants-to-criminalise-online-privacy.md |    0
 .../2012-02-11-europeans-rage-against-acta.md |    0
 ...ns-face-police-attack-on-online-privacy.md |    0
 ...19-google-caught-spying-on-safari-users.md |    0
 ...2012-02-26-iranians-face-halal-internet.md |    0
 .../2012-03-03-ireland-passes-sopa-law.md     |    0
 ...3-09-uk-isps-forced-to-spy-on-customers.md |    0
 ...ebate-rages-over-ad-tracking-regulation.md |    0
 ...ive-ways-to-protect-your-online-privacy.md |    0
 .../2012-04-02-can-duckduckgo-kill-google.md  |    0
 ...4-06-uk-online-spying-law-how-to-resist.md |    0
 ...of-a-threat-to-online-privacy-than-sopa.md |    0
 ...guide-to-current-online-privacy-threats.md |    0
 ...nger-esclates-as-bill-receives-approval.md |    0
 ...ngerous-anti-online-privacy-politicians.md |    0
 ...nline-privacy-the-uk-is-already-screwed.md |    0
 ...es-the-biggest-threat-to-online-privacy.md |    0
 ...ment-knocks-on-a-vpns-door-what-happens.md |    0
 ...-parties-dont-care-about-online-privacy.md |    0
 ...ine-privacy-who-are-the-worst-offenders.md |    0
 ...pdate-current-threats-to-online-privacy.md |    0
 ...-07-12-acta-and-sopa-back-from-the-dead.md |    0
 ...-top-five-worst-online-privacy-breaches.md |    0
 ...ing-your-online-privacy-on-a-smartphone.md |    0
 ...a-prepares-for-new-online-privacy-fight.md |    0
 ...-the-biggest-defender-of-online-privacy.md |    0
 ...ever-be-trusted-to-protect-your-privacy.md |    0
 ...is-a-trojan-horse-just-follow-the-money.md |    0
 ...-partnership-sopa-through-the-back-door.md |    0
 ...ree-days-left-to-protest-uk-porn-filter.md |    0
 ...ress-to-vote-on-secret-spying-act-today.md |    0
 ...ues-gallery-of-online-privacy-violators.md |    0
 ...privacy-concerns-limit-facebooks-growth.md |    0
 ...stralian-data-retention-debate-heats-up.md |    0
 ...-13-top-5-online-privacy-misconceptions.md |    0
 ...under-pressure-to-change-privacy-policy.md |    0
 ...0-28-top-five-free-online-privacy-tools.md |    0
 ...ust-governments-new-cyber-security-bill.md |    0
 ...much-your-personal-data-is-really-worth.md |    0
 ...mmunications-crackdown-a-brief-round-up.md |    0
 ...ned-about-online-privacy-than-canadians.md |    0
 ...ying-bill-youre-siding-with-paedophiles.md |    0
 ...c-data-under-threat-from-us-patriot-act.md |    0
 ...eople-affected-by-data-breaches-in-2012.md |    0
 ...vacy-law-but-facebook-gets-off-the-hook.md |    0
 ...-26-top-5-online-privacy-trends-in-2013.md |    0
 ...ks-top-5-anti-online-privacy-politicans.md |    0
 ...iggest-threats-to-global-online-privacy.md |    0
 ...hts-of-citizens-and-residents-in-the-eu.md |    0
 ...01-top-five-defenders-of-online-privacy.md |    0
 ...ook-vs-google-the-loser-is-your-privacy.md |    0
 ...13-04-18-is-cispa-a-threat-to-vpn-users.md |    0
 ...google-who-better-protects-your-privacy.md |    0
 ...privacy-debate-understanding-the-basics.md |    0
 ...29-introducing-ivpns-new-privacy-guides.md |    0
 ...pn-privacy-policies-decoded-hide-my-ass.md |    0
 ...2013-06-06-vpn-privacy-policies-decoded.md |    0
 ...king-the-entire-global-online-community.md |    0
 ...-vpn-privacy-policies-decoded-strongvpn.md |    0
 ...-21-vpn-privacy-policies-decoded-airvpn.md |    0
 ...28-vpn-privacy-policies-decoded-witopia.md |    0
 ...ns-least-concerned-about-online-privacy.md |    0
 ...shes-whitewash-investigation-into-prism.md |    0
 ...7-28-vpn-privacy-policies-decoded-boxpn.md |    0
 ...s-the-biggest-influence-on-vpn-sign-ups.md |    0
 .../2013-09-18-the-onion-router-under-fire.md |    0
 ...top-five-threats-to-online-privacy-2013.md |    0
 ...23-vpn-privacy-policies-decoded-vyprvpn.md |    0
 ...-11-07-ivpn-launches-new-privacy-guides.md |    0
 ...hts-of-citizens-and-residents-in-the-eu.md |    0
 .../blog/2013-11-21-new-windows-vpn-client.md |    0
 ...ve-reasons-uk-politicians-hate-internet.md |    0
 ...uropeans-really-set-free-data-retention.md |    0
 ...heres-five-us-politicians-keep-eye-2014.md |    0
 ...30-will-us-government-try-ban-vpns-2014.md |    0
 ...s-conscious-home-to-keep-things-private.md |    0
 ...-online-privacy-governments-says-survey.md |    0
 .../2014-04-10-heartbleed-passwords-change.md |    0
 ...-quick-guide-fcc-corruption-infographic.md |    0
 ...line-privacy-24-hours-two-simple-things.md |    0
 ...18-internet-censorship-around-the-world.md |    0
 ...s-worst-anti-online-privacy-politicians.md |    0
 ...2015-01-27-new-ivpn-client-v2-0-windows.md |    0
 ...-scheduled-server-maintenance-june-2015.md |    0
 ...-08-26-20-faster-windows-10-less-secure.md |    0
 ...t-forwarding-reservations-now-available.md |    0
 ...ng-the-ivpn-client-v2-4-for-windows-osx.md |    0
 ...11-26-multihop-v2-network-now-available.md |    0
 ...d-as-a-member-of-the-five-eyes-alliance.md |    0
 .../2016-09-23-closed-affiliate-program.md    |    0
 .../blog/2017-03-15-new-ivpn-app-ios.md       |    0
 ...re-products-uploading-your-private-data.md |    0
 ...ated-desktop-apps-for-windows-and-macos.md |    0
 ...roviders-and-sharing-with-third-parties.md |    0
 ...flict-between-lawful-access-and-privacy.md |    0
 ...ed-wi-fi-networks-feature-for-ivpn-apps.md |    0
 ...-28-new-pause-vpn-feature-for-ivpn-apps.md |    0
 ...1-introducing-wireguard-fully-automated.md |    0
 ...18-ivpn-is-now-a-tracking-free-provider.md |    0
 ...ing-claim-verified-by-independent-audit.md |    0
 ...ata-surveillance-with-ivpns-antitracker.md |    0
 ...-and-privacy-improvements-for-wireguard.md |    0
 ...vpn-to-undergo-extensive-security-audit.md |    0
 ...ntroducing-a-new-ivpn-subscription-plan.md |    0
 ...-12-12-password-less-vpn-authentication.md |    0
 ...23-independent-security-audit-concluded.md |    0
 ...0-ivpn-applications-are-now-open-source.md |    0
 ...for-android-is-now-available-on-f-droid.md |    0
 ...mmercial-vpn-to-work-from-home-securely.md |    0
 ...2020-04-22-beta-ivpn-linux-app-released.md |    0
 ...updating-the-ivpn-certificate-authority.md |    0
 ...all-platforms-to-undergo-security-audit.md |    0
 ...-15-ivpn-infrastructure-audit-concluded.md |    0
 ...6-29-gradual-removal-of-port-forwarding.md |    0
 ...me-change-from-privatus-to-ivpn-limited.md |    0
 ...ttery-life-apple-silicon-build-ivpn-app.md |    0
 ...blocking-controls-with-antitracker-plus.md |    0
 ...ommand-line-interface-for-ivpn-released.md |    0
 .../device-management-for-better-control.md   |    0
 .../dns-over-https-doh-macos-linux-windows.md |    0
 ...-two-factor-authentication-to-ivpn-apps.md |    0
 ...e-if-they-need-a-vpn-doineedavpn-launch.md |    0
 .../{ => en}/blog/in-support-of-ukraine.md    |    0
 ...bout-apple-app-store-rules-for-vpn-apps.md |    0
 ...troducing-a-redesigned-ivpn-for-android.md |    0
 ...ng-split-tunnelling-to-ivpn-for-windows.md |    0
 .../ipv6-over-ipv4-available-for-testing.md   |    0
 ...all-platforms-to-undergo-security-audit.md |    0
 ...ivpn-apps-security-audit-2022-concluded.md |    0
 .../ivpn-apps-security-audit-concluded.md     |    0
 .../ivpn-for-ios-now-offers-dns-over-https.md |    0
 ...infrastructure-fifth-audit-announcement.md |    0
 ...-accepts-monero-payments-runs-full-node.md |    0
 .../ivpn-preparing-sixth-security-audit.md    |    0
 ...pn-tunnelcrack-vulnerability-assessment.md |    0
 ...reguard-multi-hop-added-to-ivpn-for-ios.md |    0
 .../blog/kill-switch-changes-ivpn-android.md  |    0
 ...light-short-term-vpn-paid-btc-lightning.md |    0
 ...s-fastest-anonymous-military-grade-vpns.md |    0
 .../new-ivpn-apps-for-macos-and-windows.md    |    0
 ...th-bypass-vpn-and-mock-location-options.md |    0
 ...w-ivpn-linux-app-with-gui-now-available.md |    0
 ...-subscribe-without-providing-your-email.md |    0
 ...acy-issue-real-vpns-alone-cant-solve-it.md |    0
 ...sistant-wireguard-connections-ivpn-apps.md |    0
 ...revamped-ivpn-app-for-iphones-and-ipads.md |    0
 ...-our-ios-app-due-to-apple-ip-leak-issue.md |    0
 src/content/{ => en}/blog/socks5-proxy.md     |    0
 ...new-ivpn-apps-in-our-first-beta-program.md |    0
 ...t-but-necessary-privacy-enhancing-tools.md |    0
 .../who-owns-your-vpn-you-should-find-out.md  |    0
 .../blog/why-we-refuse-modern-marketing.md    |    0
 .../{ => en}/blog/why-you-dont-need-a-vpn.md  |    0
 .../blog/wireguard-port-forwarding-enabled.md |    0
 ...ur-vpn-provider-wont-go-to-jail-for-you.md |    0
 .../categories/industry-insights/_index.md    |    0
 .../{ => en}/categories/ivpn-news/_index.md   |    0
 .../categories/privacy-security/_index.md     |    0
 .../{ => en}/categories/releases/_index.md    |    0
 .../categories/under-the-hood/_index.md       |    0
 src/content/{ => en}/pages/account.md         |    0
 src/content/{ => en}/pages/antitracker.md     |    0
 src/content/{ => en}/pages/apps-android.md    |    0
 src/content/{ => en}/pages/apps-ios.md        |    0
 .../{ => en}/pages/apps-linux-legacy.md       |    0
 src/content/{ => en}/pages/apps-linux.md      |    0
 src/content/{ => en}/pages/apps-macos.md      |    0
 src/content/{ => en}/pages/apps-windows.md    |    0
 src/content/{ => en}/pages/apps.md            |    0
 src/content/{ => en}/pages/contactus.md       |    0
 src/content/{ => en}/pages/ethics.md          |    0
 src/content/{ => en}/pages/headless.md        |    0
 src/content/{ => en}/pages/home.md            |    2 +-
 .../pages/knowledgebase/android/_index.md     |    0
 .../developer-options-on-the-android-phone.md |    0
 .../android/error 424 public key not found.md |    0
 .../ivpn-doesnandsharp039t-start-on-boot.md   |    0
 .../android/mock-location-option.md           |    0
 ...39-on-the-connection-request-prompt-why.md |    0
 ...rmissions-does-your-app-require-and-why.md |    0
 .../pages/knowledgebase/billing/_index.md     |    0
 .../billing/does-ivpn-offer-a-free-trial.md   |    0
 .../how-can-i-cancel-my-ivpn-subscription.md  |    0
 .../how-can-i-delete-my-ivpn-account.md       |    0
 .../billing/how-can-i-pay-with-cash.md        |    0
 .../how-can-i-reactivate-my-account.md        |    0
 ...oin-but-the-invoice-is-still-unpaid-why.md |    0
 ...pal-but-my-account-is-still-pending-why.md |    0
 ...s-still-in-pendingorsuspended-state-why.md |    0
 ...me-pay-with-my-credit-card-can-you-help.md |    0
 .../billing/voucher-cards-faq.md              |    0
 .../pages/knowledgebase/general/_index.md     |    0
 ...stions-to-ask-your-vpn-service-provider.md |    0
 .../knowledgebase/general/antitracker-faq.md  |    0
 .../antitracker-plus-lists-explained.md       |    0
 ...tects-malware-in-the-ivpn-installer-why.md |    0
 ...lu-or-netflix-or-bbc-iplayer-using-ivpn.md |    0
 .../general/command-line-client-faq.md        |    0
 ...configuring-the-ivpn-app-to-autoconnect.md |    0
 .../pages/knowledgebase/general/custom-dns.md |    0
 .../general/device-management-faq.md          |    0
 ...p-or-bittorrent-or-torrents-downloading.md |    0
 ...low-smtp-email-whilst-connected-to-ivpn.md |    0
 .../do-you-have-advanced-privacy-guides.md    |    0
 .../do-you-have-an-affiliate-program.md       |    0
 ...you-offer-a-kill-switch-or-vpn-firewall.md |    0
 ...-offer-dedicated-or-static-ip-addresses.md |    0
 .../general/do-you-offer-ipv6.md              |    0
 ...ou-offer-openvpn-wireguard-config-files.md |    0
 .../do-you-offer-two-factor-authentication.md |    0
 ...oot-servers-during-a-maintenance-window.md |    0
 .../general/do-you-support-blackberry.md      |    0
 .../general/do-you-support-chromebook.md      |    0
 .../general/do-you-support-port-forwarding.md |    0
 ...do-you-support-tunnelblick-or-viscosity.md |    0
 .../does-ivpn-protect-ssh-connections.md      |    0
 .../does-ivpn-support-pfsense-firewall.md     |    0
 .../does-ivpn-support-roku-media-players.md   |    0
 .../general/does-ivpn-support-synology-nas.md |    0
 .../general/does-ivpn-support-windows-10.md   |    0
 .../general/does-voip-work-with-ivpn.md       |    0
 .../general/firewall-exceptions.md            |    0
 ...w-can-i-connect-to-the-multihop-network.md |    0
 ...m-or-services-behind-the-vpn-connection.md |    0
 ...nd-a-secure-pgp-encrypted-email-to-ivpn.md |    0
 ...ltaneous-connections-can-i-have-to-ivpn.md |    0
 ...-ips-do-you-have-in-total-or-per-server.md |    0
 .../general/how-much-does-ivpn-cost.md        |    0
 .../how-to-verify-warrant-canary-signature.md |    0
 ...rvers-or-where-are-your-servers-located.md |    0
 ...sec-with-a-public-pre-shared-key-secure.md |    0
 ...ng-leaked-by-webrtc-how-do-i-disable-it.md |    0
 .../general/quantum-resistance-faq.md         |    0
 .../quantum-resistant-vpn-connections.md      |    0
 .../general/socks5-proxy-service.md           |    0
 .../knowledgebase/general/split-tunnel-faq.md |    0
 .../split-tunnel-uses-and-limitations.md      |    0
 .../general/tcp-and-udp-connections.md        |    0
 .../using-wireguard-for-privacy-protection.md |    0
 .../general/what-are-tcp-connections.md       |    0
 .../general/what-is-a-multihop-vpn-service.md |    0
 ...t-encryption-cipher-for-vpn-connections.md |    0
 .../general/what-makes-ivpn-so-fast.md        |    0
 .../what-payment-methods-do-you-accept.md     |    0
 ...-speed-can-i-expect-or-how-fast-is-ivpn.md |    0
 .../what-technologies-do-you-use-at-ivpn.md   |    0
 .../what-vpn-protocols-do-you-offer.md        |    0
 ...wnload-the-vpn-software-for-my-computer.md |    0
 ...the-location-of-the-server-not-accurate.md |    0
 .../knowledgebase/general/wireguard-faq.md    |    0
 .../pages/knowledgebase/ios/_index.md         |    0
 .../ios/ios-how-to-enable-multihop.md         |    0
 ...onfigurations-why-do-i-see-this-message.md |    0
 .../native-ios-kill-switch-known-issues.md    |    0
 .../{ => en}/pages/knowledgebase/ios/v2ray.md |    0
 .../pages/knowledgebase/linux/_index.md       |    0
 ...-cli-client-for-linux-on-a-raspberry-pi.md |    0
 .../knowledgebase/linux/fedora-silverblue.md  |    0
 .../knowledgebase/linux/ivpn-on-qubes-os.md   |    0
 ...nux-autostart-openvpn-in-systemd-fedora.md |    0
 ...nux-autostart-openvpn-in-systemd-ubuntu.md |    0
 .../linux-autostart-wireguard-in-systemd.md   |    0
 .../linux/linux-avc-denial-with-selinux.md    |    0
 .../linux-cannot-import-ovpn-config-file.md   |    0
 ...w-do-i-prevent-vpn-leaks-using-iptables.md |    0
 ...nt-vpn-leaks-using-nftables-and-openvpn.md |    0
 ...ch-using-the-uncomplicated-firewall-ufw.md |    0
 ...with-obfsproxy-to-circumvent-censorship.md |    0
 .../linux-tray-icon-is-missing-in-gnome.md    |    0
 ...eaks-when-connecting-via-networkmanager.md |    0
 .../linux/linux-wireguard-kill-switch.md      |    0
 ...netlink-answers-operation-not-supported.md |    0
 ...ng-the-ivpn-linux-client-at-system-boot.md |    0
 .../pages/knowledgebase/macos/_index.md       |    0
 ...pletely-uninstall-or-remove-tunnelblick.md |    0
 ...ivpnapp-is-damaged-and-cannot-be-opened.md |    0
 ...system-events-why-do-i-see-this-warning.md |    0
 .../macos/macos-disposable-emails.md          |    0
 ...d-keys-private-key-generation-error-133.md |    0
 ...ninstall-or-remove-the-ivpn-application.md |    0
 ...macos-ivpn-helper-agent-is-not-starting.md |    0
 .../macos-launch-at-login-is-not-available.md |    0
 ...r-agent-portion-of-the-ivpn-app-install.md |    0
 ...k-how-do-i-edit-the-openvpn-config-file.md |    0
 ...k-how-to-submit-diagnostic-data-to-ivpn.md |    0
 ...-opening-utun-no-buffer-space-available.md |    0
 ...lick-password-or-authentication-failure.md |    0
 ...t-does-not-appear-to-be-reachable-error.md |    0
 ...e-to-load-nettunnelblicktap-kexts-error.md |    0
 ...elblick-why-is-the-dns-server-incorrect.md |    0
 ...cos-version-is-required-for-ivpn-client.md |    0
 ...why-is-ivpn-agent-daemon-always-running.md |    0
 .../{ => en}/pages/knowledgebase/mp/_index.md |    0
 .../connecting-to-ivpn-on-amazon-fire-tv.md   |    0
 ...ow-do-i-connect-my-nvidia-shield-device.md |    0
 .../how-to-use-ivpn-on-kodi-media-player.md   |    0
 .../mp/is-ivpn-compatible-with-appletv.md     |    0
 .../pages/knowledgebase/passwords/_index.md   |    0
 .../passwords/how-do-i-change-my-password.md  |    0
 ...got-my-ivpn-account-id-what-should-i-do.md |    0
 .../i-forgot-my-password-what-should-i-do.md  |    0
 .../pages/knowledgebase/privacy/_index.md     |    0
 ...tats-information-relating-to-an-account.md |    0
 ...at-could-be-used-to-identify-a-customer.md |    0
 ...-ivpn-offer-perfect-forward-secrecy-pfs.md |    0
 ...ow-when-iandsharp039m-protected-by-ivpn.md |    0
 ...-for-information-relating-to-a-customer.md |    0
 ...n-to-compromise-their-customers-privacy.md |    0
 ...pyright-material-that-i-have-downloaded.md |    0
 ...nd-store-when-i-signup-for-your-service.md |    0
 ...ored-about-all-visitors-to-your-website.md |    0
 ...s-stored-when-i-stop-using-your-service.md |    0
 .../pages/knowledgebase/routers/_index.md     |    0
 ...do-i-exclude-hosts-or-bypass-vpn-tunnel.md |    0
 ...rrors-incoming-plaintext-read-error-etc.md |    0
 ...andsharp039-in-my-dd-wrtortomato-router.md |    0
 .../knowledgebase/troubleshooting/_index.md   |    0
 .../error-connecting-to-ivpn-daemon.md        |    0
 .../how-can-i-reset-my-dns-settings.md        |    0
 ...ge-the-port-or-protocol-used-to-connect.md |    0
 .../how-do-i-clear-or-flush-my-dns-cache.md   |    0
 ...connect-to-the-vpn-from-a-remote-server.md |    0
 .../how-do-i-use-the-ping-command.md          |    0
 .../how-do-i-verify-the-location-of-server.md |    0
 ...disable-enhanced-app-authentication-eaa.md |    0
 ...w-to-submit-vpn-diagnostic-logs-to-ivpn.md |    0
 ...-access-devices-on-my-local-network-why.md |    0
 ...nam-or-iran-or-russia-etc-what-can-i-do.md |    0
 ...cannot-connect-to-the-vpn-what-can-i-do.md |    0
 ...nection-when-i-disconnect-from-ivpn-why.md |    0
 ...ailureandsharp039-message-what-can-i-do.md |    0
 ...ected-to-vpn-how-to-disable-geolocation.md |    0
 ...is-randomly-disconnecting-what-can-i-do.md |    0
 ...ed-but-i-cannot-browse-the-internet-why.md |    0
 ...is-slow-what-can-i-do-to-make-it-faster.md |    0
 .../replay-window-backtrack-occurred-error.md |    0
 ...ne-drains-too-fast-while-using-ivpn-why.md |    0
 ...able-control-packet-received-how-to-fix.md |    0
 ...-negotiation-failed-to-occur-how-to-fix.md |    0
 ...t-is-the-ip-address-of-your-dns-servers.md |    0
 .../pages/knowledgebase/windows/_index.md     |    0
 ...indows-10-set-ivpn-dns-servers-manually.md |    0
 ...ows-all-tap-win32-adapters-in-use-error.md |    0
 ...events-the-installation-of-ivpn-app-why.md |    0
 .../windows/windows-dns-cannot-be-resolved.md |    0
 ...onfigure-openvpn-to-save-my-credentials.md |    0
 ...onfigure-openvpn-to-start-automatically.md |    0
 ...nandsharp039t-change-when-connected-why.md |    0
 ...-warning-route-gateway-is-not-reachable.md |    0
 .../pages/legal-process-guidelines.md         |    0
 src/content/{ => en}/pages/light.md           |    0
 src/content/{ => en}/pages/manifesto.md       |    0
 .../{ => en}/pages/openvpn-configuration.md   |    0
 ...-vs-ipsec-ikev2-vs-openvpn-vs-wireguard.md |    0
 src/content/{ => en}/pages/pricing-teams.md   |    0
 src/content/{ => en}/pages/pricing.md         |    0
 ...stions-to-ask-your-vpn-service-provider.md |    0
 .../{ => en}/pages/privacy-guides/_index.md   |    0
 .../advanced-privacy-and-anonymity-part-1.md  |    0
 .../advanced-privacy-and-anonymity-part-2.md  |    0
 .../advanced-privacy-and-anonymity-part-3.md  |    0
 .../advanced-privacy-and-anonymity-part-4.md  |    0
 .../advanced-privacy-and-anonymity-part-5.md  |    0
 .../advanced-privacy-and-anonymity-part-6.md  |    0
 .../advanced-privacy-and-anonymity-part-7.md  |    0
 .../advanced-privacy-and-anonymity-part-8.md  |    0
 ...saries-and-anonymity-systems-the-basics.md |    0
 .../an-introduction-to-privacy-anonymity.md   |    0
 .../an-introduction-to-tor-vs-i2p.md          |    0
 .../applying-risk-management-to-privacy.md    |    0
 ...pns-centralized-vpns-privacy-protection.md |    0
 ...-vm-within-a-hidden-truecrypt-partition.md |    0
 .../how-to-perform-a-vpn-leak-test.md         |    0
 ...-physical-locations-of-internet-servers.md |    0
 .../isp-netflow-surveillance-and-vpn.md       |    0
 .../pages/privacy-guides/mac-address.md       |    0
 .../onion-ssh-hosts-for-login-chaining.md     |    0
 ...h-opsec-and-compartmentalization-part-1.md |    0
 ...h-opsec-and-compartmentalization-part-2.md |    0
 ...h-opsec-and-compartmentalization-part-3.md |    0
 ...h-opsec-and-compartmentalization-part-4.md |    0
 .../raspberry-pi-2-ivpn-gateway.md            |    0
 .../privacy-guides/vpn-latency-explained.md   |    0
 .../pages/privacy-guides/vpn-vs-tor.md        |    0
 .../pages/privacy-guides/what-is-a-vpn.md     |    0
 .../why-use-tor-with-a-vpn-service.md         |    0
 .../privacy-guides/will-a-vpn-protect-me.md   |    0
 src/content/{ => en}/pages/privacy-policy.md  |    0
 src/content/{ => en}/pages/refunds.md         |    0
 .../{ => en}/pages/report-vulnerability.md    |    0
 src/content/{ => en}/pages/servers.md         |    0
 .../pages/setup/android-ipsec-with-ikev2.md   |    0
 .../setup/android-openvpn-for-android.md      |    0
 .../{ => en}/pages/setup/android-wireguard.md |    0
 .../{ => en}/pages/setup/ios-ipsec-ikev2.md   |    0
 .../pages/setup/ios-openvpn-connect.md        |    0
 .../{ => en}/pages/setup/ios-wireguard.md     |    0
 .../pages/setup/linux-ipsec-with-ikev2.md     |    0
 .../{ => en}/pages/setup/linux-netman.md      |    0
 .../{ => en}/pages/setup/linux-terminal.md    |    0
 .../pages/setup/linux-wireguard-netman.md     |    0
 .../{ => en}/pages/setup/linux-wireguard.md   |    0
 .../pages/setup/macos-ipsec-with-ikev2.md     |    0
 .../pages/setup/macos-openvpn-tunnelblick.md  |    0
 .../{ => en}/pages/setup/macos-wireguard.md   |    0
 .../{ => en}/pages/setup/nas/_index.md        |    0
 src/content/{ => en}/pages/setup/nas/qnap.md  |    0
 .../{ => en}/pages/setup/nas/synology-6.md    |    0
 .../{ => en}/pages/setup/router/_index.md     |    0
 .../setup/router/asuswrt-merlin-openvpn.md    |    0
 .../setup/router/asuswrt-merlin-wireguard.md  |    0
 .../pages/setup/router/asuswrt-openvpn.md     |    0
 .../pages/setup/router/asuswrt-wireguard.md   |    0
 .../{ => en}/pages/setup/router/ddwrt-auto.md |    0
 .../pages/setup/router/ddwrt-manual.md        |    0
 .../pages/setup/router/ddwrt-wireguard.md     |    0
 .../{ => en}/pages/setup/router/ddwrt.md      |    0
 .../setup/router/openwrt-wireguard-legacy.md  |    0
 .../pages/setup/router/openwrt-wireguard.md   |    0
 .../{ => en}/pages/setup/router/openwrt.md    |    0
 .../router/opnsense-openvpn-instances.md      |    0
 .../pages/setup/router/opnsense-wireguard.md  |    0
 .../{ => en}/pages/setup/router/opnsense.md   |    0
 .../pages/setup/router/pfsense-wireguard.md   |    0
 .../{ => en}/pages/setup/router/pfsense.md    |    0
 .../pages/setup/router/tomato-manual.md       |    0
 .../setup/windows-10-ipsec-with-ikev2.md      |    0
 .../setup/windows-10-openvpn-community.md     |    0
 .../pages/setup/windows-10-wireguard.md       |    0
 .../setup/windows-8-openvpn-community.md      |    0
 .../{ => en}/pages/supported-projects.md      |    0
 src/content/{ => en}/pages/supportua-ru.md    |    0
 src/content/{ => en}/pages/supportua.md       |    0
 src/content/{ => en}/pages/team.md            |    0
 .../{ => en}/pages/terms-of-service.md        |    0
 src/content/{ => en}/pages/thank-you-light.md |    0
 .../{ => en}/pages/transparency-report.md     |    0
 src/content/{ => en}/pages/trust.md           |    0
 src/content/{ => en}/pages/what-is-vpn.md     |    0
 src/content/{ => en}/pages/wireguard-vpn.md   |    0
 .../authors/alexandr-stelnykovych/_index.md   |    3 +
 src/content/es/authors/iain-douglas/_index.md |    3 +
 src/content/es/authors/juraj-hilje/_index.md  |    3 +
 src/content/es/authors/mirimir/_index.md      |    3 +
 src/content/es/authors/nick-pestell/_index.md |    3 +
 .../es/authors/viktor-vecsei/_index.md        |    3 +
 .../2010-08-08-the-importance-of-privacy.md   |   45 +
 .../blog/2010-09-22-the-right-to-privacy.md   |   72 +
 ...through-controversial-three-strikes-law.md |   19 +
 ...7-fbi-gives-agents-ok-to-invade-privacy.md |   23 +
 ...-a-foreign-countrys-online-content-laws.md |   50 +
 ...-bills-spy-on-individual-surfing-habits.md |   31 +
 ...fbi-wants-to-criminalise-online-privacy.md |   45 +
 .../2012-02-11-europeans-rage-against-acta.md |   41 +
 ...ns-face-police-attack-on-online-privacy.md |   27 +
 ...19-google-caught-spying-on-safari-users.md |   49 +
 ...2012-02-26-iranians-face-halal-internet.md |   41 +
 .../2012-03-03-ireland-passes-sopa-law.md     |   39 +
 ...3-09-uk-isps-forced-to-spy-on-customers.md |   38 +
 ...ebate-rages-over-ad-tracking-regulation.md |   42 +
 ...ive-ways-to-protect-your-online-privacy.md |   47 +
 .../2012-04-02-can-duckduckgo-kill-google.md  |   54 +
 ...4-06-uk-online-spying-law-how-to-resist.md |   93 +
 ...of-a-threat-to-online-privacy-than-sopa.md |   43 +
 ...guide-to-current-online-privacy-threats.md |  113 +
 ...nger-esclates-as-bill-receives-approval.md |   48 +
 ...ngerous-anti-online-privacy-politicians.md |   83 +
 ...nline-privacy-the-uk-is-already-screwed.md |   58 +
 ...es-the-biggest-threat-to-online-privacy.md |   49 +
 ...ment-knocks-on-a-vpns-door-what-happens.md |   57 +
 ...-parties-dont-care-about-online-privacy.md |   39 +
 ...ine-privacy-who-are-the-worst-offenders.md |   55 +
 ...pdate-current-threats-to-online-privacy.md |   50 +
 ...-07-12-acta-and-sopa-back-from-the-dead.md |   37 +
 ...-top-five-worst-online-privacy-breaches.md |   44 +
 ...ing-your-online-privacy-on-a-smartphone.md |   45 +
 ...a-prepares-for-new-online-privacy-fight.md |   45 +
 ...-the-biggest-defender-of-online-privacy.md |   49 +
 ...ever-be-trusted-to-protect-your-privacy.md |   47 +
 ...is-a-trojan-horse-just-follow-the-money.md |   55 +
 ...-partnership-sopa-through-the-back-door.md |   44 +
 ...ree-days-left-to-protest-uk-porn-filter.md |  270 +
 ...ress-to-vote-on-secret-spying-act-today.md |   57 +
 ...ues-gallery-of-online-privacy-violators.md |   63 +
 ...privacy-concerns-limit-facebooks-growth.md |   52 +
 ...stralian-data-retention-debate-heats-up.md |   67 +
 ...-13-top-5-online-privacy-misconceptions.md |   47 +
 ...under-pressure-to-change-privacy-policy.md |   52 +
 ...0-28-top-five-free-online-privacy-tools.md |  114 +
 ...ust-governments-new-cyber-security-bill.md |   56 +
 ...much-your-personal-data-is-really-worth.md |   37 +
 ...mmunications-crackdown-a-brief-round-up.md |   47 +
 ...ned-about-online-privacy-than-canadians.md |   35 +
 ...ying-bill-youre-siding-with-paedophiles.md |   47 +
 ...c-data-under-threat-from-us-patriot-act.md |   41 +
 ...eople-affected-by-data-breaches-in-2012.md |   51 +
 ...vacy-law-but-facebook-gets-off-the-hook.md |   42 +
 ...-26-top-5-online-privacy-trends-in-2013.md |   59 +
 ...ks-top-5-anti-online-privacy-politicans.md |   67 +
 ...iggest-threats-to-global-online-privacy.md |   49 +
 ...hts-of-citizens-and-residents-in-the-eu.md |   23 +
 ...01-top-five-defenders-of-online-privacy.md |   66 +
 ...ook-vs-google-the-loser-is-your-privacy.md |   62 +
 ...13-04-18-is-cispa-a-threat-to-vpn-users.md |   40 +
 ...google-who-better-protects-your-privacy.md |   84 +
 ...privacy-debate-understanding-the-basics.md |   58 +
 ...29-introducing-ivpns-new-privacy-guides.md |   48 +
 ...pn-privacy-policies-decoded-hide-my-ass.md |  114 +
 ...2013-06-06-vpn-privacy-policies-decoded.md |   71 +
 ...king-the-entire-global-online-community.md |   34 +
 ...-vpn-privacy-policies-decoded-strongvpn.md |   52 +
 ...-21-vpn-privacy-policies-decoded-airvpn.md |  234 +
 ...28-vpn-privacy-policies-decoded-witopia.md |   66 +
 ...ns-least-concerned-about-online-privacy.md |   57 +
 ...shes-whitewash-investigation-into-prism.md |   49 +
 ...7-28-vpn-privacy-policies-decoded-boxpn.md |   60 +
 ...s-the-biggest-influence-on-vpn-sign-ups.md |   60 +
 .../2013-09-18-the-onion-router-under-fire.md |   35 +
 ...top-five-threats-to-online-privacy-2013.md |   38 +
 ...23-vpn-privacy-policies-decoded-vyprvpn.md |   61 +
 ...-11-07-ivpn-launches-new-privacy-guides.md |   32 +
 ...hts-of-citizens-and-residents-in-the-eu.md |   29 +
 .../blog/2013-11-21-new-windows-vpn-client.md |   40 +
 ...ve-reasons-uk-politicians-hate-internet.md |   93 +
 ...uropeans-really-set-free-data-retention.md |   42 +
 ...heres-five-us-politicians-keep-eye-2014.md |   65 +
 ...30-will-us-government-try-ban-vpns-2014.md |   33 +
 ...s-conscious-home-to-keep-things-private.md |   43 +
 ...-online-privacy-governments-says-survey.md |   35 +
 .../2014-04-10-heartbleed-passwords-change.md |   53 +
 ...-quick-guide-fcc-corruption-infographic.md |   32 +
 ...line-privacy-24-hours-two-simple-things.md |   68 +
 ...18-internet-censorship-around-the-world.md |   28 +
 ...s-worst-anti-online-privacy-politicians.md |   65 +
 ...2015-01-27-new-ivpn-client-v2-0-windows.md |  100 +
 ...-scheduled-server-maintenance-june-2015.md |   28 +
 ...-08-26-20-faster-windows-10-less-secure.md |   73 +
 ...t-forwarding-reservations-now-available.md |   32 +
 ...ng-the-ivpn-client-v2-4-for-windows-osx.md |   93 +
 ...11-26-multihop-v2-network-now-available.md |   44 +
 ...d-as-a-member-of-the-five-eyes-alliance.md |  129 +
 .../2016-09-23-closed-affiliate-program.md    |  102 +
 .../es/blog/2017-03-15-new-ivpn-app-ios.md    |   37 +
 ...re-products-uploading-your-private-data.md |  142 +
 ...ated-desktop-apps-for-windows-and-macos.md |   59 +
 ...roviders-and-sharing-with-third-parties.md |  105 +
 ...flict-between-lawful-access-and-privacy.md |  117 +
 ...ed-wi-fi-networks-feature-for-ivpn-apps.md |   30 +
 ...-28-new-pause-vpn-feature-for-ivpn-apps.md |   25 +
 ...1-introducing-wireguard-fully-automated.md |   45 +
 ...18-ivpn-is-now-a-tracking-free-provider.md |   45 +
 ...ing-claim-verified-by-independent-audit.md |   57 +
 ...ata-surveillance-with-ivpns-antitracker.md |  116 +
 ...-and-privacy-improvements-for-wireguard.md |   55 +
 ...vpn-to-undergo-extensive-security-audit.md |   31 +
 ...ntroducing-a-new-ivpn-subscription-plan.md |   52 +
 ...-12-12-password-less-vpn-authentication.md |   30 +
 ...23-independent-security-audit-concluded.md |  107 +
 ...0-ivpn-applications-are-now-open-source.md |   37 +
 ...for-android-is-now-available-on-f-droid.md |   38 +
 ...mmercial-vpn-to-work-from-home-securely.md |   30 +
 ...2020-04-22-beta-ivpn-linux-app-released.md |   48 +
 ...updating-the-ivpn-certificate-authority.md |   46 +
 ...all-platforms-to-undergo-security-audit.md |   21 +
 ...-15-ivpn-infrastructure-audit-concluded.md |   35 +
 ...6-29-gradual-removal-of-port-forwarding.md |   44 +
 ...me-change-from-privatus-to-ivpn-limited.md |   32 +
 ...ttery-life-apple-silicon-build-ivpn-app.md |   74 +
 ...blocking-controls-with-antitracker-plus.md |   73 +
 ...ommand-line-interface-for-ivpn-released.md |   58 +
 .../device-management-for-better-control.md   |   46 +
 .../dns-over-https-doh-macos-linux-windows.md |   28 +
 ...-two-factor-authentication-to-ivpn-apps.md |   26 +
 ...e-if-they-need-a-vpn-doineedavpn-launch.md |   33 +
 src/content/es/blog/in-support-of-ukraine.md  |   33 +
 ...bout-apple-app-store-rules-for-vpn-apps.md |  103 +
 ...troducing-a-redesigned-ivpn-for-android.md |   42 +
 ...ng-split-tunnelling-to-ivpn-for-windows.md |   26 +
 .../ipv6-over-ipv4-available-for-testing.md   |   23 +
 ...all-platforms-to-undergo-security-audit.md |   23 +
 ...ivpn-apps-security-audit-2022-concluded.md |   43 +
 .../ivpn-apps-security-audit-concluded.md     |   31 +
 .../ivpn-for-ios-now-offers-dns-over-https.md |   35 +
 ...infrastructure-fifth-audit-announcement.md |   30 +
 ...-accepts-monero-payments-runs-full-node.md |   38 +
 .../ivpn-preparing-sixth-security-audit.md    |   31 +
 ...pn-tunnelcrack-vulnerability-assessment.md |   70 +
 ...reguard-multi-hop-added-to-ivpn-for-ios.md |   22 +
 .../blog/kill-switch-changes-ivpn-android.md  |   32 +
 ...light-short-term-vpn-paid-btc-lightning.md |   37 +
 ...s-fastest-anonymous-military-grade-vpns.md |  163 +
 .../new-ivpn-apps-for-macos-and-windows.md    |   54 +
 ...th-bypass-vpn-and-mock-location-options.md |   36 +
 ...w-ivpn-linux-app-with-gui-now-available.md |   48 +
 ...-subscribe-without-providing-your-email.md |   52 +
 ...acy-issue-real-vpns-alone-cant-solve-it.md |  140 +
 ...sistant-wireguard-connections-ivpn-apps.md |   35 +
 ...revamped-ivpn-app-for-iphones-and-ipads.md |   50 +
 ...-our-ios-app-due-to-apple-ip-leak-issue.md |   37 +
 src/content/es/blog/socks5-proxy.md           |   35 +
 ...new-ivpn-apps-in-our-first-beta-program.md |   57 +
 ...t-but-necessary-privacy-enhancing-tools.md |   55 +
 .../who-owns-your-vpn-you-should-find-out.md  |   54 +
 .../es/blog/why-we-refuse-modern-marketing.md |   57 +
 .../es/blog/why-you-dont-need-a-vpn.md        |   94 +
 .../blog/wireguard-port-forwarding-enabled.md |   31 +
 ...ur-vpn-provider-wont-go-to-jail-for-you.md |   66 +
 .../es/categories/industry-insights/_index.md |    8 +
 src/content/es/categories/ivpn-news/_index.md |    8 +
 .../es/categories/privacy-security/_index.md  |    8 +
 src/content/es/categories/releases/_index.md  |    7 +
 .../es/categories/under-the-hood/_index.md    |    7 +
 src/content/es/pages/account.md               |   11 +
 src/content/es/pages/antitracker.md           |   24 +
 src/content/es/pages/apps-android.md          |   62 +
 src/content/es/pages/apps-ios.md              |   32 +
 src/content/es/pages/apps-linux-legacy.md     |   97 +
 src/content/es/pages/apps-linux.md            |  266 +
 src/content/es/pages/apps-macos.md            |   63 +
 src/content/es/pages/apps-windows.md          |   55 +
 src/content/es/pages/apps.md                  |    7 +
 src/content/es/pages/contactus.md             |   20 +
 src/content/es/pages/ethics.md                |  113 +
 src/content/es/pages/headless.md              |    5 +
 src/content/es/pages/home.md                  |  102 +
 .../es/pages/knowledgebase/android/_index.md  |    7 +
 .../developer-options-on-the-android-phone.md |   34 +
 .../android/error 424 public key not found.md |   19 +
 .../ivpn-doesnandsharp039t-start-on-boot.md   |   17 +
 .../android/mock-location-option.md           |   35 +
 ...39-on-the-connection-request-prompt-why.md |   19 +
 ...rmissions-does-your-app-require-and-why.md |   23 +
 .../es/pages/knowledgebase/billing/_index.md  |    7 +
 .../billing/does-ivpn-offer-a-free-trial.md   |   14 +
 .../how-can-i-cancel-my-ivpn-subscription.md  |   17 +
 .../how-can-i-delete-my-ivpn-account.md       |   15 +
 .../billing/how-can-i-pay-with-cash.md        |   23 +
 .../how-can-i-reactivate-my-account.md        |   15 +
 ...oin-but-the-invoice-is-still-unpaid-why.md |   15 +
 ...pal-but-my-account-is-still-pending-why.md |   13 +
 ...s-still-in-pendingorsuspended-state-why.md |   17 +
 ...me-pay-with-my-credit-card-can-you-help.md |   15 +
 .../billing/voucher-cards-faq.md              |   49 +
 .../es/pages/knowledgebase/general/_index.md  |    7 +
 ...stions-to-ask-your-vpn-service-provider.md |   62 +
 .../knowledgebase/general/antitracker-faq.md  |   64 +
 .../antitracker-plus-lists-explained.md       |   86 +
 ...tects-malware-in-the-ivpn-installer-why.md |   67 +
 ...lu-or-netflix-or-bbc-iplayer-using-ivpn.md |   28 +
 .../general/command-line-client-faq.md        |  153 +
 ...configuring-the-ivpn-app-to-autoconnect.md |   29 +
 .../pages/knowledgebase/general/custom-dns.md |   54 +
 .../general/device-management-faq.md          |   70 +
 ...p-or-bittorrent-or-torrents-downloading.md |   13 +
 ...low-smtp-email-whilst-connected-to-ivpn.md |   15 +
 .../do-you-have-advanced-privacy-guides.md    |   15 +
 .../do-you-have-an-affiliate-program.md       |   13 +
 ...you-offer-a-kill-switch-or-vpn-firewall.md |   74 +
 ...-offer-dedicated-or-static-ip-addresses.md |   13 +
 .../general/do-you-offer-ipv6.md              |   13 +
 ...ou-offer-openvpn-wireguard-config-files.md |   15 +
 .../do-you-offer-two-factor-authentication.md |   27 +
 ...oot-servers-during-a-maintenance-window.md |   13 +
 .../general/do-you-support-blackberry.md      |   15 +
 .../general/do-you-support-chromebook.md      |   19 +
 .../general/do-you-support-port-forwarding.md |   31 +
 ...do-you-support-tunnelblick-or-viscosity.md |   19 +
 .../does-ivpn-protect-ssh-connections.md      |   13 +
 .../does-ivpn-support-pfsense-firewall.md     |   15 +
 .../does-ivpn-support-roku-media-players.md   |   15 +
 .../general/does-ivpn-support-synology-nas.md |   13 +
 .../general/does-ivpn-support-windows-10.md   |   15 +
 .../general/does-voip-work-with-ivpn.md       |   15 +
 .../general/firewall-exceptions.md            |  104 +
 ...w-can-i-connect-to-the-multihop-network.md |   67 +
 ...m-or-services-behind-the-vpn-connection.md |   21 +
 ...nd-a-secure-pgp-encrypted-email-to-ivpn.md |   15 +
 ...ltaneous-connections-can-i-have-to-ivpn.md |   19 +
 ...-ips-do-you-have-in-total-or-per-server.md |   13 +
 .../general/how-much-does-ivpn-cost.md        |   15 +
 .../how-to-verify-warrant-canary-signature.md |   35 +
 ...rvers-or-where-are-your-servers-located.md |   13 +
 ...sec-with-a-public-pre-shared-key-secure.md |   25 +
 ...ng-leaked-by-webrtc-how-do-i-disable-it.md |   37 +
 .../general/quantum-resistance-faq.md         |   65 +
 .../quantum-resistant-vpn-connections.md      |  141 +
 .../general/socks5-proxy-service.md           |  163 +
 .../knowledgebase/general/split-tunnel-faq.md |   62 +
 .../split-tunnel-uses-and-limitations.md      |   53 +
 .../general/tcp-and-udp-connections.md        |   21 +
 .../using-wireguard-for-privacy-protection.md |  172 +
 .../general/what-are-tcp-connections.md       |   20 +
 .../general/what-is-a-multihop-vpn-service.md |   15 +
 ...t-encryption-cipher-for-vpn-connections.md |   15 +
 .../general/what-makes-ivpn-so-fast.md        |   25 +
 .../what-payment-methods-do-you-accept.md     |   25 +
 ...-speed-can-i-expect-or-how-fast-is-ivpn.md |   19 +
 .../what-technologies-do-you-use-at-ivpn.md   |   31 +
 .../what-vpn-protocols-do-you-offer.md        |   15 +
 ...wnload-the-vpn-software-for-my-computer.md |   13 +
 ...the-location-of-the-server-not-accurate.md |   15 +
 .../knowledgebase/general/wireguard-faq.md    |   77 +
 .../es/pages/knowledgebase/ios/_index.md      |    7 +
 .../ios/ios-how-to-enable-multihop.md         |   22 +
 ...onfigurations-why-do-i-see-this-message.md |   17 +
 .../native-ios-kill-switch-known-issues.md    |   23 +
 .../es/pages/knowledgebase/ios/v2ray.md       |   42 +
 .../es/pages/knowledgebase/linux/_index.md    |    7 +
 ...-cli-client-for-linux-on-a-raspberry-pi.md |   98 +
 .../knowledgebase/linux/fedora-silverblue.md  |   68 +
 .../knowledgebase/linux/ivpn-on-qubes-os.md   |  158 +
 ...nux-autostart-openvpn-in-systemd-fedora.md |   75 +
 ...nux-autostart-openvpn-in-systemd-ubuntu.md |   92 +
 .../linux-autostart-wireguard-in-systemd.md   |   50 +
 .../linux/linux-avc-denial-with-selinux.md    |   18 +
 .../linux-cannot-import-ovpn-config-file.md   |   25 +
 ...w-do-i-prevent-vpn-leaks-using-iptables.md |  142 +
 ...nt-vpn-leaks-using-nftables-and-openvpn.md |  182 +
 ...ch-using-the-uncomplicated-firewall-ufw.md |   85 +
 ...with-obfsproxy-to-circumvent-censorship.md |  176 +
 .../linux-tray-icon-is-missing-in-gnome.md    |   20 +
 ...eaks-when-connecting-via-networkmanager.md |  109 +
 .../linux/linux-wireguard-kill-switch.md      |   57 +
 ...netlink-answers-operation-not-supported.md |   29 +
 ...ng-the-ivpn-linux-client-at-system-boot.md |  142 +
 .../es/pages/knowledgebase/macos/_index.md    |    7 +
 ...pletely-uninstall-or-remove-tunnelblick.md |   14 +
 ...ivpnapp-is-damaged-and-cannot-be-opened.md |   22 +
 ...system-events-why-do-i-see-this-warning.md |   21 +
 .../macos/macos-disposable-emails.md          |   46 +
 ...d-keys-private-key-generation-error-133.md |   15 +
 ...ninstall-or-remove-the-ivpn-application.md |   20 +
 ...macos-ivpn-helper-agent-is-not-starting.md |   27 +
 .../macos-launch-at-login-is-not-available.md |   17 +
 ...r-agent-portion-of-the-ivpn-app-install.md |   15 +
 ...k-how-do-i-edit-the-openvpn-config-file.md |   16 +
 ...k-how-to-submit-diagnostic-data-to-ivpn.md |   19 +
 ...-opening-utun-no-buffer-space-available.md |   18 +
 ...lick-password-or-authentication-failure.md |   22 +
 ...t-does-not-appear-to-be-reachable-error.md |   18 +
 ...e-to-load-nettunnelblicktap-kexts-error.md |   14 +
 ...elblick-why-is-the-dns-server-incorrect.md |   16 +
 ...cos-version-is-required-for-ivpn-client.md |   15 +
 ...why-is-ivpn-agent-daemon-always-running.md |   28 +
 .../es/pages/knowledgebase/mp/_index.md       |    8 +
 .../connecting-to-ivpn-on-amazon-fire-tv.md   |   36 +
 ...ow-do-i-connect-my-nvidia-shield-device.md |   25 +
 .../how-to-use-ivpn-on-kodi-media-player.md   |   18 +
 .../mp/is-ivpn-compatible-with-appletv.md     |   28 +
 .../pages/knowledgebase/passwords/_index.md   |    7 +
 .../passwords/how-do-i-change-my-password.md  |   14 +
 ...got-my-ivpn-account-id-what-should-i-do.md |   20 +
 .../i-forgot-my-password-what-should-i-do.md  |   18 +
 .../es/pages/knowledgebase/privacy/_index.md  |    7 +
 ...tats-information-relating-to-an-account.md |   14 +
 ...at-could-be-used-to-identify-a-customer.md |   14 +
 ...-ivpn-offer-perfect-forward-secrecy-pfs.md |   16 +
 ...ow-when-iandsharp039m-protected-by-ivpn.md |   16 +
 ...-for-information-relating-to-a-customer.md |   16 +
 ...n-to-compromise-their-customers-privacy.md |   14 +
 ...pyright-material-that-i-have-downloaded.md |   14 +
 ...nd-store-when-i-signup-for-your-service.md |   22 +
 ...ored-about-all-visitors-to-your-website.md |   14 +
 ...s-stored-when-i-stop-using-your-service.md |   20 +
 .../es/pages/knowledgebase/routers/_index.md  |    8 +
 ...do-i-exclude-hosts-or-bypass-vpn-tunnel.md |   64 +
 ...rrors-incoming-plaintext-read-error-etc.md |   20 +
 ...andsharp039-in-my-dd-wrtortomato-router.md |   59 +
 .../knowledgebase/troubleshooting/_index.md   |    7 +
 .../error-connecting-to-ivpn-daemon.md        |   50 +
 .../how-can-i-reset-my-dns-settings.md        |   44 +
 ...ge-the-port-or-protocol-used-to-connect.md |   48 +
 .../how-do-i-clear-or-flush-my-dns-cache.md   |   39 +
 ...connect-to-the-vpn-from-a-remote-server.md |   25 +
 .../how-do-i-use-the-ping-command.md          |   28 +
 .../how-do-i-verify-the-location-of-server.md |   52 +
 ...disable-enhanced-app-authentication-eaa.md |   37 +
 ...w-to-submit-vpn-diagnostic-logs-to-ivpn.md |   81 +
 ...-access-devices-on-my-local-network-why.md |   19 +
 ...nam-or-iran-or-russia-etc-what-can-i-do.md |   70 +
 ...cannot-connect-to-the-vpn-what-can-i-do.md |   29 +
 ...nection-when-i-disconnect-from-ivpn-why.md |   17 +
 ...ailureandsharp039-message-what-can-i-do.md |   18 +
 ...ected-to-vpn-how-to-disable-geolocation.md |   71 +
 ...is-randomly-disconnecting-what-can-i-do.md |   29 +
 ...ed-but-i-cannot-browse-the-internet-why.md |   27 +
 ...is-slow-what-can-i-do-to-make-it-faster.md |   53 +
 .../replay-window-backtrack-occurred-error.md |   15 +
 ...ne-drains-too-fast-while-using-ivpn-why.md |   26 +
 ...able-control-packet-received-how-to-fix.md |   49 +
 ...-negotiation-failed-to-occur-how-to-fix.md |   13 +
 ...t-is-the-ip-address-of-your-dns-servers.md |   83 +
 .../es/pages/knowledgebase/windows/_index.md  |    7 +
 ...indows-10-set-ivpn-dns-servers-manually.md |   38 +
 ...ows-all-tap-win32-adapters-in-use-error.md |   29 +
 ...events-the-installation-of-ivpn-app-why.md |   27 +
 .../windows/windows-dns-cannot-be-resolved.md |   19 +
 ...onfigure-openvpn-to-save-my-credentials.md |   37 +
 ...onfigure-openvpn-to-start-automatically.md |   40 +
 ...nandsharp039t-change-when-connected-why.md |   25 +
 ...-warning-route-gateway-is-not-reachable.md |   41 +
 .../es/pages/legal-process-guidelines.md      |   53 +
 src/content/es/pages/light.md                 |    6 +
 src/content/es/pages/manifesto.md             |   38 +
 src/content/es/pages/openvpn-configuration.md |    5 +
 ...-vs-ipsec-ikev2-vs-openvpn-vs-wireguard.md |  384 ++
 src/content/es/pages/pricing-teams.md         |  109 +
 src/content/es/pages/pricing.md               |    6 +
 ...stions-to-ask-your-vpn-service-provider.md |  162 +
 src/content/es/pages/privacy-guides/_index.md |    6 +
 .../advanced-privacy-and-anonymity-part-1.md  |  217 +
 .../advanced-privacy-and-anonymity-part-2.md  |  183 +
 .../advanced-privacy-and-anonymity-part-3.md  |  199 +
 .../advanced-privacy-and-anonymity-part-4.md  |  369 +
 .../advanced-privacy-and-anonymity-part-5.md  |  105 +
 .../advanced-privacy-and-anonymity-part-6.md  |  456 ++
 .../advanced-privacy-and-anonymity-part-7.md  |  153 +
 .../advanced-privacy-and-anonymity-part-8.md  |  215 +
 ...saries-and-anonymity-systems-the-basics.md |  128 +
 .../an-introduction-to-privacy-anonymity.md   |   53 +
 .../an-introduction-to-tor-vs-i2p.md          |   48 +
 .../applying-risk-management-to-privacy.md    |   83 +
 ...pns-centralized-vpns-privacy-protection.md |  130 +
 ...-vm-within-a-hidden-truecrypt-partition.md |  122 +
 .../how-to-perform-a-vpn-leak-test.md         |  152 +
 ...-physical-locations-of-internet-servers.md |  922 +++
 .../isp-netflow-surveillance-and-vpn.md       |  122 +
 .../es/pages/privacy-guides/mac-address.md    |  147 +
 .../onion-ssh-hosts-for-login-chaining.md     |  163 +
 ...h-opsec-and-compartmentalization-part-1.md |   85 +
 ...h-opsec-and-compartmentalization-part-2.md |  179 +
 ...h-opsec-and-compartmentalization-part-3.md |  199 +
 ...h-opsec-and-compartmentalization-part-4.md |  291 +
 .../raspberry-pi-2-ivpn-gateway.md            |  544 ++
 .../privacy-guides/vpn-latency-explained.md   |  180 +
 .../es/pages/privacy-guides/vpn-vs-tor.md     |  213 +
 .../es/pages/privacy-guides/what-is-a-vpn.md  |  195 +
 .../why-use-tor-with-a-vpn-service.md         |   46 +
 .../privacy-guides/will-a-vpn-protect-me.md   |  114 +
 src/content/es/pages/privacy-policy.md        |  224 +
 src/content/es/pages/refunds.md               |   49 +
 src/content/es/pages/report-vulnerability.md  |   17 +
 src/content/es/pages/servers.md               |    5 +
 .../pages/setup/android-ipsec-with-ikev2.md   |   26 +
 .../setup/android-openvpn-for-android.md      |   53 +
 .../es/pages/setup/android-wireguard.md       |   26 +
 src/content/es/pages/setup/ios-ipsec-ikev2.md |   29 +
 .../es/pages/setup/ios-openvpn-connect.md     |   43 +
 src/content/es/pages/setup/ios-wireguard.md   |   26 +
 .../es/pages/setup/linux-ipsec-with-ikev2.md  |   44 +
 src/content/es/pages/setup/linux-netman.md    |   51 +
 src/content/es/pages/setup/linux-terminal.md  |  165 +
 .../es/pages/setup/linux-wireguard-netman.md  |  100 +
 src/content/es/pages/setup/linux-wireguard.md |  160 +
 .../es/pages/setup/macos-ipsec-with-ikev2.md  |   41 +
 .../pages/setup/macos-openvpn-tunnelblick.md  |   27 +
 src/content/es/pages/setup/macos-wireguard.md |   24 +
 src/content/es/pages/setup/nas/_index.md      |    8 +
 src/content/es/pages/setup/nas/qnap.md        |   72 +
 src/content/es/pages/setup/nas/synology-6.md  |   50 +
 src/content/es/pages/setup/router/_index.md   |   20 +
 .../setup/router/asuswrt-merlin-openvpn.md    |   42 +
 .../setup/router/asuswrt-merlin-wireguard.md  |   53 +
 .../es/pages/setup/router/asuswrt-openvpn.md  |   56 +
 .../pages/setup/router/asuswrt-wireguard.md   |   46 +
 .../es/pages/setup/router/ddwrt-auto.md       |   26 +
 .../es/pages/setup/router/ddwrt-manual.md     |  112 +
 .../es/pages/setup/router/ddwrt-wireguard.md  |   89 +
 src/content/es/pages/setup/router/ddwrt.md    |   25 +
 .../setup/router/openwrt-wireguard-legacy.md  |  129 +
 .../pages/setup/router/openwrt-wireguard.md   |   87 +
 src/content/es/pages/setup/router/openwrt.md  |  108 +
 .../router/opnsense-openvpn-instances.md      |   91 +
 .../pages/setup/router/opnsense-wireguard.md  |   99 +
 src/content/es/pages/setup/router/opnsense.md |   90 +
 .../pages/setup/router/pfsense-wireguard.md   |  206 +
 src/content/es/pages/setup/router/pfsense.md  |  164 +
 .../es/pages/setup/router/tomato-manual.md    |  106 +
 .../setup/windows-10-ipsec-with-ikev2.md      |   90 +
 .../setup/windows-10-openvpn-community.md     |   33 +
 .../es/pages/setup/windows-10-wireguard.md    |   24 +
 .../setup/windows-8-openvpn-community.md      |   33 +
 src/content/es/pages/supported-projects.md    |   32 +
 src/content/es/pages/supportua-ru.md          |   22 +
 src/content/es/pages/supportua.md             |   22 +
 src/content/es/pages/team.md                  |  101 +
 src/content/es/pages/terms-of-service.md      |   63 +
 src/content/es/pages/thank-you-light.md       |    6 +
 src/content/es/pages/transparency-report.md   |   22 +
 src/content/es/pages/trust.md                 |   75 +
 src/content/es/pages/what-is-vpn.md           |   28 +
 src/content/es/pages/wireguard-vpn.md         |   85 +
 src/i18n/en.toml                              |    2 +
 src/static/images/lang.svg                    |    6 +
 .../ivpn-v3/assets/js/assets/icons/lgn.svg    |    6 +
 .../ivpn-v3/assets/scss/config/grid.scss      |    2 +-
 .../ivpn-v3/layouts/_default/baseof.html      |    2 +-
 src/themes/ivpn-v3/layouts/blog/single.html   |   20 +-
 src/themes/ivpn-v3/layouts/pages/guides.html  |    6 +-
 .../ivpn-v3/layouts/pages/help-details.html   |    2 +-
 src/themes/ivpn-v3/layouts/pages/help.html    |    2 +-
 .../ivpn-v3/layouts/pages/setup-article.html  |    2 +-
 .../ivpn-v3/layouts/pages/setup-list.html     |    2 +-
 .../layouts/partials/blog-article.html        |   10 +-
 .../layouts/partials/blog-categories.html     |    2 +-
 .../layouts/partials/blog-side-bar.html       |    8 +-
 .../ivpn-v3/layouts/partials/header.html      |   10 +
 src/themes/ivpn-v3/package.json               |    2 +
 src/themes/ivpn-v3/package.json.bak           |   47 +
 src/themes/ivpn-v3/webpack.mix.js             |    7 +-
 src/themes/ivpn-v3/yarn-error.log             | 6094 +++++++++++++++++
 src/themes/ivpn-v3/yarn.lock                  |  242 +-
 929 files changed, 33251 insertions(+), 216 deletions(-)
 create mode 100644 src/config/_default/languages.toml
 create mode 100644 src/config/_default/menus/menus.en.toml
 create mode 100644 src/config/_default/menus/menus.es.toml
 rename src/content/{ => en}/authors/alexandr-stelnykovych/_index.md (100%)
 rename src/content/{ => en}/authors/iain-douglas/_index.md (100%)
 rename src/content/{ => en}/authors/juraj-hilje/_index.md (100%)
 rename src/content/{ => en}/authors/mirimir/_index.md (100%)
 rename src/content/{ => en}/authors/nick-pestell/_index.md (100%)
 rename src/content/{ => en}/authors/viktor-vecsei/_index.md (100%)
 rename src/content/{ => en}/blog/2010-08-08-the-importance-of-privacy.md (100%)
 rename src/content/{ => en}/blog/2010-09-22-the-right-to-privacy.md (100%)
 rename src/content/{ => en}/blog/2011-04-13-new-zealand-about-to-push-through-controversial-three-strikes-law.md (100%)
 rename src/content/{ => en}/blog/2011-06-27-fbi-gives-agents-ok-to-invade-privacy.md (100%)
 rename src/content/{ => en}/blog/2012-01-26-could-you-be-prosecuted-under-a-foreign-countrys-online-content-laws.md (100%)
 rename src/content/{ => en}/blog/2012-02-01-government-bills-spy-on-individual-surfing-habits.md (100%)
 rename src/content/{ => en}/blog/2012-02-04-the-fbi-wants-to-criminalise-online-privacy.md (100%)
 rename src/content/{ => en}/blog/2012-02-11-europeans-rage-against-acta.md (100%)
 rename src/content/{ => en}/blog/2012-02-19-canadians-face-police-attack-on-online-privacy.md (100%)
 rename src/content/{ => en}/blog/2012-02-19-google-caught-spying-on-safari-users.md (100%)
 rename src/content/{ => en}/blog/2012-02-26-iranians-face-halal-internet.md (100%)
 rename src/content/{ => en}/blog/2012-03-03-ireland-passes-sopa-law.md (100%)
 rename src/content/{ => en}/blog/2012-03-09-uk-isps-forced-to-spy-on-customers.md (100%)
 rename src/content/{ => en}/blog/2012-03-15-internet-privacy-concerns-rise-as-debate-rages-over-ad-tracking-regulation.md (100%)
 rename src/content/{ => en}/blog/2012-03-26-top-five-ways-to-protect-your-online-privacy.md (100%)
 rename src/content/{ => en}/blog/2012-04-02-can-duckduckgo-kill-google.md (100%)
 rename src/content/{ => en}/blog/2012-04-06-uk-online-spying-law-how-to-resist.md (100%)
 rename src/content/{ => en}/blog/2012-04-14-cispa-more-of-a-threat-to-online-privacy-than-sopa.md (100%)
 rename src/content/{ => en}/blog/2012-04-24-a-quick-guide-to-current-online-privacy-threats.md (100%)
 rename src/content/{ => en}/blog/2012-04-27-cispa-danger-esclates-as-bill-receives-approval.md (100%)
 rename src/content/{ => en}/blog/2012-05-07-americas-most-dangerous-anti-online-privacy-politicians.md (100%)
 rename src/content/{ => en}/blog/2012-05-16-when-it-comes-to-online-privacy-the-uk-is-already-screwed.md (100%)
 rename src/content/{ => en}/blog/2012-05-26-nations-or-corporations-who-poses-the-biggest-threat-to-online-privacy.md (100%)
 rename src/content/{ => en}/blog/2012-06-08-when-law-enforcement-knocks-on-a-vpns-door-what-happens.md (100%)
 rename src/content/{ => en}/blog/2012-06-19-the-uks-political-parties-dont-care-about-online-privacy.md (100%)
 rename src/content/{ => en}/blog/2012-06-27-governments-and-online-privacy-who-are-the-worst-offenders.md (100%)
 rename src/content/{ => en}/blog/2012-07-02-status-update-current-threats-to-online-privacy.md (100%)
 rename src/content/{ => en}/blog/2012-07-12-acta-and-sopa-back-from-the-dead.md (100%)
 rename src/content/{ => en}/blog/2012-07-18-top-five-worst-online-privacy-breaches.md (100%)
 rename src/content/{ => en}/blog/2012-07-25-protecting-your-online-privacy-on-a-smartphone.md (100%)
 rename src/content/{ => en}/blog/2012-08-02-australia-prepares-for-new-online-privacy-fight.md (100%)
 rename src/content/{ => en}/blog/2012-08-08-germany-the-biggest-defender-of-online-privacy.md (100%)
 rename src/content/{ => en}/blog/2012-08-17-google-can-never-be-trusted-to-protect-your-privacy.md (100%)
 rename src/content/{ => en}/blog/2012-08-24-android-is-a-trojan-horse-just-follow-the-money.md (100%)
 rename src/content/{ => en}/blog/2012-08-29-trans-pacific-partnership-sopa-through-the-back-door.md (100%)
 rename src/content/{ => en}/blog/2012-09-04-only-three-days-left-to-protest-uk-porn-filter.md (100%)
 rename src/content/{ => en}/blog/2012-09-12-congress-to-vote-on-secret-spying-act-today.md (100%)
 rename src/content/{ => en}/blog/2012-09-22-the-internet-association-a-rogues-gallery-of-online-privacy-violators.md (100%)
 rename src/content/{ => en}/blog/2012-09-29-will-privacy-concerns-limit-facebooks-growth.md (100%)
 rename src/content/{ => en}/blog/2012-10-05-australian-data-retention-debate-heats-up.md (100%)
 rename src/content/{ => en}/blog/2012-10-13-top-5-online-privacy-misconceptions.md (100%)
 rename src/content/{ => en}/blog/2012-10-18-google-under-pressure-to-change-privacy-policy.md (100%)
 rename src/content/{ => en}/blog/2012-10-28-top-five-free-online-privacy-tools.md (100%)
 rename src/content/{ => en}/blog/2012-11-03-71-of-brits-dont-trust-governments-new-cyber-security-bill.md (100%)
 rename src/content/{ => en}/blog/2012-11-09-want-to-know-how-much-your-personal-data-is-really-worth.md (100%)
 rename src/content/{ => en}/blog/2012-11-19-uk-online-communications-crackdown-a-brief-round-up.md (100%)
 rename src/content/{ => en}/blog/2012-11-25-europeans-more-concerned-about-online-privacy-than-canadians.md (100%)
 rename src/content/{ => en}/blog/2012-12-03-oppose-the-uks-spying-bill-youre-siding-with-paedophiles.md (100%)
 rename src/content/{ => en}/blog/2012-12-07-uk-public-data-under-threat-from-us-patriot-act.md (100%)
 rename src/content/{ => en}/blog/2012-12-13-160-million-people-affected-by-data-breaches-in-2012.md (100%)
 rename src/content/{ => en}/blog/2012-12-20-us-boosts-child-online-privacy-law-but-facebook-gets-off-the-hook.md (100%)
 rename src/content/{ => en}/blog/2012-12-26-top-5-online-privacy-trends-in-2013.md (100%)
 rename src/content/{ => en}/blog/2013-01-21-the-uks-top-5-anti-online-privacy-politicans.md (100%)
 rename src/content/{ => en}/blog/2013-02-08-the-five-biggest-threats-to-global-online-privacy.md (100%)
 rename src/content/{ => en}/blog/2013-04-01-european-parliament-eu-surveillance-programmes-are-incompatible-with-the-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md (100%)
 rename src/content/{ => en}/blog/2013-04-01-top-five-defenders-of-online-privacy.md (100%)
 rename src/content/{ => en}/blog/2013-04-14-facebook-vs-google-the-loser-is-your-privacy.md (100%)
 rename src/content/{ => en}/blog/2013-04-18-is-cispa-a-threat-to-vpn-users.md (100%)
 rename src/content/{ => en}/blog/2013-05-08-apple-vs-google-who-better-protects-your-privacy.md (100%)
 rename src/content/{ => en}/blog/2013-05-17-the-online-privacy-debate-understanding-the-basics.md (100%)
 rename src/content/{ => en}/blog/2013-05-29-introducing-ivpns-new-privacy-guides.md (100%)
 rename src/content/{ => en}/blog/2013-06-06-vpn-privacy-policies-decoded-hide-my-ass.md (100%)
 rename src/content/{ => en}/blog/2013-06-06-vpn-privacy-policies-decoded.md (100%)
 rename src/content/{ => en}/blog/2013-06-07-prism-the-us-government-is-attacking-the-entire-global-online-community.md (100%)
 rename src/content/{ => en}/blog/2013-06-14-vpn-privacy-policies-decoded-strongvpn.md (100%)
 rename src/content/{ => en}/blog/2013-06-21-vpn-privacy-policies-decoded-airvpn.md (100%)
 rename src/content/{ => en}/blog/2013-06-28-vpn-privacy-policies-decoded-witopia.md (100%)
 rename src/content/{ => en}/blog/2013-07-07-global-privacy-poll-germans-least-concerned-about-online-privacy.md (100%)
 rename src/content/{ => en}/blog/2013-07-19-uk-gov-publishes-whitewash-investigation-into-prism.md (100%)
 rename src/content/{ => en}/blog/2013-07-28-vpn-privacy-policies-decoded-boxpn.md (100%)
 rename src/content/{ => en}/blog/2013-08-20-prism-is-the-biggest-influence-on-vpn-sign-ups.md (100%)
 rename src/content/{ => en}/blog/2013-09-18-the-onion-router-under-fire.md (100%)
 rename src/content/{ => en}/blog/2013-09-28-top-five-threats-to-online-privacy-2013.md (100%)
 rename src/content/{ => en}/blog/2013-10-23-vpn-privacy-policies-decoded-vyprvpn.md (100%)
 rename src/content/{ => en}/blog/2013-11-07-ivpn-launches-new-privacy-guides.md (100%)
 rename src/content/{ => en}/blog/2013-11-15-european-parliament-eu-surveillance-programmes-are-incompatible-with-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md (100%)
 rename src/content/{ => en}/blog/2013-11-21-new-windows-vpn-client.md (100%)
 rename src/content/{ => en}/blog/2013-11-30-five-reasons-uk-politicians-hate-internet.md (100%)
 rename src/content/{ => en}/blog/2013-12-15-will-europeans-really-set-free-data-retention.md (100%)
 rename src/content/{ => en}/blog/2013-12-24-concerned-online-privacy-heres-five-us-politicians-keep-eye-2014.md (100%)
 rename src/content/{ => en}/blog/2013-12-30-will-us-government-try-ban-vpns-2014.md (100%)
 rename src/content/{ => en}/blog/2014-01-14-dont-expect-googles-conscious-home-to-keep-things-private.md (100%)
 rename src/content/{ => en}/blog/2014-01-28-individuals-responsible-online-privacy-governments-says-survey.md (100%)
 rename src/content/{ => en}/blog/2014-04-10-heartbleed-passwords-change.md (100%)
 rename src/content/{ => en}/blog/2014-06-18-quick-guide-fcc-corruption-infographic.md (100%)
 rename src/content/{ => en}/blog/2014-07-15-uk-citizens-care-online-privacy-24-hours-two-simple-things.md (100%)
 rename src/content/{ => en}/blog/2014-08-18-internet-censorship-around-the-world.md (100%)
 rename src/content/{ => en}/blog/2014-09-09-americas-worst-anti-online-privacy-politicians.md (100%)
 rename src/content/{ => en}/blog/2015-01-27-new-ivpn-client-v2-0-windows.md (100%)
 rename src/content/{ => en}/blog/2015-05-26-scheduled-server-maintenance-june-2015.md (100%)
 rename src/content/{ => en}/blog/2015-08-26-20-faster-windows-10-less-secure.md (100%)
 rename src/content/{ => en}/blog/2015-10-28-port-forwarding-reservations-now-available.md (100%)
 rename src/content/{ => en}/blog/2015-11-26-introducing-the-ivpn-client-v2-4-for-windows-osx.md (100%)
 rename src/content/{ => en}/blog/2015-11-26-multihop-v2-network-now-available.md (100%)
 rename src/content/{ => en}/blog/2016-01-21-should-gibraltar-be-classified-as-a-member-of-the-five-eyes-alliance.md (100%)
 rename src/content/{ => en}/blog/2016-09-23-closed-affiliate-program.md (100%)
 rename src/content/{ => en}/blog/2017-03-15-new-ivpn-app-ios.md (100%)
 rename src/content/{ => en}/blog/2017-07-14-are-anti-malware-products-uploading-your-private-data.md (100%)
 rename src/content/{ => en}/blog/2018-02-13-updated-desktop-apps-for-windows-and-macos.md (100%)
 rename src/content/{ => en}/blog/2018-03-15-collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties.md (100%)
 rename src/content/{ => en}/blog/2018-04-19-you-cant-always-get-what-you-want-the-eternal-conflict-between-lawful-access-and-privacy.md (100%)
 rename src/content/{ => en}/blog/2018-07-23-new-trusted-wi-fi-networks-feature-for-ivpn-apps.md (100%)
 rename src/content/{ => en}/blog/2018-08-28-new-pause-vpn-feature-for-ivpn-apps.md (100%)
 rename src/content/{ => en}/blog/2018-12-11-introducing-wireguard-fully-automated.md (100%)
 rename src/content/{ => en}/blog/2019-02-18-ivpn-is-now-a-tracking-free-provider.md (100%)
 rename src/content/{ => en}/blog/2019-03-21-ivpn-no-logging-claim-verified-by-independent-audit.md (100%)
 rename src/content/{ => en}/blog/2019-06-11-block-ads-and-beat-data-surveillance-with-ivpns-antitracker.md (100%)
 rename src/content/{ => en}/blog/2019-07-11-windows-support-and-privacy-improvements-for-wireguard.md (100%)
 rename src/content/{ => en}/blog/2019-10-09-ivpn-to-undergo-extensive-security-audit.md (100%)
 rename src/content/{ => en}/blog/2019-11-29-introducing-a-new-ivpn-subscription-plan.md (100%)
 rename src/content/{ => en}/blog/2019-12-12-password-less-vpn-authentication.md (100%)
 rename src/content/{ => en}/blog/2020-01-23-independent-security-audit-concluded.md (100%)
 rename src/content/{ => en}/blog/2020-02-10-ivpn-applications-are-now-open-source.md (100%)
 rename src/content/{ => en}/blog/2020-04-06-ivpn-for-android-is-now-available-on-f-droid.md (100%)
 rename src/content/{ => en}/blog/2020-04-07-most-people-dont-need-a-commercial-vpn-to-work-from-home-securely.md (100%)
 rename src/content/{ => en}/blog/2020-04-22-beta-ivpn-linux-app-released.md (100%)
 rename src/content/{ => en}/blog/2020-04-22-updating-the-ivpn-certificate-authority.md (100%)
 rename src/content/{ => en}/blog/2022-01-31-ivpn-apps-on-all-platforms-to-undergo-security-audit.md (100%)
 rename src/content/{ => en}/blog/2023-03-15-ivpn-infrastructure-audit-concluded.md (100%)
 rename src/content/{ => en}/blog/2023-06-29-gradual-removal-of-port-forwarding.md (100%)
 rename src/content/{ => en}/blog/2023-08-10-name-change-from-privatus-to-ivpn-limited.md (100%)
 rename src/content/{ => en}/blog/battery-life-apple-silicon-build-ivpn-app.md (100%)
 rename src/content/{ => en}/blog/better-tracker-blocking-controls-with-antitracker-plus.md (100%)
 rename src/content/{ => en}/blog/command-line-interface-for-ivpn-released.md (100%)
 rename src/content/{ => en}/blog/device-management-for-better-control.md (100%)
 rename src/content/{ => en}/blog/dns-over-https-doh-macos-linux-windows.md (100%)
 rename src/content/{ => en}/blog/extending-two-factor-authentication-to-ivpn-apps.md (100%)
 rename src/content/{ => en}/blog/helping-people-decide-if-they-need-a-vpn-doineedavpn-launch.md (100%)
 rename src/content/{ => en}/blog/in-support-of-ukraine.md (100%)
 rename src/content/{ => en}/blog/insights-about-apple-app-store-rules-for-vpn-apps.md (100%)
 rename src/content/{ => en}/blog/introducing-a-redesigned-ivpn-for-android.md (100%)
 rename src/content/{ => en}/blog/introducing-split-tunnelling-to-ivpn-for-windows.md (100%)
 rename src/content/{ => en}/blog/ipv6-over-ipv4-available-for-testing.md (100%)
 rename src/content/{ => en}/blog/ivpn-apps-on-all-platforms-to-undergo-security-audit.md (100%)
 rename src/content/{ => en}/blog/ivpn-apps-security-audit-2022-concluded.md (100%)
 rename src/content/{ => en}/blog/ivpn-apps-security-audit-concluded.md (100%)
 rename src/content/{ => en}/blog/ivpn-for-ios-now-offers-dns-over-https.md (100%)
 rename src/content/{ => en}/blog/ivpn-infrastructure-fifth-audit-announcement.md (100%)
 rename src/content/{ => en}/blog/ivpn-now-accepts-monero-payments-runs-full-node.md (100%)
 rename src/content/{ => en}/blog/ivpn-preparing-sixth-security-audit.md (100%)
 rename src/content/{ => en}/blog/ivpn-tunnelcrack-vulnerability-assessment.md (100%)
 rename src/content/{ => en}/blog/kill-switch-and-wireguard-multi-hop-added-to-ivpn-for-ios.md (100%)
 rename src/content/{ => en}/blog/kill-switch-changes-ivpn-android.md (100%)
 rename src/content/{ => en}/blog/launch-ivpn-light-short-term-vpn-paid-btc-lightning.md (100%)
 rename src/content/{ => en}/blog/misleading-promises-of-the-worlds-fastest-anonymous-military-grade-vpns.md (100%)
 rename src/content/{ => en}/blog/new-ivpn-apps-for-macos-and-windows.md (100%)
 rename src/content/{ => en}/blog/new-ivpn-for-android-version-v2.4.0-with-bypass-vpn-and-mock-location-options.md (100%)
 rename src/content/{ => en}/blog/new-ivpn-linux-app-with-gui-now-available.md (100%)
 rename src/content/{ => en}/blog/new-open-source-ivpn-website-subscribe-without-providing-your-email.md (100%)
 rename src/content/{ => en}/blog/privacy-issue-real-vpns-alone-cant-solve-it.md (100%)
 rename src/content/{ => en}/blog/quantum-resistant-wireguard-connections-ivpn-apps.md (100%)
 rename src/content/{ => en}/blog/release-of-revamped-ivpn-app-for-iphones-and-ipads.md (100%)
 rename src/content/{ => en}/blog/removal-of-kill-switch-from-our-ios-app-due-to-apple-ip-leak-issue.md (100%)
 rename src/content/{ => en}/blog/socks5-proxy.md (100%)
 rename src/content/{ => en}/blog/test-the-new-ivpn-apps-in-our-first-beta-program.md (100%)
 rename src/content/{ => en}/blog/vpns-are-imperfect-but-necessary-privacy-enhancing-tools.md (100%)
 rename src/content/{ => en}/blog/who-owns-your-vpn-you-should-find-out.md (100%)
 rename src/content/{ => en}/blog/why-we-refuse-modern-marketing.md (100%)
 rename src/content/{ => en}/blog/why-you-dont-need-a-vpn.md (100%)
 rename src/content/{ => en}/blog/wireguard-port-forwarding-enabled.md (100%)
 rename src/content/{ => en}/blog/your-vpn-provider-wont-go-to-jail-for-you.md (100%)
 rename src/content/{ => en}/categories/industry-insights/_index.md (100%)
 rename src/content/{ => en}/categories/ivpn-news/_index.md (100%)
 rename src/content/{ => en}/categories/privacy-security/_index.md (100%)
 rename src/content/{ => en}/categories/releases/_index.md (100%)
 rename src/content/{ => en}/categories/under-the-hood/_index.md (100%)
 rename src/content/{ => en}/pages/account.md (100%)
 rename src/content/{ => en}/pages/antitracker.md (100%)
 rename src/content/{ => en}/pages/apps-android.md (100%)
 rename src/content/{ => en}/pages/apps-ios.md (100%)
 rename src/content/{ => en}/pages/apps-linux-legacy.md (100%)
 rename src/content/{ => en}/pages/apps-linux.md (100%)
 rename src/content/{ => en}/pages/apps-macos.md (100%)
 rename src/content/{ => en}/pages/apps-windows.md (100%)
 rename src/content/{ => en}/pages/apps.md (100%)
 rename src/content/{ => en}/pages/contactus.md (100%)
 rename src/content/{ => en}/pages/ethics.md (100%)
 rename src/content/{ => en}/pages/headless.md (100%)
 rename src/content/{ => en}/pages/home.md (99%)
 rename src/content/{ => en}/pages/knowledgebase/android/_index.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/android/developer-options-on-the-android-phone.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/android/error 424 public key not found.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/android/ivpn-doesnandsharp039t-start-on-boot.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/android/mock-location-option.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/android/unable-to-click-andsharp039okandsharp039-on-the-connection-request-prompt-why.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/android/what-permissions-does-your-app-require-and-why.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/billing/_index.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/billing/does-ivpn-offer-a-free-trial.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/billing/how-can-i-cancel-my-ivpn-subscription.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/billing/how-can-i-delete-my-ivpn-account.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/billing/how-can-i-pay-with-cash.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/billing/how-can-i-reactivate-my-account.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/billing/i-paid-with-bitcoin-but-the-invoice-is-still-unpaid-why.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/billing/i-paid-with-paypal-but-my-account-is-still-pending-why.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/billing/paid-with-paypal-using-echeck-but-ivpn-account-is-still-in-pendingorsuspended-state-why.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/billing/paypal-wonandsharp039t-let-me-pay-with-my-credit-card-can-you-help.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/billing/voucher-cards-faq.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/_index.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/answers-for-18-questions-to-ask-your-vpn-service-provider.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/antitracker-faq.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/antitracker-plus-lists-explained.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/antivirus-detects-malware-in-the-ivpn-installer-why.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/can-i-access-hulu-or-netflix-or-bbc-iplayer-using-ivpn.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/command-line-client-faq.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/configuring-the-ivpn-app-to-autoconnect.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/custom-dns.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/device-management-faq.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/do-you-allow-p2p-or-bittorrent-or-torrents-downloading.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/do-you-allow-smtp-email-whilst-connected-to-ivpn.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/do-you-have-advanced-privacy-guides.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/do-you-have-an-affiliate-program.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/do-you-offer-dedicated-or-static-ip-addresses.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/do-you-offer-ipv6.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/do-you-offer-openvpn-wireguard-config-files.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/do-you-offer-two-factor-authentication.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/do-you-reboot-servers-during-a-maintenance-window.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/do-you-support-blackberry.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/do-you-support-chromebook.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/do-you-support-port-forwarding.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/do-you-support-tunnelblick-or-viscosity.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/does-ivpn-protect-ssh-connections.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/does-ivpn-support-pfsense-firewall.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/does-ivpn-support-roku-media-players.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/does-ivpn-support-synology-nas.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/does-ivpn-support-windows-10.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/does-voip-work-with-ivpn.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/firewall-exceptions.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/how-can-i-connect-to-the-multihop-network.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/how-do-i-remotely-connect-to-my-home-system-or-services-behind-the-vpn-connection.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/how-do-i-send-a-secure-pgp-encrypted-email-to-ivpn.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/how-many-devices-or-simultaneous-connections-can-i-have-to-ivpn.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/how-many-ips-do-you-have-in-total-or-per-server.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/how-much-does-ivpn-cost.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/how-to-verify-warrant-canary-signature.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/in-which-countries-do-you-have-servers-or-where-are-your-servers-located.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/is-using-l2tporipsec-with-a-public-pre-shared-key-secure.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/my-ip-is-being-leaked-by-webrtc-how-do-i-disable-it.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/quantum-resistance-faq.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/quantum-resistant-vpn-connections.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/socks5-proxy-service.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/split-tunnel-faq.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/split-tunnel-uses-and-limitations.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/tcp-and-udp-connections.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/using-wireguard-for-privacy-protection.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/what-are-tcp-connections.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/what-is-a-multihop-vpn-service.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/what-is-the-default-encryption-cipher-for-vpn-connections.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/what-makes-ivpn-so-fast.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/what-payment-methods-do-you-accept.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/what-speed-can-i-expect-or-how-fast-is-ivpn.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/what-technologies-do-you-use-at-ivpn.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/what-vpn-protocols-do-you-offer.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/where-can-i-download-the-vpn-software-for-my-computer.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/why-is-the-location-of-the-server-not-accurate.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/general/wireguard-faq.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/ios/_index.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/ios/ios-how-to-enable-multihop.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/ios/ivpn-would-like-to-add-vpn-configurations-why-do-i-see-this-message.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/ios/native-ios-kill-switch-known-issues.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/ios/v2ray.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/linux/_index.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/linux/building-the-ivpn-cli-client-for-linux-on-a-raspberry-pi.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/linux/fedora-silverblue.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/linux/ivpn-on-qubes-os.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-fedora.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-ubuntu.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/linux/linux-autostart-wireguard-in-systemd.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/linux/linux-avc-denial-with-selinux.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/linux/linux-cannot-import-ovpn-config-file.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-nftables-and-openvpn.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/linux/linux-kill-switch-using-the-uncomplicated-firewall-ufw.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/linux/linux-obfs3-and-obfs4-obfuscation-with-obfsproxy-to-circumvent-censorship.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/linux/linux-tray-icon-is-missing-in-gnome.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/linux/linux-webpages-do-not-load-or-dns-leaks-when-connecting-via-networkmanager.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/linux/linux-wireguard-kill-switch.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/linux/linux-wireguard-rtnetlink-answers-operation-not-supported.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/linux/managing-the-ivpn-linux-client-at-system-boot.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/macos/_index.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/macos/how-do-i-completely-uninstall-or-remove-tunnelblick.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/macos/how-to-resolve-error-ivpnapp-is-damaged-and-cannot-be-opened.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/macos/ivpnapp-wants-to-control-system-events-why-do-i-see-this-warning.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/macos/macos-disposable-emails.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/macos/macos-failed-to-regenerate-wireguard-keys-private-key-generation-error-133.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/macos/macos-how-do-i-completely-uninstall-or-remove-the-ivpn-application.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/macos/macos-ivpn-helper-agent-is-not-starting.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/macos/macos-launch-at-login-is-not-available.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/macos/macos-what-credentials-are-required-for-the-helper-agent-portion-of-the-ivpn-app-install.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/macos/tunnelblick-how-do-i-edit-the-openvpn-config-file.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/macos/tunnelblick-how-to-submit-diagnostic-data-to-ivpn.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/macos/tunnelblick-opening-utun-no-buffer-space-available.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/macos/tunnelblick-password-or-authentication-failure.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/macos/tunnelblick-the-internet-does-not-appear-to-be-reachable-error.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/macos/tunnelblick-unable-to-load-nettunnelblicktap-kexts-error.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/macos/tunnelblick-why-is-the-dns-server-incorrect.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/macos/what-macos-version-is-required-for-ivpn-client.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/macos/why-is-ivpn-agent-daemon-always-running.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/mp/_index.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/mp/connecting-to-ivpn-on-amazon-fire-tv.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/mp/how-do-i-connect-my-nvidia-shield-device.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/mp/how-to-use-ivpn-on-kodi-media-player.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/mp/is-ivpn-compatible-with-appletv.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/passwords/_index.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/passwords/how-do-i-change-my-password.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/passwords/i-forgot-my-ivpn-account-id-what-should-i-do.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/passwords/i-forgot-my-password-what-should-i-do.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/privacy/_index.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/privacy/do-you-collect-or-store-any-usageorstats-information-relating-to-an-account.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/privacy/do-you-store-any-logs-that-could-be-used-to-identify-a-customer.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/privacy/does-ivpn-offer-perfect-forward-secrecy-pfs.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/privacy/how-do-i-know-when-iandsharp039m-protected-by-ivpn.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/privacy/how-do-we-react-when-requested-by-an-authority-for-information-relating-to-a-customer.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/privacy/what-happens-if-laws-change-forcing-ivpn-to-compromise-their-customers-privacy.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/privacy/what-happens-if-you-receive-a-legal-notice-such-as-a-dmca-for-copyright-material-that-i-have-downloaded.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/privacy/what-information-do-you-collect-and-store-when-i-signup-for-your-service.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/privacy/what-information-is-collected-and-stored-about-all-visitors-to-your-website.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/privacy/what-information-is-stored-when-i-stop-using-your-service.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/routers/_index.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/routers/dd-wrt-how-do-i-exclude-hosts-or-bypass-vpn-tunnel.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/routers/dd-wrt-tls-errors-incoming-plaintext-read-error-etc.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/routers/how-to-enable-a-andsharp039kill-switchandsharp039-in-my-dd-wrtortomato-router.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/_index.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/error-connecting-to-ivpn-daemon.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/how-can-i-reset-my-dns-settings.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/how-do-i-connect-to-the-vpn-from-a-remote-server.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/how-do-i-use-the-ping-command.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/how-do-i-verify-the-location-of-server.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/how-to-disable-enhanced-app-authentication-eaa.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/how-to-submit-vpn-diagnostic-logs-to-ivpn.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/i-cannot-access-devices-on-my-local-network-why.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/i-cannot-connect-to-the-vpn-what-can-i-do.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/i-lose-internet-connection-when-i-disconnect-from-ivpn-why.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/i-receive-an-andsharp039authentication-failureandsharp039-message-what-can-i-do.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/my-real-location-is-detected-when-connected-to-vpn-how-to-disable-geolocation.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/my-vpn-connection-is-randomly-disconnecting-what-can-i-do.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/my-vpn-is-connected-but-i-cannot-browse-the-internet-why.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/my-vpn-is-slow-what-can-i-do-to-make-it-faster.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/replay-window-backtrack-occurred-error.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/the-battery-on-my-phone-drains-too-fast-while-using-ivpn-why.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/tls-error-unroutable-control-packet-received-how-to-fix.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/tls-key-negotiation-failed-to-occur-how-to-fix.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/windows/_index.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/windows/windows-10-set-ivpn-dns-servers-manually.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/windows/windows-all-tap-win32-adapters-in-use-error.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/windows/windows-defender-smartscreen-prevents-the-installation-of-ivpn-app-why.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/windows/windows-dns-cannot-be-resolved.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-save-my-credentials.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-start-automatically.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/windows/windows-my-ip-address-doesnandsharp039t-change-when-connected-why.md (100%)
 rename src/content/{ => en}/pages/knowledgebase/windows/windows-warning-route-gateway-is-not-reachable.md (100%)
 rename src/content/{ => en}/pages/legal-process-guidelines.md (100%)
 rename src/content/{ => en}/pages/light.md (100%)
 rename src/content/{ => en}/pages/manifesto.md (100%)
 rename src/content/{ => en}/pages/openvpn-configuration.md (100%)
 rename src/content/{ => en}/pages/pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard.md (100%)
 rename src/content/{ => en}/pages/pricing-teams.md (100%)
 rename src/content/{ => en}/pages/pricing.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/18-questions-to-ask-your-vpn-service-provider.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/_index.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/advanced-privacy-and-anonymity-part-1.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/advanced-privacy-and-anonymity-part-2.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/advanced-privacy-and-anonymity-part-3.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/advanced-privacy-and-anonymity-part-4.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/advanced-privacy-and-anonymity-part-5.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/advanced-privacy-and-anonymity-part-6.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/advanced-privacy-and-anonymity-part-7.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/advanced-privacy-and-anonymity-part-8.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/adversaries-and-anonymity-systems-the-basics.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/an-introduction-to-privacy-anonymity.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/an-introduction-to-tor-vs-i2p.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/applying-risk-management-to-privacy.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/comparing-dvpns-centralized-vpns-privacy-protection.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/creating-a-vm-within-a-hidden-truecrypt-partition.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/how-to-perform-a-vpn-leak-test.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/how-to-verify-physical-locations-of-internet-servers.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/isp-netflow-surveillance-and-vpn.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/mac-address.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/onion-ssh-hosts-for-login-chaining.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-1.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-2.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/raspberry-pi-2-ivpn-gateway.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/vpn-latency-explained.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/vpn-vs-tor.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/what-is-a-vpn.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/why-use-tor-with-a-vpn-service.md (100%)
 rename src/content/{ => en}/pages/privacy-guides/will-a-vpn-protect-me.md (100%)
 rename src/content/{ => en}/pages/privacy-policy.md (100%)
 rename src/content/{ => en}/pages/refunds.md (100%)
 rename src/content/{ => en}/pages/report-vulnerability.md (100%)
 rename src/content/{ => en}/pages/servers.md (100%)
 rename src/content/{ => en}/pages/setup/android-ipsec-with-ikev2.md (100%)
 rename src/content/{ => en}/pages/setup/android-openvpn-for-android.md (100%)
 rename src/content/{ => en}/pages/setup/android-wireguard.md (100%)
 rename src/content/{ => en}/pages/setup/ios-ipsec-ikev2.md (100%)
 rename src/content/{ => en}/pages/setup/ios-openvpn-connect.md (100%)
 rename src/content/{ => en}/pages/setup/ios-wireguard.md (100%)
 rename src/content/{ => en}/pages/setup/linux-ipsec-with-ikev2.md (100%)
 rename src/content/{ => en}/pages/setup/linux-netman.md (100%)
 rename src/content/{ => en}/pages/setup/linux-terminal.md (100%)
 rename src/content/{ => en}/pages/setup/linux-wireguard-netman.md (100%)
 rename src/content/{ => en}/pages/setup/linux-wireguard.md (100%)
 rename src/content/{ => en}/pages/setup/macos-ipsec-with-ikev2.md (100%)
 rename src/content/{ => en}/pages/setup/macos-openvpn-tunnelblick.md (100%)
 rename src/content/{ => en}/pages/setup/macos-wireguard.md (100%)
 rename src/content/{ => en}/pages/setup/nas/_index.md (100%)
 rename src/content/{ => en}/pages/setup/nas/qnap.md (100%)
 rename src/content/{ => en}/pages/setup/nas/synology-6.md (100%)
 rename src/content/{ => en}/pages/setup/router/_index.md (100%)
 rename src/content/{ => en}/pages/setup/router/asuswrt-merlin-openvpn.md (100%)
 rename src/content/{ => en}/pages/setup/router/asuswrt-merlin-wireguard.md (100%)
 rename src/content/{ => en}/pages/setup/router/asuswrt-openvpn.md (100%)
 rename src/content/{ => en}/pages/setup/router/asuswrt-wireguard.md (100%)
 rename src/content/{ => en}/pages/setup/router/ddwrt-auto.md (100%)
 rename src/content/{ => en}/pages/setup/router/ddwrt-manual.md (100%)
 rename src/content/{ => en}/pages/setup/router/ddwrt-wireguard.md (100%)
 rename src/content/{ => en}/pages/setup/router/ddwrt.md (100%)
 rename src/content/{ => en}/pages/setup/router/openwrt-wireguard-legacy.md (100%)
 rename src/content/{ => en}/pages/setup/router/openwrt-wireguard.md (100%)
 rename src/content/{ => en}/pages/setup/router/openwrt.md (100%)
 rename src/content/{ => en}/pages/setup/router/opnsense-openvpn-instances.md (100%)
 rename src/content/{ => en}/pages/setup/router/opnsense-wireguard.md (100%)
 rename src/content/{ => en}/pages/setup/router/opnsense.md (100%)
 rename src/content/{ => en}/pages/setup/router/pfsense-wireguard.md (100%)
 rename src/content/{ => en}/pages/setup/router/pfsense.md (100%)
 rename src/content/{ => en}/pages/setup/router/tomato-manual.md (100%)
 rename src/content/{ => en}/pages/setup/windows-10-ipsec-with-ikev2.md (100%)
 rename src/content/{ => en}/pages/setup/windows-10-openvpn-community.md (100%)
 rename src/content/{ => en}/pages/setup/windows-10-wireguard.md (100%)
 rename src/content/{ => en}/pages/setup/windows-8-openvpn-community.md (100%)
 rename src/content/{ => en}/pages/supported-projects.md (100%)
 rename src/content/{ => en}/pages/supportua-ru.md (100%)
 rename src/content/{ => en}/pages/supportua.md (100%)
 rename src/content/{ => en}/pages/team.md (100%)
 rename src/content/{ => en}/pages/terms-of-service.md (100%)
 rename src/content/{ => en}/pages/thank-you-light.md (100%)
 rename src/content/{ => en}/pages/transparency-report.md (100%)
 rename src/content/{ => en}/pages/trust.md (100%)
 rename src/content/{ => en}/pages/what-is-vpn.md (100%)
 rename src/content/{ => en}/pages/wireguard-vpn.md (100%)
 create mode 100644 src/content/es/authors/alexandr-stelnykovych/_index.md
 create mode 100644 src/content/es/authors/iain-douglas/_index.md
 create mode 100644 src/content/es/authors/juraj-hilje/_index.md
 create mode 100644 src/content/es/authors/mirimir/_index.md
 create mode 100644 src/content/es/authors/nick-pestell/_index.md
 create mode 100644 src/content/es/authors/viktor-vecsei/_index.md
 create mode 100644 src/content/es/blog/2010-08-08-the-importance-of-privacy.md
 create mode 100644 src/content/es/blog/2010-09-22-the-right-to-privacy.md
 create mode 100644 src/content/es/blog/2011-04-13-new-zealand-about-to-push-through-controversial-three-strikes-law.md
 create mode 100644 src/content/es/blog/2011-06-27-fbi-gives-agents-ok-to-invade-privacy.md
 create mode 100644 src/content/es/blog/2012-01-26-could-you-be-prosecuted-under-a-foreign-countrys-online-content-laws.md
 create mode 100644 src/content/es/blog/2012-02-01-government-bills-spy-on-individual-surfing-habits.md
 create mode 100644 src/content/es/blog/2012-02-04-the-fbi-wants-to-criminalise-online-privacy.md
 create mode 100644 src/content/es/blog/2012-02-11-europeans-rage-against-acta.md
 create mode 100644 src/content/es/blog/2012-02-19-canadians-face-police-attack-on-online-privacy.md
 create mode 100644 src/content/es/blog/2012-02-19-google-caught-spying-on-safari-users.md
 create mode 100644 src/content/es/blog/2012-02-26-iranians-face-halal-internet.md
 create mode 100644 src/content/es/blog/2012-03-03-ireland-passes-sopa-law.md
 create mode 100644 src/content/es/blog/2012-03-09-uk-isps-forced-to-spy-on-customers.md
 create mode 100644 src/content/es/blog/2012-03-15-internet-privacy-concerns-rise-as-debate-rages-over-ad-tracking-regulation.md
 create mode 100644 src/content/es/blog/2012-03-26-top-five-ways-to-protect-your-online-privacy.md
 create mode 100644 src/content/es/blog/2012-04-02-can-duckduckgo-kill-google.md
 create mode 100644 src/content/es/blog/2012-04-06-uk-online-spying-law-how-to-resist.md
 create mode 100644 src/content/es/blog/2012-04-14-cispa-more-of-a-threat-to-online-privacy-than-sopa.md
 create mode 100644 src/content/es/blog/2012-04-24-a-quick-guide-to-current-online-privacy-threats.md
 create mode 100644 src/content/es/blog/2012-04-27-cispa-danger-esclates-as-bill-receives-approval.md
 create mode 100644 src/content/es/blog/2012-05-07-americas-most-dangerous-anti-online-privacy-politicians.md
 create mode 100644 src/content/es/blog/2012-05-16-when-it-comes-to-online-privacy-the-uk-is-already-screwed.md
 create mode 100644 src/content/es/blog/2012-05-26-nations-or-corporations-who-poses-the-biggest-threat-to-online-privacy.md
 create mode 100644 src/content/es/blog/2012-06-08-when-law-enforcement-knocks-on-a-vpns-door-what-happens.md
 create mode 100644 src/content/es/blog/2012-06-19-the-uks-political-parties-dont-care-about-online-privacy.md
 create mode 100644 src/content/es/blog/2012-06-27-governments-and-online-privacy-who-are-the-worst-offenders.md
 create mode 100644 src/content/es/blog/2012-07-02-status-update-current-threats-to-online-privacy.md
 create mode 100644 src/content/es/blog/2012-07-12-acta-and-sopa-back-from-the-dead.md
 create mode 100644 src/content/es/blog/2012-07-18-top-five-worst-online-privacy-breaches.md
 create mode 100644 src/content/es/blog/2012-07-25-protecting-your-online-privacy-on-a-smartphone.md
 create mode 100644 src/content/es/blog/2012-08-02-australia-prepares-for-new-online-privacy-fight.md
 create mode 100644 src/content/es/blog/2012-08-08-germany-the-biggest-defender-of-online-privacy.md
 create mode 100644 src/content/es/blog/2012-08-17-google-can-never-be-trusted-to-protect-your-privacy.md
 create mode 100644 src/content/es/blog/2012-08-24-android-is-a-trojan-horse-just-follow-the-money.md
 create mode 100644 src/content/es/blog/2012-08-29-trans-pacific-partnership-sopa-through-the-back-door.md
 create mode 100644 src/content/es/blog/2012-09-04-only-three-days-left-to-protest-uk-porn-filter.md
 create mode 100644 src/content/es/blog/2012-09-12-congress-to-vote-on-secret-spying-act-today.md
 create mode 100644 src/content/es/blog/2012-09-22-the-internet-association-a-rogues-gallery-of-online-privacy-violators.md
 create mode 100644 src/content/es/blog/2012-09-29-will-privacy-concerns-limit-facebooks-growth.md
 create mode 100644 src/content/es/blog/2012-10-05-australian-data-retention-debate-heats-up.md
 create mode 100644 src/content/es/blog/2012-10-13-top-5-online-privacy-misconceptions.md
 create mode 100644 src/content/es/blog/2012-10-18-google-under-pressure-to-change-privacy-policy.md
 create mode 100644 src/content/es/blog/2012-10-28-top-five-free-online-privacy-tools.md
 create mode 100644 src/content/es/blog/2012-11-03-71-of-brits-dont-trust-governments-new-cyber-security-bill.md
 create mode 100644 src/content/es/blog/2012-11-09-want-to-know-how-much-your-personal-data-is-really-worth.md
 create mode 100644 src/content/es/blog/2012-11-19-uk-online-communications-crackdown-a-brief-round-up.md
 create mode 100644 src/content/es/blog/2012-11-25-europeans-more-concerned-about-online-privacy-than-canadians.md
 create mode 100644 src/content/es/blog/2012-12-03-oppose-the-uks-spying-bill-youre-siding-with-paedophiles.md
 create mode 100644 src/content/es/blog/2012-12-07-uk-public-data-under-threat-from-us-patriot-act.md
 create mode 100644 src/content/es/blog/2012-12-13-160-million-people-affected-by-data-breaches-in-2012.md
 create mode 100644 src/content/es/blog/2012-12-20-us-boosts-child-online-privacy-law-but-facebook-gets-off-the-hook.md
 create mode 100644 src/content/es/blog/2012-12-26-top-5-online-privacy-trends-in-2013.md
 create mode 100644 src/content/es/blog/2013-01-21-the-uks-top-5-anti-online-privacy-politicans.md
 create mode 100644 src/content/es/blog/2013-02-08-the-five-biggest-threats-to-global-online-privacy.md
 create mode 100644 src/content/es/blog/2013-04-01-european-parliament-eu-surveillance-programmes-are-incompatible-with-the-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md
 create mode 100644 src/content/es/blog/2013-04-01-top-five-defenders-of-online-privacy.md
 create mode 100644 src/content/es/blog/2013-04-14-facebook-vs-google-the-loser-is-your-privacy.md
 create mode 100644 src/content/es/blog/2013-04-18-is-cispa-a-threat-to-vpn-users.md
 create mode 100644 src/content/es/blog/2013-05-08-apple-vs-google-who-better-protects-your-privacy.md
 create mode 100644 src/content/es/blog/2013-05-17-the-online-privacy-debate-understanding-the-basics.md
 create mode 100644 src/content/es/blog/2013-05-29-introducing-ivpns-new-privacy-guides.md
 create mode 100644 src/content/es/blog/2013-06-06-vpn-privacy-policies-decoded-hide-my-ass.md
 create mode 100644 src/content/es/blog/2013-06-06-vpn-privacy-policies-decoded.md
 create mode 100644 src/content/es/blog/2013-06-07-prism-the-us-government-is-attacking-the-entire-global-online-community.md
 create mode 100644 src/content/es/blog/2013-06-14-vpn-privacy-policies-decoded-strongvpn.md
 create mode 100644 src/content/es/blog/2013-06-21-vpn-privacy-policies-decoded-airvpn.md
 create mode 100644 src/content/es/blog/2013-06-28-vpn-privacy-policies-decoded-witopia.md
 create mode 100644 src/content/es/blog/2013-07-07-global-privacy-poll-germans-least-concerned-about-online-privacy.md
 create mode 100644 src/content/es/blog/2013-07-19-uk-gov-publishes-whitewash-investigation-into-prism.md
 create mode 100644 src/content/es/blog/2013-07-28-vpn-privacy-policies-decoded-boxpn.md
 create mode 100644 src/content/es/blog/2013-08-20-prism-is-the-biggest-influence-on-vpn-sign-ups.md
 create mode 100644 src/content/es/blog/2013-09-18-the-onion-router-under-fire.md
 create mode 100644 src/content/es/blog/2013-09-28-top-five-threats-to-online-privacy-2013.md
 create mode 100644 src/content/es/blog/2013-10-23-vpn-privacy-policies-decoded-vyprvpn.md
 create mode 100644 src/content/es/blog/2013-11-07-ivpn-launches-new-privacy-guides.md
 create mode 100644 src/content/es/blog/2013-11-15-european-parliament-eu-surveillance-programmes-are-incompatible-with-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md
 create mode 100644 src/content/es/blog/2013-11-21-new-windows-vpn-client.md
 create mode 100644 src/content/es/blog/2013-11-30-five-reasons-uk-politicians-hate-internet.md
 create mode 100644 src/content/es/blog/2013-12-15-will-europeans-really-set-free-data-retention.md
 create mode 100644 src/content/es/blog/2013-12-24-concerned-online-privacy-heres-five-us-politicians-keep-eye-2014.md
 create mode 100644 src/content/es/blog/2013-12-30-will-us-government-try-ban-vpns-2014.md
 create mode 100644 src/content/es/blog/2014-01-14-dont-expect-googles-conscious-home-to-keep-things-private.md
 create mode 100644 src/content/es/blog/2014-01-28-individuals-responsible-online-privacy-governments-says-survey.md
 create mode 100644 src/content/es/blog/2014-04-10-heartbleed-passwords-change.md
 create mode 100644 src/content/es/blog/2014-06-18-quick-guide-fcc-corruption-infographic.md
 create mode 100644 src/content/es/blog/2014-07-15-uk-citizens-care-online-privacy-24-hours-two-simple-things.md
 create mode 100644 src/content/es/blog/2014-08-18-internet-censorship-around-the-world.md
 create mode 100644 src/content/es/blog/2014-09-09-americas-worst-anti-online-privacy-politicians.md
 create mode 100644 src/content/es/blog/2015-01-27-new-ivpn-client-v2-0-windows.md
 create mode 100644 src/content/es/blog/2015-05-26-scheduled-server-maintenance-june-2015.md
 create mode 100644 src/content/es/blog/2015-08-26-20-faster-windows-10-less-secure.md
 create mode 100644 src/content/es/blog/2015-10-28-port-forwarding-reservations-now-available.md
 create mode 100644 src/content/es/blog/2015-11-26-introducing-the-ivpn-client-v2-4-for-windows-osx.md
 create mode 100644 src/content/es/blog/2015-11-26-multihop-v2-network-now-available.md
 create mode 100644 src/content/es/blog/2016-01-21-should-gibraltar-be-classified-as-a-member-of-the-five-eyes-alliance.md
 create mode 100644 src/content/es/blog/2016-09-23-closed-affiliate-program.md
 create mode 100644 src/content/es/blog/2017-03-15-new-ivpn-app-ios.md
 create mode 100644 src/content/es/blog/2017-07-14-are-anti-malware-products-uploading-your-private-data.md
 create mode 100644 src/content/es/blog/2018-02-13-updated-desktop-apps-for-windows-and-macos.md
 create mode 100644 src/content/es/blog/2018-03-15-collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties.md
 create mode 100644 src/content/es/blog/2018-04-19-you-cant-always-get-what-you-want-the-eternal-conflict-between-lawful-access-and-privacy.md
 create mode 100644 src/content/es/blog/2018-07-23-new-trusted-wi-fi-networks-feature-for-ivpn-apps.md
 create mode 100644 src/content/es/blog/2018-08-28-new-pause-vpn-feature-for-ivpn-apps.md
 create mode 100644 src/content/es/blog/2018-12-11-introducing-wireguard-fully-automated.md
 create mode 100644 src/content/es/blog/2019-02-18-ivpn-is-now-a-tracking-free-provider.md
 create mode 100644 src/content/es/blog/2019-03-21-ivpn-no-logging-claim-verified-by-independent-audit.md
 create mode 100644 src/content/es/blog/2019-06-11-block-ads-and-beat-data-surveillance-with-ivpns-antitracker.md
 create mode 100644 src/content/es/blog/2019-07-11-windows-support-and-privacy-improvements-for-wireguard.md
 create mode 100644 src/content/es/blog/2019-10-09-ivpn-to-undergo-extensive-security-audit.md
 create mode 100644 src/content/es/blog/2019-11-29-introducing-a-new-ivpn-subscription-plan.md
 create mode 100644 src/content/es/blog/2019-12-12-password-less-vpn-authentication.md
 create mode 100644 src/content/es/blog/2020-01-23-independent-security-audit-concluded.md
 create mode 100644 src/content/es/blog/2020-02-10-ivpn-applications-are-now-open-source.md
 create mode 100644 src/content/es/blog/2020-04-06-ivpn-for-android-is-now-available-on-f-droid.md
 create mode 100644 src/content/es/blog/2020-04-07-most-people-dont-need-a-commercial-vpn-to-work-from-home-securely.md
 create mode 100644 src/content/es/blog/2020-04-22-beta-ivpn-linux-app-released.md
 create mode 100644 src/content/es/blog/2020-04-22-updating-the-ivpn-certificate-authority.md
 create mode 100644 src/content/es/blog/2022-01-31-ivpn-apps-on-all-platforms-to-undergo-security-audit.md
 create mode 100644 src/content/es/blog/2023-03-15-ivpn-infrastructure-audit-concluded.md
 create mode 100644 src/content/es/blog/2023-06-29-gradual-removal-of-port-forwarding.md
 create mode 100644 src/content/es/blog/2023-08-10-name-change-from-privatus-to-ivpn-limited.md
 create mode 100644 src/content/es/blog/battery-life-apple-silicon-build-ivpn-app.md
 create mode 100644 src/content/es/blog/better-tracker-blocking-controls-with-antitracker-plus.md
 create mode 100644 src/content/es/blog/command-line-interface-for-ivpn-released.md
 create mode 100644 src/content/es/blog/device-management-for-better-control.md
 create mode 100644 src/content/es/blog/dns-over-https-doh-macos-linux-windows.md
 create mode 100644 src/content/es/blog/extending-two-factor-authentication-to-ivpn-apps.md
 create mode 100644 src/content/es/blog/helping-people-decide-if-they-need-a-vpn-doineedavpn-launch.md
 create mode 100644 src/content/es/blog/in-support-of-ukraine.md
 create mode 100644 src/content/es/blog/insights-about-apple-app-store-rules-for-vpn-apps.md
 create mode 100644 src/content/es/blog/introducing-a-redesigned-ivpn-for-android.md
 create mode 100644 src/content/es/blog/introducing-split-tunnelling-to-ivpn-for-windows.md
 create mode 100644 src/content/es/blog/ipv6-over-ipv4-available-for-testing.md
 create mode 100644 src/content/es/blog/ivpn-apps-on-all-platforms-to-undergo-security-audit.md
 create mode 100644 src/content/es/blog/ivpn-apps-security-audit-2022-concluded.md
 create mode 100644 src/content/es/blog/ivpn-apps-security-audit-concluded.md
 create mode 100644 src/content/es/blog/ivpn-for-ios-now-offers-dns-over-https.md
 create mode 100644 src/content/es/blog/ivpn-infrastructure-fifth-audit-announcement.md
 create mode 100644 src/content/es/blog/ivpn-now-accepts-monero-payments-runs-full-node.md
 create mode 100644 src/content/es/blog/ivpn-preparing-sixth-security-audit.md
 create mode 100644 src/content/es/blog/ivpn-tunnelcrack-vulnerability-assessment.md
 create mode 100644 src/content/es/blog/kill-switch-and-wireguard-multi-hop-added-to-ivpn-for-ios.md
 create mode 100644 src/content/es/blog/kill-switch-changes-ivpn-android.md
 create mode 100644 src/content/es/blog/launch-ivpn-light-short-term-vpn-paid-btc-lightning.md
 create mode 100644 src/content/es/blog/misleading-promises-of-the-worlds-fastest-anonymous-military-grade-vpns.md
 create mode 100644 src/content/es/blog/new-ivpn-apps-for-macos-and-windows.md
 create mode 100644 src/content/es/blog/new-ivpn-for-android-version-v2.4.0-with-bypass-vpn-and-mock-location-options.md
 create mode 100644 src/content/es/blog/new-ivpn-linux-app-with-gui-now-available.md
 create mode 100644 src/content/es/blog/new-open-source-ivpn-website-subscribe-without-providing-your-email.md
 create mode 100644 src/content/es/blog/privacy-issue-real-vpns-alone-cant-solve-it.md
 create mode 100644 src/content/es/blog/quantum-resistant-wireguard-connections-ivpn-apps.md
 create mode 100644 src/content/es/blog/release-of-revamped-ivpn-app-for-iphones-and-ipads.md
 create mode 100644 src/content/es/blog/removal-of-kill-switch-from-our-ios-app-due-to-apple-ip-leak-issue.md
 create mode 100644 src/content/es/blog/socks5-proxy.md
 create mode 100644 src/content/es/blog/test-the-new-ivpn-apps-in-our-first-beta-program.md
 create mode 100644 src/content/es/blog/vpns-are-imperfect-but-necessary-privacy-enhancing-tools.md
 create mode 100644 src/content/es/blog/who-owns-your-vpn-you-should-find-out.md
 create mode 100644 src/content/es/blog/why-we-refuse-modern-marketing.md
 create mode 100644 src/content/es/blog/why-you-dont-need-a-vpn.md
 create mode 100644 src/content/es/blog/wireguard-port-forwarding-enabled.md
 create mode 100644 src/content/es/blog/your-vpn-provider-wont-go-to-jail-for-you.md
 create mode 100644 src/content/es/categories/industry-insights/_index.md
 create mode 100644 src/content/es/categories/ivpn-news/_index.md
 create mode 100644 src/content/es/categories/privacy-security/_index.md
 create mode 100644 src/content/es/categories/releases/_index.md
 create mode 100644 src/content/es/categories/under-the-hood/_index.md
 create mode 100644 src/content/es/pages/account.md
 create mode 100644 src/content/es/pages/antitracker.md
 create mode 100644 src/content/es/pages/apps-android.md
 create mode 100644 src/content/es/pages/apps-ios.md
 create mode 100644 src/content/es/pages/apps-linux-legacy.md
 create mode 100644 src/content/es/pages/apps-linux.md
 create mode 100644 src/content/es/pages/apps-macos.md
 create mode 100644 src/content/es/pages/apps-windows.md
 create mode 100644 src/content/es/pages/apps.md
 create mode 100644 src/content/es/pages/contactus.md
 create mode 100644 src/content/es/pages/ethics.md
 create mode 100644 src/content/es/pages/headless.md
 create mode 100644 src/content/es/pages/home.md
 create mode 100644 src/content/es/pages/knowledgebase/android/_index.md
 create mode 100644 src/content/es/pages/knowledgebase/android/developer-options-on-the-android-phone.md
 create mode 100644 src/content/es/pages/knowledgebase/android/error 424 public key not found.md
 create mode 100644 src/content/es/pages/knowledgebase/android/ivpn-doesnandsharp039t-start-on-boot.md
 create mode 100644 src/content/es/pages/knowledgebase/android/mock-location-option.md
 create mode 100644 src/content/es/pages/knowledgebase/android/unable-to-click-andsharp039okandsharp039-on-the-connection-request-prompt-why.md
 create mode 100644 src/content/es/pages/knowledgebase/android/what-permissions-does-your-app-require-and-why.md
 create mode 100644 src/content/es/pages/knowledgebase/billing/_index.md
 create mode 100644 src/content/es/pages/knowledgebase/billing/does-ivpn-offer-a-free-trial.md
 create mode 100644 src/content/es/pages/knowledgebase/billing/how-can-i-cancel-my-ivpn-subscription.md
 create mode 100644 src/content/es/pages/knowledgebase/billing/how-can-i-delete-my-ivpn-account.md
 create mode 100644 src/content/es/pages/knowledgebase/billing/how-can-i-pay-with-cash.md
 create mode 100644 src/content/es/pages/knowledgebase/billing/how-can-i-reactivate-my-account.md
 create mode 100644 src/content/es/pages/knowledgebase/billing/i-paid-with-bitcoin-but-the-invoice-is-still-unpaid-why.md
 create mode 100644 src/content/es/pages/knowledgebase/billing/i-paid-with-paypal-but-my-account-is-still-pending-why.md
 create mode 100644 src/content/es/pages/knowledgebase/billing/paid-with-paypal-using-echeck-but-ivpn-account-is-still-in-pendingorsuspended-state-why.md
 create mode 100644 src/content/es/pages/knowledgebase/billing/paypal-wonandsharp039t-let-me-pay-with-my-credit-card-can-you-help.md
 create mode 100644 src/content/es/pages/knowledgebase/billing/voucher-cards-faq.md
 create mode 100644 src/content/es/pages/knowledgebase/general/_index.md
 create mode 100644 src/content/es/pages/knowledgebase/general/answers-for-18-questions-to-ask-your-vpn-service-provider.md
 create mode 100644 src/content/es/pages/knowledgebase/general/antitracker-faq.md
 create mode 100644 src/content/es/pages/knowledgebase/general/antitracker-plus-lists-explained.md
 create mode 100644 src/content/es/pages/knowledgebase/general/antivirus-detects-malware-in-the-ivpn-installer-why.md
 create mode 100644 src/content/es/pages/knowledgebase/general/can-i-access-hulu-or-netflix-or-bbc-iplayer-using-ivpn.md
 create mode 100644 src/content/es/pages/knowledgebase/general/command-line-client-faq.md
 create mode 100644 src/content/es/pages/knowledgebase/general/configuring-the-ivpn-app-to-autoconnect.md
 create mode 100644 src/content/es/pages/knowledgebase/general/custom-dns.md
 create mode 100644 src/content/es/pages/knowledgebase/general/device-management-faq.md
 create mode 100644 src/content/es/pages/knowledgebase/general/do-you-allow-p2p-or-bittorrent-or-torrents-downloading.md
 create mode 100644 src/content/es/pages/knowledgebase/general/do-you-allow-smtp-email-whilst-connected-to-ivpn.md
 create mode 100644 src/content/es/pages/knowledgebase/general/do-you-have-advanced-privacy-guides.md
 create mode 100644 src/content/es/pages/knowledgebase/general/do-you-have-an-affiliate-program.md
 create mode 100644 src/content/es/pages/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall.md
 create mode 100644 src/content/es/pages/knowledgebase/general/do-you-offer-dedicated-or-static-ip-addresses.md
 create mode 100644 src/content/es/pages/knowledgebase/general/do-you-offer-ipv6.md
 create mode 100644 src/content/es/pages/knowledgebase/general/do-you-offer-openvpn-wireguard-config-files.md
 create mode 100644 src/content/es/pages/knowledgebase/general/do-you-offer-two-factor-authentication.md
 create mode 100644 src/content/es/pages/knowledgebase/general/do-you-reboot-servers-during-a-maintenance-window.md
 create mode 100644 src/content/es/pages/knowledgebase/general/do-you-support-blackberry.md
 create mode 100644 src/content/es/pages/knowledgebase/general/do-you-support-chromebook.md
 create mode 100644 src/content/es/pages/knowledgebase/general/do-you-support-port-forwarding.md
 create mode 100644 src/content/es/pages/knowledgebase/general/do-you-support-tunnelblick-or-viscosity.md
 create mode 100644 src/content/es/pages/knowledgebase/general/does-ivpn-protect-ssh-connections.md
 create mode 100644 src/content/es/pages/knowledgebase/general/does-ivpn-support-pfsense-firewall.md
 create mode 100644 src/content/es/pages/knowledgebase/general/does-ivpn-support-roku-media-players.md
 create mode 100644 src/content/es/pages/knowledgebase/general/does-ivpn-support-synology-nas.md
 create mode 100644 src/content/es/pages/knowledgebase/general/does-ivpn-support-windows-10.md
 create mode 100644 src/content/es/pages/knowledgebase/general/does-voip-work-with-ivpn.md
 create mode 100644 src/content/es/pages/knowledgebase/general/firewall-exceptions.md
 create mode 100644 src/content/es/pages/knowledgebase/general/how-can-i-connect-to-the-multihop-network.md
 create mode 100644 src/content/es/pages/knowledgebase/general/how-do-i-remotely-connect-to-my-home-system-or-services-behind-the-vpn-connection.md
 create mode 100644 src/content/es/pages/knowledgebase/general/how-do-i-send-a-secure-pgp-encrypted-email-to-ivpn.md
 create mode 100644 src/content/es/pages/knowledgebase/general/how-many-devices-or-simultaneous-connections-can-i-have-to-ivpn.md
 create mode 100644 src/content/es/pages/knowledgebase/general/how-many-ips-do-you-have-in-total-or-per-server.md
 create mode 100644 src/content/es/pages/knowledgebase/general/how-much-does-ivpn-cost.md
 create mode 100644 src/content/es/pages/knowledgebase/general/how-to-verify-warrant-canary-signature.md
 create mode 100644 src/content/es/pages/knowledgebase/general/in-which-countries-do-you-have-servers-or-where-are-your-servers-located.md
 create mode 100644 src/content/es/pages/knowledgebase/general/is-using-l2tporipsec-with-a-public-pre-shared-key-secure.md
 create mode 100644 src/content/es/pages/knowledgebase/general/my-ip-is-being-leaked-by-webrtc-how-do-i-disable-it.md
 create mode 100644 src/content/es/pages/knowledgebase/general/quantum-resistance-faq.md
 create mode 100644 src/content/es/pages/knowledgebase/general/quantum-resistant-vpn-connections.md
 create mode 100644 src/content/es/pages/knowledgebase/general/socks5-proxy-service.md
 create mode 100644 src/content/es/pages/knowledgebase/general/split-tunnel-faq.md
 create mode 100644 src/content/es/pages/knowledgebase/general/split-tunnel-uses-and-limitations.md
 create mode 100644 src/content/es/pages/knowledgebase/general/tcp-and-udp-connections.md
 create mode 100644 src/content/es/pages/knowledgebase/general/using-wireguard-for-privacy-protection.md
 create mode 100644 src/content/es/pages/knowledgebase/general/what-are-tcp-connections.md
 create mode 100644 src/content/es/pages/knowledgebase/general/what-is-a-multihop-vpn-service.md
 create mode 100644 src/content/es/pages/knowledgebase/general/what-is-the-default-encryption-cipher-for-vpn-connections.md
 create mode 100644 src/content/es/pages/knowledgebase/general/what-makes-ivpn-so-fast.md
 create mode 100644 src/content/es/pages/knowledgebase/general/what-payment-methods-do-you-accept.md
 create mode 100644 src/content/es/pages/knowledgebase/general/what-speed-can-i-expect-or-how-fast-is-ivpn.md
 create mode 100644 src/content/es/pages/knowledgebase/general/what-technologies-do-you-use-at-ivpn.md
 create mode 100644 src/content/es/pages/knowledgebase/general/what-vpn-protocols-do-you-offer.md
 create mode 100644 src/content/es/pages/knowledgebase/general/where-can-i-download-the-vpn-software-for-my-computer.md
 create mode 100644 src/content/es/pages/knowledgebase/general/why-is-the-location-of-the-server-not-accurate.md
 create mode 100644 src/content/es/pages/knowledgebase/general/wireguard-faq.md
 create mode 100644 src/content/es/pages/knowledgebase/ios/_index.md
 create mode 100644 src/content/es/pages/knowledgebase/ios/ios-how-to-enable-multihop.md
 create mode 100644 src/content/es/pages/knowledgebase/ios/ivpn-would-like-to-add-vpn-configurations-why-do-i-see-this-message.md
 create mode 100644 src/content/es/pages/knowledgebase/ios/native-ios-kill-switch-known-issues.md
 create mode 100644 src/content/es/pages/knowledgebase/ios/v2ray.md
 create mode 100644 src/content/es/pages/knowledgebase/linux/_index.md
 create mode 100644 src/content/es/pages/knowledgebase/linux/building-the-ivpn-cli-client-for-linux-on-a-raspberry-pi.md
 create mode 100644 src/content/es/pages/knowledgebase/linux/fedora-silverblue.md
 create mode 100644 src/content/es/pages/knowledgebase/linux/ivpn-on-qubes-os.md
 create mode 100644 src/content/es/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-fedora.md
 create mode 100644 src/content/es/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-ubuntu.md
 create mode 100644 src/content/es/pages/knowledgebase/linux/linux-autostart-wireguard-in-systemd.md
 create mode 100644 src/content/es/pages/knowledgebase/linux/linux-avc-denial-with-selinux.md
 create mode 100644 src/content/es/pages/knowledgebase/linux/linux-cannot-import-ovpn-config-file.md
 create mode 100644 src/content/es/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables.md
 create mode 100644 src/content/es/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-nftables-and-openvpn.md
 create mode 100644 src/content/es/pages/knowledgebase/linux/linux-kill-switch-using-the-uncomplicated-firewall-ufw.md
 create mode 100644 src/content/es/pages/knowledgebase/linux/linux-obfs3-and-obfs4-obfuscation-with-obfsproxy-to-circumvent-censorship.md
 create mode 100644 src/content/es/pages/knowledgebase/linux/linux-tray-icon-is-missing-in-gnome.md
 create mode 100644 src/content/es/pages/knowledgebase/linux/linux-webpages-do-not-load-or-dns-leaks-when-connecting-via-networkmanager.md
 create mode 100644 src/content/es/pages/knowledgebase/linux/linux-wireguard-kill-switch.md
 create mode 100644 src/content/es/pages/knowledgebase/linux/linux-wireguard-rtnetlink-answers-operation-not-supported.md
 create mode 100644 src/content/es/pages/knowledgebase/linux/managing-the-ivpn-linux-client-at-system-boot.md
 create mode 100644 src/content/es/pages/knowledgebase/macos/_index.md
 create mode 100644 src/content/es/pages/knowledgebase/macos/how-do-i-completely-uninstall-or-remove-tunnelblick.md
 create mode 100644 src/content/es/pages/knowledgebase/macos/how-to-resolve-error-ivpnapp-is-damaged-and-cannot-be-opened.md
 create mode 100644 src/content/es/pages/knowledgebase/macos/ivpnapp-wants-to-control-system-events-why-do-i-see-this-warning.md
 create mode 100644 src/content/es/pages/knowledgebase/macos/macos-disposable-emails.md
 create mode 100644 src/content/es/pages/knowledgebase/macos/macos-failed-to-regenerate-wireguard-keys-private-key-generation-error-133.md
 create mode 100644 src/content/es/pages/knowledgebase/macos/macos-how-do-i-completely-uninstall-or-remove-the-ivpn-application.md
 create mode 100644 src/content/es/pages/knowledgebase/macos/macos-ivpn-helper-agent-is-not-starting.md
 create mode 100644 src/content/es/pages/knowledgebase/macos/macos-launch-at-login-is-not-available.md
 create mode 100644 src/content/es/pages/knowledgebase/macos/macos-what-credentials-are-required-for-the-helper-agent-portion-of-the-ivpn-app-install.md
 create mode 100644 src/content/es/pages/knowledgebase/macos/tunnelblick-how-do-i-edit-the-openvpn-config-file.md
 create mode 100644 src/content/es/pages/knowledgebase/macos/tunnelblick-how-to-submit-diagnostic-data-to-ivpn.md
 create mode 100644 src/content/es/pages/knowledgebase/macos/tunnelblick-opening-utun-no-buffer-space-available.md
 create mode 100644 src/content/es/pages/knowledgebase/macos/tunnelblick-password-or-authentication-failure.md
 create mode 100644 src/content/es/pages/knowledgebase/macos/tunnelblick-the-internet-does-not-appear-to-be-reachable-error.md
 create mode 100644 src/content/es/pages/knowledgebase/macos/tunnelblick-unable-to-load-nettunnelblicktap-kexts-error.md
 create mode 100644 src/content/es/pages/knowledgebase/macos/tunnelblick-why-is-the-dns-server-incorrect.md
 create mode 100644 src/content/es/pages/knowledgebase/macos/what-macos-version-is-required-for-ivpn-client.md
 create mode 100644 src/content/es/pages/knowledgebase/macos/why-is-ivpn-agent-daemon-always-running.md
 create mode 100644 src/content/es/pages/knowledgebase/mp/_index.md
 create mode 100644 src/content/es/pages/knowledgebase/mp/connecting-to-ivpn-on-amazon-fire-tv.md
 create mode 100644 src/content/es/pages/knowledgebase/mp/how-do-i-connect-my-nvidia-shield-device.md
 create mode 100644 src/content/es/pages/knowledgebase/mp/how-to-use-ivpn-on-kodi-media-player.md
 create mode 100644 src/content/es/pages/knowledgebase/mp/is-ivpn-compatible-with-appletv.md
 create mode 100644 src/content/es/pages/knowledgebase/passwords/_index.md
 create mode 100644 src/content/es/pages/knowledgebase/passwords/how-do-i-change-my-password.md
 create mode 100644 src/content/es/pages/knowledgebase/passwords/i-forgot-my-ivpn-account-id-what-should-i-do.md
 create mode 100644 src/content/es/pages/knowledgebase/passwords/i-forgot-my-password-what-should-i-do.md
 create mode 100644 src/content/es/pages/knowledgebase/privacy/_index.md
 create mode 100644 src/content/es/pages/knowledgebase/privacy/do-you-collect-or-store-any-usageorstats-information-relating-to-an-account.md
 create mode 100644 src/content/es/pages/knowledgebase/privacy/do-you-store-any-logs-that-could-be-used-to-identify-a-customer.md
 create mode 100644 src/content/es/pages/knowledgebase/privacy/does-ivpn-offer-perfect-forward-secrecy-pfs.md
 create mode 100644 src/content/es/pages/knowledgebase/privacy/how-do-i-know-when-iandsharp039m-protected-by-ivpn.md
 create mode 100644 src/content/es/pages/knowledgebase/privacy/how-do-we-react-when-requested-by-an-authority-for-information-relating-to-a-customer.md
 create mode 100644 src/content/es/pages/knowledgebase/privacy/what-happens-if-laws-change-forcing-ivpn-to-compromise-their-customers-privacy.md
 create mode 100644 src/content/es/pages/knowledgebase/privacy/what-happens-if-you-receive-a-legal-notice-such-as-a-dmca-for-copyright-material-that-i-have-downloaded.md
 create mode 100644 src/content/es/pages/knowledgebase/privacy/what-information-do-you-collect-and-store-when-i-signup-for-your-service.md
 create mode 100644 src/content/es/pages/knowledgebase/privacy/what-information-is-collected-and-stored-about-all-visitors-to-your-website.md
 create mode 100644 src/content/es/pages/knowledgebase/privacy/what-information-is-stored-when-i-stop-using-your-service.md
 create mode 100644 src/content/es/pages/knowledgebase/routers/_index.md
 create mode 100644 src/content/es/pages/knowledgebase/routers/dd-wrt-how-do-i-exclude-hosts-or-bypass-vpn-tunnel.md
 create mode 100644 src/content/es/pages/knowledgebase/routers/dd-wrt-tls-errors-incoming-plaintext-read-error-etc.md
 create mode 100644 src/content/es/pages/knowledgebase/routers/how-to-enable-a-andsharp039kill-switchandsharp039-in-my-dd-wrtortomato-router.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/_index.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/error-connecting-to-ivpn-daemon.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/how-can-i-reset-my-dns-settings.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/how-do-i-connect-to-the-vpn-from-a-remote-server.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/how-do-i-use-the-ping-command.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/how-do-i-verify-the-location-of-server.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/how-to-disable-enhanced-app-authentication-eaa.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/how-to-submit-vpn-diagnostic-logs-to-ivpn.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/i-cannot-access-devices-on-my-local-network-why.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/i-cannot-connect-to-the-vpn-what-can-i-do.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/i-lose-internet-connection-when-i-disconnect-from-ivpn-why.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/i-receive-an-andsharp039authentication-failureandsharp039-message-what-can-i-do.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/my-real-location-is-detected-when-connected-to-vpn-how-to-disable-geolocation.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/my-vpn-connection-is-randomly-disconnecting-what-can-i-do.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/my-vpn-is-connected-but-i-cannot-browse-the-internet-why.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/my-vpn-is-slow-what-can-i-do-to-make-it-faster.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/replay-window-backtrack-occurred-error.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/the-battery-on-my-phone-drains-too-fast-while-using-ivpn-why.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/tls-error-unroutable-control-packet-received-how-to-fix.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/tls-key-negotiation-failed-to-occur-how-to-fix.md
 create mode 100644 src/content/es/pages/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers.md
 create mode 100644 src/content/es/pages/knowledgebase/windows/_index.md
 create mode 100644 src/content/es/pages/knowledgebase/windows/windows-10-set-ivpn-dns-servers-manually.md
 create mode 100644 src/content/es/pages/knowledgebase/windows/windows-all-tap-win32-adapters-in-use-error.md
 create mode 100644 src/content/es/pages/knowledgebase/windows/windows-defender-smartscreen-prevents-the-installation-of-ivpn-app-why.md
 create mode 100644 src/content/es/pages/knowledgebase/windows/windows-dns-cannot-be-resolved.md
 create mode 100644 src/content/es/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-save-my-credentials.md
 create mode 100644 src/content/es/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-start-automatically.md
 create mode 100644 src/content/es/pages/knowledgebase/windows/windows-my-ip-address-doesnandsharp039t-change-when-connected-why.md
 create mode 100644 src/content/es/pages/knowledgebase/windows/windows-warning-route-gateway-is-not-reachable.md
 create mode 100644 src/content/es/pages/legal-process-guidelines.md
 create mode 100644 src/content/es/pages/light.md
 create mode 100644 src/content/es/pages/manifesto.md
 create mode 100644 src/content/es/pages/openvpn-configuration.md
 create mode 100644 src/content/es/pages/pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard.md
 create mode 100644 src/content/es/pages/pricing-teams.md
 create mode 100644 src/content/es/pages/pricing.md
 create mode 100644 src/content/es/pages/privacy-guides/18-questions-to-ask-your-vpn-service-provider.md
 create mode 100644 src/content/es/pages/privacy-guides/_index.md
 create mode 100644 src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-1.md
 create mode 100644 src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-2.md
 create mode 100644 src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-3.md
 create mode 100644 src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-4.md
 create mode 100644 src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-5.md
 create mode 100644 src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-6.md
 create mode 100644 src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-7.md
 create mode 100644 src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-8.md
 create mode 100644 src/content/es/pages/privacy-guides/adversaries-and-anonymity-systems-the-basics.md
 create mode 100644 src/content/es/pages/privacy-guides/an-introduction-to-privacy-anonymity.md
 create mode 100644 src/content/es/pages/privacy-guides/an-introduction-to-tor-vs-i2p.md
 create mode 100644 src/content/es/pages/privacy-guides/applying-risk-management-to-privacy.md
 create mode 100644 src/content/es/pages/privacy-guides/comparing-dvpns-centralized-vpns-privacy-protection.md
 create mode 100644 src/content/es/pages/privacy-guides/creating-a-vm-within-a-hidden-truecrypt-partition.md
 create mode 100644 src/content/es/pages/privacy-guides/how-to-perform-a-vpn-leak-test.md
 create mode 100644 src/content/es/pages/privacy-guides/how-to-verify-physical-locations-of-internet-servers.md
 create mode 100644 src/content/es/pages/privacy-guides/isp-netflow-surveillance-and-vpn.md
 create mode 100755 src/content/es/pages/privacy-guides/mac-address.md
 create mode 100644 src/content/es/pages/privacy-guides/onion-ssh-hosts-for-login-chaining.md
 create mode 100644 src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-1.md
 create mode 100644 src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-2.md
 create mode 100644 src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3.md
 create mode 100644 src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4.md
 create mode 100644 src/content/es/pages/privacy-guides/raspberry-pi-2-ivpn-gateway.md
 create mode 100644 src/content/es/pages/privacy-guides/vpn-latency-explained.md
 create mode 100644 src/content/es/pages/privacy-guides/vpn-vs-tor.md
 create mode 100644 src/content/es/pages/privacy-guides/what-is-a-vpn.md
 create mode 100644 src/content/es/pages/privacy-guides/why-use-tor-with-a-vpn-service.md
 create mode 100644 src/content/es/pages/privacy-guides/will-a-vpn-protect-me.md
 create mode 100644 src/content/es/pages/privacy-policy.md
 create mode 100644 src/content/es/pages/refunds.md
 create mode 100644 src/content/es/pages/report-vulnerability.md
 create mode 100644 src/content/es/pages/servers.md
 create mode 100644 src/content/es/pages/setup/android-ipsec-with-ikev2.md
 create mode 100644 src/content/es/pages/setup/android-openvpn-for-android.md
 create mode 100644 src/content/es/pages/setup/android-wireguard.md
 create mode 100644 src/content/es/pages/setup/ios-ipsec-ikev2.md
 create mode 100644 src/content/es/pages/setup/ios-openvpn-connect.md
 create mode 100644 src/content/es/pages/setup/ios-wireguard.md
 create mode 100644 src/content/es/pages/setup/linux-ipsec-with-ikev2.md
 create mode 100644 src/content/es/pages/setup/linux-netman.md
 create mode 100644 src/content/es/pages/setup/linux-terminal.md
 create mode 100644 src/content/es/pages/setup/linux-wireguard-netman.md
 create mode 100644 src/content/es/pages/setup/linux-wireguard.md
 create mode 100644 src/content/es/pages/setup/macos-ipsec-with-ikev2.md
 create mode 100644 src/content/es/pages/setup/macos-openvpn-tunnelblick.md
 create mode 100644 src/content/es/pages/setup/macos-wireguard.md
 create mode 100644 src/content/es/pages/setup/nas/_index.md
 create mode 100644 src/content/es/pages/setup/nas/qnap.md
 create mode 100644 src/content/es/pages/setup/nas/synology-6.md
 create mode 100644 src/content/es/pages/setup/router/_index.md
 create mode 100644 src/content/es/pages/setup/router/asuswrt-merlin-openvpn.md
 create mode 100644 src/content/es/pages/setup/router/asuswrt-merlin-wireguard.md
 create mode 100644 src/content/es/pages/setup/router/asuswrt-openvpn.md
 create mode 100644 src/content/es/pages/setup/router/asuswrt-wireguard.md
 create mode 100644 src/content/es/pages/setup/router/ddwrt-auto.md
 create mode 100644 src/content/es/pages/setup/router/ddwrt-manual.md
 create mode 100644 src/content/es/pages/setup/router/ddwrt-wireguard.md
 create mode 100644 src/content/es/pages/setup/router/ddwrt.md
 create mode 100644 src/content/es/pages/setup/router/openwrt-wireguard-legacy.md
 create mode 100644 src/content/es/pages/setup/router/openwrt-wireguard.md
 create mode 100644 src/content/es/pages/setup/router/openwrt.md
 create mode 100644 src/content/es/pages/setup/router/opnsense-openvpn-instances.md
 create mode 100644 src/content/es/pages/setup/router/opnsense-wireguard.md
 create mode 100644 src/content/es/pages/setup/router/opnsense.md
 create mode 100644 src/content/es/pages/setup/router/pfsense-wireguard.md
 create mode 100644 src/content/es/pages/setup/router/pfsense.md
 create mode 100644 src/content/es/pages/setup/router/tomato-manual.md
 create mode 100644 src/content/es/pages/setup/windows-10-ipsec-with-ikev2.md
 create mode 100644 src/content/es/pages/setup/windows-10-openvpn-community.md
 create mode 100644 src/content/es/pages/setup/windows-10-wireguard.md
 create mode 100644 src/content/es/pages/setup/windows-8-openvpn-community.md
 create mode 100644 src/content/es/pages/supported-projects.md
 create mode 100644 src/content/es/pages/supportua-ru.md
 create mode 100644 src/content/es/pages/supportua.md
 create mode 100644 src/content/es/pages/team.md
 create mode 100644 src/content/es/pages/terms-of-service.md
 create mode 100644 src/content/es/pages/thank-you-light.md
 create mode 100644 src/content/es/pages/transparency-report.md
 create mode 100644 src/content/es/pages/trust.md
 create mode 100644 src/content/es/pages/what-is-vpn.md
 create mode 100644 src/content/es/pages/wireguard-vpn.md
 create mode 100644 src/i18n/en.toml
 create mode 100644 src/static/images/lang.svg
 create mode 100644 src/themes/ivpn-v3/assets/js/assets/icons/lgn.svg
 create mode 100644 src/themes/ivpn-v3/package.json.bak
 create mode 100644 src/themes/ivpn-v3/yarn-error.log

diff --git a/Dockerfile b/Dockerfile
index a4a9951cf..a61f4ca72 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -10,11 +10,11 @@ WORKDIR /opt/build
 # Install nodejs, yarn and hugo
 RUN apt-get update  \
     && apt-get install -y gnupg gnupg2 gnupg1 \
-    && curl -sL https://deb.nodesource.com/setup_15.x | bash - \
+    && curl -sL https://deb.nodesource.com/setup_16.x | bash - \
     && apt-get install -y nodejs \
     && apt-get update \
     && npm install --global yarn \
-    && curl -L  https://github.com/gohugoio/hugo/releases/download/v0.76.3/hugo_0.76.3_Linux-64bit.deb -o /tmp/hugo.deb \
+    && curl -L  https://github.com/gohugoio/hugo/releases/download/v0.124.1/hugo_0.124.1_linux-amd64.deb -o /tmp/hugo.deb \
     && dpkg -i /tmp/hugo.deb \
     && rm /tmp/hugo.deb
 
@@ -31,15 +31,24 @@ RUN yarn --cwd ./src/themes/ivpn-v3/ run copy:manifest
 RUN sed -E -e 's/^layout:(.*)$/layout: mobile-app/' \
      -e 's/^url:(.*)$/url: \/privacy-mobile-app\//' \
      -e 's/^canonical:(.*)$/canonical: \/privacy\//' \
-   ./src/content/pages/privacy-policy.md > ./src/content/pages/privacy-policy-mobile.md \
+   ./src/content/en/pages/privacy-policy.md > ./src/content/en/pages/privacy-policy-mobile.md \
    && sed -E -e 's/^layout:(.*)$/layout: mobile-app/' \
      -e 's/^url:(.*)$/url: \/tos-mobile-app\//' \
      -e 's/^canonical:(.*)$/canonical: \/tos\//' \
-   ./src/content/pages/terms-of-service.md > ./src/content/pages/terms-of-service-mobile.md
+   ./src/content/en/pages/terms-of-service.md > ./src/content/en/pages/terms-of-service-mobile.md
+
+RUN sed -E -e 's/^layout:(.*)$/layout: mobile-app/' \
+     -e 's/^url:(.*)$/url: \/privacy-mobile-app\//' \
+     -e 's/^canonical:(.*)$/canonical: \/privacy\//' \
+   ./src/content/es/pages/privacy-policy.md > ./src/content/es/pages/privacy-policy-mobile.md \
+   && sed -E -e 's/^layout:(.*)$/layout: mobile-app/' \
+     -e 's/^url:(.*)$/url: \/tos-mobile-app\//' \
+     -e 's/^canonical:(.*)$/canonical: \/tos\//' \
+   ./src/content/es/pages/terms-of-service.md > ./src/content/es/pages/terms-of-service-mobile.md 
 
 RUN hugo -s ./src -b ${BASE_URL} --environment $ENV -d /opt/build/public
 
 FROM nginx:1.18
 
 COPY ./nginx.conf /etc/nginx/conf.d/default.conf
-COPY --from=builder /opt/build/public /var/www/static
\ No newline at end of file
+COPY --from=builder /opt/build/public /var/www/static
diff --git a/src/config/_default/config.toml b/src/config/_default/config.toml
index 3fae752c0..89e3436a2 100644
--- a/src/config/_default/config.toml
+++ b/src/config/_default/config.toml
@@ -4,7 +4,9 @@ title = "IVPN"
 theme = "ivpn-v3"
 paginate = 8
 summaryLength = 35
-disableKinds = ["sitemap", "taxonomyTerm"]
+disableKinds = ["sitemap", "taxonomy"]
+defaultContentLanguage = 'en'
+defaultContentLanguageInSubdir = true
 
 [markup.goldmark.renderer]
     unsafe= true
@@ -44,180 +46,4 @@ disableKinds = ["sitemap", "taxonomyTerm"]
   [[related.indices]]
   name  = "date"
   weight = 60
-  pattern = "200601"
-
-[menu]
-  [[menu.main]]
-    identifier = "team"
-    name = "Team"
-    url = "/team/"
-    weight = 10
-
-  [[menu.main]]
-    identifier = "ethics"
-    name = "Ethics"
-    url = "/ethics/"
-    weight = 20
-  
-  [[menu.main]]
-    identifier = "privacy"
-    name = "Privacy"
-    url = "/privacy/"
-    weight = 30
-
-  [[menu.main]]
-    identifier = "blog"
-    name = "Blog"
-    url = "/blog/"
-    weight = 40
-
-  [[menu.main]]
-    identifier = "prices"
-    name = "Pricing"
-    url = "/pricing/"
-    weight = 45
-
-
-  [[menu.main]]
-    identifier = "download"
-    name = "Apps"
-    url = "/apps/"
-    weight = 50
-
-  [[menu.main]]
-    identifier = "guides"
-    name = "Guides"
-    url = "/privacy-guides/"
-    weight = 60
-
-  [[menu.main]]
-    identifier = "help"
-    name = "Help"
-    url = "/knowledgebase/general/"
-    weight = 70
-
-  [[menu.footercolone]]
-    identifier = "generate-account"
-    name = "Generate Account"
-    url = "/signup/"
-    weight = 5
-
-  [[menu.footercolone]]
-    identifier = "light"
-    name = "IVPN Light"
-    url = "/light/"
-    weight = 5
-
-  [[menu.footercolone]]
-    identifier = "wireguard"
-    name = "WireGuard® VPN"
-    url = "/wireguard/"
-    weight = 10
-  
-  [[menu.footercolone]]
-    identifier = "antitracker"
-    name = "AntiTracker"
-    url = "/antitracker/"
-    weight = 20
-
-  [[menu.footercolone]]
-    identifier = "what-is-a-vpn"
-    name = "What is a VPN"
-    url = "/what-is-a-vpn/"
-    weight = 40
-  
-  [[menu.footercolone]]
-    identifier = "pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard"
-    name = "Protocol Comparison"
-    url = "/pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard/"
-    weight = 70
-
-  [[menu.footercoltwo]]
-    identifier = "manifesto"
-    name = "Our Manifesto"
-    url = "/manifesto/"
-    weight = 10
-
-  [[menu.footercoltwo]]
-    identifier = "status"
-    name = "Servers"
-    url = "/status/"
-    weight = 20
-
-  [[menu.footercoltwo]]
-    identifier = "transparency-report"
-    name = "Transparency Report"
-    url = "/transparency-report/"
-    weight = 30
-
-  [[menu.footercoltwo]]
-    identifier = "canary"
-    name = "Warrant Canary"
-    url = "/resources/canary.txt"
-    weight = 40
-  
-  [[menu.footercoltwo]]
-    identifier = "supported-projects"
-    name = "Supported Projects"
-    url = "/supported-projects/"
-    weight = 50
-  
-  [[menu.footercolthree]]
-    identifier = "vulnerability-reporting"
-    name = "Report Vulnerability"
-    url = "/vulnerability-reporting/"
-    weight = 10
-
-  [[menu.footercolthree]]
-    identifier = "legal-process-guidelines"
-    name = "Legal Guidelines"
-    url = "/legal-process-guidelines/"
-    weight = 20
-  
-  [[menu.footercolthree]]
-    identifier = "tos"
-    name = "Terms of Service"
-    url = "/tos/"
-    weight = 30
-
-  [[menu.footercolthree]]
-    identifier = "privacy-policy"
-    name = "Privacy Policy"
-    url = "/privacy/"
-    weight = 50
-
-  [[menu.footercolthree]]
-    identifier = "refund-policy"
-    name = "Refund Policy"
-    url = "/refunds/"
-    weight = 60
-
-  [[menu.footercolfour]]
-    identifier = "contact"
-    name = "Contact us"
-    url = "/contactus/"
-    weight = 10
-
-  [[menu.footercolfour]]
-    identifier = "reddit"
-    name = "Reddit"
-    url = "https://www.reddit.com/r/IVPN/"
-    weight = 20
-
-  [[menu.footercolfour]]
-    identifier = "twitter"
-    name = "Twitter"
-    url = "https://twitter.com/ivpnnet"
-    weight = 30
-
-  [[menu.footercolfour]]
-    identifier = "github"
-    name = "GitHub"
-    url = "https://github.com/ivpn"
-    weight = 40
-  
-  [[menu.footercolfour]]
-    identifier = "mastodon"
-    name = "Mastodon"
-    url = "https://mastodon.social/@ivpn"
-    weight = 50
+  pattern = "200601"
\ No newline at end of file
diff --git a/src/config/_default/languages.toml b/src/config/_default/languages.toml
new file mode 100644
index 000000000..2a379adfd
--- /dev/null
+++ b/src/config/_default/languages.toml
@@ -0,0 +1,11 @@
+[en]
+contentDir = "content/en"
+languageName = "English"
+languageCode = "en"
+weight = 1
+
+[es]
+contentDir = "content/es"
+languageName = "Spanish"
+languageCode = "es"
+weight = 2
\ No newline at end of file
diff --git a/src/config/_default/menus/menus.en.toml b/src/config/_default/menus/menus.en.toml
new file mode 100644
index 000000000..867f91f60
--- /dev/null
+++ b/src/config/_default/menus/menus.en.toml
@@ -0,0 +1,174 @@
+[[main]]
+    identifier = "team"
+    name = "Team"
+    url = "/team/"
+    weight = 10
+
+  [[main]]
+    identifier = "ethics"
+    name = "Ethics"
+    url = "/ethics/"
+    weight = 20
+  
+  [[main]]
+    identifier = "privacy"
+    name = "Privacy"
+    url = "/privacy/"
+    weight = 30
+
+  [[main]]
+    identifier = "blog"
+    name = "Blog"
+    url = "/blog/"
+    weight = 40
+
+  [[main]]
+    identifier = "prices"
+    name = "Pricing"
+    url = "/pricing/"
+    weight = 45
+
+
+  [[main]]
+    identifier = "download"
+    name = "Apps"
+    url = "/apps/"
+    weight = 50
+
+  [[main]]
+    identifier = "guides"
+    name = "Guides"
+    url = "/privacy-guides/"
+    weight = 60
+
+  [[main]]
+    identifier = "help"
+    name = "Help"
+    url = "/knowledgebase/general/"
+    weight = 70
+
+  [[footercolone]]
+    identifier = "generate-account"
+    name = "Generate Account"
+    url = "/signup/"
+    weight = 5
+
+  [[footercolone]]
+    identifier = "light"
+    name = "IVPN Light"
+    url = "/light/"
+    weight = 5
+
+  [[footercolone]]
+    identifier = "wireguard"
+    name = "WireGuard® VPN"
+    url = "/wireguard/"
+    weight = 10
+  
+  [[footercolone]]
+    identifier = "antitracker"
+    name = "AntiTracker"
+    url = "/antitracker/"
+    weight = 20
+
+  [[footercolone]]
+    identifier = "what-is-a-vpn"
+    name = "What is a VPN"
+    url = "/what-is-a-vpn/"
+    weight = 40
+  
+  [[footercolone]]
+    identifier = "pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard"
+    name = "Protocol Comparison"
+    url = "/pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard/"
+    weight = 70
+
+  [[footercoltwo]]
+    identifier = "manifesto"
+    name = "Our Manifesto"
+    url = "/manifesto/"
+    weight = 10
+
+  [[footercoltwo]]
+    identifier = "status"
+    name = "Servers"
+    url = "/status/"
+    weight = 20
+
+  [[footercoltwo]]
+    identifier = "transparency-report"
+    name = "Transparency Report"
+    url = "/transparency-report/"
+    weight = 30
+
+  [[footercoltwo]]
+    identifier = "canary"
+    name = "Warrant Canary"
+    url = "/resources/canary.txt"
+    weight = 40
+  
+  [[footercoltwo]]
+    identifier = "supported-projects"
+    name = "Supported Projects"
+    url = "/supported-projects/"
+    weight = 50
+  
+  [[footercolthree]]
+    identifier = "vulnerability-reporting"
+    name = "Report Vulnerability"
+    url = "/vulnerability-reporting/"
+    weight = 10
+
+  [[footercolthree]]
+    identifier = "legal-process-guidelines"
+    name = "Legal Guidelines"
+    url = "/legal-process-guidelines/"
+    weight = 20
+  
+  [[footercolthree]]
+    identifier = "tos"
+    name = "Terms of Service"
+    url = "/tos/"
+    weight = 30
+
+  [[footercolthree]]
+    identifier = "privacy-policy"
+    name = "Privacy Policy"
+    url = "/privacy/"
+    weight = 50
+
+  [[footercolthree]]
+    identifier = "refund-policy"
+    name = "Refund Policy"
+    url = "/refunds/"
+    weight = 60
+
+  [[footercolfour]]
+    identifier = "contact"
+    name = "Contact us"
+    url = "/contactus/"
+    weight = 10
+
+  [[footercolfour]]
+    identifier = "reddit"
+    name = "Reddit"
+    url = "https://www.reddit.com/r/IVPN/"
+    weight = 20
+
+  [[footercolfour]]
+    identifier = "twitter"
+    name = "Twitter"
+    url = "https://twitter.com/ivpnnet"
+    weight = 30
+
+  [[footercolfour]]
+    identifier = "github"
+    name = "GitHub"
+    url = "https://github.com/ivpn"
+    weight = 40
+  
+  [[footercolfour]]
+    identifier = "mastodon"
+    name = "Mastodon"
+    url = "https://mastodon.social/@ivpn"
+    weight = 50
diff --git a/src/config/_default/menus/menus.es.toml b/src/config/_default/menus/menus.es.toml
new file mode 100644
index 000000000..3063192b1
--- /dev/null
+++ b/src/config/_default/menus/menus.es.toml
@@ -0,0 +1,174 @@
+[[main]]
+    identifier = "team"
+    name = "Equipo"
+    url = "/team/"
+    weight = 10
+
+  [[main]]
+    identifier = "ethics"
+    name = "Ética"
+    url = "/ethics/"
+    weight = 20
+  
+  [[main]]
+    identifier = "privacy"
+    name = "Privacidad"
+    url = "/privacy/"
+    weight = 30
+
+  [[main]]
+    identifier = "blog"
+    name = "Blog"
+    url = "/blog/"
+    weight = 40
+
+  [[main]]
+    identifier = "prices"
+    name = "Precio"
+    url = "/pricing/"
+    weight = 45
+
+
+  [[main]]
+    identifier = "download"
+    name = "Apps"
+    url = "/apps/"
+    weight = 50
+
+  [[main]]
+    identifier = "guides"
+    name = "Guías"
+    url = "/privacy-guides/"
+    weight = 60
+
+  [[main]]
+    identifier = "help"
+    name = "Ayuda"
+    url = "/knowledgebase/general/"
+    weight = 70
+
+  [[footercolone]]
+    identifier = "generate-account"
+    name = "Crear Cuenta"
+    url = "/signup/"
+    weight = 5
+
+  [[footercolone]]
+    identifier = "light"
+    name = "IVPN Light"
+    url = "/light/"
+    weight = 5
+
+  [[footercolone]]
+    identifier = "wireguard"
+    name = "WireGuard® VPN"
+    url = "/wireguard/"
+    weight = 10
+  
+  [[footercolone]]
+    identifier = "antitracker"
+    name = "AntiTracker"
+    url = "/antitracker/"
+    weight = 20
+
+  [[footercolone]]
+    identifier = "what-is-a-vpn"
+    name = "Qué es un VPN"
+    url = "/what-is-a-vpn/"
+    weight = 40
+  
+  [[footercolone]]
+    identifier = "pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard"
+    name = "Comparar Protocolos"
+    url = "/pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard/"
+    weight = 70
+
+  [[footercoltwo]]
+    identifier = "manifesto"
+    name = "Nuestro Manifiesto"
+    url = "/manifesto/"
+    weight = 10
+
+  [[footercoltwo]]
+    identifier = "status"
+    name = "Servidores"
+    url = "/status/"
+    weight = 20
+
+  [[footercoltwo]]
+    identifier = "transparency-report"
+    name = "Reporte de Transparencia"
+    url = "/transparency-report/"
+    weight = 30
+
+  [[footercoltwo]]
+    identifier = "canary"
+    name = "Warrant Canary"
+    url = "/resources/canary.txt"
+    weight = 40
+  
+  [[footercoltwo]]
+    identifier = "supported-projects"
+    name = "Proyectos Soportados"
+    url = "/supported-projects/"
+    weight = 50
+  
+  [[footercolthree]]
+    identifier = "vulnerability-reporting"
+    name = "Reporte de Vulnerabilidades"
+    url = "/vulnerability-reporting/"
+    weight = 10
+
+  [[footercolthree]]
+    identifier = "legal-process-guidelines"
+    name = "Guías Legales"
+    url = "/legal-process-guidelines/"
+    weight = 20
+  
+  [[footercolthree]]
+    identifier = "tos"
+    name = "Términos de Servicios"
+    url = "/tos/"
+    weight = 30
+
+  [[footercolthree]]
+    identifier = "privacy-policy"
+    name = "Política de Privacidad"
+    url = "/privacy/"
+    weight = 50
+
+  [[footercolthree]]
+    identifier = "refund-policy"
+    name = "Política de reembolso"
+    url = "/refunds/"
+    weight = 60
+
+  [[footercolfour]]
+    identifier = "contact"
+    name = "Contactar"
+    url = "/contactus/"
+    weight = 10
+
+  [[footercolfour]]
+    identifier = "reddit"
+    name = "Reddit"
+    url = "https://www.reddit.com/r/IVPN/"
+    weight = 20
+
+  [[footercolfour]]
+    identifier = "twitter"
+    name = "Twitter"
+    url = "https://twitter.com/ivpnnet"
+    weight = 30
+
+  [[footercolfour]]
+    identifier = "github"
+    name = "GitHub"
+    url = "https://github.com/ivpn"
+    weight = 40
+  
+  [[footercolfour]]
+    identifier = "mastodon"
+    name = "Mastodon"
+    url = "https://mastodon.social/@ivpn"
+    weight = 50
diff --git a/src/content/authors/alexandr-stelnykovych/_index.md b/src/content/en/authors/alexandr-stelnykovych/_index.md
similarity index 100%
rename from src/content/authors/alexandr-stelnykovych/_index.md
rename to src/content/en/authors/alexandr-stelnykovych/_index.md
diff --git a/src/content/authors/iain-douglas/_index.md b/src/content/en/authors/iain-douglas/_index.md
similarity index 100%
rename from src/content/authors/iain-douglas/_index.md
rename to src/content/en/authors/iain-douglas/_index.md
diff --git a/src/content/authors/juraj-hilje/_index.md b/src/content/en/authors/juraj-hilje/_index.md
similarity index 100%
rename from src/content/authors/juraj-hilje/_index.md
rename to src/content/en/authors/juraj-hilje/_index.md
diff --git a/src/content/authors/mirimir/_index.md b/src/content/en/authors/mirimir/_index.md
similarity index 100%
rename from src/content/authors/mirimir/_index.md
rename to src/content/en/authors/mirimir/_index.md
diff --git a/src/content/authors/nick-pestell/_index.md b/src/content/en/authors/nick-pestell/_index.md
similarity index 100%
rename from src/content/authors/nick-pestell/_index.md
rename to src/content/en/authors/nick-pestell/_index.md
diff --git a/src/content/authors/viktor-vecsei/_index.md b/src/content/en/authors/viktor-vecsei/_index.md
similarity index 100%
rename from src/content/authors/viktor-vecsei/_index.md
rename to src/content/en/authors/viktor-vecsei/_index.md
diff --git a/src/content/blog/2010-08-08-the-importance-of-privacy.md b/src/content/en/blog/2010-08-08-the-importance-of-privacy.md
similarity index 100%
rename from src/content/blog/2010-08-08-the-importance-of-privacy.md
rename to src/content/en/blog/2010-08-08-the-importance-of-privacy.md
diff --git a/src/content/blog/2010-09-22-the-right-to-privacy.md b/src/content/en/blog/2010-09-22-the-right-to-privacy.md
similarity index 100%
rename from src/content/blog/2010-09-22-the-right-to-privacy.md
rename to src/content/en/blog/2010-09-22-the-right-to-privacy.md
diff --git a/src/content/blog/2011-04-13-new-zealand-about-to-push-through-controversial-three-strikes-law.md b/src/content/en/blog/2011-04-13-new-zealand-about-to-push-through-controversial-three-strikes-law.md
similarity index 100%
rename from src/content/blog/2011-04-13-new-zealand-about-to-push-through-controversial-three-strikes-law.md
rename to src/content/en/blog/2011-04-13-new-zealand-about-to-push-through-controversial-three-strikes-law.md
diff --git a/src/content/blog/2011-06-27-fbi-gives-agents-ok-to-invade-privacy.md b/src/content/en/blog/2011-06-27-fbi-gives-agents-ok-to-invade-privacy.md
similarity index 100%
rename from src/content/blog/2011-06-27-fbi-gives-agents-ok-to-invade-privacy.md
rename to src/content/en/blog/2011-06-27-fbi-gives-agents-ok-to-invade-privacy.md
diff --git a/src/content/blog/2012-01-26-could-you-be-prosecuted-under-a-foreign-countrys-online-content-laws.md b/src/content/en/blog/2012-01-26-could-you-be-prosecuted-under-a-foreign-countrys-online-content-laws.md
similarity index 100%
rename from src/content/blog/2012-01-26-could-you-be-prosecuted-under-a-foreign-countrys-online-content-laws.md
rename to src/content/en/blog/2012-01-26-could-you-be-prosecuted-under-a-foreign-countrys-online-content-laws.md
diff --git a/src/content/blog/2012-02-01-government-bills-spy-on-individual-surfing-habits.md b/src/content/en/blog/2012-02-01-government-bills-spy-on-individual-surfing-habits.md
similarity index 100%
rename from src/content/blog/2012-02-01-government-bills-spy-on-individual-surfing-habits.md
rename to src/content/en/blog/2012-02-01-government-bills-spy-on-individual-surfing-habits.md
diff --git a/src/content/blog/2012-02-04-the-fbi-wants-to-criminalise-online-privacy.md b/src/content/en/blog/2012-02-04-the-fbi-wants-to-criminalise-online-privacy.md
similarity index 100%
rename from src/content/blog/2012-02-04-the-fbi-wants-to-criminalise-online-privacy.md
rename to src/content/en/blog/2012-02-04-the-fbi-wants-to-criminalise-online-privacy.md
diff --git a/src/content/blog/2012-02-11-europeans-rage-against-acta.md b/src/content/en/blog/2012-02-11-europeans-rage-against-acta.md
similarity index 100%
rename from src/content/blog/2012-02-11-europeans-rage-against-acta.md
rename to src/content/en/blog/2012-02-11-europeans-rage-against-acta.md
diff --git a/src/content/blog/2012-02-19-canadians-face-police-attack-on-online-privacy.md b/src/content/en/blog/2012-02-19-canadians-face-police-attack-on-online-privacy.md
similarity index 100%
rename from src/content/blog/2012-02-19-canadians-face-police-attack-on-online-privacy.md
rename to src/content/en/blog/2012-02-19-canadians-face-police-attack-on-online-privacy.md
diff --git a/src/content/blog/2012-02-19-google-caught-spying-on-safari-users.md b/src/content/en/blog/2012-02-19-google-caught-spying-on-safari-users.md
similarity index 100%
rename from src/content/blog/2012-02-19-google-caught-spying-on-safari-users.md
rename to src/content/en/blog/2012-02-19-google-caught-spying-on-safari-users.md
diff --git a/src/content/blog/2012-02-26-iranians-face-halal-internet.md b/src/content/en/blog/2012-02-26-iranians-face-halal-internet.md
similarity index 100%
rename from src/content/blog/2012-02-26-iranians-face-halal-internet.md
rename to src/content/en/blog/2012-02-26-iranians-face-halal-internet.md
diff --git a/src/content/blog/2012-03-03-ireland-passes-sopa-law.md b/src/content/en/blog/2012-03-03-ireland-passes-sopa-law.md
similarity index 100%
rename from src/content/blog/2012-03-03-ireland-passes-sopa-law.md
rename to src/content/en/blog/2012-03-03-ireland-passes-sopa-law.md
diff --git a/src/content/blog/2012-03-09-uk-isps-forced-to-spy-on-customers.md b/src/content/en/blog/2012-03-09-uk-isps-forced-to-spy-on-customers.md
similarity index 100%
rename from src/content/blog/2012-03-09-uk-isps-forced-to-spy-on-customers.md
rename to src/content/en/blog/2012-03-09-uk-isps-forced-to-spy-on-customers.md
diff --git a/src/content/blog/2012-03-15-internet-privacy-concerns-rise-as-debate-rages-over-ad-tracking-regulation.md b/src/content/en/blog/2012-03-15-internet-privacy-concerns-rise-as-debate-rages-over-ad-tracking-regulation.md
similarity index 100%
rename from src/content/blog/2012-03-15-internet-privacy-concerns-rise-as-debate-rages-over-ad-tracking-regulation.md
rename to src/content/en/blog/2012-03-15-internet-privacy-concerns-rise-as-debate-rages-over-ad-tracking-regulation.md
diff --git a/src/content/blog/2012-03-26-top-five-ways-to-protect-your-online-privacy.md b/src/content/en/blog/2012-03-26-top-five-ways-to-protect-your-online-privacy.md
similarity index 100%
rename from src/content/blog/2012-03-26-top-five-ways-to-protect-your-online-privacy.md
rename to src/content/en/blog/2012-03-26-top-five-ways-to-protect-your-online-privacy.md
diff --git a/src/content/blog/2012-04-02-can-duckduckgo-kill-google.md b/src/content/en/blog/2012-04-02-can-duckduckgo-kill-google.md
similarity index 100%
rename from src/content/blog/2012-04-02-can-duckduckgo-kill-google.md
rename to src/content/en/blog/2012-04-02-can-duckduckgo-kill-google.md
diff --git a/src/content/blog/2012-04-06-uk-online-spying-law-how-to-resist.md b/src/content/en/blog/2012-04-06-uk-online-spying-law-how-to-resist.md
similarity index 100%
rename from src/content/blog/2012-04-06-uk-online-spying-law-how-to-resist.md
rename to src/content/en/blog/2012-04-06-uk-online-spying-law-how-to-resist.md
diff --git a/src/content/blog/2012-04-14-cispa-more-of-a-threat-to-online-privacy-than-sopa.md b/src/content/en/blog/2012-04-14-cispa-more-of-a-threat-to-online-privacy-than-sopa.md
similarity index 100%
rename from src/content/blog/2012-04-14-cispa-more-of-a-threat-to-online-privacy-than-sopa.md
rename to src/content/en/blog/2012-04-14-cispa-more-of-a-threat-to-online-privacy-than-sopa.md
diff --git a/src/content/blog/2012-04-24-a-quick-guide-to-current-online-privacy-threats.md b/src/content/en/blog/2012-04-24-a-quick-guide-to-current-online-privacy-threats.md
similarity index 100%
rename from src/content/blog/2012-04-24-a-quick-guide-to-current-online-privacy-threats.md
rename to src/content/en/blog/2012-04-24-a-quick-guide-to-current-online-privacy-threats.md
diff --git a/src/content/blog/2012-04-27-cispa-danger-esclates-as-bill-receives-approval.md b/src/content/en/blog/2012-04-27-cispa-danger-esclates-as-bill-receives-approval.md
similarity index 100%
rename from src/content/blog/2012-04-27-cispa-danger-esclates-as-bill-receives-approval.md
rename to src/content/en/blog/2012-04-27-cispa-danger-esclates-as-bill-receives-approval.md
diff --git a/src/content/blog/2012-05-07-americas-most-dangerous-anti-online-privacy-politicians.md b/src/content/en/blog/2012-05-07-americas-most-dangerous-anti-online-privacy-politicians.md
similarity index 100%
rename from src/content/blog/2012-05-07-americas-most-dangerous-anti-online-privacy-politicians.md
rename to src/content/en/blog/2012-05-07-americas-most-dangerous-anti-online-privacy-politicians.md
diff --git a/src/content/blog/2012-05-16-when-it-comes-to-online-privacy-the-uk-is-already-screwed.md b/src/content/en/blog/2012-05-16-when-it-comes-to-online-privacy-the-uk-is-already-screwed.md
similarity index 100%
rename from src/content/blog/2012-05-16-when-it-comes-to-online-privacy-the-uk-is-already-screwed.md
rename to src/content/en/blog/2012-05-16-when-it-comes-to-online-privacy-the-uk-is-already-screwed.md
diff --git a/src/content/blog/2012-05-26-nations-or-corporations-who-poses-the-biggest-threat-to-online-privacy.md b/src/content/en/blog/2012-05-26-nations-or-corporations-who-poses-the-biggest-threat-to-online-privacy.md
similarity index 100%
rename from src/content/blog/2012-05-26-nations-or-corporations-who-poses-the-biggest-threat-to-online-privacy.md
rename to src/content/en/blog/2012-05-26-nations-or-corporations-who-poses-the-biggest-threat-to-online-privacy.md
diff --git a/src/content/blog/2012-06-08-when-law-enforcement-knocks-on-a-vpns-door-what-happens.md b/src/content/en/blog/2012-06-08-when-law-enforcement-knocks-on-a-vpns-door-what-happens.md
similarity index 100%
rename from src/content/blog/2012-06-08-when-law-enforcement-knocks-on-a-vpns-door-what-happens.md
rename to src/content/en/blog/2012-06-08-when-law-enforcement-knocks-on-a-vpns-door-what-happens.md
diff --git a/src/content/blog/2012-06-19-the-uks-political-parties-dont-care-about-online-privacy.md b/src/content/en/blog/2012-06-19-the-uks-political-parties-dont-care-about-online-privacy.md
similarity index 100%
rename from src/content/blog/2012-06-19-the-uks-political-parties-dont-care-about-online-privacy.md
rename to src/content/en/blog/2012-06-19-the-uks-political-parties-dont-care-about-online-privacy.md
diff --git a/src/content/blog/2012-06-27-governments-and-online-privacy-who-are-the-worst-offenders.md b/src/content/en/blog/2012-06-27-governments-and-online-privacy-who-are-the-worst-offenders.md
similarity index 100%
rename from src/content/blog/2012-06-27-governments-and-online-privacy-who-are-the-worst-offenders.md
rename to src/content/en/blog/2012-06-27-governments-and-online-privacy-who-are-the-worst-offenders.md
diff --git a/src/content/blog/2012-07-02-status-update-current-threats-to-online-privacy.md b/src/content/en/blog/2012-07-02-status-update-current-threats-to-online-privacy.md
similarity index 100%
rename from src/content/blog/2012-07-02-status-update-current-threats-to-online-privacy.md
rename to src/content/en/blog/2012-07-02-status-update-current-threats-to-online-privacy.md
diff --git a/src/content/blog/2012-07-12-acta-and-sopa-back-from-the-dead.md b/src/content/en/blog/2012-07-12-acta-and-sopa-back-from-the-dead.md
similarity index 100%
rename from src/content/blog/2012-07-12-acta-and-sopa-back-from-the-dead.md
rename to src/content/en/blog/2012-07-12-acta-and-sopa-back-from-the-dead.md
diff --git a/src/content/blog/2012-07-18-top-five-worst-online-privacy-breaches.md b/src/content/en/blog/2012-07-18-top-five-worst-online-privacy-breaches.md
similarity index 100%
rename from src/content/blog/2012-07-18-top-five-worst-online-privacy-breaches.md
rename to src/content/en/blog/2012-07-18-top-five-worst-online-privacy-breaches.md
diff --git a/src/content/blog/2012-07-25-protecting-your-online-privacy-on-a-smartphone.md b/src/content/en/blog/2012-07-25-protecting-your-online-privacy-on-a-smartphone.md
similarity index 100%
rename from src/content/blog/2012-07-25-protecting-your-online-privacy-on-a-smartphone.md
rename to src/content/en/blog/2012-07-25-protecting-your-online-privacy-on-a-smartphone.md
diff --git a/src/content/blog/2012-08-02-australia-prepares-for-new-online-privacy-fight.md b/src/content/en/blog/2012-08-02-australia-prepares-for-new-online-privacy-fight.md
similarity index 100%
rename from src/content/blog/2012-08-02-australia-prepares-for-new-online-privacy-fight.md
rename to src/content/en/blog/2012-08-02-australia-prepares-for-new-online-privacy-fight.md
diff --git a/src/content/blog/2012-08-08-germany-the-biggest-defender-of-online-privacy.md b/src/content/en/blog/2012-08-08-germany-the-biggest-defender-of-online-privacy.md
similarity index 100%
rename from src/content/blog/2012-08-08-germany-the-biggest-defender-of-online-privacy.md
rename to src/content/en/blog/2012-08-08-germany-the-biggest-defender-of-online-privacy.md
diff --git a/src/content/blog/2012-08-17-google-can-never-be-trusted-to-protect-your-privacy.md b/src/content/en/blog/2012-08-17-google-can-never-be-trusted-to-protect-your-privacy.md
similarity index 100%
rename from src/content/blog/2012-08-17-google-can-never-be-trusted-to-protect-your-privacy.md
rename to src/content/en/blog/2012-08-17-google-can-never-be-trusted-to-protect-your-privacy.md
diff --git a/src/content/blog/2012-08-24-android-is-a-trojan-horse-just-follow-the-money.md b/src/content/en/blog/2012-08-24-android-is-a-trojan-horse-just-follow-the-money.md
similarity index 100%
rename from src/content/blog/2012-08-24-android-is-a-trojan-horse-just-follow-the-money.md
rename to src/content/en/blog/2012-08-24-android-is-a-trojan-horse-just-follow-the-money.md
diff --git a/src/content/blog/2012-08-29-trans-pacific-partnership-sopa-through-the-back-door.md b/src/content/en/blog/2012-08-29-trans-pacific-partnership-sopa-through-the-back-door.md
similarity index 100%
rename from src/content/blog/2012-08-29-trans-pacific-partnership-sopa-through-the-back-door.md
rename to src/content/en/blog/2012-08-29-trans-pacific-partnership-sopa-through-the-back-door.md
diff --git a/src/content/blog/2012-09-04-only-three-days-left-to-protest-uk-porn-filter.md b/src/content/en/blog/2012-09-04-only-three-days-left-to-protest-uk-porn-filter.md
similarity index 100%
rename from src/content/blog/2012-09-04-only-three-days-left-to-protest-uk-porn-filter.md
rename to src/content/en/blog/2012-09-04-only-three-days-left-to-protest-uk-porn-filter.md
diff --git a/src/content/blog/2012-09-12-congress-to-vote-on-secret-spying-act-today.md b/src/content/en/blog/2012-09-12-congress-to-vote-on-secret-spying-act-today.md
similarity index 100%
rename from src/content/blog/2012-09-12-congress-to-vote-on-secret-spying-act-today.md
rename to src/content/en/blog/2012-09-12-congress-to-vote-on-secret-spying-act-today.md
diff --git a/src/content/blog/2012-09-22-the-internet-association-a-rogues-gallery-of-online-privacy-violators.md b/src/content/en/blog/2012-09-22-the-internet-association-a-rogues-gallery-of-online-privacy-violators.md
similarity index 100%
rename from src/content/blog/2012-09-22-the-internet-association-a-rogues-gallery-of-online-privacy-violators.md
rename to src/content/en/blog/2012-09-22-the-internet-association-a-rogues-gallery-of-online-privacy-violators.md
diff --git a/src/content/blog/2012-09-29-will-privacy-concerns-limit-facebooks-growth.md b/src/content/en/blog/2012-09-29-will-privacy-concerns-limit-facebooks-growth.md
similarity index 100%
rename from src/content/blog/2012-09-29-will-privacy-concerns-limit-facebooks-growth.md
rename to src/content/en/blog/2012-09-29-will-privacy-concerns-limit-facebooks-growth.md
diff --git a/src/content/blog/2012-10-05-australian-data-retention-debate-heats-up.md b/src/content/en/blog/2012-10-05-australian-data-retention-debate-heats-up.md
similarity index 100%
rename from src/content/blog/2012-10-05-australian-data-retention-debate-heats-up.md
rename to src/content/en/blog/2012-10-05-australian-data-retention-debate-heats-up.md
diff --git a/src/content/blog/2012-10-13-top-5-online-privacy-misconceptions.md b/src/content/en/blog/2012-10-13-top-5-online-privacy-misconceptions.md
similarity index 100%
rename from src/content/blog/2012-10-13-top-5-online-privacy-misconceptions.md
rename to src/content/en/blog/2012-10-13-top-5-online-privacy-misconceptions.md
diff --git a/src/content/blog/2012-10-18-google-under-pressure-to-change-privacy-policy.md b/src/content/en/blog/2012-10-18-google-under-pressure-to-change-privacy-policy.md
similarity index 100%
rename from src/content/blog/2012-10-18-google-under-pressure-to-change-privacy-policy.md
rename to src/content/en/blog/2012-10-18-google-under-pressure-to-change-privacy-policy.md
diff --git a/src/content/blog/2012-10-28-top-five-free-online-privacy-tools.md b/src/content/en/blog/2012-10-28-top-five-free-online-privacy-tools.md
similarity index 100%
rename from src/content/blog/2012-10-28-top-five-free-online-privacy-tools.md
rename to src/content/en/blog/2012-10-28-top-five-free-online-privacy-tools.md
diff --git a/src/content/blog/2012-11-03-71-of-brits-dont-trust-governments-new-cyber-security-bill.md b/src/content/en/blog/2012-11-03-71-of-brits-dont-trust-governments-new-cyber-security-bill.md
similarity index 100%
rename from src/content/blog/2012-11-03-71-of-brits-dont-trust-governments-new-cyber-security-bill.md
rename to src/content/en/blog/2012-11-03-71-of-brits-dont-trust-governments-new-cyber-security-bill.md
diff --git a/src/content/blog/2012-11-09-want-to-know-how-much-your-personal-data-is-really-worth.md b/src/content/en/blog/2012-11-09-want-to-know-how-much-your-personal-data-is-really-worth.md
similarity index 100%
rename from src/content/blog/2012-11-09-want-to-know-how-much-your-personal-data-is-really-worth.md
rename to src/content/en/blog/2012-11-09-want-to-know-how-much-your-personal-data-is-really-worth.md
diff --git a/src/content/blog/2012-11-19-uk-online-communications-crackdown-a-brief-round-up.md b/src/content/en/blog/2012-11-19-uk-online-communications-crackdown-a-brief-round-up.md
similarity index 100%
rename from src/content/blog/2012-11-19-uk-online-communications-crackdown-a-brief-round-up.md
rename to src/content/en/blog/2012-11-19-uk-online-communications-crackdown-a-brief-round-up.md
diff --git a/src/content/blog/2012-11-25-europeans-more-concerned-about-online-privacy-than-canadians.md b/src/content/en/blog/2012-11-25-europeans-more-concerned-about-online-privacy-than-canadians.md
similarity index 100%
rename from src/content/blog/2012-11-25-europeans-more-concerned-about-online-privacy-than-canadians.md
rename to src/content/en/blog/2012-11-25-europeans-more-concerned-about-online-privacy-than-canadians.md
diff --git a/src/content/blog/2012-12-03-oppose-the-uks-spying-bill-youre-siding-with-paedophiles.md b/src/content/en/blog/2012-12-03-oppose-the-uks-spying-bill-youre-siding-with-paedophiles.md
similarity index 100%
rename from src/content/blog/2012-12-03-oppose-the-uks-spying-bill-youre-siding-with-paedophiles.md
rename to src/content/en/blog/2012-12-03-oppose-the-uks-spying-bill-youre-siding-with-paedophiles.md
diff --git a/src/content/blog/2012-12-07-uk-public-data-under-threat-from-us-patriot-act.md b/src/content/en/blog/2012-12-07-uk-public-data-under-threat-from-us-patriot-act.md
similarity index 100%
rename from src/content/blog/2012-12-07-uk-public-data-under-threat-from-us-patriot-act.md
rename to src/content/en/blog/2012-12-07-uk-public-data-under-threat-from-us-patriot-act.md
diff --git a/src/content/blog/2012-12-13-160-million-people-affected-by-data-breaches-in-2012.md b/src/content/en/blog/2012-12-13-160-million-people-affected-by-data-breaches-in-2012.md
similarity index 100%
rename from src/content/blog/2012-12-13-160-million-people-affected-by-data-breaches-in-2012.md
rename to src/content/en/blog/2012-12-13-160-million-people-affected-by-data-breaches-in-2012.md
diff --git a/src/content/blog/2012-12-20-us-boosts-child-online-privacy-law-but-facebook-gets-off-the-hook.md b/src/content/en/blog/2012-12-20-us-boosts-child-online-privacy-law-but-facebook-gets-off-the-hook.md
similarity index 100%
rename from src/content/blog/2012-12-20-us-boosts-child-online-privacy-law-but-facebook-gets-off-the-hook.md
rename to src/content/en/blog/2012-12-20-us-boosts-child-online-privacy-law-but-facebook-gets-off-the-hook.md
diff --git a/src/content/blog/2012-12-26-top-5-online-privacy-trends-in-2013.md b/src/content/en/blog/2012-12-26-top-5-online-privacy-trends-in-2013.md
similarity index 100%
rename from src/content/blog/2012-12-26-top-5-online-privacy-trends-in-2013.md
rename to src/content/en/blog/2012-12-26-top-5-online-privacy-trends-in-2013.md
diff --git a/src/content/blog/2013-01-21-the-uks-top-5-anti-online-privacy-politicans.md b/src/content/en/blog/2013-01-21-the-uks-top-5-anti-online-privacy-politicans.md
similarity index 100%
rename from src/content/blog/2013-01-21-the-uks-top-5-anti-online-privacy-politicans.md
rename to src/content/en/blog/2013-01-21-the-uks-top-5-anti-online-privacy-politicans.md
diff --git a/src/content/blog/2013-02-08-the-five-biggest-threats-to-global-online-privacy.md b/src/content/en/blog/2013-02-08-the-five-biggest-threats-to-global-online-privacy.md
similarity index 100%
rename from src/content/blog/2013-02-08-the-five-biggest-threats-to-global-online-privacy.md
rename to src/content/en/blog/2013-02-08-the-five-biggest-threats-to-global-online-privacy.md
diff --git a/src/content/blog/2013-04-01-european-parliament-eu-surveillance-programmes-are-incompatible-with-the-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md b/src/content/en/blog/2013-04-01-european-parliament-eu-surveillance-programmes-are-incompatible-with-the-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md
similarity index 100%
rename from src/content/blog/2013-04-01-european-parliament-eu-surveillance-programmes-are-incompatible-with-the-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md
rename to src/content/en/blog/2013-04-01-european-parliament-eu-surveillance-programmes-are-incompatible-with-the-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md
diff --git a/src/content/blog/2013-04-01-top-five-defenders-of-online-privacy.md b/src/content/en/blog/2013-04-01-top-five-defenders-of-online-privacy.md
similarity index 100%
rename from src/content/blog/2013-04-01-top-five-defenders-of-online-privacy.md
rename to src/content/en/blog/2013-04-01-top-five-defenders-of-online-privacy.md
diff --git a/src/content/blog/2013-04-14-facebook-vs-google-the-loser-is-your-privacy.md b/src/content/en/blog/2013-04-14-facebook-vs-google-the-loser-is-your-privacy.md
similarity index 100%
rename from src/content/blog/2013-04-14-facebook-vs-google-the-loser-is-your-privacy.md
rename to src/content/en/blog/2013-04-14-facebook-vs-google-the-loser-is-your-privacy.md
diff --git a/src/content/blog/2013-04-18-is-cispa-a-threat-to-vpn-users.md b/src/content/en/blog/2013-04-18-is-cispa-a-threat-to-vpn-users.md
similarity index 100%
rename from src/content/blog/2013-04-18-is-cispa-a-threat-to-vpn-users.md
rename to src/content/en/blog/2013-04-18-is-cispa-a-threat-to-vpn-users.md
diff --git a/src/content/blog/2013-05-08-apple-vs-google-who-better-protects-your-privacy.md b/src/content/en/blog/2013-05-08-apple-vs-google-who-better-protects-your-privacy.md
similarity index 100%
rename from src/content/blog/2013-05-08-apple-vs-google-who-better-protects-your-privacy.md
rename to src/content/en/blog/2013-05-08-apple-vs-google-who-better-protects-your-privacy.md
diff --git a/src/content/blog/2013-05-17-the-online-privacy-debate-understanding-the-basics.md b/src/content/en/blog/2013-05-17-the-online-privacy-debate-understanding-the-basics.md
similarity index 100%
rename from src/content/blog/2013-05-17-the-online-privacy-debate-understanding-the-basics.md
rename to src/content/en/blog/2013-05-17-the-online-privacy-debate-understanding-the-basics.md
diff --git a/src/content/blog/2013-05-29-introducing-ivpns-new-privacy-guides.md b/src/content/en/blog/2013-05-29-introducing-ivpns-new-privacy-guides.md
similarity index 100%
rename from src/content/blog/2013-05-29-introducing-ivpns-new-privacy-guides.md
rename to src/content/en/blog/2013-05-29-introducing-ivpns-new-privacy-guides.md
diff --git a/src/content/blog/2013-06-06-vpn-privacy-policies-decoded-hide-my-ass.md b/src/content/en/blog/2013-06-06-vpn-privacy-policies-decoded-hide-my-ass.md
similarity index 100%
rename from src/content/blog/2013-06-06-vpn-privacy-policies-decoded-hide-my-ass.md
rename to src/content/en/blog/2013-06-06-vpn-privacy-policies-decoded-hide-my-ass.md
diff --git a/src/content/blog/2013-06-06-vpn-privacy-policies-decoded.md b/src/content/en/blog/2013-06-06-vpn-privacy-policies-decoded.md
similarity index 100%
rename from src/content/blog/2013-06-06-vpn-privacy-policies-decoded.md
rename to src/content/en/blog/2013-06-06-vpn-privacy-policies-decoded.md
diff --git a/src/content/blog/2013-06-07-prism-the-us-government-is-attacking-the-entire-global-online-community.md b/src/content/en/blog/2013-06-07-prism-the-us-government-is-attacking-the-entire-global-online-community.md
similarity index 100%
rename from src/content/blog/2013-06-07-prism-the-us-government-is-attacking-the-entire-global-online-community.md
rename to src/content/en/blog/2013-06-07-prism-the-us-government-is-attacking-the-entire-global-online-community.md
diff --git a/src/content/blog/2013-06-14-vpn-privacy-policies-decoded-strongvpn.md b/src/content/en/blog/2013-06-14-vpn-privacy-policies-decoded-strongvpn.md
similarity index 100%
rename from src/content/blog/2013-06-14-vpn-privacy-policies-decoded-strongvpn.md
rename to src/content/en/blog/2013-06-14-vpn-privacy-policies-decoded-strongvpn.md
diff --git a/src/content/blog/2013-06-21-vpn-privacy-policies-decoded-airvpn.md b/src/content/en/blog/2013-06-21-vpn-privacy-policies-decoded-airvpn.md
similarity index 100%
rename from src/content/blog/2013-06-21-vpn-privacy-policies-decoded-airvpn.md
rename to src/content/en/blog/2013-06-21-vpn-privacy-policies-decoded-airvpn.md
diff --git a/src/content/blog/2013-06-28-vpn-privacy-policies-decoded-witopia.md b/src/content/en/blog/2013-06-28-vpn-privacy-policies-decoded-witopia.md
similarity index 100%
rename from src/content/blog/2013-06-28-vpn-privacy-policies-decoded-witopia.md
rename to src/content/en/blog/2013-06-28-vpn-privacy-policies-decoded-witopia.md
diff --git a/src/content/blog/2013-07-07-global-privacy-poll-germans-least-concerned-about-online-privacy.md b/src/content/en/blog/2013-07-07-global-privacy-poll-germans-least-concerned-about-online-privacy.md
similarity index 100%
rename from src/content/blog/2013-07-07-global-privacy-poll-germans-least-concerned-about-online-privacy.md
rename to src/content/en/blog/2013-07-07-global-privacy-poll-germans-least-concerned-about-online-privacy.md
diff --git a/src/content/blog/2013-07-19-uk-gov-publishes-whitewash-investigation-into-prism.md b/src/content/en/blog/2013-07-19-uk-gov-publishes-whitewash-investigation-into-prism.md
similarity index 100%
rename from src/content/blog/2013-07-19-uk-gov-publishes-whitewash-investigation-into-prism.md
rename to src/content/en/blog/2013-07-19-uk-gov-publishes-whitewash-investigation-into-prism.md
diff --git a/src/content/blog/2013-07-28-vpn-privacy-policies-decoded-boxpn.md b/src/content/en/blog/2013-07-28-vpn-privacy-policies-decoded-boxpn.md
similarity index 100%
rename from src/content/blog/2013-07-28-vpn-privacy-policies-decoded-boxpn.md
rename to src/content/en/blog/2013-07-28-vpn-privacy-policies-decoded-boxpn.md
diff --git a/src/content/blog/2013-08-20-prism-is-the-biggest-influence-on-vpn-sign-ups.md b/src/content/en/blog/2013-08-20-prism-is-the-biggest-influence-on-vpn-sign-ups.md
similarity index 100%
rename from src/content/blog/2013-08-20-prism-is-the-biggest-influence-on-vpn-sign-ups.md
rename to src/content/en/blog/2013-08-20-prism-is-the-biggest-influence-on-vpn-sign-ups.md
diff --git a/src/content/blog/2013-09-18-the-onion-router-under-fire.md b/src/content/en/blog/2013-09-18-the-onion-router-under-fire.md
similarity index 100%
rename from src/content/blog/2013-09-18-the-onion-router-under-fire.md
rename to src/content/en/blog/2013-09-18-the-onion-router-under-fire.md
diff --git a/src/content/blog/2013-09-28-top-five-threats-to-online-privacy-2013.md b/src/content/en/blog/2013-09-28-top-five-threats-to-online-privacy-2013.md
similarity index 100%
rename from src/content/blog/2013-09-28-top-five-threats-to-online-privacy-2013.md
rename to src/content/en/blog/2013-09-28-top-five-threats-to-online-privacy-2013.md
diff --git a/src/content/blog/2013-10-23-vpn-privacy-policies-decoded-vyprvpn.md b/src/content/en/blog/2013-10-23-vpn-privacy-policies-decoded-vyprvpn.md
similarity index 100%
rename from src/content/blog/2013-10-23-vpn-privacy-policies-decoded-vyprvpn.md
rename to src/content/en/blog/2013-10-23-vpn-privacy-policies-decoded-vyprvpn.md
diff --git a/src/content/blog/2013-11-07-ivpn-launches-new-privacy-guides.md b/src/content/en/blog/2013-11-07-ivpn-launches-new-privacy-guides.md
similarity index 100%
rename from src/content/blog/2013-11-07-ivpn-launches-new-privacy-guides.md
rename to src/content/en/blog/2013-11-07-ivpn-launches-new-privacy-guides.md
diff --git a/src/content/blog/2013-11-15-european-parliament-eu-surveillance-programmes-are-incompatible-with-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md b/src/content/en/blog/2013-11-15-european-parliament-eu-surveillance-programmes-are-incompatible-with-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md
similarity index 100%
rename from src/content/blog/2013-11-15-european-parliament-eu-surveillance-programmes-are-incompatible-with-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md
rename to src/content/en/blog/2013-11-15-european-parliament-eu-surveillance-programmes-are-incompatible-with-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md
diff --git a/src/content/blog/2013-11-21-new-windows-vpn-client.md b/src/content/en/blog/2013-11-21-new-windows-vpn-client.md
similarity index 100%
rename from src/content/blog/2013-11-21-new-windows-vpn-client.md
rename to src/content/en/blog/2013-11-21-new-windows-vpn-client.md
diff --git a/src/content/blog/2013-11-30-five-reasons-uk-politicians-hate-internet.md b/src/content/en/blog/2013-11-30-five-reasons-uk-politicians-hate-internet.md
similarity index 100%
rename from src/content/blog/2013-11-30-five-reasons-uk-politicians-hate-internet.md
rename to src/content/en/blog/2013-11-30-five-reasons-uk-politicians-hate-internet.md
diff --git a/src/content/blog/2013-12-15-will-europeans-really-set-free-data-retention.md b/src/content/en/blog/2013-12-15-will-europeans-really-set-free-data-retention.md
similarity index 100%
rename from src/content/blog/2013-12-15-will-europeans-really-set-free-data-retention.md
rename to src/content/en/blog/2013-12-15-will-europeans-really-set-free-data-retention.md
diff --git a/src/content/blog/2013-12-24-concerned-online-privacy-heres-five-us-politicians-keep-eye-2014.md b/src/content/en/blog/2013-12-24-concerned-online-privacy-heres-five-us-politicians-keep-eye-2014.md
similarity index 100%
rename from src/content/blog/2013-12-24-concerned-online-privacy-heres-five-us-politicians-keep-eye-2014.md
rename to src/content/en/blog/2013-12-24-concerned-online-privacy-heres-five-us-politicians-keep-eye-2014.md
diff --git a/src/content/blog/2013-12-30-will-us-government-try-ban-vpns-2014.md b/src/content/en/blog/2013-12-30-will-us-government-try-ban-vpns-2014.md
similarity index 100%
rename from src/content/blog/2013-12-30-will-us-government-try-ban-vpns-2014.md
rename to src/content/en/blog/2013-12-30-will-us-government-try-ban-vpns-2014.md
diff --git a/src/content/blog/2014-01-14-dont-expect-googles-conscious-home-to-keep-things-private.md b/src/content/en/blog/2014-01-14-dont-expect-googles-conscious-home-to-keep-things-private.md
similarity index 100%
rename from src/content/blog/2014-01-14-dont-expect-googles-conscious-home-to-keep-things-private.md
rename to src/content/en/blog/2014-01-14-dont-expect-googles-conscious-home-to-keep-things-private.md
diff --git a/src/content/blog/2014-01-28-individuals-responsible-online-privacy-governments-says-survey.md b/src/content/en/blog/2014-01-28-individuals-responsible-online-privacy-governments-says-survey.md
similarity index 100%
rename from src/content/blog/2014-01-28-individuals-responsible-online-privacy-governments-says-survey.md
rename to src/content/en/blog/2014-01-28-individuals-responsible-online-privacy-governments-says-survey.md
diff --git a/src/content/blog/2014-04-10-heartbleed-passwords-change.md b/src/content/en/blog/2014-04-10-heartbleed-passwords-change.md
similarity index 100%
rename from src/content/blog/2014-04-10-heartbleed-passwords-change.md
rename to src/content/en/blog/2014-04-10-heartbleed-passwords-change.md
diff --git a/src/content/blog/2014-06-18-quick-guide-fcc-corruption-infographic.md b/src/content/en/blog/2014-06-18-quick-guide-fcc-corruption-infographic.md
similarity index 100%
rename from src/content/blog/2014-06-18-quick-guide-fcc-corruption-infographic.md
rename to src/content/en/blog/2014-06-18-quick-guide-fcc-corruption-infographic.md
diff --git a/src/content/blog/2014-07-15-uk-citizens-care-online-privacy-24-hours-two-simple-things.md b/src/content/en/blog/2014-07-15-uk-citizens-care-online-privacy-24-hours-two-simple-things.md
similarity index 100%
rename from src/content/blog/2014-07-15-uk-citizens-care-online-privacy-24-hours-two-simple-things.md
rename to src/content/en/blog/2014-07-15-uk-citizens-care-online-privacy-24-hours-two-simple-things.md
diff --git a/src/content/blog/2014-08-18-internet-censorship-around-the-world.md b/src/content/en/blog/2014-08-18-internet-censorship-around-the-world.md
similarity index 100%
rename from src/content/blog/2014-08-18-internet-censorship-around-the-world.md
rename to src/content/en/blog/2014-08-18-internet-censorship-around-the-world.md
diff --git a/src/content/blog/2014-09-09-americas-worst-anti-online-privacy-politicians.md b/src/content/en/blog/2014-09-09-americas-worst-anti-online-privacy-politicians.md
similarity index 100%
rename from src/content/blog/2014-09-09-americas-worst-anti-online-privacy-politicians.md
rename to src/content/en/blog/2014-09-09-americas-worst-anti-online-privacy-politicians.md
diff --git a/src/content/blog/2015-01-27-new-ivpn-client-v2-0-windows.md b/src/content/en/blog/2015-01-27-new-ivpn-client-v2-0-windows.md
similarity index 100%
rename from src/content/blog/2015-01-27-new-ivpn-client-v2-0-windows.md
rename to src/content/en/blog/2015-01-27-new-ivpn-client-v2-0-windows.md
diff --git a/src/content/blog/2015-05-26-scheduled-server-maintenance-june-2015.md b/src/content/en/blog/2015-05-26-scheduled-server-maintenance-june-2015.md
similarity index 100%
rename from src/content/blog/2015-05-26-scheduled-server-maintenance-june-2015.md
rename to src/content/en/blog/2015-05-26-scheduled-server-maintenance-june-2015.md
diff --git a/src/content/blog/2015-08-26-20-faster-windows-10-less-secure.md b/src/content/en/blog/2015-08-26-20-faster-windows-10-less-secure.md
similarity index 100%
rename from src/content/blog/2015-08-26-20-faster-windows-10-less-secure.md
rename to src/content/en/blog/2015-08-26-20-faster-windows-10-less-secure.md
diff --git a/src/content/blog/2015-10-28-port-forwarding-reservations-now-available.md b/src/content/en/blog/2015-10-28-port-forwarding-reservations-now-available.md
similarity index 100%
rename from src/content/blog/2015-10-28-port-forwarding-reservations-now-available.md
rename to src/content/en/blog/2015-10-28-port-forwarding-reservations-now-available.md
diff --git a/src/content/blog/2015-11-26-introducing-the-ivpn-client-v2-4-for-windows-osx.md b/src/content/en/blog/2015-11-26-introducing-the-ivpn-client-v2-4-for-windows-osx.md
similarity index 100%
rename from src/content/blog/2015-11-26-introducing-the-ivpn-client-v2-4-for-windows-osx.md
rename to src/content/en/blog/2015-11-26-introducing-the-ivpn-client-v2-4-for-windows-osx.md
diff --git a/src/content/blog/2015-11-26-multihop-v2-network-now-available.md b/src/content/en/blog/2015-11-26-multihop-v2-network-now-available.md
similarity index 100%
rename from src/content/blog/2015-11-26-multihop-v2-network-now-available.md
rename to src/content/en/blog/2015-11-26-multihop-v2-network-now-available.md
diff --git a/src/content/blog/2016-01-21-should-gibraltar-be-classified-as-a-member-of-the-five-eyes-alliance.md b/src/content/en/blog/2016-01-21-should-gibraltar-be-classified-as-a-member-of-the-five-eyes-alliance.md
similarity index 100%
rename from src/content/blog/2016-01-21-should-gibraltar-be-classified-as-a-member-of-the-five-eyes-alliance.md
rename to src/content/en/blog/2016-01-21-should-gibraltar-be-classified-as-a-member-of-the-five-eyes-alliance.md
diff --git a/src/content/blog/2016-09-23-closed-affiliate-program.md b/src/content/en/blog/2016-09-23-closed-affiliate-program.md
similarity index 100%
rename from src/content/blog/2016-09-23-closed-affiliate-program.md
rename to src/content/en/blog/2016-09-23-closed-affiliate-program.md
diff --git a/src/content/blog/2017-03-15-new-ivpn-app-ios.md b/src/content/en/blog/2017-03-15-new-ivpn-app-ios.md
similarity index 100%
rename from src/content/blog/2017-03-15-new-ivpn-app-ios.md
rename to src/content/en/blog/2017-03-15-new-ivpn-app-ios.md
diff --git a/src/content/blog/2017-07-14-are-anti-malware-products-uploading-your-private-data.md b/src/content/en/blog/2017-07-14-are-anti-malware-products-uploading-your-private-data.md
similarity index 100%
rename from src/content/blog/2017-07-14-are-anti-malware-products-uploading-your-private-data.md
rename to src/content/en/blog/2017-07-14-are-anti-malware-products-uploading-your-private-data.md
diff --git a/src/content/blog/2018-02-13-updated-desktop-apps-for-windows-and-macos.md b/src/content/en/blog/2018-02-13-updated-desktop-apps-for-windows-and-macos.md
similarity index 100%
rename from src/content/blog/2018-02-13-updated-desktop-apps-for-windows-and-macos.md
rename to src/content/en/blog/2018-02-13-updated-desktop-apps-for-windows-and-macos.md
diff --git a/src/content/blog/2018-03-15-collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties.md b/src/content/en/blog/2018-03-15-collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties.md
similarity index 100%
rename from src/content/blog/2018-03-15-collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties.md
rename to src/content/en/blog/2018-03-15-collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties.md
diff --git a/src/content/blog/2018-04-19-you-cant-always-get-what-you-want-the-eternal-conflict-between-lawful-access-and-privacy.md b/src/content/en/blog/2018-04-19-you-cant-always-get-what-you-want-the-eternal-conflict-between-lawful-access-and-privacy.md
similarity index 100%
rename from src/content/blog/2018-04-19-you-cant-always-get-what-you-want-the-eternal-conflict-between-lawful-access-and-privacy.md
rename to src/content/en/blog/2018-04-19-you-cant-always-get-what-you-want-the-eternal-conflict-between-lawful-access-and-privacy.md
diff --git a/src/content/blog/2018-07-23-new-trusted-wi-fi-networks-feature-for-ivpn-apps.md b/src/content/en/blog/2018-07-23-new-trusted-wi-fi-networks-feature-for-ivpn-apps.md
similarity index 100%
rename from src/content/blog/2018-07-23-new-trusted-wi-fi-networks-feature-for-ivpn-apps.md
rename to src/content/en/blog/2018-07-23-new-trusted-wi-fi-networks-feature-for-ivpn-apps.md
diff --git a/src/content/blog/2018-08-28-new-pause-vpn-feature-for-ivpn-apps.md b/src/content/en/blog/2018-08-28-new-pause-vpn-feature-for-ivpn-apps.md
similarity index 100%
rename from src/content/blog/2018-08-28-new-pause-vpn-feature-for-ivpn-apps.md
rename to src/content/en/blog/2018-08-28-new-pause-vpn-feature-for-ivpn-apps.md
diff --git a/src/content/blog/2018-12-11-introducing-wireguard-fully-automated.md b/src/content/en/blog/2018-12-11-introducing-wireguard-fully-automated.md
similarity index 100%
rename from src/content/blog/2018-12-11-introducing-wireguard-fully-automated.md
rename to src/content/en/blog/2018-12-11-introducing-wireguard-fully-automated.md
diff --git a/src/content/blog/2019-02-18-ivpn-is-now-a-tracking-free-provider.md b/src/content/en/blog/2019-02-18-ivpn-is-now-a-tracking-free-provider.md
similarity index 100%
rename from src/content/blog/2019-02-18-ivpn-is-now-a-tracking-free-provider.md
rename to src/content/en/blog/2019-02-18-ivpn-is-now-a-tracking-free-provider.md
diff --git a/src/content/blog/2019-03-21-ivpn-no-logging-claim-verified-by-independent-audit.md b/src/content/en/blog/2019-03-21-ivpn-no-logging-claim-verified-by-independent-audit.md
similarity index 100%
rename from src/content/blog/2019-03-21-ivpn-no-logging-claim-verified-by-independent-audit.md
rename to src/content/en/blog/2019-03-21-ivpn-no-logging-claim-verified-by-independent-audit.md
diff --git a/src/content/blog/2019-06-11-block-ads-and-beat-data-surveillance-with-ivpns-antitracker.md b/src/content/en/blog/2019-06-11-block-ads-and-beat-data-surveillance-with-ivpns-antitracker.md
similarity index 100%
rename from src/content/blog/2019-06-11-block-ads-and-beat-data-surveillance-with-ivpns-antitracker.md
rename to src/content/en/blog/2019-06-11-block-ads-and-beat-data-surveillance-with-ivpns-antitracker.md
diff --git a/src/content/blog/2019-07-11-windows-support-and-privacy-improvements-for-wireguard.md b/src/content/en/blog/2019-07-11-windows-support-and-privacy-improvements-for-wireguard.md
similarity index 100%
rename from src/content/blog/2019-07-11-windows-support-and-privacy-improvements-for-wireguard.md
rename to src/content/en/blog/2019-07-11-windows-support-and-privacy-improvements-for-wireguard.md
diff --git a/src/content/blog/2019-10-09-ivpn-to-undergo-extensive-security-audit.md b/src/content/en/blog/2019-10-09-ivpn-to-undergo-extensive-security-audit.md
similarity index 100%
rename from src/content/blog/2019-10-09-ivpn-to-undergo-extensive-security-audit.md
rename to src/content/en/blog/2019-10-09-ivpn-to-undergo-extensive-security-audit.md
diff --git a/src/content/blog/2019-11-29-introducing-a-new-ivpn-subscription-plan.md b/src/content/en/blog/2019-11-29-introducing-a-new-ivpn-subscription-plan.md
similarity index 100%
rename from src/content/blog/2019-11-29-introducing-a-new-ivpn-subscription-plan.md
rename to src/content/en/blog/2019-11-29-introducing-a-new-ivpn-subscription-plan.md
diff --git a/src/content/blog/2019-12-12-password-less-vpn-authentication.md b/src/content/en/blog/2019-12-12-password-less-vpn-authentication.md
similarity index 100%
rename from src/content/blog/2019-12-12-password-less-vpn-authentication.md
rename to src/content/en/blog/2019-12-12-password-less-vpn-authentication.md
diff --git a/src/content/blog/2020-01-23-independent-security-audit-concluded.md b/src/content/en/blog/2020-01-23-independent-security-audit-concluded.md
similarity index 100%
rename from src/content/blog/2020-01-23-independent-security-audit-concluded.md
rename to src/content/en/blog/2020-01-23-independent-security-audit-concluded.md
diff --git a/src/content/blog/2020-02-10-ivpn-applications-are-now-open-source.md b/src/content/en/blog/2020-02-10-ivpn-applications-are-now-open-source.md
similarity index 100%
rename from src/content/blog/2020-02-10-ivpn-applications-are-now-open-source.md
rename to src/content/en/blog/2020-02-10-ivpn-applications-are-now-open-source.md
diff --git a/src/content/blog/2020-04-06-ivpn-for-android-is-now-available-on-f-droid.md b/src/content/en/blog/2020-04-06-ivpn-for-android-is-now-available-on-f-droid.md
similarity index 100%
rename from src/content/blog/2020-04-06-ivpn-for-android-is-now-available-on-f-droid.md
rename to src/content/en/blog/2020-04-06-ivpn-for-android-is-now-available-on-f-droid.md
diff --git a/src/content/blog/2020-04-07-most-people-dont-need-a-commercial-vpn-to-work-from-home-securely.md b/src/content/en/blog/2020-04-07-most-people-dont-need-a-commercial-vpn-to-work-from-home-securely.md
similarity index 100%
rename from src/content/blog/2020-04-07-most-people-dont-need-a-commercial-vpn-to-work-from-home-securely.md
rename to src/content/en/blog/2020-04-07-most-people-dont-need-a-commercial-vpn-to-work-from-home-securely.md
diff --git a/src/content/blog/2020-04-22-beta-ivpn-linux-app-released.md b/src/content/en/blog/2020-04-22-beta-ivpn-linux-app-released.md
similarity index 100%
rename from src/content/blog/2020-04-22-beta-ivpn-linux-app-released.md
rename to src/content/en/blog/2020-04-22-beta-ivpn-linux-app-released.md
diff --git a/src/content/blog/2020-04-22-updating-the-ivpn-certificate-authority.md b/src/content/en/blog/2020-04-22-updating-the-ivpn-certificate-authority.md
similarity index 100%
rename from src/content/blog/2020-04-22-updating-the-ivpn-certificate-authority.md
rename to src/content/en/blog/2020-04-22-updating-the-ivpn-certificate-authority.md
diff --git a/src/content/blog/2022-01-31-ivpn-apps-on-all-platforms-to-undergo-security-audit.md b/src/content/en/blog/2022-01-31-ivpn-apps-on-all-platforms-to-undergo-security-audit.md
similarity index 100%
rename from src/content/blog/2022-01-31-ivpn-apps-on-all-platforms-to-undergo-security-audit.md
rename to src/content/en/blog/2022-01-31-ivpn-apps-on-all-platforms-to-undergo-security-audit.md
diff --git a/src/content/blog/2023-03-15-ivpn-infrastructure-audit-concluded.md b/src/content/en/blog/2023-03-15-ivpn-infrastructure-audit-concluded.md
similarity index 100%
rename from src/content/blog/2023-03-15-ivpn-infrastructure-audit-concluded.md
rename to src/content/en/blog/2023-03-15-ivpn-infrastructure-audit-concluded.md
diff --git a/src/content/blog/2023-06-29-gradual-removal-of-port-forwarding.md b/src/content/en/blog/2023-06-29-gradual-removal-of-port-forwarding.md
similarity index 100%
rename from src/content/blog/2023-06-29-gradual-removal-of-port-forwarding.md
rename to src/content/en/blog/2023-06-29-gradual-removal-of-port-forwarding.md
diff --git a/src/content/blog/2023-08-10-name-change-from-privatus-to-ivpn-limited.md b/src/content/en/blog/2023-08-10-name-change-from-privatus-to-ivpn-limited.md
similarity index 100%
rename from src/content/blog/2023-08-10-name-change-from-privatus-to-ivpn-limited.md
rename to src/content/en/blog/2023-08-10-name-change-from-privatus-to-ivpn-limited.md
diff --git a/src/content/blog/battery-life-apple-silicon-build-ivpn-app.md b/src/content/en/blog/battery-life-apple-silicon-build-ivpn-app.md
similarity index 100%
rename from src/content/blog/battery-life-apple-silicon-build-ivpn-app.md
rename to src/content/en/blog/battery-life-apple-silicon-build-ivpn-app.md
diff --git a/src/content/blog/better-tracker-blocking-controls-with-antitracker-plus.md b/src/content/en/blog/better-tracker-blocking-controls-with-antitracker-plus.md
similarity index 100%
rename from src/content/blog/better-tracker-blocking-controls-with-antitracker-plus.md
rename to src/content/en/blog/better-tracker-blocking-controls-with-antitracker-plus.md
diff --git a/src/content/blog/command-line-interface-for-ivpn-released.md b/src/content/en/blog/command-line-interface-for-ivpn-released.md
similarity index 100%
rename from src/content/blog/command-line-interface-for-ivpn-released.md
rename to src/content/en/blog/command-line-interface-for-ivpn-released.md
diff --git a/src/content/blog/device-management-for-better-control.md b/src/content/en/blog/device-management-for-better-control.md
similarity index 100%
rename from src/content/blog/device-management-for-better-control.md
rename to src/content/en/blog/device-management-for-better-control.md
diff --git a/src/content/blog/dns-over-https-doh-macos-linux-windows.md b/src/content/en/blog/dns-over-https-doh-macos-linux-windows.md
similarity index 100%
rename from src/content/blog/dns-over-https-doh-macos-linux-windows.md
rename to src/content/en/blog/dns-over-https-doh-macos-linux-windows.md
diff --git a/src/content/blog/extending-two-factor-authentication-to-ivpn-apps.md b/src/content/en/blog/extending-two-factor-authentication-to-ivpn-apps.md
similarity index 100%
rename from src/content/blog/extending-two-factor-authentication-to-ivpn-apps.md
rename to src/content/en/blog/extending-two-factor-authentication-to-ivpn-apps.md
diff --git a/src/content/blog/helping-people-decide-if-they-need-a-vpn-doineedavpn-launch.md b/src/content/en/blog/helping-people-decide-if-they-need-a-vpn-doineedavpn-launch.md
similarity index 100%
rename from src/content/blog/helping-people-decide-if-they-need-a-vpn-doineedavpn-launch.md
rename to src/content/en/blog/helping-people-decide-if-they-need-a-vpn-doineedavpn-launch.md
diff --git a/src/content/blog/in-support-of-ukraine.md b/src/content/en/blog/in-support-of-ukraine.md
similarity index 100%
rename from src/content/blog/in-support-of-ukraine.md
rename to src/content/en/blog/in-support-of-ukraine.md
diff --git a/src/content/blog/insights-about-apple-app-store-rules-for-vpn-apps.md b/src/content/en/blog/insights-about-apple-app-store-rules-for-vpn-apps.md
similarity index 100%
rename from src/content/blog/insights-about-apple-app-store-rules-for-vpn-apps.md
rename to src/content/en/blog/insights-about-apple-app-store-rules-for-vpn-apps.md
diff --git a/src/content/blog/introducing-a-redesigned-ivpn-for-android.md b/src/content/en/blog/introducing-a-redesigned-ivpn-for-android.md
similarity index 100%
rename from src/content/blog/introducing-a-redesigned-ivpn-for-android.md
rename to src/content/en/blog/introducing-a-redesigned-ivpn-for-android.md
diff --git a/src/content/blog/introducing-split-tunnelling-to-ivpn-for-windows.md b/src/content/en/blog/introducing-split-tunnelling-to-ivpn-for-windows.md
similarity index 100%
rename from src/content/blog/introducing-split-tunnelling-to-ivpn-for-windows.md
rename to src/content/en/blog/introducing-split-tunnelling-to-ivpn-for-windows.md
diff --git a/src/content/blog/ipv6-over-ipv4-available-for-testing.md b/src/content/en/blog/ipv6-over-ipv4-available-for-testing.md
similarity index 100%
rename from src/content/blog/ipv6-over-ipv4-available-for-testing.md
rename to src/content/en/blog/ipv6-over-ipv4-available-for-testing.md
diff --git a/src/content/blog/ivpn-apps-on-all-platforms-to-undergo-security-audit.md b/src/content/en/blog/ivpn-apps-on-all-platforms-to-undergo-security-audit.md
similarity index 100%
rename from src/content/blog/ivpn-apps-on-all-platforms-to-undergo-security-audit.md
rename to src/content/en/blog/ivpn-apps-on-all-platforms-to-undergo-security-audit.md
diff --git a/src/content/blog/ivpn-apps-security-audit-2022-concluded.md b/src/content/en/blog/ivpn-apps-security-audit-2022-concluded.md
similarity index 100%
rename from src/content/blog/ivpn-apps-security-audit-2022-concluded.md
rename to src/content/en/blog/ivpn-apps-security-audit-2022-concluded.md
diff --git a/src/content/blog/ivpn-apps-security-audit-concluded.md b/src/content/en/blog/ivpn-apps-security-audit-concluded.md
similarity index 100%
rename from src/content/blog/ivpn-apps-security-audit-concluded.md
rename to src/content/en/blog/ivpn-apps-security-audit-concluded.md
diff --git a/src/content/blog/ivpn-for-ios-now-offers-dns-over-https.md b/src/content/en/blog/ivpn-for-ios-now-offers-dns-over-https.md
similarity index 100%
rename from src/content/blog/ivpn-for-ios-now-offers-dns-over-https.md
rename to src/content/en/blog/ivpn-for-ios-now-offers-dns-over-https.md
diff --git a/src/content/blog/ivpn-infrastructure-fifth-audit-announcement.md b/src/content/en/blog/ivpn-infrastructure-fifth-audit-announcement.md
similarity index 100%
rename from src/content/blog/ivpn-infrastructure-fifth-audit-announcement.md
rename to src/content/en/blog/ivpn-infrastructure-fifth-audit-announcement.md
diff --git a/src/content/blog/ivpn-now-accepts-monero-payments-runs-full-node.md b/src/content/en/blog/ivpn-now-accepts-monero-payments-runs-full-node.md
similarity index 100%
rename from src/content/blog/ivpn-now-accepts-monero-payments-runs-full-node.md
rename to src/content/en/blog/ivpn-now-accepts-monero-payments-runs-full-node.md
diff --git a/src/content/blog/ivpn-preparing-sixth-security-audit.md b/src/content/en/blog/ivpn-preparing-sixth-security-audit.md
similarity index 100%
rename from src/content/blog/ivpn-preparing-sixth-security-audit.md
rename to src/content/en/blog/ivpn-preparing-sixth-security-audit.md
diff --git a/src/content/blog/ivpn-tunnelcrack-vulnerability-assessment.md b/src/content/en/blog/ivpn-tunnelcrack-vulnerability-assessment.md
similarity index 100%
rename from src/content/blog/ivpn-tunnelcrack-vulnerability-assessment.md
rename to src/content/en/blog/ivpn-tunnelcrack-vulnerability-assessment.md
diff --git a/src/content/blog/kill-switch-and-wireguard-multi-hop-added-to-ivpn-for-ios.md b/src/content/en/blog/kill-switch-and-wireguard-multi-hop-added-to-ivpn-for-ios.md
similarity index 100%
rename from src/content/blog/kill-switch-and-wireguard-multi-hop-added-to-ivpn-for-ios.md
rename to src/content/en/blog/kill-switch-and-wireguard-multi-hop-added-to-ivpn-for-ios.md
diff --git a/src/content/blog/kill-switch-changes-ivpn-android.md b/src/content/en/blog/kill-switch-changes-ivpn-android.md
similarity index 100%
rename from src/content/blog/kill-switch-changes-ivpn-android.md
rename to src/content/en/blog/kill-switch-changes-ivpn-android.md
diff --git a/src/content/blog/launch-ivpn-light-short-term-vpn-paid-btc-lightning.md b/src/content/en/blog/launch-ivpn-light-short-term-vpn-paid-btc-lightning.md
similarity index 100%
rename from src/content/blog/launch-ivpn-light-short-term-vpn-paid-btc-lightning.md
rename to src/content/en/blog/launch-ivpn-light-short-term-vpn-paid-btc-lightning.md
diff --git a/src/content/blog/misleading-promises-of-the-worlds-fastest-anonymous-military-grade-vpns.md b/src/content/en/blog/misleading-promises-of-the-worlds-fastest-anonymous-military-grade-vpns.md
similarity index 100%
rename from src/content/blog/misleading-promises-of-the-worlds-fastest-anonymous-military-grade-vpns.md
rename to src/content/en/blog/misleading-promises-of-the-worlds-fastest-anonymous-military-grade-vpns.md
diff --git a/src/content/blog/new-ivpn-apps-for-macos-and-windows.md b/src/content/en/blog/new-ivpn-apps-for-macos-and-windows.md
similarity index 100%
rename from src/content/blog/new-ivpn-apps-for-macos-and-windows.md
rename to src/content/en/blog/new-ivpn-apps-for-macos-and-windows.md
diff --git a/src/content/blog/new-ivpn-for-android-version-v2.4.0-with-bypass-vpn-and-mock-location-options.md b/src/content/en/blog/new-ivpn-for-android-version-v2.4.0-with-bypass-vpn-and-mock-location-options.md
similarity index 100%
rename from src/content/blog/new-ivpn-for-android-version-v2.4.0-with-bypass-vpn-and-mock-location-options.md
rename to src/content/en/blog/new-ivpn-for-android-version-v2.4.0-with-bypass-vpn-and-mock-location-options.md
diff --git a/src/content/blog/new-ivpn-linux-app-with-gui-now-available.md b/src/content/en/blog/new-ivpn-linux-app-with-gui-now-available.md
similarity index 100%
rename from src/content/blog/new-ivpn-linux-app-with-gui-now-available.md
rename to src/content/en/blog/new-ivpn-linux-app-with-gui-now-available.md
diff --git a/src/content/blog/new-open-source-ivpn-website-subscribe-without-providing-your-email.md b/src/content/en/blog/new-open-source-ivpn-website-subscribe-without-providing-your-email.md
similarity index 100%
rename from src/content/blog/new-open-source-ivpn-website-subscribe-without-providing-your-email.md
rename to src/content/en/blog/new-open-source-ivpn-website-subscribe-without-providing-your-email.md
diff --git a/src/content/blog/privacy-issue-real-vpns-alone-cant-solve-it.md b/src/content/en/blog/privacy-issue-real-vpns-alone-cant-solve-it.md
similarity index 100%
rename from src/content/blog/privacy-issue-real-vpns-alone-cant-solve-it.md
rename to src/content/en/blog/privacy-issue-real-vpns-alone-cant-solve-it.md
diff --git a/src/content/blog/quantum-resistant-wireguard-connections-ivpn-apps.md b/src/content/en/blog/quantum-resistant-wireguard-connections-ivpn-apps.md
similarity index 100%
rename from src/content/blog/quantum-resistant-wireguard-connections-ivpn-apps.md
rename to src/content/en/blog/quantum-resistant-wireguard-connections-ivpn-apps.md
diff --git a/src/content/blog/release-of-revamped-ivpn-app-for-iphones-and-ipads.md b/src/content/en/blog/release-of-revamped-ivpn-app-for-iphones-and-ipads.md
similarity index 100%
rename from src/content/blog/release-of-revamped-ivpn-app-for-iphones-and-ipads.md
rename to src/content/en/blog/release-of-revamped-ivpn-app-for-iphones-and-ipads.md
diff --git a/src/content/blog/removal-of-kill-switch-from-our-ios-app-due-to-apple-ip-leak-issue.md b/src/content/en/blog/removal-of-kill-switch-from-our-ios-app-due-to-apple-ip-leak-issue.md
similarity index 100%
rename from src/content/blog/removal-of-kill-switch-from-our-ios-app-due-to-apple-ip-leak-issue.md
rename to src/content/en/blog/removal-of-kill-switch-from-our-ios-app-due-to-apple-ip-leak-issue.md
diff --git a/src/content/blog/socks5-proxy.md b/src/content/en/blog/socks5-proxy.md
similarity index 100%
rename from src/content/blog/socks5-proxy.md
rename to src/content/en/blog/socks5-proxy.md
diff --git a/src/content/blog/test-the-new-ivpn-apps-in-our-first-beta-program.md b/src/content/en/blog/test-the-new-ivpn-apps-in-our-first-beta-program.md
similarity index 100%
rename from src/content/blog/test-the-new-ivpn-apps-in-our-first-beta-program.md
rename to src/content/en/blog/test-the-new-ivpn-apps-in-our-first-beta-program.md
diff --git a/src/content/blog/vpns-are-imperfect-but-necessary-privacy-enhancing-tools.md b/src/content/en/blog/vpns-are-imperfect-but-necessary-privacy-enhancing-tools.md
similarity index 100%
rename from src/content/blog/vpns-are-imperfect-but-necessary-privacy-enhancing-tools.md
rename to src/content/en/blog/vpns-are-imperfect-but-necessary-privacy-enhancing-tools.md
diff --git a/src/content/blog/who-owns-your-vpn-you-should-find-out.md b/src/content/en/blog/who-owns-your-vpn-you-should-find-out.md
similarity index 100%
rename from src/content/blog/who-owns-your-vpn-you-should-find-out.md
rename to src/content/en/blog/who-owns-your-vpn-you-should-find-out.md
diff --git a/src/content/blog/why-we-refuse-modern-marketing.md b/src/content/en/blog/why-we-refuse-modern-marketing.md
similarity index 100%
rename from src/content/blog/why-we-refuse-modern-marketing.md
rename to src/content/en/blog/why-we-refuse-modern-marketing.md
diff --git a/src/content/blog/why-you-dont-need-a-vpn.md b/src/content/en/blog/why-you-dont-need-a-vpn.md
similarity index 100%
rename from src/content/blog/why-you-dont-need-a-vpn.md
rename to src/content/en/blog/why-you-dont-need-a-vpn.md
diff --git a/src/content/blog/wireguard-port-forwarding-enabled.md b/src/content/en/blog/wireguard-port-forwarding-enabled.md
similarity index 100%
rename from src/content/blog/wireguard-port-forwarding-enabled.md
rename to src/content/en/blog/wireguard-port-forwarding-enabled.md
diff --git a/src/content/blog/your-vpn-provider-wont-go-to-jail-for-you.md b/src/content/en/blog/your-vpn-provider-wont-go-to-jail-for-you.md
similarity index 100%
rename from src/content/blog/your-vpn-provider-wont-go-to-jail-for-you.md
rename to src/content/en/blog/your-vpn-provider-wont-go-to-jail-for-you.md
diff --git a/src/content/categories/industry-insights/_index.md b/src/content/en/categories/industry-insights/_index.md
similarity index 100%
rename from src/content/categories/industry-insights/_index.md
rename to src/content/en/categories/industry-insights/_index.md
diff --git a/src/content/categories/ivpn-news/_index.md b/src/content/en/categories/ivpn-news/_index.md
similarity index 100%
rename from src/content/categories/ivpn-news/_index.md
rename to src/content/en/categories/ivpn-news/_index.md
diff --git a/src/content/categories/privacy-security/_index.md b/src/content/en/categories/privacy-security/_index.md
similarity index 100%
rename from src/content/categories/privacy-security/_index.md
rename to src/content/en/categories/privacy-security/_index.md
diff --git a/src/content/categories/releases/_index.md b/src/content/en/categories/releases/_index.md
similarity index 100%
rename from src/content/categories/releases/_index.md
rename to src/content/en/categories/releases/_index.md
diff --git a/src/content/categories/under-the-hood/_index.md b/src/content/en/categories/under-the-hood/_index.md
similarity index 100%
rename from src/content/categories/under-the-hood/_index.md
rename to src/content/en/categories/under-the-hood/_index.md
diff --git a/src/content/pages/account.md b/src/content/en/pages/account.md
similarity index 100%
rename from src/content/pages/account.md
rename to src/content/en/pages/account.md
diff --git a/src/content/pages/antitracker.md b/src/content/en/pages/antitracker.md
similarity index 100%
rename from src/content/pages/antitracker.md
rename to src/content/en/pages/antitracker.md
diff --git a/src/content/pages/apps-android.md b/src/content/en/pages/apps-android.md
similarity index 100%
rename from src/content/pages/apps-android.md
rename to src/content/en/pages/apps-android.md
diff --git a/src/content/pages/apps-ios.md b/src/content/en/pages/apps-ios.md
similarity index 100%
rename from src/content/pages/apps-ios.md
rename to src/content/en/pages/apps-ios.md
diff --git a/src/content/pages/apps-linux-legacy.md b/src/content/en/pages/apps-linux-legacy.md
similarity index 100%
rename from src/content/pages/apps-linux-legacy.md
rename to src/content/en/pages/apps-linux-legacy.md
diff --git a/src/content/pages/apps-linux.md b/src/content/en/pages/apps-linux.md
similarity index 100%
rename from src/content/pages/apps-linux.md
rename to src/content/en/pages/apps-linux.md
diff --git a/src/content/pages/apps-macos.md b/src/content/en/pages/apps-macos.md
similarity index 100%
rename from src/content/pages/apps-macos.md
rename to src/content/en/pages/apps-macos.md
diff --git a/src/content/pages/apps-windows.md b/src/content/en/pages/apps-windows.md
similarity index 100%
rename from src/content/pages/apps-windows.md
rename to src/content/en/pages/apps-windows.md
diff --git a/src/content/pages/apps.md b/src/content/en/pages/apps.md
similarity index 100%
rename from src/content/pages/apps.md
rename to src/content/en/pages/apps.md
diff --git a/src/content/pages/contactus.md b/src/content/en/pages/contactus.md
similarity index 100%
rename from src/content/pages/contactus.md
rename to src/content/en/pages/contactus.md
diff --git a/src/content/pages/ethics.md b/src/content/en/pages/ethics.md
similarity index 100%
rename from src/content/pages/ethics.md
rename to src/content/en/pages/ethics.md
diff --git a/src/content/pages/headless.md b/src/content/en/pages/headless.md
similarity index 100%
rename from src/content/pages/headless.md
rename to src/content/en/pages/headless.md
diff --git a/src/content/pages/home.md b/src/content/en/pages/home.md
similarity index 99%
rename from src/content/pages/home.md
rename to src/content/en/pages/home.md
index bc471b03b..1d9f02b29 100644
--- a/src/content/pages/home.md
+++ b/src/content/en/pages/home.md
@@ -11,7 +11,7 @@ sections:
     dark_image: /images-static/uploads/ivpn-home-dark.png
     dark_image_retina: /images-static/uploads/ivpn-home-dark@2x.png
     content: >-
-      # Resist Online Surveillance
+      # Resist Online Surveillance 
 
       What you do online can be tracked by organizations you may not know or trust and become part of a permanent record. A VPN can’t solve this on its own, but can prevent your ISP from being able to share or sell your data.
     cta_one_label: Generate IVPN account
diff --git a/src/content/pages/knowledgebase/android/_index.md b/src/content/en/pages/knowledgebase/android/_index.md
similarity index 100%
rename from src/content/pages/knowledgebase/android/_index.md
rename to src/content/en/pages/knowledgebase/android/_index.md
diff --git a/src/content/pages/knowledgebase/android/developer-options-on-the-android-phone.md b/src/content/en/pages/knowledgebase/android/developer-options-on-the-android-phone.md
similarity index 100%
rename from src/content/pages/knowledgebase/android/developer-options-on-the-android-phone.md
rename to src/content/en/pages/knowledgebase/android/developer-options-on-the-android-phone.md
diff --git a/src/content/pages/knowledgebase/android/error 424 public key not found.md b/src/content/en/pages/knowledgebase/android/error 424 public key not found.md
similarity index 100%
rename from src/content/pages/knowledgebase/android/error 424 public key not found.md
rename to src/content/en/pages/knowledgebase/android/error 424 public key not found.md
diff --git a/src/content/pages/knowledgebase/android/ivpn-doesnandsharp039t-start-on-boot.md b/src/content/en/pages/knowledgebase/android/ivpn-doesnandsharp039t-start-on-boot.md
similarity index 100%
rename from src/content/pages/knowledgebase/android/ivpn-doesnandsharp039t-start-on-boot.md
rename to src/content/en/pages/knowledgebase/android/ivpn-doesnandsharp039t-start-on-boot.md
diff --git a/src/content/pages/knowledgebase/android/mock-location-option.md b/src/content/en/pages/knowledgebase/android/mock-location-option.md
similarity index 100%
rename from src/content/pages/knowledgebase/android/mock-location-option.md
rename to src/content/en/pages/knowledgebase/android/mock-location-option.md
diff --git a/src/content/pages/knowledgebase/android/unable-to-click-andsharp039okandsharp039-on-the-connection-request-prompt-why.md b/src/content/en/pages/knowledgebase/android/unable-to-click-andsharp039okandsharp039-on-the-connection-request-prompt-why.md
similarity index 100%
rename from src/content/pages/knowledgebase/android/unable-to-click-andsharp039okandsharp039-on-the-connection-request-prompt-why.md
rename to src/content/en/pages/knowledgebase/android/unable-to-click-andsharp039okandsharp039-on-the-connection-request-prompt-why.md
diff --git a/src/content/pages/knowledgebase/android/what-permissions-does-your-app-require-and-why.md b/src/content/en/pages/knowledgebase/android/what-permissions-does-your-app-require-and-why.md
similarity index 100%
rename from src/content/pages/knowledgebase/android/what-permissions-does-your-app-require-and-why.md
rename to src/content/en/pages/knowledgebase/android/what-permissions-does-your-app-require-and-why.md
diff --git a/src/content/pages/knowledgebase/billing/_index.md b/src/content/en/pages/knowledgebase/billing/_index.md
similarity index 100%
rename from src/content/pages/knowledgebase/billing/_index.md
rename to src/content/en/pages/knowledgebase/billing/_index.md
diff --git a/src/content/pages/knowledgebase/billing/does-ivpn-offer-a-free-trial.md b/src/content/en/pages/knowledgebase/billing/does-ivpn-offer-a-free-trial.md
similarity index 100%
rename from src/content/pages/knowledgebase/billing/does-ivpn-offer-a-free-trial.md
rename to src/content/en/pages/knowledgebase/billing/does-ivpn-offer-a-free-trial.md
diff --git a/src/content/pages/knowledgebase/billing/how-can-i-cancel-my-ivpn-subscription.md b/src/content/en/pages/knowledgebase/billing/how-can-i-cancel-my-ivpn-subscription.md
similarity index 100%
rename from src/content/pages/knowledgebase/billing/how-can-i-cancel-my-ivpn-subscription.md
rename to src/content/en/pages/knowledgebase/billing/how-can-i-cancel-my-ivpn-subscription.md
diff --git a/src/content/pages/knowledgebase/billing/how-can-i-delete-my-ivpn-account.md b/src/content/en/pages/knowledgebase/billing/how-can-i-delete-my-ivpn-account.md
similarity index 100%
rename from src/content/pages/knowledgebase/billing/how-can-i-delete-my-ivpn-account.md
rename to src/content/en/pages/knowledgebase/billing/how-can-i-delete-my-ivpn-account.md
diff --git a/src/content/pages/knowledgebase/billing/how-can-i-pay-with-cash.md b/src/content/en/pages/knowledgebase/billing/how-can-i-pay-with-cash.md
similarity index 100%
rename from src/content/pages/knowledgebase/billing/how-can-i-pay-with-cash.md
rename to src/content/en/pages/knowledgebase/billing/how-can-i-pay-with-cash.md
diff --git a/src/content/pages/knowledgebase/billing/how-can-i-reactivate-my-account.md b/src/content/en/pages/knowledgebase/billing/how-can-i-reactivate-my-account.md
similarity index 100%
rename from src/content/pages/knowledgebase/billing/how-can-i-reactivate-my-account.md
rename to src/content/en/pages/knowledgebase/billing/how-can-i-reactivate-my-account.md
diff --git a/src/content/pages/knowledgebase/billing/i-paid-with-bitcoin-but-the-invoice-is-still-unpaid-why.md b/src/content/en/pages/knowledgebase/billing/i-paid-with-bitcoin-but-the-invoice-is-still-unpaid-why.md
similarity index 100%
rename from src/content/pages/knowledgebase/billing/i-paid-with-bitcoin-but-the-invoice-is-still-unpaid-why.md
rename to src/content/en/pages/knowledgebase/billing/i-paid-with-bitcoin-but-the-invoice-is-still-unpaid-why.md
diff --git a/src/content/pages/knowledgebase/billing/i-paid-with-paypal-but-my-account-is-still-pending-why.md b/src/content/en/pages/knowledgebase/billing/i-paid-with-paypal-but-my-account-is-still-pending-why.md
similarity index 100%
rename from src/content/pages/knowledgebase/billing/i-paid-with-paypal-but-my-account-is-still-pending-why.md
rename to src/content/en/pages/knowledgebase/billing/i-paid-with-paypal-but-my-account-is-still-pending-why.md
diff --git a/src/content/pages/knowledgebase/billing/paid-with-paypal-using-echeck-but-ivpn-account-is-still-in-pendingorsuspended-state-why.md b/src/content/en/pages/knowledgebase/billing/paid-with-paypal-using-echeck-but-ivpn-account-is-still-in-pendingorsuspended-state-why.md
similarity index 100%
rename from src/content/pages/knowledgebase/billing/paid-with-paypal-using-echeck-but-ivpn-account-is-still-in-pendingorsuspended-state-why.md
rename to src/content/en/pages/knowledgebase/billing/paid-with-paypal-using-echeck-but-ivpn-account-is-still-in-pendingorsuspended-state-why.md
diff --git a/src/content/pages/knowledgebase/billing/paypal-wonandsharp039t-let-me-pay-with-my-credit-card-can-you-help.md b/src/content/en/pages/knowledgebase/billing/paypal-wonandsharp039t-let-me-pay-with-my-credit-card-can-you-help.md
similarity index 100%
rename from src/content/pages/knowledgebase/billing/paypal-wonandsharp039t-let-me-pay-with-my-credit-card-can-you-help.md
rename to src/content/en/pages/knowledgebase/billing/paypal-wonandsharp039t-let-me-pay-with-my-credit-card-can-you-help.md
diff --git a/src/content/pages/knowledgebase/billing/voucher-cards-faq.md b/src/content/en/pages/knowledgebase/billing/voucher-cards-faq.md
similarity index 100%
rename from src/content/pages/knowledgebase/billing/voucher-cards-faq.md
rename to src/content/en/pages/knowledgebase/billing/voucher-cards-faq.md
diff --git a/src/content/pages/knowledgebase/general/_index.md b/src/content/en/pages/knowledgebase/general/_index.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/_index.md
rename to src/content/en/pages/knowledgebase/general/_index.md
diff --git a/src/content/pages/knowledgebase/general/answers-for-18-questions-to-ask-your-vpn-service-provider.md b/src/content/en/pages/knowledgebase/general/answers-for-18-questions-to-ask-your-vpn-service-provider.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/answers-for-18-questions-to-ask-your-vpn-service-provider.md
rename to src/content/en/pages/knowledgebase/general/answers-for-18-questions-to-ask-your-vpn-service-provider.md
diff --git a/src/content/pages/knowledgebase/general/antitracker-faq.md b/src/content/en/pages/knowledgebase/general/antitracker-faq.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/antitracker-faq.md
rename to src/content/en/pages/knowledgebase/general/antitracker-faq.md
diff --git a/src/content/pages/knowledgebase/general/antitracker-plus-lists-explained.md b/src/content/en/pages/knowledgebase/general/antitracker-plus-lists-explained.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/antitracker-plus-lists-explained.md
rename to src/content/en/pages/knowledgebase/general/antitracker-plus-lists-explained.md
diff --git a/src/content/pages/knowledgebase/general/antivirus-detects-malware-in-the-ivpn-installer-why.md b/src/content/en/pages/knowledgebase/general/antivirus-detects-malware-in-the-ivpn-installer-why.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/antivirus-detects-malware-in-the-ivpn-installer-why.md
rename to src/content/en/pages/knowledgebase/general/antivirus-detects-malware-in-the-ivpn-installer-why.md
diff --git a/src/content/pages/knowledgebase/general/can-i-access-hulu-or-netflix-or-bbc-iplayer-using-ivpn.md b/src/content/en/pages/knowledgebase/general/can-i-access-hulu-or-netflix-or-bbc-iplayer-using-ivpn.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/can-i-access-hulu-or-netflix-or-bbc-iplayer-using-ivpn.md
rename to src/content/en/pages/knowledgebase/general/can-i-access-hulu-or-netflix-or-bbc-iplayer-using-ivpn.md
diff --git a/src/content/pages/knowledgebase/general/command-line-client-faq.md b/src/content/en/pages/knowledgebase/general/command-line-client-faq.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/command-line-client-faq.md
rename to src/content/en/pages/knowledgebase/general/command-line-client-faq.md
diff --git a/src/content/pages/knowledgebase/general/configuring-the-ivpn-app-to-autoconnect.md b/src/content/en/pages/knowledgebase/general/configuring-the-ivpn-app-to-autoconnect.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/configuring-the-ivpn-app-to-autoconnect.md
rename to src/content/en/pages/knowledgebase/general/configuring-the-ivpn-app-to-autoconnect.md
diff --git a/src/content/pages/knowledgebase/general/custom-dns.md b/src/content/en/pages/knowledgebase/general/custom-dns.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/custom-dns.md
rename to src/content/en/pages/knowledgebase/general/custom-dns.md
diff --git a/src/content/pages/knowledgebase/general/device-management-faq.md b/src/content/en/pages/knowledgebase/general/device-management-faq.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/device-management-faq.md
rename to src/content/en/pages/knowledgebase/general/device-management-faq.md
diff --git a/src/content/pages/knowledgebase/general/do-you-allow-p2p-or-bittorrent-or-torrents-downloading.md b/src/content/en/pages/knowledgebase/general/do-you-allow-p2p-or-bittorrent-or-torrents-downloading.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/do-you-allow-p2p-or-bittorrent-or-torrents-downloading.md
rename to src/content/en/pages/knowledgebase/general/do-you-allow-p2p-or-bittorrent-or-torrents-downloading.md
diff --git a/src/content/pages/knowledgebase/general/do-you-allow-smtp-email-whilst-connected-to-ivpn.md b/src/content/en/pages/knowledgebase/general/do-you-allow-smtp-email-whilst-connected-to-ivpn.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/do-you-allow-smtp-email-whilst-connected-to-ivpn.md
rename to src/content/en/pages/knowledgebase/general/do-you-allow-smtp-email-whilst-connected-to-ivpn.md
diff --git a/src/content/pages/knowledgebase/general/do-you-have-advanced-privacy-guides.md b/src/content/en/pages/knowledgebase/general/do-you-have-advanced-privacy-guides.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/do-you-have-advanced-privacy-guides.md
rename to src/content/en/pages/knowledgebase/general/do-you-have-advanced-privacy-guides.md
diff --git a/src/content/pages/knowledgebase/general/do-you-have-an-affiliate-program.md b/src/content/en/pages/knowledgebase/general/do-you-have-an-affiliate-program.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/do-you-have-an-affiliate-program.md
rename to src/content/en/pages/knowledgebase/general/do-you-have-an-affiliate-program.md
diff --git a/src/content/pages/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall.md b/src/content/en/pages/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall.md
rename to src/content/en/pages/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall.md
diff --git a/src/content/pages/knowledgebase/general/do-you-offer-dedicated-or-static-ip-addresses.md b/src/content/en/pages/knowledgebase/general/do-you-offer-dedicated-or-static-ip-addresses.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/do-you-offer-dedicated-or-static-ip-addresses.md
rename to src/content/en/pages/knowledgebase/general/do-you-offer-dedicated-or-static-ip-addresses.md
diff --git a/src/content/pages/knowledgebase/general/do-you-offer-ipv6.md b/src/content/en/pages/knowledgebase/general/do-you-offer-ipv6.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/do-you-offer-ipv6.md
rename to src/content/en/pages/knowledgebase/general/do-you-offer-ipv6.md
diff --git a/src/content/pages/knowledgebase/general/do-you-offer-openvpn-wireguard-config-files.md b/src/content/en/pages/knowledgebase/general/do-you-offer-openvpn-wireguard-config-files.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/do-you-offer-openvpn-wireguard-config-files.md
rename to src/content/en/pages/knowledgebase/general/do-you-offer-openvpn-wireguard-config-files.md
diff --git a/src/content/pages/knowledgebase/general/do-you-offer-two-factor-authentication.md b/src/content/en/pages/knowledgebase/general/do-you-offer-two-factor-authentication.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/do-you-offer-two-factor-authentication.md
rename to src/content/en/pages/knowledgebase/general/do-you-offer-two-factor-authentication.md
diff --git a/src/content/pages/knowledgebase/general/do-you-reboot-servers-during-a-maintenance-window.md b/src/content/en/pages/knowledgebase/general/do-you-reboot-servers-during-a-maintenance-window.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/do-you-reboot-servers-during-a-maintenance-window.md
rename to src/content/en/pages/knowledgebase/general/do-you-reboot-servers-during-a-maintenance-window.md
diff --git a/src/content/pages/knowledgebase/general/do-you-support-blackberry.md b/src/content/en/pages/knowledgebase/general/do-you-support-blackberry.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/do-you-support-blackberry.md
rename to src/content/en/pages/knowledgebase/general/do-you-support-blackberry.md
diff --git a/src/content/pages/knowledgebase/general/do-you-support-chromebook.md b/src/content/en/pages/knowledgebase/general/do-you-support-chromebook.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/do-you-support-chromebook.md
rename to src/content/en/pages/knowledgebase/general/do-you-support-chromebook.md
diff --git a/src/content/pages/knowledgebase/general/do-you-support-port-forwarding.md b/src/content/en/pages/knowledgebase/general/do-you-support-port-forwarding.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/do-you-support-port-forwarding.md
rename to src/content/en/pages/knowledgebase/general/do-you-support-port-forwarding.md
diff --git a/src/content/pages/knowledgebase/general/do-you-support-tunnelblick-or-viscosity.md b/src/content/en/pages/knowledgebase/general/do-you-support-tunnelblick-or-viscosity.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/do-you-support-tunnelblick-or-viscosity.md
rename to src/content/en/pages/knowledgebase/general/do-you-support-tunnelblick-or-viscosity.md
diff --git a/src/content/pages/knowledgebase/general/does-ivpn-protect-ssh-connections.md b/src/content/en/pages/knowledgebase/general/does-ivpn-protect-ssh-connections.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/does-ivpn-protect-ssh-connections.md
rename to src/content/en/pages/knowledgebase/general/does-ivpn-protect-ssh-connections.md
diff --git a/src/content/pages/knowledgebase/general/does-ivpn-support-pfsense-firewall.md b/src/content/en/pages/knowledgebase/general/does-ivpn-support-pfsense-firewall.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/does-ivpn-support-pfsense-firewall.md
rename to src/content/en/pages/knowledgebase/general/does-ivpn-support-pfsense-firewall.md
diff --git a/src/content/pages/knowledgebase/general/does-ivpn-support-roku-media-players.md b/src/content/en/pages/knowledgebase/general/does-ivpn-support-roku-media-players.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/does-ivpn-support-roku-media-players.md
rename to src/content/en/pages/knowledgebase/general/does-ivpn-support-roku-media-players.md
diff --git a/src/content/pages/knowledgebase/general/does-ivpn-support-synology-nas.md b/src/content/en/pages/knowledgebase/general/does-ivpn-support-synology-nas.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/does-ivpn-support-synology-nas.md
rename to src/content/en/pages/knowledgebase/general/does-ivpn-support-synology-nas.md
diff --git a/src/content/pages/knowledgebase/general/does-ivpn-support-windows-10.md b/src/content/en/pages/knowledgebase/general/does-ivpn-support-windows-10.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/does-ivpn-support-windows-10.md
rename to src/content/en/pages/knowledgebase/general/does-ivpn-support-windows-10.md
diff --git a/src/content/pages/knowledgebase/general/does-voip-work-with-ivpn.md b/src/content/en/pages/knowledgebase/general/does-voip-work-with-ivpn.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/does-voip-work-with-ivpn.md
rename to src/content/en/pages/knowledgebase/general/does-voip-work-with-ivpn.md
diff --git a/src/content/pages/knowledgebase/general/firewall-exceptions.md b/src/content/en/pages/knowledgebase/general/firewall-exceptions.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/firewall-exceptions.md
rename to src/content/en/pages/knowledgebase/general/firewall-exceptions.md
diff --git a/src/content/pages/knowledgebase/general/how-can-i-connect-to-the-multihop-network.md b/src/content/en/pages/knowledgebase/general/how-can-i-connect-to-the-multihop-network.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/how-can-i-connect-to-the-multihop-network.md
rename to src/content/en/pages/knowledgebase/general/how-can-i-connect-to-the-multihop-network.md
diff --git a/src/content/pages/knowledgebase/general/how-do-i-remotely-connect-to-my-home-system-or-services-behind-the-vpn-connection.md b/src/content/en/pages/knowledgebase/general/how-do-i-remotely-connect-to-my-home-system-or-services-behind-the-vpn-connection.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/how-do-i-remotely-connect-to-my-home-system-or-services-behind-the-vpn-connection.md
rename to src/content/en/pages/knowledgebase/general/how-do-i-remotely-connect-to-my-home-system-or-services-behind-the-vpn-connection.md
diff --git a/src/content/pages/knowledgebase/general/how-do-i-send-a-secure-pgp-encrypted-email-to-ivpn.md b/src/content/en/pages/knowledgebase/general/how-do-i-send-a-secure-pgp-encrypted-email-to-ivpn.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/how-do-i-send-a-secure-pgp-encrypted-email-to-ivpn.md
rename to src/content/en/pages/knowledgebase/general/how-do-i-send-a-secure-pgp-encrypted-email-to-ivpn.md
diff --git a/src/content/pages/knowledgebase/general/how-many-devices-or-simultaneous-connections-can-i-have-to-ivpn.md b/src/content/en/pages/knowledgebase/general/how-many-devices-or-simultaneous-connections-can-i-have-to-ivpn.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/how-many-devices-or-simultaneous-connections-can-i-have-to-ivpn.md
rename to src/content/en/pages/knowledgebase/general/how-many-devices-or-simultaneous-connections-can-i-have-to-ivpn.md
diff --git a/src/content/pages/knowledgebase/general/how-many-ips-do-you-have-in-total-or-per-server.md b/src/content/en/pages/knowledgebase/general/how-many-ips-do-you-have-in-total-or-per-server.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/how-many-ips-do-you-have-in-total-or-per-server.md
rename to src/content/en/pages/knowledgebase/general/how-many-ips-do-you-have-in-total-or-per-server.md
diff --git a/src/content/pages/knowledgebase/general/how-much-does-ivpn-cost.md b/src/content/en/pages/knowledgebase/general/how-much-does-ivpn-cost.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/how-much-does-ivpn-cost.md
rename to src/content/en/pages/knowledgebase/general/how-much-does-ivpn-cost.md
diff --git a/src/content/pages/knowledgebase/general/how-to-verify-warrant-canary-signature.md b/src/content/en/pages/knowledgebase/general/how-to-verify-warrant-canary-signature.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/how-to-verify-warrant-canary-signature.md
rename to src/content/en/pages/knowledgebase/general/how-to-verify-warrant-canary-signature.md
diff --git a/src/content/pages/knowledgebase/general/in-which-countries-do-you-have-servers-or-where-are-your-servers-located.md b/src/content/en/pages/knowledgebase/general/in-which-countries-do-you-have-servers-or-where-are-your-servers-located.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/in-which-countries-do-you-have-servers-or-where-are-your-servers-located.md
rename to src/content/en/pages/knowledgebase/general/in-which-countries-do-you-have-servers-or-where-are-your-servers-located.md
diff --git a/src/content/pages/knowledgebase/general/is-using-l2tporipsec-with-a-public-pre-shared-key-secure.md b/src/content/en/pages/knowledgebase/general/is-using-l2tporipsec-with-a-public-pre-shared-key-secure.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/is-using-l2tporipsec-with-a-public-pre-shared-key-secure.md
rename to src/content/en/pages/knowledgebase/general/is-using-l2tporipsec-with-a-public-pre-shared-key-secure.md
diff --git a/src/content/pages/knowledgebase/general/my-ip-is-being-leaked-by-webrtc-how-do-i-disable-it.md b/src/content/en/pages/knowledgebase/general/my-ip-is-being-leaked-by-webrtc-how-do-i-disable-it.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/my-ip-is-being-leaked-by-webrtc-how-do-i-disable-it.md
rename to src/content/en/pages/knowledgebase/general/my-ip-is-being-leaked-by-webrtc-how-do-i-disable-it.md
diff --git a/src/content/pages/knowledgebase/general/quantum-resistance-faq.md b/src/content/en/pages/knowledgebase/general/quantum-resistance-faq.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/quantum-resistance-faq.md
rename to src/content/en/pages/knowledgebase/general/quantum-resistance-faq.md
diff --git a/src/content/pages/knowledgebase/general/quantum-resistant-vpn-connections.md b/src/content/en/pages/knowledgebase/general/quantum-resistant-vpn-connections.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/quantum-resistant-vpn-connections.md
rename to src/content/en/pages/knowledgebase/general/quantum-resistant-vpn-connections.md
diff --git a/src/content/pages/knowledgebase/general/socks5-proxy-service.md b/src/content/en/pages/knowledgebase/general/socks5-proxy-service.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/socks5-proxy-service.md
rename to src/content/en/pages/knowledgebase/general/socks5-proxy-service.md
diff --git a/src/content/pages/knowledgebase/general/split-tunnel-faq.md b/src/content/en/pages/knowledgebase/general/split-tunnel-faq.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/split-tunnel-faq.md
rename to src/content/en/pages/knowledgebase/general/split-tunnel-faq.md
diff --git a/src/content/pages/knowledgebase/general/split-tunnel-uses-and-limitations.md b/src/content/en/pages/knowledgebase/general/split-tunnel-uses-and-limitations.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/split-tunnel-uses-and-limitations.md
rename to src/content/en/pages/knowledgebase/general/split-tunnel-uses-and-limitations.md
diff --git a/src/content/pages/knowledgebase/general/tcp-and-udp-connections.md b/src/content/en/pages/knowledgebase/general/tcp-and-udp-connections.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/tcp-and-udp-connections.md
rename to src/content/en/pages/knowledgebase/general/tcp-and-udp-connections.md
diff --git a/src/content/pages/knowledgebase/general/using-wireguard-for-privacy-protection.md b/src/content/en/pages/knowledgebase/general/using-wireguard-for-privacy-protection.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/using-wireguard-for-privacy-protection.md
rename to src/content/en/pages/knowledgebase/general/using-wireguard-for-privacy-protection.md
diff --git a/src/content/pages/knowledgebase/general/what-are-tcp-connections.md b/src/content/en/pages/knowledgebase/general/what-are-tcp-connections.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/what-are-tcp-connections.md
rename to src/content/en/pages/knowledgebase/general/what-are-tcp-connections.md
diff --git a/src/content/pages/knowledgebase/general/what-is-a-multihop-vpn-service.md b/src/content/en/pages/knowledgebase/general/what-is-a-multihop-vpn-service.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/what-is-a-multihop-vpn-service.md
rename to src/content/en/pages/knowledgebase/general/what-is-a-multihop-vpn-service.md
diff --git a/src/content/pages/knowledgebase/general/what-is-the-default-encryption-cipher-for-vpn-connections.md b/src/content/en/pages/knowledgebase/general/what-is-the-default-encryption-cipher-for-vpn-connections.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/what-is-the-default-encryption-cipher-for-vpn-connections.md
rename to src/content/en/pages/knowledgebase/general/what-is-the-default-encryption-cipher-for-vpn-connections.md
diff --git a/src/content/pages/knowledgebase/general/what-makes-ivpn-so-fast.md b/src/content/en/pages/knowledgebase/general/what-makes-ivpn-so-fast.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/what-makes-ivpn-so-fast.md
rename to src/content/en/pages/knowledgebase/general/what-makes-ivpn-so-fast.md
diff --git a/src/content/pages/knowledgebase/general/what-payment-methods-do-you-accept.md b/src/content/en/pages/knowledgebase/general/what-payment-methods-do-you-accept.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/what-payment-methods-do-you-accept.md
rename to src/content/en/pages/knowledgebase/general/what-payment-methods-do-you-accept.md
diff --git a/src/content/pages/knowledgebase/general/what-speed-can-i-expect-or-how-fast-is-ivpn.md b/src/content/en/pages/knowledgebase/general/what-speed-can-i-expect-or-how-fast-is-ivpn.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/what-speed-can-i-expect-or-how-fast-is-ivpn.md
rename to src/content/en/pages/knowledgebase/general/what-speed-can-i-expect-or-how-fast-is-ivpn.md
diff --git a/src/content/pages/knowledgebase/general/what-technologies-do-you-use-at-ivpn.md b/src/content/en/pages/knowledgebase/general/what-technologies-do-you-use-at-ivpn.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/what-technologies-do-you-use-at-ivpn.md
rename to src/content/en/pages/knowledgebase/general/what-technologies-do-you-use-at-ivpn.md
diff --git a/src/content/pages/knowledgebase/general/what-vpn-protocols-do-you-offer.md b/src/content/en/pages/knowledgebase/general/what-vpn-protocols-do-you-offer.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/what-vpn-protocols-do-you-offer.md
rename to src/content/en/pages/knowledgebase/general/what-vpn-protocols-do-you-offer.md
diff --git a/src/content/pages/knowledgebase/general/where-can-i-download-the-vpn-software-for-my-computer.md b/src/content/en/pages/knowledgebase/general/where-can-i-download-the-vpn-software-for-my-computer.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/where-can-i-download-the-vpn-software-for-my-computer.md
rename to src/content/en/pages/knowledgebase/general/where-can-i-download-the-vpn-software-for-my-computer.md
diff --git a/src/content/pages/knowledgebase/general/why-is-the-location-of-the-server-not-accurate.md b/src/content/en/pages/knowledgebase/general/why-is-the-location-of-the-server-not-accurate.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/why-is-the-location-of-the-server-not-accurate.md
rename to src/content/en/pages/knowledgebase/general/why-is-the-location-of-the-server-not-accurate.md
diff --git a/src/content/pages/knowledgebase/general/wireguard-faq.md b/src/content/en/pages/knowledgebase/general/wireguard-faq.md
similarity index 100%
rename from src/content/pages/knowledgebase/general/wireguard-faq.md
rename to src/content/en/pages/knowledgebase/general/wireguard-faq.md
diff --git a/src/content/pages/knowledgebase/ios/_index.md b/src/content/en/pages/knowledgebase/ios/_index.md
similarity index 100%
rename from src/content/pages/knowledgebase/ios/_index.md
rename to src/content/en/pages/knowledgebase/ios/_index.md
diff --git a/src/content/pages/knowledgebase/ios/ios-how-to-enable-multihop.md b/src/content/en/pages/knowledgebase/ios/ios-how-to-enable-multihop.md
similarity index 100%
rename from src/content/pages/knowledgebase/ios/ios-how-to-enable-multihop.md
rename to src/content/en/pages/knowledgebase/ios/ios-how-to-enable-multihop.md
diff --git a/src/content/pages/knowledgebase/ios/ivpn-would-like-to-add-vpn-configurations-why-do-i-see-this-message.md b/src/content/en/pages/knowledgebase/ios/ivpn-would-like-to-add-vpn-configurations-why-do-i-see-this-message.md
similarity index 100%
rename from src/content/pages/knowledgebase/ios/ivpn-would-like-to-add-vpn-configurations-why-do-i-see-this-message.md
rename to src/content/en/pages/knowledgebase/ios/ivpn-would-like-to-add-vpn-configurations-why-do-i-see-this-message.md
diff --git a/src/content/pages/knowledgebase/ios/native-ios-kill-switch-known-issues.md b/src/content/en/pages/knowledgebase/ios/native-ios-kill-switch-known-issues.md
similarity index 100%
rename from src/content/pages/knowledgebase/ios/native-ios-kill-switch-known-issues.md
rename to src/content/en/pages/knowledgebase/ios/native-ios-kill-switch-known-issues.md
diff --git a/src/content/pages/knowledgebase/ios/v2ray.md b/src/content/en/pages/knowledgebase/ios/v2ray.md
similarity index 100%
rename from src/content/pages/knowledgebase/ios/v2ray.md
rename to src/content/en/pages/knowledgebase/ios/v2ray.md
diff --git a/src/content/pages/knowledgebase/linux/_index.md b/src/content/en/pages/knowledgebase/linux/_index.md
similarity index 100%
rename from src/content/pages/knowledgebase/linux/_index.md
rename to src/content/en/pages/knowledgebase/linux/_index.md
diff --git a/src/content/pages/knowledgebase/linux/building-the-ivpn-cli-client-for-linux-on-a-raspberry-pi.md b/src/content/en/pages/knowledgebase/linux/building-the-ivpn-cli-client-for-linux-on-a-raspberry-pi.md
similarity index 100%
rename from src/content/pages/knowledgebase/linux/building-the-ivpn-cli-client-for-linux-on-a-raspberry-pi.md
rename to src/content/en/pages/knowledgebase/linux/building-the-ivpn-cli-client-for-linux-on-a-raspberry-pi.md
diff --git a/src/content/pages/knowledgebase/linux/fedora-silverblue.md b/src/content/en/pages/knowledgebase/linux/fedora-silverblue.md
similarity index 100%
rename from src/content/pages/knowledgebase/linux/fedora-silverblue.md
rename to src/content/en/pages/knowledgebase/linux/fedora-silverblue.md
diff --git a/src/content/pages/knowledgebase/linux/ivpn-on-qubes-os.md b/src/content/en/pages/knowledgebase/linux/ivpn-on-qubes-os.md
similarity index 100%
rename from src/content/pages/knowledgebase/linux/ivpn-on-qubes-os.md
rename to src/content/en/pages/knowledgebase/linux/ivpn-on-qubes-os.md
diff --git a/src/content/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-fedora.md b/src/content/en/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-fedora.md
similarity index 100%
rename from src/content/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-fedora.md
rename to src/content/en/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-fedora.md
diff --git a/src/content/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-ubuntu.md b/src/content/en/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-ubuntu.md
similarity index 100%
rename from src/content/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-ubuntu.md
rename to src/content/en/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-ubuntu.md
diff --git a/src/content/pages/knowledgebase/linux/linux-autostart-wireguard-in-systemd.md b/src/content/en/pages/knowledgebase/linux/linux-autostart-wireguard-in-systemd.md
similarity index 100%
rename from src/content/pages/knowledgebase/linux/linux-autostart-wireguard-in-systemd.md
rename to src/content/en/pages/knowledgebase/linux/linux-autostart-wireguard-in-systemd.md
diff --git a/src/content/pages/knowledgebase/linux/linux-avc-denial-with-selinux.md b/src/content/en/pages/knowledgebase/linux/linux-avc-denial-with-selinux.md
similarity index 100%
rename from src/content/pages/knowledgebase/linux/linux-avc-denial-with-selinux.md
rename to src/content/en/pages/knowledgebase/linux/linux-avc-denial-with-selinux.md
diff --git a/src/content/pages/knowledgebase/linux/linux-cannot-import-ovpn-config-file.md b/src/content/en/pages/knowledgebase/linux/linux-cannot-import-ovpn-config-file.md
similarity index 100%
rename from src/content/pages/knowledgebase/linux/linux-cannot-import-ovpn-config-file.md
rename to src/content/en/pages/knowledgebase/linux/linux-cannot-import-ovpn-config-file.md
diff --git a/src/content/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables.md b/src/content/en/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables.md
similarity index 100%
rename from src/content/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables.md
rename to src/content/en/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables.md
diff --git a/src/content/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-nftables-and-openvpn.md b/src/content/en/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-nftables-and-openvpn.md
similarity index 100%
rename from src/content/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-nftables-and-openvpn.md
rename to src/content/en/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-nftables-and-openvpn.md
diff --git a/src/content/pages/knowledgebase/linux/linux-kill-switch-using-the-uncomplicated-firewall-ufw.md b/src/content/en/pages/knowledgebase/linux/linux-kill-switch-using-the-uncomplicated-firewall-ufw.md
similarity index 100%
rename from src/content/pages/knowledgebase/linux/linux-kill-switch-using-the-uncomplicated-firewall-ufw.md
rename to src/content/en/pages/knowledgebase/linux/linux-kill-switch-using-the-uncomplicated-firewall-ufw.md
diff --git a/src/content/pages/knowledgebase/linux/linux-obfs3-and-obfs4-obfuscation-with-obfsproxy-to-circumvent-censorship.md b/src/content/en/pages/knowledgebase/linux/linux-obfs3-and-obfs4-obfuscation-with-obfsproxy-to-circumvent-censorship.md
similarity index 100%
rename from src/content/pages/knowledgebase/linux/linux-obfs3-and-obfs4-obfuscation-with-obfsproxy-to-circumvent-censorship.md
rename to src/content/en/pages/knowledgebase/linux/linux-obfs3-and-obfs4-obfuscation-with-obfsproxy-to-circumvent-censorship.md
diff --git a/src/content/pages/knowledgebase/linux/linux-tray-icon-is-missing-in-gnome.md b/src/content/en/pages/knowledgebase/linux/linux-tray-icon-is-missing-in-gnome.md
similarity index 100%
rename from src/content/pages/knowledgebase/linux/linux-tray-icon-is-missing-in-gnome.md
rename to src/content/en/pages/knowledgebase/linux/linux-tray-icon-is-missing-in-gnome.md
diff --git a/src/content/pages/knowledgebase/linux/linux-webpages-do-not-load-or-dns-leaks-when-connecting-via-networkmanager.md b/src/content/en/pages/knowledgebase/linux/linux-webpages-do-not-load-or-dns-leaks-when-connecting-via-networkmanager.md
similarity index 100%
rename from src/content/pages/knowledgebase/linux/linux-webpages-do-not-load-or-dns-leaks-when-connecting-via-networkmanager.md
rename to src/content/en/pages/knowledgebase/linux/linux-webpages-do-not-load-or-dns-leaks-when-connecting-via-networkmanager.md
diff --git a/src/content/pages/knowledgebase/linux/linux-wireguard-kill-switch.md b/src/content/en/pages/knowledgebase/linux/linux-wireguard-kill-switch.md
similarity index 100%
rename from src/content/pages/knowledgebase/linux/linux-wireguard-kill-switch.md
rename to src/content/en/pages/knowledgebase/linux/linux-wireguard-kill-switch.md
diff --git a/src/content/pages/knowledgebase/linux/linux-wireguard-rtnetlink-answers-operation-not-supported.md b/src/content/en/pages/knowledgebase/linux/linux-wireguard-rtnetlink-answers-operation-not-supported.md
similarity index 100%
rename from src/content/pages/knowledgebase/linux/linux-wireguard-rtnetlink-answers-operation-not-supported.md
rename to src/content/en/pages/knowledgebase/linux/linux-wireguard-rtnetlink-answers-operation-not-supported.md
diff --git a/src/content/pages/knowledgebase/linux/managing-the-ivpn-linux-client-at-system-boot.md b/src/content/en/pages/knowledgebase/linux/managing-the-ivpn-linux-client-at-system-boot.md
similarity index 100%
rename from src/content/pages/knowledgebase/linux/managing-the-ivpn-linux-client-at-system-boot.md
rename to src/content/en/pages/knowledgebase/linux/managing-the-ivpn-linux-client-at-system-boot.md
diff --git a/src/content/pages/knowledgebase/macos/_index.md b/src/content/en/pages/knowledgebase/macos/_index.md
similarity index 100%
rename from src/content/pages/knowledgebase/macos/_index.md
rename to src/content/en/pages/knowledgebase/macos/_index.md
diff --git a/src/content/pages/knowledgebase/macos/how-do-i-completely-uninstall-or-remove-tunnelblick.md b/src/content/en/pages/knowledgebase/macos/how-do-i-completely-uninstall-or-remove-tunnelblick.md
similarity index 100%
rename from src/content/pages/knowledgebase/macos/how-do-i-completely-uninstall-or-remove-tunnelblick.md
rename to src/content/en/pages/knowledgebase/macos/how-do-i-completely-uninstall-or-remove-tunnelblick.md
diff --git a/src/content/pages/knowledgebase/macos/how-to-resolve-error-ivpnapp-is-damaged-and-cannot-be-opened.md b/src/content/en/pages/knowledgebase/macos/how-to-resolve-error-ivpnapp-is-damaged-and-cannot-be-opened.md
similarity index 100%
rename from src/content/pages/knowledgebase/macos/how-to-resolve-error-ivpnapp-is-damaged-and-cannot-be-opened.md
rename to src/content/en/pages/knowledgebase/macos/how-to-resolve-error-ivpnapp-is-damaged-and-cannot-be-opened.md
diff --git a/src/content/pages/knowledgebase/macos/ivpnapp-wants-to-control-system-events-why-do-i-see-this-warning.md b/src/content/en/pages/knowledgebase/macos/ivpnapp-wants-to-control-system-events-why-do-i-see-this-warning.md
similarity index 100%
rename from src/content/pages/knowledgebase/macos/ivpnapp-wants-to-control-system-events-why-do-i-see-this-warning.md
rename to src/content/en/pages/knowledgebase/macos/ivpnapp-wants-to-control-system-events-why-do-i-see-this-warning.md
diff --git a/src/content/pages/knowledgebase/macos/macos-disposable-emails.md b/src/content/en/pages/knowledgebase/macos/macos-disposable-emails.md
similarity index 100%
rename from src/content/pages/knowledgebase/macos/macos-disposable-emails.md
rename to src/content/en/pages/knowledgebase/macos/macos-disposable-emails.md
diff --git a/src/content/pages/knowledgebase/macos/macos-failed-to-regenerate-wireguard-keys-private-key-generation-error-133.md b/src/content/en/pages/knowledgebase/macos/macos-failed-to-regenerate-wireguard-keys-private-key-generation-error-133.md
similarity index 100%
rename from src/content/pages/knowledgebase/macos/macos-failed-to-regenerate-wireguard-keys-private-key-generation-error-133.md
rename to src/content/en/pages/knowledgebase/macos/macos-failed-to-regenerate-wireguard-keys-private-key-generation-error-133.md
diff --git a/src/content/pages/knowledgebase/macos/macos-how-do-i-completely-uninstall-or-remove-the-ivpn-application.md b/src/content/en/pages/knowledgebase/macos/macos-how-do-i-completely-uninstall-or-remove-the-ivpn-application.md
similarity index 100%
rename from src/content/pages/knowledgebase/macos/macos-how-do-i-completely-uninstall-or-remove-the-ivpn-application.md
rename to src/content/en/pages/knowledgebase/macos/macos-how-do-i-completely-uninstall-or-remove-the-ivpn-application.md
diff --git a/src/content/pages/knowledgebase/macos/macos-ivpn-helper-agent-is-not-starting.md b/src/content/en/pages/knowledgebase/macos/macos-ivpn-helper-agent-is-not-starting.md
similarity index 100%
rename from src/content/pages/knowledgebase/macos/macos-ivpn-helper-agent-is-not-starting.md
rename to src/content/en/pages/knowledgebase/macos/macos-ivpn-helper-agent-is-not-starting.md
diff --git a/src/content/pages/knowledgebase/macos/macos-launch-at-login-is-not-available.md b/src/content/en/pages/knowledgebase/macos/macos-launch-at-login-is-not-available.md
similarity index 100%
rename from src/content/pages/knowledgebase/macos/macos-launch-at-login-is-not-available.md
rename to src/content/en/pages/knowledgebase/macos/macos-launch-at-login-is-not-available.md
diff --git a/src/content/pages/knowledgebase/macos/macos-what-credentials-are-required-for-the-helper-agent-portion-of-the-ivpn-app-install.md b/src/content/en/pages/knowledgebase/macos/macos-what-credentials-are-required-for-the-helper-agent-portion-of-the-ivpn-app-install.md
similarity index 100%
rename from src/content/pages/knowledgebase/macos/macos-what-credentials-are-required-for-the-helper-agent-portion-of-the-ivpn-app-install.md
rename to src/content/en/pages/knowledgebase/macos/macos-what-credentials-are-required-for-the-helper-agent-portion-of-the-ivpn-app-install.md
diff --git a/src/content/pages/knowledgebase/macos/tunnelblick-how-do-i-edit-the-openvpn-config-file.md b/src/content/en/pages/knowledgebase/macos/tunnelblick-how-do-i-edit-the-openvpn-config-file.md
similarity index 100%
rename from src/content/pages/knowledgebase/macos/tunnelblick-how-do-i-edit-the-openvpn-config-file.md
rename to src/content/en/pages/knowledgebase/macos/tunnelblick-how-do-i-edit-the-openvpn-config-file.md
diff --git a/src/content/pages/knowledgebase/macos/tunnelblick-how-to-submit-diagnostic-data-to-ivpn.md b/src/content/en/pages/knowledgebase/macos/tunnelblick-how-to-submit-diagnostic-data-to-ivpn.md
similarity index 100%
rename from src/content/pages/knowledgebase/macos/tunnelblick-how-to-submit-diagnostic-data-to-ivpn.md
rename to src/content/en/pages/knowledgebase/macos/tunnelblick-how-to-submit-diagnostic-data-to-ivpn.md
diff --git a/src/content/pages/knowledgebase/macos/tunnelblick-opening-utun-no-buffer-space-available.md b/src/content/en/pages/knowledgebase/macos/tunnelblick-opening-utun-no-buffer-space-available.md
similarity index 100%
rename from src/content/pages/knowledgebase/macos/tunnelblick-opening-utun-no-buffer-space-available.md
rename to src/content/en/pages/knowledgebase/macos/tunnelblick-opening-utun-no-buffer-space-available.md
diff --git a/src/content/pages/knowledgebase/macos/tunnelblick-password-or-authentication-failure.md b/src/content/en/pages/knowledgebase/macos/tunnelblick-password-or-authentication-failure.md
similarity index 100%
rename from src/content/pages/knowledgebase/macos/tunnelblick-password-or-authentication-failure.md
rename to src/content/en/pages/knowledgebase/macos/tunnelblick-password-or-authentication-failure.md
diff --git a/src/content/pages/knowledgebase/macos/tunnelblick-the-internet-does-not-appear-to-be-reachable-error.md b/src/content/en/pages/knowledgebase/macos/tunnelblick-the-internet-does-not-appear-to-be-reachable-error.md
similarity index 100%
rename from src/content/pages/knowledgebase/macos/tunnelblick-the-internet-does-not-appear-to-be-reachable-error.md
rename to src/content/en/pages/knowledgebase/macos/tunnelblick-the-internet-does-not-appear-to-be-reachable-error.md
diff --git a/src/content/pages/knowledgebase/macos/tunnelblick-unable-to-load-nettunnelblicktap-kexts-error.md b/src/content/en/pages/knowledgebase/macos/tunnelblick-unable-to-load-nettunnelblicktap-kexts-error.md
similarity index 100%
rename from src/content/pages/knowledgebase/macos/tunnelblick-unable-to-load-nettunnelblicktap-kexts-error.md
rename to src/content/en/pages/knowledgebase/macos/tunnelblick-unable-to-load-nettunnelblicktap-kexts-error.md
diff --git a/src/content/pages/knowledgebase/macos/tunnelblick-why-is-the-dns-server-incorrect.md b/src/content/en/pages/knowledgebase/macos/tunnelblick-why-is-the-dns-server-incorrect.md
similarity index 100%
rename from src/content/pages/knowledgebase/macos/tunnelblick-why-is-the-dns-server-incorrect.md
rename to src/content/en/pages/knowledgebase/macos/tunnelblick-why-is-the-dns-server-incorrect.md
diff --git a/src/content/pages/knowledgebase/macos/what-macos-version-is-required-for-ivpn-client.md b/src/content/en/pages/knowledgebase/macos/what-macos-version-is-required-for-ivpn-client.md
similarity index 100%
rename from src/content/pages/knowledgebase/macos/what-macos-version-is-required-for-ivpn-client.md
rename to src/content/en/pages/knowledgebase/macos/what-macos-version-is-required-for-ivpn-client.md
diff --git a/src/content/pages/knowledgebase/macos/why-is-ivpn-agent-daemon-always-running.md b/src/content/en/pages/knowledgebase/macos/why-is-ivpn-agent-daemon-always-running.md
similarity index 100%
rename from src/content/pages/knowledgebase/macos/why-is-ivpn-agent-daemon-always-running.md
rename to src/content/en/pages/knowledgebase/macos/why-is-ivpn-agent-daemon-always-running.md
diff --git a/src/content/pages/knowledgebase/mp/_index.md b/src/content/en/pages/knowledgebase/mp/_index.md
similarity index 100%
rename from src/content/pages/knowledgebase/mp/_index.md
rename to src/content/en/pages/knowledgebase/mp/_index.md
diff --git a/src/content/pages/knowledgebase/mp/connecting-to-ivpn-on-amazon-fire-tv.md b/src/content/en/pages/knowledgebase/mp/connecting-to-ivpn-on-amazon-fire-tv.md
similarity index 100%
rename from src/content/pages/knowledgebase/mp/connecting-to-ivpn-on-amazon-fire-tv.md
rename to src/content/en/pages/knowledgebase/mp/connecting-to-ivpn-on-amazon-fire-tv.md
diff --git a/src/content/pages/knowledgebase/mp/how-do-i-connect-my-nvidia-shield-device.md b/src/content/en/pages/knowledgebase/mp/how-do-i-connect-my-nvidia-shield-device.md
similarity index 100%
rename from src/content/pages/knowledgebase/mp/how-do-i-connect-my-nvidia-shield-device.md
rename to src/content/en/pages/knowledgebase/mp/how-do-i-connect-my-nvidia-shield-device.md
diff --git a/src/content/pages/knowledgebase/mp/how-to-use-ivpn-on-kodi-media-player.md b/src/content/en/pages/knowledgebase/mp/how-to-use-ivpn-on-kodi-media-player.md
similarity index 100%
rename from src/content/pages/knowledgebase/mp/how-to-use-ivpn-on-kodi-media-player.md
rename to src/content/en/pages/knowledgebase/mp/how-to-use-ivpn-on-kodi-media-player.md
diff --git a/src/content/pages/knowledgebase/mp/is-ivpn-compatible-with-appletv.md b/src/content/en/pages/knowledgebase/mp/is-ivpn-compatible-with-appletv.md
similarity index 100%
rename from src/content/pages/knowledgebase/mp/is-ivpn-compatible-with-appletv.md
rename to src/content/en/pages/knowledgebase/mp/is-ivpn-compatible-with-appletv.md
diff --git a/src/content/pages/knowledgebase/passwords/_index.md b/src/content/en/pages/knowledgebase/passwords/_index.md
similarity index 100%
rename from src/content/pages/knowledgebase/passwords/_index.md
rename to src/content/en/pages/knowledgebase/passwords/_index.md
diff --git a/src/content/pages/knowledgebase/passwords/how-do-i-change-my-password.md b/src/content/en/pages/knowledgebase/passwords/how-do-i-change-my-password.md
similarity index 100%
rename from src/content/pages/knowledgebase/passwords/how-do-i-change-my-password.md
rename to src/content/en/pages/knowledgebase/passwords/how-do-i-change-my-password.md
diff --git a/src/content/pages/knowledgebase/passwords/i-forgot-my-ivpn-account-id-what-should-i-do.md b/src/content/en/pages/knowledgebase/passwords/i-forgot-my-ivpn-account-id-what-should-i-do.md
similarity index 100%
rename from src/content/pages/knowledgebase/passwords/i-forgot-my-ivpn-account-id-what-should-i-do.md
rename to src/content/en/pages/knowledgebase/passwords/i-forgot-my-ivpn-account-id-what-should-i-do.md
diff --git a/src/content/pages/knowledgebase/passwords/i-forgot-my-password-what-should-i-do.md b/src/content/en/pages/knowledgebase/passwords/i-forgot-my-password-what-should-i-do.md
similarity index 100%
rename from src/content/pages/knowledgebase/passwords/i-forgot-my-password-what-should-i-do.md
rename to src/content/en/pages/knowledgebase/passwords/i-forgot-my-password-what-should-i-do.md
diff --git a/src/content/pages/knowledgebase/privacy/_index.md b/src/content/en/pages/knowledgebase/privacy/_index.md
similarity index 100%
rename from src/content/pages/knowledgebase/privacy/_index.md
rename to src/content/en/pages/knowledgebase/privacy/_index.md
diff --git a/src/content/pages/knowledgebase/privacy/do-you-collect-or-store-any-usageorstats-information-relating-to-an-account.md b/src/content/en/pages/knowledgebase/privacy/do-you-collect-or-store-any-usageorstats-information-relating-to-an-account.md
similarity index 100%
rename from src/content/pages/knowledgebase/privacy/do-you-collect-or-store-any-usageorstats-information-relating-to-an-account.md
rename to src/content/en/pages/knowledgebase/privacy/do-you-collect-or-store-any-usageorstats-information-relating-to-an-account.md
diff --git a/src/content/pages/knowledgebase/privacy/do-you-store-any-logs-that-could-be-used-to-identify-a-customer.md b/src/content/en/pages/knowledgebase/privacy/do-you-store-any-logs-that-could-be-used-to-identify-a-customer.md
similarity index 100%
rename from src/content/pages/knowledgebase/privacy/do-you-store-any-logs-that-could-be-used-to-identify-a-customer.md
rename to src/content/en/pages/knowledgebase/privacy/do-you-store-any-logs-that-could-be-used-to-identify-a-customer.md
diff --git a/src/content/pages/knowledgebase/privacy/does-ivpn-offer-perfect-forward-secrecy-pfs.md b/src/content/en/pages/knowledgebase/privacy/does-ivpn-offer-perfect-forward-secrecy-pfs.md
similarity index 100%
rename from src/content/pages/knowledgebase/privacy/does-ivpn-offer-perfect-forward-secrecy-pfs.md
rename to src/content/en/pages/knowledgebase/privacy/does-ivpn-offer-perfect-forward-secrecy-pfs.md
diff --git a/src/content/pages/knowledgebase/privacy/how-do-i-know-when-iandsharp039m-protected-by-ivpn.md b/src/content/en/pages/knowledgebase/privacy/how-do-i-know-when-iandsharp039m-protected-by-ivpn.md
similarity index 100%
rename from src/content/pages/knowledgebase/privacy/how-do-i-know-when-iandsharp039m-protected-by-ivpn.md
rename to src/content/en/pages/knowledgebase/privacy/how-do-i-know-when-iandsharp039m-protected-by-ivpn.md
diff --git a/src/content/pages/knowledgebase/privacy/how-do-we-react-when-requested-by-an-authority-for-information-relating-to-a-customer.md b/src/content/en/pages/knowledgebase/privacy/how-do-we-react-when-requested-by-an-authority-for-information-relating-to-a-customer.md
similarity index 100%
rename from src/content/pages/knowledgebase/privacy/how-do-we-react-when-requested-by-an-authority-for-information-relating-to-a-customer.md
rename to src/content/en/pages/knowledgebase/privacy/how-do-we-react-when-requested-by-an-authority-for-information-relating-to-a-customer.md
diff --git a/src/content/pages/knowledgebase/privacy/what-happens-if-laws-change-forcing-ivpn-to-compromise-their-customers-privacy.md b/src/content/en/pages/knowledgebase/privacy/what-happens-if-laws-change-forcing-ivpn-to-compromise-their-customers-privacy.md
similarity index 100%
rename from src/content/pages/knowledgebase/privacy/what-happens-if-laws-change-forcing-ivpn-to-compromise-their-customers-privacy.md
rename to src/content/en/pages/knowledgebase/privacy/what-happens-if-laws-change-forcing-ivpn-to-compromise-their-customers-privacy.md
diff --git a/src/content/pages/knowledgebase/privacy/what-happens-if-you-receive-a-legal-notice-such-as-a-dmca-for-copyright-material-that-i-have-downloaded.md b/src/content/en/pages/knowledgebase/privacy/what-happens-if-you-receive-a-legal-notice-such-as-a-dmca-for-copyright-material-that-i-have-downloaded.md
similarity index 100%
rename from src/content/pages/knowledgebase/privacy/what-happens-if-you-receive-a-legal-notice-such-as-a-dmca-for-copyright-material-that-i-have-downloaded.md
rename to src/content/en/pages/knowledgebase/privacy/what-happens-if-you-receive-a-legal-notice-such-as-a-dmca-for-copyright-material-that-i-have-downloaded.md
diff --git a/src/content/pages/knowledgebase/privacy/what-information-do-you-collect-and-store-when-i-signup-for-your-service.md b/src/content/en/pages/knowledgebase/privacy/what-information-do-you-collect-and-store-when-i-signup-for-your-service.md
similarity index 100%
rename from src/content/pages/knowledgebase/privacy/what-information-do-you-collect-and-store-when-i-signup-for-your-service.md
rename to src/content/en/pages/knowledgebase/privacy/what-information-do-you-collect-and-store-when-i-signup-for-your-service.md
diff --git a/src/content/pages/knowledgebase/privacy/what-information-is-collected-and-stored-about-all-visitors-to-your-website.md b/src/content/en/pages/knowledgebase/privacy/what-information-is-collected-and-stored-about-all-visitors-to-your-website.md
similarity index 100%
rename from src/content/pages/knowledgebase/privacy/what-information-is-collected-and-stored-about-all-visitors-to-your-website.md
rename to src/content/en/pages/knowledgebase/privacy/what-information-is-collected-and-stored-about-all-visitors-to-your-website.md
diff --git a/src/content/pages/knowledgebase/privacy/what-information-is-stored-when-i-stop-using-your-service.md b/src/content/en/pages/knowledgebase/privacy/what-information-is-stored-when-i-stop-using-your-service.md
similarity index 100%
rename from src/content/pages/knowledgebase/privacy/what-information-is-stored-when-i-stop-using-your-service.md
rename to src/content/en/pages/knowledgebase/privacy/what-information-is-stored-when-i-stop-using-your-service.md
diff --git a/src/content/pages/knowledgebase/routers/_index.md b/src/content/en/pages/knowledgebase/routers/_index.md
similarity index 100%
rename from src/content/pages/knowledgebase/routers/_index.md
rename to src/content/en/pages/knowledgebase/routers/_index.md
diff --git a/src/content/pages/knowledgebase/routers/dd-wrt-how-do-i-exclude-hosts-or-bypass-vpn-tunnel.md b/src/content/en/pages/knowledgebase/routers/dd-wrt-how-do-i-exclude-hosts-or-bypass-vpn-tunnel.md
similarity index 100%
rename from src/content/pages/knowledgebase/routers/dd-wrt-how-do-i-exclude-hosts-or-bypass-vpn-tunnel.md
rename to src/content/en/pages/knowledgebase/routers/dd-wrt-how-do-i-exclude-hosts-or-bypass-vpn-tunnel.md
diff --git a/src/content/pages/knowledgebase/routers/dd-wrt-tls-errors-incoming-plaintext-read-error-etc.md b/src/content/en/pages/knowledgebase/routers/dd-wrt-tls-errors-incoming-plaintext-read-error-etc.md
similarity index 100%
rename from src/content/pages/knowledgebase/routers/dd-wrt-tls-errors-incoming-plaintext-read-error-etc.md
rename to src/content/en/pages/knowledgebase/routers/dd-wrt-tls-errors-incoming-plaintext-read-error-etc.md
diff --git a/src/content/pages/knowledgebase/routers/how-to-enable-a-andsharp039kill-switchandsharp039-in-my-dd-wrtortomato-router.md b/src/content/en/pages/knowledgebase/routers/how-to-enable-a-andsharp039kill-switchandsharp039-in-my-dd-wrtortomato-router.md
similarity index 100%
rename from src/content/pages/knowledgebase/routers/how-to-enable-a-andsharp039kill-switchandsharp039-in-my-dd-wrtortomato-router.md
rename to src/content/en/pages/knowledgebase/routers/how-to-enable-a-andsharp039kill-switchandsharp039-in-my-dd-wrtortomato-router.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/_index.md b/src/content/en/pages/knowledgebase/troubleshooting/_index.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/_index.md
rename to src/content/en/pages/knowledgebase/troubleshooting/_index.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/error-connecting-to-ivpn-daemon.md b/src/content/en/pages/knowledgebase/troubleshooting/error-connecting-to-ivpn-daemon.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/error-connecting-to-ivpn-daemon.md
rename to src/content/en/pages/knowledgebase/troubleshooting/error-connecting-to-ivpn-daemon.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/how-can-i-reset-my-dns-settings.md b/src/content/en/pages/knowledgebase/troubleshooting/how-can-i-reset-my-dns-settings.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/how-can-i-reset-my-dns-settings.md
rename to src/content/en/pages/knowledgebase/troubleshooting/how-can-i-reset-my-dns-settings.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect.md b/src/content/en/pages/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect.md
rename to src/content/en/pages/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache.md b/src/content/en/pages/knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache.md
rename to src/content/en/pages/knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/how-do-i-connect-to-the-vpn-from-a-remote-server.md b/src/content/en/pages/knowledgebase/troubleshooting/how-do-i-connect-to-the-vpn-from-a-remote-server.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/how-do-i-connect-to-the-vpn-from-a-remote-server.md
rename to src/content/en/pages/knowledgebase/troubleshooting/how-do-i-connect-to-the-vpn-from-a-remote-server.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/how-do-i-use-the-ping-command.md b/src/content/en/pages/knowledgebase/troubleshooting/how-do-i-use-the-ping-command.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/how-do-i-use-the-ping-command.md
rename to src/content/en/pages/knowledgebase/troubleshooting/how-do-i-use-the-ping-command.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/how-do-i-verify-the-location-of-server.md b/src/content/en/pages/knowledgebase/troubleshooting/how-do-i-verify-the-location-of-server.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/how-do-i-verify-the-location-of-server.md
rename to src/content/en/pages/knowledgebase/troubleshooting/how-do-i-verify-the-location-of-server.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/how-to-disable-enhanced-app-authentication-eaa.md b/src/content/en/pages/knowledgebase/troubleshooting/how-to-disable-enhanced-app-authentication-eaa.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/how-to-disable-enhanced-app-authentication-eaa.md
rename to src/content/en/pages/knowledgebase/troubleshooting/how-to-disable-enhanced-app-authentication-eaa.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/how-to-submit-vpn-diagnostic-logs-to-ivpn.md b/src/content/en/pages/knowledgebase/troubleshooting/how-to-submit-vpn-diagnostic-logs-to-ivpn.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/how-to-submit-vpn-diagnostic-logs-to-ivpn.md
rename to src/content/en/pages/knowledgebase/troubleshooting/how-to-submit-vpn-diagnostic-logs-to-ivpn.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/i-cannot-access-devices-on-my-local-network-why.md b/src/content/en/pages/knowledgebase/troubleshooting/i-cannot-access-devices-on-my-local-network-why.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/i-cannot-access-devices-on-my-local-network-why.md
rename to src/content/en/pages/knowledgebase/troubleshooting/i-cannot-access-devices-on-my-local-network-why.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do.md b/src/content/en/pages/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do.md
rename to src/content/en/pages/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/i-cannot-connect-to-the-vpn-what-can-i-do.md b/src/content/en/pages/knowledgebase/troubleshooting/i-cannot-connect-to-the-vpn-what-can-i-do.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/i-cannot-connect-to-the-vpn-what-can-i-do.md
rename to src/content/en/pages/knowledgebase/troubleshooting/i-cannot-connect-to-the-vpn-what-can-i-do.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/i-lose-internet-connection-when-i-disconnect-from-ivpn-why.md b/src/content/en/pages/knowledgebase/troubleshooting/i-lose-internet-connection-when-i-disconnect-from-ivpn-why.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/i-lose-internet-connection-when-i-disconnect-from-ivpn-why.md
rename to src/content/en/pages/knowledgebase/troubleshooting/i-lose-internet-connection-when-i-disconnect-from-ivpn-why.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/i-receive-an-andsharp039authentication-failureandsharp039-message-what-can-i-do.md b/src/content/en/pages/knowledgebase/troubleshooting/i-receive-an-andsharp039authentication-failureandsharp039-message-what-can-i-do.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/i-receive-an-andsharp039authentication-failureandsharp039-message-what-can-i-do.md
rename to src/content/en/pages/knowledgebase/troubleshooting/i-receive-an-andsharp039authentication-failureandsharp039-message-what-can-i-do.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/my-real-location-is-detected-when-connected-to-vpn-how-to-disable-geolocation.md b/src/content/en/pages/knowledgebase/troubleshooting/my-real-location-is-detected-when-connected-to-vpn-how-to-disable-geolocation.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/my-real-location-is-detected-when-connected-to-vpn-how-to-disable-geolocation.md
rename to src/content/en/pages/knowledgebase/troubleshooting/my-real-location-is-detected-when-connected-to-vpn-how-to-disable-geolocation.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/my-vpn-connection-is-randomly-disconnecting-what-can-i-do.md b/src/content/en/pages/knowledgebase/troubleshooting/my-vpn-connection-is-randomly-disconnecting-what-can-i-do.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/my-vpn-connection-is-randomly-disconnecting-what-can-i-do.md
rename to src/content/en/pages/knowledgebase/troubleshooting/my-vpn-connection-is-randomly-disconnecting-what-can-i-do.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/my-vpn-is-connected-but-i-cannot-browse-the-internet-why.md b/src/content/en/pages/knowledgebase/troubleshooting/my-vpn-is-connected-but-i-cannot-browse-the-internet-why.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/my-vpn-is-connected-but-i-cannot-browse-the-internet-why.md
rename to src/content/en/pages/knowledgebase/troubleshooting/my-vpn-is-connected-but-i-cannot-browse-the-internet-why.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/my-vpn-is-slow-what-can-i-do-to-make-it-faster.md b/src/content/en/pages/knowledgebase/troubleshooting/my-vpn-is-slow-what-can-i-do-to-make-it-faster.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/my-vpn-is-slow-what-can-i-do-to-make-it-faster.md
rename to src/content/en/pages/knowledgebase/troubleshooting/my-vpn-is-slow-what-can-i-do-to-make-it-faster.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/replay-window-backtrack-occurred-error.md b/src/content/en/pages/knowledgebase/troubleshooting/replay-window-backtrack-occurred-error.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/replay-window-backtrack-occurred-error.md
rename to src/content/en/pages/knowledgebase/troubleshooting/replay-window-backtrack-occurred-error.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/the-battery-on-my-phone-drains-too-fast-while-using-ivpn-why.md b/src/content/en/pages/knowledgebase/troubleshooting/the-battery-on-my-phone-drains-too-fast-while-using-ivpn-why.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/the-battery-on-my-phone-drains-too-fast-while-using-ivpn-why.md
rename to src/content/en/pages/knowledgebase/troubleshooting/the-battery-on-my-phone-drains-too-fast-while-using-ivpn-why.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/tls-error-unroutable-control-packet-received-how-to-fix.md b/src/content/en/pages/knowledgebase/troubleshooting/tls-error-unroutable-control-packet-received-how-to-fix.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/tls-error-unroutable-control-packet-received-how-to-fix.md
rename to src/content/en/pages/knowledgebase/troubleshooting/tls-error-unroutable-control-packet-received-how-to-fix.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/tls-key-negotiation-failed-to-occur-how-to-fix.md b/src/content/en/pages/knowledgebase/troubleshooting/tls-key-negotiation-failed-to-occur-how-to-fix.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/tls-key-negotiation-failed-to-occur-how-to-fix.md
rename to src/content/en/pages/knowledgebase/troubleshooting/tls-key-negotiation-failed-to-occur-how-to-fix.md
diff --git a/src/content/pages/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers.md b/src/content/en/pages/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers.md
similarity index 100%
rename from src/content/pages/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers.md
rename to src/content/en/pages/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers.md
diff --git a/src/content/pages/knowledgebase/windows/_index.md b/src/content/en/pages/knowledgebase/windows/_index.md
similarity index 100%
rename from src/content/pages/knowledgebase/windows/_index.md
rename to src/content/en/pages/knowledgebase/windows/_index.md
diff --git a/src/content/pages/knowledgebase/windows/windows-10-set-ivpn-dns-servers-manually.md b/src/content/en/pages/knowledgebase/windows/windows-10-set-ivpn-dns-servers-manually.md
similarity index 100%
rename from src/content/pages/knowledgebase/windows/windows-10-set-ivpn-dns-servers-manually.md
rename to src/content/en/pages/knowledgebase/windows/windows-10-set-ivpn-dns-servers-manually.md
diff --git a/src/content/pages/knowledgebase/windows/windows-all-tap-win32-adapters-in-use-error.md b/src/content/en/pages/knowledgebase/windows/windows-all-tap-win32-adapters-in-use-error.md
similarity index 100%
rename from src/content/pages/knowledgebase/windows/windows-all-tap-win32-adapters-in-use-error.md
rename to src/content/en/pages/knowledgebase/windows/windows-all-tap-win32-adapters-in-use-error.md
diff --git a/src/content/pages/knowledgebase/windows/windows-defender-smartscreen-prevents-the-installation-of-ivpn-app-why.md b/src/content/en/pages/knowledgebase/windows/windows-defender-smartscreen-prevents-the-installation-of-ivpn-app-why.md
similarity index 100%
rename from src/content/pages/knowledgebase/windows/windows-defender-smartscreen-prevents-the-installation-of-ivpn-app-why.md
rename to src/content/en/pages/knowledgebase/windows/windows-defender-smartscreen-prevents-the-installation-of-ivpn-app-why.md
diff --git a/src/content/pages/knowledgebase/windows/windows-dns-cannot-be-resolved.md b/src/content/en/pages/knowledgebase/windows/windows-dns-cannot-be-resolved.md
similarity index 100%
rename from src/content/pages/knowledgebase/windows/windows-dns-cannot-be-resolved.md
rename to src/content/en/pages/knowledgebase/windows/windows-dns-cannot-be-resolved.md
diff --git a/src/content/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-save-my-credentials.md b/src/content/en/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-save-my-credentials.md
similarity index 100%
rename from src/content/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-save-my-credentials.md
rename to src/content/en/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-save-my-credentials.md
diff --git a/src/content/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-start-automatically.md b/src/content/en/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-start-automatically.md
similarity index 100%
rename from src/content/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-start-automatically.md
rename to src/content/en/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-start-automatically.md
diff --git a/src/content/pages/knowledgebase/windows/windows-my-ip-address-doesnandsharp039t-change-when-connected-why.md b/src/content/en/pages/knowledgebase/windows/windows-my-ip-address-doesnandsharp039t-change-when-connected-why.md
similarity index 100%
rename from src/content/pages/knowledgebase/windows/windows-my-ip-address-doesnandsharp039t-change-when-connected-why.md
rename to src/content/en/pages/knowledgebase/windows/windows-my-ip-address-doesnandsharp039t-change-when-connected-why.md
diff --git a/src/content/pages/knowledgebase/windows/windows-warning-route-gateway-is-not-reachable.md b/src/content/en/pages/knowledgebase/windows/windows-warning-route-gateway-is-not-reachable.md
similarity index 100%
rename from src/content/pages/knowledgebase/windows/windows-warning-route-gateway-is-not-reachable.md
rename to src/content/en/pages/knowledgebase/windows/windows-warning-route-gateway-is-not-reachable.md
diff --git a/src/content/pages/legal-process-guidelines.md b/src/content/en/pages/legal-process-guidelines.md
similarity index 100%
rename from src/content/pages/legal-process-guidelines.md
rename to src/content/en/pages/legal-process-guidelines.md
diff --git a/src/content/pages/light.md b/src/content/en/pages/light.md
similarity index 100%
rename from src/content/pages/light.md
rename to src/content/en/pages/light.md
diff --git a/src/content/pages/manifesto.md b/src/content/en/pages/manifesto.md
similarity index 100%
rename from src/content/pages/manifesto.md
rename to src/content/en/pages/manifesto.md
diff --git a/src/content/pages/openvpn-configuration.md b/src/content/en/pages/openvpn-configuration.md
similarity index 100%
rename from src/content/pages/openvpn-configuration.md
rename to src/content/en/pages/openvpn-configuration.md
diff --git a/src/content/pages/pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard.md b/src/content/en/pages/pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard.md
similarity index 100%
rename from src/content/pages/pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard.md
rename to src/content/en/pages/pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard.md
diff --git a/src/content/pages/pricing-teams.md b/src/content/en/pages/pricing-teams.md
similarity index 100%
rename from src/content/pages/pricing-teams.md
rename to src/content/en/pages/pricing-teams.md
diff --git a/src/content/pages/pricing.md b/src/content/en/pages/pricing.md
similarity index 100%
rename from src/content/pages/pricing.md
rename to src/content/en/pages/pricing.md
diff --git a/src/content/pages/privacy-guides/18-questions-to-ask-your-vpn-service-provider.md b/src/content/en/pages/privacy-guides/18-questions-to-ask-your-vpn-service-provider.md
similarity index 100%
rename from src/content/pages/privacy-guides/18-questions-to-ask-your-vpn-service-provider.md
rename to src/content/en/pages/privacy-guides/18-questions-to-ask-your-vpn-service-provider.md
diff --git a/src/content/pages/privacy-guides/_index.md b/src/content/en/pages/privacy-guides/_index.md
similarity index 100%
rename from src/content/pages/privacy-guides/_index.md
rename to src/content/en/pages/privacy-guides/_index.md
diff --git a/src/content/pages/privacy-guides/advanced-privacy-and-anonymity-part-1.md b/src/content/en/pages/privacy-guides/advanced-privacy-and-anonymity-part-1.md
similarity index 100%
rename from src/content/pages/privacy-guides/advanced-privacy-and-anonymity-part-1.md
rename to src/content/en/pages/privacy-guides/advanced-privacy-and-anonymity-part-1.md
diff --git a/src/content/pages/privacy-guides/advanced-privacy-and-anonymity-part-2.md b/src/content/en/pages/privacy-guides/advanced-privacy-and-anonymity-part-2.md
similarity index 100%
rename from src/content/pages/privacy-guides/advanced-privacy-and-anonymity-part-2.md
rename to src/content/en/pages/privacy-guides/advanced-privacy-and-anonymity-part-2.md
diff --git a/src/content/pages/privacy-guides/advanced-privacy-and-anonymity-part-3.md b/src/content/en/pages/privacy-guides/advanced-privacy-and-anonymity-part-3.md
similarity index 100%
rename from src/content/pages/privacy-guides/advanced-privacy-and-anonymity-part-3.md
rename to src/content/en/pages/privacy-guides/advanced-privacy-and-anonymity-part-3.md
diff --git a/src/content/pages/privacy-guides/advanced-privacy-and-anonymity-part-4.md b/src/content/en/pages/privacy-guides/advanced-privacy-and-anonymity-part-4.md
similarity index 100%
rename from src/content/pages/privacy-guides/advanced-privacy-and-anonymity-part-4.md
rename to src/content/en/pages/privacy-guides/advanced-privacy-and-anonymity-part-4.md
diff --git a/src/content/pages/privacy-guides/advanced-privacy-and-anonymity-part-5.md b/src/content/en/pages/privacy-guides/advanced-privacy-and-anonymity-part-5.md
similarity index 100%
rename from src/content/pages/privacy-guides/advanced-privacy-and-anonymity-part-5.md
rename to src/content/en/pages/privacy-guides/advanced-privacy-and-anonymity-part-5.md
diff --git a/src/content/pages/privacy-guides/advanced-privacy-and-anonymity-part-6.md b/src/content/en/pages/privacy-guides/advanced-privacy-and-anonymity-part-6.md
similarity index 100%
rename from src/content/pages/privacy-guides/advanced-privacy-and-anonymity-part-6.md
rename to src/content/en/pages/privacy-guides/advanced-privacy-and-anonymity-part-6.md
diff --git a/src/content/pages/privacy-guides/advanced-privacy-and-anonymity-part-7.md b/src/content/en/pages/privacy-guides/advanced-privacy-and-anonymity-part-7.md
similarity index 100%
rename from src/content/pages/privacy-guides/advanced-privacy-and-anonymity-part-7.md
rename to src/content/en/pages/privacy-guides/advanced-privacy-and-anonymity-part-7.md
diff --git a/src/content/pages/privacy-guides/advanced-privacy-and-anonymity-part-8.md b/src/content/en/pages/privacy-guides/advanced-privacy-and-anonymity-part-8.md
similarity index 100%
rename from src/content/pages/privacy-guides/advanced-privacy-and-anonymity-part-8.md
rename to src/content/en/pages/privacy-guides/advanced-privacy-and-anonymity-part-8.md
diff --git a/src/content/pages/privacy-guides/adversaries-and-anonymity-systems-the-basics.md b/src/content/en/pages/privacy-guides/adversaries-and-anonymity-systems-the-basics.md
similarity index 100%
rename from src/content/pages/privacy-guides/adversaries-and-anonymity-systems-the-basics.md
rename to src/content/en/pages/privacy-guides/adversaries-and-anonymity-systems-the-basics.md
diff --git a/src/content/pages/privacy-guides/an-introduction-to-privacy-anonymity.md b/src/content/en/pages/privacy-guides/an-introduction-to-privacy-anonymity.md
similarity index 100%
rename from src/content/pages/privacy-guides/an-introduction-to-privacy-anonymity.md
rename to src/content/en/pages/privacy-guides/an-introduction-to-privacy-anonymity.md
diff --git a/src/content/pages/privacy-guides/an-introduction-to-tor-vs-i2p.md b/src/content/en/pages/privacy-guides/an-introduction-to-tor-vs-i2p.md
similarity index 100%
rename from src/content/pages/privacy-guides/an-introduction-to-tor-vs-i2p.md
rename to src/content/en/pages/privacy-guides/an-introduction-to-tor-vs-i2p.md
diff --git a/src/content/pages/privacy-guides/applying-risk-management-to-privacy.md b/src/content/en/pages/privacy-guides/applying-risk-management-to-privacy.md
similarity index 100%
rename from src/content/pages/privacy-guides/applying-risk-management-to-privacy.md
rename to src/content/en/pages/privacy-guides/applying-risk-management-to-privacy.md
diff --git a/src/content/pages/privacy-guides/comparing-dvpns-centralized-vpns-privacy-protection.md b/src/content/en/pages/privacy-guides/comparing-dvpns-centralized-vpns-privacy-protection.md
similarity index 100%
rename from src/content/pages/privacy-guides/comparing-dvpns-centralized-vpns-privacy-protection.md
rename to src/content/en/pages/privacy-guides/comparing-dvpns-centralized-vpns-privacy-protection.md
diff --git a/src/content/pages/privacy-guides/creating-a-vm-within-a-hidden-truecrypt-partition.md b/src/content/en/pages/privacy-guides/creating-a-vm-within-a-hidden-truecrypt-partition.md
similarity index 100%
rename from src/content/pages/privacy-guides/creating-a-vm-within-a-hidden-truecrypt-partition.md
rename to src/content/en/pages/privacy-guides/creating-a-vm-within-a-hidden-truecrypt-partition.md
diff --git a/src/content/pages/privacy-guides/how-to-perform-a-vpn-leak-test.md b/src/content/en/pages/privacy-guides/how-to-perform-a-vpn-leak-test.md
similarity index 100%
rename from src/content/pages/privacy-guides/how-to-perform-a-vpn-leak-test.md
rename to src/content/en/pages/privacy-guides/how-to-perform-a-vpn-leak-test.md
diff --git a/src/content/pages/privacy-guides/how-to-verify-physical-locations-of-internet-servers.md b/src/content/en/pages/privacy-guides/how-to-verify-physical-locations-of-internet-servers.md
similarity index 100%
rename from src/content/pages/privacy-guides/how-to-verify-physical-locations-of-internet-servers.md
rename to src/content/en/pages/privacy-guides/how-to-verify-physical-locations-of-internet-servers.md
diff --git a/src/content/pages/privacy-guides/isp-netflow-surveillance-and-vpn.md b/src/content/en/pages/privacy-guides/isp-netflow-surveillance-and-vpn.md
similarity index 100%
rename from src/content/pages/privacy-guides/isp-netflow-surveillance-and-vpn.md
rename to src/content/en/pages/privacy-guides/isp-netflow-surveillance-and-vpn.md
diff --git a/src/content/pages/privacy-guides/mac-address.md b/src/content/en/pages/privacy-guides/mac-address.md
similarity index 100%
rename from src/content/pages/privacy-guides/mac-address.md
rename to src/content/en/pages/privacy-guides/mac-address.md
diff --git a/src/content/pages/privacy-guides/onion-ssh-hosts-for-login-chaining.md b/src/content/en/pages/privacy-guides/onion-ssh-hosts-for-login-chaining.md
similarity index 100%
rename from src/content/pages/privacy-guides/onion-ssh-hosts-for-login-chaining.md
rename to src/content/en/pages/privacy-guides/onion-ssh-hosts-for-login-chaining.md
diff --git a/src/content/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-1.md b/src/content/en/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-1.md
similarity index 100%
rename from src/content/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-1.md
rename to src/content/en/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-1.md
diff --git a/src/content/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-2.md b/src/content/en/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-2.md
similarity index 100%
rename from src/content/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-2.md
rename to src/content/en/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-2.md
diff --git a/src/content/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3.md b/src/content/en/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3.md
similarity index 100%
rename from src/content/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3.md
rename to src/content/en/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3.md
diff --git a/src/content/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4.md b/src/content/en/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4.md
similarity index 100%
rename from src/content/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4.md
rename to src/content/en/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4.md
diff --git a/src/content/pages/privacy-guides/raspberry-pi-2-ivpn-gateway.md b/src/content/en/pages/privacy-guides/raspberry-pi-2-ivpn-gateway.md
similarity index 100%
rename from src/content/pages/privacy-guides/raspberry-pi-2-ivpn-gateway.md
rename to src/content/en/pages/privacy-guides/raspberry-pi-2-ivpn-gateway.md
diff --git a/src/content/pages/privacy-guides/vpn-latency-explained.md b/src/content/en/pages/privacy-guides/vpn-latency-explained.md
similarity index 100%
rename from src/content/pages/privacy-guides/vpn-latency-explained.md
rename to src/content/en/pages/privacy-guides/vpn-latency-explained.md
diff --git a/src/content/pages/privacy-guides/vpn-vs-tor.md b/src/content/en/pages/privacy-guides/vpn-vs-tor.md
similarity index 100%
rename from src/content/pages/privacy-guides/vpn-vs-tor.md
rename to src/content/en/pages/privacy-guides/vpn-vs-tor.md
diff --git a/src/content/pages/privacy-guides/what-is-a-vpn.md b/src/content/en/pages/privacy-guides/what-is-a-vpn.md
similarity index 100%
rename from src/content/pages/privacy-guides/what-is-a-vpn.md
rename to src/content/en/pages/privacy-guides/what-is-a-vpn.md
diff --git a/src/content/pages/privacy-guides/why-use-tor-with-a-vpn-service.md b/src/content/en/pages/privacy-guides/why-use-tor-with-a-vpn-service.md
similarity index 100%
rename from src/content/pages/privacy-guides/why-use-tor-with-a-vpn-service.md
rename to src/content/en/pages/privacy-guides/why-use-tor-with-a-vpn-service.md
diff --git a/src/content/pages/privacy-guides/will-a-vpn-protect-me.md b/src/content/en/pages/privacy-guides/will-a-vpn-protect-me.md
similarity index 100%
rename from src/content/pages/privacy-guides/will-a-vpn-protect-me.md
rename to src/content/en/pages/privacy-guides/will-a-vpn-protect-me.md
diff --git a/src/content/pages/privacy-policy.md b/src/content/en/pages/privacy-policy.md
similarity index 100%
rename from src/content/pages/privacy-policy.md
rename to src/content/en/pages/privacy-policy.md
diff --git a/src/content/pages/refunds.md b/src/content/en/pages/refunds.md
similarity index 100%
rename from src/content/pages/refunds.md
rename to src/content/en/pages/refunds.md
diff --git a/src/content/pages/report-vulnerability.md b/src/content/en/pages/report-vulnerability.md
similarity index 100%
rename from src/content/pages/report-vulnerability.md
rename to src/content/en/pages/report-vulnerability.md
diff --git a/src/content/pages/servers.md b/src/content/en/pages/servers.md
similarity index 100%
rename from src/content/pages/servers.md
rename to src/content/en/pages/servers.md
diff --git a/src/content/pages/setup/android-ipsec-with-ikev2.md b/src/content/en/pages/setup/android-ipsec-with-ikev2.md
similarity index 100%
rename from src/content/pages/setup/android-ipsec-with-ikev2.md
rename to src/content/en/pages/setup/android-ipsec-with-ikev2.md
diff --git a/src/content/pages/setup/android-openvpn-for-android.md b/src/content/en/pages/setup/android-openvpn-for-android.md
similarity index 100%
rename from src/content/pages/setup/android-openvpn-for-android.md
rename to src/content/en/pages/setup/android-openvpn-for-android.md
diff --git a/src/content/pages/setup/android-wireguard.md b/src/content/en/pages/setup/android-wireguard.md
similarity index 100%
rename from src/content/pages/setup/android-wireguard.md
rename to src/content/en/pages/setup/android-wireguard.md
diff --git a/src/content/pages/setup/ios-ipsec-ikev2.md b/src/content/en/pages/setup/ios-ipsec-ikev2.md
similarity index 100%
rename from src/content/pages/setup/ios-ipsec-ikev2.md
rename to src/content/en/pages/setup/ios-ipsec-ikev2.md
diff --git a/src/content/pages/setup/ios-openvpn-connect.md b/src/content/en/pages/setup/ios-openvpn-connect.md
similarity index 100%
rename from src/content/pages/setup/ios-openvpn-connect.md
rename to src/content/en/pages/setup/ios-openvpn-connect.md
diff --git a/src/content/pages/setup/ios-wireguard.md b/src/content/en/pages/setup/ios-wireguard.md
similarity index 100%
rename from src/content/pages/setup/ios-wireguard.md
rename to src/content/en/pages/setup/ios-wireguard.md
diff --git a/src/content/pages/setup/linux-ipsec-with-ikev2.md b/src/content/en/pages/setup/linux-ipsec-with-ikev2.md
similarity index 100%
rename from src/content/pages/setup/linux-ipsec-with-ikev2.md
rename to src/content/en/pages/setup/linux-ipsec-with-ikev2.md
diff --git a/src/content/pages/setup/linux-netman.md b/src/content/en/pages/setup/linux-netman.md
similarity index 100%
rename from src/content/pages/setup/linux-netman.md
rename to src/content/en/pages/setup/linux-netman.md
diff --git a/src/content/pages/setup/linux-terminal.md b/src/content/en/pages/setup/linux-terminal.md
similarity index 100%
rename from src/content/pages/setup/linux-terminal.md
rename to src/content/en/pages/setup/linux-terminal.md
diff --git a/src/content/pages/setup/linux-wireguard-netman.md b/src/content/en/pages/setup/linux-wireguard-netman.md
similarity index 100%
rename from src/content/pages/setup/linux-wireguard-netman.md
rename to src/content/en/pages/setup/linux-wireguard-netman.md
diff --git a/src/content/pages/setup/linux-wireguard.md b/src/content/en/pages/setup/linux-wireguard.md
similarity index 100%
rename from src/content/pages/setup/linux-wireguard.md
rename to src/content/en/pages/setup/linux-wireguard.md
diff --git a/src/content/pages/setup/macos-ipsec-with-ikev2.md b/src/content/en/pages/setup/macos-ipsec-with-ikev2.md
similarity index 100%
rename from src/content/pages/setup/macos-ipsec-with-ikev2.md
rename to src/content/en/pages/setup/macos-ipsec-with-ikev2.md
diff --git a/src/content/pages/setup/macos-openvpn-tunnelblick.md b/src/content/en/pages/setup/macos-openvpn-tunnelblick.md
similarity index 100%
rename from src/content/pages/setup/macos-openvpn-tunnelblick.md
rename to src/content/en/pages/setup/macos-openvpn-tunnelblick.md
diff --git a/src/content/pages/setup/macos-wireguard.md b/src/content/en/pages/setup/macos-wireguard.md
similarity index 100%
rename from src/content/pages/setup/macos-wireguard.md
rename to src/content/en/pages/setup/macos-wireguard.md
diff --git a/src/content/pages/setup/nas/_index.md b/src/content/en/pages/setup/nas/_index.md
similarity index 100%
rename from src/content/pages/setup/nas/_index.md
rename to src/content/en/pages/setup/nas/_index.md
diff --git a/src/content/pages/setup/nas/qnap.md b/src/content/en/pages/setup/nas/qnap.md
similarity index 100%
rename from src/content/pages/setup/nas/qnap.md
rename to src/content/en/pages/setup/nas/qnap.md
diff --git a/src/content/pages/setup/nas/synology-6.md b/src/content/en/pages/setup/nas/synology-6.md
similarity index 100%
rename from src/content/pages/setup/nas/synology-6.md
rename to src/content/en/pages/setup/nas/synology-6.md
diff --git a/src/content/pages/setup/router/_index.md b/src/content/en/pages/setup/router/_index.md
similarity index 100%
rename from src/content/pages/setup/router/_index.md
rename to src/content/en/pages/setup/router/_index.md
diff --git a/src/content/pages/setup/router/asuswrt-merlin-openvpn.md b/src/content/en/pages/setup/router/asuswrt-merlin-openvpn.md
similarity index 100%
rename from src/content/pages/setup/router/asuswrt-merlin-openvpn.md
rename to src/content/en/pages/setup/router/asuswrt-merlin-openvpn.md
diff --git a/src/content/pages/setup/router/asuswrt-merlin-wireguard.md b/src/content/en/pages/setup/router/asuswrt-merlin-wireguard.md
similarity index 100%
rename from src/content/pages/setup/router/asuswrt-merlin-wireguard.md
rename to src/content/en/pages/setup/router/asuswrt-merlin-wireguard.md
diff --git a/src/content/pages/setup/router/asuswrt-openvpn.md b/src/content/en/pages/setup/router/asuswrt-openvpn.md
similarity index 100%
rename from src/content/pages/setup/router/asuswrt-openvpn.md
rename to src/content/en/pages/setup/router/asuswrt-openvpn.md
diff --git a/src/content/pages/setup/router/asuswrt-wireguard.md b/src/content/en/pages/setup/router/asuswrt-wireguard.md
similarity index 100%
rename from src/content/pages/setup/router/asuswrt-wireguard.md
rename to src/content/en/pages/setup/router/asuswrt-wireguard.md
diff --git a/src/content/pages/setup/router/ddwrt-auto.md b/src/content/en/pages/setup/router/ddwrt-auto.md
similarity index 100%
rename from src/content/pages/setup/router/ddwrt-auto.md
rename to src/content/en/pages/setup/router/ddwrt-auto.md
diff --git a/src/content/pages/setup/router/ddwrt-manual.md b/src/content/en/pages/setup/router/ddwrt-manual.md
similarity index 100%
rename from src/content/pages/setup/router/ddwrt-manual.md
rename to src/content/en/pages/setup/router/ddwrt-manual.md
diff --git a/src/content/pages/setup/router/ddwrt-wireguard.md b/src/content/en/pages/setup/router/ddwrt-wireguard.md
similarity index 100%
rename from src/content/pages/setup/router/ddwrt-wireguard.md
rename to src/content/en/pages/setup/router/ddwrt-wireguard.md
diff --git a/src/content/pages/setup/router/ddwrt.md b/src/content/en/pages/setup/router/ddwrt.md
similarity index 100%
rename from src/content/pages/setup/router/ddwrt.md
rename to src/content/en/pages/setup/router/ddwrt.md
diff --git a/src/content/pages/setup/router/openwrt-wireguard-legacy.md b/src/content/en/pages/setup/router/openwrt-wireguard-legacy.md
similarity index 100%
rename from src/content/pages/setup/router/openwrt-wireguard-legacy.md
rename to src/content/en/pages/setup/router/openwrt-wireguard-legacy.md
diff --git a/src/content/pages/setup/router/openwrt-wireguard.md b/src/content/en/pages/setup/router/openwrt-wireguard.md
similarity index 100%
rename from src/content/pages/setup/router/openwrt-wireguard.md
rename to src/content/en/pages/setup/router/openwrt-wireguard.md
diff --git a/src/content/pages/setup/router/openwrt.md b/src/content/en/pages/setup/router/openwrt.md
similarity index 100%
rename from src/content/pages/setup/router/openwrt.md
rename to src/content/en/pages/setup/router/openwrt.md
diff --git a/src/content/pages/setup/router/opnsense-openvpn-instances.md b/src/content/en/pages/setup/router/opnsense-openvpn-instances.md
similarity index 100%
rename from src/content/pages/setup/router/opnsense-openvpn-instances.md
rename to src/content/en/pages/setup/router/opnsense-openvpn-instances.md
diff --git a/src/content/pages/setup/router/opnsense-wireguard.md b/src/content/en/pages/setup/router/opnsense-wireguard.md
similarity index 100%
rename from src/content/pages/setup/router/opnsense-wireguard.md
rename to src/content/en/pages/setup/router/opnsense-wireguard.md
diff --git a/src/content/pages/setup/router/opnsense.md b/src/content/en/pages/setup/router/opnsense.md
similarity index 100%
rename from src/content/pages/setup/router/opnsense.md
rename to src/content/en/pages/setup/router/opnsense.md
diff --git a/src/content/pages/setup/router/pfsense-wireguard.md b/src/content/en/pages/setup/router/pfsense-wireguard.md
similarity index 100%
rename from src/content/pages/setup/router/pfsense-wireguard.md
rename to src/content/en/pages/setup/router/pfsense-wireguard.md
diff --git a/src/content/pages/setup/router/pfsense.md b/src/content/en/pages/setup/router/pfsense.md
similarity index 100%
rename from src/content/pages/setup/router/pfsense.md
rename to src/content/en/pages/setup/router/pfsense.md
diff --git a/src/content/pages/setup/router/tomato-manual.md b/src/content/en/pages/setup/router/tomato-manual.md
similarity index 100%
rename from src/content/pages/setup/router/tomato-manual.md
rename to src/content/en/pages/setup/router/tomato-manual.md
diff --git a/src/content/pages/setup/windows-10-ipsec-with-ikev2.md b/src/content/en/pages/setup/windows-10-ipsec-with-ikev2.md
similarity index 100%
rename from src/content/pages/setup/windows-10-ipsec-with-ikev2.md
rename to src/content/en/pages/setup/windows-10-ipsec-with-ikev2.md
diff --git a/src/content/pages/setup/windows-10-openvpn-community.md b/src/content/en/pages/setup/windows-10-openvpn-community.md
similarity index 100%
rename from src/content/pages/setup/windows-10-openvpn-community.md
rename to src/content/en/pages/setup/windows-10-openvpn-community.md
diff --git a/src/content/pages/setup/windows-10-wireguard.md b/src/content/en/pages/setup/windows-10-wireguard.md
similarity index 100%
rename from src/content/pages/setup/windows-10-wireguard.md
rename to src/content/en/pages/setup/windows-10-wireguard.md
diff --git a/src/content/pages/setup/windows-8-openvpn-community.md b/src/content/en/pages/setup/windows-8-openvpn-community.md
similarity index 100%
rename from src/content/pages/setup/windows-8-openvpn-community.md
rename to src/content/en/pages/setup/windows-8-openvpn-community.md
diff --git a/src/content/pages/supported-projects.md b/src/content/en/pages/supported-projects.md
similarity index 100%
rename from src/content/pages/supported-projects.md
rename to src/content/en/pages/supported-projects.md
diff --git a/src/content/pages/supportua-ru.md b/src/content/en/pages/supportua-ru.md
similarity index 100%
rename from src/content/pages/supportua-ru.md
rename to src/content/en/pages/supportua-ru.md
diff --git a/src/content/pages/supportua.md b/src/content/en/pages/supportua.md
similarity index 100%
rename from src/content/pages/supportua.md
rename to src/content/en/pages/supportua.md
diff --git a/src/content/pages/team.md b/src/content/en/pages/team.md
similarity index 100%
rename from src/content/pages/team.md
rename to src/content/en/pages/team.md
diff --git a/src/content/pages/terms-of-service.md b/src/content/en/pages/terms-of-service.md
similarity index 100%
rename from src/content/pages/terms-of-service.md
rename to src/content/en/pages/terms-of-service.md
diff --git a/src/content/pages/thank-you-light.md b/src/content/en/pages/thank-you-light.md
similarity index 100%
rename from src/content/pages/thank-you-light.md
rename to src/content/en/pages/thank-you-light.md
diff --git a/src/content/pages/transparency-report.md b/src/content/en/pages/transparency-report.md
similarity index 100%
rename from src/content/pages/transparency-report.md
rename to src/content/en/pages/transparency-report.md
diff --git a/src/content/pages/trust.md b/src/content/en/pages/trust.md
similarity index 100%
rename from src/content/pages/trust.md
rename to src/content/en/pages/trust.md
diff --git a/src/content/pages/what-is-vpn.md b/src/content/en/pages/what-is-vpn.md
similarity index 100%
rename from src/content/pages/what-is-vpn.md
rename to src/content/en/pages/what-is-vpn.md
diff --git a/src/content/pages/wireguard-vpn.md b/src/content/en/pages/wireguard-vpn.md
similarity index 100%
rename from src/content/pages/wireguard-vpn.md
rename to src/content/en/pages/wireguard-vpn.md
diff --git a/src/content/es/authors/alexandr-stelnykovych/_index.md b/src/content/es/authors/alexandr-stelnykovych/_index.md
new file mode 100644
index 000000000..749ff32ed
--- /dev/null
+++ b/src/content/es/authors/alexandr-stelnykovych/_index.md
@@ -0,0 +1,3 @@
+---
+title: Alexandr Stelnykovych
+---
diff --git a/src/content/es/authors/iain-douglas/_index.md b/src/content/es/authors/iain-douglas/_index.md
new file mode 100644
index 000000000..d757a91db
--- /dev/null
+++ b/src/content/es/authors/iain-douglas/_index.md
@@ -0,0 +1,3 @@
+---
+title: "Iain Douglas"
+---
diff --git a/src/content/es/authors/juraj-hilje/_index.md b/src/content/es/authors/juraj-hilje/_index.md
new file mode 100644
index 000000000..35700f394
--- /dev/null
+++ b/src/content/es/authors/juraj-hilje/_index.md
@@ -0,0 +1,3 @@
+---
+title: "Juraj Hilje"
+---
diff --git a/src/content/es/authors/mirimir/_index.md b/src/content/es/authors/mirimir/_index.md
new file mode 100644
index 000000000..2f5b4993f
--- /dev/null
+++ b/src/content/es/authors/mirimir/_index.md
@@ -0,0 +1,3 @@
+---
+title: "mirimir"
+---
diff --git a/src/content/es/authors/nick-pestell/_index.md b/src/content/es/authors/nick-pestell/_index.md
new file mode 100644
index 000000000..716a55b33
--- /dev/null
+++ b/src/content/es/authors/nick-pestell/_index.md
@@ -0,0 +1,3 @@
+---
+title: Nick Pestell
+---
diff --git a/src/content/es/authors/viktor-vecsei/_index.md b/src/content/es/authors/viktor-vecsei/_index.md
new file mode 100644
index 000000000..37af0390e
--- /dev/null
+++ b/src/content/es/authors/viktor-vecsei/_index.md
@@ -0,0 +1,3 @@
+---
+title: Viktor Vecsei
+---
diff --git a/src/content/es/blog/2010-08-08-the-importance-of-privacy.md b/src/content/es/blog/2010-08-08-the-importance-of-privacy.md
new file mode 100644
index 000000000..3d562079f
--- /dev/null
+++ b/src/content/es/blog/2010-08-08-the-importance-of-privacy.md
@@ -0,0 +1,45 @@
+---
+title: The Importance of Privacy
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2010-08-08T11:03:05+00:00
+url: /blog/the-importance-of-privacy/
+
+---
+A man sits down to dinner. He proceeds to discuss his work and his opinion of his colleagues. He moves on to reveal personal secrets he has gleaned from intimate conversations with these same coworkers. His wife is intrigued and urges him to continue. He delves further and, at great length, shifts his monologue to his opinions of the personal lives of his friends and neighbors before candidly unveiling an embarrassing indiscretion involving a female friend that he himself recently committed. The wife is aghast, he reassures her and the conversation is abruptly halted when, at last, he informs her of the unfortunate news that he received on his most recent visit from his doctor. They hold hands and whisper words of affection. Tears are shed.
+
+They are at home, alone and no one is privy to his words.
+
+Were this discussion to take place in a popular (or even unpopular) restaurant, not only would unknown and uninvited ears catch all that was said but in this day and age, cameras (both surveillance and personal)), telephones, recorders and various electronic devices of unknown ownership would likely be within earshot and could easily capture all that was shared in this dialogue between two loved ones, a dialogue that almost certainly was not intended to be shared by anyone other than the woman sitting across the table from him and only reluctantly with her.
+
+Were this conversation to take place on the train it would be the source of discomfort, shock, jaw-dropping disbelief and text messaging.   
+Were it to be aired in a shopping mall it would surely mutate into a nightmare of public gossip and innuendo.   
+Were it to be held at the workplace it would certainly be perilous and likely lead to the loss of livelihood as well as extinguish any hope of a career.
+
+This is the nature of intimacy and the often overlooked principal of privacy.
+
+It is, as well, a few simple but unfortunately realistic scenarios of the slow but steady erosion of our personal privacy in this high-speed, instant messaging, universally connected, digital age. As the prevalence of electronic security expands ever deeper into every aspect of our waking lives the very nature of a "private life" comes into question.
+
+When can we expect privacy?   
+When should we expect privacy?   
+When must we expect privacy?
+
+These are the questions which universally challenge us as the ever surging wave of cyber-communication/information/transmission gains ground just as we furiously struggle to keep our heads above the electronic water. As a society we have clearly ceded the "Public" forum and Private/State surveillance is simply a matter of fact, whether being watched by hired Store security or by sworn Police authority, there are clearly very few places where one can walk among our fellow men and still maintain a "reasonable expectation of privacy" or even the basic freedom of an unobserved life.
+
+But if you're not guilty, why would it bother you to be watched?
+
+This is the regressive question asked by many, who perhaps don't think too deeply, clearly or often, as they walk through the world on eggshells of ignorance, blissfully unaware of the pervasive dangers that lurk around every corner of our lives even for those extremely rare and naively trusting innocents.
+
+Regardless of the fact that this naïve approach to an inherently perilous world is, at best, specious reasoning this line of thinking (or not thinking if you will) leads to the inevitable destruction of the Basic Rights and Human privileges that make us free and independent individuals.
+
+Why should we fight for our privacy?
+
+Because it is ours.
+
+Because with every breath we take we deserve the Right to share or retain our carefree thoughts, our odd observations, our candid opinions, our solemn beliefs and our intimate affections. Not only do we deserve this Right but we must reserve this Right in order to maintain a successful, cooperative, progressive, free society unhindered by the pressures of the State or by the lockstep mentality to conform to a way of life that may not be of one's own choice or inclination. Any quick study of human history can certainly inform the unconcerned, the misinformed or those willfully oblivious as to the pain and degradations that can and often do occur when Human Beings willingly or unwillingly surrender or are stripped of this Right. Illegal Search and Seizure, False imprisonment, Trial without Jury, Slavery- all of these brutal examples of inhumanity can certainly trace their origins to the basic loss of privacy, and thus, freedom as one action, or loss thereof, clearly goes hand-in-hand with the other. This basic practice of our autonomy is at the core of our humanity and it is a Right which men from every society have fought and died for since Eve shared the Apple with Adam and it certainly is absolutely one which we must continue to respect and aggressively preserve with every fiber of our strength and through every moment of our existence, ever vigilant to those who might attempt to chip away at the foundations of our freedoms and the structure of our societies. Consequently it is our duty to uphold the principles of privacy and vigorously maintain our right to a "Private Life" even as we fall back in this battle further and further as we, perhaps heedlessly, give ground to the digital forces of comfort and accessibility.
+
+Our "private life" is our real life.
+
+The one that we share with those we love and sometimes lose, those we live with and occasionally live without, those we build families with as we wait for our nests to empty, those we share community with as we hammer together our great fences and those few and blessed individuals that we choose to let into our lives in the sincere and hopeful belief that our fortuitous unions may create something greater than our inevitable solitude, something that will live on for future generations so that they may have the opportunity to build a more fulfilling life as they carefully choose from their multitude of paths and gratefully navigate through their wonderful worlds.
\ No newline at end of file
diff --git a/src/content/es/blog/2010-09-22-the-right-to-privacy.md b/src/content/es/blog/2010-09-22-the-right-to-privacy.md
new file mode 100644
index 000000000..3dc671672
--- /dev/null
+++ b/src/content/es/blog/2010-09-22-the-right-to-privacy.md
@@ -0,0 +1,72 @@
+---
+title: The Right to Privacy
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2010-09-22T13:37:33+00:00
+url: /blog/the-right-to-privacy/
+
+---
+One of the most abused and least exercised of human rights is the right to privacy.
+
+This fundamental freedom is slowly being etched away by the constant encroachment from government and corporate entities, countless databases with personal information and questionable security, as well as our own unwillingness to take a stand against this abuse.
+
+This article presents a brief explanation to freedom lovers of the philosophical concept of privacy, our rights as human beings, and what we can do to exercise them.
+
+## What is Privacy?
+
+Privacy as a philosophical concept is broad and complex. It covers everything from the difference between public and private life, to autonomous self regulation.
+
+Privacy as defined by the Random House Dictionary is defined as: "the state of being free from the intrusion or disturbance in ones private life or affairs."
+
+Although considered synonymous with secrecy, privacy usually relates to living outside of public life or political work where the details of one's day to day life can be observed by everyone.
+
+While the term privacy means different things to different people, the concept of privacy is usually a personal concern, one that cannot be determined for one individual by another.
+
+This concept of privacy extends to individuals and groups alike, and usually includes other sub-concepts such as personal security or the protection and appropriate use of information.
+
+Although various cultures throughout history have demonstrated methods to protect privacy through concealment, seclusion, and restriction of information or property, the right to privacy as understood by Western civilization sets our culture and society apart from the rest of the world.
+
+## Legal Recognition of the Right to Privacy
+
+The right to privacy is recognized in many countries as a fundamental human right, particularly in the West. In fact, the importance of privacy to European nations as well as those in North America is one of the primary distinguishing characteristics of Western social norms.
+
+Therefore, many of these western governments have recognized the importance of protecting privacy rights from intrusion by government and other entities, as well as drawing the line between where one individual's privacy rights begin, and another one's ends. This recognition can be seen in the various laws, regulations, and treaties drafted and signed by members of these societies.
+
+For instance, in the United States, freedom from government intrusion is the basis for many of the rights, also known as the "bill of Rights" which make up the first ten amendments to the Constitution.
+
+The fourth amendment, relating to an individual's right to privacy states:
+
+"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."
+
+The United Nations also recognized the right to privacy in 1948 when the General Assembly signed an agreement known as the Universal Declaration of Human Rights. This document recognized all rights and freedoms that are considered unalienable as a member of the human race.
+
+Article 12 of the declaration relates to the right to privacy, which states:   
+"No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honor and reputation. Everyone has the right to the protection of the law against such interference or attacks."   
+The UN also recognizes this right in Article 17 of the Covenant on Civil and Political Rights
+
+  1. No one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence, or to unlawful attacks on his honor and reputation.
+  2. Everyone has the right to the protection of the law against such interference or attacks.
+
+## Areas of Privacy
+
+Privacy is usually broken down into two subgroups: information privacy and physical security.
+
+Information privacy is the right to control access to sensitive or personal information that may be trademarked, confidential, or embarrassing to the owner of such information. This information in the wrong hands may allow for criminal or terrorist activities such as financial fraud, blackmail, or physical assault.
+
+Physical security falls under privacy from the right to lock and secure personal possession such as your car, home, or office without fear of intrusion from government or criminal entities attempting to steal your property.
+
+However, the line between information privacy and physical security is blurry, and may be considered by most to be one and the same. This again shows how large and complex the concept of privacy rights can be when including self regulation of personal security as well as concern with how information is stored, transferred, and used by an organization or individual.
+
+More specific privacy rights can include:
+
+  * Medical privacy which is overseen by organizations such as HIPAA in the United States protects patients' medical insurance information. Patient/doctor confidentiality is often considered one of the basic forms of medical privacy.
+
+  * Financial privacy allows a person to conceal confidential financial information such as bank account numbers, account balances, and passwords to prevent possible financial fraud or identity theft. Financial privacy can also include information concerning personal income, debts, and credit ratings, although depending on your country's laws, much of this is may be available to government for tax purposes.
+
+  * Personal privacy, which can also include physical security, could be as simple as closing the blinds in your house, and allowing one to pursue their own interests and business without the prying eyes of the public, or government. Physical privacy may be a matter of cultural sensitivity, personal dignity, or shyness. There may also be concerns about safety, or becoming a victim of a crime such as robbery or stalking.
+
+## Securing Your Privacy Rights
+
+The best way to secure one's rights is to take advantage of them at all times. If you have an opportunity to be private about a transaction then do so. Supporting human rights organizations that focus on the right to privacy is another way to voice your concerns for the encroachment of government, corporate organizations, and criminal entities on your right to self regulation, physical security, and protection of information vital to being a free and independent member of the human race.
\ No newline at end of file
diff --git a/src/content/es/blog/2011-04-13-new-zealand-about-to-push-through-controversial-three-strikes-law.md b/src/content/es/blog/2011-04-13-new-zealand-about-to-push-through-controversial-three-strikes-law.md
new file mode 100644
index 000000000..d3ad5dbe6
--- /dev/null
+++ b/src/content/es/blog/2011-04-13-new-zealand-about-to-push-through-controversial-three-strikes-law.md
@@ -0,0 +1,19 @@
+---
+title: New Zealand Pushes Controversial 3 Strikes Law
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2011-04-13T14:08:16+00:00
+url: /blog/new-zealand-about-to-push-through-controversial-three-strikes-law/
+
+---
+According to news released today by [torrentfreak.com][1], New Zealand looks set to pass the controversial Copyright (Infringing File Sharing) Amendment Bill for its second reading in just a few hours. The Bill originally passed its first reading in April 2010. Most surprisingly, a green party MP, Gareth Hughes was unaware of the bill even being raised today. This legilation is being rushed through in a similar fashion to the UK digital econmy act and has many people in protest on various social networks.
+
+According to the 3 strikes rule, when copyright holders first detect online copyright infringement, they must send a warning notice to the responsible ISP. This notice must then be forwarded on to the subscriber responsible for the infringement. If infringement continues, the copyright holders may then forward a 'cease and desist' notice to the ISP. All the while, the copyright holders do not know the identity of the infringer. The subscriber is given an opportunity to contest, and the ISP is given the authority to make judgment on whether they have merit.
+
+If infringement then continues after the 'cease and desist', the copyright holders can then request personal identifying information for the subscriber in question from the new Copyright Tribunal. (taking the place of filing an infringement lawsuit and requesting a subpoena from court.) The copyright holder at the stage can contact alleged infringers directly, informing them that an allegation of 'repeat copyright infringement' has been filed with the Copyright Tribunal. The accused subscriber can then request mediation if he/she wishes, otherwise the Tribunal will rule and can disconnect the user from the Internet or enforce a fine up to a maximum of $15,000 (NZD).
+
+<a href="http://www.legislation.govt.nz/bill/government/2010/0119/latest/DLM2764327.html" target="_blank" rel="noopener noreferrer">Click here</a> for the relevant part of the bill about to be passed.
+
+ [1]: http://torrentfreak.com/new-zealand-government-rushes-through-controversial-anti-piracy-law-110413/ "Torrentfreak.com"
\ No newline at end of file
diff --git a/src/content/es/blog/2011-06-27-fbi-gives-agents-ok-to-invade-privacy.md b/src/content/es/blog/2011-06-27-fbi-gives-agents-ok-to-invade-privacy.md
new file mode 100644
index 000000000..5d595795c
--- /dev/null
+++ b/src/content/es/blog/2011-06-27-fbi-gives-agents-ok-to-invade-privacy.md
@@ -0,0 +1,23 @@
+---
+title: FBI Gives Agents OK To Invade Privacy
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2011-06-27T07:32:12+00:00
+url: /blog/fbi-gives-agents-ok-to-invade-privacy/
+
+---
+The Federal Bureau of Investigation has recently approved the use of broader powers by approximately 14,000 agents involved in observing criminal and terrorist activities. These increased powers allow them greater freedom to search databases, rummage through household garbage and even deploy surveillance teams to spy on the daily lives of those who are unfortunate enough to have attracted Big Brother's attention.
+
+The new rules granting FBI agents greater leeway in their investigations are to be outlined in the newest edition of their operation manual, namely the "Domestic Investigations and Operations Guide." This guide, purportedly designed to outline the measures agents may take when investigating private citizens, is available for download at the [following website][1].
+
+This redacted copy was made available to the public after the FBI was threatened by a Freedom of Information lawsuit. According to the current rules, FBI agents must initiate a formal inquiry before they may search commercial or law enforcement databases for details on an individual. This formal inquiry, known as an "assessment," would be eliminated under the new rules, allowing agents to proactively inquire about anyone without the need to make a record about their decisions.
+
+The new rules also give agents greater leeway in conducting lie-detector tests and trash searching. The current rules require agents to open a "preliminary investigation" prior to engaging in these activities. Unlike an assessment, a preliminary investigation requires factual basis of any wrongdoing a suspect is believed to have committed. This will change under the new rules, allowing agents to also use lie-detector tests and trash searching in order to evaluate and identify individuals as potential informants. Current rules restrict the use of surveillance squads trained to follow targets to just one use per assessment. The new rules will relax this requirement, allowing them to be used repeatedly.
+
+Privacy advocates like the American Civil Liberties Union (ACLU) are completely against easing restrictions on what agents are allowed to do during their investigations, claiming that the potential for abuse would only worsen. Reducing the requirements to conduct low-level investigations like assessments would allow agents to spy on any private citizen for virtually any reason whatsoever, regardless if they have firm reason to believe that citizen has committed any crimes.
+
+It is a clear sign that privacy rights are diminishing when every man, woman and child is a potential target for an investigation. What does that say about America when the very lives of private citizens are open to complete scrutiny by the authorities who have no writ, no warrant, and not even probable cause to begin investigating? Citizens truly disgusted by these draconian measures should take back their personal privacy by exercising a bit of due diligence in their daily lives. It is highly advisable to use cash when making purchases, refusing to give out personal details that can be added to a merchant's customer database. These databases collect purchase history that can be used to track and analyze customer spending habits. If credit cards are necessary, use a pre-paid one sparingly. Shred all sensitive documents prior to disposal, making sure to use a "cross cut" shredder instead of a straight cut model. It may be inconvenient, but disposing of sensitive items a t a municipal disposal site may offer more security than leaving one's trash on the curbside. When it comes to maintaining electronic privacy, sign up for a Virtual Private Networking service. A VPN service acts a secure tunnel between a user's computer and the Internet. Data transmitted to and from the VPN service is encrypted, thus preventing hackers, criminals and other prying eyes from spying on your data without your consent. While the FBI may be making it easier for their agents to spy on private citizens, it doesn't mean citizens have to follow suit.
+
+ [1]: http://www.nytimes.com/2011/06/13/us/13fbi.html?_r=0
\ No newline at end of file
diff --git a/src/content/es/blog/2012-01-26-could-you-be-prosecuted-under-a-foreign-countrys-online-content-laws.md b/src/content/es/blog/2012-01-26-could-you-be-prosecuted-under-a-foreign-countrys-online-content-laws.md
new file mode 100644
index 000000000..ef78f81d3
--- /dev/null
+++ b/src/content/es/blog/2012-01-26-could-you-be-prosecuted-under-a-foreign-countrys-online-content-laws.md
@@ -0,0 +1,50 @@
+---
+title: Could You Be Prosecuted Under a Foreign Country's Online Content Laws?
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-01-26T19:03:56+00:00
+url: /blog/could-you-be-prosecuted-under-a-foreign-countrys-online-content-laws/
+comments:
+  - author: Armadeo K.
+    date: 2012-01-29T23:08:05+01:00
+    content: |
+      Great article which poses a lot of thought provoking questions. Will we be subject to foreign laws across all spheres in our own cities/countries? I really hope Richard wins the case, his story is an example of how foreign laws regarding copyrighted content have victimised him when the law in his own country should soley be dealing with it. The whole course of his life will change because of this !
+  - author: Micheal Rogers
+    date: 2012-01-30T10:33:03+01:00
+    content: |
+      Law enforcement agencies should be putting their efforts elsewhere; to good causes in this world, trying to make this world a better place, fighting violent crimes rather than trying to save multi-billion entertainment companies from going under!
+  - author: G Duncan
+    date: 2017-04-24T09:00:53+02:00
+    content: |
+      Perhaps.. this is the reason why responsible usage of online resources is important. If you are using vpn to browse block sites, make sure that those blocked sites are not illegal sites and for your added security, use vpn like Astrill to keep your identity thoroughly secure.
+
+---
+It's fast becoming clear that using an anonymous IP address is going to be vital if you want to protect yourself, not only from being wrongly prosecuted by your own country's vague laws concerning online content, but also the laws from other countries.
+
+You may already know that the law is full of grey areas when it comes to accessing online content. Different countries have various laws concerning file sharing, what content is deemed illegal to possess, and what actually counts as 'possession' of content.
+
+## Tiger, tiger&#8230;
+
+This can be problematic when it comes to assessing what you can and can't view online. For instance, last year a law was passed in the UK concerning 'extreme pornographic content'. However the law was very fuzzy when it came to defining what "extreme pornography" actually is. This has since led to some bizarre prosecutions. One of the most famous is the [case of Andrew Holland][1], who downloaded a video clip of a women apparently having sex with an animated tiger. After the police discovered the clip on his PC, Holland was promptly arrested, prevented from contacting his daughter, and put on trial.
+
+However, half-way through the trial the police turned up the volume on the 'illegal' clip and discovered that the talking tiger was making jokes about Frosties - a popular breakfast cereal that features a tiger mascot. The clip was therefore deemed unrealistic and satirical, rather than pornographic, and Holland – who always claimed the clip was sent to him as a joke – had the charge against him dropped.
+
+Given the UK's vague laws surrounding how IP addresses can be monitored by law enforcement officials, Holland's case should set alarm bells ringing. The only thing that stands between 'extreme pornography' and legitimate satire, seems to be the perspective of a few police officers. But this issue is complicated even further when you consider the news that's recently dominated headlines concerning the file-sharing sites Mega Upload and TV Shack.
+
+## Import law
+
+The owners of both Mega Upload and TV Shack are being tried for extradition to the United States for allegedly facilitating copyright theft. The debate over file sharing is an emotive one, and both pro-file sharing and anti-file sharing camps make valid arguments, but the real issue is how US law is being used to prosecute individuals who are technically outside of its jurisdiction.
+
+Take TV Shack's owner, Richard O'Dwyer. Many UK law experts believe that O'Dwyer, who was 19 when he set up TV Shack, did not break any UK laws by linking to other sites that hosted copyrighted content. Because O'Dwyer would likely be found innocent in a UK court, copyright owners want him [extradited to the US][2], where a conviction and long jail sentence would be likely. It looks like the copyright owners are now getting their way. Last week O'Dwyer lost an appeal in UK courts to prevent his extradition.
+
+## It's only going to get worse&#8230;
+
+This brings us to the much maligned pieces of legislation, SOPA and PIPA. One of focuses of the Stop Online Piracy Act was to make it even easier for the US entertainment industry to pursue and extradite individuals who they deem are guilty of sharing copyrighted material. SOPA now looks unlikely to pass. But it's worth paying attention to the reasons why SOPA hit the rocks. The senators who withdrew their support for the bill were mainly concerned with the effect it would have on the US economy, not on the injustice of forcing US law onto non-US citizens.
+
+[SOPA][3] may be defeated, but it's almost certain that copyright hawks are already drafting another bill that aims to give as much power as possible to those who want to prevent file sharing no matter where it takes place. As Andrew Holland's case demonstrated, users already have to be wary of their own country's fuzzy laws concerning what they can access on the internet. However, they may soon have to contend with the laws of an entirely different country. Will this stop at copyrighted material? Or will individuals be subject to foreign laws on other types of content that they access online? It won't be long before we find out.
+
+ [1]: http://www.theregister.co.uk/2010/08/06/tiger_freed/
+ [2]: http://www.guardian.co.uk/law/2012/jan/13/tvshack-student-founder-extradition
+ [3]: http://en.wikipedia.org/wiki/Stop_Online_Piracy_Act "Stop Online Piracy Act"
diff --git a/src/content/es/blog/2012-02-01-government-bills-spy-on-individual-surfing-habits.md b/src/content/es/blog/2012-02-01-government-bills-spy-on-individual-surfing-habits.md
new file mode 100644
index 000000000..85e7fa8a9
--- /dev/null
+++ b/src/content/es/blog/2012-02-01-government-bills-spy-on-individual-surfing-habits.md
@@ -0,0 +1,31 @@
+---
+title: Government Bills Spy on Individual Surfing Habits
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-02-01T08:14:23+00:00
+url: /blog/government-bills-spy-on-individual-surfing-habits/
+
+---
+This week has seen an enormous rise in awareness of internet censorship bills such as SOPA and PIPA, which is good news for anti-censorship advocates. Whilst many within the technology industry were aware of these bills, others were not until last week's internet blackout campaign which included large companies such as Wikipedia and Google.
+
+However, many people remain unaware of government directives which insist upon ISPs retaining all customer data for a period of anywhere between 6 and 24 months. A survey carried out this week in the UK showed that 54% of respondents had never heard of the existing EU directive, which allows authorities to force ISPs to retain data so that it is traceable in the event of a crime.
+
+Of course, many people object to this, whilst it seems understandable that there may be a need to address online crime, this approach has been described by some experts as a "[whack a mole][1]" solution to the problem.
+
+In the US, a similar bill, H.R. 1981 is under consideration which purports to address the problem of child pornography and online exploitation. Of course, such an emotive issue is bound to gain support – but is this just a cover which gives authorities the right to access the information of any citizen without just cause? The bill, if passed through congress, is a direct violation of the right of an individual to privacy.
+
+The reality of the situation is, although the US bill states that its only intentions are to address cybercrime, this bill actually won't be that effective if passed. Child pornography rings have been successfully tracked down without the bill and cybercriminals don't simply sit at home randomly hacking individuals without ensuring they have a lot of protection in place.
+
+Whilst H.R. 1981 discusses the need to protect citizens from cybercrime originating from outside the US; it is difficult to see how it will achieve this by invading the privacy of its own citizens. For the average person, protecting their data is something that they have only given thought to when tinkering with privacy settings on social media sites – how are they expected to protect themselves from government directives?
+
+Obviously a trusted [VPN service][2] can help individuals reclaim control of their personal data and surfing habits but it's also a good idea to oppose the bill by writing to a representative; The [Electronic Freedom Frontier][3] can help with this.
+
+SOPA and PIPA have done a lot to raise awareness of bills which governments are attempting to pass through in order to protect the less than innocent (large movie corporations to be more precise). In the UK, the Digital Economy Act was passed in 2010 and contains similar legislation to SOPA and PIPA. However, a survey carried out this week showed that 100% of respondents had not heard of the bill; this goes some way to proving how much bills such as this are pushed through as quietly as possible.
+
+The free web and an individual's personal right to privacy must be maintained, awareness is rising but many still don't recognise that spying on surfing habits should have no place in a democratic society. In the meantime, a decent VPN will protect surfers and is recommended for those in the US as well as the EU as governments attempt to push through more bills which do little to protect citizens and are designed instead to protect large corporations from Intellectual Property Theft.
+
+ [1]: http://www.webpronews.com/h-r-1981-is-a-turd-wrapped-in-cotton-candy-2012-01
+ [2]: / "VPN service"
+ [3]: https://wfc2.wiredforchange.com/o/9042/p/dia/action/public/?action_KEY=8175
\ No newline at end of file
diff --git a/src/content/es/blog/2012-02-04-the-fbi-wants-to-criminalise-online-privacy.md b/src/content/es/blog/2012-02-04-the-fbi-wants-to-criminalise-online-privacy.md
new file mode 100644
index 000000000..f359eefcb
--- /dev/null
+++ b/src/content/es/blog/2012-02-04-the-fbi-wants-to-criminalise-online-privacy.md
@@ -0,0 +1,45 @@
+---
+title: The FBI wants to criminalise online privacy
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-02-04T13:24:13+00:00
+url: /blog/the-fbi-wants-to-criminalise-online-privacy/
+
+---
+The FBI and US Department of Justice is now encouraging internet cafe users to spy on the online activities of their fellow citizens.
+
+The FBI's "Communities Against Terrorism" notice lists a whole host of activities that the agency classifies as "suspicious" and a "potential indicator of terrorism". You can read the [full notice right here][1], but below is a list of some of the more innocuous activities that the FBI is concerned about
+
+  * People who switch SIM cards in cell phones
+  * Those who use anonymizers, portals or other means to shield IP address
+  * Anyone making "suspicious communications" using VOIP or communicating through a PC game
+
+If you spot any of these activities taking place in an internet cafe, the FBI recommends that you "gather information about individuals without drawing attention to yourself", which includes "license plates, vehicle description, languages spoken and ethnicity."
+
+**Criminalising privacy**
+
+Leaving aside perfectly innocent online activities such as "speaking to someone within a PC game", the FBI's list is particularly worrying in that it targets [VPNs][2] and other 'anonymizers' that help users shield their IP address. It seems that the US government is now making a concerted effort to criminalise – or at least create suspicion around – anyone who is legitimately concerned with online privacy.
+
+This attempt by the FBI to demonise those who wish to protect their privacy is a bold move. However, it is sadly not unexpected. Attempts to undemocratically erode online privacy by US government agencies has been only escalating over the last two years.
+
+**The privacy war is surges ahead**
+
+Perhaps the most worrying development is the the FBI's efforts to [amend the US' Electronic Communications Privacy Act][3]. If the amendment is approved the FBI will have the power to demand internet service providers "report the activity of any user thought to be implicated in intelligence investigations." The FBI wants to be able to request emails, and other confidential information, from ISPs and hold that data for up to 2 years, and it doesn't want to be held accountable in its pursuit of such information.
+
+If the FBI gets its way, any agent requesting user information does not need proof that the user is engaging in wrongdoing, nor does the agent need judges' approval, all he needs is to believe the information would be beneficial to counter-intelligence operations. In other words, all that stands between the government and your personal information is the suspicions of individual FBI agents.
+
+And it's not just your emails that the FBI wants, the agency also wants to know what you're doing when you're on the move. It was revealed last month that the [FBI agents had been in contact with Carrier IQ][4] a technology company whose smartphone spyware caused a furore after being secretly installed on over 100 million devices by telecoms companies. Even worse, the FBI lied about having ever contacted Carrier IQ and still won't reveal the nature of its correspondence with the company.
+
+** An eye on Twitter **
+
+Now, it's easy to think that none of this stuff will affect you. You're not a terrorist, you don't engage in suspicious activity, why would any government agency want to monitor you? Well the sad truth is you're already being monitored by the US government to some extent, especially if you use a social network such as Twitter. Just ask UK citizen Leigh Van Bryan, who last week flew to Los Angeles for a vacation.
+
+Upon arrival Mr Van Bryan was [taken away and questioned for five hours][5] by US Homeland Security, before being deported back to the UK. His crime? He posted the following joke message on Twitter: "Free this week, for quick gossip/prep before I go and destroy America." Make no mistake, big brother is watching, and they want your fellow citizens to watch you too!
+
+ [1]: http://publicintelligence.net/fbi-suspicious-activity-reporting-flyers/
+ [2]: /
+ [3]: http://www.usatoday.com/tech/news/internetprivacy/2010-08-02-FBI-email-access_N.htm
+ [4]: http://www.businessweek.com/ap/financialnews/D9RL82AO0.htm
+ [5]: http://www.bbc.co.uk/news/technology-16810312
\ No newline at end of file
diff --git a/src/content/es/blog/2012-02-11-europeans-rage-against-acta.md b/src/content/es/blog/2012-02-11-europeans-rage-against-acta.md
new file mode 100644
index 000000000..57c5d0141
--- /dev/null
+++ b/src/content/es/blog/2012-02-11-europeans-rage-against-acta.md
@@ -0,0 +1,41 @@
+---
+title: Europeans rage against ACTA
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-02-11T15:08:08+00:00
+url: /blog/europeans-rage-against-acta/
+heroImage: /images-static/uploads/acta-protests.jpg
+thumbnailImage: /images-static/uploads/acta-protests.jpg
+
+---
+Thousands of European citizens are taking to the streets today to protest against the EU's Anti-Counterfeiting Trade Agreement, otherwise known as ACTA, which severely threatens European online privacy and civil liberties in the name of protecting copyright.
+
+Protesters in over 200 European cities have braved the current cold snap to pressure their governments into abandoning its agreement to pass ACTA into law, which was signed by 22 of the EU's 27 countries on January 26th. Final signing of the law will take place in June.
+
+**Winning the battle**
+
+Protests over the last four weeks have already had a huge effect on hindering ACTA's march into the EU law books. In January Poland saw some of the biggest demonstrations in its post-communist history, which included [members of its own parliament][1], which has now forced the Polish government to refuse to sign the bill and officially withdraw its support. Following protests in Berlin and Prague, Poland was swiftly joined by Germany and The Czech Republic, who are also now [withdrawing their support][2] for ACTA.
+
+Even more surprising was the refreshing display of humility displayed by Slovenia's ambassador to Japan, Helena Drnovsek Zorko, who apologised for not grasping the grave threat that ACTA poses to the internet. Zorko was one of the committee members who signed ACTA on behalf of Slovenia last month. She is now calling on people to take to the streets and on governments to abandon the bill.
+
+"I signed ACTA out of civic carelessness, because I did not pay enough attention," [wrote Zorko][3]. "Quite simply, I did not clearly connect the agreement I had been instructed to sign with the agreement that, according to my own civic conviction, limits and withholds the freedom of engagement on the largest and most significant network in human history, and thus limits particularly the future of our children."
+
+**Internet Spy Provider**
+
+But hang on, didn't Americans manage to kill the Stop Online Privacy Act last month? Isn't the internet saved? What's ACTA and what exactly are Europeans getting angry about?
+
+Well ACTA is potentially even worse than SOPA. Chief among concerns is the bill's insistence that Internet Service Providers effectively police the actions of their customers. ACTA makes sure that ISPs are put under pressure to monitor exactly what internet users are browsing and downloading and then report them to law officials should they believe copyrighted content has been accessed illegally. If ACTA passes then Europeans can wave goodbye to their online privacy. ISPs would be forced to spy on users and the only way to get around this would be to use an anonymisation service such IVPN.
+
+**Cloak and dagger**
+
+Given its sinister ramifications, it's therefore no surprise that ACTA was drafted almost entirely in secret between EU officials and entertainment industry copyright lawyers. In fact, Kader Arif, the very person the European Parliament put in charge to oversee ACTA, [quit his position][4] in disgust, saying that he wants to "denounce in the strongest possible manner the entire process that led to the signature of this agreement."
+
+Make no mistake, ACTA is a nasty piece of work  and if you want to protect online privacy and fight for a free internet then you should support those Europeans protesting on the streets today. For more information on ACTA and for ways to pressure your local Member of the European Parliament, [visit Kill ACTA][5].
+
+ [1]: http://www.washingtonpost.com/blogs/blogpost/post/poland-protests-erupt-over-acta-law-debate/2012/01/27/gIQAt6UOVQ_blog.html
+ [2]: http://www.techspot.com/news/47415-acta-faces-another-setback-in-europe-as-germany-delays-signing.html
+ [3]: http://www.techdirt.com/blog/?tag=helena+drnovsek+zorko
+ [4]: http://www.bbc.co.uk/news/technology-16757142
+ [5]: http://killacta.org/
\ No newline at end of file
diff --git a/src/content/es/blog/2012-02-19-canadians-face-police-attack-on-online-privacy.md b/src/content/es/blog/2012-02-19-canadians-face-police-attack-on-online-privacy.md
new file mode 100644
index 000000000..129f9428b
--- /dev/null
+++ b/src/content/es/blog/2012-02-19-canadians-face-police-attack-on-online-privacy.md
@@ -0,0 +1,27 @@
+---
+title: Canadians face police attack on online privacy
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-02-19T16:35:01+00:00
+url: /blog/canadians-face-police-attack-on-online-privacy/
+heroImage: /images-static/uploads/Flag_of_Canada.svg_.png
+thumbnailImage: /images-static/uploads/Flag_of_Canada.svg_.png
+
+---
+Canada is close to passing a new law that allows police to access user IP addresses, names, addresses and telephone numbers, without need for a warrant or any evidence of wrongdoing.
+
+Unlike recent headline-grabbing bills such as ACTA and SOPA, the "Protecting Children From Internet Predators Act" was not devised by the entertainment industry and copyright lawyers. This bill comes directly from the Canadian police force under the guise of helping law enforcement officials catch paedophiles and prevent online suicides.
+
+However, the bill is facing strong opposition within Canada, as it gives the police unprecedented access to private online user data and new powers of online surveillance. Under the act ISPs must provide a "back door" to allow police to monitor user communications. Furthermore, telecommunication providers have 18 months to equip their networks with the technology to allow police to intercept communications. ISPs also have to provide user information, such as IP address, telephone number, name and address to police "quickly" - in case of an emergency - and hold on to private user data for up to 90 days.
+
+Online privacy activists in Canada have said that the new law risks criminalising innocent internet users and puts every internet user's privacy at risk for the sake of catching a few criminals.
+
+Canadian internet security expert and University of Calgary professor, Tom Keenan, [told CBC News][1] that the bill is based on a culture of suspicion. "I think our police have a lot of tools and they know how to use them," said Keenen. "This bill takes it completely out of balance putting the onus on everybody, that all of our surfing history should be preserved and that's just not a good thing."
+
+Numerous law experts have also said that the Protecting Children From Internet Predators act may violate section 8 of Canada's charter and will be challenged in the courts for being unconstitutional.
+
+In response to criticisms of the bill, Vic Towes, Canada's public safety minister, made the following ridiculous statement to reporters - "either you stand with us or with child pornographers". Such a skewed mentality amongst policy makers demonstrates just how important it is to remain vigilant anytime government tries to interfere with online privacy laws.
+
+ [1]: http://www.cbc.ca/news/canada/calgary/story/2012/02/14/calgary-bill-internet-privacy-surveillance-security.html
\ No newline at end of file
diff --git a/src/content/es/blog/2012-02-19-google-caught-spying-on-safari-users.md b/src/content/es/blog/2012-02-19-google-caught-spying-on-safari-users.md
new file mode 100644
index 000000000..20e9034d4
--- /dev/null
+++ b/src/content/es/blog/2012-02-19-google-caught-spying-on-safari-users.md
@@ -0,0 +1,49 @@
+---
+title: Google caught spying on Safari users
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-02-19T16:42:16+00:00
+url: /blog/google-caught-spying-on-safari-users/
+heroImage: /images-static/uploads/apple-vs-google_3.jpg
+thumbnailImage: /images-static/uploads/apple-vs-google_3.jpg
+comments:
+  - author: Daniel R Colgan
+    date: 2012-03-17T02:52:39+01:00
+    content: |
+      Whotookmycivilrights - 
+
+      It occurs to myself with so many claims of spying by browser suppliers, communication giants, etc that to assume that it is not happening is like sticking your head in the sand hoping the lion wont eat you.
+    
+      The answer at least a partial one is an app that you can install on your computer and or phone that installs at both ends of a communication setup, for companies – comunications between itself worldwide and its employees, or for the average Joe the same app shared between friends for secure communications, the app Encrypts the data to be sent via a password that has to be entered at the receiving end to unencrypt the data, basically setting up a secure "Encryption Tunnel" communication.
+    
+      Supposedly all data is already encrypted when sent if true then the app would let you encrypt your own information as well technically it is then being encrypted twice!
+    
+      as i said it should be assumed that all data "IS BEING SPYED ON" and take precations regardless since if its not then it probably will be in the future,
+    
+      "Those with power become corrupted by that power, very few resist the temptation!"
+    
+      IdeasManDan!
+    
+      aka "Whotookmycivilrights"
+  - author: Sachin kumar
+    date: 2012-04-21T09:17:01+02:00
+    content: |
+      Apple+google is coooool&#8230;&#8230;
+
+---
+Google stands accused of deliberately hacking Apple's Safari browser, in order to circumvent security barriers and install user-tracking cookies.
+
+Google's activities were reported to the [Wall Street Journal][1] by a Stanford researcher. The researcher found that Google had installed dodgy web forms inside online ads with Google's +1 button. Once a user clicked on the button, the form tricked Safari into thinking that the user had approved cookies to be installed, which allowed Google to install their tracking code.
+
+Even worse, this form also allowed third party advertisers [Vibrant Media and WPP][2], to install their own advertising cookies into Safari (which had previously been blocked), allowing the advertisers to track users and serve them ads based on what websites they had visited.
+
+In its defence, Google argues that it wasn't tracking users on purpose and only wanted to know if a user was logged into a Google account. The company also says that it did not realise its exploit allowed third party advertisers to install cookies.
+
+After [being contacted by the Wall Street Journal][1], Google promptly disabled the code and issued the following statement: "The Journal mischaracterizes what happened and why. We used known Safari functionality to provide features that signed-in Google users had enabled. It's important to stress that these advertising cookies do not collect personal information."
+
+Does anyone remember Google's old catchphrase "don't be evil"? Because Google clearly doesn't&#8230;
+
+ [1]: http://online.wsj.com/article_email/SB10001424052970204880404577225380456599176-lMyQjAxMTAyMDEwNjExNDYyWj.html
+ [2]: http://www.washingtonpost.com/who-are-vibrant-media-wpp-and-pointroll/2012/02/17/gIQAh0NRKR_story.html
diff --git a/src/content/es/blog/2012-02-26-iranians-face-halal-internet.md b/src/content/es/blog/2012-02-26-iranians-face-halal-internet.md
new file mode 100644
index 000000000..67282039a
--- /dev/null
+++ b/src/content/es/blog/2012-02-26-iranians-face-halal-internet.md
@@ -0,0 +1,41 @@
+---
+title: Iranians face 'halal internet'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-02-26T17:58:07+00:00
+url: /blog/iranians-face-halal-internet/
+heroImage: /images-static/uploads/iranian_protesters.jpg
+thumbnailImage: /images-static/uploads/iranian_protesters.jpg
+comments:
+  - author: A Forest
+    date: 2017-02-21T03:52:54+01:00
+    content: |
+      VPN users need not to worry. There had been a lot of attempts to control internet usage and vpn access yet vpn providers continued to be better as well. I have been using Astrill for the last five years since I travel a lot and it always work fine even in the Middle East.
+
+---
+Two thousand, five hundred, years ago Iran connected the world with the [first ever global empire][1], but fast-forward to 2012 and it looks like the Iranian government is about to take a dramatic step in isolating its own population. Iranians are currently facing widespread disruption of internet services, which many experts believe is linked to government plans to introduce a heavily regulated 'clean internet'.
+
+The Iranian government, which already implements a national firewall, has been deploying multiple strategies to restrict internet access over the last few days. Many Iranian internet users rely on VPN services to access blocked sites that the government believes are pro-western or anti-Islamic. Iranians account for 15% of all Tor users, making Iran the second largest user of anonymisation tools in the world, behind only the USA.
+
+**Deep packet inspection**
+
+But by using increasingly sophisticated deep packet inspection of SSL traffic, as well as IP address blocking and keyword filtering, the Iranian government has recently been able to block Tor traffic, VPNs and other techniques used to circumvent its firewall.
+
+Many sites use encrypted traffic via Secure Sockets Layer, or SSL, protocols, for basic security. The fact that the Iranian government is willing to go to such extreme lengths to block all SSL traffic, doesn't bode well. Social networking sites such as Twitter and Facebook, and email services such as Gmail and Hotmail have also now been blocked.
+
+For its part, the Iranian government actually denies interfering with internet traffic. There are many voices within the Iranian parliament itself that believes heavy censorship of the internet is damaging Iran's economy and making social tensions even worse in the country. But according to most experts, government involvement is almost certain and there are two main explanations.
+
+**'Halal' internet**
+
+The first is that the regime is trying to disrupt communications between political activists ahead of the upcoming elections, due to take place in March, and the anniversary of the 'Green Protests' that occurred in 2009. This would make a lot of sense as – like with Egypt's revolution - Facebook and Twitter has played a big role in Iranian protests.
+
+The other explanation is related to [plans for a so called 'clean internet'][2], which Iranian officials claimed would be launch in May or June.
+
+If Iran manages to pull this off it would be a huge blow to online freedom of speech across the world. Other regimes that seek to control the web, from China to North Korea, will no doubt be watching Iran's project very keenly. It may not be unreasonable to expect western nations with tough internet censorship laws, such as Australia, to also sit-up and take notice (and let's not forget the entertainment industry).
+
+Hopefully the resourcefulness of Iranians – a young and highly educated population – and the development of increasingly sophisticated VPN and circumvention tools, will ensure that Iran remains connected to the rest of the world despite the efforts of its repressive government. Given the increasing likelihood of a US and Israeli attack on Iran, it's never been more important for Iranians to have a voice online.
+
+ [1]: http://en.wikipedia.org/wiki/Cyrus_the_Great
+ [2]: http://www.fastcompany.com/1819375/why-irans-building-a-second-internet?partner=gnews
diff --git a/src/content/es/blog/2012-03-03-ireland-passes-sopa-law.md b/src/content/es/blog/2012-03-03-ireland-passes-sopa-law.md
new file mode 100644
index 000000000..3b8e014ec
--- /dev/null
+++ b/src/content/es/blog/2012-03-03-ireland-passes-sopa-law.md
@@ -0,0 +1,39 @@
+---
+title: Ireland passes "SOPA" law
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-03-03T17:31:54+00:00
+url: /blog/ireland-passes-sopa-law/
+heroImage: /images-static/uploads/ireland-sopa-law.jpg
+thumbnailImage: /images-static/uploads/ireland-sopa-law.jpg
+
+---
+The entertainment industry may have suffered a defeat in the USA with SOPA, and a potential defeat in the wider EU with ACTA, but in Ireland it's finally finding some success, after the Irish government passed a SOPA-esque bill into law on Friday.
+
+The newly stamped bill, dubbed the Copyrighted and Related Rights Regulation, allows the entertainment industry to force ISPs to block any websites that it believes hosts or links to copyrighted content. ****
+
+**The government isn't listening**
+
+Although it doesn't go quite [as far as SOPA][1] and demand that ISPs hand over user data, the new bill was nevertheless strongly opposed within Ireland, motivating over 80,000 Irish citizens to petition their members of parliament against its ratification. Protesters warned that the legislation gives the entertainment industry the legal leverage to force Irish ISPs into blocking major websites such as Facebook, YouTube and Twitter, as well as any other website that has the audacity to permit user generated links and content.
+
+"It is a disgraceful decision," said a spokesperson for the protest group [Stop SOPA Ireland][2]. "Not only because an unprecedented 80,419 people mobilised in the space of a few days and told Ministers Bruton and Sherlock that they were wrong to take this action. It is a shameful decision because the Government knows that those 80,419 people were right, and have done the wrong thing anyway."
+
+The Irish government has been under intense pressure from the entertainment industry to change its online copyright laws. Last year EMI, Warner, Universal and Sony attempted to force a local Irish ISP to block access to pirate sites, but were prevented from doing so in the Irish courts. This then led last month to EMI [filing a law suit against Ireland][3], alleging that the government was dragging its feet in implementing copyright law reforms. Even worse, despite Ireland implementing the new legislation, it appears that EMI still intends to sue the government.
+
+**A confused message**
+
+The man responsible for passing the bill, Irish minister Sean Sherlock, said that he now hopes Ireland can become a ["model of best practice"][4] when it comes to internet copyright law. "This is a very complex area of law," said Sherlock in a statement. "My ambition to make Ireland a model of international best practice in this area will not be easily achieved, and as this debate develops I urge all interested parties on all sides to come together and work in a constructive and realistic way to the benefit of all."
+
+However, Sherlock seems to be somewhat confused on whether or not he wants to protect copyright, or promote innovation. In the very same statement he adds, "The challenge now is to examine what measures we can take to develop Ireland's laws in this area in such a way as to provide the greatest possible encouragement for innovation in the creative and digital industries to take place here."
+
+**Stay vigilant**
+
+Someone needs to tell the Irish government that you can't promote innovation while passing laws that force service providers to police online content, as well as giving lawyers to power to cut-off a democratic nation from some of the internet's biggest websites. What happened in Ireland on Friday demonstrates that we must be more vigilant and more vociferous than ever in our opposition to draconian copyright laws. The entertainment industry may have won the battle in The Emerald Isles, [but with ACTA][5] and PIPA currently on the ropes, the war isn't over yet.
+
+ [1]: /blog/could-you-be-prosecuted-under-a-foreign-countrys-online-content-laws/
+ [2]: http://stopsopaireland.com/#4
+ [3]: http://www.pcmag.com/article2/0,2817,2398824,00.asp
+ [4]: http://www.thejournal.ie/sherlock-confirms-that-%E2%80%98irish-sopa%E2%80%99-has-been-signed-into-law-369634-Feb2012/
+ [5]: /blog/europeans-rage-against-acta/
\ No newline at end of file
diff --git a/src/content/es/blog/2012-03-09-uk-isps-forced-to-spy-on-customers.md b/src/content/es/blog/2012-03-09-uk-isps-forced-to-spy-on-customers.md
new file mode 100644
index 000000000..ceac1a56b
--- /dev/null
+++ b/src/content/es/blog/2012-03-09-uk-isps-forced-to-spy-on-customers.md
@@ -0,0 +1,38 @@
+---
+title: UK ISPs forced to spy on customers
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-03-09T20:21:04+00:00
+url: /blog/uk-isps-forced-to-spy-on-customers/
+heroImage: /images-static/uploads/digital-britain_1530933c.jpg
+thumbnailImage: /images-static/uploads/digital-britain_1530933c.jpg
+
+---
+UK internet users may soon face an unprecedented attack on their online privacy, after two of the country's biggest ISP's lost their latest court appeal against a government law that forces them to spy on customers on behalf of copyright holders.
+
+After almost two years of legal battles the UK's controversial Digital Economies Act is about to be given the green light. On Tuesday TalkTalk and BT, the UK's two biggest ISPs, [failed in their latest attempt][1] to appeal against the law and though they still have the option of taking their case to the Supreme Court, success is not looking likely. Once the law is fully implemented anyone suspected of illegal filesharing in the UK will be sent warning letters from their ISP. If these letters go unheeded then users face the prospect of being banned from accessing the internet altogether.
+
+[Like SOPA][2], The Digital Economies Act allows copyright holders to flag and ban a URL that contains copyrighted material, effectively creating a 'copyright firewall' around the UK. Given that ISP's must intercept and examine outgoing internet connections, in order to determine if a user is accessing a copyright-infringing website, the enactment of The DEA means that UK internet users will face severe erosion of their online privacy. The only way to for Brits to avoid ISP intrusion into their web surfing would be to use TOR or a VPN. ****
+
+**Basic rights and freedoms**
+
+BT and TalkTalk were strongly opposed to the Digital Economies Act and have spent millions in court battles since the law was passed. The ISPs, as well as anti-copyright activists, argued that the act violated European Laws, clashing with European Union directives on technical standards, authorisation, e-commerce, as well as privacy and electronic communications. BT and TalkTalk also said that the act infringed internet users' "basic rights and freedoms", and did not receive sufficient parliamentary scrutiny when it was "rushed through", under much secrecy, during the final days of the Labour government.
+
+Of course, all of those objections were somewhat a side-show to the ISPs' real grievance. Tracking all those users, sending out all those letters and blocking all those URLs, will cost BT and TalkTalk a great deal of time, money and resources - these companies will be effectively policing the browsing habits of UK internet users.
+
+"We're disappointed that our appeal was unsuccessful though we welcome the additional legal clarity that has been provided for all parties," a TalkTalk representative [told the The Register][3]. "We are reviewing this long and complex judgement and considering our options. Though we have lost this appeal we will continue fighting to defend our customers' rights against this ill-judged legislation." ****
+
+**Criminals or customers?** 
+
+The music industry is – surprise, surprise – very happy with the ruling and wasted no time pressuring TalkTalk and BT to give-up fighting the legislation and to start enforcing it against their users. "The ISPs' failed legal challenge has meant another year of harm to British musicians and creators from illegal filesharing," said BPI chief, Geoff Taylor. "The ISPs now need to work constructively with Government and rights holders to implement the Act."
+
+As [TechDirt points out][4], there is no real evidence to Taylor's claim that British musicians and creators are being hurt by illegal filesharing and the new legislation is unlikely to result in users paying more for music than they already do.
+
+The most likely result from the Digital Economies Act – particularly the practice of spying on internet users and threatening them with disconnection - is that more and more young people will grow-up hating the entertainment industry. When the first letters are posted, ISPs will ensure that the inevitable public relations fallout rests entirely on the shoulders of copyright holders. The only viable, long-term, solution left to the entertainment industry is to adapt to new business models and work with ISPs to monetise their content in new ways, otherwise they will be facing-down a generation of angry, victimised, customers.
+
+ [1]: http://www.guardian.co.uk/technology/2012/mar/06/internet-provider-lose-challenge-digital-economy-act?INTCMP=SRCH
+ [2]: /blog/could-you-be-prosecuted-under-a-foreign-countrys-online-content-laws/
+ [3]: http://www.theregister.co.uk/2012/03/06/bt_talktalk_lose_final_appeal_against_digital_economy_act/
+ [4]: http://www.techdirt.com/articles/20120306/18075618006/uk-isps-lose-their-challenge-to-digital-economy-act-entertainment-industry-responds-condescendingly.shtml
\ No newline at end of file
diff --git a/src/content/es/blog/2012-03-15-internet-privacy-concerns-rise-as-debate-rages-over-ad-tracking-regulation.md b/src/content/es/blog/2012-03-15-internet-privacy-concerns-rise-as-debate-rages-over-ad-tracking-regulation.md
new file mode 100644
index 000000000..19e72f6e0
--- /dev/null
+++ b/src/content/es/blog/2012-03-15-internet-privacy-concerns-rise-as-debate-rages-over-ad-tracking-regulation.md
@@ -0,0 +1,42 @@
+---
+title: Internet privacy concerns rise, as debate rages over ad-tracking regulation
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-03-15T15:25:25+00:00
+url: /blog/internet-privacy-concerns-rise-as-debate-rages-over-ad-tracking-regulation/
+heroImage: /images-static/uploads/onlineads.jpg
+thumbnailImage: /images-static/uploads/onlineads.jpg
+
+---
+Two surveys released this week have revealed that internet users are becoming more and more concerned about their online privacy, as debate rages between regulators and activists over how much control we should have over advertisers seeking to collect our personal data.
+
+Surveys recently released by the University of Queensland in Australia and the Pew Internet and American Life Project in the United States, both found that a majority of internet users are not comfortable with targeted advertisements and data collection. [The Queensland survey][1] found that 56% of Australians are not comfortable with online advertising companies and websites tracking their online behavior and collecting anonymous data, while [the Pew survey][2] found the 68% of Americans did not want targeted ads if meant they would be tracked online.
+
+The University of Queensland also found that 90% of users wanted to be able to control how their data is collected online by advertisers, and that 75% wanted to find out more about how advertisers capture that data. The survey further discovered that 97% of Australians want the ability to take legal action if their privacy is breached.
+
+"Companies know more and more about us, but we know very little about what they're doing with that information," said the University of Queensland's Dr Andrejevic. "The more they collect, the less we know. As the level of information collection increase in the digital era, democracy and personal autonomy need to be protected."
+
+**The meaning of "Do Not Track"**
+
+The two surveys comes as [tensions rise between the online advertising industry and privacy advocates][3], over plans to introduce an opt-out mechanism for consumers who do not want to be tracked by ad agencies. The 'Do Not Track' initiative has seen the Digital Advertising Alliance, US federal regulators and privacy activists unable to even reach a consensus over what "Do Not Track" actually means.
+
+Privacy watchdogs argue that a 'Do Not Track' opt-out should allow users to prevent any data collection from advertisers, full stop. While the DAA argues that users should only have the right to opt-out of seeing targeted ads, with advertisers still permitted to collect anonymous data. The DAA also argues that Do Not Track should only refer to third party advertisers and not the first party websites that the users actually visit.
+
+[Google has already added][4] a 'Do Not Track' button to its Chrome browser (which blocks targeted ads, but allows data collection), but the issue is far from resolved. The World Wide Web Consortium (W3C) convenes later in the year to create its own Do Not Track standards – a process that is expected to generate even more debate - and the US Federal Trade Commission says it will release a report soon detailing its own conclusions on the issue.
+
+"I believe currently we are in a pitched negotiation over exactly how powerful a choice users will have when it comes to online tracking," said Rainey Reitman, an activist at the Electronic Frontier Foundation. "The next few months are going to be a decision-making time for whether Do Not Track is a truly powerful mechanism."
+
+**Privacy vs free content?**
+
+While it's very tempting to automatically side with the activists over user privacy concerns, the issue is a complex one. Advertising revenue [is what keeps so much internet content free][5] to access and the online advertising industry relies immensely on collecting user data and tracking what users do after they've clicked on an ad.
+
+As the surveys mentioned above indicate, the majority of internet users – given the choice – will opt out of data tracking, which leaves content producers (everyone from The New York Times to YouTube) facing an uphill struggle in terms of staying profitable. On the other hand, the sheer number of internet advertising firms collecting user data [is astonishing][6] and none of these firms appear accountable to anyone. Sure, they may not have any malicious intentions but, with the internet permeating nearly all aspects of our life, are we comfortable with being watched so closely? And can we really trust these companies to protect the data they collect ?
+
+ [1]: http://www.uq.edu.au/news/?article=24504
+ [2]: http://www.technewsdaily.com/3971-internet-privacy-concerns-grow-survey-finds.html
+ [3]: http://www.politico.com/news/stories/0312/73976.html
+ [4]: http://www.theregister.co.uk/2012/02/24/google_chrome_do_not_track/
+ [5]: http://mybroadband.co.za/news/internet/45397-online-privacy-strategies-face-hard-sell.html
+ [6]: http://www.theatlantic.com/technology/archive/2012/02/im-being-followed-how-google-151-and-104-other-companies-151-are-tracking-me-on-the-web/253758/
diff --git a/src/content/es/blog/2012-03-26-top-five-ways-to-protect-your-online-privacy.md b/src/content/es/blog/2012-03-26-top-five-ways-to-protect-your-online-privacy.md
new file mode 100644
index 000000000..3e4826028
--- /dev/null
+++ b/src/content/es/blog/2012-03-26-top-five-ways-to-protect-your-online-privacy.md
@@ -0,0 +1,47 @@
+---
+title: Top five ways to protect your online privacy
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-03-26T14:29:00+00:00
+url: /blog/top-five-ways-to-protect-your-online-privacy/
+heroImage: /images-static/uploads/online-privacy.jpg
+thumbnailImage: /images-static/uploads/online-privacy.jpg
+
+---
+The issue of online privacy has never been more urgent. Over the last year we've seen a combination of governments, advertisers, and the entertainment industry, all trying to increase their power to monitor what you do in cyberspace.
+
+Whether it's trying to [force radical and unpopular legislation][1] through the courts, [spying on what you browse][2] and buy online, or [encouraging fellow citizens to monitor your online behavior][3], it's clear that there is now a concerted effort to undermine the principal of online anonymity, which most of us believe should be upheld.
+
+So with all that doom and gloom in mind, what are the most effective measures you can take to protect your privacy while on the web? Our round-up below is by no means exhaustive, but it should get you on the right track.
+
+## Top five ways to protect online privacy
+
+**Invest in an VPN**
+
+Ok, obviously we have a vested interest in pushing for the use of Virtual Private Networks (VPNs), but if you want to make sure your IP address won't be tracked, then a [VPN][4] is your best bet. Using a VPN basically means that your internet traffic is re-routed via servers located in different countries, making it almost impossible for your real world location to be identified. However, using a VPN won't protect you from stuff like ad-tracking, because this isn't tied to your IP address, it's tied primarily to the cookies that get installed in your browser (we'll address this later). But it does mean that nothing can be traced back to your real-world identity. For more about how VPNs work, [check out our FAQ section][5].
+
+**Use TOR**
+
+[TOR][6] is, essentially, a free-to-use VPN service (see above) that protects your IP address. It is used by many people around the world, usually those who suffer under oppressive regimes that seek to heavily control the web, but also people in western democracies. TOR is generally a good way to protect yourself online, but it has a couple of downsides compared to a paid VPN service, such as [IVPN][4]. The main problem is that TOR allows anyone to set-up 'entry' and 'exit' nodes, through which your data travels. Most of the time the people setting up the nodes have good intentions, but if you don't know who these people are then how can you trust them not to spy on your traffic? The other problem with TOR is that it generally offers slower speeds than a privately run VPN.
+
+**Multiple accounts**
+
+When it comes to protecting your online identity (and not necessarily your real world identity), it pays to be smart when signing-up to online services. Don't rely on a single email account to sign-up to forums, shopping sites, social networks etc. Create multiple accounts to fragment your online identity. Also, it may be obvious, but avoid giving away too much personal information while signing up to services (such as real address, phone number etc). Thirdly, remember Google keeps a log of everything you search for and tailors your search results to those requirements. If you're not comfortable with this then don't search Google while logged into a Google account, use different browsers, clear cookies (see below), or just use a different search engine entirely such as DuckDuckGo, which doesn't track you.
+
+**Cookie blocker**
+
+It's difficult to entirely avoid being tracked by online ad companies. Many of these companies have no real interest in knowing who you are, they just want to target ads according to your browsing habits. But nonetheless, it pays to be vigilant, as you have no idea who these ad companies are and how protected your data is. You can run add-ons on Firefox such as Ghostery, NoScript, BetterPrivacy and CookieMonster, to help avoid tracking. You can also regularly delete your cookies and browsing history manually, or with a program such as ComboFix. If you ever get infiltrated by very resilient spyware or adware then you can always pop over to the [TechSupport adware forums][7] and ask for help removing it.
+
+**Smart social network usage**
+
+Obviously the best way to avoid revealing too much information on social networks is to cease using them altogether. But nowadays it's hard to avoid using Facebook and LinkedIn if you want to stay in touch with friends and colleagues. Remember to check Facebook's privacy settings and ensure that you only share information with friends. Don't hand over your birthday, or any other personal information. Consider changing your name to a pseudonym. Register as a resident of a different country. Don't post any pictures of yourself. Don't install any 'apps'. Also avoid 'Liking' any pages or posts (the 'Like' button is one of the biggest tracking elements that Facebook uses to target ads and get information) and avoid discussing personal information with others.
+
+ [1]: /blog/europeans-rage-against-acta/
+ [2]: /blog/internet-privacy-concerns-rise-as-debate-rages-over-ad-tracking-regulation/
+ [3]: /blog/the-fbi-wants-to-criminalise-online-privacy/
+ [4]: /
+ [5]: /knowledgebase/1/General-FAQ
+ [6]: https://www.torproject.org/
+ [7]: http://www.techsupportforum.com/forums/f50/
diff --git a/src/content/es/blog/2012-04-02-can-duckduckgo-kill-google.md b/src/content/es/blog/2012-04-02-can-duckduckgo-kill-google.md
new file mode 100644
index 000000000..d4723bcbc
--- /dev/null
+++ b/src/content/es/blog/2012-04-02-can-duckduckgo-kill-google.md
@@ -0,0 +1,54 @@
+---
+title: Can DuckDuckGo kill Google?
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-04-02T13:18:49+00:00
+url: /blog/can-duckduckgo-kill-google/
+heroImage: /images-static/uploads/DuckDuckGo.jpg
+thumbnailImage: /images-static/uploads/DuckDuckGo.jpg
+comments:
+  - author: Misuse
+    date: 2012-04-15T01:00:50+02:00
+    content: |
+      DuckDuckGo is great, especially the ! command line. I hope that duckduckgo can at least give google some strong competition.
+
+---
+Could the growing furor over online privacy spell the end of Google's dominance over search? Granted, it's an almost unthinkable proposition today, but with the rapid rise of privacy-conscious alternative DuckGoGo, Google may have a real fight on its hands over the next few years.
+
+Google's online empire has been unshakable since 2009. The only real contender to emerge - following the terminal decline of Yahoo - has been Bing, which despite the clout of Microsoft, has captured just [4% of the global search market][1], as it struggles to differentiate itself.
+
+[Enter DuckDuckGo][2], a stripped down, partially open-sourced, search engine that has a key unique selling point, one that none of its rivals possesses: it stores zero data on its users. Yep, there are no targeted ads (indeed there are no ads whatsoever), no user accounts and no cookies. DuckDuckGo also doesn't 'bubble' its users, meaning that it doesn't individually tailor search results based on what you've previously searched for.
+
+**DuckDuck Going Up**
+
+Over the last few days, coinciding with the negative press over Google's new privacy policy, as well as [increasing concerns over the amount of data being collected][3] by online ad agencies, DuckDuckGo has seen its internet search queries more than double. Prior to Google changing its privacy policy DuckDuckGo was claiming around 400-600 thousand search queries a day. On the same day the privacy changes were announced the new search engine clocked a record 848,468 searches.
+
+Then in the middle of February, one month after the privacy change, DuckDuckGo began to pass the one million queries a day milestone. A couple of weeks later that figure grew by 320 thousand [before hitting 1,518,581 direct queries on March 28th last week][4]. That's more than double the amount of queries within just two months.
+
+Granted, in the wider scheme of things, DuckDuckGo's share of the search market is still pretty tiny – less than one per-cent. But it's founder Gabriel Weinberg is starting to grab the attention of venture capitalist investors. Here's what Union Square Ventures' [Brad Burnham said about its decision to back DuckDuckGo][5] in October.
+
+"When I first got into the venture capital business in the early 90s, it seemed to me that half of the deals I brought to the partnership were dismissed with the line "sure it's cool but what the heck do they do if Microsoft decides to enter this business." Today the role of the dominant player is played by Google (and increasingly Facebook). So as an investor, one has to consider how a potential portfolio company can thrive in the shadow of Google. No where is this more true than in Search.
+
+….The way to compete with Microsoft was to change the basis of competition. We invested in DuckDuckGo because we became convinced that it was not only possible to change the basis of competition in search, it was time to do it."
+
+**A crumbling empire?**
+
+Obviously DuckDuckGo has a long way to go before anyone considers it a rival to Google's crown. But remember, this is the internet we're talking about, an arena where MySpace can go from being the [biggest social network and most visited site in the US in 2006][6], before dropping to second place behind Facebook in 2008, and then three years later being [degraded to the butt of many an online joke][7].
+
+Recently Google has faced backlashes on numerous fronts. The biggest one being privacy concerns, but industry analysts and bloggers have also started to wonder [if Google is over-stretching itself][8] and is taking a wrong approach toward search. Google's biggest potential miss-step is delivering personalised search results to users (the aforementioned 'bubbling'), meaning that you only get to see what Google thinks you want to see. Many have [pointed-out the conceptual problems][9] with such a service. Furthermore, this idea of a personalised web is closely tied-up with Google's social network Google+, which has already been [declared a failure by some][10].
+
+Let's hope DuckDuckGo's success continues. If it does then not only will Google have to think twice about infringing on user privacy, but so will nearly every service on the web. Once users start voting with their feet (or fingers), then the rampant online personal data mining business model, used by everyone from Facebook to The New York Times, will have to start reining itself in.
+
+ [1]: http://www.forbes.com/sites/greatspeculations/2012/01/17/bings-market-share-squeaks-higher-google-still-gorilla-of-search/
+ [2]: http://duckduckgo.com/
+ [3]: /blog/internet-privacy-concerns-rise-as-debate-rages-over-ad-tracking-regulation/
+ [4]: http://www.theatlantic.com/technology/archive/2012/03/here-is-a-chart-of-people-freaking-out-about-online-privacy/255234/
+ [5]: http://www.webpronews.com/duckduckgo-ready-to-go-to-the-next-level-gets-new-funding-2011-10
+ [6]: http://en.wikipedia.org/wiki/Myspace
+ [7]: http://www.huffingtonpost.com/henry-blodget/murdochs-myspace-is-proba_b_318919.html
+ [8]: http://techcrunch.com/2011/01/08/google-mojo/
+ [9]: http://www.ted.com/talks/eli_pariser_beware_online_filter_bubbles.html
+ [10]: http://www.forbes.com/sites/insertcoin/2011/08/15/a-eulogy-for-google-plus/
+ 
\ No newline at end of file
diff --git a/src/content/es/blog/2012-04-06-uk-online-spying-law-how-to-resist.md b/src/content/es/blog/2012-04-06-uk-online-spying-law-how-to-resist.md
new file mode 100644
index 000000000..86301588d
--- /dev/null
+++ b/src/content/es/blog/2012-04-06-uk-online-spying-law-how-to-resist.md
@@ -0,0 +1,93 @@
+---
+title: UK online spying law – How to resist
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-04-06T12:32:14+00:00
+url: /blog/uk-online-spying-law-how-to-resist/
+heroImage: /images-static/uploads/theresa-may-uk-online-spying-ccdp.jpg
+thumbnailImage: /images-static/uploads/theresa-may-uk-online-spying-ccdp.jpg
+comments:
+  - author: Richard
+    date: 2012-04-25T13:55:44+02:00
+    content: |
+      Small typo: In the second paragraph under "Collusion of interests", you refer to the "DDCP", whereas every other reference is to the "CCDP".
+
+      Not only is there a strong likelihood that the government will ignore protests and pass the CCDP, but a strong likelihood that anyone who's signed a petition or emailed their MP in protest will be first on the list for warrantless surveillance. After all, as we're repeatedly told, only people with something to hide want privacy.
+  - author: Dennis Kügler
+    date: 2012-04-25T14:13:51+02:00
+    content: |
+      Thanks Richard, corrected. You could be right, but I wouldn't want that possibility to deter people from emailing MPs, especially if you have a LibDem MP. Sure, chances the law will be passed are high. The only substantial political opposition to CCDP would have come from the LibDems - given their libertarian leanings - but now they're a part of the coalition. However this could work to protestors advantage. If LibDem MPs realise this is a huge issue for their own constituents then the party could put pressure on the government from the inside, and that could make a difference.
+
+---
+The UK's coalition government is planning to give law enforcement agencies unprecedented powers to monitor and spy on the web-browsing of British citizens. In this post we'll be explaining what this proposed new law means, and what you can do to fight it.
+
+The new legislation, dubbed the Communications Capabilities Development Programme (CCDP), threatens to drag the UK's online surveillance laws down to the level of authoritarian states such as China and [Iran][1]. Under the CCDP the government agency responsible for monitoring communications (GCHQ) [will be able to demand that ISPs hand over details on what websites you're visiting and who you're sending emails to][2], without any court orders or warrants. Under this law, all that stands between you and your online privacy is the idle suspicions of a civil service bureaucrat, who doesn't have to go through a single independent check in order to look at your web-browsing history.
+
+What's more the UK government wants all this internet snooping to take place "in real time", which means that GCHQ will install its own physical monitoring equipment on networks, so it can access your data and watch what you are doing within minutes of suspicions being aroused.
+
+**Collusion of interests**
+
+If this sounds slightly familiar, then its for a good reason. Most of these surveillance powers were included in recent pieces of legislation introduced by the entertainment industry in their global fight against online privacy (sorry, 'piracy'). SOPA tried to fight for these radical powers in the USA, ACTA was the legislation that attempted to [introduce it into the EU][3] and the [Digital Economies Act][4] did the same in the UK.
+
+However, all of these bills either hit the rocks and failed (SOPA and ACTA), or are currently fighting public discontent and legal challenges from ISPs (DEA). The existence of the CCDP (which was leaked by The Sunday Times) reveals that the UK government was in-bed with the entertainment industry all along, because it wants the same powers of surveillance that the copyright lawyers want.
+
+**'Protection money'**
+
+However, instead of threatening the population with accusations of copyright theft, the Conservation and Liberal coalition is now scaring people with terrorists and paedophiles - and they're not even being subtle about it. On Tuesday the Home Secretary Theresa May came out to justify the government's plans by cynically waving around the case of convicted child killer [Ian Huntley][5] – [even though the proposed legislation wouldn't have helped prevent his crimes][6].
+
+Like the online privacy assault from the entertainment industry, this latest piece of law is facing virtually no politically opposition in the UK parliament. In fact, the ruling Conservative party and Liberal Democrats, opposed similar (actually worse) [surveillance legislation from the Labour government][7], during their 13-year reign. Now the coalition are cravenly introducing almost the same thing, knowing that Labour is hardly in a position to criticise them.
+
+**How to resist**
+
+So what can you do about it? Well firstly, the law hasn't passed yet. But it does look like the coalition will try and include the bill in the Queen's Speech next month, which means the law could come into effect before the end of the 2012. So the first step is to join protests and voice opposition against the CCDP. Public outrage caused Labour to scrap its surveillance bill in 2009, so protest can work.
+
+**Petitions/Online protests**
+
+[38 Degrees][8]
+
+[UK Government e-petition][9]
+
+[National "cc all your e-mails to Theresa May" Day (Facebook)][10]
+
+[Open Rights Group][11]
+
+**Blogs to follow for further news on protests**
+
+[IVPN][12]
+
+[Big Brother Watch][13]
+
+[Privacy International][14]
+
+Obviously, there is a strong likelihood that the government will ignore protests and pass the CCDP. In this event there are still options to protect your privacy.
+
+**Sign up to VPN**
+
+A Virtual Private Network, such as our own IVPN service, anonymises your data by routing your traffic to servers around the world, effectively masking your IP address. You can read more about [IVPN's product right here][15], or you can search for other VPNs online.
+
+**TOR**
+
+[The Onion Router][16] (TOR) is another way to anonymise yourself online. TOR is a free anonymisation tool used by many people in repressive states to circumvent nationwide firewalls and works in a similar way to VPNs. The main downside to TOR is that the service is slightly more vulnerable to spying (you don't know who controls the servers) and won't offer quite as good speeds as a paid VPN.
+
+**If you live in the UK [email your local MP][17] and express your disgust at this law. For more information on protecting your online privacy read our [top five tips here][18] and check back on our blog for updates. If you are organising, or know of, any protest/e-petitions that you think we should feature please drop us a line in the comments below.**
+
+ [1]: /blog/iranians-face-halal-internet/
+ [2]: http://www.bbc.co.uk/news/uk-politics-17590363
+ [3]: /blog/europeans-rage-against-acta/
+ [4]: /blog/uk-isps-forced-to-spy-on-customers/
+ [5]: http://en.wikipedia.org/wiki/Ian_Huntley#Ian_Huntley
+ [6]: http://www.bbc.co.uk/news/uk-politics-17576745
+ [7]: http://news.bbc.co.uk/1/hi/uk_politics/8020039.stm
+ [8]: https://secure.38degrees.org.uk/page/s/stop-government-snooping#petition
+ [9]: http://epetitions.direct.gov.uk/petitions/32400
+ [10]: https://www.facebook.com/pages/National-cc-all-your-e-mails-to-Theresa-May-Day/155277607840980?ref=ts&__adt=5&__att=iframe
+ [11]: http://action.openrightsgroup.org/ea-campaign/clientcampaign.do?ea.client.id=1422&ea.campaign.id=8227
+ [12]: /blog/
+ [13]: http://www.bigbrotherwatch.org.uk/
+ [14]: https://www.privacyinternational.org/
+ [15]: /why-ivpn
+ [16]: https://www.torproject.org/
+ [17]: http://www.parliament.uk/mps-lords-and-offices/mps/
+ [18]: /blog/top-five-ways-to-protect-your-online-privacy/
diff --git a/src/content/es/blog/2012-04-14-cispa-more-of-a-threat-to-online-privacy-than-sopa.md b/src/content/es/blog/2012-04-14-cispa-more-of-a-threat-to-online-privacy-than-sopa.md
new file mode 100644
index 000000000..9c5be13d5
--- /dev/null
+++ b/src/content/es/blog/2012-04-14-cispa-more-of-a-threat-to-online-privacy-than-sopa.md
@@ -0,0 +1,43 @@
+---
+title: 'CISPA: More of a threat to online privacy than SOPA?'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-04-14T15:36:00+00:00
+url: /blog/cispa-more-of-a-threat-to-online-privacy-than-sopa/
+heroImage: /images-static/uploads/cispa.jpg
+thumbnailImage: /images-static/uploads/cispa.jpg
+
+---
+Another day, another new piece of legislation that threatens the online privacy of web citizens around the world. Last week it was the draconian new spying powers of the UK's CCDP act, this week it's the turn of the US congress' to stir-up online protest with a piece of legislation that once again threatens to give government agencies new powers to spy on users. Worst of all, most of the online industry supports it.
+
+**'Cyber security-threat'**
+
+CISPA, which stands for the [Cyber Intelligence Sharing and Protection Act][1], is - on the face of it - a bill designed to allow the US government and private web-corporations to share information more effectively in order to better prosecute "cyber security-threats". Here's what co-author of the bill, Republican Mike Rogers, says CISPA is designed for.
+
+"Every day US businesses are targeted by nation-state actors like China for cyber exploitation and theft," argues Rogers. "This consistent and extensive cyber looting results in huge losses of valuable intellectual property, sensitive information and American jobs. The broad base of support for this bill shows that Congress recognizes the urgent need to help our private sector better defend itself from these insidious attacks."
+
+Like the UK government's attempts last week at [blaming paedophiles for the necessity of online state spying][2], the US government is trying to whip its population into an irrational fear of international cyber-espionage in order curtail online freedoms. Sure, China and other entities may pose some threat to US interests in the online space. But as it [did with SOPA][3], the US government has decided to address this problem by introducing a clumsy, ill-defined, bill that will do far more harm than good, threatening personal liberties and damaging the online ecology.
+
+**Just what is a 'cyber-threat'?**
+
+So what powers does CISPA give the US government? The bill is mainly about information sharing, so it means ISPs and services such as Google and Facebook, will be obligated to share information about you with government agencies. [The bill's vagueness][4] means that this information could be anything from your personal emails and Facebook messages, to your browsing history. While CISPA's authors argue that the legislation would not directly give governments the power to block websites, the bills lack of clarity means that governments could use information shared under CISPA to block access.
+
+All of these powers are designed to combat "cyber-security threats". But, far from concentrating on Chinese and Iranian espionage, CISPA's definition of 'cyber security-threat' is very broad indeed. The bill's authors defines it as "theft or misappropriation of private or government information, intellectual property, or personally identifiable information."
+
+Under those definitions CISPA isn't much different to SOPA. "Theft of&#8230;Intellectual property" covers exactly the kind of activity that SOPA used to justify shutting down entire websites because of unlicensed copyrighted material. If you wanted to be cynical about it, you could argue that CISPA is simply an attempt to hoodwink the population into accepting SOPA-like legislation under a different name.
+
+**The big difference**
+
+However, there is one key – and rather scary – difference between SOPA  and CISPA. Whereas SOPA demise was brought about through a combination of grass roots activism and strong opposition from big online entities (such as Google and Wikipedia), [CISPA has the support of much of Silicon Valley][5] - Google and Facebook both back the bill. Why would Google be anti-SOPA but pro-CISPA? Essentially because CISPA makes life easier for search engines, social networks and other web services. Under SOPA, Google would have to spend much more money policing content to ensure no copyrighted material was being pirated. But with CISPA all Google and Facebook have to do is share information about suspected "cyber-threats" with the government, then government agencies would deal with the problem, without angry copyright holders banging on the door with lawsuits.
+
+This is why CISPA is a potentially bigger threat than SOPA. The act may not be quite as damaging , in the sense that it won't directly force websites to shut-down, but it has the support of key internet players, which blunts the opposition's voice. In order to defeat CISPA the public has to mobilise online and offline in order to put pressure on congress. Hacktivist groups like Anonymous have [already begun their fight][6], social networks like Reddit are also keeping-up the pressure, and pretty much every journalist who opposed SOPA is also opposing CISPA. If you are based in the US then [email your congressman today][7], to make your voice heard.
+
+ [1]: http://en.wikipedia.org/wiki/Cyber_Intelligence_Sharing_and_Protection_Act
+ [2]: /blog/uk-online-spying-law-how-to-resist/
+ [3]: /blog/government-bills-spy-on-individual-surfing-habits/
+ [4]: https://www.eff.org/deeplinks/2012/03/rogers-cybersecurity-bill-broad-enough-use-against-wikileaks-and-pirate-bay
+ [5]: http://www.digitaltrends.com/opinion/cispa-is-not-the-new-sopa-heres-why/
+ [6]: http://www.theinquirer.net/inquirer/news/2166994/anonymous-starts-anti-cispa-protests
+ [7]: https://wfc2.wiredforchange.com/o/9042/p/dia/action/public/?action_KEY=8444
\ No newline at end of file
diff --git a/src/content/es/blog/2012-04-24-a-quick-guide-to-current-online-privacy-threats.md b/src/content/es/blog/2012-04-24-a-quick-guide-to-current-online-privacy-threats.md
new file mode 100644
index 000000000..bfc06b976
--- /dev/null
+++ b/src/content/es/blog/2012-04-24-a-quick-guide-to-current-online-privacy-threats.md
@@ -0,0 +1,113 @@
+---
+title: A Quick Guide To Current Online Privacy Threats
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-04-24T13:53:16+00:00
+url: /blog/a-quick-guide-to-current-online-privacy-threats/
+heroImage: /images-static/uploads/3anonymous.png
+thumbnailImage: /images-static/uploads/3anonymous.png
+comments:
+  - author: Dina G
+    date: 2012-04-24T20:36:35+02:00
+    content: |
+      Good list. Our government is the biggest actual threat to privacy, but as a practical matter, most people are their worst own enemy - friending people on Facebook that they don't know, posting drunk pics of themselves online that come back to bit them, not using privacy settings, etc. Most online privacy issues can be prevented by common sense. Particularly problematic for many people is seeing how they post personal information on social media, neglect to use privacy settings, and are surprised when their personal information is stolen weeks later. While you can be careful about what you post about yourself, you can't prevent other people from posting about you. Also problematic for people is how there are sites like <a href="http://www.dirtyphonebook.com" rel="nofollow">DirtyPhoneBook</a> where people post personal information about each that can't be removed. With Google making all of this information widely available, being vigilant about seeing what people can find out you is critical to maintaining your online reputation. Facebook can do a bit more to prevent people from accidentally messing up their own lives by encouraging more sensible defaults, but in the end people have to be smart about what they post about themselves online, and this doesn't solve all potential problems. A lot of the government abuses can't be stopped, but at least you can control your own behavior and minimize the damage that you can do to yourself.
+  - author: Jack
+    date: 2012-04-24T23:51:31+02:00
+    content: |
+      Good post, Dennis - thanks.
+  
+      SOPA of course is the Stop Online Piracy (not, Privacy) Act.
+    
+      Good Freudian slip though. :-)
+  - author: anonymous
+    date: 2012-04-25T11:27:26+02:00
+    content: |
+      Good post, thanks.
+  - author: Dennis Kügler
+    date: 2012-04-25T12:27:02+02:00
+    content: |
+      Lol, thanks for pointing that out! It was indeed totally Freudian.
+  - author: Dennis Kügler
+    date: 2012-04-25T12:33:18+02:00
+    content: |
+      Thanks for the comment Dina. What you say is very true. I think many people - especially young kids - have no idea about how damaging some of information they post to social networks can be. Everyone does and says stupid things when they're teenagers, but now it is documented and - in some cases - out there in the public domain for others to see. We did a little roundup of tips to protect privacy here - <a href="/blog/top-five-ways-to-protect-your-online-privacy/" rel="nofollow ugc">blog/top-five-ways-to-protect-your-online-privacy</a>
+  - author: "....."
+    date: 2012-04-25T12:33:18+02:00
+    content: |
+      Relying on the government to protect your privacy is like asking a peeping tom to install your window blinds. - John Perry Barlow
+  - author: Jason
+    date: 2012-04-25T15:13:53+02:00
+    content: |
+      Here's another one, this time in New Zealand: <a href="http://www.stuff.co.nz/national/politics/6625136/Search-and-Surveillance-Bill-passes" rel="nofollow ugc">http://www.stuff.co.nz/national/politics/6625136/Search-and-Surveillance-Bill-passes</a>
+  - author: Dennis Kügler
+    date: 2012-04-25T15:47:40+02:00
+    content: |
+      Thanks, I'll stick this into the post when I've got a minute. If anyone else has suggestions to add, post them here and we'll try to make this list more comprehensive.
+  - author: Chris Cody
+    date: 2012-04-25T19:38:02+02:00
+    content: |
+      Excellent post! Tbank you. I wonder if intellectual property rights are going to need to be enforced soley by the property owners from now on. Think of a digital 'Stand Your Ground' approach.
+  - author: Stu
+    date: 2012-04-26T03:29:01+02:00
+    content: |
+      I think the governments are playing a sort of over-reaction catch up game. But it is understandable when Mark Zuckerberg probably owns more valuable information about people in the world than most law enforcement agencies. While the governments may introduce some stupid bills to try and claw back some of the power, or support their powerful music-industry friends - why is no-one worried about the power that Facebook and Google have? At least democratic governments are elected and are supposed to represent/support the people. What is Facebook's motiviation? Money? Mark originally wanted to pick up girls on campus - is this the guy we want to own all the world's information? Now with open graph that's exactly what Facebook wants to do. At least Google have occasionally pretended to want to "do no evil" - but Facebook don't event pretend.
+  - author: an independent musician
+    date: 2012-04-26T04:32:20+02:00
+    content: |
+      Just a reminder that it's not only big media corporations who are concerned about copyrights - lots of musicians who paid a few thousand dollars to record their album ( not to mention years of practice) want to be paid for their music, too.
+  - author: Jon H
+    date: 2012-04-26T15:11:43+02:00
+    content: |
+      Very reasonable viewpoint - but how much of the money extracted by these copyright agencies actually gets back to the small artists, or any artist for that matter. I've heard that they keep all the money for their costs&#8230;
+  - author: Dennis Kügler
+    date: 2012-04-26T18:54:03+02:00
+    content: |
+      The current business model of the recording industry is broken. If the industry had any sense they would have come up with iTunes themselves rather than persecuting their own customers and allowing a software company like Apple to completely pull the rug from under their feet. Luckily the record industry was never that good for regular artists anyway (only the tiny minority that struck it big). Now that the internet has put the means of distribution into everyone's hands and PCs mean you can record an album in your bedroom, there isn't much use for the bloated record industry and all its middlemen sucking the artists dry. Sure, the new monetisation models are still finding their feet, because its very early days and the incumbents are still fighting tooth and claw to retain their position. But there are other ways. This techdirt report into how the music industry is actually making more money than ever is pretty interesting - <a href="http://www.techdirt.com/skyisrising/" rel="nofollow ugc">http://www.techdirt.com/skyisrising/</a>
+
+
+---
+It may only be April, but 2012 has already seen a worrying number of legislative acts hit the headlines that threaten online privacy. From the entertainment industry-backed SOPA in the USA, to the UK's surveillance state-issued CCDP, 2012 has seen governments and industries across the western world try to put the brakes on the vibrant, free-thinking, online ecology that has grown over the last decade.
+
+Given our vested interest in securing online anonymity and privacy, the IVPN blog has followed all these threats closely. So we thought it was about time to pause and have a little recap of which pieces of online legislation still pose a threat to the web as we know it, and which have been successfully challenged by public opposition.
+
+# A Quick Guide To Online Privacy Legislation
+
+**SOPA**
+
+[The Stop Online Piracy Act][1] was introduced to the United States House of Representatives last October and will probably be remembered as the first major piece of legislation to embed the issue of online privacy firmly in the public consciousness. SOPA was a bill designed to protect the interest of incumbents in the entertainment industry, who have watched their monopolies crumble around them as the internet disrupted traditional business models (and would rather persecute customers than adapt to new technology). However, SOPA's broad and ill-thought-out drafting would have effectively given copyright holders the power to shut down major sites such as YouTube and Facebook if users posted copyrighted material.
+
+Luckily SOPA will also go down in history as the first attack on online privacy that was successfully defeated by a combination of grass roots activism, new online 'hactivist' protests and opposition from big industry players such as Google and Wikipedia. The bill is currently in a state of suspension, but the 'SOPA' name is now so tainted that it's unlikely to surface again.
+
+**PIPA**
+
+The Protect IP Act is SOPA's corresponding US Senate bill that aims to give copyright holders the power to shut down websites that it believes infringes on its copyrights. Although PIPA would have essentially [given copyright holders the same powers as SOPA][2], it's wording was not as extreme and it didn't directly attack legal services such as YouTube and Facebook. Many journalists and activists therefore believed that SOPA was something of a distraction or a ploy to divert attention away from PIPA. However, outrage over SOPA eventually spread to PIPA also, and in late January Senator Harry Reid said a vote on the bill is postponed – though possible, it doesn't look like PIPA will be making a return.
+
+**ACTA**
+
+The Anti-Counterfeiting Trade Agreement is a global trade agreement that, like SOPA, puts the interests of copyright holders before the interests of a free and open web. If ratified, it would result a huge invasion of privacy as ISPs would have to track user browsing. The act was passed in the USA back in 2009, but it only made headlines at the beginning of this year when EU countries began voting on it. ACTA was labelled as the EU version of SOPA and [sparked protests right across the continent][3]. ACTA was passed in a number of EU states but 6 states – including Germany and Poland – were forced by popular protest to suspend voting.  EU nations still have until March 2013 to ratify ACTA.
+
+However, Poland has categorically said it will not sign the act and Germany doesn't look likely to either. Furthermore the EU official who was overseeing ACTA, Kader Arif, resigned from his post, calling the bill "unacceptable", and attacked the secrecy behind its drafting. The man who replaced him – British MEP David Martin – has also said that ACTA poses [too much of a risk to online freedoms to ratify][4]. Hopefully, this opposition means ACTA won't pass in the EU.
+
+**DEA**
+
+The UK government's Digital Economies Act  - rushed through in the dying hours of the Labour government in 2010 - was yet another bill designed to prop-up the ailing businesses of copyright holders in the music and entertainment industries, by forcing internet service providers to spy on potential file sharers. If the users are caught file-sharing more than three times after being warned, then the ISPs will be forced to ban them from the internet. UK ISPs, understandably, didn't like the idea of becoming an internet police force, and therefore dragged the DEA through the UK courts for two years. Because of protests, two sections of the act, which required ISPs to block copyright-infringing websites, have been removed. But in March, [the ISPs battle against the DEA suffered a big defeat][5], when its court appeal to prevent the bill from entering into law was denied. Barring any further government reviews, the DEA looks set to enter British law.
+
+**CCDP**
+
+Unlike SOPA, ACTA and the DEA, the Communications Capabilities Development Programme was not the brain child of the entertainment industry, but a UK government initiative to create a mass surveillance scheme to benefit law enforcement. The CCDP basically removes an important layer of judicial oversight between your private emails and any law enforcement agent who wants to spy on them. If it were not for The Times newspaper leaking details about the bill, then we probably wouldn't even know about it. The CCDP would also mean ISPs have to retain all of your personal data and then hand them over to government without any court order – all it would take is idle suspicion. The CCDP has not yet been passed and since it was leaked there's been an outcry from the UK public and the press. What happens next depends on how much pressure protesters place on the UK government and whether or not the surveillance plans are technically feasible. For more information on [protesting against CCDP check out our guide][6].
+
+**CISPA**
+
+The Cyber Intelligence Sharing and Protection Act is the latest threat to emerge from the state lawmakers in the US. But after the failure of SOPA, the US government is re-branding its clamp-down on internet freedoms by invoking the spectre of Chinese cyber terrorism – far more scary than file-sharers. [CISPA][7] is slightly less worse than SOPA as it doesn't give law enforcement the powers to directly shut down websites, but it's a very vaguely-written piece of legislation that lumps cyber-terrorism together with theft of intellectual property (i.e. file-sharing). So the outcome – internet users being spied on for violating copyright – is essentially the same. The most dangerous aspect of CISPA is that big internet players such as Google and Facebook support the bill, as it takes the weight of policing copyrighted content off their shoulders and hands it to law enforcement agencies. CISPA has not yet been approved and the protest against it is well under-way. Whether or not the protests succeed, like they did against SOPA, is down to the amount of pressure put on politicians, [so get involved!][8]
+
+ [1]: http://en.wikipedia.org/wiki/Stop_Online_Piracy_Act
+ [2]: http://en.wikipedia.org/wiki/PROTECT_IP_Act
+ [3]: /blog/europeans-rage-against-acta/
+ [4]: http://en.wikipedia.org/wiki/Anti-Counterfeiting_Trade_Agreement
+ [5]: /blog/uk-isps-forced-to-spy-on-customers/
+ [6]: /blog/uk-online-spying-law-how-to-resist/
+ [7]: /blog/cispa-more-of-a-threat-to-online-privacy-than-sopa/
+ [8]: http://cyberspying.eff.org/
+ 
\ No newline at end of file
diff --git a/src/content/es/blog/2012-04-27-cispa-danger-esclates-as-bill-receives-approval.md b/src/content/es/blog/2012-04-27-cispa-danger-esclates-as-bill-receives-approval.md
new file mode 100644
index 000000000..7f794d68f
--- /dev/null
+++ b/src/content/es/blog/2012-04-27-cispa-danger-esclates-as-bill-receives-approval.md
@@ -0,0 +1,48 @@
+---
+title: CISPA danger escalates as bill receives approval
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-04-27T15:42:48+00:00
+url: /blog/cispa-danger-esclates-as-bill-receives-approval/
+heroImage: /images-static/uploads/cispa-bill.jpg
+thumbnailImage: /images-static/uploads/cispa-bill.jpg
+
+---
+[The Cyber Intelligence Sharing and Protection Act][1] (CISPA) was yesterday approved by the US House of Representatives, in a vote that brings the US one step closer to eradicating the very principle of user anonymity and privacy in the online space.
+
+Having been rushed through a day earlier than expected, the House voted in favor of the bill with a bipartisan vote of 248 to 168. The bill will now go onto the Senate.
+
+Mike Rogers (Rep), the author of the bill, said any organisations that opposed CISPA (which includes the American Civil Liberties Union and Electronic Frontier Foundation) [were engaging in "obfuscation"][2]. Rogers called on fellow congressmen to "stand up for America. Support this bill". He added that CISPA was "the last bastion of things we need to do to protect this country."
+
+**Unhelpful amendments**
+
+If you need a recap, [CISPA essentially gives new powers to internet service providers][1], allowing them to bypass existing privacy laws and spy on the personal data (i.e. emails, web browsing history, Facebook activity, you name it) of their users and pass it on to government law enforcement agencies. The bill also allows ISPs and companies such as Facebook and Google, to share user information with each other about any potential, and ill-defined, 'cyber security threats' – while protecting them from any privacy lawsuits. It's essentially a bill that invokes the spectre of state-sponsored cyber-terrorism to crack down on free-speech and online civil liberties.
+
+Even worse, due to yesterday's last minute amendments, CISPA has now become even more of a threat to online freedoms. [According to TechDirt][3], the bill now encompasses three more uses – the protection of children, the protection of individuals and the prosecution of cyber-security crime.
+
+"Basically this means CISPA can no longer be called a cybersecurity bill at all," argues TechDirt. "The government would be able to search information it collects under CISPA for the purposes of investigating American citizens with complete immunity from all privacy protections as long as they can claim someone committed a "cybersecurity crime". Basically it says the 4th Amendment does not apply online, at all."
+
+**Presidential opposition**
+
+CISPA now allows the government to use CISPA for five specific purposes - cybersecurity; investigation and prosecution of cybersecurity crimes; protection of individuals from death or serious bodily harm; protection of minors from child pornography; and the protection of national security. But as the [Electronics Frontier Foundation points out][4], "cybersecurity" and "national security" are terms that are incredibly vague and could encompass everything from posting copyrighted content, to circumventing digital rights management security on a DVD.
+
+However, CISPA may not have a smooth ride ahead and there is still time to pressure US senators into opposing the bill. In fact, the opposition already has a pretty big player on their side – none other than President Obama himself. The Obama administration is wholly opposed to CISPA in its current form (though whether or not the Obama's own proposed bill to address cybersecruity issues is any better remains to be seen.). A statement issued on Wednesday went as far to say The President would veto CISPA as it stands.
+
+"Legislation should address core critical infrastructure vulnerabilities without sacrificing the fundamental values of privacy and civil liberties for our citizens," [read the White House statement][5]. "Especially at a time our Nation is facing challenges to our economic well-being and national security&#8230;if H.R. 3523 were presented to the President, his senior advisors would recommend that he veto the bill."
+
+**Still time to fight**
+
+Other politicians, from both the Republican and Democratic sides, also expressed their opposition to CISPA.
+
+"In an effort to foster information sharing, this bill would erode the privacy protections of every single American using the internet. It would create a 'wild west' of information sharing," said Republican Bennie Thompson of Mississippi. Republican Joe Barton added "until we protect the privacy rights of our citizens, the solution is worse than the problem."
+
+CISPA advocates may have won an important battle, but the war isn't quite over. There's still plenty of political opposition to make sure the bill stalls. However, given that online companies, such as Facebook, support CISPA, the US and global public need to continue to pile on the pressure and keep up the protests. More information on how to add your voice to the CISPA opposition can be [found over at the EFF][6].
+
+ [1]: /blog/cispa-more-of-a-threat-to-online-privacy-than-sopa/
+ [2]: http://www.guardian.co.uk/technology/2012/apr/24/cispa-cybersecurity-bill-opposed-obama
+ [3]: http://www.techdirt.com/articles/20120426/14505718671/insanity-cispa-just-got-way-worse-then-passed-rushed-vote.shtml
+ [4]: https://www.eff.org/deeplinks/2012/04/even-rogers-amendments-cispa-still-surveillance-bill
+ [5]: http://www.whitehouse.gov/sites/default/files/omb/legislative/sap/112/saphr3523r_20120425.pdf
+ [6]: https://www.eff.org/action
diff --git a/src/content/es/blog/2012-05-07-americas-most-dangerous-anti-online-privacy-politicians.md b/src/content/es/blog/2012-05-07-americas-most-dangerous-anti-online-privacy-politicians.md
new file mode 100644
index 000000000..c96dbda11
--- /dev/null
+++ b/src/content/es/blog/2012-05-07-americas-most-dangerous-anti-online-privacy-politicians.md
@@ -0,0 +1,83 @@
+---
+title: America's Most Dangerous 'Anti-Online Privacy' Politicians
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-05-07T15:32:24+00:00
+url: /blog/americas-most-dangerous-anti-online-privacy-politicians/
+heroImage: /images-static/uploads/Lamar-Smith-online-privacy-threat-politician.jpg
+thumbnailImage: /images-static/uploads/Lamar-Smith-online-privacy-threat-politician.jpg
+comments:
+  - author: Alejandra
+    date: 2016-11-16T10:08:22+01:00
+    content: |
+      They'll accomplish that, if they pays anyone to do something for them. Maybe you wonder where people find those online coupons.
+  
+      The new dome is known as a diminished marine riser package, usually know as an LMRP.
+  
+      <a href="http://Hypeur.com/10146" rel="nofollow ugc">http://Hypeur.com/10146</a>
+
+---
+With politicians Mike Rogers and 'Dutch' Ruppersberger trying desperately to push the [CISPA][1] surveillance bill through the US Senate, facing opposition from thousands of concerned citizens and president Obama himself, we though it was about time to take a closer look at the men behind these half-cocked pieces of legislation. Because when it comes to controlling the web and screwing with online freedoms, it seems that the same old faces just keep on cropping up. So, who are the biggest political enemies of online privacy in the US? Read on to find out.
+
+## Lemar S. Smith - Republican,Texas
+
+******Assumed office: 1987**
+
+(Pictured above)
+
+When it comes to introducing laws that curtail internet freedoms, [Lemar S. Smith][2] has an impressive pedigree. Smith was the primary advocate behind the Stop Online Privacy Act (SOPA) that kicked off worldwide protests last year. In 2011 he also tried to introduce [Protecting Children from Internet Pornographers Act][3] (PCIP). Although PCIP sounds noble enough, it requires that ISPs retain your data such as IP, credit card details and bank account details for up to a year after you leave their service. PCIP is likely to be debated in the House of Representatives later this year.
+
+Oh but it doesn't stop there. Smith, along with so called 'internet-friendly' [Bob Goodlatte][4], also played a major role in passing the [Leahy-Smith American Invents Act][5], a major reform of America's patent laws that opponents argue puts more power in the hands of market incumbents and stifles innovation. In 2006 Smith also tried to [expand the Digital Millennium Copyright Act][6] (while everyone else was trying to reduce its power) in order to make it easier for federal police to engage in wiretapping over suspected breaches of copyrighted. Make no mistake, Lemar Smith is a threat to online privacy.
+
+## Howard Coble - Republican, North Carolina
+
+**Assumed office: 1985**
+
+![Howard Coble](/images-static/uploads/Howard-coble-400x287.jpg)
+
+[Howard Coble's][7] attack on online privacy goes back a long way and encompasses some of the earliest legislation that restricts what you can and can't do with your own computer. The 81-year old Coble was the man that introduced the much maligned [Digital Millennium Copyright Act][8] to the House of Representatives back in 1997. The DMCA has since been used to crack down heavily on file-sharers and shut down websites that are allegedly in-breach of copyright. The DMCA has been lambasted for restricting free expression and interfering with computer intrusion laws. Coble also played a role in passing the Bob Goodlatte's [NET Act][9] in 1997, which made it easier to prosecute individuals over copyright theft.
+
+## Orrin Hatch - Republican, Utah
+
+**Assumed office: 1977**
+
+![Orrin Hatch](/images-static/uploads/orrin-hatch-400x300.jpg)
+
+Orrin Hatch is a man who once said that copyright holders should be able to [come into your house and smash up your computer][10]. The 78-year old Republican tried to introduce the [INDUCE Act][11] to the US Senate , which was so clumsy in its attack on copyright infringement that it would have likely led to prosecuting people making home VCR recordings, or recording off the radio. Hatch also, along with Patrick Leahy, tried to introduce the much-criticised [Combating Online Infringement and Counterfeits Act][12], which would have required ISPs and domain registrars to block access to web sites suspected of copyright infringement. Luckily COICA faced heavy opposition and disappeared.
+
+## Patrick Leahy - Democrat, Vermont
+
+**Assumed office: 1975**
+
+![Pat Leahy](/images-static/uploads/pat-leahy-400x276.jpg)
+
+Although [Patrick Leahy][13] is a progressive and has been recognised as an advocate of open government and online freedoms, the fact is his track record is pretty bad. Along with Orrin Hatch, the 72-year old Leahy introduced the INDUCE Act, the [Pirate Act][14] and COICA – three bills that would have had negative effect on online freedoms. Leahy was also the man who introduced [PIPA][15], the brother of SOPA, to the US Senate.
+
+## Mike Rogers - Republican, Michigan
+
+**Assumed office: 2011**
+
+![Mike Rogers](/images-static/uploads/mike-rogers-400x305.jpg)
+
+[Mike Rogers][16], along with Democrat Dutch Ruppersberger, is main architect behind the latest threat to online privacy winding its way through congress - the Cyber Intelligence Sharing and Protection Act (CISPA). We've written [enough about CISPA's ills][17], so we won't go over it again. Unlike the other politicians on this list, Rogers is a relative newcomer (assumed office in 2001), so keep an eye on him. He may be a rising star amongst the interest groups looking to curtail online privacy and exert more control over the web.
+
+ [1]: /blog/cispa-more-of-a-threat-to-online-privacy-than-sopa/
+ [2]: http://en.wikipedia.org/wiki/Lamar_S._Smith
+ [3]: http://en.wikipedia.org/wiki/Protecting_Children_from_Internet_Pornographers_Act_of_2011
+ [4]: http://en.wikipedia.org/wiki/Bob_Goodlatte
+ [5]: http://en.wikipedia.org/wiki/Leahy-Smith_America_Invents_Act
+ [6]: http://news.cnet.com/2100-1028_3-6064016.html?part=rss&tag=6064016&subj=news
+ [7]: http://en.wikipedia.org/wiki/Howard_Coble
+ [8]: http://en.wikipedia.org/wiki/Digital_Millennium_Copyright_Act
+ [9]: http://en.wikipedia.org/wiki/NET_Act
+ [10]: http://www.computerweekly.com/news/2240051341/US-senator-backs-away-from-smash-PC-remarks
+ [11]: http://en.wikipedia.org/wiki/INDUCE_Act
+ [12]: http://en.wikipedia.org/wiki/Combating_Online_Infringement_and_Counterfeits_Act
+ [13]: http://en.wikipedia.org/wiki/Patrick_Leahy
+ [14]: http://en.wikipedia.org/wiki/Pirate_Act
+ [15]: http://en.wikipedia.org/wiki/PROTECT_IP_Act
+ [16]: http://en.wikipedia.org/wiki/Mike_Rogers_%28Michigan_politician%29
+ [17]: /blog/cispa-danger-esclates-as-bill-receives-approval/
+
diff --git a/src/content/es/blog/2012-05-16-when-it-comes-to-online-privacy-the-uk-is-already-screwed.md b/src/content/es/blog/2012-05-16-when-it-comes-to-online-privacy-the-uk-is-already-screwed.md
new file mode 100644
index 000000000..94614d70a
--- /dev/null
+++ b/src/content/es/blog/2012-05-16-when-it-comes-to-online-privacy-the-uk-is-already-screwed.md
@@ -0,0 +1,58 @@
+---
+title: When it comes to online privacy, the UK is already screwed
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-05-16T15:14:44+00:00
+url: /blog/when-it-comes-to-online-privacy-the-uk-is-already-screwed/
+heroImage: /images-static/uploads/uk-flag.jpg
+thumbnailImage: /images-static/uploads/uk-flag.jpg
+comments:
+  - author: Winston Smith
+    date: 2012-05-16T22:18:15+02:00
+    content: |
+      Except that under the "Protection of Freedoms Bill (HC Bill 146)" which received royal assent at the beginning of this month, the Regulation of Investigatory Powers Act 2000 was amended to include this clause:
+
+      "The authorisation or notice is not to take effect until such time (if any) as the relevant judicial authority has made an order approving the grant or renewal of the authorisation or (as the case may be) the giving or renewal of the notice."
+
+      <a href="http://www.publications.parliament.uk/pa/bills/cbill/2010-2011/0146/cbill_2010-20110146_en_5.htm#pt2-ch2-l1g37" rel="nofollow ugc">http://www.publications.parliament.uk/pa/bills/cbill/2010-2011/0146/cbill_2010-20110146_en_5.htm#pt2-ch2-l1g37</a>
+  - author: Grunt
+    date: 2012-05-18T22:44:46+02:00
+    content: |
+      V for Vendetta!
+  - author: Anon
+    date: 2012-05-19T16:25:32+02:00
+    content: |
+      In Time It Might Just Come To That&#8230;
+
+---
+Last week's formal announcement of the UK government's CCDP surveillance plans, may be the last nail in the coffin when comes to the online privacy of UK citizens, but it certainly isn't the first. The UK has for some time led the way in Europe when it comes to a complete disregard for the privacy of internet users across the country.
+
+If you haven't heard about the CCDP and what a frightening, needless and downright criminal piece of legislation it is, then you can check out [our blog right here][1], from when The Sunday Times broke the story in March. It's worth noting that, despite the formal announcement, the UK coalition government has continued to remain tight-lipped on the details and refused to answer any real questions on the matter. So there's still time to protest and pile on the pressure (more information on how to do that is in the linked article), especially since the coalition is lurching from one political disaster to another.
+
+**Data retention**
+
+But while we have the CCDP to look forward to, why don't we remind ourselves of the online snooping and spying that already goes on in the UK.
+
+The UK government is a fully signed-up member of the [EU Data Retention Directive][2]. This means that all UK ISPs must track and record what websites you are visiting, when you visit them, when you send emails, who you send them to, your login times and a whole host of other related data. UK ISPs must then store this information for a minimum of 1 year until after you cancel your account.
+
+Sure, this directive comes from the EU and other countries have also signed-up. But not all of them. [Germany refuses to implement the law][3], because it considers it unconstitutional. Sweden and Romania have also refused to implement the law. And before you curse the EU for mandating such a horrible directive, the UK already had its [own data retention law][4] in place – part of the Terrorism Act - which was pretty much the same deal.
+
+**Lack of oversight**
+
+What makes the UK's approach to data retention particularly frightening is the ease at which your personal data can be accessed. Most of the EU countries require some sort of judicial oversight before authorities get to snoop on what you've been up to online. Not much oversight appears to be required in the UK.
+
+There are over 200 agencies and 474 local authorities in the UK [who are allowed to access stored communications data][5] from your ISP, in secret. There were over 500,000 requests for communication data, under the controversial RIPA act, in 2009 alone. These requests aren't all aimed at catching out terrorists or criminal masterminds. In 2008 it emerged that a couple in Dorset were [spied on 21 times by their local education authority][6], under RIPA. to find out if they live in a school catchment area (though it's not clear if internet data was accessed in this particular case).
+
+**Orwell, anyone?**
+
+So, not content with the 2-4 million CCTV cameras spread across Britain ([no one seems to know the exact figure][7]), the UK government evidently seems hell-bent on monitoring what you do in the privacy of your own home. Sure things are bad now, but the CCDP will make this situation even worse. So if you care about privacy in the UK, now is the time to [get involved][1] and make your voice heard.
+
+ [1]: /blog/uk-online-spying-law-how-to-resist/
+ [2]: http://en.wikipedia.org/wiki/Telecommunications_data_retention#European_Union
+ [3]: http://www.pcworld.com/businesscenter/article/254614/germany_misses_eu_data_retention_deadline_could_face_court_action.html
+ [4]: http://en.wikipedia.org/wiki/Anti-terrorism,_Crime_and_Security_Act_2001#Part_11_.28Retention_of_communications_data.29
+ [5]: https://www.privacyinternational.org/reports/united-kingdom/ii-surveillance-policies
+ [6]: http://news.bbc.co.uk/2/hi/uk_news/england/dorset/7343445.stm
+ [7]: http://www.wired.co.uk/magazine/archive/2010/05/start/investigation-a-sharp-focus-on-cctv?page=all
diff --git a/src/content/es/blog/2012-05-26-nations-or-corporations-who-poses-the-biggest-threat-to-online-privacy.md b/src/content/es/blog/2012-05-26-nations-or-corporations-who-poses-the-biggest-threat-to-online-privacy.md
new file mode 100644
index 000000000..72b8f9c00
--- /dev/null
+++ b/src/content/es/blog/2012-05-26-nations-or-corporations-who-poses-the-biggest-threat-to-online-privacy.md
@@ -0,0 +1,49 @@
+---
+title: Nations or corporations – Who poses the biggest threat to online privacy?
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-05-26T13:05:29+00:00
+url: /blog/nations-or-corporations-who-poses-the-biggest-threat-to-online-privacy/
+heroImage: /images-static/uploads/fbi-logo.jpg
+thumbnailImage: /images-static/uploads/fbi-logo.jpg
+comments:
+  - author: H Munster 
+    date: 2016-01-04T01:18:30+01:00
+    content: |
+      Corporations pose a much greater threat to privacy. They are actively tracking everyone they can. Frequently, losing sensitive data to hackers or through plain carelessness. The problem is, there is not downside for corporations for losing your information. There is not punishment.
+  
+      In the past year, my data was stolen from target and now by chase. Both resulted in large fraudulent charges on my credit cards.
+  - author: Bula
+    date: 2017-01-22T04:53:34+01:00
+    content: |
+      Well when everything is used against you and they target you then you know kiss your ass goodbye. I was in government informant working undercover with pizza Hut. I retired in 2003. I no longer could work I had a heart attack. And just got out of Surgery. I was in coma in Makiki for about five months. I was setup by people that I thought were my friends. I had tens years to live. I was diagnosed as paranoid schizophrenic and ptsd and was diagnosed at Tripler Army hospital. I could no longer do mine sweeping. I came across old floating red mine in Kailua a long time ago..
+  
+      My mother and other people had set me up. I was diagnosed with terminal bone marrow cancer. I was never a sex offender. I never raped children or wanted to be gay. They put me ina brainwash program.. I was retired agent.. I was suppose to go back home and stay in the witness protection. I have never raped a child or a women in my life. I was diagnosed with terminal bone marrow cancer. I did not donate my organs. I wanted to get married and move to Austrilia with my wife and kids. And I was suppose to have ten years to live. I was in the Witness protection.. I have never raped a child or anyone in my life&#8230; I was fucked over by everyone&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;MKULTRA is an illegal program. Donna M Pennino and friends fuck you.. Fuck the CIA and NSA FBI Straub and Ronald Landrio that stoled my witness protection paperwork and stoled my money and apartment.. I was diagnosed with Multischerosis and paranoid schizophrenic and not gay or bisexual WHY&#8230;&#8230;&#8230;&#8230;&#8230;..I never raped anyone Matthew Kennedy Howard
+
+---
+This week has reminded us of the twin threats online privacy currently faces from both the public and private arenas, with news of a new FBI surveillance unit designed to crack emerging technologies, and the revelation that Apple may be storing every word you say to the iPhone 4S voice assistant Siri.
+
+So where do we start? How about on Wednesday, when ex Google boss Eric Schimdt [took to the stage at the London Science Museum][1] to warn that governments posed the biggest threat to online privacy and indeed the very future of the internet. It didn't take long for Schmidt's warning ring true, with news emerging on the same day that the FBI has been busy staffing the Domestic Communications Assistance Center, a new unit designed to create technologies that will help the FBI monitor "emerging technologies" such as VoIP.
+
+**Backdoor access**
+
+According to CNET, [which broke the story][2], the DCAC has been flying very much under the radar in order to avoid creating too much of a footprint. There's no website, no public debate and hardly any political debate over the new agency, despite having already been allocated $54 million by the Senate. Nevertheless, CNET pieced together information from interviews, internal government documents and job postings to conclude the DCAC has a mandate covering everything from intercepting Skype conversations, to analysing data from social networks like Facebook and Twitter.
+
+The revelations came just weeks after it emerged that the FBI is trying to [set-up backdoor access points][3] to a wide range of social sites and communications services, including VoIP providers like Skype, social networks and email providers. The FBI wants amendments to the [CLEA law][4] that allows them to implement these surveillance backdoors and is pressuring internet companies not to oppose them.
+
+**Siri is listening..**
+
+But while American citizens fret over government surveillance plans, it was revealed that one of the country's most famous corporations is worried about privacy threats from Apple. Reports emerged on Thursday that [IBM bans employees][5] from using the iPhone 4S' voice activated Siri feature, which subsequently shone a spotlight on Apple's less than transparent privacy policy around the service.
+
+IBM's decision to ban Siri is because Apple records and stores its users' data. This can potentially include any requests made to Siri (such as find me the nearest sexual health clinic), and even personal messages and emails that have been voice-dictated. [As ACLU's blog pointed out back in March][6], Apple's privacy policy doesn't make clear who has access to this data and where it's stored. But it does say that Apple reserves the right to share the data with "Apple's partners who are providing related services to Apple." This has obviously got IBM spooked over what access Apple might have to sensitive company secrets. And if it's got IBM spooked, then it should probably get you spooked too!
+
+Eric Schmidt was right this week to point out the threat that governments pose to online privacy, but he should probably admit that private companies such as Apple, and of course Google, are not that far behind.
+
+ [1]: http://www.guardian.co.uk/technology/2012/may/23/google-fund-teachers-computer-science-uk
+ [2]: http://news.cnet.com/8301-1009_3-57439734-83/fbi-quietly-forms-secretive-net-surveillance-unit/
+ [3]: http://news.cnet.com/8301-1009_3-57428067-83/fbi-we-need-wiretap-ready-web-sites-now/?tag=mncol;txt
+ [4]: http://en.wikipedia.org/wiki/Communications_Assistance_for_Law_Enforcement_Act
+ [5]: http://arstechnica.com/apple/2012/05/ibms-siri-ban-highlights-companies-privacy-trade-secret-challenges/
+ [6]: https://www.aclunc.org/issues/technology/blog/note_to_self_siri_not_just_working_for_me,_working_full-time_for_apple,_too.shtml
diff --git a/src/content/es/blog/2012-06-08-when-law-enforcement-knocks-on-a-vpns-door-what-happens.md b/src/content/es/blog/2012-06-08-when-law-enforcement-knocks-on-a-vpns-door-what-happens.md
new file mode 100644
index 000000000..5373a6a6c
--- /dev/null
+++ b/src/content/es/blog/2012-06-08-when-law-enforcement-knocks-on-a-vpns-door-what-happens.md
@@ -0,0 +1,57 @@
+---
+title: When law enforcement knocks on a VPN's door, what happens?
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-06-08T12:49:27+00:00
+url: /blog/when-law-enforcement-knocks-on-a-vpns-door-what-happens/
+heroImage: /images-static/uploads/home-server-map.png
+thumbnailImage: /images-static/uploads/home-server-map.png
+comments:
+  - author: john weston
+    date: 2013-11-18T07:54:43+01:00
+    content: |
+      What has happened to Focus VPN? We are not able to view or contact the company, since last weekend.
+  - author: Asus Router Support
+    date: 2018-04-01T01:25:03+02:00
+    content: |
+      Sometimes we need to protect yourself then we need to hide our identity like same when we need to hide our digital identity so we can hide our digital identity on the internet by using the VPN.
+  - author: KJ Peterson
+    date: 2019-07-13T09:17:25+02:00
+    content: |
+      But what if that person has committed a crime, and using a VPN to help cover up their activities. VPN services should be required to retain user information which can be given to any court in the event that a VPN is being used to help cover up a users illicit activities.
+  - author: Mildred D. Amaral
+    date: 2019-07-22T00:51:48+02:00
+    content: |
+      VPN always secure our connection through encryption module security and protection you don't want to someone watching you or spying your log or data. Fastest VPN Help the people's and they will feel free to surf in the internet.
+
+---
+Virtual Private Networks (VPNs) are fast becoming one of the last refuges for internet users who want to ensure their web browsing is kept private. This year barely a week has gone by without [unpopular, anti-online privacy, legislation][1], pushed by powerful entertainment industry lobbies, making headlines. Either that or leaks on government plans for [increased surveillance of citizens][2], defended by sexed-up threats from pedophiles and terrorists. If current trends continue, it's looking more and more likely that VPN usage will break out from its current niche and start to capture the attention of more mainstream spheres.
+
+However, the security of your privacy and personal data rests solely on the privacy policy of your VPN – and not all VPN privacy policies are created equally. In fact, many VPNs leave your personal data exposed to governments, law enforcement and copyright lawyers in exactly the same way as your ISP does.
+
+**Data retention**
+
+This was brought into sharp focus around a year ago when a member of hacking group Lulzsec was handed over to the authorities. Lulzsec member 'Recursion' [used UK-based VPN HideMyAss][3] to hack News Corp and Sony, among others. What Recursion didn't know was that HideMyAss keeps logs of IP addresses and timestamps. All it took was a UK court order to compel HideMyAss to hand over the data and Recursion (real name Cody Kretsinger) was delivered to the FBI.
+
+Obviously no VPN wants criminal activity to take place on its service. But what's the point of using a VPN if they retain enough of your personal data to facilitate your identification in the real world? What's the difference between a copyright holder forcing an ISP to identify you based on unsubstantiated allegations of copyright theft, and that same court order being applied to a VPN? Yet that's exactly the kind of threat many big name VPNs expose their customers to. Last year TorrentFreak [posted a great round-up of VPNs][4] who retain customer data and those who don't. If a VPN retains your data then it has no option other than to comply with court orders to hand it over.
+
+**When the authorities come knocking**
+
+Here at IVPN we have a vested interest in highlighting this issue and obviously we wouldn't be writing about it if we weren't confident in our own privacy policy. So what happens if the authorities come knocking at our door looking to identify an individual? Well typically law enforcement would serve us a subpoena, demanding that we trace the identity of an individual connected to our network based on a timestamp and the IP address of one of our servers.
+
+All VPNs have the ability to track users and log their data. We don't keep any connection logs, this reduces our liability and ensures your absolute privacy. Make sure you are very clear on your VPN providers logging policy as many do log which can be a major risk for you, even if for short periods.
+
+What about stuff like billing and customer registration details? We don't require your name or physical address, just an email address– nothing else. If you pay with PayPal then we have to store your PayPal subscription ID but there's no way of linking any of your connection related data to your payment details because it doesn't exist. So in effect, your privacy is ensured and there's no way that anyone can find out what you do online. At the very most you can only be identified as a customer through your email address or PayPal subscription ID.
+
+If you're thinking of signing-up to a VPN make sure that you read its privacy policy and terms of conditions very closely. Because you may not be buying the level of protection and anonymity you think you are.
+
+**For more information, take a look at our [own privacy policy][5]. To learn more about how VPNs work, [read our FAQs][6].**
+
+ [1]: /blog/americas-most-dangerous-anti-online-privacy-politicians/
+ [2]: /blog/cispa-danger-esclates-as-bill-receives-approval/
+ [3]: http://www.techweekeurope.co.uk/news/hidemyass-anonymity-service-exposes-alleged-lulzsec-hackers-40663
+ [4]: http://torrentfreak.com/which-vpn-providers-really-take-anonymity-seriously-111007/
+ [5]: /privacy/
+ [6]: /knowledgebase/1/General-FAQ
diff --git a/src/content/es/blog/2012-06-19-the-uks-political-parties-dont-care-about-online-privacy.md b/src/content/es/blog/2012-06-19-the-uks-political-parties-dont-care-about-online-privacy.md
new file mode 100644
index 000000000..05a6bd27e
--- /dev/null
+++ b/src/content/es/blog/2012-06-19-the-uks-political-parties-dont-care-about-online-privacy.md
@@ -0,0 +1,39 @@
+---
+title: The UK's political parties don't care about online privacy
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-06-19T16:21:53+00:00
+url: /blog/the-uks-political-parties-dont-care-about-online-privacy/
+heroImage: /images-static/uploads/uk-flag.jpg
+thumbnailImage: /images-static/uploads/uk-flag.jpg
+
+---
+The propaganda machine around the UK coalition government's new online surveillance bill, designed to help law enforcement agencies [spy on UK citizens without judicial oversight][1], is in full flow. The last two weeks have seen advocates from the Conservative party take to the airwaves, putting their views across TV and radio shows in attempt to convince the British public that the bill will help keep children safe from peadophiles and the general public safe from terrorists.
+
+If you're unfamiliar with what's been dubbed the 'snoopers charter' (or the Communications Capabilities Development Program, more formally) you can read our previous [CCDP coverage here][1]. The fact the bill erodes online privacy is indisputable. What's more interesting (and depressing), is the distinct lack of opposition from the UK's main political parties.
+
+**Flip flops all round**
+
+The Liberal Democrats, given their libertarian leanings in the past, should be the ones leading the charge against the CCDP. But now they're part of the coalition, their hands are tied. Cast your minds back to pre-2010. Throughout the Labour government's 13-year reign the Liberal Democracts opposed nearly every proposal by the government to increase police powers to monitor online behaviour. Here's what the Liberal Democrat leader Nick Clegg said in 2008 about Labour's aborted Interception Modernisation Programme – the precursor to the CCDP:
+
+<span style="font-size: small;">"It is this government that has turned the British public into the most spied upon the planet," <a href="http://news.bbc.co.uk/2/hi/uk_news/politics/7230487.stm">said Clegg during Prime Ministers questions</a>. "1,000 surveillance requests every day, one million innocent people on the DNA database and 5,000 schools now fingerprinting our children. You are creating a surveillance state."</span>
+
+<span style="font-size: small;">Is Clegg and his Lib Dems colleagues defending the privacy of UK citizens now that he is in power? Of course not. Apart from a token gesture to seek amendments to bill, ensuring "safeguards are in place", Clegg has been virtually silent, as has nearly every key Lib Dem politician. In an attempt to avoid avoid rocking the coalition boat, the Lib Dems are once again betraying those who voted for them. </span>
+
+**<span style="font-size: small;">Silent Labour</span>**
+
+<span style="font-size: small;">That the Liberal Democrats have flipped flopped on yet another issue shouldn't come as a surprise. Nor should it be surprising that the country's main opposition party, The Labour Party, has also remained silent. Afterall they proposed <a href="http://wiki.openrightsgroup.org/wiki/Communications_Capabilities_Development_Programme#IMP_under_Labour_2006-2010">pretty much the same bill</a> when they were power, and wanted to take it even further with a national database. But Labour's inaction is still disappointing. The party's leader Ed Miliband has tried to break with some of the more unpopular Labour policies of the past, such as the Iraq war, and even <a href="http://www.bigbrotherwatch.org.uk/home/2010/09/ed-milibands-labour-party-conference-speech.html#.T-CjrxTft0x">declared during a party conference</a> that: </span>_"I won't let the Tories or the Liberals take ownership of the British tradition of liberty. I want our party to reclaim that tradition."_ <span style="font-size: small;">Go on then Ed – here's your chance.</span>
+
+<span style="font-size: small;">No, rather the biggest surprise is that the Conservatives are the ones proposing the CCDP. The same Conservatives that opposed Labour's Information Modernisation Programme on the grounds of civil liberties, and the same David Cameron who <a href="http://www.independent.co.uk/news/uk/home-news/police-and-mi5-get-power-to-watch-you-on-the-web-7606788.html">in June 2009, when he wasn't Prime Minister, said</a>: "Today we are in danger of living in a control state. Every month over 1,000 surveillance operations are carried out. The tentacles of the state can even rifle through your bins for juicy information." </span>
+
+**<span style="font-size: small;">What do they know that we don't?</span>**
+
+<span style="font-size: small;">I'm not a supporter of conspiracy theories, but it does make you wonder exactly what's caused parties like the Conservatives and Liberal Democrats to pivot so dramatically on this issue once they've entered the corridors of power. Does David Cameron now have convincing data from the police that's caused him to change his mind so enthusiastically? And if so, can we have a look at it too?</span>
+
+<span style="font-size: small;">There is one politician who still has the balls to stand-up for what he believes in. Conservative David Davis was tireless in his opposition to the erosion of civil liberties during Labour's reign and - all credit to him - <a href="http://www.bbc.co.uk/news/uk-politics-18434112">he's continued to voice his opinion</a> despite his own party's u-turn on the issue. </span>
+
+<span style="font-size: small;">If the CCDP is implemented it will be to the detriment of British democracy. No one voted for this bill. New online surveillance legislation was not either of the coalition parties' election manifestos - in fact, they both preached against such measures. Plus the system that's needed to carry out the government's surveillance <a href="http://www.dailymail.co.uk/news/article-2124251/GCHQ-Big-Brother-plans-let-state-spy-websites-emails-texts-cost-YOU-2bn.html">will cost in excess for £2bn</a> (so much for austerity!). David Davis is the one mainstream politician who has presented the case against the CCDP. But while this personal stand is admirable, the problem still remains that the UK public has been hoodwinked by the Conservative party, disregarded by Labour and abandoned by the Lib Dems. <br /></span>
+
+ [1]: /blog/uk-online-spying-law-how-to-resist/
\ No newline at end of file
diff --git a/src/content/es/blog/2012-06-27-governments-and-online-privacy-who-are-the-worst-offenders.md b/src/content/es/blog/2012-06-27-governments-and-online-privacy-who-are-the-worst-offenders.md
new file mode 100644
index 000000000..65c816c3d
--- /dev/null
+++ b/src/content/es/blog/2012-06-27-governments-and-online-privacy-who-are-the-worst-offenders.md
@@ -0,0 +1,55 @@
+---
+title: 'Governments and online privacy: Who are the worst offenders?'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-06-27T12:49:39+00:00
+url: /blog/governments-and-online-privacy-who-are-the-worst-offenders/
+heroImage: /images-static/uploads/flag-world-euro-countries.gif
+thumbnailImage: /images-static/uploads/flag-world-euro-countries.gif
+
+---
+In this article we take a quick look at the track records of western democratic governments when it comes to online privacy and data retention, rounding up the three best cases and the three worst cases. Obviously this isn't a comprehensive list and you may (re: probably will!) disagree with our entries - so why not let us know what you think in the comments below?
+
+## __The good (relatively)__
+
+**Germany**
+
+Germany has generally been good at resisting EU legislation that impacts on its citizens privacy and the Germans have shown themselves to be quite active in protesting anti-privacy legislation. Germany is still [refusing to implement the EU's Data Retention Directive][1] over privacy concerns and may suffer disciplinary action because of it. Germany played a big role [in defeating ACTA][2], after widespread protests throughout the country. The German government also famously forced Google to allow its citizens to [opt-out of Google Street View][3] – although this eventually resulting in Google opting out of expanding the service in the country.
+
+**USA**
+
+It's no secret that the US government has been the source of many pieces of controversial legislation that would negatively impact online privacy if implemented (think SOPA, PIPA and [CISPA][4]). However, as it stands, you may be surprised to hear the US is better than many other western countries when it comes to online privacy. There is no state mandated data retention laws in the US, like there is in Europe. Rather ISPs are free to set their own data retention policies. And while SOPA and PIPA were frightening, they were ultimately defeated after popular protest saw political opposition [grow across both Democrat and Republican parties][5]. However, whether or not the status quo in the US will survive for much longer is another matter entirely.
+
+**Canada**
+
+Like the US, Canada does not require ISPs to retain data on its users. The Canadian government does require ISPs to track individual users and retain data, but only if a court order has been issued ([there are reports][6] suggesting law enforcement often circumvents this requirement). Canadians can also take heart over what happened to the 'Protecting Children From Internet Predators Act'. PCIPA began life as a pretty nasty piece of legislation, zealous in its protection of copyright, which would have had dire consequences for online privacy. But popular protest actually forced the Canadian government to take a scalpel to the act and carve out [a much more reasonable and even handed law][7]. It's still not perfect, but it's a good example of governments and activists reaching a compromise.
+
+## __The bad__
+
+**United Kingdom**
+
+The UK government wasted no time signing-up to the EU's Data Retention Directive and currently requires all ISPs to retain the personal data of their customers for at least one year after you cancel your subscription. Your data must be handed over to police if they have a court order. There are [over 200 agencies in the UK][8] that are authorised to access your personal data and in 2009 there were over 1,700 requests for court orders to intercept communications data. The UK government recently announced its plans to introduce a new bill dubbed the [Communications Capabilities Development Programme][9] (CCDP), which intends to give UK law enforcement enhanced powers to monitor your web browsing without the need for judicial oversight. Given the lack of political opposition to the CCDP, it seems likely that the bill will pass.
+
+**France**
+
+As with the UK and other EU countries France requires all ISPs to retain your data for at least one year until after you cancel your subscription. But while EU countries such Germany and Romania have fought the Data Retention Act, the French government has actually taken it one step further with the ['Legal Regime for E-Commerce Trust' directive][10]. This directive requires that all internet access and hosting providers – i.e. any internet-based service, such as e-commerce companies and social networks – must retain financial transaction details, data logs, usernames, passwords, pseudonyms, email addresses and phone numbers of users. France requires these companies to then share this information with government agencies at their request. High profile web companies such as Facebook, eBay and Google are currently trying to petition the French government to repeal the law.
+
+**Sweden**
+
+The Swedish government initially resisted implementing the EU's Data Retention Directive due to privacy concerns. However, in March 2012 it caved to the pressure, opting for the lesser retention period of 6 months. Beyond that Sweden has come under fire from privacy campaigners due to the [FRA aw it passed in 2008][11]. This legislation, brought in under terrorism concerns, requires around 20 surveillance hubs to be installed around the country, monitoring all traffic that comes in and out of Sweden. In 2010 the project ran into technical difficulties, as well as pressure from activist groups, but its unclear whether it's still being carried out (I've not been able to uncover any info post 2010, so if anyone reading knows more let us know in the comments). Following Sweden's IPRED legislation, which requires ISPs to [reveal the personal info of file sharers][12], a number of news outlets have reported a [spike in Swedish VPN usage][13].
+
+ [1]: http://europa.eu/rapid/pressReleasesAction.do?reference=IP/11/1248&type=HTML
+ [2]: http://www.bbc.co.uk/news/technology-16980451
+ [3]: http://www.bbc.co.uk/news/technology-11673117
+ [4]: /blog/cispa-danger-esclates-as-bill-receives-approval/
+ [5]: http://www.cbsnews.com/8301-503544_162-57361156-503544/sopa-pipa-protests-spur-congress-to-rethink-bills/
+ [6]: http://live.theglobeandmail.com/Event/Online_privacy_what_can_police_know_about_you
+ [7]: http://www.techdirt.com/articles/20120620/16450119408/postgame-canadas-copyright-reform.shtml
+ [8]: /blog/when-it-comes-to-online-privacy-the-uk-is-already-screwed/
+ [9]: /blog/uk-online-spying-law-how-to-resist/
+ [10]: http://www.informationweek.com/news/security/privacy/229401245
+ [11]: http://www.stockholmnews.com/more.aspx?NID=1756
+ [12]: https://www.privacyinternational.org/reports/sweden/ii-surveillance-policies
+ [13]: http://www.thelocal.se/40572/20120501/
\ No newline at end of file
diff --git a/src/content/es/blog/2012-07-02-status-update-current-threats-to-online-privacy.md b/src/content/es/blog/2012-07-02-status-update-current-threats-to-online-privacy.md
new file mode 100644
index 000000000..9440dc0bd
--- /dev/null
+++ b/src/content/es/blog/2012-07-02-status-update-current-threats-to-online-privacy.md
@@ -0,0 +1,50 @@
+---
+title: 'Status Update: Current Threats To Online Privacy'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-07-02T20:32:32+00:00
+url: /blog/status-update-current-threats-to-online-privacy/
+heroImage: /images-static/uploads/cispa-bill.jpg
+thumbnailImage: /images-static/uploads/cispa-bill.jpg
+
+---
+Back in April we rounded up six major pieces of legislation that [posed a threat to online privacy][1] and online freedoms in the western world. In the last few months since that post there have been a few developments, with some bills winding their way further through state legal systems, and others wilting in the face of popular protest. So we thought it might be handy to give you a quick update on the current status of these bills and whether or not they still pose a threat.
+
+**CISPA**
+
+When we last covered CISPA it was poised for a debate and vote in the House of Representatives. What happened next took many by surprise, with the voting brought forward by a day and then voted in favor of passage by 248 to 168. This was 'complemented' by a series of amendments that allows the US government [to do whatever it likes with the data collected under CISPA][2] as long as they can claim a 'cyber-security' crime had been committed. However, despite the enthusiastically positive vote, the bill has once again hit the rocks. The White House has since stepped in and threatened to veto CISPA. The bill is [again facing down political deadlock][3], with Republicans concerned that it invites too much state regulation and Democrats beginning to listen to privacy campaigners. It's not clear when CISPA will reach the Senate. But then it's also not clear what Obama's alternative to CISPA will be.
+
+**ACTA**
+
+Europe's Anti Counterfeit Trade Agreement was already looking shaky back in April, after popular protest in countries such as Germany and Poland, as well as discontent within the EU regulatory framework itself, forced governments to review the bill. Now it looks like ACTA has been permanently put to rest. The EU's committees on legal affairs, industry and international development and civil liberties all recommended rejecting the bill. Then just last week, the [final nail was drilled into ACTA's coffin][4], with a fifth parliamentary committee – the international trade committee – recommending rejection. The defeat of ACTA is a major coup in the fight against unreasonable copyright laws and proof that popular protest and activism in this area can work.
+
+**SOPA/PIPA**
+
+ Back in April we reported that SOPA/PIPA were pretty much dead in the water, and there's been virtually no progress on these two bills since then.
+
+**CCDP**
+
+The UK government's Communications Capabilities Development Programme has been in the headlines quite a bit over the last two months. The bill was formally announced in the Queen's speech and since then we've seen a media blitz, with the coalition government trying in earnest to convince the UK population of the bill's necessity. As we discussed last week, there's virtually [no mainstream political opposition to the CCDP][5], and while activist groups have been mobilising, there's sadly been very little protest in the UK. There are still issues over the CCDP's compatibility with EU law and its technical feasibility, so its enactment is not 100% certain, but with the lack of opposition from the Labour party and the lack of popular protest, the outlook doesn't look good.
+
+**Digital Economies Act**
+
+Back in April UK broadband ISPs had lost their final appeal against the UK's Digital Economies Acts, which requires them to track copyright violators and implement a three strikes warning system. Now the DEA is moving toward implementation, with regulator Ofcom announcing last month that the laws will come into effect in 2014. However, [as ZDnet points out][6], that date roughly coincides with the next general election, so there could be some more developments in this story (though given that it was the Labour government that originally introduced the bill, we have our doubts).
+
+**C-11**
+
+Canada's C-11 law started off almost as bad as SOPA and PIPA, taking draconian measures to protect copyright. But popular protest actually forced the Canadian government to make significant amendments to the act and in June they carved out [a much more reasonable and even handed law][7]. It's still not perfect, but it's a good example of governments and activists reaching a compromise.
+
+**Protecting Children from Internet Predators Act**
+
+We neglected to cover Canada's Protecting Children from Internet Predators Act in our original round-up. PCIPA poses a huge threat to online freedoms and received a cynical name change from the 'Lawful Access Act' in order to hoodwink Canadians into supporting it. Due to opposition from activists, the bill was referred back to the House Standing committee on Justice and Human Rights for possible amendments and looked like it was stuck in a rut. But as [Michael Geist points out][8], $2.1 million has since been earmarked to advance lawful access legislation, indicating that the PCIPA is still a threat.
+
+ [1]: /blog/a-quick-guide-to-current-online-privacy-threats/
+ [2]: http://www.techdirt.com/articles/20120426/14505718671/insanity-cispa-just-got-way-worse-then-passed-rushed-vote.shtml
+ [3]: http://www.nationaljournal.com/tech/back-to-the-drawing-board-for-cyber-bill-20120529
+ [4]: http://www.techdirt.com/articles/20120621/03442219413/fifth-eu-committee-recommends-rejection-acta-european-parliament.shtml
+ [5]: /blog/the-uks-political-parties-dont-care-about-online-privacy/
+ [6]: http://www.zdnet.com/digital-economy-act-what-will-granny-think-4010026508/
+ [7]: http://www.techdirt.com/articles/20120620/16450119408/postgame-canadas-copyright-reform.shtml
+ [8]: http://www.michaelgeist.ca/content/view/6471/196/
diff --git a/src/content/es/blog/2012-07-12-acta-and-sopa-back-from-the-dead.md b/src/content/es/blog/2012-07-12-acta-and-sopa-back-from-the-dead.md
new file mode 100644
index 000000000..2d3dac4a7
--- /dev/null
+++ b/src/content/es/blog/2012-07-12-acta-and-sopa-back-from-the-dead.md
@@ -0,0 +1,37 @@
+---
+title: 'ACTA and SOPA: Back from the dead'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-07-12T13:00:54+00:00
+url: /blog/acta-and-sopa-back-from-the-dead/
+heroImage: /images-static/uploads/blanc.jpg
+thumbnailImage: /images-static/uploads/blanc.jpg
+
+---
+Last week [we revisited our round-up of threats to online privacy][1] and scoured the internet for updates on their current status. Well, we probably should have waited for this week to undertake such an endeavour, because two of the internet's biggest bogeymen (or is it bogeybills?) ACTA and SOPA, have staged something of a comeback – despite looking dead in the water just a few days ago.
+
+**SOPA reborn**
+
+Lets start off with SOPA. Cast your minds back to late 2011 when the SOPA protests were at their zenith and the name Lamar Smith might ring a bell. He's [one of the key US congressman behind SOPA][2] and he's currently trying to drum up support for his new bill, the 'Intellectual Property Attache Act', which - 'surprise, surprise' – looks similar to SOPA.
+
+More accurately, with the IPAA it looks like Lamar Smith is trying to push through SOPA but in separate pieces. [According to TechDirt][3] the bill focuses mainly on one element of SOPA – the expansion of 'IP attaches'. These are essentially diplomats whose aim is to push pro-copyright legislation in foreign governments. The presumed aim being that if foreign governments and trade bodies implement SOPA-like legislation then it makes it much easier for the US government to simply "fall in line" with global standards. Lamar Smith's new bill takes the initiative even further, as it calls for the creation of an assistant secretary of Commerce for Intellectual Property.
+
+The IPAA has not yet been introduced, but it looks like Lamar Smith is once again trying to push through a bill that is entirely geared toward the interests of the copyright industry without even consulting public opinion in the US. You would have thought he'd learned his lesson from SOPAs failure and realised the public does not want copyright protection at the cost of their online freedoms. Instead he's ignored all that and is trying to create a framework that will better allow bills like SOPA to get passed into law. Full marks for being an evil genius!
+
+**ACTA – down but not out**
+
+But over in Europe things are looking just as bad. Everyone celebrated a couple of weeks ago when it appeared that the [final nail had been hammered into ACTA's coffin][4]. Five EU committees had rejected the bill and the EU Parliament voted overwhelmingly against it. But now the unelected EU Commission is trying to put ACTA back on the agenda. [Michael Geist writes][5] that the EU Commission – which negotiates trade deals on behalf of the EU – is trying to get the European Court of Justice to rule that ACTA is compatible with European freedoms and rights. If this appeal is won, then ACTA could be reconsidered.
+
+Geist also argues that the EU plans to use Canada's EU Trade agreement to push through ACTA-esque measures. As we mentioned above regarding SOPA, the EU can put pressure on its parliament to comply with ACTA-style regulations if a trade partner, like Canada, requests it. Geist says that parts of the trade agreement, which were leaked online, are copied word-for-word from ACTA.
+
+**Is anyone listening?**
+
+So, instead of taking their defeats with dignity, and instead of respecting the wishes of the people, technocrats, politicians and the copyright lobby will simply try every trick in the book to get their way. It certainly paints a depressing picture, where activists must maintain constant vigilance to keep such complex machinations in the public eye. Will they succeed? Who knows but  expect more of this to come.
+
+ [1]: /blog/status-update-current-threats-to-online-privacy/
+ [2]: /blog/americas-most-dangerous-anti-online-privacy-politicians/
+ [3]: http://www.techdirt.com/articles/20120709/12574819634/lamar-smith-looking-to-sneak-through-sopa-bits-pieces-starting-with-expanding-hollywoods-global-police-force.shtml
+ [4]: http://www.techdirt.com/articles/20120621/03442219413/fifth-eu-committee-recommends-rejection-acta-european-parliament.shtml
+ [5]: http://www.michaelgeist.ca/content/view/6580/135/
\ No newline at end of file
diff --git a/src/content/es/blog/2012-07-18-top-five-worst-online-privacy-breaches.md b/src/content/es/blog/2012-07-18-top-five-worst-online-privacy-breaches.md
new file mode 100644
index 000000000..71357a454
--- /dev/null
+++ b/src/content/es/blog/2012-07-18-top-five-worst-online-privacy-breaches.md
@@ -0,0 +1,44 @@
+---
+title: Top five worst online privacy breaches
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-07-18T13:04:44+00:00
+url: /blog/top-five-worst-online-privacy-breaches/
+heroImage: /images-static/uploads/PSNetwork.png
+thumbnailImage: /images-static/uploads/PSNetwork.png
+
+---
+If there's one thing the world wide web has taught us it's to expect a degree of incompetence when it comes to companies protecting your online privacy. Over the last decade or so there's been numerous serious online data breaches from major corporations - whether it's companies such as AOL displaying a bewildering lack of regard for their customers private search data, or Google outright spying on people within their own homes.
+
+We've rounded-up five of the worst online privacy breaches below. So sit back and prepare to get outraged!
+
+**Sony PSN hack**
+
+The [attack on Sony's PlayStation Network gaming platform][1] in April 2011 is widely regarded as one of the biggest and most costly data breaches ever recorded. Approximately 77 million accounts were compromised, with unencrypted data such as passwords and addresses accessed by the hackers. Sony estimated around 12 million account holders had credit card details stored on their system but, after much confusion, it turned out these details were encrypted. So far there's been no concrete evidence of credit fraud stemming from the attack. Nevertheless this breach of online privacy was hugely costly to Sony ($170 million according to the company), taking the PSN offline for weeks and drawing criticism from governments around the world.
+
+**iPhone user tracking**
+
+In April 2011 two researchers discovered a file in Apple's iOS operating system that appeared to reveal all the locations their iPhones had visited in the last 12 months. The revelation caused an uproar, with European governments and the US government demanding explanations. Eventually Steve Jobs offered a personal apology and [categorically denied that Apple were tracking iPhone users][2]. According to Apple, the file was used to help speed up GPS functions and wasn't supposed to store information for such a long period. To its credit, Apple fixed the issue pretty quickly, earning some respect amongst privacy advocates. Since then Apple has been notably cautious in its approach to privacy-related issues such as mobile ad tracking. Nevertheless, the incident just shows how easy it is for companies to track smartphone users – especially if they don't have a respected brand to protect.
+
+**Google Street View data theft**
+
+This is one online privacy scandal that's still very much in play and could blow-up in Google's face pretty badly. Back in October 2010 Google admitted that its Street View cars, which traveled across the globe taking pictures for the Street View service, collected passwords, emails and web logs from private Wi-Fi connections. Google told the FCC that the data capture was unintentional and no "real harm" had been done. So the FCC decided nothing illegal had happened.
+
+However, fast forward to June 2012 and it's emerged that the data collection was not unintentional. In fact, the code that stole the private information was written to do just that by a Google engineer. Plus this engineer told his superiors and his colleagues exactly what the code did. Google [now faces a renewed investigation into the matter][3] in the UK. Did it knowingly steal private data? Did it then try to cover the whole thing up? Google has some serious questions to answer.
+
+**AOL search data posting**
+
+In 2006 [AOL released more than 20 million search terms][4] connected to 650,000 of its subscribers. Although subscriber names were thankfully replaced by numerical codes, the search details revealed enough private information such as banking data, health related data and other information to make individuals identifiable. In fact, The New York Times managed to locate individuals by cross-referencing data with phone book entries. The scary thing is the leak wasn't accidental. AOL released the data for research purposes and just failed to grasp the privacy implications.
+
+**Fortuny Craigslist Experiment**
+
+Ok this one is a little different from the above, as it doesn't highlight the abuse of customer privacy by corporations, but rather (if you ask us) the stupidity of individuals on the internet when it comes to their own privacy. In September 2006 a graphic designer called [Jason Fortuny posted a fake ad on Craigslist][5], posing as a woman looking for kinky sex. The explicit ad generated even more explicit email responses from hundreds of men. Fortuny then published all these responses along with emailed pictures of the men on the [Encyclopedia Dramatica][6]. The story was picked up by major news outlets such as The New York Times and CNN, and before long many of the respondents were identified. Fortuny claims at least two people he knows of were fired from their jobs. In 2009 a lawsuit filed by one of the respondents saw Fortuny pay damages of more than $74k.
+
+ [1]: http://en.wikipedia.org/wiki/PSN_breach
+ [2]: http://www.nytimes.com/2011/04/28/technology/28apple.html?_r=2
+ [3]: http://www.cbsnews.com/8301-205_162-57452138/u.k-to-reopen-probe-of-google-street-view-data-collection/
+ [4]: http://en.wikipedia.org/wiki/AOL_search_data_leak
+ [5]: http://en.wikipedia.org/wiki/Jason_Fortuny#cite_note-1
+ [6]: http://www.encyclopediadramatica.se
diff --git a/src/content/es/blog/2012-07-25-protecting-your-online-privacy-on-a-smartphone.md b/src/content/es/blog/2012-07-25-protecting-your-online-privacy-on-a-smartphone.md
new file mode 100644
index 000000000..9bbda1370
--- /dev/null
+++ b/src/content/es/blog/2012-07-25-protecting-your-online-privacy-on-a-smartphone.md
@@ -0,0 +1,45 @@
+---
+title: Protecting your online privacy on a smartphone
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-07-25T10:22:35+00:00
+url: /blog/protecting-your-online-privacy-on-a-smartphone/
+heroImage: /images-static/uploads/smartphone-virus.jpeg
+thumbnailImage: /images-static/uploads/smartphone-virus.jpeg
+
+---
+Smartphones present a whole new arena of privacy concerns to anyone looking to protect their anonymity online. If you're a very privacy conscious individual then you've probably already opted to avoid using an internet-enabled phone all together. But, for the rest of us, there are a few simple things you can do to help protect your personal data and strike the right balance between privacy and functionality.
+
+**Web browsing**
+
+If you browsing the internet on your phone over your home Wi-Fi connection then you're subject to almost all the same online privacy issues as you would be on a desktop PC, such as ISP data retention policies and IP tracking. Luckily there's  a number of VPN services that can protect your IP address while browsing on your smartphone, [including IVPN][1].
+
+**App permissions**
+
+If you're an Android user then you'll already know about app permissions, which you're asked to approve every time you download an app on Google Play. App permissions are a tricky area, because even those that look alarming often have benign applications in reality. The main permissions you need to be careful about are 'Full internet access', 'Services that cost you money', 'Modify/delete SD card contents', 'Your Personal information', 'You location' and 'Retrieve running applications'.
+
+Again, plenty of completely legit apps require these permissions. But you need to use your common sense. For instance, a file manager app like Astro will need to 'Retrieve running applications', but if a collection of wallpapers, or a videogame, wants to access that information then its probably up to something fishy.
+
+**Downloading apps outside official store**
+
+One of the appeals of Android is the ability to download apps outside of Google Play. However, millions of people use the opportunity to download pirated versions of apps and games. This is [a common way that trojan viruses get onto smartphones][2], so exercise caution. TechnoBuffalo [also has some pretty good tips][3] on stopping Android viruses.
+
+**EXIF data**
+
+Many smartphones will attach [EXIF data tags][4] to images taken with the phone's camera. EXIF data includes info on all sorts of different things, but it has attracted controversy for including geo-specific data. This data can be gleaned from either the GPS, Wi-Fi connection or even triangulation (via mobile phone masts) – it really depends on your phone. Turning off your GPS and Wi-Fi is one option, but this won't stop data collected from triangulation. You can view EXIF data from your pictures by simply right clicking on a photo in Windows and checking the properties. You can also remove EXIF data either by deleting it within Windows or using a tool such as QuickFix.
+
+**Wi-Fi and Bluetooth**
+
+Although it's pretty unlikely to happen, leaving your Bluetooth and Wi-Fi on while out in public, or on public connections, does leave yourself open to malicious attacks. So make sure you turn off Bluetooth and Wi-Fi connections when not using them – this will significantly save on your battery life too!
+
+**Address book sharing**
+
+A number of social apps such as Facebook, Foursquare, Path and Instagram [came under heavy fire earlier in the year][5] for uploading user address books to their servers, ostensibly to help you add contacts to your network. The issue got so heated that two members of the US congress wrote to Apple to complain. Most apps, including Facebook and Path, now ask your permission before they access your contacts and Apple has pledged to stop this practice occurring without a user's permission. But who knows what other information is being shared and what the situation is on less-regulated platforms such as Android. If you're really concerned about privacy it's best to avoid using social networking apps altogether.
+
+ [1]: /
+ [2]: http://www.androidpit.com/angry-birds-space-virus
+ [3]: http://www.technobuffalo.com/companies/google/android/why-android-viruses-are-growing-and-how-to-stop-them/
+ [4]: http://en.wikipedia.org/wiki/Exchangeable_image_file_format
+ [5]: http://venturebeat.com/2012/02/14/iphone-address-book/
diff --git a/src/content/es/blog/2012-08-02-australia-prepares-for-new-online-privacy-fight.md b/src/content/es/blog/2012-08-02-australia-prepares-for-new-online-privacy-fight.md
new file mode 100644
index 000000000..568e9b002
--- /dev/null
+++ b/src/content/es/blog/2012-08-02-australia-prepares-for-new-online-privacy-fight.md
@@ -0,0 +1,45 @@
+---
+title: Australia prepares for new online privacy fight
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-08-02T14:59:18+00:00
+url: /blog/australia-prepares-for-new-online-privacy-fight/
+heroImage: /images-static/uploads/AustFlag3.jpg
+thumbnailImage: /images-static/uploads/AustFlag3.jpg
+
+---
+The Australian government is proposing a new set of sweeping online surveillance powers as a part of a National Security Inquiry. If implemented, the new powers would see Australian ssuffer some of the most extreme online surveillance policies yet implemented in western democracies.
+
+In a [60-page discussion paper,][1] Attorney General Nicola Roxon suggests a range of new powers that Australian law enforcement agencies want to get their hands on. As the [Electronic Frontier Foundation][2] points out, these proposals are pretty much a wish list. But, if approved, The Sydney Herald says the new laws would be the "most significant expansion of the Australian intelligence community powers&#8230; since reforms following the terrorists attacks of 2001".
+
+**Data retention**
+
+So what are the proposals? First and foremost Roxon wants to make it mandatory for Australian ISPs to retain customer data for two years. That means information, such as who you've emailed and web history logs, will be stored for two years after cancellation of your service. Data retention has been a hot topic for many countries in Europe due to the [EU Data Retention Directive][3], which requires ISPs to store data from between 6 and 12 months. A number of EU countries, such as Germany, have still not implemented the law because of privacy fears.
+
+Roxon also wants "urgent reform" to allow security agencies in Australia to intercept new communication platforms, such as social networks and VoIP providers like Skype. The Attorney General also wants to criminalise any Australian who fails to assist law enforcement with decrypting information. So if you don't give-up your passwords you could be thrown in jail. As many commentators have pointed out, such laws concerning decryption rely on the police knowing whether or not information has been encrypted in the first place, [which could prove problematic][4].
+
+**Guilty by association**
+
+Perhaps the most alarming proposal is that Australians are not required to be under suspicion of a crime to be spied on. The proposals say that law enforcement can tamper with any computer it wants, and spy on any citizen, in order to access a computer that may have been involved in illegal activity. So if you happened to have received an email from, or been Facebook friends with, someone under suspicion, then you're fair game.
+
+"These proposals are one of the biggest threats to the privacy of all Australians for many years," said Nigel Waters, of the [Australian Privacy Foundation][5] and [Privacy International][6]. "Governments seem to have an insatiable appetite for more and more information about us all that is none of their business, and when history shows that they can't make effective use of the intelligence they already collect."
+
+**Worrying trend**
+
+Of course, as we said, these are just proposals that government is currently considering. But they fit very nicely with the [current trend of internet surveillance bills][7] being proposed an implemented in western democracies. Roxon's suggestions mirror what's happening in the [UK with the Communications Data Bill][8], which drastically increases law enforcements ability to spy on citizens. Canada too has to contend with the C-30 surveillance bill, which although diluted from its original state, has been passed into law. The US is also trying to force through the [Communications Assistance for Law Enforcement Act][9] that makes it mandatory for social networks and VoIP services to make their platforms more friendly to wire-tapping.
+
+So, it looks like Australian privacy advocates and concerned citizens have a fight on their hands. The country's Green political party has already condemned the proposals and, in a compelling demonstration of why data retention is a bad idea, hacktavist group Anonymous [stole 40GB of customer data from Australian ISP AAPT][10]. If you want to get involved in fighting these proposals a good place to start is the [Protect Us But Respect Us campaign][11] on GetUp.
+
+ [1]: http://t.co/hDzMxr4h
+ [2]: https://www.eff.org/deeplinks/2012/07/australian-government-moves-expand-surveillance-powers
+ [3]: http://en.wikipedia.org/wiki/Data_Retention_Directive
+ [4]: http://falkvinge.net/2012/07/12/in-the-uk-you-will-go-to-jail-not-just-for-encryption-but-for-astronomical-noise-too/
+ [5]: http://www.privacy.org.au/
+ [6]: https://www.privacyinternational.org/people/nigel-waters
+ [7]: /blog/status-update-current-threats-to-online-privacy/
+ [8]: /blog/the-uks-political-parties-dont-care-about-online-privacy/
+ [9]: http://www.slate.com/blogs/future_tense/2012/05/08/communications_assistance_law_enforcement_act_fbi_hopes_to_wiretap_online_communications_.html
+ [10]: http://www.techdirt.com/articles/20120729/06470519868/hacktivism-anonymous-breaches-australian-isp-to-protests-data-retention.shtml
+ [11]: http://www.getup.org.au/campaigns/privacy/protect-us-but-respect-us/your-privacy-at-risk
\ No newline at end of file
diff --git a/src/content/es/blog/2012-08-08-germany-the-biggest-defender-of-online-privacy.md b/src/content/es/blog/2012-08-08-germany-the-biggest-defender-of-online-privacy.md
new file mode 100644
index 000000000..f0dcc9bba
--- /dev/null
+++ b/src/content/es/blog/2012-08-08-germany-the-biggest-defender-of-online-privacy.md
@@ -0,0 +1,49 @@
+---
+title: 'Germany: A defender of online privacy?'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-08-08T15:44:28+00:00
+url: /blog/germany-the-biggest-defender-of-online-privacy/
+heroImage: /images-static/uploads/delarge.gif
+thumbnailImage: /images-static/uploads/delarge.gif
+comments:
+  - author: Caitlin Roberts
+    date: 2012-08-15T02:03:31+02:00
+    content: |
+      Maybe they are not the biggest defender of online privacy, some Caribbean islands have even better privacy policies, or not policies/regulations at all which leaves a void that stops lawsuits, but I would not mind if ivpn adds a German server when there are enough customers to justify adding more locations, Germany has reliable and reasonable priced data centres.
+  - author: Dennis Kügler
+    date: 2012-08-16T16:10:55+02:00
+    content: |
+      Thanks for the suggestion Caitlin, we'll look into it :)
+
+---
+When it comes to defending online privacy not all governments, and indeed not all populations, are born equal. Nowhere is this most apparent than when looking at Germany and other European Union countries. Despite Germany's role at the very heart of the EU, and despite the EU continually trying erode online freedoms, Germany's government and legal system has taken a defiant stand on a number of online privacy issues, while the German people have been vociferous in their opposition to online privacy violation. So is Germany the most online privacy-conscious country in the western world? We've rounded-up five examples of why they might be considered so.
+
+**Data retention block**
+
+Germany has steadfastly refused to implement the European Union's Data Retention Directive. The directive requires all ISPs to store customer data – including information such email logs and what websites you've visited – for between 6-12 months after you cancel your subscription. The vast majority of the EU countries have already implemented the law. However, the German Constitutional Court deemed the directive unconstitutional. The European Commission is now [taking the German government to court][1] and is threatening to impose fines. Romania and the Czech Republic have also refused to implement the laws.
+
+**Vodafone lawsuit**
+
+Despite Germany refusing to implement the above Data Retention Direction, it's been recently alleged that the German arm of UK telco Vodafone has been retaining customer data. Rather than take this lying down, German Vodafone customers [are now suing the ISP][2]. Lawyer Meinhard Starostik has already sent a cease and desist letter on behalf of his client, and says other ISPs may face similar lawsuits. The action was taken after the Working Group on Data Retention issued a call to action, seeking users who want to complain about the practice. For its part, Vodafone say that its data storage practices are not illegal, because they're needed for billing purposes.
+
+**Facebook lawsuit**
+
+Back in March a [German regional court ruled][3] that Facebook's use of user content and its Friend Finder feature violate privacy laws. German consumer rights groups brought the case to court back in 2010, arguing that users should retain ownership of their personal data. Under current rules, Facebook has the right to use personal data for purposes other than those intended by the user. The group also said Facebook needs to make it clear that using Friend Finder means you'll import your entire address book from another service. The judge ruled in favor of the consumer rights group on all counts, requesting Facebook change its terms and conditions and comply with German data protection rules. Facebook has a month to comply with the ruling.
+
+**Google Streetview**
+
+When Google Streetview announced its intention to document Germany's streets there was something of an outcry from privacy conscious citizens. The furore led to the German government forcing Google into negotiations, which resulted in 244,240 German home owners being given the right to [have their property removed from Streetview.][4] Some citizens also tried to pre-emptively sue Google to stop the search giant photographing their houses, but the lawsuits were unsuccessful.
+
+**ACTA**
+
+Germans were not the only EU citizens to protest ACTA, but they were some of most vocal. Germany also wasn't the first government to oppose the act. Both Latvia and Poland refused to sign ACTA before Germany. But it wasn't until the [German government put its foot down][5] that European Commission took serious notice. Given that it's the largest EU economy, Germany's decision was effectively a veto and left ACTA in tatters. Although that's not to say the legislation [won't make a comeback.][6]
+
+ [1]: http://arstechnica.com/tech-policy/2012/05/germany-in-trouble-with-ec-over-lack-of-isp-telecom-data-retention/
+ [2]: http://www.pcworld.com/businesscenter/article/259764/vodafone_germany_sued_for_storing_customers_mobile_traffic_data.html
+ [3]: http://www.pcworld.com/businesscenter/article/251430/facebook_loses_german_privacy_lawsuit_over_friend_finder_personal_data.html
+ [4]: http://news.cnet.com/8301-13506_3-20020282-17.html
+ [5]: http://www.forbes.com/sites/erikkain/2012/02/10/germany-wont-sign-acta-at-least-not-yet/
+ [6]: /blog/acta-and-sopa-back-from-the-dead/
diff --git a/src/content/es/blog/2012-08-17-google-can-never-be-trusted-to-protect-your-privacy.md b/src/content/es/blog/2012-08-17-google-can-never-be-trusted-to-protect-your-privacy.md
new file mode 100644
index 000000000..45ac2f083
--- /dev/null
+++ b/src/content/es/blog/2012-08-17-google-can-never-be-trusted-to-protect-your-privacy.md
@@ -0,0 +1,47 @@
+---
+title: Google can never be trusted to protect your privacy
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-08-17T12:26:29+00:00
+url: /blog/google-can-never-be-trusted-to-protect-your-privacy/
+heroImage: /images-static/uploads/Google-privacy.jpg
+thumbnailImage: /images-static/uploads/Google-privacy.jpg
+
+---
+Last week saw Google slapped with a $22.5 million fine by the US Federal Trade Commission, in order to settle allegations that the search giant broke its privacy policy, by secretly tracking the browsing habits of millions of people who use Apple's Safari browser.
+
+The fine represents the [biggest penalty every imposed by the FTC][1], but is a drop in the ocean when you consider that Google's profits for Q2 2012 alone were $12.21 billion. Furthermore, the punishment was not actually due to Google's data tracking - Google still admits no wrongdoing - but rather because Google "misrepresented" (re: lied) about what was occurring.
+
+"The Commission has allowed Google to buy its way out of trouble for an amount that probably is less than the company spends on lunches for its employees and with no admission it did anything wrong," said John Simpson, privacy project director for the nonprofit Consumer Watchdog.
+
+It all begs the question. Is Google capable of protecting user privacy? Or will the company's business model continually push it toward privacy violations?
+
+**Compulsive liar**
+
+Last week's FTC ruling, wasn't the first time Google's been wrist-slapped around privacy violations. In March 2011 Google was found [guilty of deceiving users and violating its own privacy policy][2] when it launched Buzz in 2010. Buzz – a geo-location social network similar to Foursquare – harvested personal information from Gmail users without permission and exposed private data.
+
+The FTC's ruling on Buzz, resulted in a settlement that forced Google to submit to independent privacy audits for the next 20-years. It also stipulated that Google cannot make privacy misrepresentations. But Google's inability to adhere to this last point is precisely what caused the FTC to impose its record fine last week, which hardly inspires confidence.
+
+But the biggest privacy scandal concerning Google concerns Google Streetview. In 2010 [German regulators forced Google to reveal][3] its Streetview cars were collecting personal data from private Wi-Fi connections, as they roamed across the country. The data included personal emails, passwords and images. Google said the data collection was unintentional and not intended for any Google products.
+
+However, it turns out – surprise surprise – [that Google lied][4]. In fact, an engineer at Google designed the software included in the Streetview cars to specifically to collect data. This engineer even shared his plans and documents with the rest of the Streetview team. The FCC therefore concluded that Google "intended to collect, store and review" the data. The FCC also concluded that this data was probably intended to be used in other Google products.
+
+Did you get that? Google deployed cars around the country to spy on private Wi-Fi connections and collect your personal emails, messages and images, with the probable intention of profiting from such information.
+
+**Nature of the beast**
+
+All the FCC did in the above case was impose a laughable $25,000 fine on Google for obstructing the investigation. Apparently Google's data collection was not breaking any specific laws. However, the case [has been reopened in the UK][5] because – guess what – yep, Google lied to UK regulators too.
+
+So what can we conclude about all this? Well, I'd say Google has proven itself to be a company willing to lie and steal in order to get its way. Now, that may not be too surprising, many companies do the same. But unlike other companies, Google has a vested interest in eroding our online privacy.
+
+When Eric Schmidt says [only people who have something to hide are concerned about online privacy][6], he is doing it for purely commercial reasons – not because of any real belief. Like Facebook, [Google trades in personal data][7], and as long as it wants to remain competitive and profitable, it will always try to milk its user base for as much information as possible. That's the company's business model. And that's why Google keeps on proving that it can never be trusted to protect your privacy.
+
+ [1]: http://abcnews.go.com/Technology/wireStory/google-agrees-record-225m-fine-privacy-16968011#.UCz_ixTft0w
+ [2]: http://www.pcworld.com/article/242476/ftc_approves_google_buzz_settlement.html
+ [3]: http://www.nytimes.com/2012/05/23/technology/google-privacy-inquiries-get-little-cooperation.html?pagewanted=all
+ [4]: http://www.dailymail.co.uk/news/article-2158307/Google-facing-new-privacy-probe-Street-View-cars-data-theft-alleged-misled-watchdog.html
+ [5]: http://www.cbsnews.com/8301-205_162-57452138/u.k-to-reopen-probe-of-google-street-view-data-collection/
+ [6]: http://blogs.computerworld.com/15234/google_ceo_if_you_want_privacy_do_you_have_something_to_hide
+ [7]: http://venturebeat.com/2012/01/29/google-advertising/
diff --git a/src/content/es/blog/2012-08-24-android-is-a-trojan-horse-just-follow-the-money.md b/src/content/es/blog/2012-08-24-android-is-a-trojan-horse-just-follow-the-money.md
new file mode 100644
index 000000000..a5e249c36
--- /dev/null
+++ b/src/content/es/blog/2012-08-24-android-is-a-trojan-horse-just-follow-the-money.md
@@ -0,0 +1,55 @@
+---
+title: Android is a trojan horse, just follow the money
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-08-24T13:03:54+00:00
+url: /blog/android-is-a-trojan-horse-just-follow-the-money/
+heroImage: /images-static/uploads/android.jpg
+thumbnailImage: /images-static/uploads/android.jpg
+comments:
+  - author: JP
+    date: 2012-09-05T14:45:13+02:00
+    content: |
+      Everyone sells their customers details. Its apart of data-mining. Silly man
+  - author: Dennis Kügler
+    date: 2012-09-05T15:08:33+02:00
+    content: |
+      If you think Google is like every other company when it comes to personal data, advertising and data mining then I'm afraid you're the "silly man".
+  - author: al
+    date: 2012-09-24T05:28:56+02:00
+    content: |
+      the problem is, google is everywhere. if you try to avoid their search engine they still have google analytics and google adsense on millions of websites, tracking and coordinating on you.
+
+---
+Google's Android mobile operating system is currently the most popular smartphone platform in the world. In the space of just three years, the OS rocketed from [9% of the global smartphone market share][1] to, [currently, 56%][2] ahead of Apple, Symbian, BlackBerry OS and Windows Phone. Android's growth has been nothing short of astounding, taking virtually everyone in the mobile industry – even Google - by surprise. There's now over [900,000 Android devices activations][3] per day.
+
+So what does this have to do with online privacy? Well, in case you didn't know already, Android is different from the other major mobile platforms. Unlike iOS or Windows Phone, Android is given away to any phone manufacturer for free. This has been the main driver behind the OS' success, allowing phone manufacturers to keep their overheads down and target the growing budget-end of the smartphone market. However, it also raises some questions, the main one being 'how is Android making money for it's owner – Google'?
+
+**Follow the money**
+
+Now you may think that owning the world's most popular smartphone operating system automatically means big bucks. But that's not necessarily the case. As shocking as it may seem, there's [no clear evidence that Android is making much money for Google][4]. In fact, the reluctance on Google's part to talk about Android's success in terms of revenue - rather than its insistence on device activations – suggests that the OS is not monetising very well.
+
+Furthermore - and not many people are aware of this - but Google [actually pays carriers and manufacturers to use Android][5]. How does it pay them? Via sharing search advertising revenue. The more search traffic sent via an Android device, the more money the manufacturer of that device, and the carrier whose network it runs over, pockets.
+
+**What's the strategy?**
+
+This raises questions about what Google's strategy is with regard to Android. For Apple's iOS, the strategy is clear. Apple controls its entire eco-system, from hardware to software, and it uses this to maximise its profits. This approach has turned Apple into the most valuable company in the world and it enjoys [huge margins on its products][6]. iOS may have a smaller market share, but it dwarfs Android in terms of how much money it makes.
+
+Google, on the other hand, is playing an entirely different game. It's intentions appears to involve getting Android into as many hands as possible. Now, you could look at this as a purely defensive strategy, designed to block competitors at all costs. Or you could see it as logical extension to Google's current business model, which is advertising-based, and works by leveraging the personal data and traffic generated by millions of users.
+
+**You're the product**
+
+As [I ranted about last week][7], Google is in the business of selling personal data to advertisers, and has a track record of lying to governments and breaking the law in order to collect data. Mobile advertising is seen as the holy grail for many ad companies, giving them visibility on where you travel and the ability to reach you wherever you are. It only makes sense for Google – the world's biggest advertiser – to aggressively colonise this space. Android has to be understood in this context.
+
+Remember there's no such thing as a free meal.  Google has a vested interest in mining your data for all it's worth and [Android is already coming under fire for violating data protection treaties][8].  If Google cannot monetise Android in a traditional sense – and there's not much evidence that it can - then it will monetise through marketing, analytics and advertising. When it comes to your mobile online privacy, that strategy is a race to the bottom.
+
+ [1]: http://en.wikipedia.org/wiki/Android_%28operating_system%29
+ [2]: http://www.technobuffalo.com/companies/google/android/android-has-56-1-of-global-os-market-share-gartner-says/
+ [3]: http://www.guardian.co.uk/technology/blog/2012/jun/12/andy-rubin-google-android-activations
+ [4]: http://www.asymco.com/2012/05/13/android-economics-an-introduction/
+ [5]: http://gigaom.com/2010/03/25/419-androids-secret-sauce-googles-little-known-advertising-rev-share-deals/
+ [6]: http://www.macworld.com/article/1166533/apple_nearly_doubles_its_profits_in_ipad_driven_quarter.html
+ [7]: /blog/google-can-never-be-trusted-to-protect-your-privacy/
+ [8]: http://www.telegraph.co.uk/technology/google/9117810/Google-sneaking-away-citizens-privacy-says-EU-commissioner.html
diff --git a/src/content/es/blog/2012-08-29-trans-pacific-partnership-sopa-through-the-back-door.md b/src/content/es/blog/2012-08-29-trans-pacific-partnership-sopa-through-the-back-door.md
new file mode 100644
index 000000000..a33ee9d58
--- /dev/null
+++ b/src/content/es/blog/2012-08-29-trans-pacific-partnership-sopa-through-the-back-door.md
@@ -0,0 +1,44 @@
+---
+title: 'Trans Pacific Partnership: SOPA through the back door?'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-08-29T12:59:04+00:00
+url: /blog/trans-pacific-partnership-sopa-through-the-back-door/
+heroImage: /images-static/uploads/TPP-banner.png
+thumbnailImage: /images-static/uploads/TPP-banner.png
+
+---
+Heads-up people,  a new threat to online freedoms is on the horizon. The Trans-Pacific Partnership (TPP) looks set to be the latest trade agreement that seeks to infiltrate SOPA-like laws through the backdoor, with almost no public consultation or legal scrutiny.
+
+**TPP, here we go again**
+
+So what is the Trans-Pacific Partnership and who will it affect? The [TPP is multi-national trade agreement between nine nations][1] - specifically, the USA, Australia, Peru, Malaysia, New Zealand, Chile, Singapore and Brunei. Canada and Mexico have also been invited to join the negotiations and are likely to do so.
+
+Unlike recent bills such as CISPA and the UK's CCDP, the TPP isn't geared directly toward issues of online surveillance and security. But it does have is a chapter on intellectual property that is very similar to previous copyright-orientated bills, such as SOPA and ACTA, which were largely designed to protect the IP interests of the entertainment industry.
+
+All countries that sign the TPP will have to rewrite their domestic laws to accommodate the new trade agreement. According to a leaked US chapter from the TPP on intellectual property this will include a number of requirements that tighten current copyright laws and infringe on online privacy.
+
+**Increased ISP liability**
+
+The TPP goes beyond current standards set in the US' much maligned Digital Millennium Copyright Act and pushes more of the responsibility of copyright infringement onto your ISP. This potentially opens the door to the kind of 'Three Strikes' policies that we've seen implemented in the UK, whereby ISPs are forced to ban persistent copyright offenders from accessing the internet. 
+
+The increased liability faced by ISPs could also [require them to increase surveillance on internet communication][2]s in order to block potential copyright-infringing material, block access to websites that allegedly infringe on copyright, and force websites to disclose the identities of customers to IP rights holders, if suspected of copyright infringement.
+
+The TPP leaked draft also discusses an agreement that would introduce much stricter 'notice-and-takedown' procedures to enable copyright holders to force companies to take down offending material. The agreement, according to the Electronic Frontier Foundation, is virtually the same as the one Chile declined to implement in 2004 at the behest of the US.
+
+**No transparency**
+
+As is fast becoming standard in such 'trade agreements', the discussions around TPP are taking place with little transparency, public debate and legal scrutiny. ACTA was drafted under the same veil of secrecy that was condemned by the very institution – the EU – that was set-up to implement it. The TPP is going down the same murky route.
+
+ACTA, SOPA and PIPA crumbled when the public light of scrutiny was shined upon them. It's clear that same powers that helped draft those bills are now trying to fly even further under the radar. The TPP will impact countries beyond those that formally sign-up to the agreement and this is well understood by its entertainment industry backers. They know that the more countries who sign up for such draconian copyright protection laws, the more other countries will be pressured into complying and the easier it will be for other governments to implement similar laws.
+
+**Take Action**
+
+If you live in the USA head over to the [Electronic Frontier Foundation's website,][1] where you'll find more information on how to send a message to Congress members. Kiwis can check out [InternetNZ][3], which lets you send a personalised message to the Minister of Trade. While Chileans can head to [ONG Derechos Digitales][4].
+
+ [1]: https://www.eff.org/issues/tpp
+ [2]: http://boingboing.net/2012/08/25/leaked-tpp-the-son-of-acta-w.html
+ [3]: http://internetnz.net.nz/
+ [4]: http://www.derechosdigitales.org/
\ No newline at end of file
diff --git a/src/content/es/blog/2012-09-04-only-three-days-left-to-protest-uk-porn-filter.md b/src/content/es/blog/2012-09-04-only-three-days-left-to-protest-uk-porn-filter.md
new file mode 100644
index 000000000..eed774cb4
--- /dev/null
+++ b/src/content/es/blog/2012-09-04-only-three-days-left-to-protest-uk-porn-filter.md
@@ -0,0 +1,270 @@
+---
+title: Only three days left to protest UK porn filter
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-09-04T12:56:54+00:00
+url: /blog/only-three-days-left-to-protest-uk-porn-filter/
+heroImage: /images-static/uploads/uk-flag.jpg
+thumbnailImage: /images-static/uploads/uk-flag.jpg
+comments:
+  - author: Jeremy Hunt
+    date: 2012-09-04T15:33:51+02:00
+    content: |
+      Stop calling it a porn filter.
+  - author: Andrew Lansley
+    date: 2012-09-04T16:36:43+02:00
+    content: |
+      STFU Jeremy, They can call it whatever they like.
+  - author: Theresa May
+    date: 2012-09-04T17:26:26+02:00
+    content: |
+      Shut up, you're history, Lansley.
+  
+      We'll call it the the Children's Safety Shield. If you want it disabled, contact your ISP. Then the police will audit your computers.
+  - author: Jared Butler
+    date: 2012-09-04T20:36:07+02:00
+    content: |
+      But that's essentially what it is, isn't it? Call it what you want, but it is an internet filter, which will attempt tp implement a block that will stop porn from being able to reach your computer. It's essentially "soft" censorship backed by mainly religious groups.
+  - author: stephen pudney
+    date: 2012-09-04T20:43:01+02:00
+    content: |
+      stop taking our freedoms
+  - author: Ben Cook
+    date: 2012-09-04T21:23:28+02:00
+    content: |
+      It kind of \*is\* a porn filter. In fact, it seems to be a filter for the entire internet. I'd hazard a guess that about 50% of the things online are 'unsafe' for the innocent wee kiddies. So the most obvious solution is to embarrass fully grown adults by making them opt-in because technically incompetent parents can't install their own web filters? Belting idea, Clare. Forward thinking, too. What a corker. On second thought, you can do whatever you like - The Onion Router will ensure I can access anything I please on the internet, regardless of your draconian controls.
+  - author: Maryjane
+    date: 2012-09-04T21:29:28+02:00
+    content: |
+      All I can say is WTF&#8230;&#8230; how is this going to help anything?? Censorship is not the way the forward&#8230;
+  - author: Roman Waites
+    date: 2012-09-04T21:55:03+02:00
+    content: |
+      This isn't a porn filter.. Porn is just the excuse being used to stop you seeing anything that paints the government in a false light. Porn only makes up around 4% of websites with the most traffic on the internet, but you say porn and all the ignorant parents who dont want to teach their kids stuff get on the band wagon and start talking about things that they know nothing about. Enjoy the internet while it lasts you bunch of ignorant pink monkeys!
+  - author: john silverton
+    date: 2012-09-04T22:58:42+02:00
+    content: |
+      When you trie to block porn from the internet, there will be only one big website on the net:
+    
+      It will only contain one sentence that is: BRING BACK THE PORN
+  - author: Wyvern
+    date: 2012-09-04T23:01:44+02:00
+    content: |
+      What the fuck, it's absolutely normal for a teen to fap ! If he don't he'll ejaculate in his sleep anyway, it's a traumatic experience, for fuck sake nobody teached your government these things ?
+  - author: David Cameron
+    date: 2012-09-04T23:14:18+02:00
+    content: |
+      I'll support any proposal by a conservative group with 'christian' in the title. You have my sword
+  - author: David Cameron
+    date: 2012-09-04T23:15:19+02:00
+    content: |
+      I'll support any proposal by a conservative group with 'christian' in the title. You have my sword
+  - author: unidentified
+    date: 2012-09-04T23:19:42+02:00
+    content: |
+      It is the most insidious form of censorship, to remove information from the many based on what a few people deem to be acceptable and not. To call this anything else is to fail to understand and mislabel what is happening.
+  - author: Max
+    date: 2012-09-04T23:48:34+02:00
+    content: |
+      This is an excellent idea. Make it so.
+  - author: DaveTheDave
+    date: 2012-09-04T23:59:41+02:00
+    content: |
+      As if it matters. Easy work around by routing all local traffic through a VPN, adds an extra few quid to the monthly bill, so be it.
+  - author: Davie S
+    date: 2012-09-04T23:59:50+02:00
+    content: |
+      I tell you this, no porn filter will every stop the average 13 year old boy from accessing porn.. why?, because all it takes is one boy to access porn, who tells his friend, who tell their friends, who tell their friends&#8230; before you know it you'll have an arms race between the ISP's and a load of horny boys&#8230; that's a fight they'll never win
+  - author: Kale
+    date: 2012-09-05T00:47:59+02:00
+    content: |
+      Ban sex but not beheadings, torture or murder!!! Since when should censorship replace adult supervision? I wish these parents would start taking responsibility for their children instead of leaving them to surf away alone!
+  - author: Mr. Machandy
+    date: 2012-09-05T01:13:43+02:00
+    content: |
+      > make you're voice heard
+  
+      Make you are voice heard.
+  
+      ಠ_ಠ
+  - author: James
+    date: 2012-09-05T01:17:37+02:00
+    content: |
+      Why protest? It's not like the state cares what ordinary people think. Democracy is a sham.
+  - author: rebecca
+    date: 2012-09-05T01:23:49+02:00
+    content: |
+      Yeah I think we should try an Opt-Out system for Organ Donation first. 
+  
+      It doesn't even make sense to filter the internet for everyone in the UK when we're trying to protect Children which is only a small % of UK population and children under 5 basically can't use it and teenagers will get round it anyway. 
+
+      Not to mention look how well China, Syria, Egypt etc got on at censoring their internet you know just trying to "protect" the public by taking away their freedoms.
+
+      And Jeremy, you believe in homeopathy, you probably believe that censoring the internet will work but the rest of us who don't believe in magic water, don't agree with you.
+  - author: rebecca
+    date: 2012-09-05T01:25:26+02:00
+    content: |
+      Stop calling yourself Hunt.
+  - author: Paul
+    date: 2012-09-05T01:31:07+02:00
+    content: |
+      First its porn. But since they only loosely define porn, if at all, what happens next?
+  
+      Well, since the system would already be in place, its easy to start blocking the odd media super-injunction. Maybe a few sites which encourage civil unrest.
+
+      Before you know it, we have a fully censored internet, introduced by the back door.
+    
+      People need to be much more angry about this. 
+
+      I think Western governments are looking at places like China, and see how easy it is to control and censor without huge repercussions, and it all helps keep them in power, and prevents any threat to the rivers of dollars flowing in. 
+
+      Be very angry about this, people.
+    
+      You owe it to future generations of internet users.
+  - author: Martin Alexander
+    date: 2012-09-05T01:33:27+02:00
+    content: |
+      For those of us new to this kind of protesting would you mind giving us some guidelines on the manner in which we respond on the government's consultation page? I may not have read correctly but they don't seem particularly interested in having lay people tell them they're idiots (which is practically all I was going to do).
+
+      Do I simply write out in a word document why they're wrong and attach it in the submission page?
+  - author: John Wilson
+    date: 2012-09-05T01:57:27+02:00
+    content: |
+      Give arguments of why shouldn't be called "Internet Filter" even if that's what it does.
+  - author: Steve
+    date: 2012-09-05T02:08:41+02:00
+    content: |
+      What are they going to decide you don't need to see next?
+  - author: TQian
+    date: 2012-09-05T02:35:08+02:00
+    content: |
+      Great, now I'll have to have a VPN for when I'm in the UK as well as for when I'm in China! Thanks for making it easier to live in these two ever-more-similar countries, Tories!
+  - author: Lisa
+    date: 2012-09-05T02:43:57+02:00
+    content: |
+      So who oversees the standards by which these censors shut down normal adult search behavior? How much art will be censored as porn, for having tits shown? Tits are ubiquitous in Renaissance art - how many classic artworks will now be blocked as porn, so that kids can't know about the Birth of Venus, or countless other classic works? How many Roman and Greek sculptures will now be blocked? 
+
+      More important, why are we willing to give religious pearl-clutchers such control over the art and culture that our children experience? They are now censoring their own works, in addition to modern intellectual thoughts. How about we stop being politically correct, and just be straight up honest about not censoring art and intellectual thought?
+  - author: TurkeyBurgers
+    date: 2012-09-05T02:55:46+02:00
+    content: |
+      Oh you silly British toothless wankers. Once you lined up and willingly turned in your firearms to Big Brother you went from citizens to subjects. 
+  
+      Free people own guns.
+  
+      Slaves do not.
+  - author: Justin Kachel
+    date: 2012-09-05T03:58:20+02:00
+    content: |
+      I thought it was pretty obvious that these things don't work&#8230; I don't know why governments still insist on trying to push things like this. But you know, we still live in a society based off of ignorance rather then scientific and mathematical proof. But you know, being stuck in a tier 2 society is where it's at, screw innovation and freedom, we all need to read the bible and let it tell our bodies what to do.
+  - author: Cole Hudson
+    date: 2012-09-05T05:03:28+02:00
+    content: |
+      You said wee&#8230;
+  - author: Fletcher
+    date: 2012-09-05T05:07:15+02:00
+    content: |
+      Why should the entire nations internet be censored for the convenience of a few parents too lazy to install a block on their own computers? Next they'll be telling us we cant wear "objectionable clothing", or use "objectionable speech" in public.
+  - author: Michael
+    date: 2012-09-05T05:22:36+02:00
+    content: |
+      "porn filter" ? Its more like a disguised censorship tool to block websites all in the name of "protecting children". Are these parents gullible that they want their government on what their children want to watch Internet? 
+
+      How will this tool be really used? So for example, what about the fate of the image hosting websites like imageshack or imgur? They contain so many adult images as well as many personal user images. So they will block the whole website? What about websites like youtube or vimeo which also contain adult videos? They will block it too. 
+
+      And haven't these parents and the politicians supporting for this type of blocking ever heard of the the consequences of banning something? It creates more demand for it and inadvertently turn them in to the very thing they try to avoid. Ever heard of the prohibition in US? 
+
+      I am not in support of children watching porn of course but this sort of thing is a parents responsibly, not the government. 
+
+      I am mostly sure this will block will be most probably removed but if it is implemented, it will only create more problems in the long term.
+  - author: Chris
+    date: 2012-09-05T05:31:23+02:00
+    content: |
+      Anyone else notice the irony in this being championed by "Christian Media" to "protect the innocence of children" when the church has been quite active in taking childrens innocence away? Besides, shouldnt it be the parents monitoring their own kids? Don't make the rest of us suffer for your lifestyle choice (as in, having kids!)
+  - author: Ike Ramsey
+    date: 2012-09-05T06:18:20+02:00
+    content: |
+      My vote is 1) Protest Internet censorship. 2) If the protesting doesn't work, we take back our freedom using a free VPN like proxpn.com or hotspotshield.com! 2-note) Better download a VPN before it's too late because who knows&#8230; they might start blocking sites that offer this type of service too.
+  - author: RELIGION IS OBSOLETE!
+    date: 2012-09-05T12:13:32+02:00
+    content: |
+      RELIGION IS OBSOLETE!
+    
+      Don't like porn or anything that's against your religion. don't go into those places!!!!
+      
+      Keep your shitty beliefs to yourself!
+  - author: David Cameron
+    date: 2012-09-05T12:24:45+02:00
+    content: |
+      <a href="http://goo.gl/Hcaz7" rel="nofollow">FIIIIIIIIRRRREEEEEEEED!</a>
+  - author: Allen Vincent
+    date: 2012-09-05T13:55:44+02:00
+    content: |
+      Wow&#8230; just wow. This whole idea is the stupidest thing I've heard in a long time. The people behind this are not only pushing this for purely religious reasons but are obviously technologically illiterate. Do you know how long it would take most people with a modicum of computer knowledge to circumvent this? About 2 minutes. Do you know who has the best and most intuitive computer knowledge? Kids and young people. Do the people supporting this even have the vaguest concept that the whole idea will be impossible to implement in the real world? Do they have even the vaguest concept of the internet or how it works?
+
+      It is unworkable, unpoliceable and a huge waste of time and money. I'm proud that the UK government doesn't generally bow to religious nutjobs. Don't start now.
+  - author: JP
+    date: 2012-09-05T14:43:36+02:00
+    content: |
+      If porn is blocked, firstly there will be a lot of moody, horny teens. That aint good. Then, where does the censorship stop? Porn? YT? Facebook? Where?
+  - author: Ryan
+    date: 2012-09-05T15:30:09+02:00
+    content: |
+      What annoys me the most is that getting that word document set up to send via that online form is the most complicated thing I've ever seen. What's wrong with just a message box like this that I can say "No government, fuck off, you ruin our lives more than enough as it is, I don't want your stupid ass censorship in my internet."
+
+      Censorship is disgusting enough as it is, we can't have swear words on television before 9pm and certain 'more rude' swear words before 10pm because a few people complain about their kids seeing it and repeating the words, even though most of the time they learn those words from school from other kids who hear it off their parents. The internet is the last place of freedom people have to escape to when the real world restricts them in every possible fashion, and now there are people wanting to censor and control that too? Fuck off.
+
+      I wonder if I can get them to stop by threatening to kill myself if they go forward with it&#8230; Given the clear religious aspects of this, I'm sure they wouldn't want their actions causing a suicide, otherwise they'd be just as much to blame for the suicide in the eyes of their god as I am.
+  - author: Ryan
+    date: 2012-09-05T15:32:47+02:00
+    content: |
+      \*Looks at America's two party political race\* Yeah, very free over there buddy. Not that it's much better here with our three major ones&#8230;
+  
+      We're still all locked in this bullshit democracy that only appeases the 'majority' and oppresses the minority. Funny that the way it works here, the minorities can far outnumber the majority&#8230;
+  - author: Lisa
+    date: 2012-09-10T22:00:33+02:00
+    content: |
+      It only effects you if you want the filter. Stop whinging porn addicts and grow up. Want to be a loser behind a computer screen your whole life and you can. Don't want to have brain changing, addictive drugs that distort sexuality freely available in your home, and you don't have to. Now THAT IS freedom of choice. At the moment there is no choice. Like it or lump it, porn is everywhere. And no, I'm not religious, or a prude, or ugly, or fat, or whatever name you want to call me to try and control me or 'put me in my place'.
+  - author: Jace
+    date: 2013-10-05T19:56:54+02:00
+    content: |
+      Terrible idea hope it is revoked!
+
+---
+The UK's Department of Education is currently holding a [public consultation on parental internet controls][1], the results of which will influence the coalition government's decision to implement an mandatory ISP-level content filter, designed to block pornography and other adult content. The consultation ends on Thursday, so there's only three days left for you to make your voice heard.
+
+The consultation follows Conservative MP [Clare Perry's report back in April][2], which advises that the government should control what UK internet users can and cannot see online. The report recommends a 12 months timeframe to roll-out an network-level filtering system, which is mandatory for all internet connections, and can only be opted out of by contacting the ISP directly.
+
+"A network-level 'Opt-In' system, maintained by ISPs, that delivered a clean internet feed to customers as standard but allowed them to choose to receive adult content, would preserve consumer choice but provide an additional content barrier that protected children from accessing age inappropriate material," [the report concluded][3].
+
+**Opposition and support**
+
+Perry's report failed to define what will actually constitutes pornography and also neglected to specify who would be in control of deciding what is deemed offensive and inoffensive. It also fails to address any of the technical issues around internet filtering and doesn't provide any assurances over privacy concerns raised by UK activist groups such as [BigBrotherWatch][4]_._
+
+ISPs are naturally against Perry's recommendation. The [Internet Service Providers' Association said][5] such content filters are: "easy to circumvent, reduce the degree of active interest and parental mediation and has clear implications for freedom of speech." The Conservative cabinet minster Francis Maude [also expressed concerns][6] over government intervention in the web. Even the prudish [MumsNet was convinced to back away][7] from supporting Perry's plans.
+
+Nevertheless, support for the content filter is well-organised. The biggest pressure group calling for Perry's recommendations to be implemented is Safety Net, an organisation run by the religious group ['Christian Media][8]'. Safety Net has amassed hundreds of thousands of signators to its campaign and [urging its members to join the public consultation][9] in order to "protect children's innocence online."
+
+**Ineffective protection**
+
+But in order to protect children, the filter has to work effectively. As many have pointed out, from The Open Rights Group to MumsNet, such systems rarely work. Anyone who wants to watch porn can easily find ways to circumvent the block. This raises the possibility that the whole scheme will ultimately prove counter-productive, as it lulls parents into a false sense of security and stops them from implementing more effective ways to prevent their kids watching porn.
+
+"Default filternets are awful. They block a wide range of innocent material; and nobody should be advocating broader and simpler censorship," [says Open Right's][10] Jim Killock. "All the independent evidence has pointed to giving parents simple tools and choices. There is no need to create network level censorship in the name of a porn opt-in."
+
+In fact, back in June, magazine PC Pro illustrated a [simple flaw in ISP TalkTalk's filtering system][11]. All the magazine had to do was use Google Images to access pornographic content. "Although the sites hosting the images were blocked, we were still able to click on the thumbnail images in search results to see enlarged photos," writes PC Pro. "Which ironically appear over the warning that the page has been blocked." PC Pro also points out that TalkTalk's filter is incredibly inconsistent, blocking sites like Flickr, but allowing access to sexual content on sites like Reddit.
+
+Given a degree of cross-party support for Perry's filter recommendations, and given the organised support from Christian groups such as Safety Net, there's a real chance that UK online citizens could soon find themselves behind a giant content filter by default. Are you comfortable with the government deciding what you're allowed to view online, even when they haven't defined what type of content they want to block? Do you want to have to contact your ISP in order to opt-out of such filtering? Head over to the [government's consultation page][1] and make your voice heard. You've got until Thursday!
+
+ [1]: http://www.education.gov.uk/aboutdfe/departmentalinformation/consultations/a00211052/parental-internet-controls
+ [2]: http://www.bigbrotherwatch.org.uk/home/2012/04/claire-perry-report.html#.UETXohTft0w
+ [3]: http://www.claireperry.org.uk/downloads/independent-parliamentary-inquiry-into-online-child-protection.pdf
+ [4]: http://www.bigbrotherwatch.org.uk/
+ [5]: http://www.ispa.org.uk/ispa-statement-on-parliamentary-inquiry-into-online-child-protection/
+ [6]: http://www.telegraph.co.uk/technology/internet/9241830/Francis-Maude-state-must-resist-urge-to-control-internet.html
+ [7]: http://www.theregister.co.uk/2011/02/10/mumsnet_backtracks_support_for_net_filter/
+ [8]: http://www.premier.org.uk/
+ [9]: http://www.safetynet.org.uk/
+ [10]: http://www.openrightsgroup.org/press/releases/cameron-wrong-on-porn-blocks
+ [11]: http://www.pcpro.co.uk/news/375553/exposed-the-shocking-flaws-in-talktalks-porn-filter
diff --git a/src/content/es/blog/2012-09-12-congress-to-vote-on-secret-spying-act-today.md b/src/content/es/blog/2012-09-12-congress-to-vote-on-secret-spying-act-today.md
new file mode 100644
index 000000000..4ee63859a
--- /dev/null
+++ b/src/content/es/blog/2012-09-12-congress-to-vote-on-secret-spying-act-today.md
@@ -0,0 +1,57 @@
+---
+title: Congress to vote on secretive spying act today
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-09-12T11:15:29+00:00
+url: /blog/congress-to-vote-on-secret-spying-act-today/
+heroImage: /images-static/uploads/blog_fixfisa_0.jpg
+thumbnailImage: /images-static/uploads/blog_fixfisa_0.jpg
+
+---
+The US House of Representatives is scheduled today to vote on an five-year extension of the controversial FISA Amendments Acts, which was enacted in 2008 to legalise the Bush adminstration's wiretapping program.
+
+**What is FISA Amendments Act?**
+
+[The Foreign Intelligence Service Act of 1978 Amendments Act of 2008][1] (to give it the full title) was primarily a reaction to the revelations in 2005 that the NSA, under the Bush adminstration, had been conducting warrantless wiretapping. [The New York Times revealed][2] that the NSA was authorised under executive order to monitor, without search warrants, the phone calls, internet activity and text messages, of people within the United States.
+
+In case you didn't know, all wiretapping requires a warrant from a three-judge court to be legal. So the NSA was technically operating outside the law. Furthermore, while the Bush adminstration said the warrantless wiretapping was needed for anti-terrorism measures, critics claimed the government used the monitoring to silence its detractors. [Approximately 40 lawsuits have since been filed][3] by groups and individuals against telecommunications companies, alleging that the Bush adminstration illegally wiretapped their internet connection and phones.
+
+So in 2008, the government attempted to fix the issue and bring the NSA's activities under control. The result was the FISA Amendments Act, which has a number of provisions that seeks to protect the privacy of Americans.
+
+**Where did it go wrong?**
+
+However, while the FISA Amendments Act brought some welcome oversight to the issue of warrantless wiretapping, it essentially legalised the practice. As [the American Civil Liberties Union describes it][4]:
+
+<p style="padding-left: 30px;">
+  "[FISA] permits the government to get year-long orders from the secret Foreign Intelligence Surveillance Act (FISA) court to conduct dragnet surveillance of Americans' international communications—including phone calls, emails, and internet records—for the purpose of collecting foreign intelligence.
+</p>
+
+<p style="padding-left: 30px;">
+  The orders need not specify who is going to be spied on or even allege that the targets did anything wrong. The only guarantees that the FAA gives are that no specific American will be targeted for wiretapping and that some (classified) rules about the use of intercepted information will be followed."
+</p>
+
+**Loopholes and secrecy**
+
+Furthermore, US Senators Ron Wyden and Marc Udall both appear to suggest the FISA Amendments Act contains loopholes that allows the NSA to collect "massive amounts of data" on US citizens without warrants.
+
+The two Senators asked officials how many Americans had been spied on via the program and were not given an answer. In fact, multiple intelligence officials told them it was "not possible" to determine how many had been spied on under the act. This [led Wyden to conclude in August 2011][5] that _" there are important questions that need to be answered before the FISA Amendments Act is given a long-term extension."_ 
+
+"_..one of the central questions that Congress needs to ask is, are these procedures working as intended? Are they keeping the communications of law-abiding Americans from being swept up under this authority that was designed to apply to foreigners?_ 
+
+**Voting on it anyway&#8230;**
+
+But as [TechDirt reports][6], Congress seems "ready to push this extension through no matter what&#8230;without bothering to understand the massive loopholes and likely abuse by the feds under the law."
+
+It certainly seems bizarre that members of Congress would be prepared to vote on extending a piece of legislation when they do not have basic information about it, such as how it's enabling the warrantless spying on US citizens. Yet that's what they will be doing today.
+
+The ACLU has [an action page][7] that can provide more information on the FISA Amendments Act, including a submission form to voice your concerns to Congress.
+
+ [1]: http://en.wikipedia.org/wiki/FISA_Amendments_Act
+ [2]: http://www.commondreams.org/headlines05/1216-01.htm
+ [3]: http://archive.truthout.org/article/judge-rejects-bushs-view-wiretaps
+ [4]: http://www.aclu.org/blog/national-security/house-vote-fisa-amendments-act-wednesday/
+ [5]: http://www.techdirt.com/articles/20110802/13125515364/ron-wyden-puts-hold-fisa-amendments-act-wants-answers-to-how-many-americans-have-been-spied.shtml
+ [6]: http://www.techdirt.com/articles/20120611/16214719280/wyden-udall-block-fisa-amendments-act-until-us-admits-how-many-americans-are-being-spied.shtml
+ [7]: https://ssl.capwiz.com/aclu/issues/alert/?alertid=61359346&type=CO?s_src=UNW120001C00&ms=web__ac
\ No newline at end of file
diff --git a/src/content/es/blog/2012-09-22-the-internet-association-a-rogues-gallery-of-online-privacy-violators.md b/src/content/es/blog/2012-09-22-the-internet-association-a-rogues-gallery-of-online-privacy-violators.md
new file mode 100644
index 000000000..630fe9f25
--- /dev/null
+++ b/src/content/es/blog/2012-09-22-the-internet-association-a-rogues-gallery-of-online-privacy-violators.md
@@ -0,0 +1,63 @@
+---
+title: 'The Internet Association: A rogues gallery of online privacy violators'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-09-22T16:38:24+00:00
+url: /blog/the-internet-association-a-rogues-gallery-of-online-privacy-violators/
+heroImage: /images-static/uploads/ialogo_201535043360_640x360.jpg
+thumbnailImage: /images-static/uploads/ialogo_201535043360_640x360.jpg
+comments:
+  - author: al
+    date: 2012-09-24T05:22:39+02:00
+    content: |
+      Good blog. I am concerned about hardware, browser, and OS fingerprinting. Would be interesting you could post on how to use iVPN along with the privacy Live CD's like JonDoFox, TAILS and that Liberte one. Is it possible to use iVPN instead of TOR or perhaps in addition to TOR?
+
+      And you're right about Google. Google is noone's friend. Every "free" product they put out ther from their search engine to gmail to google docs, whatever, they're all out to track you and profile you as you travel the internet.
+
+      Thanks.
+
+---
+A number of heavy weights in the online space have joined forces to form [The Internet Association][1], a new lobbying group that aims to protect the freedom of the internet and the rights of internet users. But when you look at its membership, and read its policy, it's pretty clear that protecting online privacy won't be on their agenda.
+
+**No mention of the 'P' word**
+
+Having formally launched on Wednesday, The Internet Association wasted no time announcing its values and objectives. Here's a quote from their press release:
+
+"The Internet Association's policy platform is based on three planks: protecting Internet freedom; fostering innovation and economic growth; and empowering users.The Internet Association and its member companies engage in direct advocacy, educating policymakers on the profound positive impacts of the Internet and Internet companies on jobs, economic growth, freedom, creativity, commerce, productivity, education, prosperity and the global economy."
+
+All very valiant goals, but did you notice the glaring omission in that list of online sacred cows? Yep, the word "privacy" is conspicously absent. It's strange, because the idea of "empowering users" and promoting "freedom" surely necessitates a measure of privacy&#8230;. Indeed, wasn't the concept of protecting privacy a significant element of the SOPA and ACTA protests (arguably the biggest internet-related protests in history)? I also checked [The Internet Association's website][1] I couldn't find a single mention of the word "privacy". Just more ambigous talk of "Internet freedom":
+
+"The Internet Association supports policies that protect and promote Internet freedom – information should flow freely across national borders, uninhibited by tariffs, regulations and government censorship that are fundamentally inconsistent with the transnational, free and decentralized nature of the Internet. To preserve the Internet's role as a conduit for free expression, Internet intermediaries must not be held liable for the speech and activity of Internet users."
+
+**Rogues' gallery**
+
+But it's not hard to see why The Internet Association is so reluctant to utter the 'P word', as many of its members have been accused, and in some cases convicted, of privacy violations. The full membership so far includes: Amazon.com, AOL, eBay, Expedia, Facebook, Google, IAC, LinkedIn, Monster Worldwide, Rackspace, salesforce.com, TripAdvisor, Yahoo!, and Zynga . Let's take a closer look at some of their track records.
+
+**Google:** Do I really need to tell you Google's attitude toward online privacy? This is the company whose former CEO said those concerned about online privacy [must have something to hide][2]! We [summarised Google's privacy violations][3] in a previous blog post, back when the search giant suffered the highest fine ever dished out by the FTC, for breaking its own privacy-related promises.
+
+**Yahoo!**: Yahoo! may be committed protect people from government censorship now, but where were its values when it handed over the personal details of [democracy activist Shi Tao][4] to the Chinese government? Tao is currently serving 10 years in prison. Yahoo!'s Hong Kong arm also played a role in the jailing of activists [Li Zhi][5], [Jiang Lijun][5] and [Wang Xiaoning][6]. I doubt they'll be getting any assistance from The Internet Association&#8230;
+
+**Facebook**: Barely a month goes by without Facebook's privacy policy coming under the spotlight. Wikipedia has [a nice summary][7] and here is [a few][8] [privacy concerns][9] raised [this year.][10] Of course, Facebook's entire business rests on selling your data to advertisers, so don't expect it to join an organisation that has any interest in protecting privacy.
+
+**Amazon**: Although Amazon's privacy missteps haven't attracted as much attention as Google or Facebook's, it's still – allegedly - been a naughty boy. Last March [a class action lawsuit][11] was filed against the online retailer, alleging that Amazon illegally circumvented cookie blockers on Internet Explorer and tracked users without consent. Users also allege that Amazon sold their data to third party advertisers without consent. Amazon tried to get the lawsuit dismissed in June, but [was rejected][12] by a federal judge.
+
+**Rackspace**: The Internet Association has pledged to "preserve the internet's role as a conduit for free expression" but back in 2004 Rackspace was involved in some very shady dealings with government agencies that saw them handing over servers belonging to the independent media group IndyMedia. The whole affair is shrouded in secrecy, with no agency taking responsibility for the seizure (the finger has been pointed at Italian, UK and US governments) and no explanation given by Rackspace. The company's UK branch was investigated for possible breach of the UK Data Protection Act and Rackspace was roundly criticised for not doing more to protect its customers' data. The EFF has a nice [summary of the affair here][13].
+
+I could mention the privacy lawsuits related Zynga and that [colossal user data screw-up by AOL][14] a few years back, but in the interest of brevity I'll stop here. Of course, I still wish The Internet Association the best of luck - many of its goals are admirable - but judging by its members, online privacy is far from its concern and without a focus on privacy "Internet freedom" will be hard to achieve.
+
+ [1]: http://internetassociation.org/
+ [2]: http://blogs.computerworld.com/15234/google_ceo_if_you_want_privacy_do_you_have_something_to_hide
+ [3]: /blog/google-can-never-be-trusted-to-protect-your-privacy/
+ [4]: http://en.wikipedia.org/wiki/Shi_Tao
+ [5]: http://en.wikipedia.org/wiki/Li_Zhi_%28dissident%29
+ [6]: http://en.wikipedia.org/wiki/Wang_Xiaoning
+ [7]: http://en.wikipedia.org/wiki/Criticism_of_Facebook#Privacy_concerns
+ [8]: http://technorati.com/business/article/new-facebook-privacy-violations-add-to/
+ [9]: http://www.infosecisland.com/blogview/21386-Facebook-Like-Button--Privacy-Violation--Security-Risk.html
+ [10]: http://www.theinquirer.net/inquirer/news/2198211/facebook-settles-with-the-ftc-over-privacy-violations
+ [11]: http://www.infolawgroup.com/2011/03/articles/privacy-and-security-litigatio/add-amazoncom-to-the-list-classaction-lawsuit-alleges-data-privacy-violations/
+ [12]: http://www.mediapost.com/publications/article/176077/judge-rejects-amazons-bid-to-dismiss-privacy-laws.html
+ [13]: https://www.eff.org/cases/indymedia-server-takedown
+ [14]: http://en.wikipedia.org/wiki/AOL_search_data_leak
diff --git a/src/content/es/blog/2012-09-29-will-privacy-concerns-limit-facebooks-growth.md b/src/content/es/blog/2012-09-29-will-privacy-concerns-limit-facebooks-growth.md
new file mode 100644
index 000000000..e059f53f2
--- /dev/null
+++ b/src/content/es/blog/2012-09-29-will-privacy-concerns-limit-facebooks-growth.md
@@ -0,0 +1,52 @@
+---
+title: Will privacy concerns limit Facebook's growth?
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-09-29T10:07:59+00:00
+url: /blog/will-privacy-concerns-limit-facebooks-growth/
+heroImage: /images-static/uploads/facebook-privacy.jpg
+thumbnailImage: /images-static/uploads/facebook-privacy.jpg
+
+---
+The last week has been troublesome for the world's biggest social network Facebook, with (false) allegations of a timeline privacy flaw, worries over its new data-sharing partnership, and – most importantly – a dramatic dip in confidence from potential investors. The once mighty company is now looking somewhat vulnerable. It begs the question, to what extent will privacy concerns clip the wings of Facebook's future growth?
+
+**Privacy missteps**
+
+Facebook has faced three PR issues recently. The first was a story that [initially broke on TechCrunch][1] this Monday. The website began receiving a number of messages from concerned readers, who claimed that private Facebook messages, written in 2009 and earlier, were being displayed publicly on their timeline. Only it turned out that the private messages weren't actually private in the first place. According to Facebook, and TechCrunch's own investigation, they were in fact wall posts (although it must be noted that a number of the users involved disagree with Facebook's explanation).
+
+On the same day Facebook was forced to [switch-off its facial recognition technology][2] in Europe, following an investigation by the Irish Data Protection Commission. The IDPC found that while Facebook had implemented some its privacy recommendations, "full compliance has not yet been achieved" and that Facebook "still needs to be monitored going forward". Facebook, which has its European HQ in Dublin, says it wants to reinstate the feature once it meets the IDPC's guidelines.
+
+Then, a day later, news emerged that Facebook [has partnered with a controversial company Datalogix][3] - an online advertising company that tracks whether people viewing ads go on to buy products. The Financial Times says the partnership comes amid "growing pressure for the social networking site to prove the value of its advertising". While privacy advocates at The Centre for Digital Democracy say "We don't believe any of this online-offline data should be used without express consumer approval and an opt-in."
+
+**Wall St woes**
+
+Facebook has endured plenty of attacks over online privacy, so nothing about this is new. However, unlike the past PR disasters, we haven't been able to measure the impact on the one metric that really counts – Facebook's stock price.
+
+When Facebook embarked on its IPO this May it was greeted with fanfare. Mark Zuckerberg went on the road, soliciting high-profile investors. The company, with the help of Goldman Sachs, estimated its value at $38 dollars per share and had no problem [raising $16 billion from early investors][4]. In fact, responding to extraordinary demand, Facebook floated a further 84 million shares worth $3.2 billion and the stock [opened at $42.05 per share][5].
+
+Fast forward just four months and [Facebook shares this week plummeted to $20.83][6] with influential investment company Barron's stating the stock is worth just $15. The glowing headlines pre-IPO, have now turned into [navel gazing commiserations][7].  Now, the reasons for this are multi-faceted. But they largely rest on Facebook's inability to effectively monetise via advertising. More precisely, investors are worried that Facebook cannot make enough money from advertising [via its mobile app,][8] which is expected to be the most common way to access the social network over the coming years.
+
+**Mobile restrictions**
+
+Now you have to ask why is it harder for Facebook to make money from mobile advertising? Well it's not just Facebook's problem. It's hard to make money from mobile advertising across all platforms. This is because [advertisers are reluctant to spend money on mobile][9] due to their inability to track and target mobile users like they can target desktop online users. Why can't they target mobile users? [Chiefly because of privacy concerns][10].
+
+Despite a number of [high-profile screw-ups][11] – or perhaps because of them - Apple is sensitive to user concerns about privacy. Unlike Google, Apple does not have a vested interest in testing the limits of online privacy, because it makes the vast majority of its money through hardware sales and content sales (not advertising). This is why Apple had [no problem ditching UDIDs earlier in the year][12] (causing an uproar in the mobile ad industry). Apple has even gone as far as to introduce a [UDID alternative][13] that promises to protect privacy.
+
+But the facts are 1) Apple doesn't have to play ball with the advertisers and 2) Apple still controls a substantial amount of mobile and tablet connections 3) iDevice users are generally [seen as more valuable to advertisers than Android users][14]. This, combined with increasing sensitivities over mobile online privacy, will continue to make it problematic for the mobile ad industry to track users, and thus could very well continue to inhibit Facebook's growth and value. Facebook is therefore facing a big problem: it needs to develop more targeted advertising to grow its business, but it can only grow in a space (mobile) where consumers and powerful vendors like Apple are much more sensitive and sympathetic to online privacy.
+
+ [1]: http://techcrunch.com/2012/09/24/reports-facebook-users-seeing-private-messages-pre-2009-showing-up-on-timelines-as-posted-by-friends/
+ [2]: http://www.irishcentral.com/news/Facebook-suspends-facial-recognition---could-face-128000-fine-for-not-complying-with-Irish-regulations-171138071.html
+ [3]: http://www.computerworld.com/s/article/9231662/FTC_should_examine_Facebook_Datalogix_partnership_privacy_group_says?taxonomyId=84
+ [4]: http://www.forbes.com/sites/roberthof/2012/05/17/its-official-facebook-raises-16-billion-in-historic-ipo/
+ [5]: http://money.cnn.com/2012/05/18/technology/facebook-ipo-trading/index.htm
+ [6]: http://seekingalpha.com/article/889451-facebook-drops-on-barron-s-call
+ [7]: http://www.businessinsider.com/facebook-lockup-release-2012-8
+ [8]: http://www.latimes.com/business/technology/la-fi-tn-emarketer-facebook-wont-be-a-mobile-advertising-powerhouse-overnight-20120905,0,4158391.story
+ [9]: http://techcrunch.com/2012/02/18/mobile-advertising-baby-huey/
+ [10]: http://www.adweek.com/news/technology/survey-privacy-top-concern-mobile-app-users-143352
+ [11]: http://www.bbc.com/news/technology-13145562
+ [12]: http://www.mobyaffiliates.com/blog/the-end-of-udids-what-it-means-for-mobile-advertising/
+ [13]: http://appleinsider.com/articles/12/06/08/apples_new_udid_free_tracking_tool_will_increase_user_privacy
+ [14]: http://www.cultofmac.com/175840/ios-apps-retain-way-more-users-than-android-apps/
\ No newline at end of file
diff --git a/src/content/es/blog/2012-10-05-australian-data-retention-debate-heats-up.md b/src/content/es/blog/2012-10-05-australian-data-retention-debate-heats-up.md
new file mode 100644
index 000000000..a0aafa668
--- /dev/null
+++ b/src/content/es/blog/2012-10-05-australian-data-retention-debate-heats-up.md
@@ -0,0 +1,67 @@
+---
+title: Australian data retention debate heats up
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-10-05T10:14:07+00:00
+url: /blog/australian-data-retention-debate-heats-up/
+heroImage: /images-static/uploads/AustFlag3.jpg
+thumbnailImage: /images-static/uploads/AustFlag3.jpg
+comments:
+  - author: Gil.Macy
+    date: 2013-03-17T13:52:29+01:00
+    content: |
+      Sir/Ms,
+  
+      Your article "the 5 greatest threats to online privacy ' was very interesting.
+    
+      But as an Australian on this day Sunday 17 March,2013 the current socialist government, the Australian Labor Party, r about to by censorship and for control of the media for starters take the step taken by the likes of Hitler & Stalin etc by legislating against an journalists writing ANY columns that are critical of the government. They are dependant on 3 independents (as Labor is a minority government) voting with them to slam this bill through before Tuesday the 19th March,2013 which I believe is the latest date they r legally permitted to do so as their leader (former allied with the communist party & has never worked outside the union movement except a brief stint with a socialist Melbourne law firm, Slater & Gordon.Her departure from there is clouded in mystery as whilst she was employed by S & G she defended, whilst embroiled in a long term affair, with a man who was on trial for embezzlement. A large sum of money which purchased (she denies) a house for HER in HER name. She was then in her mid thirties & claimed she was 'conned' by this man who 'broke her heart' and claimed she was TOO young & TOO NAIVE to understand what was taking place.
+    
+      TOO young & naïve in ones MID thirties, a lawyer who had worked around, socialised with & represented some of the toughest union heavies in Australian at that time???? She is now in her early 50's) & is one of the most cunning actress's, liars,,diabolically fallacious politician in Australia's history.
+    
+      She has called an election for September this year, which according to various polls she cannot win.
+    
+      If this once wonderful country of ours is to survive economically, incorruptibility and free, our people from the eventual Big Brother Marxist police-state we, the masses, MUST realise that Communism is NOT dead, it lives alive & well here in Australia under the guise of the Australian Labor Party !!!!
+  - author: Gil.Macy
+    date: 2013-03-17T14:08:49+01:00
+    content: |
+      I do not believe that my contribution of a few minutes ago will be accepted for any type of publication because most print, electronic & all types of speaking one's mind in the way I have has already been censored not just here but in other Westernised so called 'fee' countries. No editor or moderator will take a chance of having the wrath of these governments come down on them. None at all,, once intrepid,, dauntless editors, journalists & columnists have lost their guts, they have taken the spineless way out.
+  
+      &#8230;.shut up & keep your jobs!!!
+
+---
+Australia's National Security Proposals, which threaten to curtail the online freedoms of Aussie citizens, are currently being thrashed out in a series of joint parliamentary committees. The latest hearing, which took place last week, saw police officials call for new data retention laws and increased power to access Australian citizens' online personal data. However, ISPs and storage experts have said the proposed plans would be hugely costly and complicated to implement.
+
+**Two years not enough**
+
+When discussing how long ISPs should hold onto customer data, Australia's Federal Police Commissioner Tony Negus [told the inquiry in Sydney][1] he wants records of every website and email sent held indefinitely, so it could be accessed by police at any time. However, given the extremity of this request (not even China has implemented indefinite data retention policies), Mr Negus said that a two year data retention policy would be acceptable.
+
+"The two-year proposal &#8230; we could live with," he said. "It certainly wouldn't be ideal, but we could live with [it]."
+
+**Growing pressure to change laws**
+
+Unlike in Europe, currently Australian ISPs are under no obligation to retain the personal data of citizens for any length of time. But they are obliged to [give "necessary assistance"][2] to any law enforcement agency of the Commonwealth States and Territories.
+
+However, since July attorney-general Nicola Roxon has been steadily beating the drum [for a crackdown on online privacy][3] in the name of law enforcement and her proposals [have been controversial to say the least][4]. Roxon is not entirely clear what constitutes personal data, but she insists that the contents of emails will not be accessible. As with the [EU's Data Retention Directive][5], the data would likely consist of logs concerning who you've emailed, and when, as well as what websites you've visited and when you visited them. Roxon insists they are necessary for 21st century law enforcement ands points to the EU's laws as further justification.
+
+**Costly and ineffective**
+
+But ISPs say the plans would be highly expensive to implement and would not even give law enforcement the information they are seeking. Australian ISP [iiNet told the committee][6] that the costs of setting up data capture points would reach around $60 and would ultimately be passed down to consumers, with a rise of $5 per connection. [Rival ISP Telstra said][7] a great deal of the data sought by the police would be held by "over the top" services such as Skype and Gmail, not ISPs.
+
+"The other part that gets a little bit lost in all this is that some of the information that carriers may want is not something that carriers themselves can provide because it's information that's contained in applications that are used by over-the-top players," said Telstra's security spokesman Darren Kane.
+
+Meanwhile, Hitachi Data Systems told ZDnet.com that the iiNet's assessment is a "conservative estimate" of the costs involved in capturing such massive amounts of data. "There's no doubt that there is going to be huge logs that need to be maintained," [said Hitachi's Australian CTO][8]. "The ability to find an email that was around two years ago from, potentially, a customer that no longer is with them, how do you go and do that easily? High levels of automation and understanding the context of information is going to be critical."
+
+**Falling in line**
+
+It's clear that governments around the world are trying to turn ISP data retention into an accepted standard policy, despite the protests of both ISPs, the wider online industry and of course regular online citizens. What's worrying is that there's an obvious snowball effect taking place, whereby governments justify such anti-online privacy laws pointing to their implementation in other countries. These justifications are powered by the insistence of law enforcement agencies that such laws are necessary to protect society. But, as with any organisation, the police will always want to increase their powers, as is illustrated by Police Commissioner Tony Negus' comments that he wants "indefinite" data retention. They do not care about the privacy risks – it's not their problem. Australia is lucky that it currently remains free of data retention laws; for its sake – and for the sake of other western democracies – it needs to resist Roxon's proposed laws.
+
+ [1]: http://www.theage.com.au/technology/technology-news/police-want-phone-web-data-kept-indefinitely-20120926-26kj2.html
+ [2]: http://www.acma.gov.au/WEB/STANDARD..PC/pc=PC_100072
+ [3]: /blog/australia-prepares-for-new-online-privacy-fight/#more-513
+ [4]: https://www.efa.org.au/2012/09/14/data-retention-roxon-obfuscates/
+ [5]: http://en.wikipedia.org/wiki/Data_Retention_Directive
+ [6]: http://www.zdnet.com/au/iinet-tips-au5-monthly-data-retention-tax-7000004933/
+ [7]: http://www.theaustralian.com.au/australian-it/data-retention-too-costly-says-telstra/story-e6frgakx-1226482655404
+ [8]: http://www.zdnet.com/au/data-retention-will-require-massive-storage-re-architecture-7000005210/
diff --git a/src/content/es/blog/2012-10-13-top-5-online-privacy-misconceptions.md b/src/content/es/blog/2012-10-13-top-5-online-privacy-misconceptions.md
new file mode 100644
index 000000000..699fa6062
--- /dev/null
+++ b/src/content/es/blog/2012-10-13-top-5-online-privacy-misconceptions.md
@@ -0,0 +1,47 @@
+---
+title: Top 5 online privacy misconceptions
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-10-13T13:33:47+00:00
+url: /blog/top-5-online-privacy-misconceptions/
+heroImage: /images-static/uploads/800px-Anti-ACTA_Demonstration_in_Aalborg_Denmark_2012-02-25_-ubt-141.jpg
+thumbnailImage: /images-static/uploads/800px-Anti-ACTA_Demonstration_in_Aalborg_Denmark_2012-02-25_-ubt-141.jpg
+
+---
+Online privacy is a vast topic and for the average internet user it can be an uphill struggle keeping up with the facts. So we've rounded-up five of – what we think – are the most common misconceptions surrounding online privacy. If you can think of any better ones, let us know in the comments!
+
+**My ISP doesn't keep a record of the websites I visit&#8230;**
+
+Many people browsing the web believe that they are not being tracked by their ISP and that their ISP is not keeping a record of the websites they visit, as well as the people they email. It's a very reasonable belief, but in many countries it simply is not true. The vast majority of European countries have a data retention policy in place that adheres to the [EU Data Retention Directive][1]. This means ISPs are forced to keep logs of your web activity for up to 2 years after you cancel their service. The UK, Sweden, France, Italy and Holland all have a data retention law in place. Germany is one of [the few European countries that has resisted][2]. The US currently has no data retention law in place (lets hope it stays that way), but ISPs will certainly keep data for at least 30 days and possibly more (it's entirely down to the ISP in question). Australia is also in the clear for now, but the government is currently [considering implementing an EU-style data retention act.][3]
+
+**All VPNs protect your online privacy&#8230;**
+
+Despite the vast majority of VPNs marketing themselves as online privacy protectors, many simply aren't up to scratch in this area. A number of VPNs retain your personal data – just like an ISP would – and are subject to any laws of the land requiring them to hand data over to authorities. This can be easily cross-referenced with billing information to find out your identity. TorrentFreak posted a [good article on this subjec][4]t, and we wrote another one discussing exactly what happens when [law enforcement demands a VPN hand over customer data.][5]
+
+**'Private browsing' is anonymous&#8230;**
+
+This may seem obvious to many readers, but I'm willing to be most people who click on 'private browsing' options really do think they're being offered an extra level of privacy. In reality, you're simply browsing without cookies, it has no effect on whether or not your ISP can track your IP address.
+
+**Law enforcement needs a warrant to access my data&#8230;**
+
+Sure, technically warrants are needed in most countries to access customer data from ISPs, but it's not always so clear cut. In the UK any public authority (such as local council) can [access "communications data" from your ISP without a warrant or judicial oversight][6]. This includes partial URLs (the whole URL would require a warrant, but presumably they'd know the domain). In 2009 there were [500,000 requests][6] for this type of data. It's also worth noting that in the US The Fourth Amendment does not extend to your private data stored on servers outside your home. This led to the creation of the [Stored Communications Act][7], which has been [criticised for being confusing][8] and failing to sufficiently protect privacy. It's quite complicated (you can read [an analysis here][9]), but essentially law enforcement does not need probable cause and a search warrant in order to access your data, they just need a subpoena and can delay prior notice indefinitely.
+
+**SOPA and ACTA were defeated&#8230;**
+
+Online privacy activists quite rightly celebrated when the draconian copyright bill SOPA – and its Euro counterpart ACTA – were put to bed due to strong popular protest. But that doesn't mean the laws these bills tried to implement have gone away. Elements of SOPA have re-emerged in the [Intellectual Property Attache Act][10], which is authored by Lamar Smith, the same congressman who co-authored SOPA. While ACTA has been ratified in Japan and is being [considered for ratification in a number of non-EU countries][11], including the US, Canada and Australia.
+
+<span style="font-size: small;">Image copyright © 2012 by <strong>Tomasz Sienicki</strong> </span>
+
+ [1]: http://en.wikipedia.org/wiki/Data_Retention_Directive
+ [2]: /blog/germany-the-biggest-defender-of-online-privacy/
+ [3]: /blog/australia-prepares-for-new-online-privacy-fight/
+ [4]: http://torrentfreak.com/which-vpn-providers-really-take-anonymity-seriously-111007/
+ [5]: /blog/when-law-enforcement-knocks-on-a-vpns-door-what-happens/
+ [6]: https://www.privacyinternational.org/reports/united-kingdom/ii-surveillance-policies
+ [7]: http://en.wikipedia.org/wiki/Stored_Communications_Act#cite_note-Kerr2-1
+ [8]: http://digitaldueprocess.org/index.cfm?objectid=37940370-2551-11DF-8E02000C296BA163
+ [9]: http://papers.ssrn.com/sol3/papers.cfm?abstract_id=421860
+ [10]: http://techcrunch.com/2012/07/10/sopa-intellectual-property-attache-act/
+ [11]: http://www.ip-watch.org/2012/09/13/acta-will-it-ever-become-a-valid-international-treaty/?utm_source=post&utm_medium=email&utm_campaign=alerts
\ No newline at end of file
diff --git a/src/content/es/blog/2012-10-18-google-under-pressure-to-change-privacy-policy.md b/src/content/es/blog/2012-10-18-google-under-pressure-to-change-privacy-policy.md
new file mode 100644
index 000000000..bbf6d08b3
--- /dev/null
+++ b/src/content/es/blog/2012-10-18-google-under-pressure-to-change-privacy-policy.md
@@ -0,0 +1,52 @@
+---
+title: Google under pressure to change privacy policy
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-10-18T15:22:00+00:00
+url: /blog/google-under-pressure-to-change-privacy-policy/
+heroImage: /images-static/uploads/Google-privacy.jpg
+thumbnailImage: /images-static/uploads/Google-privacy.jpg
+
+---
+Google's new privacy policy may be in breach of EU law according to 30 European data protection commissioners.
+
+The EU has sent [a public letter to Google][1] saying its new privacy policy could be collecting too much data on users and holding that data for too long. Regulators say it's unlcear what Google new privacy policy even is and that it fails to take user privacy seriously at all.
+
+"Google's answers have not demonstrated that your company endorses the key data protection principles of purpose limitation, data quality, data minimization, proportionality and right to object," reads the letter. "Indeed, the Privacy policy suggests the absence of any limit concerning the scope of the collection and the potential uses of the personal data. We challenge you to commit publicly to these principles."
+
+**With great power&#8230;**
+
+The commissioners pointed specifically to Google's storing of cookies and data for between 18 months and two years as possibly being in breach of data protection laws. [The French data protection authority][2] – CNIL - has now requested Google provide users with more detailed control over their personal data. This involves splitting up data controls between different Google services, such as Gmail, YouTube and Google+, rather than lumping them all in together, which is exactly what Google's new privacy policy – [introduced in March][3] – set out to achieve.
+
+The EU paints a worrying picture of Google's increasing access to personal data from across numerous services. According to the CNIL, visits to sites that display a '1+' Google+ button will be stored for at least 18 months, while data collected via DoubleClick ad cookies is stored for two years and can be renewed without consent. The EU said such power and control over user data must be used responsibly.
+
+<p style="padding-left: 30px;">
+  "The new Privacy Policy allows Google to combine almost any data from any services for any purposes. Combination of data, like any other processing of personal data, requires an appropriate legal ground and should not be incompatible with the purpose for which these data were collected. For some of the purposes related to the combination of data and which are further elaborated in the appendix, Google does not collect the unambiguous consent of the user, the protection of the individual's fundamental rights and freedoms overrides Google's legitimate interests to collect such a large database, and no contract justifies this large combination of data. Google empowers itself to collect vast amounts of personal data about internet users, but Google has not demonstrated that this collection was proportionate to the purposes for which they are processed. Moreover, Google did not set any limits to the combination of data nor provide clear and comprehensive tools allowing its users to control it."
+</p>
+
+**Google retaliates**
+
+Yesterday Google co-founder [Larry Page went on the offensive][4], rebutting the EU's claims. Page said it was "sad" that regulators are trying to restrict types of online data collection and that certain Google products would not have been possible with data collection. The co-founder used the example of a potential Android feature that could prevent your phone from interrupting you during a scheduled meeting.
+
+"That's almost a trivial thing to know," said Page. "But for us, solving that problem requires changing our privacy policy, which we've now done," he said. "And now you'll see those kinds of things roll out."
+
+But according to [a New York Times source][4], Google execs "breathed a sigh of relief" at the EU response, as it expected the regulators to implement a much harsher penalty, such as fines and concrete charges that Google broke the law. As it stands the EU is giving Google a loose timeframe of 4 months to change its policy and explain more clearly what exactly it does with the data it collects.
+
+"Google bought some time," said Mark Rotenberg, president of the Electronic Privacy Information Center, adding that the message from European authorities was: "We've been through this before, with companies like Facebook, and they responded. If you choose not to respond, you do so at your own risk."
+
+**No stranger&#8230;**
+
+Of course, Google is no stranger to breaking the law and violating user privacy. As we [outlined a couple of months ago][5], Google has consistently shown complete disregard for user privacy, to the point where it even lied to the FTC about data collection via StreetView, earning itself the biggest fine the regulator has ever imposed. While the EU has made strong criticisms of Google new privacy policy, much of the requests outlined by the CNIL are posed as requests, rather than orders. Such requests are likely to be ignored, or fought against, if we take Google's past behavior into account. But as data protection lawyer [Marc Dautlich told The Guardian][6], Google may be playing with fire.
+
+"If Google's get-out is that it's only being told 'should' rather than 'must', then it becomes a question of trust," said Dautlich. "How does a company purport to be transparent and trusted if they're put to the test and use a legal nicety to avoid it?"
+
+ Google is not invulnerable. The more a company proves itself untrustworthy, the more dangerous the PR fallout when things eventually go wrong.
+
+ [1]: http://www.bigbrotherwatch.org.uk/files/Art29letter16Oct.pdf
+ [2]: http://www.cnil.fr/english/news-and-events/news/article/googles-new-privacy-policy-incomplete-information-and-uncontrolled-combination-of-data-across-ser/
+ [3]: http://www.guardian.co.uk/technology/2012/mar/01/google-privacy-policy-analysis?intcmp=239
+ [4]: http://bits.blogs.nytimes.com/2012/10/17/larry-page-defends-googles-privacy-policy/
+ [5]: /blog/google-can-never-be-trusted-to-protect-your-privacy/
+ [6]: http://www.guardian.co.uk/technology/2012/oct/16/google-privacy-policies-eu-data-protection
diff --git a/src/content/es/blog/2012-10-28-top-five-free-online-privacy-tools.md b/src/content/es/blog/2012-10-28-top-five-free-online-privacy-tools.md
new file mode 100644
index 000000000..4c3b87c9f
--- /dev/null
+++ b/src/content/es/blog/2012-10-28-top-five-free-online-privacy-tools.md
@@ -0,0 +1,114 @@
+---
+title: Top five free online privacy tools
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-10-28T21:22:44+00:00
+url: /blog/top-five-free-online-privacy-tools/
+heroImage: /images-static/uploads/DuckDuckGo.jpg
+thumbnailImage: /images-static/uploads/DuckDuckGo.jpg
+comments:
+  - author: Anonymous
+    date: 2012-10-29T15:42:32+01:00
+    content: |
+      Not seeing I2P on this list makes me wonder&#8230;&#8230;
+  - author: Oh The Shame
+    date: 2012-10-29T20:30:41+01:00
+    content: |
+      So, Hushmail isn't effective unless you, the user, encrypt your emails properly (and the receivers must do the same so they don't send a reply in text form). Otherwise you're putting your trust into hushmails private key, which is stored on their servers. I'm pretty sure they also gave up somebodies information before, too.
+
+      I2P isn't listed on here. Very weird. I2P is ridiculously strong for anonymity. People can also fileshare using I2P which is unlike Tor where filesharing is discouraged.
+
+      Diaspora is basically a dead project. How about bringing some attention to Tent.io? 
+
+      Also, Tor as a VPN? Really? Seriously? uhhuh&#8230;.
+
+      If you're trying to educate the masses on privacy and anonymity -> provide real information presented properly and elegantly explain the basics.
+
+      I wonder about this ivpn stuff. Very odd that you don't know much about privacy and yet host a vpn&#8230;&#8230;&#8230;&#8230; which is not free&#8230;&#8230;. 
+
+      Yikes.
+  - author: Dennis Kügler
+    date: 2012-10-29T21:56:21+01:00
+    content: |
+      Thanks for you suggestions. I've incorporated them into the article. You're right omitting I2P was a bit of an oversight. As you might know if you read this blog I tend to focus on legislative issues around online privacy, rather than privacy tools - so my knowledge may indeed be a little lacking. If anyone else has any ideas that we may have overlooked feel free to suggest them!
+  - author: nr2
+    date: 2012-10-29T22:43:31+01:00
+    content: |
+      Good Guy iVPN. Admits mistakes and corrects them! I usually find posts on here really informative actually
+  - author: UWNThesis
+    date: 2013-05-21T10:25:05+02:00
+    content: |
+      Totally agree with what you've got, but would add a couple of others.
+  
+      1. Search Engine
+    
+      Startpage.com (EU privacy award)
+    
+      Duckduckgo.com
+    
+      Or alternative between both search engines.
+
+      2. Block trackers
+    
+      PrivacyFix.com - PrivacyFix works against your Linkedin, Google and Facebook profiles
+    
+      Ghostery.com 
+
+      3. Easiest encryption for Windows users
+    
+      Kruptos - a free trial is possible, and it's licence by the person, so you can use at home or work
+  - author: uwnthesis
+    date: 2013-07-24T15:03:45+02:00
+    content: |
+      If anyone is interested in Privacy Tools, then an awesome starting place is Prism Break.
+  
+      It includes free private cloud, anti tracking, private email etc.
+  
+      <a href="https://prism-break.org/" rel="nofollow ugc">https://prism-break.org/</a>
+  - author: Burung Hantu
+    date: 2015-03-29T06:06:16+02:00
+    content: |
+      Hi Dennis, great article. This is definitely a good source of privacy related tools. But I wouldn't recommend Ghostery anymore, instead HTTPS Everywhere, Request Policy and NoScript. I've created a website a couple of days ago about privacy tools here: <a href="http://www.privacytools.io/" rel="nofollow ugc">http://www.privacytools.io/</a> and IVPN is also on the list. Bye
+
+---
+Although maintaining complete anonymity on the internet is very difficult, there are plenty of tools and alternative services out there that can help protect your personal data. Below we've listed five of our favorite services and tools that are privacy conscious. Of course, using the below suggestions will not guarantee 100% protection from privacy intrusions, but they're a good place to start!
+
+
+**Duck Duck Go**
+
+If you want to get out of the Google eco-system then the first thing you'll want is a search engine alternative. You can find big brand alternatives such as Bing and Excite, but [DuckDuckGo][1] is one of the few search engines that takes user privacy seriously. DuckDuckGo promises that it won't track users or  employ filter bubbles - tailoring your search results based on your account history. This anti-Google attitude has been gaining DuckDuckGo a great deal of publicity and the search engine recent broke the million visitors per day milestone. DuckDuckGo also offers a bunch of handy tools such as metric conversions, common calculations and stock price info.
+
+**Ghostery**
+
+[Ghostery][2] is an add-on that originally launched on Mozilla's Firefox browser and is now available for Chrome, IE and Opera (as well as a standalone app for iOS). Along with [DoNotTrack][3], Ghostery is one of the best privacy-orientated add-ons available for browsers. Ghostery essentially blocks tracking from ad-companies via cookie blocking and cookie protection. The add-on also gives you a list of all the ad networks, data companies and publishers tracking your browser on any given page. It's a great tool, but it can cause some pages to load incorrectly and mess-up social sharing buttons (if you're into that kind of thing).
+
+**Hushmail**
+
+If you're looking for an email service that takes privacy seriously [HushMail][4] is a good option. However it's not perfect. Hushmail has to comply with court-ordered warrants from law enforcement, just like any other email provider (and it drew a lot of criticism for this). If you want more privacy over the content of your emails then you can use Mozilla Thunderbird in combination with an [encryption tool like Enigmail][5]. There's also [Lavabit][6], which promises a privacy-orientated email service, but its servers are located in the US, which some say has less-stringent requirements for law enforcement access than Canada, where Hushmail is located.
+
+**Diaspora**
+
+[Diaspora][7] was originally billed as a Facebook-killer back in 2010 when it first started out. That scenario is looking ever more unlikely, as the project was fraught with difficulties while Facebook has gone from strength-to-strength. Nevertheless, if you're looking for a social network that gives you control of your personal data – via a decentralised network - then Diaspora still a good choice. You could also [try Friendica][8] as another privacy-orientated social network. A user in the comments section also recommends the decentralised social network [Tent][9].
+
+**Tor**
+
+Of course, you're not really anonymous online unless you use a VPN of some sort to shield your IP address. [Tor is a free VPN][10] that's aimed at protecting people from state-level privacy intrusions. Tor is a great way to protect yourself online, but it isn't perfect. The main problem is it allows anyone to set-up 'entry' and 'exit' nodes, through which your data travels (most people setting up nodes have good intentions, but if you don't know who they are then how can you trust them not to spy on your traffic?). The other problem with TOR is that it generally offers slower speeds than a privately run VPN. Of course, we have to shamelessly toot our own horn here [and recommend IVPN][11] if you're looking for a paid privacy-orientated VPN, with no bandwidth restrictions.
+
+**I2P**
+
+Yes we know the headline says top 5, but as commentators have pointed out, omitting I2P is a bit of an oversight. [I2P is an overlay network][12] that allows other software to use it for anonymous communication, including web browsing, sending messages, blogging and file transfers. It's compatible with BitTorrent clients such as Vuze and the I2P instant messenger. I2P is currently in Beta, but the developers say the code is stable enough for use.
+
+ [1]: http://duckduckgo.com/
+ [2]: http://www.ghostery.com/
+ [3]: http://donottrack.us/
+ [4]: http://www.hushmail.com/
+ [5]: http://www.enigmail.net/home/index.php
+ [6]: http://lavabit.com/
+ [7]: http://diasporaproject.org/
+ [8]: http://friendica.com/
+ [9]: https://tent.io/about
+ [10]: https://www.torproject.org/
+ [11]: /
+ [12]: http://www.i2p2.de/
diff --git a/src/content/es/blog/2012-11-03-71-of-brits-dont-trust-governments-new-cyber-security-bill.md b/src/content/es/blog/2012-11-03-71-of-brits-dont-trust-governments-new-cyber-security-bill.md
new file mode 100644
index 000000000..63e7c4c38
--- /dev/null
+++ b/src/content/es/blog/2012-11-03-71-of-brits-dont-trust-governments-new-cyber-security-bill.md
@@ -0,0 +1,56 @@
+---
+title: 71% of Brits don't trust government's new cyber security bill
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy", "Security"]
+draft: false
+date: 2012-11-03T12:37:15+00:00
+url: /blog/71-of-brits-dont-trust-governments-new-cyber-security-bill/
+heroImage: /images-static/uploads/uk-flag.jpg
+thumbnailImage: /images-static/uploads/uk-flag.jpg
+comments:
+  - author: Gerry O'Dowd
+    date: 2012-12-11T10:51:53+01:00
+    content: |
+      Re the UK Communications Capabilities Development Programme:-
+
+      There is now an official epetition site:-
+
+      <a href="https://petition.parliament.uk" rel="nofollow ugc">https://petition.parliament.uk</a>
+
+---
+The UK government is edging ever closer to passing its draconian communications data bill, but new research from YouGov shows that the British public do not trust the coalition when it comes to keeping its private online data safe.
+
+According to research [published by YouGov and Big Brother Watch][1], 71% of people say they do not trust that their online data will be kept secure and just 6% think the government has made a "clear and compelling argument" for the bill.
+
+In case you haven't been paying attention, under the proposed Communications Capabilities Development Programme (CCDP) the government agency responsible for monitoring communications (the GCHQ) [will be able to demand that ISPs hand over details on what websites you're visiting and who you're sending emails to][2], without any court orders or warrants. Under this law, all that stands between you and your online privacy is the idle suspicions of a civil service bureaucrat, who doesn't have to go through a single independent check in order to look at your web-browsing history (although some say [this has always been the case in the UK anyway][3]).
+
+The bill will also allow law enforcement to monitor details of messages sent on social media and gaming platforms, such as Xbox Live and World of Warcraft. While the bill won't let agencies read the content of emails, it does let them monitor who they've been sent to and when.
+
+**Idle threats**
+
+The Home Office has gone through virtually every threat it can think of to try and convince the public that the CCDP is necessary. It started off back in April by saying the CCDP would help prevent peadophiles from carrying out crimes. In fact Home Secretary Theresa May, went as far as to [cite the case of convicted child killer Ian Huntley][4], despite the fact that her bill would not have prevented the Soham murders.
+
+May is trying to scare monger yet again. This time she's [saying that the CCDP will directly help save lives][5]. Appearing in front of a panel of MPs on Thursday, May said out of 30,000 estimated cases last year where the police made an urgent request for communications data, between 25% and 40% of them resulted in lives being saved.
+
+But as Big Brother Watch points out, these figures look inflated. Twenty five percent of 30,000 is 7,500, whereas the latest figures for murders between 2011 and 2012 was just 550. May didn't say where exactly she's got her data from.
+
+But the PR assault doesn't end there. On Tuesday the Chief Constable of Greater Manchester Police said the CCDP would [help police infiltrate criminal gangs and cut down on gang violence][6]: "Up to now we have been able to use the more readily available communications data but criminals are realising that and moving to new technology and platforms," said the Chief Constable. "We already have specific examples of them using new platforms to defeat us."
+
+**No debate**
+
+The problem is the police, by their very nature, will want to use every tool available to them to make their jobs easier, without regard for the privacy of the population. You only have to look at [the recent hearings in Australia concerning][7] their proposed communication reforms to see law enforcement isn't even satisfied with a 2 year data retention law (rather they want ISPs to hold onto your web browsing history indefinitely).
+
+The UK government doesn't even see room for negotiation on the CCDP. Theresa May told the committee the government is fully committed to the draft bill and – according to the BBC - it would only be prepared to "look at its wording in certain areas" so it doesn't lead to "misinterpretation".
+
+So there you have it. Despite the overwhelming public opposition to the CCDP, the government intends to plow ahead regardless, only stopping to tinker with the wording to make it more PR-friendly. Make your voice heard, [38 Degrees has a petition page right here][8] and [Avaaz has another going][9]. Better yet write a letter to your local MP and let them know in clear terms that the CCDP is an infringement upon your online privacy.
+
+ [1]: http://www.bigbrotherwatch.org.uk/home/2012/10/public-dont-trust-snoopers-charter-and-say-its-a-waste-of-money.html#.UJULtBKP8xA
+ [2]: http://www.bbc.co.uk/news/uk-politics-17590363
+ [3]: http://www.bigbrotherwatch.org.uk/home/2012/06/communications-data-bill-misdirection.html#.UJULvxKP8xA
+ [4]: http://www.bbc.co.uk/news/uk-politics-17576745
+ [5]: http://www.bbc.co.uk/news/uk-politics-20157059
+ [6]: http://www.bbc.co.uk/news/uk-politics-20141737
+ [7]: /blog/australian-data-retention-debate-heats-up/
+ [8]: https://secure.38degrees.org.uk/page/s/stop-government-snooping#petition
+ [9]: http://www.avaaz.org/en/stop_the_big_brother_law_a/?vc
diff --git a/src/content/es/blog/2012-11-09-want-to-know-how-much-your-personal-data-is-really-worth.md b/src/content/es/blog/2012-11-09-want-to-know-how-much-your-personal-data-is-really-worth.md
new file mode 100644
index 000000000..5037aa084
--- /dev/null
+++ b/src/content/es/blog/2012-11-09-want-to-know-how-much-your-personal-data-is-really-worth.md
@@ -0,0 +1,37 @@
+---
+title: Want to know how much your personal data is really worth?
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-11-09T15:17:06+00:00
+url: /blog/want-to-know-how-much-your-personal-data-is-really-worth/
+heroImage: /images-static/uploads/facebook-privacy.jpg
+thumbnailImage: /images-static/uploads/facebook-privacy.jpg
+
+---
+A recent study from business strategists The Boston Consulting Group, has underscored the growing importance and value of online personal data for businesses. The report titled '[The Value of Our Digital Identity][1]', says the total value extracted from European consumers' personal data in 2011 was 315 billion euros and that figure is predicted to grow to a staggering 1 trillion euros annually by 2020.
+
+### Booming business
+
+Now this report isn't aimed at privacy advocates - it's been written in order to promote the personal data industry to business leaders - but it's well worth a read. The above figures are pretty startling and neatly demonstrate how the consumer is becoming the product in a rapidly booming market. Boston Consulting's senior researcher and report author, [John Rose, says that][2] "leveraging personal data" and digital identities can be a "key growth driver in an overall stagnant European economy." According to the consultants, personal data will be potentially worth up to 8% of Europe's total GDP by 2020.
+
+The report also found that the amount of available personal data is growing rapidly. By 2015 Boston Group says there will be 7 zettabytes of data available to marketers, which is roughly 1,000 gigabytes for every person on the planet. This is aided by "rapidly improving" ability to process and analyse that data.
+
+While Rose identifies social media sites as the primary drivers of growth, he also notes that 'the internet of things' will play a big role in expanding the types of data collected, with over 75 million connected devices in Europe by 2015.
+
+The other trend leading to increased data variety is the "Internet of things,"" reads the report. "In-product sensors that can "call home" via the Internet and relay usage data are becoming increasingly prevalent. Automobiles, home appliances and energy meters are among the traditional product categories that have – or soon will have – integrated links to the Internet. Not including phones or PCs, we expect to see an additional 75 million devices with direct connections to the Internet in Europe by 2015.4 "
+
+Thankfully the report does mention the importance of establishing user trust and operating data collection policies in a transparent way. But it also found that of the 3,000 European consumers questioned, only 30% had "a relatively comprehensive understanding of which sectors were collecting and using their information. "
+
+### Data-mining equals growth
+
+As I've said many times before on this blog, companies such as Google and Facebook derive the majority of their revenue from your personal data. Ninety six per cent of [Google's 37.6 billion revenue in 2011 was from advertising][3]. So the sure-fire quick way for Google to expand its business and deliver value to share-holders is to increase its data-mining activities, in order to create more a more effective service for advertisers.
+
+This is compounded by the lack of competition against Google and Facebook. These companies are pretty much monopolies. Not only is there few privacy-orientated alternatives to Facebook, but there's also worrying signs that [there's no alternative to not join Facebook!][4] This creates an environment ripe for abuse and we don't even have to speculate. Just [take a look at Google's track record so far][5]. The company has illegally collected personal data and lied to governments about its activity. The personal data industry may represent a great opportunity for businesses as Boston Consulting points out, but it also represents a big threat to online anonymity and personal privacy.
+
+ [1]: http://www.lgi.com/PDF/public-policy/The-Value-of-Our-Digital-Identity.pdf
+ [2]: http://www.ft.com/intl/cms/s/0/5fd7d8a8-28e5-11e2-b92c-00144feabdc0.html#axzz2BjZlKp6N
+ [3]: http://venturebeat.com/2012/01/29/google-advertising/
+ [4]: http://www.forbes.com/sites/kashmirhill/2012/08/06/beware-tech-abandoners-people-without-facebook-accounts-are-suspicious/
+ [5]: /blog/google-can-never-be-trusted-to-protect-your-privacy/
\ No newline at end of file
diff --git a/src/content/es/blog/2012-11-19-uk-online-communications-crackdown-a-brief-round-up.md b/src/content/es/blog/2012-11-19-uk-online-communications-crackdown-a-brief-round-up.md
new file mode 100644
index 000000000..a71ae2c38
--- /dev/null
+++ b/src/content/es/blog/2012-11-19-uk-online-communications-crackdown-a-brief-round-up.md
@@ -0,0 +1,47 @@
+---
+title: 'UK online communications crackdown: A brief round-up'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-11-19T20:55:58+00:00
+url: /blog/uk-online-communications-crackdown-a-brief-round-up/
+heroImage: /images-static/uploads/uk-flag.jpg
+thumbnailImage: /images-static/uploads/uk-flag.jpg
+
+---
+Last week a man was arrested in the UK for [posting an image of a burning paper poppy][1] to Facebook, in just the latest incident of what appears to be a growing crackdown on free speech and internet freedoms in the UK. [Figures obtained by the Associated Press][2] through a freedom of information request show a steady rise in prosecutions for electronic communications deemed "grossly offensive or of an indecent, obscene or menacing character". There were 1,263 prosecutions in 2009, rising to 1,843 in 2011.
+
+Convinctions rose from 873 in 2009 to 1,286 last year. Lawyers and activist groups – such Index on Censorship and Reform Section 5 – say the UK has serious problem trying to regulate 21st century communications with laws made during the 20th century, while the director of public prosecutions, Keir Starmer QC, [says he'll launch a public consultation][3] discussing guidelines on how to deal with abusive comments on social media sites.
+
+Below is a quick round-up of all the arrests that have been made over offensive online comments in the UK in 2012. Given the quoted stats above, the actual number of arrests is probably higher, but we can only mention the ones that have made headlines (if you think we've missed something, let us know in the comments). Obviously no one wants to defend offensive, racist or homophobic messages. All of the people below deserve to be ridiculed and in some cases reviled. But they shouldn't be silenced by the state. There's no point in defending free speech unless you apply it to everyone, regardless of whether or not you find what they say offensive, or not.
+
+** UK crackdown on internet freedoms: Arrests made in 2012**
+
+**Linford House** – 19 year-old Linford House from Kent [was arrested under the Malicious Communications ac][4]t for posting a picture of a burning poppy on Facebook, allegedly with the comment 'How about that you squadey \***s'. House was arrested on November 12 and spent at least two nights behind bars. I could not find any information on whether he's being prosecuted.
+
+**Daniel Thomas** – Back in July 28 year old footballer Daniel Thomas was [arrested for a making homophobic comment][5] about UK Olympic divers Tom Daley and Peter Waterfield. Thomas, who said the comments were a prank played on him by friends, was suspensed from his football club but escaped prosecution.
+
+**Reece Messer** – In August 17-year old [Reece Messer was arrested][6] for tweeting that Tom Daley had "let his father down" during the Olympics (Daley's father is deceased). Messer, whose father says suffers from behavior problems, was not prosecuted.
+
+**Liam Stacey** – Liam Stacey made a series of racist tweets in March against professional footballer Fabrice Muamba, moments after he had collapsed on pitch from a heart attack. [Stacey was arrested and charged][7] with breaching section 4A of the Public Order Act 1986. He spent 56 days in jail.
+
+**Joshua Cryer** – In March 21 year-old student Joshua Cryer was sentenced to 240 hours of community service for [sending racist tweets to footballer Stan Collymore][8]. Cryer was found to be in breach of section 127 of the Communications Act.
+
+**Matthew Woods** – 19-year old Matthew Woods was jailed for three months in October f[or posting jokes about missing child April Jones on Twitter][9]. One of the jokes read "Who in their right mind would abduct a ginger kid?"
+
+**Azhar Ahmed** – In March 20-year old Azhar Ahmed made a Facebook post demanding justice for dead Afghani civilians and saying all British soldiers should "die & go to hell". Ahmed apologised and deleted the message after receiving criticism over Facebook. [But he was later arrested and, last month, was sentenced to 240 hours of community service][10].
+
+**Neil Swinburne** – Last month 22 year-old [Neil Swinburne was arrested][11] for setting up a Facebook page praising the murderer of police officers Fiona Bone and Nicola Hughes. If found guilty under the Communications Act 2003, Swinburne faces a six month jail sentence.
+
+ [1]: http://www.guardian.co.uk/uk/2012/nov/12/kent-man-arrested-burning-poppy
+ [2]: http://news.yahoo.com/uk-twitter-facebook-rants-land-jail-081322573--finance.html
+ [3]: http://www.guardian.co.uk/media/2012/sep/20/dpp-prosecutions-facebook-twitter-abuse
+ [4]: http://www.nzherald.co.nz/world/news/article.cfm?c_id=2&objectid=10847187
+ [5]: http://www.bbc.co.uk/news/uk-wales-19661950
+ [6]: http://www.dailymail.co.uk/news/article-2183494/Tom-Daleys-Twitter-troll-Reece-Messer-lives-benefits-bedsit-father-11-children.html
+ [7]: http://www.telegraph.co.uk/sport/football/9169038/Student-jailed-over-Fabrice-Muamba-tweet.html
+ [8]: http://www.guardian.co.uk/technology/2012/mar/21/man-racially-abused-collymore-twitter-spared-prison
+ [9]: http://www.guardian.co.uk/uk/2012/oct/08/april-jones-matthew-woods-jailed
+ [10]: http://blog.indexoncensorship.org/2012/03/13/facebook-offence-azhar-ahmed/
+ [11]: http://www.dailymail.co.uk/news/article-2206043/Neil-Swinburne-22-arrested-Dale-Cregan-Facebook-tribute-page.html
diff --git a/src/content/es/blog/2012-11-25-europeans-more-concerned-about-online-privacy-than-canadians.md b/src/content/es/blog/2012-11-25-europeans-more-concerned-about-online-privacy-than-canadians.md
new file mode 100644
index 000000000..d204af6d4
--- /dev/null
+++ b/src/content/es/blog/2012-11-25-europeans-more-concerned-about-online-privacy-than-canadians.md
@@ -0,0 +1,35 @@
+---
+title: Europeans more concerned about online privacy than Canadians?
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-11-25T21:14:17+00:00
+url: /blog/europeans-more-concerned-about-online-privacy-than-canadians/
+heroImage: /images-static/uploads/Flag_of_Canada.svg_.png
+thumbnailImage: /images-static/uploads/Flag_of_Canada.svg_.png
+
+---
+Two interesting online privacy-related surveys were published earlier this week. One was conducted in Europe by data management company TRUSTe and the other in Canada by the Canadian Advertising Standards industry regulator. Although the two surveys covered slightly different topics, the way they were reported in the press suggested that Europeans are more concerned about online privacy and tracking than Canadians. But is that really the case?
+
+Lets start with the [TRUSTe survey conducted by Ipsos MORI][1] in France, Germany, UK and Netherlands. According to TRUSTe, EU companies are heavily tracking online behavior and, despite a relatively high awareness amongst EU consumers of this activity, only a minority of companies seek consent before dropping cookies into browsers. French companies were apparently the worst offenders with on average nine 3rd party cookies per homepage, followed by Great Britain with eight, Germany with six and Netherlands with five.
+
+The report also found that 71% of French respondents were very concerned about their privacy online compared with 69% in Great Britain, 62% in Germany and 48% in the Netherlands. 79% of Dutch respondents were aware that the EU Cookie Directive law requires companies to get permission to track you online, compared with 63% in Great Britain, 51% in Germany and 26% in France. 53% of French respondents expect companies to comply, yet 44% plan to only visit websites of companies who comply with the EU Cookie Directive.
+
+**Canadians willing to trade personal data**
+
+But [Canada's ad industry survey][2] appears to paint a much rosier picture of the relationship between online advertisers and internet users. The poll, compiled by research firm McCann Truth Central, found that 73% of Canadians were aware of online ad tracking, but a majority (53%) said they were willing to share personal data, including location data, to obtain a benefit. Furthermore, 79% of Canadians are happy to share their shopping data, which includes the websites they shop on and the items they buy. However, 56% of Canadians say one of the most important things is that a company does not pass information on to any third parties without specifying that it intends to do so. 48% want to know exactly how their data is going to be used.
+
+Here's what the author of the Canadian report, Laura Simpson, concludes: "Canadians are well aware of the various ways they trade data with brands and businesses, and even how this data is used. Consumers are increasingly willing to trade privacy for clear benefits and become what we call the 'savvy shopper'."
+
+Contrast this with a quote from TRUSTe's survey by managing director Danilo Labovic: ""This research shows that there is a significant gap between consumer expectations and the experience provided by most companies&#8230;. they have high levels of privacy concerns and across all four countries, an average of 83%* thought that companies should get their permission before tracking them online."
+
+**Real difference or just spin?**
+
+Now, if you ask me, there's not that much difference between the TRUSTe survey's findings and the Advertising Standards Canada findings. Both Canadians and Europeans are aware of ad tracking and they want to know how they're data is being used, but if transparency is in place then they don't mind companies using the data.
+
+But take a cursory look at the headlines generated from both surveys. On the one hand you've got the Calgary Herald saying "Canadians not worried about targeted ads" and the other you've got TRUSTe putting out press releases titled ["EU Companies out of step with consumer concerns"][3]. Why is this? Well, Canada's Advertising Standards is not an independent regulator, therefore it has a vested interest in suggesting Canadians don't care about online ads, whereas TRUSTe – as you may already know – is in the business of data privacy. So you've got two very similar sets of results coming out in the same week, but being spun by public relation departments in two different ways. When in actual fact, both Canadians and Europeans seem pretty uniform in their attitude to online tracking and targeted ads.
+
+ [1]: http://www.truste.com/eu-compliance-tracking-awareness-index/
+ [2]: http://www.adstandards.com/en/Events/201211TruthAboutPrivacyTorontoMontreal-archived.asp
+ [3]: http://www.wallstreet-online.de/nachricht/5047805-eu-companies-out-of-step-with-consumer-concerns-over-online-tracking
diff --git a/src/content/es/blog/2012-12-03-oppose-the-uks-spying-bill-youre-siding-with-paedophiles.md b/src/content/es/blog/2012-12-03-oppose-the-uks-spying-bill-youre-siding-with-paedophiles.md
new file mode 100644
index 000000000..cb7aeba7e
--- /dev/null
+++ b/src/content/es/blog/2012-12-03-oppose-the-uks-spying-bill-youre-siding-with-paedophiles.md
@@ -0,0 +1,47 @@
+---
+title: Oppose the UK's spying bill? You're siding with paedophiles…
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-12-03T17:23:53+00:00
+url: /blog/oppose-the-uks-spying-bill-youre-siding-with-paedophiles/
+heroImage: /images-static/uploads/800px-Hdr_parliament.jpg
+thumbnailImage: /images-static/uploads/800px-Hdr_parliament.jpg
+comments:
+  - author: bitgal
+    date: 2012-12-05T06:34:42+01:00
+    content: |
+      You guys are kidding - you say "we care about privacy and go on and on about privacy" but then you only accept paypal - the most anti-privacy payment system available? What about bitcoin? What about some payment system that is not falling over itself to hand over your info to anyone official looking. Please address this fatal flaw in your business offering.
+
+---
+The UK's home secretary, Theresa May, has made her most outrageous defense of the Communications Capabilites Development Programme yet, saying that anyone who opposes the bill - which allows police to monitor email communications and web browsing - is siding with "criminals, terrorists and paedophiles". May made the comments in this morning's edition of The Sun newspaper, which [ran a feature filled with scaremongering][1] and propaganda designed to counteract the bad publicity attracted by what's become dubbed the ['Snooper's Charter',][2] which was officially announced in spring. May told The Sun: "Criminals, terrorists and paedophiles will want MPs to vote against this bill. Victims of crime, police and the public will want them to vote for it. It's a question of whose side you're on."
+
+**Preventing terrorism**
+
+May again made completely unsubstantiated claims that the surveillance powers offered by the CCDP could've stopped the 7/7 terrorist attacks on the London Underground. She added that "anyone who is against this bill is putting politics before people's lives."
+
+But as it's been pointed out numerous times before, this is a complete fallacy. Here's what the [inquest said][3] about the phone communications between the terrorists, who carried out the suicide bombings back in 2007: "It is unlikely these could have been detected by surveillance given the large number of untraceable "operational" phones used by the bombers and only attributed to them once their identities and details were known."
+
+Theresa May went even further in her exploitation of national sentiment by saying the CCDP could have prevented the recent murders of police officers [Nicola Hughes and Fiona Bone][4].
+
+"The shootings of Nicola Hughes and Fiona Bone brought everybody up sharp to show the extent of the problem that can be caused by criminals," said Mat "&#8230;The people who say they're against this bill need to look victims of serious crime, terrorism and child sex offences in the eye and tell them why they're not prepared to give the police the powers they need to protect the public.
+
+But as [Big Brother Watch][5] points out, the slain officers were responding to a routine burglary. How could data on personal email communications or web logs help in such a case? "Are we now saying before responding to routine calls, police officers will be expected to check the website browsing, social media messages and emails of every individual in the vicinity?" It's utterly ridiculous.
+
+**Opposition mounts**
+
+May's comments come after one of the major UK political parties finally suggested serious opposition to the bill. According to reports, Liberal Democrat leader Nick Clegg - who is a coalition government with the Conservative party - [wants to distance himself from the CCDP][6]. Some Lib Dems [already said they would oppose the bill][7] in its current form, but without the support from the Labour party, which has remained silent on the issue (and has [pretty poor form][8] when it comes to online privacy), it would take a firm and united stand from the Lib Dems to kill the bill outright.
+
+But judging from Theresa May's comments today, this battle is going to get more and more ugly. Sadly simple-minded scare tactics, and labeling opponents as paedophile-sympathisers, is what passes for honest and open debate in the mind of the Home Office.
+
+_<span style="font-size: small;">Image credit: Graeme Maclean</span>_
+
+ [1]: http://www.thesun.co.uk/sol/homepage/news/politics/4678082/Track-crime-on-net-or-well-see-more-people-die.html
+ [2]: /blog/uk-online-spying-law-how-to-resist/
+ [3]: http://image.guardian.co.uk/sys-files/Guardian/documents/2011/05/06/rule43-report.pdf
+ [4]: http://en.wikipedia.org/wiki/Deaths_of_Nicola_Hughes_and_Fiona_Bone
+ [5]: http://www.bigbrotherwatch.org.uk/
+ [6]: http://www.guardian.co.uk/world/2012/nov/29/nick-clegg-distances-lib-dems-snooper-charter
+ [7]: http://www.libdemvoice.org/tales-from-the-webinar-julian-huppert-on-civil-liberties-and-communications-data-30210.html
+ [8]: http://news.bbc.co.uk/2/hi/uk_news/politics/8020039.stm
diff --git a/src/content/es/blog/2012-12-07-uk-public-data-under-threat-from-us-patriot-act.md b/src/content/es/blog/2012-12-07-uk-public-data-under-threat-from-us-patriot-act.md
new file mode 100644
index 000000000..b893df445
--- /dev/null
+++ b/src/content/es/blog/2012-12-07-uk-public-data-under-threat-from-us-patriot-act.md
@@ -0,0 +1,41 @@
+---
+title: UK public data under threat from US Patriot Act
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-12-07T16:01:04+00:00
+url: /blog/uk-public-data-under-threat-from-us-patriot-act/
+heroImage: /images-static/uploads/us-uk_flag_408x212.jpg
+thumbnailImage: /images-static/uploads/us-uk_flag_408x212.jpg
+
+---
+The USA's controversial [Patriot Act][1] has just got, well, a lot more controversial. [A recent study][2] by The University of Amsterdam says US government agencies can secretly request US-based cloud storage companies to hand over data they have on foreign citizens. 
+
+**Go-Cloud**
+
+Now this is very interesting for Brits, as the UK government recently launched the [latest iteration of its Go-Cloud portal][3], which is designed to speed-up and facilitate the adoption of cloud services throughout government institutions. Go-Cloud's 'Cloud Store' lists all the government approved vendors who offer SaaS and cloud-storage to everyone from local councils to the Ministry of Defence. You can [head over here and check it out for yourself][4].
+
+After a quick search I managed to find a few US-based companies offering cloud storage solutions to UK institutions. These included big names such as Verizon and Dell, as well as lesser known US-companies with UK branches, such as [Sunguard Availability Services][5]. Both Amazon and Google will be included as service providers in the next phase of Go-Cloud, although interestingly they were denied entry into the programme last month.
+
+It's also worth mentioning [this press release][6], which details how Stratford-on-Avon council has archived over 12 million emails with US company Metalogix, and that US start-up CipherCloud is currently [working with an unnamed central government departmen][7]t. Perhaps more worrying is [PayPal's role delivering][8] a "secure online identity registration service" for the Department of Work and Pensions&#8230;
+
+**Real threat**
+
+The University of Amsterdam study says this information request can be made even if the service provider is subsidiary of a US company. [As TechDirt points out,][9] the revelation has caused a big stir in The Netherlands, where the Dutch Electronic Patient Database is implemented next month. The EPD database is run by a US-based company called CSC, causing Dutch citizens to worry over whether US agencies can now access their medical records.
+
+The Dutch government and CSC are convinced there isn't a problem, telling activists there's stringent data protection laws that guard patient data. But the researchers say that the threat is genuine and has global ramifications. Here's a quote, summarised by TechDirt, from the paper.
+
+_"When using a cloud service provider that is subject to U.S. jurisdiction, data may be requested directly from the company in question in the United States. […] From a legal point of view, access to such information cannot be denied and cloud service providers can give no guarantees in this respect. […] The possibility that foreign governments request information is a risk that cannot be eliminated by contractual guarantees. Nor do Dutch privacy laws offer any safeguards in this respect. […] It is a persistent misconception that U.S. jurisdiction does not apply if the data government requests for information do not apply to Dutch users of the cloud. […] legal protection under specific U.S. laws applies primarily to U.S. citizens and residents. […] Given the nature of intelligence work, it is not possible to gain insight into actual requests for information by the U.S. authorities […] Cloud providers will typically not be able to disclose whether such requests are made"_
+
+Perhaps the UK government has different safeguards than the Dutch government, or perhaps it's taken precautions not to entrust any really sensitive data to US companies. But nevertheless, as with SOPA, it appears that US legislation is once again having big ramifications for the rest of the world&#8230;.
+
+ [1]: http://en.wikipedia.org/wiki/Patriot_Act
+ [2]: http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2181534
+ [3]: http://www.microscope.co.uk/news/2240169375/Government-launches-next-phase-of-G-Cloud-project
+ [4]: http://gcloud.civilservice.gov.uk/cloudstore/
+ [5]: http://www.sungardas.com/Pages/default.aspx
+ [6]: http://www.prweb.com/releases/2012/12/prweb10206667.htm
+ [7]: http://www.techweekeurope.co.uk/news/ciphercloud-cloud-security-uk-government-salesforce-101167
+ [8]: http://www.techweekeurope.co.uk/news/paypal-universal-credit-government-security-99536
+ [9]: http://www.techdirt.com/articles/20121201/12234021198/us-government-agencies-will-soon-be-able-to-access-foreign-medical-dossiers-due-to-patriot-act.shtml
\ No newline at end of file
diff --git a/src/content/es/blog/2012-12-13-160-million-people-affected-by-data-breaches-in-2012.md b/src/content/es/blog/2012-12-13-160-million-people-affected-by-data-breaches-in-2012.md
new file mode 100644
index 000000000..070fb2e14
--- /dev/null
+++ b/src/content/es/blog/2012-12-13-160-million-people-affected-by-data-breaches-in-2012.md
@@ -0,0 +1,51 @@
+---
+title: 160 million people affected by data breaches in 2012
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Security"]
+draft: false
+date: 2012-12-13T18:51:24+00:00
+url: /blog/160-million-people-affected-by-data-breaches-in-2012/
+heroImage: /images-static/uploads/linkedin_logo.png
+thumbnailImage: /images-static/uploads/linkedin_logo.png
+
+---
+Data breaches suffered by private companies and public institutions increased by more than 40% year-on-year in 2012, with over 160 million people having their personal information compromised, according to a new study. The auditing company KPMG says t[here was a total of 835 separate incidences][1] of data breaches this year and deliberate 'hacking' of companies accounted for 67% of the data loss. KPMG claims these figures depict a "shift" from the accidental loss of data to "deliberate theft".
+
+"Several of the world's largest companies have been targeted over recent months by hackers who have grown in sophistication," said a company rep. "It is now not just a lone hacker sitting in their bedroom but, in many cases, serious organisations backed by nation states who are leading this new phenomenon."
+
+KPMG says the biggest sector affected by data loss is media companies – both private and public – followed by bodies such as "clubs, unions and community centres" and then the retail sector. The biggest driver behind the data loss is the theft of "personally identifiable information" (46%), such as names and credit cards, followed by password theft (16%).
+
+Obviously, KPMG has a vested interest in promoting such information as it performs risk audits, but it still begs the question – just how safe is our data? Every year we entrust more and more personal information into the hands of private and public entities and governments are increasingly [gunning for large centralised databases][2].
+
+However, there's little debate in the media over the vulnerability of company and government security systems. Even after the spectacular data breaches carried out by the Lulsec group in 2011, the mainstream media debate remained focused on the criminality of the perpetrators, rather than the weak security of their targets. Are companies and institutions up to the task of providing us with adequate protection over the next few years? We'll have to wait and see. In the meantime check out below for our top five worst security breaches of the year.
+
+**2012's worst data breaches**
+
+**Utah Department of Technology Services**
+
+In March [780,000 individuals had medical information stolen][3] from the Utah Department of Technology Services. Names, medical diagnostic codes, addresses, social security numbers and other information was compromised. Officials believe the theft occurred somewhere in Eastern Europe.
+
+**Wisconsin Department of Revenue**
+
+In spring the Wisconsin Department of Revenue made public [more than 100,000 social security numbers and tax IDs of US citizens][4]. The embarrassing error occurred when an employee embedded the details in a real estate report, which was published on the department's website. The information was public for 3 months before anyone realised.
+
+**Global Payments**
+
+Credit card processing company Global Payments admitted [1.5 million card numbers and other personal information was stolen][5] in a security breach back in February. The Atlanta based company processes more than $120 billion in credit card transactions per year. Visa removed Global Payments from its list of processors following the breach.
+
+**South Carolina Department of Revenue**
+
+Over 3 million unencrypted bank account numbers, social security numbers, credit card details and tax returns [were stolen from the South Carolina Department of Revenue][6] in September. The department declined to say where the attack originated from.
+
+**LinkedIN and eHarmony**
+
+In an attack believed to carried out by the same individual, social network LinkedIn and dating site eHarmony had [millions of account passwords stolen and published online this summer][7]. LinkedIn's hack was the more serious, with 6.4 million passwords accessed, while eHarmony confirmed that 1.5 million user passwords were pinched. 
+
+ [1]: http://www.kpmg.com/UK/en/IssuesAndInsights/ArticlesPublications/NewsReleases/Pages/Personal-data-threat-to-millions-as-company-hacking-reaches-new-high.aspx
+ [2]: /blog/australian-data-retention-debate-heats-up/
+ [3]: http://www.informationweek.com/healthcare/security-privacy/utahs-medicaid-data-breach-worse-than-ex/232900128
+ [4]: http://www.huffingtonpost.com/adam-levin/wisconsin-leaks-taxpayer-id-numbers_b_1729239.html
+ [5]: http://www.crn.com/news/security/232800136/global-payments-says-1-5-million-credit-card-numbers-stolen.htm
+ [6]: http://www.pcworld.com/article/2013186/south-carolina-reveals-massive-data-breach.html
+ [7]: http://articles.latimes.com/2012/jun/06/business/la-fi-tn-eharmony-hacked-linkedin-20120606
\ No newline at end of file
diff --git a/src/content/es/blog/2012-12-20-us-boosts-child-online-privacy-law-but-facebook-gets-off-the-hook.md b/src/content/es/blog/2012-12-20-us-boosts-child-online-privacy-law-but-facebook-gets-off-the-hook.md
new file mode 100644
index 000000000..08e0c9139
--- /dev/null
+++ b/src/content/es/blog/2012-12-20-us-boosts-child-online-privacy-law-but-facebook-gets-off-the-hook.md
@@ -0,0 +1,42 @@
+---
+title: US boosts child online privacy law, but Facebook gets off the hook
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-12-20T15:16:38+00:00
+url: /blog/us-boosts-child-online-privacy-law-but-facebook-gets-off-the-hook/
+heroImage: /images-static/uploads/facebook-privacy.jpg
+thumbnailImage: /images-static/uploads/facebook-privacy.jpg
+
+---
+US federal regulators have tightened legislation designed to safeguard children's online privacy. The new laws are designed to give parents more control over what types of data is collected online, and reflect the growing importance and spread of smartphone technology. However, Facebook, one of the biggest online advertisers around, appears to have lobbied its way out of responsibility.
+
+The new regulations cover a number of innovations such as voice recognition technology, GPS and targeted online advertising. [The 1998 Children's Online Privacy Protection Act][1] remains in place, requiring companies to obtain parental permission before sharing or collecting any personal data from under 13 year olds.
+
+[The new rules][2] basically expand the types of data to include location, photos and video and expand the list of service types that the act covers. They also dictate a new and "streamlined" approval process for getting parental consent and close a loophole that allowed child-focused apps and sites to permit third parties to collect personal information without consent. Third party ad companies must also comply with the new rules.
+
+"The Commission takes seriously its mandate to protect children's online privacy in this ever-changing technological landscape," said FTC Chairman Jon Leibowitz. "I am confident that the amendments to the COPPA Rule strike the right balance between protecting innovation that will provide rich and engaging content for children, and ensuring that parents are informed and involved in their children's online activities."
+
+**Third party consent**
+
+However the FTC's own opinion on its new child protection rules doesn't quite match up to the reality of the new laws. Due to heavy lobbying from the likes of Facebook, Disney and other companies with a vested interest in preventing data protection controls, the FTCs regulations have been watered down.
+
+The FTC originally wanted to pin the responsibility of seeking this consent with the services themselves, rather than third parties, such as ad networks and tracking companies. However, [after successful lobbying by Facebook and Verizon][3] among others, such services will only be liable if it can be proved they have "actual knowledge" of third party sites collecting information on children. Furthermore, app stores, such as Google Play and the iOS App Store will not be liable for the child protection practices of any apps sold.
+
+**Facebook's escape**
+
+While the above amendments are somewhat understandable, Facebook in particular appears to have been given a convenient loophole by the FTC to continue marketing at children without any parental consent. [As The Atlantic points out][4], the new rules plainly state that no parental permission is needed "for the sole purpose of supporting the website or online service's internal operations, such as contextual advertising, frequency capping, legal compliance, site analysis and network communications."
+
+For Facebook "[contextual advertising][5]" is basically ads that are tailored to users based on what shows-up in your News Feed. So if you post a status update about Rhianna or Lady Gaga, you may get an ad for the relevant pop star's Facebook page. This is essentially giving the Facebook the ability to create ad profiles on children through the backdoor. Of course, Facebook knows exactly what it's doing here, as back in September it specifically requested the FTC [omit so called "internal advertising" from its new rules][6].
+
+"The Commission should make that understanding explicit in the COPPA Rule by expressly including first-party advertising under the "internal operations" rubric," said Facebook. This clarification further supports the balance created between the Significant demand for free, advertising-supported services, and the expected tailoring of those services."
+
+So all it takes is a bit of lobbying power to escape FTC regulations. Facebook is one of the biggest and fastest growing advertising networks out there and is becoming increasingly embedded in the very mobile technology the FTC wants better regulated - so it seems hamfisted to create a bunch of new laws that largely ignores it. If parents want to opt their kids out of Facebook ads, they'll probably need to opt out of Facebook altogether.
+
+ [1]: http://www.ftc.gov/ogc/coppa1.htm
+ [2]: http://www.ftc.gov/opa/2012/12/coppa.shtm
+ [3]: http://www.washingtonpost.com/business/technology/ftc-releases-landmark-update-to-child-online-privacy-laws/2012/12/19/6afbab30-494f-11e2-820e-17eefac2f939_story.html
+ [4]: http://www.theatlanticwire.com/technology/2012/12/new-online-privacy-loophole-lets-facebook-advertise-kids/60195/
+ [5]: http://www.insidefacebook.com/2011/03/22/related-adverts-wall-post-status-update-ads/
+ [6]: http://mashable.com/2012/09/30/facebook-children-advertising/
\ No newline at end of file
diff --git a/src/content/es/blog/2012-12-26-top-5-online-privacy-trends-in-2013.md b/src/content/es/blog/2012-12-26-top-5-online-privacy-trends-in-2013.md
new file mode 100644
index 000000000..2738f4b8b
--- /dev/null
+++ b/src/content/es/blog/2012-12-26-top-5-online-privacy-trends-in-2013.md
@@ -0,0 +1,59 @@
+---
+title: Top online privacy trends in 2013
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2012-12-26T18:00:33+00:00
+url: /blog/top-5-online-privacy-trends-in-2013/
+heroImage: /images-static/uploads/2013.jpg
+thumbnailImage: /images-static/uploads/2013.jpg
+comments:
+  - author: anon
+    date: 2012-12-29T16:04:05+01:00
+    content: |
+      As a developer of statistical analysis software I find myself disliking what the tubes are becoming more and more every day. Reports of md5 (or worse plaintext) DB dumps from simple injection exploits makes me feel extremely uneasy. Too many people use the same password everywhere and have no idea that one leaked md5 could destroy their entire online life (especially those who post images of themselves 'privately').
+
+      I do like what disconnect.me is doing with their 'Collusion' software but the problem is more than just cookies and weak / reused passwords. Just the other day I caught someone publicly tweeting 'Hey gimme a call ###-###-#### I'm boreeeeed' (I can verify the number posted was in fact hers)&#8230; I immediately sent a text suggesting to delete the tweet and never do that again. 
+
+      Another huge issue I find is that most social media users simply do not care / understand the possible repercussions of freely posting everything and anything online. After reading books such as 'We Are Anonymous' (Parmy Olson) and seeing the types of social engineering people do for kicks caused heavy concern for my less computer savvy friends and family.
+
+      The solution is educate, not legislate. People will always do things that are illegal, the very fact that it's illegal will entice them to do such things as exploiting weak systems to obtain lists of users / passwords. Educating computer users that : 1) once it's on the internet (private or not, including password protected content) it will be there forever somewhere and someone can find it eventually. 2) If it sounds to good to be true I guarantee it is. There is no place that will give you an iPad for filling out a form. 3) If something is free, YOU are the product - no exceptions. 4) SSL is easy to break (google sslstrip) - do not publish content / login to accounts over public Wi-Fi (wikipedia MITM). 5) Posting your real name / info anywhere is always risky - I somewhat trust Amazon and Google (though I shudder to think what Google has on me). Be careful guys, the internets are serious business.
+
+---
+As 2012 draws to a close we take a look back at what we think will be the top five threats to online privacy over the coming year. Think we've missed something out? Let us know in the comments below. 
+
+**1. Backdoor copyright legislation**
+
+2012 was a pretty momentous year when it came to defeating copyright legislation that would've had a disastrous effect on online privacy and online freedoms. Both SOPA and ACTA sparked some of the biggest popular protests over internet issues ever seen.
+
+The result was a win for activists, but it also meant that – like common criminals – the copyright lobby and legislators were forced to 'go underground' and try to get their legislation [implemented through less conspicuous means][1]. A good example of this [is the Trans Pacific Partnership][2], which has shoehorned-in a great deal of SOPA-inspired legislation. Once one or two major economies implement such copyright laws, it will give lobbyists more leverage to get them implemented in other territories.
+
+**2. Data breaches**
+
+Given the spread of online data mining and increased value in online information, data breaches suffered by private and public entities are only going to become more common and more serious, until companies and governments alike take the issue seriously. Unfortunately that doesn't seem likely in 2013, given the r[ecord number of embarrassingly big data breaches in 2012][3], which compromised a range of personal data, from health records and social security numbers, to credit information.
+
+**3. Online security legislation**
+
+While online copyright lawyers will attempt to sneak their way through the back door, governments are using scare tactics to push through legislation designed to make it easier to spy and collect data on citizens. As we saw recently with the UK's [Communications Capabilities Development Programme][4], governments will go as far as [branding anyone concerned about online surveillance "paedophiles or terrorists"][5]. What happens in places like the UK over the coming months will surely have repercussions elsewhere. Many [other countries are coming under pressure from their law enforcement agencies][6] to update communications legislation that was designed for a different age. Such legislation definitely does need updating, but unless citizens remain vigilant, law enforcement will take this opportunity to increase their powers of surveillance on an unprecedented scale.
+
+**4. State cyber warfare**
+
+As online systems grow in strategic and economic importance for both private and government entities, online espionage will increase, with repercussions for individual online privacy. When it comes to espionage perpetrated by governments, we've already seen [operation 'The Olympic Games'][7] spawn viruses such as Stuxnet, Flame and Duqu and there's bound to be more where that came from. Away from the occidental, there's also the perceived [threat from major Chinese telcos ZTE and Huawei][8], which are busy winning communications infrastructure contracts in western countries. Whether such fears are justified, and what they mean for individual online privacy, remains to be seen.
+
+**5. Mobile platforms and advertising**
+
+The penetration of smartphones and the mobile internet subscriptions is only set to increase. Obviously, in a physical sense, the more connected devices you have the bigger the potential risk that your personal data will fall into the wrong hands. But perhaps a bigger issue to watch is the growing importance of mobile advertising. So far the mobile ad industry has been hamstrung by a number of [problems regarding tracking][9], but these problems are [fast becoming overcome][10]. Another sign of a possible boom in mobile advertising is [the positive results from Facebook's rollout of mobile ads earlier in the year.][11] Once advertisers decide to heavily invest in mobile, you can expect more pressure on services and platforms to leverage mobile's unique features – such as geo-location – in order to boost advertiser ROI. What effect this has on your privacy and personal data is up to regulators such as the FTC, who just a few days ago [showed how vulnerable they are to determined lobbying][12].
+
+ [1]: /blog/acta-and-sopa-back-from-the-dead/
+ [2]: http://www.salon.com/2012/10/23/everything_you_wanted_to_know_about_the_trans_pacific_partnership/
+ [3]: /blog/160-million-people-affected-by-data-breaches-in-2012/
+ [4]: /blog/uk-online-spying-law-how-to-resist/
+ [5]: /blog/oppose-the-uks-spying-bill-youre-siding-with-paedophiles/
+ [6]: /blog/australian-data-retention-debate-heats-up/
+ [7]: http://www.forbes.com/sites/richardstiennon/2012/06/04/operation-olympic-game-project-x-and-the-assault-on-the-it-security-industry/
+ [8]: http://www.bbc.co.uk/news/business-19867399
+ [9]: http://www.mobyaffiliates.com/blog/the-end-of-udids-what-it-means-for-mobile-advertising/
+ [10]: http://gigaom.com/2012/11/15/whats-working-in-mobile-advertising-and-what-might-work-in-the-future/
+ [11]: http://techcrunch.com/2012/06/19/facebook-mobile-ads/
+ [12]: /blog/us-boosts-child-online-privacy-law-but-facebook-gets-off-the-hook/
diff --git a/src/content/es/blog/2013-01-21-the-uks-top-5-anti-online-privacy-politicans.md b/src/content/es/blog/2013-01-21-the-uks-top-5-anti-online-privacy-politicans.md
new file mode 100644
index 000000000..723ea0519
--- /dev/null
+++ b/src/content/es/blog/2013-01-21-the-uks-top-5-anti-online-privacy-politicans.md
@@ -0,0 +1,67 @@
+---
+title: UK's Top five Worst Anti-Online Privacy Politicians
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-01-21T22:13:46+00:00
+url: /blog/the-uks-top-5-anti-online-privacy-politicans/
+heroImage: /images-static/uploads/uk-flag.jpg
+thumbnailImage: /images-static/uploads/uk-flag.jpg
+
+---
+The UK is currently facing one of the biggest threats to its online freedoms. The looming Communications Capabilities Development Programme gives law enforcement unprecedented powers when it comes to accessing citizens' online data. So we thought it might be fun to take a look back at which UK politicians have posed the biggest threat to online privacy and internet freedoms.
+
+The UK is currently facing one of the biggest threats to its online freedoms. The looming Communications Capabilities Development Programme gives law enforcement unprecedented powers when it comes to accessing citizens' online data. So we thought it might be fun to take a look back at which UK politicians have posed the biggest threat to online privacy and internet freedoms. If you're from the US, check out our post on [America's political enemies of online privacy here][1]. If you think we've missed someone out on this list please tell us in the comments below.
+
+**[Peter Mandelson][2], Labour, former First Secretary of  State**
+
+![Photo of Peter Mandelson](/images-static/uploads/Peter_Mandelson_-_WEF.jpg "Threats to the Global Trading System")
+
+While the UK's controversial [Digital Economy Act][3] sprung from research by Lord Carter, it was Secretary of State Peter Mandelson who was (allegedly) directly responsible for the more stringent copyright enforcement laws that got internet rights activists up in arms, especially the provision that required ISPs to cut off internet access for illegal file sharers. Mandelson was accused of caving into brazen lobbying attempts from the entertainment industry. [According to The Independent][4], the Labour peer wasn't that interested in the Digital Economy Act until he attended a dinner with DreamWorks co-founder David Geffen on the Greek island of Corfu. Mandelson returned from his trip and [immediately issued an edict demanding tougher copyright provisions][5] in the DEA. Of course, Mandelson denied the events were linked, but he's got [form with this sort of thing][6].
+
+**[David Blunkett][7], Labour, former Home Secretary**
+
+![Photo of David Blunkett](/images-static/uploads/David_Blunkett_-8April2010.jpg "Photo of David Blunkett")
+
+David Blunkett wasn't Home Secretary when the [Regulatory Investigative Powers Act][8] was introduced into the House of Commons in 2000, but he was responsible for the expanding the list of organisations that could access internet data collected by ISPs.  Blunkett's [initial attempt to expand the list of authorities][9] met strong opposition and he was forced to heavily water it down. Nevertheless, as of 2009, there were [50,000 requests per year to access citizens' email and phone data][10] (the government no longer makes the figures public). You can see the a list of some of the [organisations that can access data right here][11]. Blunkett was also responsible for f[orcing ISPs to retain data on customers][12] (email logs, web logs, names and addresses) for up 12 months after they leave the service. This was before the EU mandated data retention policy (and probably significantly helped the EU's policy on its way).
+
+**[Lord Bassam][13], Labour peer**
+
+Lord Bassam is not exactly a household name, but he did play a big role [in cheerleading RIPA through the House of Lords][14]. Bassam strongly defended RIPA against questioning from Lord Philips, one of the bill's few detractors. Many believe [that RIPA was not fully understood][15] by either the House of Commons or House of Lords when it was introduced, in that respect Bassam has a lot to answer for.
+
+**[Theresa May][16], Conservative, current Home Secretary**
+
+![Photo of Theresa May](/images-static/uploads/398px-Theresa_May_-_Home_Secretary_and_minister_for_women_and_equality.jpg "Photo of Theresa May")
+
+Despite The Conservatives saying they would do more to defend civil liberties during Labour's tenure, it didn't take long for them to launch probably the [worst online surveillance bill ever proposed][17]. As Home Secretary, Theresa May has spearheaded the implementation of the [Communications Capabilities Development Programme][18]. While May's record may not be quite as bad as Blunkett's, she has been utterly brazen in spewing populist rhetoric designed to cut down opposition to the CCDP. May says that if you [oppose her bill than "you are siding with peadophiles and terrorists."][19] Such hysterics should not be part of any rational policy debate, especially when it concerns such an important bill.
+
+**[Claire Perry][20], Conservative, advisor on childhood**
+
+![Photo of Claire Perry](/images-static/uploads/452px-Claire_Perry_MP.jpg "Photo of Claire Perry")
+
+MP Claire Perry is currently the Conservative 'advisor on childhood' and has [campaigned strongly for the last two years against online pornography][21]. Perry may not have the track record of other MP's on this list, but she's one to watch. Her activism came to a head late last year when the government considered taking a leaf out of China's book and [almost implemented a nationwide internet firewall][22], which would block anything deemed to be "pornographic". The only way to escape the porn filter would've been to opt out with your ISP. Thankfully, due to heavy campaigning [explaining the ineffectiveness of such a filter][23] and the implications it would have in terms of online censorship, the government dropped Perry's plans.
+
+ [1]: /blog/americas-most-dangerous-anti-online-privacy-politicians/
+ [2]: http://en.wikipedia.org/wiki/Peter_Mandelson
+ [3]: http://en.wikipedia.org/wiki/Digital_Economy_Act_2010
+ [4]: http://www.independent.co.uk/arts-entertainment/music/news/the-net-closes-in-on-internet-piracy-1772820.html
+ [5]: http://www.dailymail.co.uk/news/article-1206901/Mandelson-launches-crackdown-file-sharing--just-days-meeting-record-producer.html
+ [6]: http://www.independent.co.uk/news/uk/politics/a-final-favour-how-mandelsons-last-act-in-brussels-boosted-russian-oligarch-973813.html
+ [7]: http://en.wikipedia.org/wiki/David_Blunkett
+ [8]: http://en.wikipedia.org/wiki/Regulation_of_Investigatory_Powers_Act_2000
+ [9]: http://www.guardian.co.uk/politics/2003/feb/26/freedomofinformation.digitalmedia
+ [10]: http://www.telegraph.co.uk/news/uknews/law-and-order/6001357/A-request-to-snoop-on-public-every-60-seconds.html
+ [11]: http://en.wikipedia.org/wiki/Regulation_of_Investigatory_Powers_Act_2000#Agencies_with_investigative_powers
+ [12]: http://www.guardian.co.uk/technology/2003/sep/13/freespeech.politics
+ [13]: http://en.wikipedia.org/wiki/Steve_Bassam,_Baron_Bassam_of_Brighton
+ [14]: http://wiki.openrightsgroup.org/wiki/Lord_Bassam
+ [15]: http://www.zdnet.com/parliament-didnt-understand-rip-act-3039117681/
+ [16]: http://en.wikipedia.org/wiki/Theresa_May
+ [17]: /blog/uk-online-spying-law-how-to-resist/
+ [18]: http://en.wikipedia.org/wiki/Communications_Capabilities_Development_Programme
+ [19]: /blog/oppose-the-uks-spying-bill-youre-siding-with-paedophiles/
+ [20]: http://en.wikipedia.org/wiki/Claire_Perry
+ [21]: http://www.bigbrotherwatch.org.uk/home/2012/04/claire-perry-report.html#.UETXohTft0w
+ [22]: /blog/only-three-days-left-to-protest-uk-porn-filter/
+ [23]: http://www.ispa.org.uk/ispa-statement-on-parliamentary-inquiry-into-online-child-protection/
\ No newline at end of file
diff --git a/src/content/es/blog/2013-02-08-the-five-biggest-threats-to-global-online-privacy.md b/src/content/es/blog/2013-02-08-the-five-biggest-threats-to-global-online-privacy.md
new file mode 100644
index 000000000..2e1c38f0b
--- /dev/null
+++ b/src/content/es/blog/2013-02-08-the-five-biggest-threats-to-global-online-privacy.md
@@ -0,0 +1,49 @@
+---
+title: The biggest threats to global online privacy
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-02-08T15:01:52+00:00
+url: /blog/the-five-biggest-threats-to-global-online-privacy/
+heroImage: /images-static/uploads/World_map.png
+thumbnailImage: /images-static/uploads/World_map.png
+
+---
+While the phrase "there's no privacy online" holds true in many respects, it's always worth remembering that there's a great deal of internet freedoms we currently enjoy that could be put at risk by cack-handed, or downright malicious,  legislation. Indeed, we appear to be in the midst of a state and corporate-level scramble to update laws in order to cope with the rapidly evolving communication and consumption habits, making this risk higher than ever.
+
+So let's take a brief look at five of the biggest threats to global internet freedoms, taking into account existing laws that are continuing to have ramifications and potential legislation that would be disastrous if implemented. You may think different of course. If there's something you think we've left out let us know in the comment section below.
+
+**EU Data Retention Directive**
+
+
+Europe's [Data Retention Directive][1] was passed in 2006 and is probably one of the most important pieces of legislation related to internet privacy (in the western world at least) currently in effect. The directive mandates that all EU ISPs record and store customer data – such as web logs, email logs, addresses, billing info – for 1 to 2 years after the individual has left the ISPs service. True, some EU countries, [like the UK][2], already implemented similar legislation before the Data Directive passed, but others, [such as Germany, are still fighting it][3]. After the US, the EU is the biggest and most important political entity in the west, so the standards it sets in the relatively new arena of online surveillance is a big deal indeed. All eyes are on US legislators to see if [they try to use the EU example to bring mandated data retention to US ISPs][4]. At the moment US ISPs are perfectly entitled to hold data for as long as they like, but there's no mandate from government. How long that will last is anybody's guess.
+
+**CCDP**
+
+
+With the internet becoming more and more integrated into people daily lives it's no wonder that law enforcement agencies across the world are collectively rushingto update surveillance legislation. It's true that some laws do need updating, but it's also true that law enforcement – [from Australia][5] to the UK – is seeing this as an ideal opportunity to gain new powers to make their lives easier. Unfortunately a lot of these new powers would have terrible consequences for our privacy. The UK is one of the first western countries that has really got the ball rolling with the [Communications Capabilities Development Programme][6]. This act [enhances surveillance power][7] beyond the already contentious Regulation of Investigatory Powers Act 2000 and gives police complete access to email and web logs with little judicial oversight. There's certainly a feeling that other western democracies are waiting to see how the CCDP fares in the UK before implementing similar laws. While UK public opinion appears to be against the bill, there's little opposition in mainstream UK politics.
+
+**TPP**
+
+The [Trans Pacific Partnership is multi-national trade agreement between nine nations][8] – specifically, the USA, Australia, Peru, Malaysia, New Zealand, Chile, Singapore and Brunei. Canada and Mexico have also been invited to join the negotiations and are likely to do so. The TPP has been billed by activists as an attempt to get the failed SOPA legislation passed through the back door. It contains a section dedicated to intellectual property, [which the EFF says][8] is "far more restrictive than currently required by international treaties, included the controversial ACTA" and "puts at risk some the most fundamental rights" that enable access to information. The biggest problem with the TPP is that it's a truly multinational piece of legislation that could be pressured onto other countries, outside of the group, and used to create a global standard of IP enforcement.
+
+**Great Firewall of China**
+
+Of course, while we tend to focus on threats to internet freedoms in the west we often ignore the huge censorship and oppression going on elsewhere. The [extent of China's internet surveillance is hard to assess exactly][9], as the government uses the threat of closure to ensure ISPs, and content platforms, employ internal staff who censor and monitor communications. Along with this, it's errected the so called 'Great Firewall of China', which scans data flowing across its section of the net for banned words or web addresses. It's probably the largest scale internet censorship programme currently operational in the world. China provides a template for other totalitarian regimes to look up to and, while it is often vilified in the west for its approach to the internet, its successes and failures are surely watched by western law enforcement agencies who want to tighten their grip - especially when much of the surveillance technology used [is being created by US and European corporations][10].
+
+**Iran's 'Halal Internet'**
+
+Iran has repeatedly mentioned plans to create a 'Halal' internet, cut off from the outside world, and in conformity with Islamic rules and morals. This nationwide intranet goes beyond China's firewall approach. It hasn't yet emerged, but there is evidence that it's being worked on. [As New Scientist reports][11], Iran appears to be allocating two IP addresses to every internet-ready machine, one which connects to the internet and an internal one only accessible from within the country. The idea is to "throttle" connections to the outside networks , rendering them too slow for use, and push people onto the internal network, where 'Halal' versions of email services, search engines, and even Facebook are speculated to exist. While such a creation would be pretty terrible for Iranians, it's also worrying for the wider Islamic world. If Iran manages to make a 'Halal Internet' work - and it's branded as somekind of 'muslim internet' - then many other Islamic countries may want to follow suit.
+
+  [1]: http://en.wikipedia.org/wiki/Data_Retention_Directive
+  [2]: http://en.wikipedia.org/wiki/Telecommunications_data_retention#United_Kingdom
+  [3]: http://europa.eu/rapid/press-release_IP-12-530_en.htm
+  [4]: http://news.cnet.com/8301-31921_3-20029423-281.html
+  [5]: /blog/australia-prepares-for-new-online-privacy-fight/
+  [6]: http://www.bbc.co.uk/news/uk-politics-17590363
+  [7]: /blog/uk-online-spying-law-how-to-resist/
+  [8]: https://www.eff.org/issues/tpp
+  [9]: http://topics.nytimes.com/topics/news/international/countriesandterritories/china/internet_censorship/index.html
+  [10]: https://www.eff.org/deeplinks/2011/09/government-internet-surveillance-starts-eyes-built
+  [11]: http://www.newscientist.com/article/mg21628865.700-first-evidence-for-irans-parallel-halal-internet.html
diff --git a/src/content/es/blog/2013-04-01-european-parliament-eu-surveillance-programmes-are-incompatible-with-the-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md b/src/content/es/blog/2013-04-01-european-parliament-eu-surveillance-programmes-are-incompatible-with-the-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md
new file mode 100644
index 000000000..6fd08fd8b
--- /dev/null
+++ b/src/content/es/blog/2013-04-01-european-parliament-eu-surveillance-programmes-are-incompatible-with-the-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md
@@ -0,0 +1,23 @@
+---
+title: 'European Parliament: "EU surveillance programmes are incompatible with the fundamental human rights of citizens and residents in the EU."'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-04-01T09:24:00+00:00
+url: /blog/european-parliament-eu-surveillance-programmes-are-incompatible-with-the-fundamental-human-rights-of-citizens-and-residents-in-the-eu/
+
+---
+A European Parliament study on state surveillance has concluded that surveillance programmes must be framed "in terms of collective freedoms and democracy" and current programmes are "incompatible" with the human rights of EU residents.
+
+The study, which was commissioned by the European Parliament's Committee on Civil Liberties, Justice and Home Affairs, says:
+
+"From a legal point of view, EU surveillance programmes are incompatible with minimum democratic rule of law standards and compromise the security and fundamental human rights of citizens and residents in the EU."
+
+The study also makes it clear that the recent PRISM revelations are markedly different from past security service "transgressions," as they involve "access to a much larger scale of data" than former programs.
+
+The authors go further to say the "purpose and scale" of any surveillance program is "at the core of what differentiates democratic regimes and police states." It adds that the "two key issues" that remain unclear over the PRISM revelations is: "what/who are the ultimate targets of this surveillance exercise, and how are data collected, processed, filtered and analysed?"
+
+The paper mainly focuses on the US' ability to compromise the privacy of EU citizens via mass surveillance of internet services such as Google and Facebook. It also highlights the UK's complicity in US spying. But interestingly the authors say very little about the EU's own mass surveillance programmes, namely the EU Data Retention Directive, which mandates that all European ISPs hold onto customer web logs, and other data, for the entirety of the subscription and up to two years after they leave the service.
+
+Obviously, we expect very little to change regarding the European Union's reaction to the NSA's revelations. So far, apart from some noise from EU leaders over the US' monitoring of phone calls, the EU has been completely supine in terms of doing its job and protecting its citizens from American spying.
\ No newline at end of file
diff --git a/src/content/es/blog/2013-04-01-top-five-defenders-of-online-privacy.md b/src/content/es/blog/2013-04-01-top-five-defenders-of-online-privacy.md
new file mode 100644
index 000000000..bd0c21b71
--- /dev/null
+++ b/src/content/es/blog/2013-04-01-top-five-defenders-of-online-privacy.md
@@ -0,0 +1,66 @@
+---
+title: Top five defenders of online privacy
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-04-01T13:49:47+00:00
+url: /blog/top-five-defenders-of-online-privacy/
+heroImage: /images-static/uploads/privacy-defenders.jpg
+thumbnailImage: /images-static/uploads/privacy-defenders.jpg
+comments:
+  - author: UWNThesis
+    date: 2013-04-04T10:10:37+02:00
+    content: |
+      Big Brother Watch.
+
+      <a href="http://www.bigbrotherwatch.org.uk/" rel="nofollow ugc">http://www.bigbrotherwatch.org.uk/</a>
+    
+      This organsation focus on surveillance and privacy - in many guises.
+
+      Currently they're investigating cloud computing - and whether the UK govt has put all it's civilians data at risk.
+    
+      Normally, if you're going to get massive privacy news out there - it's because Big Brother Watch have made it happen. They're awesome.
+  - author: Techmonster
+    date: 2013-05-07T21:47:13+02:00
+    content: |
+      Another company that makes anti-tracking and privacy tools available to internet users:
+
+      <a href="http://www.abine.com" rel="nofollow ugc">http://www.abine.com</a>
+
+      I personally use their "DeleteMe" and "DoNotTrackMe" tools
+
+---
+The attempted crackdown on online freedoms over the last few years has been relentless. From [CISPA in the US][1], to [the CCDP][2] in the UK, governments around the world are ramping up efforts to increase internet surveillance, not to mention private corporations trying to impose draconian legislation such as SOPA and ACTA. Thankfully there are a number of charities, individuals and advocacy groups fighting to make sure anti-online privacy legislation is exposed to the wider public and given the scrutiny its backers would like to avoid.
+
+The below organisations are by no means the only ones fighting for online freedoms, but we believe they are among the most important, and do an amazing job at educating the public and raising awareness of policies that could have a dramatic effect on the internet. These organisations are a great resources if you want to learn more about around online privacy issues and they deserve your support. So without further ado, here's our top five defenders of online privacy.
+
+### [Electronic Frontier Foundation][3]
+
+Ok we have a slightly vested interested here, as IVPN is a member of the Electronic Frontier Foundation, but there's no doubt the EFF is one of the most voracious and active defenders of online freedoms. US based, but with an international outlook, the EFF has been campaigning on digital rights issues since 1990. The non-profit organisation was founded by Mitch Kapor (founder of Lotus), John Gilmore (major GNU contributor) and John Perry Barlow (political activist and former lyricist for the Grateful Dead). The EFF was one of the main activist groups behind the successful anti-SOPA and anti-ACTA campaigns and regularly provides assistance to defend technologies from legal threats in court.
+
+### [ACLU][4]
+
+The American Civil Liberties Union is not an internet-specific organisation, but its commitment to "defend and preserve the individual rights and liberties" of US citizens means its goals have frequently intersected with those of internet activists. The ACLU has been going since 1920 and has been relentless in its lobbying and community education. Because of its knowledge of US law the organisation lends much needed legal expertise and understanding to the changing issues where privacy and online surveillance meet. Although the ACLU is US-focused, it's work is relevant to everyone who uses and values the internet.
+
+### [European Digital Rights][5]
+
+You can be forgiven if you've never heard of European Digital Rights, as the organisation doesn't have a very high profile. Instead it acts as an umbrella organisation for a number of different privacy groups that are Europe-focused, such Chaos Computer Club, Bits of Freedom and Open Rights Group. The organisation has offices in 21 countries across the EU and help groups campaign on a range of digital rights issues such as copyright, online surveillance and cyber crime.
+
+### [Electronic Privacy Information Center][6]
+
+The Electronic Privacy Information Center is a US based public interest research group that advocates for strong privacy safeguards and campaigns on civil liberties issues. EPIC has been active on a range of fronts including drone surveillance, FBI Watchlists, and body scanners. The organisation campaigns heavily on a range of internet-related issues, especially privacy concerns around Facebook, cloud computing and Google Street View.
+
+### [Privacy International][7]
+
+Privacy International is a UK-based charity that promotes the right to privacy. The organisation claims to be the oldest international privacy organisation in the world, formed in 1990, and has a very global outlook, with partners in across Africa, South America and South East Asia. PI's focus on privacy protection extends to everything from CCTV cameras to DNA profiling, but much of its recent work has looked at government surveillance online. The organisation also releases reports covering privacy issues in specific countries, which are useful if you're looking for an overview of privacy laws in a certain jurisdiction.
+
+Is there another privacy organisation that you think deserves recognition? Let us know in the comments below.
+
+ [1]: /blog/status-update-current-threats-to-online-privacy/
+ [2]: /blog/uk-online-spying-law-how-to-resist/
+ [3]: https://www.eff.org/
+ [4]: http://www.aclu.org/
+ [5]: http://www.edri.org/
+ [6]: http://epic.org/
+ [7]: https://www.privacyinternational.org/
diff --git a/src/content/es/blog/2013-04-14-facebook-vs-google-the-loser-is-your-privacy.md b/src/content/es/blog/2013-04-14-facebook-vs-google-the-loser-is-your-privacy.md
new file mode 100644
index 000000000..913c7cd00
--- /dev/null
+++ b/src/content/es/blog/2013-04-14-facebook-vs-google-the-loser-is-your-privacy.md
@@ -0,0 +1,62 @@
+---
+title: 'Facebook vs Google: The loser is your privacy'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-04-14T17:44:48+00:00
+url: /blog/facebook-vs-google-the-loser-is-your-privacy/
+heroImage: /images-static/uploads/facebook-privacy.jpg
+thumbnailImage: /images-static/uploads/facebook-privacy.jpg
+comments:
+  - author: Tom Forter
+    date: 2013-09-04T06:06:17+02:00
+    content: |
+      I had to pass this along-
+  
+      Join F.O.G.
+
+      (F**k Off: Google!)
+
+      When Eric Schmidt isn't out screwing all his escorts in his Manhatten Shag-Pad he is out screwing you over by operating the biggest lie in American history: Google!
+
+      Never has so much been spent to screw over so many American's in such an insidious manner.
+
+      All of the news has finally disclosed that Google's business model is entirely based on intelligence gathering for marketing companies, hackers and secret programs. They use you like a sophmore uses an old sock. There is not a single thing that Google does that you can't get for free elsewhere and without compromising your soul. Even their search engine results are rigged.
+
+      1. Cancel your Google account.
+      2. Send an email to <info@google.com> that says, simply: "F.O.G."
+      3. Watch Craigslist and meetup.com for F.O.G. events at Google office locations (You can even organize them yourself)
+      4. Post every sighting of Eric Schmidt, every action he takes, every story about him, etc. on your social media under hashtage #f.o.g. Peel his privacy like he did to you.
+      5. Post the FOG Logo everywhere. (Black Helvetica caps "FU", red Google Cap "G")
+
+      PASS THIS AROUND AND POST IT IN ALL NEWS STORY COMMENTS SECTIONS
+
+---
+The launch of Facebook Home last week was a significant escalation in the arms race between Facebook and Google; a battle that will only result in the continuing erosion of privacy - and the expectation of privacy – online.
+
+Since Facebook Home was announced, technology commentators have been queuing up to criticise its privacy implications. GigaOm's editor [Om Malik said the new app][1] "erodes any idea of privacy" and "is going to be able to track your every move ." On Tuesday Facebook [issued a Q&A][2] trying in vain to dispel any fears, but the damage had already been done.
+
+### Bigger picture
+
+What we're seeing is a fight between the two giants of online advertising to capture as much user data as possible. Facebook knows the major battleground for this fight will be on mobile devices and Facebook also knows 'user engagement' is the key metric. The focus therefore has to shift from apps and towards deeper integration into the very operating system itself. So Facebook needs an operating system in order to stay ahead of Google. Building one would be a costly and risky endeavor – especially given Facebook's [already turbulent IPO][3]. Therefore, [as Asymco points out][4], the next best thing is to hijack someone else's OS. Obviously Apple would never allow this and neither would Microsoft, but Android is open source and so Google can do little about it.
+
+Android has been wildly successful for Google, in terms of a defensive strategy to stop Apple dominating the mobile market. But as many commentators have pointed out, it's [profitability is in serious question][5]. Android's main benefit to the search giant is its ability to push Google's other services (which manufacturers [are increasingly complaining about][6]). By making sure Android owners use its apps, Google then can capture more data.
+
+This is why Facebook Home is an attack on Google, as it super-imposes the Facebook experience on-top of Android, in order to make sure users stay inside Facebook as long as possible (therefore potentially spending less time with Google's services). It won't be surprising if we soon see Android "fork", with different manufacturers creating different versions of Android in order to better protect their platforms. There was even rumours of Google [merging Android into its Chrome OS][7], although these were rebutted by Google.  
+
+### It's all about data
+
+If you spend any time at all in the online ad industry – especially the mobile ad industry – you'll know the two biggest concerns is tracking the effectiveness of online ads, to determine return on investment, and gathering data for better targeting. Issues around tracking and targeting have been the [main barriers to ad spend in the mobile market][8] and mostly stem [from privacy concerns][9] (largely accommodated to by Apple, which generates hardly any revenue from ads). Facebook and Google are first and foremost advertising companies, and the fastest and most effective way for them to satisfy shareholders and grow their business is to generate more ad revenue.
+
+This is basically what privacy advocates and technology writers have been pointing out for a long time. Now that Facebook is a publicly listed company, it's competitiveness against its main rival Google is only going to increase, as they both fight to capture user engagement and data. Both companies will only increase efforts at making the erosion of privacy an inevitable consequence of the proliferation of connected devices.
+
+ [1]: http://gigaom.com/2013/04/04/why-facebook-home-bothers-me-it-destroys-any-notion-of-privacy/
+ [2]: http://androidcommunity.com/facebook-home-privacy-concerns-are-addressed-in-qa-20130405/
+ [3]: http://www.forbes.com/sites/rogerkay/2012/05/21/why-the-facebook-ipo-was-a-bad-deal-for-the-public/
+ [4]: http://www.asymco.com/2013/04/10/making-rain/
+ [5]: http://www.businessweek.com/articles/2012-09-12/after-500-million-android-activations-wheres-the-profit
+ [6]: http://bgr.com/2013/04/09/microsoft-google-eu-antitrust-complaint-425702/
+ [7]: http://techland.time.com/2013/03/18/the-coming-merger-of-google-chrome-and-android/
+ [8]: http://www.mobyaffiliates.com/blog/buying-mobile-advertising-using-mobile-demand-side-platforms-dsps/
+ [9]: http://techcrunch.com/2012/02/18/mobile-advertising-baby-huey/
diff --git a/src/content/es/blog/2013-04-18-is-cispa-a-threat-to-vpn-users.md b/src/content/es/blog/2013-04-18-is-cispa-a-threat-to-vpn-users.md
new file mode 100644
index 000000000..768390cbe
--- /dev/null
+++ b/src/content/es/blog/2013-04-18-is-cispa-a-threat-to-vpn-users.md
@@ -0,0 +1,40 @@
+---
+title: Is CISPA a threat to VPN users?
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-04-18T18:22:02+00:00
+url: /blog/is-cispa-a-threat-to-vpn-users/
+heroImage: /images-static/uploads/cispa-bill.jpg
+thumbnailImage: /images-static/uploads/cispa-bill.jpg
+
+---
+So the Cyber Intelligence Sharing and Protection Act is firmly back on the agenda, with the infamous bill likely to be voted on in the next 24 hours. If CISPA does eventually become enacted it will likely see more US citizens turning to virtual private networks (VPNs) to help anonymise their internet activity. But will CISPA impact VPN companies and if your VPN is US-based should you be worried?
+
+In case you haven't been keeping up, [CISPA][1] is a bill designed to facilitate the sharing of information between private companies and US government agencies. Although ostensibly designed to combat "cyber-threats" the bill is [so broadly written][2] it could be interpreted to be used against copyright infringers, or anyone else a company believes is trying to do it harm. The bill's vagueness has seen a number of high profile backers withdraw support, [including Facebook][3], but the list of companies that continue to support CISPA [remains pretty long][4].
+
+### VPNs off the hook?
+
+So will CISPA make it more difficult for VPNs to keep customer information private? In short, no,  CISPA should not affect VPN companies that have a commitment to privacy. CISPA, in its current state, does not force companies to hand over information without a warrant. It also has nothing to say on data retention, so ISPs are still not compelled to record logs on the websites you've visited and people you've emailed.
+
+Of course, not all VPNs are privacy-orientated. [Some clearly state this][5], while others don't make their intentions clear at all. The only effect CISPA will have is that VPNs without a privacy commitment will find it much easier to share any information with the government. [As TechDirt points out][6], there are VPNs who show little regard for privacy (and little understanding of the law). These companies could be more inclined to report activity such as file-sharing to the authorities if CISPA diminishes the ability to punish companies sharing info without consent.
+
+### Safer territory
+
+Even without CISPA, many argue you should never use a VPN based in the US anyway. There is some good reasoning behind this. the [NSA's warrantless wiretapping][7], and other incidents, showed how easily US surveillance laws could be subverted. But on paper, the US still doesn't have any data retention directives and requires judicial oversight for law enforcement to get data from a company that doesn't want to provide it (compare this to the UK's [RIPA legislation][8] for example). However, a US data retention law [may be around the corner][9].
+
+As we've mention before, choosing a VPN based on a given countries current legislation is a difficult process . For instance, places like Russia and Panama may appear tempting (given the amount of online criminality coming from these countries), but these countries also have problems with corruption and law enforcement agencies are not as accountable as in more developed areas if the world. Germany has an excellent track record on protecting citizens, but it's draconian when it comes [to pursuing copyright infringers][10]. And remember, surveillance legislation is currently undergoing massive changes in governments across the world.
+
+So when choosing a VPN the best thing to do is read its terms and conditions closely. Does it log your data? What are the surveillance policies in its host country? Is it willing to relocate if legislation changes in its jurisdiction? If in doubt contact the VPN and ask the questions. If you don't get answers, don't sign up.
+
+ [1]: http://en.wikipedia.org/wiki/Cyber_Intelligence_Sharing_and_Protection_Act
+ [2]: https://www.eff.org/cybersecurity-bill-faq#company
+ [3]: http://www.dailykos.com/story/2013/03/15/1194364/-Facebook-reverses-course-to-oppose-nbsp-CISPA
+ [4]: http://intelligence.house.gov/hr-624-letters-support
+ [5]: http://torrentfreak.com/which-vpn-providers-really-take-anonymity-seriously-111007/
+ [6]: http://www.techdirt.com/articles/20111108/08583316678/vpn-provider-hidemynet-dmcas-abcs-not-as-easy-as-123.shtml
+ [7]: http://en.wikipedia.org/wiki/NSA_warrantless_surveillance_controversy
+ [8]: http://en.wikipedia.org/wiki/Regulation_of_Investigatory_Powers_Act_2000
+ [9]: http://news.cnet.com/8301-31921_3-20029423-281.html
+ [10]: http://www.bbc.co.uk/news/technology-19354993
\ No newline at end of file
diff --git a/src/content/es/blog/2013-05-08-apple-vs-google-who-better-protects-your-privacy.md b/src/content/es/blog/2013-05-08-apple-vs-google-who-better-protects-your-privacy.md
new file mode 100644
index 000000000..c4fed3743
--- /dev/null
+++ b/src/content/es/blog/2013-05-08-apple-vs-google-who-better-protects-your-privacy.md
@@ -0,0 +1,84 @@
+---
+title: 'Apple Vs Google: Who better protects your privacy?'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-05-08T16:45:10+00:00
+url: /blog/apple-vs-google-who-better-protects-your-privacy/
+heroImage: /images-static/uploads/simple-apple-logo.png
+thumbnailImage: /images-static/uploads/simple-apple-logo.png
+comments:
+  - author: uwnthesis
+    date: 2013-05-12T19:55:48+02:00
+    content: |
+      Google's income comes from advertising. Bruce Schneier has said that the greatest and most dangerous cyber threat is probably data collection, which is dangerous than cyber warfare or crime.
+
+      The data flows like this:
+
+      Step 1 = Data Collection
+        
+      Step 2 = Data Retention
+        
+      Step 3 = Data Resale
+        
+      Step 4 = Data Aggregation
+
+      The key defensive strategy lies in stopping stage 1 - Data Collection.
+  - author: Rob
+    date: 2015-07-11T05:46:02+02:00
+    content: |
+      The questions actually seemed loaded; like the study was looking for a certain result. I was a Google/Android fan from the beginning, but I may have to switch. Government access to my personal info is one thing, but google takes info gathering to a different level. I'm willing to bet that Google has more data on the average Iphone user than even Apple has on it's users. Not to mention the reputation Google is developing for being deceitful and abusive. Who knows what they actually do with our data.
+  - author: Your name should be here
+    date: 2017-08-19T13:09:10+02:00
+    content: |
+      Where is the third competitor? is it really impossible to build reliable mobile phone OS without violating people\`s privacy?
+
+---
+Apple and Google are two of the biggest giants in the world of technology and if you're using a smartphone or tablet device, then chances are you've tied yourself to one of those company's platforms and ecosystems. But with the issue of online privacy even more pertinent, and more inflammatory, in mobile sphere, which company has the better track record when it comes to protecting your data and which is more trustworthy?
+
+Now, if you're familiar with how Google and Apple make money, you may think you've got this question well and truly answered. Google [makes 96% of its revenue from online advertising][1]. The pay per click (PPC) industry is buoyed by a huge amount of data on the web-browsing, ad-clicking, and keyword searching habits of Google users. Apple on the other hand [makes the vast majority of its revenue][2] from the huge margins on the  devices it sells and on the 30% cut it takes on any transactions via its platform.
+
+So, who has the most to gain from violating your privacy? If you answered Google then well done! But evidently the story isn't quite as clear cut as the above argument makes out (even though it's an argument I've used a number of times on this blog!). Our friends at the Electronic Frontier Foundation recently [published a great report][3], which ranks some of the biggest tech companies on a number of privacy-related criteria. The results, when it comes to Apple and Google, are pretty interesting.
+
+The EFF's criteria are as follows:
+
+  * Does the company require a warrant for content?
+  * Does it tells users about government data requests?
+  * Does it publishes transparency reports?
+  * Does it publish law enforcement guidelines?
+  * Will the company fight for user' privacy rights in court?
+  * Will the company fight user privacy rights in congress?
+
+Google managed to answer positively on five of the six questions. Apple only managed a positive answer on one question, according to the EFF. Here's a breakdown on which of the EFF's criteria each company managed to satisfy:
+
+**Apple:**
+
+  * Will the company fight user privacy rights in congress?
+
+**Google:**
+
+  * Does the company require a warrant for content?
+  * Does it publishes transparency reports?
+  * Does it publish law enforcement guidelines?
+  * Will the company fight for user' privacy rights in court?
+  * Will the company fight user privacy rights in congress?
+
+Apple's positive score on fighting for privacy rights in congress comes from its [membership of the Digital Due Process coalition][4]. Google's only foul, according to the EFF, is where it backtracked on its T&Cs this year, bringing ambiguity into whether or not it will notify users if governments are trying to access their data. Other than that, Google met all of the EFF's criteria.
+
+### Who's the best judge?
+
+So judging by the EFF's report, Google is the more privacy conscious than Apple and all you Android users can breath a sigh of relief. Well possibly. But if we look at the EFF's questions they mostly pertain to government-led intrusions into privacy, rather than say, issues relating to data sharing between private companies, data mining and the protection of that data. The problem with Google, is that it has a terrible track record here compared to Apple.
+
+Remember, last year Google was [hit with the biggest fine in the FTC's history][5] for lying about the tracking the browsing habits of Safari users. Google was also found [guilty by the FTC of deceiving users][6] and violating its own privacy policy when it launched Buzz in 2010 and lets not forget the biggest scandal of all, when Google was forced to admit its Street View cars [were stealing personal information][7] from people's home Wi-Fi connections (and then lied about it).
+
+Apple has also endured a few scandals, most notably when the Wall St Journal revealed iOS apps were [sharing the UDID of devices without user consent][8] (Apple, to its credit, ended up ditching the UDID system altogether to fix the problem). But it seems Google is the company that most frequently gets into privacy-related scraps. So who is the most trustworthy? Do we go on track record, or the EFF's findings? Let us know what you think in the comments below.   
+
+  [1]: http://venturebeat.com/2012/01/29/google-advertising/
+  [2]: http://www.wingsofreason.com/2012/07/26/apple-revenue-breakdown-july-quarters-2012-edition/
+  [3]: https://www.eff.org/who-has-your-back-2013?support_whyb=1&social=1
+  [4]: http://digitaldueprocess.org/index.cfm?objectid=DF652CE0-2552-11DF-B455000C296BA163
+  [5]: http://www.guardian.co.uk/technology/2012/aug/09/google-record-fine-ftc-safari
+  [6]: http://www.pcworld.com/article/242476/ftc_approves_google_buzz_settlement.html
+  [7]: http://www.nytimes.com/2012/05/23/technology/google-privacy-inquiries-get-little-cooperation.html?pagewanted=all&_r=0
+  [8]: http://venturebeat.com/2010/12/18/mobile-apps-privacy/
diff --git a/src/content/es/blog/2013-05-17-the-online-privacy-debate-understanding-the-basics.md b/src/content/es/blog/2013-05-17-the-online-privacy-debate-understanding-the-basics.md
new file mode 100644
index 000000000..196aaebdd
--- /dev/null
+++ b/src/content/es/blog/2013-05-17-the-online-privacy-debate-understanding-the-basics.md
@@ -0,0 +1,58 @@
+---
+title: 'The online privacy debate: Understanding the basics'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-05-17T15:20:12+00:00
+url: /blog/the-online-privacy-debate-understanding-the-basics/
+heroImage: /images-static/uploads/online-privacy1.jpg
+thumbnailImage: /images-static/uploads/online-privacy1.jpg
+
+---
+The current debate being waged around online privacy isn't always straightforward and can often be filled with  legislative and technical jargon that confuses people. We frequently get questions on very fundamental aspects to understanding online privacy, such as the difference between privacy at the IP level and at the browser level, understanding what data retention is, or questions around the myriad of surveillance bills that seem to pop-up every month or so. Therefore, we thought it might be useful to provide a run-down of online privacy basics; a cheat sheet, if you will, for the important task of understanding and participating in the current debate.
+
+### Online privacy basics
+
+### Cookies and IP addresses
+
+If you zoom out of the privacy debate, you'll see two separate conversations taking place. One concerns advertising and data mining from ad companies and major online platforms such as Facebook and Google. The other concerns government surveillance of citizens' online activities.
+
+### Advertising and cookies
+
+When it comes to data mining and advertising, your privacy is potentially being compromised via 'cookies' in your web browser. [A cookie][1] is simply a piece of data that websites can store on your computer. Cookies deployed for various reasons, but they're particularly useful to advertisers, because they can tell them what websites you've visited and what advertisements you have clicked.  This lets advertisers build a profile of you in the hope you'll be more susceptible to marketing messages. Cookies have therefore become essential to the online ad industry. Not only do they allow advertisers to target ads to your individual tastes, they also track whether or not an advertisement is effective. It's important to note that none of this data is necessarily stored with advertisers, it's stored on your computer. However, this hasn't stopped [privacy campaigners raising concerns][2] about how web users are being profiled and tracked.
+
+### Surveillance and IP addresses
+
+Your [IP address][3] is numerical identifier assigned to the device you're using to connect to the internet. Essentially, this identifier is used to determine where you're located and who your ISP is, and is therefore a pretty good indicator of who you are. When it comes to surveillance, data can be gleaned based on activity linked to your IP address. Typically such surveillance will occur with the cooperation of your ISP, which brings us to the next key element to the online privacy debate.
+
+### What is data retention?
+
+When we talk about data retention in the realm of online privacy, we're usually discussing the issue of ISP data retention policies. Different countries and different ISPs have different laws and policies in terms of the data they store on individual customers' web activity. [This data usually contains][4] web logs, which reveal what websites you've visited, email logs, which revealed who you've emailed (but not necessarily the contents of the emails), and billing info, so the data can be linked to your identity.
+
+European Union member states currently must abide by the [EU Data Retention Directive][5]. This directive mandates all ISPs retain customer data for between 1 and 2 years after they leave the ISP's service. In the US, there is currently no data retention law. However, ISPs are free to set their own policies. A Justice Department [document from 2011][6] revealed that Verizon retained IP session information for one year. Time Warner on the other hand [retained data for 6 months][7], while AT&T's logging practices are not made public.
+
+Given the EU's mandatory data retention policy, other countries [such as Australia][8] and [the US][9], are exploring the possibility of introducing similar policies.
+
+### How can the government spy on me?
+
+There are numerous ways law enforcement would be able to obtain your private data. But the main channel would be to obtain a warrant to get data from your ISP, or to request the ISP start logging data on you if it isn't already. But of course, as we saw with the [NSA surveillance debacle in the US][10] and with the [RIPA in the UK][11], law enforcement doesn't always play by the rules and obtain a warrant, which means they can get your data without judicial oversight and without any evidence you've engaged in wrong doing.  Drafted surveillance bills such as CISPA and the CCDP sought to make it easier for law enforcement to obtain private data.
+
+### The surveillance debate
+
+As you probably already know, government around the world are trying to introduce new legislation to enhance their ability to conduct online surveillance. Governments are not incorrect when they say current surveillance legislation is out of date and needs to be updated for the internet age. But law enforcement agencies are clearly using this opportunity to increase their powers of surveillance to unprecedented levels. The debate also spills into the copyright and online piracy realm, as legislation such as SOPA and the TPP would [appear to require privacy compromises][12] in order to make it easier for copyright holders to prosecute copyright infringers.
+
+<span style="font-size: 13px;">Hopefully, the above helps clear-up some common misconceptions around online privacy for those of you new to the debate. If you have any questions, comments or suggestions on how we can improve this mini-guide please let us know in the comments below.</span>
+
+ [1]: http://en.wikipedia.org/wiki/HTTP_cookie
+ [2]: https://www.eff.org/deeplinks/2013/05/how-weak-current-dnt-proposal
+ [3]: http://en.wikipedia.org/wiki/Ip_address
+ [4]: http://wiki.openrightsgroup.org/wiki/Data_Retention
+ [5]: http://wiki.openrightsgroup.org/wiki/Data_Retention_Directive
+ [6]: http://www.wired.com/images_blogs/threatlevel/2011/09/retentionpolicy.pdf
+ [7]: http://torrentfreak.com/how-long-does-your-isp-store-ip-address-logs-120629/
+ [8]: http://www.zdnet.com/roxon-goes-public-on-data-retention-1339337213/
+ [9]: http://news.cnet.com/8301-31921_3-20029423-281.html
+ [10]: http://en.wikipedia.org/wiki/NSA_warrantless_surveillance_controversy
+ [11]: http://en.wikipedia.org/wiki/Regulation_of_Investigatory_Powers_Act_2000
+ [12]: http://www.techdirt.com/articles/20111209/13440317025/perhaps-sopa-should-be-called-stop-online-privacy-act.shtml
\ No newline at end of file
diff --git a/src/content/es/blog/2013-05-29-introducing-ivpns-new-privacy-guides.md b/src/content/es/blog/2013-05-29-introducing-ivpns-new-privacy-guides.md
new file mode 100644
index 000000000..446ba63e4
--- /dev/null
+++ b/src/content/es/blog/2013-05-29-introducing-ivpns-new-privacy-guides.md
@@ -0,0 +1,48 @@
+---
+title: Introducing IVPN's new Privacy Guides
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-05-29T15:13:42+00:00
+url: /blog/introducing-ivpns-new-privacy-guides/
+comments:
+  - author: Pete
+    date: 2013-06-21T12:58:00+02:00
+    content: |
+      Great articles.
+  
+      In the "Why TOR with a VPN Service" I did not see your recommendation on whether to connect to the VPN before or after the TOR connection.
+
+      I think for protecting your connection on the exit node, you would want to connect to the VPN first and then TOR.
+
+      Can you please clarify for your readers.
+
+      Thanks!
+
+---
+Here at IVPN we take privacy very seriously. Unlike many other VPNs, we aim to educate users as much as we can on the technologies and tools that are able to protect your data and online identity. That doesn't just mean proselytising our own service, but helping you understand the benefits of all privacy protection methods and how best to deploy them. So with that in mind, we'd like to introduce our new Privacy Guide section.
+
+In our [Privacy Guide section][1] you'll find expert written guides on a range of privacy-related technologies and security practices, from comparisons between Tor and I2P, to instructions on combining privacy tools with your VPN service. Our guides will tackle some of the most common misconceptions and queries around privacy issues and will hopefully demystify some of the more complex topics around keeping your data private.
+
+We've gone live with five guides and we'll be adding more over the coming weeks and months. Here's a rundown of what we have so far:
+
+**[An Introduction to Privacy and Anonymity][2]**
+
+**[Applying Risk Management to Privacy][3]**
+
+**[An Introduction to TOR vs I2P][4]**
+
+**[Why TOR with a VPN Service][5]**
+
+**[How to Create a VM Within a Hidden Truecrypt Partition][6]**
+
+We would love to get feedback from our readers on whether they find our guides helpful and, most important, what guides they'd like to see in the future. Feel free to [drop us a line here][7], or share your thoughts in the comments section below.
+
+ [1]: /privacy-guides/
+ [2]: /privacy-guides/an-introduction-to-privacy-anonymity/
+ [3]: /privacy-guides/applying-risk-management-to-privacy/
+ [4]: /privacy-guides/an-introduction-to-tor-vs-i2p/
+ [5]: /privacy-guides/why-use-tor-with-a-vpn-service/
+ [6]: /privacy-guides/creating-a-vm-within-a-hidden-truecrypt-partition/
+ [7]: /contactus/
diff --git a/src/content/es/blog/2013-06-06-vpn-privacy-policies-decoded-hide-my-ass.md b/src/content/es/blog/2013-06-06-vpn-privacy-policies-decoded-hide-my-ass.md
new file mode 100644
index 000000000..a7b9c1322
--- /dev/null
+++ b/src/content/es/blog/2013-06-06-vpn-privacy-policies-decoded-hide-my-ass.md
@@ -0,0 +1,114 @@
+---
+title: 'VPN privacy policies decoded: Hide My Ass'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-06-06T15:58:17+00:00
+url: /blog/vpn-privacy-policies-decoded-hide-my-ass/
+heroImage: /images-static/uploads/privacy-policy-hidemyass.png
+thumbnailImage: /images-static/uploads/privacy-policy-hidemyass.png
+comments:
+  - author: Baneki Privacy Labs
+    date: 2013-07-22T06:49:13+02:00
+    content: |
+      There's a critique of the HMA ToS over at Cultureghost's customer forum: 
+
+      <a href="https://www.cryptocloud.org/viewtopic.php?f=17&#038;t=2769&#038;p=3761#p3761" rel="nofollow ugc">https://www.cryptocloud.org/viewtopic.php?f=17&t=2769&p=3761#p3761</a>
+
+      Their ToS are as bad as any we've seen in the industry. Still.
+  - author: Jimmy
+    date: 2013-07-23T14:25:13+02:00
+    content: |
+      HideMyAss is a great piece of software, but their privacy policy is indeed a little worrying&#8230;
+
+      Would you keep using it, or would you switch to another solution?
+  - author: Ritz
+    date: 2013-08-09T09:07:26+02:00
+    content: |
+      Hey Dennis,
+
+      Thanks a bunch for this and other useful articles. After reading you articles only I came to know about the "real" online privacy. Thanks a bunch buddy! 
+
+      As for HMA, I've been their user for over an year now, but hey, NO MORE!! After knowing their so-called privacy services/promises for/to their users, I DON'T TRUST THEM (yeah, "sellmyass" name suits them the best!).
+
+      Now I'll be choosing between IVPN or AirVPN only (the providers that really does take privacy of their users seriously!). However will always love to read more of your articles and gain knowledge.
+
+      Keep up the good work and best of luck!
+
+      Best regards,
+        
+      Ritz
+  - author: Dundale
+    date: 2013-10-24T06:26:36+02:00
+    content: |
+      I would not use this service anyway plus the name is silly and not pg for most people who do not like language even to this degree.
+  - author: Phillipe Gratneau
+    date: 2013-12-30T10:05:06+01:00
+    content: |
+      I used HMA before but because of Privacy Policy and logging I changed to ExpressVPN through vpnepress.net website. They also have great information on privacy and VPN options that users don't know about.
+  - author: matt
+    date: 2014-03-14T00:40:46+01:00
+    content: |
+      I used hma for 1 year and thought the service was worth it.
+        
+      The logging was distressing but not known at the time of signup.
+        
+      I did recieve a copyright complaint, and was temporarily suspended
+        
+      until I responded that it "wouldn't happen again".
+        
+      Moving on to another more privacy minded vpn.
+  - author: Chris
+    date: 2014-09-04T22:08:15+02:00
+    content: |
+      I contacted a major car manufacturer using my HMA email because I didn't want to be inundated with emails from the company's agents. And guess what - HMA sold my personal address to them. THAT'S incredibly annoying and I would not recommend HMA.
+
+---
+_This post is [part of a series][1] reviewing the privacy policies of popular VPN services. The aim is to find out whether the VPN takes customer privacy seriously. This is not intended as a review of a VPN service, which would need to take into account a number of other factors. For more privacy guides and our criteria for reviewing them, [click here][1]._
+
+<a href="http://www.hidemyass.com/" rel="nofollow">Hide My Ass</a> is arguably the most well-known VPN service on the market, offering both free and paid versions of its platform. The company <a href="http://www.techweekeurope.co.uk/news/hidemyass-anonymity-service-exposes-alleged-lulzsec-hackers-40663" rel="nofollow">faced strong criticism</a> back in 2011 after it disclosed user data concerning a members of Lulzsec to the authorities. But what does it's privacy policy actually say?
+
+
+### Data retention
+
+Thankfully <a href="http://www.hidemyass.com/legal/privacy/" rel="nofollow">Hide My Ass' privacy policy</a> is pretty specific and written in clear language that's easy to understand. Hide My Ass runs a number of different services, but what we're interested in firstly is the data retention policy for its VPN platform. Here's what it says:
+
+_"What data we collect: We will store a time stamp and IP address when you connect and disconnect to our VPN service together with the IP address of the individual VPN server used by you. We do not store details of, or monitor, the websites you connect to when using our VPN service."_
+
+Regarding the storing of your IP address, Hide My Ass says this:
+
+_"&#8230;Your IP address is logged by us so that we can prevent any spam, fraud or abuse of our Site and our services. We may store this data for up to two years, unless we are required, for legal reasons or under exceptional circumstances, to retain this data for an extended period."_
+
+So what does this tell us? Well Hide My Ass is not quite as bad as your ISP when it comes to logging data – i.e. it's not recording the actual websites you visit. But it does know exactly when you log on to its servers and which servers you are using. The reasons it gives for this seem pretty innocuous - it's true that most VPNs store some network data to prevent spam and troubleshoot network problems.
+
+However, Hide My Ass also uses the phrase "to prevent abuse." "Abuse" is one of those woolly terms that could be construed to mean a number of different things. This is combined with Hide My Ass' worrying practice of storing its data logs for two years. Such a long time period is not needed for troubleshooting network problems and can only be useful in the aiding of surveillance efforts.
+
+Presumably if an authority wanted to match up the times you connected to a server and the times that Hide My Ass server connected to a certain website, they may be able to determine what you were browsing. From there they could probably request Hide My Ass start logging your data (which is probably what happened in the Lulzsec case).
+
+**Data disclosure**
+
+Hide My Ass is very upfront about how cookies work and the cookies it uses from third party advertisers. It's also upfront about where it stores your data and that your data is transferred outside the EU, which means, in some cases, it's not protected by the EU's Data Protection Directive. But some of Hide My Ass' data disclosure practices should set alarm bells ringing. Here's what their policy says (Privax is Hide My Ass' parent company):
+
+  * _5.1 In the event that Privax Limited becomes part of a group of companies, we may disclose your data to any member of such group, which means any subsidiaries of Privax, or its ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006._
+
+  * _5.2 We may disclose your personal information to third parties:_
+    
+      * _5.2.1 In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;_
+    
+      * _5.2.2 If Privax Limited is, or substantially all of its assets are, acquired by a third party, in which case personal data held by it about its users will be one of the transferred assets; or_
+    
+      * _5.2.3 If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of service and other agreements; or to protect the rights, property, or our safety, our users, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction._
+
+In other words, if another company buys Hide My Ass, all of your data will be transferred to them and they could theoretically do whatever they wanted with it. For a company selling a privacy service, this is worrying behavior indeed and certainly sends out the wrong message. Any serious privacy service would not allow this to happen.
+
+### **Missing information**
+
+While Hide My Ass is clear and specific on the privacy issues within its policy, there's a number of issues it does not address at all. This includes a lack of information concerning what the company will do if surveillance laws change in their jurisdiction. This is particularly problematic because Hide My Ass operates under UK law, and the UK is currently [considering a major revamp of surveillance legislation][2]. It would also be very useful to know what Hide My Ass will do if an authority requests information on a user and what happens if a DMCA notice is received, but this information is not clearly provided (though it is mention that the DMCA isn't applicable under UK law).
+
+### **To sum up..**
+
+Hide My Ass' privacy policy is well written, clear and honest in places. However, it also overlooks a number of key privacy-related issues and reveals a very worrying data sharing practice. There's also serious concerns over of the length of time Hide My Ass stores user data.  
+
+ [1]: /blog/vpn-privacy-policies-decoded/
+ [2]: http://www.bbc.co.uk/news/uk-politics-22673156
diff --git a/src/content/es/blog/2013-06-06-vpn-privacy-policies-decoded.md b/src/content/es/blog/2013-06-06-vpn-privacy-policies-decoded.md
new file mode 100644
index 000000000..17768ad74
--- /dev/null
+++ b/src/content/es/blog/2013-06-06-vpn-privacy-policies-decoded.md
@@ -0,0 +1,71 @@
+---
+title: 'VPN privacy policies decoded: Introduction'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-06-06T15:58:02+00:00
+url: /blog/vpn-privacy-policies-decoded/
+heroImage: /images-static/uploads/vpn-privacy-policies.jpg
+thumbnailImage: /images-static/uploads/vpn-privacy-policies.jpg
+
+---
+As we've [mentioned before][1] on this blog, not all commercial VPN services are concerned about protecting your privacy, with some platforms presenting just as many surveillance risks as a regular ISP.
+
+VPN services are, of course, free to log your data and there's nothing dishonest about this practice if it's openly disclosed. However, these days the acronym "VPN" has almost become a synonym for "online privacy" and many VPN companies appear to trade on this association, even if what they offer is not a real privacy service.
+
+Therefore it's always important to read a VPN services privacy policy before signing-up, ensuring you're data is protected and you're not paying for something on the basis of your erroneous assumptions, or misleading marketing. But what should you look out for in a privacy policy? What concerns should you have and what questions should you ask?
+
+In this series of posts we're going to take a closer look at some of the most popular VPN services. We will break down their privacy polices and see if they are really focused on protecting your personal data.
+
+### **VPN privacy policy guides**
+
+Below are links to all the privacy policy guides in this series of articles. Be sure to check back regularly, as new guides will be added over the coming weeks. Scroll down further to read more on our criteria for assessing privacy policies. Click the following link to access [IVPN's privacy policy][2].
+
+**[VPN privacy policies decoded: Hide My Ass][3]**
+
+**[VPN privacy policies decoded: StrongVPN][4]**
+
+**[VPN privacy policies decoded: AirVPN ][5]**
+
+**[VPN privacy policies decoded: WiTopia][6]**
+
+**[VPN privacy policies decoded: BoxPN][7]**
+
+### **Privacy policies: The key elements to consider:**
+
+**Clarity of policy and language used**
+
+It goes without saying that any privacy policy should be easy to read and free of jargon. It also needs to be specific, letting you know exactly where the VPN service stands.
+
+**Type of data being logged**
+
+What kind of data is being stored by the VPN service? Are they keeping logs of websites visited? Do they know your IP address and the times that your connecting to their servers? What about billing information and data used for advertising purposes? Of course, every VPN service will capture some data on its users. But we need to determine what data is most sensitive in terms of your privacy, what reason they have for collecting that data, and to what extent is the data anonymised.
+
+**Duration of data retention**
+
+Many VPN services store logs for a temporary period in order to troubleshoot problems and detect abuse on their networks. But beyond a couple of weeks, such data retention is not really necessary – unless it's being used for potential surveillance scenarios. It's therefore very important to know how long a VPN service retains data.
+
+**Data sharing with third parties**
+
+Does a VPN service share data with third party advertisers or other companies? What data is it sharing? What will happen if the company is acquired by a different company that wants to share data – will the user be told? Advertising data is not as sensitive as your web logs or email logs, but how a VPN service treats such data – even if it collects it at all - is a good indication of how serious it is about online privacy.
+
+**Approach to DMCA notices**
+
+DMCA stands for the Digital Millennium Copyright Act. A DMCA notice is – for our purposes - a legal tool used by copyright holders to force online services providers to disclose information on individuals suspected of copyright infringement. It's therefore important to know how a VPN service will respond to such notices, what information it is able to disclose and whether it will protect the privacy of its users.
+
+**behavior when surveillance legislation changes**
+
+Surveillance across the world is undergoing something of an overhaul, as governments attempt to keep up with new tools of communication. Therefore it's a possibility laws will change in a VPN services jurisdiction, which may impact its ability to protect its users privacy. Will the VPN inform customers of any impending changes that may affect its service? How will it adapt to the changes and will subscribers get a refund?
+
+**For more information on protecting your online privacy see our [privacy guide section][8]. You can find out more on how VPNs work by [visiting our FAQs][9].**
+
+ [1]: /blog/when-law-enforcement-knocks-on-a-vpns-door-what-happens/
+ [2]: /privacy/
+ [3]: /blog/vpn-privacy-policies-decoded-hide-my-ass/
+ [4]: /blog/vpn-privacy-policies-decoded-strongvpn/
+ [5]: /blog/vpn-privacy-policies-decoded-airvpn/
+ [6]: /blog/vpn-privacy-policies-decoded-witopia/
+ [7]: /blog/vpn-privacy-policies-decoded-boxpn/
+ [8]: /privacy-guides/
+ [9]: /knowledgebase/1/General-FAQ
diff --git a/src/content/es/blog/2013-06-07-prism-the-us-government-is-attacking-the-entire-global-online-community.md b/src/content/es/blog/2013-06-07-prism-the-us-government-is-attacking-the-entire-global-online-community.md
new file mode 100644
index 000000000..720dba2b9
--- /dev/null
+++ b/src/content/es/blog/2013-06-07-prism-the-us-government-is-attacking-the-entire-global-online-community.md
@@ -0,0 +1,34 @@
+---
+title: 'PRISM: The US government is attacking the entire global online community'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-06-07T10:25:59+00:00
+url: /blog/prism-the-us-government-is-attacking-the-entire-global-online-community/
+heroImage: /images-static/uploads/NSA-taps-in-to-systems-of.png
+thumbnailImage: /images-static/uploads/NSA-taps-in-to-systems-of.png
+
+---
+Did you need more evidence that the US government is spying on your web browsing? Well today is your lucky day. The Guardian has just published evidence of a secret program from the US government's NSA, which proves that security agencies have direct access to the servers of major companies including Google, Facebook and Apple.
+
+While we always suspected such a backdoor existed, the revelations are still shocking to see laid bare. The program, [called PRISM][1], allows officials to collect your search history, the actual content of emails, file transfers and live chat sessions. This all according to 41 slide PowerPoint presentation, which the Guardian has verified as authentic.
+
+**A failure of democracy**
+
+PRISM demonstrates a complete failure in democracy and shows that citizens from every country in world are at risk from the US government's recklessness approach to online privacy. What's the point of debating this stuff in Congress? What's the point of public consultations? The NSA is prepared to steam-roll the legislative process not just for American citizens, but for the entire world.  Bills like [CISPA][2] are irrelevant. The government will act like such legislation already exists. Signing it into law is a mere formality. 
+
+PRISM once again raises serious questions about the entire internet eco-system and how we perceive the companies with which we entrust so much private data. The full list of companies working within PRISM is as follows: Microsoft, Facebook, Google, AOL, Apple and Yahoo. That covers pretty much all the major providers of social networks, search tools and email services.
+
+There's confusion over whether these companies are complicit in the spying or have no knowledge. Google has issued a statement denying all knowledge of PRISM and Apple says its "never heard" of the program. It's probably safe to say these companies are lying and have the protection of the US government. After all, it's not like Google has ever been totally honest about its [surveillance activities in the past.][3]
+
+**Fight back**
+
+It's time to fight back. Boycott the companies mentioned in the Guardian's report. Support search engines such as [DuckDuckGo][4], which do not store user data. Get off Facebook and get onto social networks that respect privacy like [Diaspora][5]. Use The Onion Router, I2P, a VPN or a combination. Visit the [Electronic Frontier Foundation][6]'s website and get involved in campaigning for online freedoms. Let your government know that you take online privacy seriously.  
+
+ [1]: http://www.guardian.co.uk/world/2013/jun/06/us-tech-giants-nsa-data
+ [2]: http://en.wikipedia.org/wiki/Cyber_Intelligence_Sharing_and_Protection_Act
+ [3]: http://www.nytimes.com/2012/05/23/technology/google-privacy-inquiries-get-little-cooperation.html?pagewanted=all&_r=1&
+ [4]: https://duckduckgo.com/
+ [5]: https://joindiaspora.com/
+ [6]: https://www.eff.org/
\ No newline at end of file
diff --git a/src/content/es/blog/2013-06-14-vpn-privacy-policies-decoded-strongvpn.md b/src/content/es/blog/2013-06-14-vpn-privacy-policies-decoded-strongvpn.md
new file mode 100644
index 000000000..8c3bf2621
--- /dev/null
+++ b/src/content/es/blog/2013-06-14-vpn-privacy-policies-decoded-strongvpn.md
@@ -0,0 +1,52 @@
+---
+title: 'VPN privacy policies decoded: StrongVPN'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-06-14T14:59:25+00:00
+url: /blog/vpn-privacy-policies-decoded-strongvpn/
+heroImage: /images-static/uploads/strongvpn.png
+thumbnailImage: /images-static/uploads/strongvpn.png
+comments:
+  - author: Wanter
+    date: 2015-07-30T17:14:46+02:00
+    content: |
+      StrongVPN no longer keeps any logs, article needs updating
+
+---
+_This post is [part of a series][1] reviewing the privacy policies of popular VPN services. The aim is to find out whether the VPN takes customer privacy seriously. This is not intended as a review of a VPN service, which would need to take into account a number of other factors. For more privacy guides and our criteria for reviewing them, [click here][1]._
+
+StrongVPN is one of the bigger VPN services on the market. It's based in the US and has servers across Europe and Asia. But how does its privacy policy stack-up?
+
+
+### Logging practices
+
+When it comes to logging data StrongVPN follows a similar policy to [Hide My Ass][2] and records the following:
+
+_"1.time, date and location vpn connection was made 2. duration of the vpn connection 3. bandwidth used during the connection"_
+
+StrongVPN says it does not monitor the websites you visit or the files you download "in normal course of duties". But it states that "if there's a violation" it will use its logs "to determine which account is in violation."
+
+_"After lengthy analysis of this data, we will terminate the service and/or take further action."_
+
+So while StrongVPN doesn't necessarily log websites, it's likely that it will use connection logs to highlight suspicious accounts, and then start logging your browsing activity to confirm if you are in violation of its terms. This is why it adds the "normal course of duties" disclaimer. This also leaves open the possibility that StrongVPN spies on your web browsing based on erroneous suspicions.
+
+More importantly,  as far as well can tell, StrongVPN does not say how long it holds onto its customers' data, which is a pretty serious oversight for a privacy service and should set alarm bells ringing.
+
+StrongVPN is very clear about its policy on DCMA. It says it maintains a log of DMCA Notices and will "identify customers or account holders who may be engaging in repeated copyright infringement." 
+
+### Cookies and ad data
+
+StrongVPN participates in the <a href="http://privacy-policy.truste.com/verified-policy/www.strongvpn.com" rel="nofollow">Truste privacy program</a>, which is welcome. But it also admits to collecting information on customers through various means for advertising purposes. It says is willing to hand this data over to anyone it likes. Here's what the policy says: 
+
+_"StrongVPN.com may use personally identifiable information collected through our Web site to contact Users regarding products and services offered by StrongVPN.com and its trusted affiliates, independent contractors and business partners, and otherwise to enhance Users' experience with StrongVPN.com and such affiliates, independent contractors and business partners. StrongVPN.com may also use information collected through our Web site for research regarding the effectiveness of the Web site and the marketing, advertising and sales efforts of StrongVPN.com, its trusted affiliates, independent contractors and business partners."_
+
+"Trusted affiliates, independent contractors and business partners" could mean pretty much anyone. Of course many websites happily hand over data to third parties for advertising purposes. What StrongVPN is doing is not uncommon at all. But is this really appropriate behaviour for a company that is offering a privacy service?
+
+### To sum up&#8230;
+
+StrongVPN's privacy policy leaves a lot to be desired. It's written clearly,  but there's no information on how long it stores your data, which is big problem. There's also no information on what happens if law enforcement requests data, or if laws in its jurisdiction regarding VPNs change. Also, while StrongVPN says it does not log the websites your visiting, it leaves open the possibility it will log your web browsing if you come under suspicion. 
+
+ [1]: /blog/vpn-privacy-policies-decoded/
+ [2]: /blog/vpn-privacy-policies-decoded-hide-my-ass/
\ No newline at end of file
diff --git a/src/content/es/blog/2013-06-21-vpn-privacy-policies-decoded-airvpn.md b/src/content/es/blog/2013-06-21-vpn-privacy-policies-decoded-airvpn.md
new file mode 100644
index 000000000..7cf0348f9
--- /dev/null
+++ b/src/content/es/blog/2013-06-21-vpn-privacy-policies-decoded-airvpn.md
@@ -0,0 +1,234 @@
+---
+title: 'VPN privacy policies decoded: AirVPN'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-06-21T12:19:01+00:00
+url: /blog/vpn-privacy-policies-decoded-airvpn/
+heroImage: /images-static/uploads/AirVPN.png
+thumbnailImage: /images-static/uploads/AirVPN.png
+comments:
+  - author: Steven
+    date: 2013-07-09T01:55:12+02:00
+    content: |
+      I'm not sure why you expected them to give you reasonable responses. You start off the article by claiming the aim of your series is "to find out whether the VPN takes customer privacy seriously," but instead you're cherry picking things that are or are not missing in their policies.
+
+      This, along with various mistakes about them (including where they are based, cookies, affiliates), should have been enough for you to just apologize for advertising mistruths.
+
+      They spoke about DMCA when asked by Torrentfreak (<a href="https://torrentfreak.com/vpn-services-that-take-your-anonymity-seriously-2013-edition-130302/" rel="nofollow ugc">https://torrentfreak.com/vpn-services-that-take-your-anonymity-seriously-2013-edition-130302/</a>) and their response was extremely reasonable:
+      
+      _DMCAs are just ignored: no private entity claim can be considered a proof of anything (even in light of the paper by the University of Washington "Tracking the trackers – Why My Printer Received a DMCA Takedown Notice") and the details given in DMCA notices (pertaining to p2p) lack any substantial proof of any infringement. We sometimes ask for a proof of the alleged claim, just to try to see which methods are used to make up an infringement claim, but so far all private entities have poorly failed to respond with any proof or even with technical details on how such claims are fabricated._
+
+      And then you continue to insult them about their general English. For me personally, I'd much rather someone that is knowledgeable but has broken English as opposed to some commercialized company with great English.
+
+      Stop reviewing platforms with garbage journalism. Either address the topics you intended to ("find out whether the VPN takes customer privacy seriously") or don't write anything at all.
+  - author: Dennis Kügler
+    date: 2013-07-09T08:10:50+02:00
+    content: |
+      Thanks for the input Steve. 
+
+      First re: cherry picking/address the topic: If you read our full guidelines for these reviews, linked to at the top of every post, you'll see the aim is to see if a VPN takes privacy seriously - as you mentioned -and to try and educate readers about how to read VPN privacy policies for themselves (i.e. get them thinking about what questions they need to ask). However, the explanatory paragraph at the top of each review could be amended to better reflect the full guidelines. If you read this review of AirVPN, we say AirVPN "seems to take privacy seriously", and that it has the best privacy policy out of all those we've reviewed so far, but it's let down by being vague - we say this twice in the review. Clarity is one of the most important points of any privacy policy. I don't think that's unreasonable. 
+
+      re the errors: Yes we completely apologise for these two errors and we've corrected them. The cookies/ad data error was a bad mistake to make - I hold up my hands on that one. But that doesn't invalidate the whole series of reviews, nor is it a good argument for us to stop. No one's really reviewed VPN privacy policies before and tried to educate people on them, so we think this is a valid endeavour. The criticism from AirVPN has been incredibly useful and will definitely affect the way we approach further reviews.
+
+      Re TorrentFreak/DMCA - I don't think customers should have to search around other websites to find out a service's policy on relevant issues.
+  - author: John
+    date: 2013-07-15T10:53:12+02:00
+    content: |
+      "Erogate" is Italian, it means "provide." With that known the construct of the sentence works.
+  - author: Joe Bones
+    date: 2013-07-21T16:13:55+02:00
+    content: |
+      I've got a different take on your input, Steve. 
+
+      I think the author's errors were honest, I read his stance to be surprisingly objective, and I felt his were criticisms valid and worthy of being pointed out.
+
+      For just one example, the use of the word "erogate" works great in Poindexterland. But here in PlainSpeak, USA. it's pretentious. Just saying "provide" works better for the average person. (In fact, legislation actually had to force credit card companies to abandon endless boilerplate and sesquipedalian jargon in favor of simpler easier-to-understand phrasings.) For me, whether it's brain surgery or paying for a VPN service, I want simple words that convey lucid concepts. 
+
+      And talk of insults and apologies is a bit silly. It's an unemotional, academically-toned analysis, not "playing the dozens". 
+
+      The right of people to have privacy in conducting their affairs is being undermined and eroded on every side, on most continents, by most governments. When Delta Airlines fires a stewardess because she complains online about the company (a situation often repeated in the years that followed) it is high time to look closer and think more deeply. And as the "HideMyAss" fiasco proved (whose owners must have been prescient when they chose that rather crude name, as they promptly got "ripped a new one"), our level of protection is only as strong as individual VPN policies designate. 
+
+      Personally, I have no interest in wading through seas of jargon to distill the vapor trails that define how well my privacy is being looked after. I consider it grand good luck to have a review that is done in such a methodical, incisive fashion. For my part, I am impressed by a service that is willing to raise the issue of privacy to a higher level of public scrutiny. It is revealing, and I hope it puts the feet of other VPN services to the fire.
+
+      Criticism is essential, Steve. I don't argue that. However, groundless nit-picking is pointless and discouraging. And when it comes to important articles, I find it irritating because it may bring a premature and entirely unwarranted end to them.
+
+      I urge the author to keep up the good work, because he is definitely being read and considered &#8212; especially in the United States, where the ill-conceived Homeland Security Act is continuing to force privacy issues into the courts.
+  - author: Dave
+    date: 2013-08-01T10:05:43+02:00
+    content: |
+      This is a really good series, Dennis, and I look forward to your analysis of more privacy policies. You do the right thing by acknowledging any mistakes and rectifying them. I feel you've been very fair and objective.
+
+      As a layperson in these matters, I agree that clear and precise language is invaluable when choosing a VPN service. 
+
+      Again, much appreciated and keep up the good work.
+  - author: Krieg
+    date: 2013-09-20T22:07:38+02:00
+    content: |
+      Complaining about their English is extremely lame considering it is a "foreign" (read non-US) company and the person's first language is not English. People who speak ESL make those "mistakes" quite often when they have words in their languages that sound similar but unfortunately that word in English is not that common and they might sound pretentious. But anyone with some level of understanding would realize it is just the language barrier.
+
+      Considering what it's happening to privacy in the first world English speaking countries the future of VPNing is most probably in "unfamiliar" countries, so better get used to "broken" English.
+
+      _MODERATOR: The rest of this comment was edited due to the author's use of homophobic insults_
+  - author: Laura
+    date: 2013-09-24T12:39:20+02:00
+    content: |
+      It's like the italiano word "erogare", but "to erogate" is english, which is supposed to be the native language of the people here.
+  - author: Lucifer Stevenson
+    date: 2013-10-07T22:05:35+02:00
+    content: |
+      Joe Bones, excellent response. I thoroughly enjoyed the read.
+  - author: Jabba
+    date: 2013-10-22T14:32:43+02:00
+    content: |
+      This review is utter crap and I can't believe Dave is thanking Dennis for this. AirVPN is one of the best VPN providers out there and if you take a look yourself at them instead of believing what is being written here, your eyes will be opened&#8230; Anyway.. I'm out. Peace.
+  - author: Dennis Kügler
+    date: 2013-10-23T09:38:54+02:00
+    content: |
+      Jabba, this isn't intended as a review of AirVPN, just a review of its privacy policy. We're really not out to attack anyone here, the main goal is to get people thinking about how to read and judge privacy policies - which is incredibly important if you're choosing a VPN. We did make a couple of bad errors on this post, which i apologise for, but they were rectified immediatedly.
+  - author: Aurelio
+    date: 2014-04-17T22:24:37+02:00
+    content: |
+      I wish my Italian were as good as their English!
+  - author: John G
+    date: 2014-06-26T10:48:30+02:00
+    content: |
+      AirVpn is a scam. When I went to sign up they put my account on hold after debiting my credit card. They claim their processor is responsible. They sent an email claiming I need to send them banking information with my personal info and/or a copy of a drivers license or passport. I submitted a screenshot of the debit to my card showing the transaction ID and they refused to open my account until I showed them my personal ID and who I was.
+
+      Their response was they have the legal right to request all the information per terms of service agreement and under no obligation to protect privacy of its users. Definitely go to another service. A true company that protects your privacy would not be asking for state identification.
+  - author: Topkek
+    date: 2014-09-03T07:43:59+02:00
+    content: |
+      To John G: The real question should be "why in god's name aren't you using Bitcoin???"
+  - author: Anonymous Fr3@k
+    date: 2014-10-03T14:41:56+02:00
+    content: |
+      Just a quick note I understand you are doing a review of only AirVPN's Privacy Policy, However there is a flaw I never seen mentioned on AirVPN's Website that should have been addressed. As a customer of AirVPN which unfortunately I paid for multiple months upfront and I am stuck with it. I recently decided to see if I could track back through the data I was receiving and transmitting. Well I was able to trace not only my personal IP instead of the IP I was Stealthed under, worse then that I could trace it all the way back to my Exact Location. To find out that I could be tracked so easily horrified me. I now use a free VPN with option to pay for more bandwidth and server connections I will not name it because I am not trying to advertise for the company. Needless to say this free VPN has Better then DoD Encryption as well and I was unable to track back past the IP I was Stealthed under. I also could not even get any data(Encrypted or Not). I just thought this would be the best place to address this after reading others comments as well as your review of AirVPN's Privacy Policy.
+
+      I was a happy customer for a good bit of time, however I no longer am. I will not be renewing my subscription.
+  - author: Eric
+    date: 2014-12-24T10:05:50+01:00
+    content: |
+      Then what VPN we could be trust ? I think my ISP more reasonably good for me if I skip torrenting .
+  - author: jjolla
+    date: 2015-05-10T03:11:02+02:00
+    content: |
+      Dont be fooled, Bitcoin is not as anonymous as you may believe. 
+
+      The coins are identifiable and therefore traceable back to whoever purchased them. And please, don't mention exchanges &#8230; they are being snooped big time: each swap is absolutely noted.
+
+      In fact, someone did a very detailed study and found that under certain situations Bitcoins provide LESS anonymity than your Credit Card.
+
+      Also, don't ignore that the more suspect your activity (eg using Bitcoins) the more reason you are giving the NSA or whoever to snoop on you first.
+  - author: tim
+    date: 2015-09-24T19:23:56+02:00
+    content: |
+      please tell me exactly how a bitcoin is traced back to a real person if you are making a new wallet with a computer never purchased in your name or used for anything with any private data and everything thru TOR and VPN and purchase if from a private party such as thru classided like craiglist? If you name or anyting identifing you is not used how excactly will they ever get that info? All the BITcoin data is related to the wallet used and if a new wallet is used for each transaction I can not see how it could be traced unless bit coin itself has trojan or seach capabilities which would be huge news if it was the case.
+  - author: tim
+    date: 2015-09-24T19:40:14+02:00
+    content: |
+      I did want to add that the one thing that is still the most untraceable is plain old cash. Yes it has issues if it gets stolen in the mail but if its packaged well you have good chances if you are dealing with a honest company. For someone that is really concerned about privacy and amoninity the less than 1% chance of say losing $100 is not much of than a iritation when compared to the security it gives interms of privacy and non traceability. You could even pay a bit more and you can exhance it for a another currency thus making it than much harder to even know the country of orign of the payee. Add in a remailer for good measure. AGain it all comes down to how much trouble you are willing to go thru.
+  - author: tim
+    date: 2015-09-24T19:51:13+02:00
+    content: |
+      In terms lof privacy and the EU what effects has the new law the EU passed that required two nonconflicting data points to be taken and held for each customer? Is that the correct interpetation of that law and if so does that not mean that all EU member countries regardless of their own internal privacy laws are required to keep this data for even VPN providers? That would mean I think a email adresss and IP or physical address? If this is correct then Sweden etc located VPNS do not have the protections they use to have? Again I am not saying this is fact but more a ? /confirmation. I would think the use of a TOR prior to VPN would to some extent take care of the tracking but then that leaves some with nedding to actually go bridge>tor>VPN or VPN with no tracking> tor> vpn if you want the most privacy.
+  - author: nobody
+    date: 2016-06-29T15:41:08+02:00
+    content: |
+      Their servers worked well enough for 2+ months, then connection problems started occurring more and more often. Today I posted a message on their forum telling that service is down again, and called it a "great service". Do you know what happened? They instantly banned me on the forum, closed my VPN account (I paid for 12 months of service) and this is it!
+
+      Needless to say, they ignore all my emails and refund requests, so stay away from this "company". Otherwise, your account will be closed and they will keep all your money in case you complain about their service.
+
+      Hopefully this post will save money of any person who has AirVPN account and thinks about making a complaint of their poor service. If you really want to send them a message about poor connections, be ready to get your account terminated in 15 minutes (this is how long it took for my account to be cancelled).
+  - author: Per
+    date: 2016-08-24T04:29:07+02:00
+    content: |
+      Great read! I love that you're pointing out the dodgy language. I really don't understand why people are getting butthurt over it. 
+
+      I've spent a lot of hours reading about different VPN services, and there's just too many with vague privacy descriptions and bad language. They should thank you for pointing that out. It probably saves them a lot of time answering e-mails and questions from people wondering what the hell they mean.
+  - author: Stéphane
+    date: 2016-09-20T07:58:31+02:00
+    content: |
+      Stay away from AirVPN. They deleted 2 of my support tickets without any comment or explanation. Later they deleted a forum post and put me on moderation queue. After they wrote me that they never deleted any tickets. I sent proof (screenshots) to them but they still claimed they didn't do anything. AirVPN was good a few years ago. But now something very fishy is going on. I don't trust them anymore.
+  - author: Gary
+    date: 2017-01-01T14:12:53+01:00
+    content: |
+      Stéphane, do you have any proof (valid screenshot) that correlate your accusation on AirVPN like that? If yes, why don't you just show us if it's 'REAL'.? Bring it on.
+  - author: Nick
+    date: 2017-01-02T02:28:23+01:00
+    content: |
+      What a said attempt from iVPN, at reviewing of anything. I would say the intention was good though. 
+
+      As for some of the comments on AirVPN from the "haters", let me just say that the reason you ran into issues and then got into trouble for it, was probably because you guys (@nobody, @Anonymous Fr3@k, @John G), was because you guys fall under the category called: "Complete \*ffing \*bleep bleep bleep* fools", if you get what I'm saying. I won't insult you further, in case this post gets moderated - so that it'll be easy for the mods to cut out the insults, if it's still over the top. But it just has to be said, that you 3 are probably your own worst enemies. 
+
+      Judging by your posts, you're the types who, when they run into trouble the first time, instantly go onto a forum and complain very loudly about it. Without being very polite and most definitely without saying what went wrong exactly or providing any "actionable intelligence" that the community or Air support can use to help you. Thus, when you act impatiently and aggressively, you just get banned and/or muted. As you should, really. Yeah, it sucks if you paid for 12 months, but how about checking out how to behave properly then? It stands to reason, that if Air always banned everyone who asks questions, they wouldn't have a forum or indeed a company. But they do and it's quite successful. 
+
+      It's still true that Air is one of the best VPN companies out there. Why? Because they make everything secure by default, as much as possible. They stick to secure protocols, follow best-practices in their client (it's open-source for example) and the server infrastructure is superb; high-speed connections, quality data-centers, rock-solid policies regarding \*where\* they are willing to set up servers and much much more. In a VPN, you should look for: transparency, good security practices (using OpenVPN, 256-bit AES encryption, etc.) and general honesty, without being contradictory. For example, if a VPN claims they respect your security/privacy/anonymity, then check that they do! If they run Google Analytics or have Facebook plugins on their site for example, that's directly contradictory to being respectful of your privacy, as those things track you. Air has no such things on their site, by comparison. 
+
+      So, to those 3 critics, get your facts straight. Because you're wrong. I mean really, one of you claim you now use a free VPN, as if it's an upgrade! I LOL'ed at that. Thanks for a laugh. How do you think a free VPN pays the bills? Prayers to Jesus? No. Likely by several forms of spying/advertising - and you're the product. You worry about Air leaking your IP address and then start talking about other places having better encryption? Okay, one problem there: those things aren't related lol. You can have the best encryption in the world and still leak your IP address, because you're incompetent. REMEMBER: AirVPN (or any VPN) try to secure your connection to their servers. They don't try to fix your incompetent use of a computer. Thus, if you've got tons of malware installed, you're doomed. But really, it's simple - just check ipleak.net and if you leak, turn on AirVPN network lock :p. Done. As for all the credit card stuff and support tickets - pictures or it didnt happen.
+
+      ciao.
+
+---
+_This post is [part of a series ][1]reviewing the privacy policies of popular VPN services. The aim is to find out whether the VPN takes customer privacy seriously. This is not intended as a review of a VPN service, which would need to take into account a number of other factors. For more privacy guides and our criteria for reviewing them, [click here][1]._
+
+**EDIT AirVPN has disputed some of this review. You can read our responses at the end of the post**
+
+<a href="https://airvpn.org/" rel="nofollow">AirVPN</a> is VPN service started by a "small group of activists" in 2010 and is based in the Italy. The company has servers across Asia, Americas and Europe. Lets take a look at <a href="https://airvpn.org/privacy/" rel="nofollow">its privacy policy</a>. 
+
+Out of the three VPN privacy policies we've looked at so far in this series AirVPN takes the most sensible and privacy-orientated approach to its customer's data. But while AirVPN seems to take user privacy seriously, it is let down by some vague language.
+
+### Logging practices
+
+Here's what AirVPN says about the data it logs:
+
+"Air servers and software procedures acquire only personal data which are strictly necessary for the technical functioning of the service, for example IP address. These data are not collected to identify, through elaboration or any other technique, users' personal identities. These data are not transmitted to third parties. "
+
+We're lacking specifics here. In particular, AirVPN does not say how the IP address is stored and if it is anonymised. The policy continues:
+
+"Data transmission is performed between Air servers network exclusively in order to erogate efficiently the AirVPN service. Data are deleted as soon as they are no more necessary for such purposes."
+
+Again, AirVPN needs to be more specific and say exactly how long it retains data for. "Data are deleted as soon as they are no more necessary for such purposes" is far to vague to be taken seriously and there is no mention of data retention periods anywhere in the privacy policy. Someone who has little knowledge of how VPNs work also has no idea how long data is typically stored for troubleshooting.
+
+Also, as the above quote shows, AirVPN's policy uses somewhat broken English (what does "erogate" mean exactly in this context?). Any legally binding policy needs to be clearly written and easily understood. In this respect, AirVPN is lacking.
+
+### <span style="font-size: 1.17em;">Missing info</span>
+
+As we mentioned, the biggest oversight in AirVPN's privacy policy is its lack of info on data retention periods. But AirVPN also doesn't mention how it responds to DMCA notices and, like most other services we've looked at, it also doesn't mention what it would do if laws in its jurisdiction change. AirVPN also suggests that it doesn't retain web logs, but because it's not specific, the policy is left somewhat open to interpretation. Unlike some other VPNs we've looked at, AirVPN seems to be a privacy conscious service, but it's let down by a badly-written policy.
+
+* * *
+
+**EDIT : AirVPN's <a href="https://airvpn.org/topic/9619-ive-read-this-over-at-a-professional-it-service-its-about-airvpns-privacy-policies-read/#entry10852"  rel="nofollow">rebuttal</a> and our response**
+
+We wrote: "<a href="https://airvpn.org/" rel="nofollow">AirVPN</a> is VPN service started by a "small group of activists" in 2010 and is based in the Netherlands."  However, AirVPN is in fact based in Italy. This is our oversight and has been corrected. We apologise to AirVPN for this error.
+
+_AirVPN writes: "These data **are not collected to identify, through elaboration or any other technique**" has an unequivocal legal meaning in the EU. It means that personal data, including IP addresses (regardless of the debate whether an IP address is a personal data or not), are not collected at all and in any way. Therefore not only we legally state that they are not stored when a client accesses a VPN service, but we also say that they are not even sent to third-parties WHILE a client is connected to a VPN server, which is a higher privacy condition. It seems, to say the least, bizarre that a higher privacy protection policy is interpreted as a lower one._
+
+AirVPN is somewhat missing the point of these reviews, as stated in our guidelines. The vast majority of people reading such privacy policies do not have a grasp of the legal intricacies and directives being mentioned, and that this has led to false expectations around VPN services.  We believe it's the VPN's job to state clearly and in plain English what their practices are. The main point of this review wasn't to say AirVPN is guilty of logging data, but that its policy is not clear enough in this regard. The point still stands.
+
+_IVPN: "Data transmission is performed between Air servers network exclusively in order to erogate efficiently the AirVPN service. Data are deleted as soon as they are no more necessary for such purposes."_
+
+_AirVPN writes: Once again, the sentence has a very precise legal meaning in the EU. The service is erogated when a client is connected, therefore when a client is disconnected the service is not erogated, ergo when a client disconnects those data are no more on the servers and the data retention period is, in the worst case, the timeout period (up to 60 seconds), in the best case 0 seconds._
+
+Same point as above.
+
+_IVPN "AirVPN doesn't mention anything regarding cookies, affiliates and ad data."_
+
+_False. The Privacy Notice states, since three years ago:_
+
+Yes, this was a mistake by us. We've made the correction and offer our apologies to AirVPN.
+
+IVPN: AirVPN also doesn't mention how it responds to DMCA notices
+
+_That's true and IT MUST BE SO. We will never mention how we "respond" to laws that are outside our jurisdiction and that are therefore inapplicable, simply because we are not forced to and we MUST NOT comply (and of course we must not even "respond") to such laws. An USA Act "has jurisdiction" on the USA. We are not subject to every single law existing in the world and we will NEVER mention them as if we recognized their validity. Doing so would imply an utter incompetence on the legal field. Ironically, we would like to ask to IVPN staff why they do not state in their policy how they "respond" to every single law in the world which makes VPN business illegal._
+
+DMCA notices are an issue that's very important to individuals looking for a VPN service and those concerned with online freedoms.  Acknowledging that DCMA notices exist, and are an issue customers want to know our stance on,  is hardly legal incompetence. It's about giving your users relevant information to help them make an informed decision about your service.
+
+_IVPN: AirVPN's policy uses somewhat broken English (what does "erogate" mean exactly in this context?)._
+
+_We recommend IVPN people to open a dictionary, for example the Webster dictionary, and search for "erogate", which means "give, lay out, provide, deal out"._
+
+"Erogate" is not a term that's commonly used in English. There's a dozen other words or phrases that could have been used that are better understood by the majority of people. One of the main criteria in our reviews is using plain English.
+
+ [1]: /blog/vpn-privacy-policies-decoded/
diff --git a/src/content/es/blog/2013-06-28-vpn-privacy-policies-decoded-witopia.md b/src/content/es/blog/2013-06-28-vpn-privacy-policies-decoded-witopia.md
new file mode 100644
index 000000000..c6c420996
--- /dev/null
+++ b/src/content/es/blog/2013-06-28-vpn-privacy-policies-decoded-witopia.md
@@ -0,0 +1,66 @@
+---
+title: 'VPN privacy policies decoded: WiTopia'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-06-28T16:05:13+00:00
+url: /blog/vpn-privacy-policies-decoded-witopia/
+heroImage: /images-static/uploads/WiTopia.png
+thumbnailImage: /images-static/uploads/WiTopia.png
+comments:
+  - author: Uwnthesis 
+    date: 2013-07-02T10:15:51+02:00
+    content: |
+      As Schneider states, the biggest cyber threat of our era is data collection - it's potentially far more dangerous than cyber warfare or crime to us.
+
+      The "data collectors" harvest your data for "marketing purposes", which is lightly regulated so you have no protection. This data is then resold on to third parties as a revenue stream. Data aggregators such as Acxiom bulk buy this data, and once multiple streams of data are combined, everyone from the tax man to your local council has an X-Ray view of your life. Did you know that Acxiom buys 3 billion data sets a day? And that's only 1 company. The Rubicon project interacts with 97% of US internet users every month, and yet no-one knows about them (New York Journal).
+
+      Insurance companies are having success with reusing "marketing data" to assess obesity risk factors. One CEO of an insurance company always pays for his Macdonalds burgers in cash&#8230; to avoid an audit trail that links to "fast food" and higher medical premiums.
+
+      Marketing data is THE risk factor, so your comments on reselling marketing data to third parties is very valid.
+        
+      Even Amazon has a clause that if it goes bankrupt, their databases can be resold as a revenue stream - even if you object.
+
+      So marketing data is the real menace, as Schneider identified :)
+  - author: Dennis Kügler 
+    date: 2013-07-02T18:07:44+02:00
+    content: |
+      Great comment, thanks for the insight!
+
+---
+_This post is [part of a series ][1]reviewing the privacy policies of popular VPN services. The aim is to find out whether the VPN takes customer privacy seriously. This is not intended as a review of a VPN service, which would need to take into account a number of other factors. For more privacy guides and our criteria for reviewing them, [click here][1]._
+
+<a href="https://www.witopia.net" rel="nofollow">WiTopia</a> is a popular VPN service, which provides a wide-range of servers across Asia, Europe and the Americas. The company is based in the United States and therefore subject to US laws. So what does <a href="https://www.witopia.net/privacy/" rel="nofollow">its privacy policy</a> look like?
+
+##### **Data sharing**
+
+WiTopia has a very well-written and comprehensive policy. Nevertheless it contains some worrying elements that don't sit well with a service supposedly designed to protect user privacy. For instance, when it comes to advertising-related data, take a look at this section on the information WiTopia discloses to "outside parties."
+
+_"It may be necessary, at times, to share certain personal information with trusted third parties who assist us in conducting our business or providing our services. These companies are authorized to use information only as necessary to provide services to us."_
+
+Also:
+
+_"If we are acquired by or merged with another company, if substantially all of our assets are transferred to another company, or as part of a bankruptcy proceeding, we may transfer information to the acquiring company._
+
+As we've pointed out before, this practice of willingly sharing data with companies, for non-essential purposes like advertising, is not uncommon. Most sites engage in such activity. But when it comes to a service that sells itself on protecting user privacy and data, you would expect it would stick to its values and keep data sharing to a bare minimum. As with HideMyAss, WiTopia uses the phrase "trusted third parties." But who are they? Why are they trusted? None of this is qualified in the privacy policy.
+
+##### Data logging
+
+When it comes to logging data WiTopia says it does not "monitor, record or store the content of a customer's internet activities." It only stores the following:
+
+_"(1) the time and network location from which a VPN connection was made; (2) the duration of the VPN connection."_
+
+However, it prefaces this with "during normal duties," which is could be seen as a get-out clause to allow WiTopia to store your data whenever it, or other entities, sees fit. This is further expanded upon here:
+
+_"We may release personal information, when we believe in good faith that release is necessary, to comply with legal process (such as a subpoena or court order), to protect our rights or property, to enforce the Terms of Service, or protect your safety or the safety of others."_
+
+It's also worth noting that even during normal duties WiTopia stores your web logs (i.e. the sites you've visited, dates, times, etc) for 30 days. Storing this information for so long is not necessary to troubleshoot a network. The main reason for this 30 day data retention could likely be to track down and identify users if they break terms and agreements.
+
+**To sum up&#8230;**
+
+WiTopia has a very well-written policy that gets straight to the point. But WiTopia's policy presents the same privacy issues that we saw with [HideMyAss][2] and, to a lesser extent, [StrongVPN][3]. WiTopia's section on <a href="https://www.witopia.net/copyright-policy/" rel="nofollow">DMCA takedowns</a> doesn't really say how a user's privacy will be affected. WiTopia also doesn't say what will happen if laws in its jurisdiction change, although it does appear to suggest it will comply with law enforcement if they request data.  
+
+ [1]: /blog/vpn-privacy-policies-decoded/
+ [2]: /blog/vpn-privacy-policies-decoded-hide-my-ass/
+ [3]: /blog/vpn-privacy-policies-decoded-strongvpn/
diff --git a/src/content/es/blog/2013-07-07-global-privacy-poll-germans-least-concerned-about-online-privacy.md b/src/content/es/blog/2013-07-07-global-privacy-poll-germans-least-concerned-about-online-privacy.md
new file mode 100644
index 000000000..515cb262c
--- /dev/null
+++ b/src/content/es/blog/2013-07-07-global-privacy-poll-germans-least-concerned-about-online-privacy.md
@@ -0,0 +1,57 @@
+---
+title: 'Global Privacy Poll: Germans least concerned about online privacy'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-07-07T14:54:53+00:00
+url: /blog/global-privacy-poll-germans-least-concerned-about-online-privacy/
+heroImage: /images-static/uploads/delarge.gif
+thumbnailImage: /images-static/uploads/delarge.gif  
+comments:
+  - author: Wutbürger 
+    date: 2013-07-13T12:19:54+02:00
+    content: |
+      As a (really angry) german, i can disagree. We are one of the world leaders in online privacy, because to our goverment it's still against the law to spy someone out. Maybe the background of Gestapo and later Stasi had something to do with it.
+  
+      We are concerned, very concerned, but we can't just handle in a rash!
+
+      I don't believe in Merkel, or her toydog Friedrich,
+        
+      but i know that she is a women who is sometimes slow, but hard to catch/hard to argue with.
+        
+      She will make the hell burn, just for Obama.
+        
+      And because she is a good talker, she will have the UN in her back, and give props to everyone who took care of Snowden.
+        
+      That's probably why the most germans are so quiet and calm.
+
+---
+An interesting survey from ComRes and Big Brother Watch came out recently giving us a broad global comparison of attitudes toward online privacy. The results were rather surprising and certainly confounded some of our own expectations.
+
+[The survey][1] involved 10,354 interviews across citizens from the UK, Germany, France, Spain, India, Japan, South Korea, Brazil and Austria. One surprising statistic is that India ranks number one out of the nine countries in terms of online privacy concerns. In total 94%  of all Indian respondents said they were concerned about their personal privacy online.
+
+This concern was echoed by Brazilians, with 90% of respondents expressing concern, and Spain (also 90%). Given that we rarely see much protest over online privacy coming from India and Brazil, this is certainly a heartening statistic. These emerging economies represent the future of online business, so it's good to know their populations demonstrate a healthy degree of skepticism over data collection online.
+
+### Germans unconcerned
+
+But perhaps the most interesting statistic comes from Germany. According to the survey, Germany was the only country where a majority of respondents (56%) said they were not concerned about their privacy online. How should we read this finding? On the one hand it suggests a worrying level of complacency from the German population. But it's also true that the German government has probably done more than any other western democracy to curtail online privacy violations.
+
+For instance, German courts are still [blocking the implementation of the EU Data Retention Directive][2] and they've [ruled against Google's data gathering practices][3] on more than one occasion. Perhaps the German people have more reason to feel secure (which is the conclusion ComRes has reached)? Or maybe German's are simply more naïve about the level of protection their government offers – especially in light of the recent PRISM revelation.
+
+After Spain and Brazil, Australians are the most concerned about online privacy (85%), followed by Japan (84%), South Korea (81%), France (72%) and the UK (68%). Australians certain have good reason to be extra sensitive to online privacy concerns at the moment, with their government currently considering whether or not to [implement its own mandated data retention law for ISPs][4].
+
+Here are some of the key general stats that the survey found, which show that overall most consumers around the world take a dim few of data collection by companies.
+
+  * Three quarters (79%) globally say they are concerned about their privacy online.
+
+  * Two-fifths (41%) of consumers surveyed globally say that consumers are being harmed by big companies gathering large amounts of personal data for internal use.
+
+  * Two out of three (65%) of consumers surveyed believe that national regulators should do more to force Google to comply with existing regulations concerning online privacy and the protection of personal data.
+
+It's also worth pointing out that ComRes' survey was conducted back in March, way before the recent PRISM scandal broke. It would be certainly interesting to see how consumer attitudes toward online privacy have changed since those revelations. We're guessing it would be for the worse.
+
+ [1]: http://www.comres.co.uk/poll/945/big-brother-watch-online-privacy-survey.htm
+ [2]: http://europa.eu/rapid/press-release_IP-11-1248_en.htm
+ [3]: http://www.itworld.com/security/363895/german-privacy-regulator-begins-action-against-google-over-privacy-policy-changes
+ [4]: /blog/australian-data-retention-debate-heats-up/
diff --git a/src/content/es/blog/2013-07-19-uk-gov-publishes-whitewash-investigation-into-prism.md b/src/content/es/blog/2013-07-19-uk-gov-publishes-whitewash-investigation-into-prism.md
new file mode 100644
index 000000000..ade8da4fd
--- /dev/null
+++ b/src/content/es/blog/2013-07-19-uk-gov-publishes-whitewash-investigation-into-prism.md
@@ -0,0 +1,49 @@
+---
+title: UK gov publishes whitewash investigation into PRISM
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-07-19T16:46:04+00:00
+url: /blog/uk-gov-publishes-whitewash-investigation-into-prism/
+heroImage: /images-static/uploads/uk-flag.jpg
+thumbnailImage: /images-static/uploads/uk-flag.jpg
+
+---
+The UK Intelligence and Security Committee has attempted to absolve UK authorities of any responsibility in the PRISM scandal and has published the results of an investigation into claims GCHQ along with the NSA violated UK law.
+
+[The investigation][1], headed by Sir Malcom Rifkind, only looked at PRISM and not the [Tempora programme][2], which was specific to the UK intelligence services. Surprise, surprise, Rifkind doesn't find any fault with the UK intelligence services' conduct when it comes to working with US authorities and sharing data on UK citizens.
+
+Rifkind says the most serious allegation against GCHQ is that the organisation acted illegally by accessing communications content via the PRISM programme. This accusation was 
+
+[backed-up by the Guardian][3]'s report on GCHQ's involvement with PRISM and the culture of 'don't ask don't tell' with regards to intelligence information gleaned from the NSA's activities.
+
+Here are the key points on what Rifkind says about the validity of the accusations:
+
+_"It has been alleged that GCHQ circumvented UK law by using the NSA's PRISM programme to access the content of private communications. From the evidence we have seen, we have concluded that this is unfounded._
+
+_We have reviewed the reports that GCHQ produced on the basis of intelligence sought from the US, and we are satisfied that they conformed with GCHQ's statutory duties. The legal authority for this is contained in the Intelligence Services Act 1994._
+
+_Further, in each case where GCHQ sought information from the US, a warrant for interception, signed by a Minister, was already in place, in accordance with the legal safeguards contained in the Regulation of Investigatory Powers Act 2000."_
+
+### Ignoring the bigger picture
+
+Let's take Rifkind's arguments point by point. Number one: Yes there may be no direct evidence that GCHQ circumvented UK law by accessing private communications, but that misses the point of the accusations, which were that the NSA withheld how it obtained most of the communications data from the UK authorities (with GCHQ's consent). It also specifies the "content" of communications and not the metadata surrounding the communications, which appeared to be PRISM's main purpose and was what most of the accusations concerned.
+
+Two: Rifkind reaffirms the statutory basis for PRISM in the 1994 Intelligence Services Act. This justification has already been torn down by others. Yes, maybe no laws have been broken. But how can surveillance legislation drafted in 1994 have any relevance to the internet era, where data mining is taking place on a scale that no one imagined two decades ago. The law clearly isn't fit for purpose.
+
+Three: Rifkind then invokes [RIPA][4], which itself has been the subject of controversy, as it allows so many disparate agencies and authorities the ability to access communications data without a warrant. The government no long records the amount of communication requests made under RIPA, but last count – in 2009 – it stood at [over 500,000 per year][5]. 
+
+### Inadequate laws
+
+However, the ISC's report wasn't a total whitewash. Rifkind does point out the confusion around the laws regarding surveillance in the UK. He admits the currently legal framework is a "complex interaction" between the Human Rights Act, the Intelligence Services Act and RIPA. All of this legislation is rather dated and doesn't take into account the communications shift presented by the internet. This is also something Rifkind thankfully admits, saying:
+
+_"Although we have concluded that GCHQ has not circumvented or attempted to circumvent UK law, it is proper to consider further whether the current statutory framework governing access to private communications remains adequate."_
+
+If the Intelligence Services Committee is saying the current statutory framework governing access to private communications may be inadequate, then politicians should pay close attention.    
+
+ [1]: https://b1cba9b3-a-5e6631fd-s-sites.googlegroups.com/a/independent.gov.uk/isc/files/20130717_ISC_statement_GCHQ.pdf?attachauth=ANoY7comP8t2Pbhm9n4XFmfl_TirWToTDfGE4yAxr9Iob9wXN_2VtGocBIutCEXgZj4eVb-eZ8JWFoDj7MyTLzYYA5RV9O3xRfZSTHxbHXxCz5P_sDvJSfv4bXZAQh2jqmlLDuZg2L5ZN5hnTd2cnyoae5WdvwDS0M-Mxc-IHODWrn9So59MryX-2sSJ5QipEwxEoFWrFho4Cz7zocgcieThujbCVSy0wsRIjo-lPcfUXRLnPLVcQZA%3D&attredirects=0
+ [2]: http://www.guardian.co.uk/uk/2013/jun/21/gchq-cables-secret-world-communications-nsa
+ [3]: http://www.guardian.co.uk/commentisfree/2013/jun/11/surveilllance-about-power-as-much-as-privacy
+ [4]: http://en.wikipedia.org/wiki/Regulation_of_Investigatory_Powers_Act_2000
+ [5]: /data-retention-laws/united-kingdom
diff --git a/src/content/es/blog/2013-07-28-vpn-privacy-policies-decoded-boxpn.md b/src/content/es/blog/2013-07-28-vpn-privacy-policies-decoded-boxpn.md
new file mode 100644
index 000000000..49c2edc2f
--- /dev/null
+++ b/src/content/es/blog/2013-07-28-vpn-privacy-policies-decoded-boxpn.md
@@ -0,0 +1,60 @@
+---
+title: 'VPN privacy policies decoded: Boxpn'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-07-28T13:20:19+00:00
+url: /blog/vpn-privacy-policies-decoded-boxpn/
+heroImage: /images-static/uploads/boxpn1.png
+thumbnailImage: /images-static/uploads/boxpn1.png
+comments:
+  - author: Wong
+    date: 2015-01-29T09:24:19+01:00
+    content: |
+      I will say about my experience .
+  
+      Earlier, I tried a lot of VPN including paid . Connection problems , low speed were commonplace. but by far the best in my case , was the boxpn . Not without problems, but it's the best of what I've tried, with best cost/quality ratio.
+
+---
+_This post is [part of a series ][1]reviewing the privacy policies of popular VPN services. The aim is to find out whether the VPN takes customer privacy seriously. This is not intended as a review of a VPN service, which would need to take into account a number of other factors. For more privacy guides and our criteria for reviewing them, [click here][1]._
+
+Boxpn is a VPN service owned by Cakinberk Telekom, a company based in Turkey. The platform has a wide range of servers across the US and Europe. But how does its privacy policy stack-up?
+
+Boxpn has a straightforward and very short <a href="https://www.boxpn.com/PrivacyPolicy.aspx" rel="nofollow">privacy policy</a>, which covers the basics relatively well and suggests the company does take its users' privacy seriously. Boxpn says it "does not collect any information of it's clients activities on any network [sic]. Hence no information is collected, there is no information to provide any 3rd parties." which is clear and to the point.
+
+### Logging
+
+However, as we've seen with other VPN privacy policies, Boxpn is also a bit vague on its logging practices. Here's what it says:
+
+_"boxpn global network firewalls and security softwares only collect network utilisation data which is strictly necessary for the technical functioning of the service, for example IP address and hardware utilisation."_
+
+As we've explained previously, collecting and storing network data is a very common practice for VPNs, because it allows us to optimise the network and troubleshoot any problems. So it's fine that Boxpn is doing this. However, the key issue is what data is being stored and – more importantly – how long is that data being stored for?
+
+For example, [with Hide My Ass][2] we found out server connection times were being stored for two years. Such a long period of data retention is not really necessary for troubleshooting a network and only really makes sense if you want to provide a third party with historical information to track users' web activity. Most VPNs serious about privacy will not store this data for any more than a week or so and ideally less than 24 hours. We can give Boxpn the benefit of the doubt, but on this point, it should be clearer.
+
+### Cookies and ads
+
+When it comes to advertising data and cookies Boxpn says this:
+
+_"boxpn will not sell, rent, or give away any of your personal information without your consent. It is our overriding privacy principle that any personal information you provide to us is just that: private. We do not presume that you are granting us permission to share your personal information with third parties wanting to sell you products or services that you have not requested."_
+
+Unlike some of the other VPNs we've looked at, this paragraph shows Boxpn is serious about the collection of ad data. However, we did run Ghostery on Boxpn's site and found a couple of ad trackers present, such as Doubleclick, which collects anonymous data. Doubleclick does not necessarily share data with third parties, but it can if the publisher (i.e. Boxpn) is part of an ad network. The Guardian [sums this up pretty well here][3].
+
+When it comes to entities trying to obtain user data Boxpn says this:
+
+_"Pressure from private actors to obtain any data (including but not limited to IP address of users) if it's an illegal act and boxpn, in order to protect its business and the users' privacy, reserves the right to inform the competent authorities and prosecute the private entities responsible for such illegal acts [sic]."_
+
+Due to the grammatical errors this paragraph isn't very clear. As we point out in our guidelines, clear English is essential for any privacy policy. The paragraph appears to be copied from AirVPN's <a href="https://airvpn.org/privacy/" rel="nofollow">privacy policy</a> and should read:
+
+_"Pressure from private actors to obtain any data (including but not limited to IP address of users) is an illegal act and Air, in order to protect its business and the users' privacy, reserves the right to inform the competent authorities and prosecute the private entities responsible for such illegal acts."_
+
+So despite the grammatical inaccuracies Boxpn's policy, once understood, is on the side of its users.
+
+### To sum up&#8230;
+
+Overall Boxpn does seem to take privacy seriously, but it could be more clear with regards to how long it logs data and in other sections. There's also no information on what happens if laws change in Boxpn's jurisdiction regarding VPN services.
+
+ [1]: /blog/vpn-privacy-policies-decoded/
+ [2]: /blog/vpn-privacy-policies-decoded-hide-my-ass/
+ [3]: http://www.guardian.co.uk/technology/2012/apr/23/doubleclick-tracking-trackers-cookies-web-monitoring
diff --git a/src/content/es/blog/2013-08-20-prism-is-the-biggest-influence-on-vpn-sign-ups.md b/src/content/es/blog/2013-08-20-prism-is-the-biggest-influence-on-vpn-sign-ups.md
new file mode 100644
index 000000000..30c05d30c
--- /dev/null
+++ b/src/content/es/blog/2013-08-20-prism-is-the-biggest-influence-on-vpn-sign-ups.md
@@ -0,0 +1,60 @@
+---
+title: PRISM is the biggest influence on VPN sign-ups
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-08-20T16:22:14+00:00
+url: /blog/prism-is-the-biggest-influence-on-vpn-sign-ups/
+heroImage: /images-static/uploads/vpn-privacy-policies.jpg
+thumbnailImage: /images-static/uploads/vpn-privacy-policies.jpg
+comments:
+  - author: Uwnthesis
+    date: 2013-08-25T17:23:27+02:00
+    content: |
+      Extra brownie points for bedtime reading:
+
+      Prism break
+        
+      <a href="https://prism-break.org/" rel="nofollow ugc">https://prism-break.org/</a>
+
+      Caution not to use USA based companies due to FISA
+        
+      <a href="http://www.alexanderhanff.com/prism-break-dangerously-misleading" rel="nofollow ugc">http://www.alexanderhanff.com/prism-break-dangerously-misleading</a>
+
+      From what I understand, USA "data collectors" such as Google, Facebook and Twitter are to be avoided at all costs.
+
+      Prism is a major business opportunity for Europe, if we choose to take it. The lost of $35billion to US tech companies means more European Jobs. We just have to reach out and generate those jobs - by offering what an American corporation cannot - Data Protection.
+
+---
+Edward Snowden's revelations over the [NSA's PRISM programme][1] is the biggest influence on people signing-up to a VPN, according to IVPN's recent survey. A total of 1,054 people responded to our survey, which asked them to choose which recent pieces of proposed legislation and enacted laws - if any - caused them to sign-up to a Virtual Private Network service.
+
+Admittedly, we didn't cover every privacy-threatening programme out there. But the results were interesting nonetheless. As we mentioned the biggest driver of VPN sign-ups was PRISM, with a 28.08% share of the vote. This appears to be supported by our own increase in subscriptions. We saw a 56% increase in sign-ups to IVPN during June and July, compared to the previous two months (the PRISM revelations broke on June 6). We also saw a 15.6% increase in unique visitors to the site  and a 29.2% increase in page views. Here are the full results of the survey:
+
+**Which of the following was the biggest influence in your decision to sign-up to a VPN:**
+
+  * PRISM revelations: 28.06%
+  * The EU Data Retention Directive: 9.57%
+  * The CCDP ('Snooper's Charter): 2.37%
+  * SOPA: 8.44%
+  * ACTA: 2.84%
+  * TPP: 2.37%
+  * The Patriot Act: 11.28%
+  * CISPA: 8.34%
+  * Other: 6.26%
+  * None: 20.47%
+
+After PRISM, the next single biggest influence on VPN sign-ups was the [US Patriot Act][2] (11.2% of the vote), which some say allowed PRISM to operate [without seemingly breaking any US laws][3]. Closely following the Patriot Act was the [European Data Retention Directive][4] with 9.5% of the vote. The EU Data Retention Directive, which was enacted in 2006, mandates that all European ISPs store user data, including web logs, billing info and more, during a user's subscription period, and up to 2 years after they leave the service.
+
+The defeated [SOPA bill][5] was up next with 8.4% of the vote, which we expected to be higher given the amount of publicity and anger around SOPA, followed by the shelved [CISPA legislation][6] (which seems somewhat quaint now following the PRISM!)
+
+A very big chunk of the vote went to 'None of the above' (20.4%) and Other (6.2%), which suggests a lot of people are concerned about various issues. We allowed respondents to submit their own reasons for signing-up and what we got back was a mixed bag. DMCA notices featured prominently in people's responses, as did secure Wi-Fi hot spot access. Legislation from different countries, such as Norway, Russia and Brazil were also represented, which does highlight the UK/USA-centric nature of the survey. There were also some rather funny justifications, which are worth sharing, our favorite being "the general cuntness of the UK authorities" and "fucking Pakistani idiots.
+
+Obviously using a VPN or TOR is not going to stop the NSA from reading your Gmail inbox, so in a technical sense, using a VPN specifically to counter PRISM isn't going to work. But at least the mass media coverage of PRISM appears to be pushing the idea of online surveillance into the public consciousness on a much larger scale than previous controversies. The fact PRISM is driving VPN usage probably doesn't come as much surprise, but it does suggest that, while there's little popular protest is taking place, internet users are at least increasingly taking online privacy seriously. 
+
+ [1]: http://www.theguardian.com/world/prism
+ [2]: http://en.wikipedia.org/wiki/Patriot_act
+ [3]: http://www.slate.com/blogs/weigel/2013/06/07/nsa_prism_scandal_what_patriot_act_section_215_does.html
+ [4]: http://en.wikipedia.org/wiki/Data_Retention_Directive
+ [5]: http://en.wikipedia.org/wiki/Sopa
+ [6]: http://en.wikipedia.org/wiki/CISPA
diff --git a/src/content/es/blog/2013-09-18-the-onion-router-under-fire.md b/src/content/es/blog/2013-09-18-the-onion-router-under-fire.md
new file mode 100644
index 000000000..6db68c19c
--- /dev/null
+++ b/src/content/es/blog/2013-09-18-the-onion-router-under-fire.md
@@ -0,0 +1,35 @@
+---
+title: The Onion Router under fire
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-09-18T19:06:59+00:00
+url: /blog/the-onion-router-under-fire/
+heroImage: /images-static/uploads/Tor-Proje.png
+thumbnailImage: /images-static/uploads/Tor-Proje.png
+
+---
+Anonymity tool The Onion Router (TOR) has had a pretty rough few months, following confirmation that the FBI used an security flaw in the Tor Browser Bundle to install malware on its users' computers.
+
+Despite offering our own privacy platform we're big supporters of TOR and think it's generally a secure platform to use (you can take a look at [some of our guides on TOR right here][1]). But this week's confirmation that [the FBI hacked TOR servers as part of an investigation][2] into child pornography is a good reminder that the platform does have its vulnerabilities. 
+
+The target of the FBI's investigation was Irish-US citizen Eric Marques. The FBI described Marques as the "largest faciliator of child porn on the planet." According to the FBI, Marques operated Freedom Hosting, which hosted more than 100 child porn sites, which in turn supported thousands of members who had collectively posted millions of images. Freedom Hosting offered ".onion" domains that could only be reached via the Tor network.
+
+In July the FBI seized control of Freedom Hosting and modified its sites to serve malware that targeted users of the [Tor Browser Bundle][3] (a version of Firefox customised for TOR use). The malware appeared to transmit the unique MAC address of infected PCs, allowing the FBI to identify users' IP addresses.
+
+**TOR popular with bot nets**
+
+The TOR Browser Bundle has since been fixed to protect users from the security flaw the FBI exploited. But TOR has faced more bad press with a report from the University of Luxembourg, which analysed TOR's traffic types. The [researchers used another exploit in TOR][4], which allowed the researchers to collect data on TOR users and see kind of content they were accessing via the network. The researchers say they achieved this "with only a moderate amount of resources."
+
+The security flaw was fixed a few months ago, but the results of the research were not good publicity for TOR, which mainly promotes itself as a tool for online freedom activists and people living under censorious regimes. The researchers found the top five most popular TOR addresses belonged to botnet command and control servers. The researchers also found that in total there was balance between the number of hidden services with illegal content/activites and those devoted to human rights and freedom of speech. It's also worth noting that the research was only counting hidden TOR services. Many TOR users will obviously be using the platform to access regular, non-hidden, websites.
+
+**Stay vigilant** 
+
+Hopefully TOR hasn't been too damaged by these revelations and can continue to gain the trust of its users by rapidly fixing flaws and addressing concerns. But it's worth remembering that pretty much every privacy tool will have its vulnerabilities. If you want to achieve a great level of protection you should [probably look into combining platforms like TOR with a VPN][5].
+
+ [1]: /privacy-guides/an-introduction-to-tor-vs-i2p/
+ [2]: http://www.wired.com/threatlevel/2013/09/freedom-hosting-fbi/
+ [3]: https://www.torproject.org/projects/torbrowser.html.en
+ [4]: http://www.technologyreview.com/view/519186/security-flaw-shows-tor-anonymity-network-dominated-by-botnet-command-and-control/
+ [5]: /privacy-guides/why-use-tor-with-a-vpn-service/
\ No newline at end of file
diff --git a/src/content/es/blog/2013-09-28-top-five-threats-to-online-privacy-2013.md b/src/content/es/blog/2013-09-28-top-five-threats-to-online-privacy-2013.md
new file mode 100644
index 000000000..3ac77cecd
--- /dev/null
+++ b/src/content/es/blog/2013-09-28-top-five-threats-to-online-privacy-2013.md
@@ -0,0 +1,38 @@
+---
+title: Top threats to online privacy 2013
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-09-28T13:07:59+00:00
+url: /blog/top-five-threats-to-online-privacy-2013/
+
+---
+The likes of SOPA, ACTA and CISPA may be behind us, but that doesn't mean there still aren't a number of legislative threats against online privacy looming on the horizon. From the Trans Pacific Partnership, to the UK's impending porn filter, Western governments are continuing to try and curtail internet freedoms. Here are a few of the top threats incoming.
+
+
+**UK porn filter**
+
+Under pressure from worried parents and feminist campaigners, the UK government is planning on introducing an opt-in "porn filter" for UK ISPs. The filter would require anyone who wants to look at content deemed to be "pornography" to request their ISP opt them out of the filter. The stupidity of the idea has been [well-illustrated by others][1], so we won't go into that now, but there's also a privacy implication. If the government creates a list of websites that are censored by default (and according to reports this will [include very broad areas such as "esoteric content][2]"), then you can be sure anyone who has opted into seeing that content will be immediately more prone to surveillance than those who do not.
+
+**The evolution of PRISM**
+
+Enough digital ink has been [spilled over PRISM][3] by now, so we're sure you guys know what the programme involves (hint: it involves the NSA mining data from the servers of some of the biggest internet companies out there). Depending on your level of optimism there's a question over what the US government will do now its activities are out in the open. Another interesting point is that there are still [some US politicians pushing for a new version of CISPA][4] to be introduced to the senate. In case you don't remember, CISPA was all about facilitating the sharing of data between internet companies and law enforcement. The bill was passed in the House of Representatives, but failed to make it to the Senate. Perhaps it's existence demonstrates how murky and underground the PRISM programme really was. Why would politicians be called for CISPA when law enforcement was already happily mining the data anyway (and legally, if you believe the Obama administration)? 
+
+**TPP**
+
+The [Trans Pacific Partnership is multi-national trade agreement][5] that's being negotiated between 12 nations – specifically, the USA, Australia, Peru, Malaysia, New Zealand, Chile, Singapore and Brunei, Canada, Mexico and – most recently - Japan.The TPP has been billed by activists as an attempt to get the failed SOPA legislation passed through the back door. It contains a section dedicated to intellectual property, [which the EFF says][5] is "far more restrictive than currently required by international treaties, included the controversial ACTA" and "puts at risk some the most fundamental rights" that enable access to information. The TPP is being negotiated behind closed doors and with hardly any public consultation. The biggest problem with the TPP is that it's a truly multinational piece of legislation that could be pressured onto other countries, outside of the group, and used to create a global standard of IP enforcement. 
+
+**Data retention legislation**
+
+The entire EU (with [a few notable exceptions][6]) is subject to the [EU Data Retention Directive][7], which mandates all ISPs store user data (such as web logs, addresses and billing info) for between one and two years after an individual leaves the ISP's service. Although the Data Retention Directive is rarely discussed, it's probably one of the worst pieces of legislation ever passed when it comes to online privacy. The precedent set by the EU has encouraged other countries to try and follow the example, with the [US and Australia considering similar legislation][8] (although some [US ISPs are already storing data without being legally compelled to do so][9]). Definitely something to keep an eye on.
+
+ [1]: http://paidcontent.org/2013/07/22/the-uks-opt-in-system-for-porn-is-a-terrible-idea-and-heres-why/
+ [2]: http://www.huffingtonpost.com/2013/07/29/uk-internet-filter-block-more-than-porn_n_3670771.html
+ [3]: http://www.theguardian.com/world/prism
+ [4]: http://rt.com/usa/feinstein-cispa-cyber-security-342/
+ [5]: https://www.eff.org/issues/tpp
+ [6]: http://europa.eu/rapid/press-release_IP-12-530_en.htm
+ [7]: http://en.wikipedia.org/wiki/Data_Retention_Directive
+ [8]: http://news.cnet.com/8301-13578_3-57575160-38/congressman-endorses-data-retention-law-then-backs-away/
+ [9]: http://www.wired.com/threatlevel/2011/09/cellular-customer-data/
\ No newline at end of file
diff --git a/src/content/es/blog/2013-10-23-vpn-privacy-policies-decoded-vyprvpn.md b/src/content/es/blog/2013-10-23-vpn-privacy-policies-decoded-vyprvpn.md
new file mode 100644
index 000000000..c7856bd98
--- /dev/null
+++ b/src/content/es/blog/2013-10-23-vpn-privacy-policies-decoded-vyprvpn.md
@@ -0,0 +1,61 @@
+---
+title: 'VPN privacy policies decoded: VyprVPN'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-10-23T10:49:36+00:00
+url: /blog/vpn-privacy-policies-decoded-vyprvpn/
+comments:
+  - author: Dundale
+    date: 2013-10-24T06:21:12+02:00
+    content: |
+      So basically you are paying really for encryption that can still be read if required.
+  
+      Tsk, I would never sign up for one like that. Glad ivpn is honest also about its logging of private information.
+
+---
+_This post is [part of a series][1] reviewing the privacy policies of popular VPN services. The aim is to find out whether the VPN takes customer privacy seriously. This is not intended as a review of a VPN service, which would need to take into account a number of other factors. For more privacy guides and our criteria for reviewing them, [click here][2]._
+
+VyprVPN is a popular and long-running VPN service set-up by Golden Frog, which also runs the Dump Truck secure online storage service. Golden Frog and VyprVPN are headquartered in the US and operate servers in across Asia, Europe and North America. So how does <a href="http://www.goldenfrog.com/privacy" rel="nofollow">VyprVPN's privacy policy</a> stack-up?
+
+**Clarity**
+
+First of all, VyprVPN has done a good job at making its privacy policy comprehensive and easy-to-read. Unlike many other privacy policies we've reviewed you're not left wondering where VyprVPN stands on the key issues. There are a few things that could've been included, such as how VyprVPN will react to changes in VPN-related laws in its jurisdiction, but overall the language used is very clear and the policy gets straight to the point.
+
+**Logging**
+
+VyprVPN is pretty upfront about what data it collects and says the following:
+
+> [Session data] is maintained for use with billing, troubleshooting, service offering evaluation, TOS issues, AUP issues, and for handling crimes performed over the service. We maintain this level of information on a per-session basis for at least 90 days. We may keep upload & download bytes at an aggregate level for longer periods of time.
+
+As we've outlined more than once in this series, there's no real reason to log data for much longer than a couple of weeks - if your aim is troubleshooting network issues and other such maintenance. A three month retention period will be implemented to help VyprVPN determine if anyone is violating its terms of service (which it clearly states in the above paragraph). This is where you have to ask yourself just how private VyprVPN service really is. <a href="http://www.goldenfrog.com/terms-of-service" rel="nofollow">The TOS include</a> the following prohibited activities:
+
+  * Spamming (e-mail, Usenet, message boards, etc.)
+  * Copyright, trademark, and patent infringement.
+  * Defamatory or abusive language
+  * IP Spoofing
+  * Illegal or unauthorized access to other computers or networks
+  * Distribution of Internet viruses, worms or other destructive activities
+  * Export control violations
+  * All other illegal activities
+
+Most of that seems reasonable enough, but there's always going to be grey areas. "Abusive language," for instance, covers a very wide-spectrum of behavior and can mean different things to different people. "All other illegal activities" can mean different things in different jurisdictions. A relevant example is the [internet TV service Aereo][3], which while legal in a number of states in the US, is currently facing challenges to its legality in other states.
+
+**Cookies and data**
+
+VyprVPN and Golden Frog uses cookies on its site to collect data on users, but it's very clear about not sharing "personally identifiable" information with "affiliates, independent contractors, business partners or outside entities for marketing purposes or otherwise." This is good to hear. A Ghostery check reveals seven trackers on the main site, including Doubleclick, which does not necessarily share data with third parties, but it can [if the publisher is part of an ad network.][4]
+
+**Criminal and civil investigations**
+
+One welcome aspect of VyprVPN's privacy policy, which is often not included by other VPNs, is a clear outline of how it responds to civil and criminal investigations. Basically Golden Frog says it will only release personally identifiable information if served with a subpoena. But the key point to remember is that VyprVPN will have at least three months of activity logged and ready to hand over. There are [plenty of other VPNs out there][5] that don't store this information for any significant length of time.
+
+**To sum up&#8230;**
+
+VyprVPN is honest, upfront and clear in its privacy policy, but its 90 day data retention period leaves a lot to be desired, especially when there are many other VPNs out there who only store data for network troubleshooting purposes.
+
+ [1]: /blog/vpn-privacy-policies-decoded/
+ [2]: /blog/vpn-privacy-policies-decoded/
+ [3]: http://en.wikipedia.org/wiki/Aereo
+ [4]: http://www.theguardian.com/technology/2012/apr/23/doubleclick-tracking-trackers-cookies-web-monitoring
+ [5]: http://torrentfreak.com/vpn-services-that-take-your-anonymity-seriously-2013-edition-130302/
diff --git a/src/content/es/blog/2013-11-07-ivpn-launches-new-privacy-guides.md b/src/content/es/blog/2013-11-07-ivpn-launches-new-privacy-guides.md
new file mode 100644
index 000000000..31404e107
--- /dev/null
+++ b/src/content/es/blog/2013-11-07-ivpn-launches-new-privacy-guides.md
@@ -0,0 +1,32 @@
+---
+title: IVPN launches new in-depth online privacy guides
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-11-07T08:47:26+00:00
+url: /blog/ivpn-launches-new-privacy-guides/
+heroImage: /images-static/uploads/IVPN-Privacy-Guides-600x390.png
+thumbnailImage: /images-static/uploads/IVPN-Privacy-Guides-600x390.png
+
+---
+Given the constant attacks on online privacy, from both government agencies and corporate interests, the practice of keeping your data private and secure has never been more relevant nor more important.
+
+However, the online privacy landscape can often look incredibly arcane and complicated to outsiders. While using tools such as VPNs and TOR is fairly straight forward, it's often difficult to find clear and concise information on going beyond this to achieve a much greater level of privacy.
+
+That's why we've created a new series of [freely available privacy guides][1] that offer both an overview of online privacy basics and step-by-step guides for much deeper privacy protection.
+
+We've got a general [introduction to privacy and anonymity][2], [TOR vs I2P][3], [applying risk management to privacy][4] and the benefits of [using TOR with a VPN][5].
+
+But our biggest addition is our [new eight-part guide][6] on using Virtual Machines, VPNs and TOR.
+
+This guide covers creating a basic setup using multiple workspace VMs, advanced VM and VPN set-ups, explanations on how to set-up Linux hosting machines for numerous VMs, creating pfSense router/firewall VMs, paying for VPNs anonymously and creating nest chains of VPNs and TOR. Perfect if you're looking for a comprehensive guide to going beyond VPNs and TOR.
+
+Be sure to check our [privacy guide section][1] regularly, as we'll be adding additional guides over the coming months.
+
+ [1]: /privacy-guides/
+ [2]: /privacy-guides/an-introduction-to-privacy-anonymity/
+ [3]: /privacy-guides/an-introduction-to-tor-vs-i2p/
+ [4]: /privacy-guides/applying-risk-management-to-privacy/
+ [5]: /privacy-guides/why-use-tor-with-a-vpn-service/
+ [6]: /privacy-guides/advanced-privacy-and-anonymity-part-1/
\ No newline at end of file
diff --git a/src/content/es/blog/2013-11-15-european-parliament-eu-surveillance-programmes-are-incompatible-with-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md b/src/content/es/blog/2013-11-15-european-parliament-eu-surveillance-programmes-are-incompatible-with-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md
new file mode 100644
index 000000000..1192bc738
--- /dev/null
+++ b/src/content/es/blog/2013-11-15-european-parliament-eu-surveillance-programmes-are-incompatible-with-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md
@@ -0,0 +1,29 @@
+---
+title: 'European Parliament: "EU surveillance programmes are incompatible with fundamental human rights of citizens and residents in the EU"'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-11-15T10:06:09+00:00
+url: /blog/european-parliament-eu-surveillance-programmes-are-incompatible-with-fundamental-human-rights-of-citizens-and-residents-in-the-eu/
+heroImage: /images-static/uploads/flag_yellow_low.jpg
+thumbnailImage: /images-static/uploads/flag_yellow_low.jpg
+
+---
+A European Parliament [report on state surveillance][1] says current programmes are "incompatible" with the human rights of EU residents and all state surveillance must be framed "in terms of collective freedoms and democracy," rather than "data protection and national security."
+
+[The study][1], which was commissioned by the [European Parliament's Committee on Civil Liberties, Justice and Home Affairs][2], says:
+
+> From a legal point of view, EU surveillance programmes are incompatible with minimum democratic rule of law standards and compromise the security and fundamental human rights of citizens and residents in the EU.
+
+The study also makes it clear that the PRISM revelations are markedly different from past security service "transgressions," as they involve "access to a much larger scale of data" than former programmes.
+
+The authors go further to say the "purpose and scale" of any surveillance programme is "at the core of what differentiates democratic regimes and police states." It adds the "two key issues" that remain unclear over the PRISM revelations are: "what/who are the ultimate targets of this surveillance exercise, and how are data collected, processed, filtered and analysed?"
+
+The paper mainly focuses on the US' ability to compromise the privacy of EU citizens, while highlighting the UK's complicity. Interestingly the authors say very little about the EU's own mass surveillance programme, namely the [EU Data Retention Directive][3], which mandates that all European ISPs hold onto customer web logs, and other data, for the entirety of the subscription and up to two years after they leave the service.
+
+Obviously, we expect very little to change regarding the European Union's reaction to the NSA's revelations. The report's suggestion of a new international treaty, in order to protect the world from the US' security agencies, is unlikely to materialise. So far, apart from Angela Merkel impotent noise over the US' monitoring of phone calls, the EU has been useless in terms of doing its job and protecting citizens from foreign spy agencies.
+
+ [1]: http://cryptome.org/2013/11/eu-mass-spying.pdf
+ [2]: http://www.europarl.europa.eu/committees/en/libe/home.html
+ [3]: http://en.wikipedia.org/wiki/Data_Retention_Directive
\ No newline at end of file
diff --git a/src/content/es/blog/2013-11-21-new-windows-vpn-client.md b/src/content/es/blog/2013-11-21-new-windows-vpn-client.md
new file mode 100644
index 000000000..37afca293
--- /dev/null
+++ b/src/content/es/blog/2013-11-21-new-windows-vpn-client.md
@@ -0,0 +1,40 @@
+---
+title: Beta Windows IVPN Client
+authors: ["Ed Holden"]
+categories: ["Releases"]
+tags: ["Apps"]
+draft: false
+date: 2013-11-21T10:32:48+00:00
+url: /blog/new-windows-vpn-client/
+comments:
+  - author: willy
+    date: 2013-12-14T18:59:02+01:00
+    content: |
+      Any plans on releasing a Mac and Linux version with the same features?
+  - author: Ed Holden
+    date: 2013-12-15T20:17:31+01:00
+    content: |
+      Yes, we have a Mac OSX client in active development that will have the exact same feature set as the Windows client. However we have not yet starting working on a Linux client due to demand (most Linux users run OpenVPN as a service) but its very possible that we will develop one in the near future.
+  - author: head
+    date: 2014-03-17T06:14:41+01:00
+    content: |
+      Are there any command line parameters for this program?
+
+---
+Today we are pleased to announce the first beta of our Windows VPN client for XP/Vista/Windows 7/8. We have incorporated the most popular feature requests. All customer are invited to test the Beta version and submit any feedback. The final version which will include significantly more features should be released before the end of February 2014.
+
+![IVPN Beta Client Home](/images-static/uploads/ivpn-client-beta-main.png "IVPN Beta Client Home")
+![ivpn-client-beta-settings](/images-static/uploads/ivpn-client-beta-settings.png "ivpn-client-beta-settings")
+
+
+## Features
+
+  * **Full Privacy leak detection/alert and blocking** - The application will immediately block all connections and alert the user with a popup screen when it detects that traffic may flow outside of the VPN e.g. if there is a disconnection for any reason. No traffic can flow (incoming and outgoing) until the user explicitly clicks on the 'unblock' button. Note, this feature is not available on Windows XP.
+  ![ivpn-client-beta-warning](/images-static/uploads/ivpn-client-beta-warning.png "ivpn-client-beta-warning")
+  * **Fully automated updates of new VPN gateways** - The application will transparently check for a cryptographically signed list of servers every few minutes. This means that we can deploy new servers and you will have them available within minutes. The server list is cryptographically signed to ensure the integrity of the data i.e. no MITM attacks where the server IP's are changed to one under the adversaries control.
+  * **Notification of upgrades** - When we publish a new version you will receive a notification within the application that a new version is available to download.
+  * **Start at login** - Ensure that the application is always loaded when the operating system starts.
+  * **Automatically connect to last server on startup**  - If you always connect to the same server you can now have the application connect automatically on startup.
+  * **Automatically connect to last server when joining insecure Wi-Fi** - If you connect to a Wi-Fi network without encryption enabled the client will automatically establish a VPN connection to the last server you connected to.
+  * **Built in OBFS Proxy** - If you are located in a jurisdiction where OpenVPN is blocked you can enable the built in OBFS Proxy software to obfuscate your connection to the VPN server, bypassing common Internet filtering systems.
+  * **Additional ports** - You can now connect to all singlehop servers on UDP/53 and TCP 80. UDP/53 is commonly used for DNS request traffic and is often open when all other ports are blocked.
diff --git a/src/content/es/blog/2013-11-30-five-reasons-uk-politicians-hate-internet.md b/src/content/es/blog/2013-11-30-five-reasons-uk-politicians-hate-internet.md
new file mode 100644
index 000000000..d98881dee
--- /dev/null
+++ b/src/content/es/blog/2013-11-30-five-reasons-uk-politicians-hate-internet.md
@@ -0,0 +1,93 @@
+---
+title: Five reasons why UK politicians hate the internet
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-11-30T08:48:19+00:00
+url: /blog/five-reasons-uk-politicians-hate-internet/
+heroImage: /images-static/uploads/uk-flag.jpg
+thumbnailImage: /images-static/uploads/uk-flag.jpg
+
+---
+The World Wide Web may have been created by a Brit but in the last 15 years the UK government has shown nothing but disdain for online liberties and online privacy. In fact, out of all western nations, we reckon the UK is probably the most draconian and heavy handed in its approach to managing and controlling its own citizens in the online space, and - unlike the US' PRISM program - most of this has been done out in the open.
+
+So here's five reasons, in no particular order, demonstrating how rotten the UK government really is when it comes to web. Disagree with us? Think your country's government has a worse record? Let us know in the comments below.
+
+**Snoopers' Charter**
+
+![We wonder what's in Theresa May's search history... leave your suggestions below!](/images-static/uploads/398px-Theresa_May_-_Home_Secretary_and_minister_for_women_and_equality.jpg "We wonder what's in Theresa May's search history... leave your suggestions below!")
+
+We wonder what's in Theresa May's search history&#8230; leave your suggestions below!
+
+If it were left up to the current Tory government and the poisonous home secretary Theresa May, the Communications Capability Development Programme, [or 'Snoopers' Charter,'][1] would have been quietly [ushered into the Queen's Speech back in 2012][2], ready to be brought into effect in 2014. Thankfully, the plans were leaked to the media beforehand, and there was enough furore for coalition partners, the Lib Dems, to regain some of its backbone [by opposing it.][3]
+
+In case you didn't know the Snooper's Charter is the government's attempt to force ISPs into monitoring a whole range of internet activities, including emails, social media activity and the websites you've visited (although this last activity is believed to already be legal under the EU Data Retention Directive – see below).
+
+Despite the subsequent PRISM revelations, we probably still haven't seen the back of the Snooper's Charter. The head of counter-terrorism is [still pushing for the bill to be implemented][4] and Theresa May's cynical campaign of scaremongering - which tried to [smear opponents of the bill as paedophile-sympathisers][5] - seems to have [swayed the minds of the British population][6]. Labour have suggested they oppose the bill, but Labour have a god awful record when it comes to online privacy (see below), so they're more likely than the coalition to push a similar bill through if they have a majority in 2015.
+
+**Data retention pioneer**
+
+Everyone is talking about PRISM, but there's already a programme of mass online surveillance in full effect, and it's legally mandated, and out in the open. The [EU Data Retention Directive][7] has been in operation since 2006 in the majority of EU countries, although there are a few - including Germany - who thankfully have a judiciary independent enough to [fight for the rights of its citizens][8].
+
+The EU Data Retention Directive is probably the worst piece of anti-online privacy legislation ever enacted in the western world. The directive [forces all ISPs to record communication logs and personal information][9] during your subscription, and then store that data for up to two years after you leave their service.
+
+But before all you UKIP lovers start blaming the EU for oppressing member states, realise the UK Labour government was forcing ISPs to retain data as part of anti-terrorism legislation years before it was forced upon the rest of Europe. In fact, [the UK pioneered this type of mass data retention][10] following 9/11 and was [the directive's biggest cheerleader on the continent][11], in the face of protestations from other EU countries. So yes, while Theresa May is a foul human being, remember the situation was no different under successive Labour home secretaries.
+
+![Why on earth is this thing telling us what we can look at on the internet?](/images-static/uploads/David_Cameron_official.jpg)
+
+Why on earth is this thing telling us what we can look at on the internet?
+
+**Porn filter and censorship**
+
+The UK's [incoming ISP-level porn filter][12], and the recently announced [banning of fake rape porn][13], is a wonderful example of political scaremongering and deceit. The Tory government and the Home Office masterfully [managed to conflate the issues][14] of child pornography, with the danger of legal porn being accessed by children.
+
+There was no real public consultation about the issue and no real examination on whether such a filter would even work (and nearly all experts agreed it wouldn't). Everyone from [Wikipedia][15], to [MumsNet opposed the idea.][16] But dissent on the right wing was muffled by Daily Mail-style morality, while dissent on the left was curbed by feminists whose knee-jerk hatred of pornography prevented any rational thinking.
+
+Obviously none of the above really matters, because the porn filter isn't really about porn. The filter is just another tool the government can use to exert some control over online content. Remember the filter's official mandate already goes [well beyond pornography][17], extending to everything from "esoteric content" (those poor pagans) to [VPN sites like this one][18] (yep, if you want to view this blog you'll have to 'do an Alan Patridge' and beg your ISP to "turn on the porn please"). Plus the definition of pornography itself is very much open to interpretation.
+
+![Why on earth is this thing telling us what we can look at on the internet?](/images-static/uploads/Charles_Clarke_bungling_home_secretary.jpg)
+
+Labour home secretary Charles Clarke played a big role pushing for data retention in Europe. With ears that big he probably already knows what you've been talking about offline.
+
+Once the filter is established it sets a precedent. Any enhancements, or replacements, to the filter can be easily slipped in by the government without a real debate, and the amount of filtered content will just get broader and broader. Yes, the filter is crude today, but it will get more sophisticated over time (that's inevitable) – and such leaps forward will occur completely under the radar. Congratulations. The government now has a list of every household in the UK that wants access to content it does not agree with.
+
+**RIPA**
+
+The [Regulation of Investigatory Powers Act][19] was enacted in 2000 by the Labour government, in order to deal with the change in communication habits instigated by the internet (the same justification being used for the Snoopers Charter). The legislation basically allows a whole raft of public bodies to access all the private data being hoovered up by data retention programmes. It also allows public bodies to demand citizens hand over passwords to protected information, enables public bodies to request an ISP (or indeed a VPN) monitor specific individuals, and allows these warrants to be kept secret.
+
+So who are these public bodies that can access our data? Well interceptions are restricted to the sorts of agencies you'd expect, such as GCHQ and law enforcement. But when it comes to data that's already been collected (by programmes such as the above mentioned Data Retention Directive) hundreds public bodies have permissions, [including over 470 local authorities][20]. In 2008/9 there were over [50,000 requests for communications data][21], according to Privacy International (apparently the government stopped releasing the figures since then). So you better not get involved in too many disputes with your local council ([it's not as if such powers haven't been abused in the past][22]).
+
+**'Extreme' content ban**
+
+Just this week the crime and security minister James Brokenshire said the government will order ISPs to [block "extremist" content online][23]. As we mentioned above, David Camerson also announced plans to ban pornography that simulated rape (making it illegal to watch). As with data retention almost a decade ago, the UK government is still a pioneer in trying to control the online space.
+
+Of course, no one likes terrorists and rapists, but do we really trust the government to decide which extremist ideologies are too dangerous for us and what "simulated rape" actually entails? Obviously there will be clear cut cases, but there will also be many grey areas. Every major porn website hosts BDSM content, which can be easily defined as "simulated rape." Does this mean the UK government is not only going to impose a porn filter, but will actually completely outlaw every porn site on the internet? Will it issue guidelines to explain when does a rough sex video becomes "simulated rape" and therefore liable to land you in jail?
+
+When it comes to extremist sites, again, where does the government draw the line? What is "extremist" and what measurements being used to determine this? Moreover, don't we want extremists to operate out in the open, rather than driving them underground? Doesn't this make it easier for the security services?
+
+None of this makes a great deal of sense, until you realise the government doesn't care much about protecting children, terrorism, or rape. What the UK government cares about is creating enough legal recourse to exert as much power and control over the virtual space as it possibly can.
+
+ [1]: http://en.wikipedia.org/wiki/Draft_Communications_Data_Bill
+ [2]: http://www.theregister.co.uk/2012/04/02/ccdp_government_snooping_plans/
+ [3]: http://www.mirror.co.uk/news/uk-news/snoopers-charter-liberal-democrats-still-1920532
+ [4]: http://www.theguardian.com/uk-news/2013/nov/12/counter-terror-chief-charles-farr-snoopers-charter
+ [5]: /blog/oppose-the-uks-spying-bill-youre-siding-with-paedophiles/
+ [6]: http://www.huffingtonpost.co.uk/2013/06/10/poll-finds-public-support-snooping-plans_n_3415724.html
+ [7]: http://en.wikipedia.org/wiki/Data_Retention_Directive
+ [8]: http://www.out-law.com/page-10807
+ [9]: https://wiki.openrightsgroup.org/wiki/Data_Retention_Directive
+ [10]: http://www.theregister.co.uk/2003/09/15/uk_gov_to_impose_data/
+ [11]: http://news.bbc.co.uk/2/hi/technology/4744304.stm
+ [12]: http://www.wired.co.uk/news/archive/2013-07/25/isp--north-korea
+ [13]: http://www.businessinsider.com/people-with-rape-porn-in-the-uk-could-get-jail-time-2013-11
+ [14]: http://www.theguardian.com/technology/2013/jul/22/david-cameron-crusade-internet-pornography
+ [15]: http://www.bbc.co.uk/news/uk-23558865
+ [16]: http://www.telegraph.co.uk/technology/news/8316997/Mumsnet-abandons-support-for-anti-pornography-web-filters.html
+ [17]: http://www.gizmodo.co.uk/2013/07/the-great-firewall-of-cameron-wont-just-block-porn/
+ [18]: http://www.gizmodo.co.uk/2013/09/uh-oh-uk-porn-filter-also-blocks-vpns/
+ [19]: http://en.wikipedia.org/wiki/RIPA
+ [20]: http://www.liberty-human-rights.org.uk/human-rights/privacy/state-surveillance/index.php
+ [21]: https://www.privacyinternational.org/reports/united-kingdom/ii-surveillance-policies#_ftn48
+ [22]: http://www.theregister.co.uk/2008/04/28/ripa_council_dog_fouling/
+ [23]: http://www.theguardian.com/uk-news/2013/nov/27/ministers-order-isps-block-terrorist-websites
\ No newline at end of file
diff --git a/src/content/es/blog/2013-12-15-will-europeans-really-set-free-data-retention.md b/src/content/es/blog/2013-12-15-will-europeans-really-set-free-data-retention.md
new file mode 100644
index 000000000..939c3a773
--- /dev/null
+++ b/src/content/es/blog/2013-12-15-will-europeans-really-set-free-data-retention.md
@@ -0,0 +1,42 @@
+---
+title: Will Europeans really be set free from data retention?
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-12-15T11:08:11+00:00
+url: /blog/will-europeans-really-set-free-data-retention/
+heroImage: /images-static/uploads/flag_yellow_low.jpg
+thumbnailImage: /images-static/uploads/flag_yellow_low.jpg
+
+---
+It appears the EU Data Retention Directive [will soon be scrapped][1]. On Thursday, the European Court of Justice General, Pedro Cruz Villalon, said the highly controversial law contravenes the Charter of Fundamental Rights of the European Union. While the statement was not a ruling, the Court of Justice usually follows the opinion of Advocate Generals. But will implementing Villalon's recommendations really free Europeans from mass surveillance?
+
+Firstly, Villalon's findings certainly renew our faith in the EU's ability to rectify its own mistakes. The reversal of opinion, is also a big win for online privacy activists and campaigners, especially for [Digital Rights Ireland][2], which kicked off the court case against the directive back when it was first enacted in 2006 and pursued it all the way to the ECJ in 2010.
+
+Villalon's statement will also validate the justice systems of those EU countries who refused to implement the Data Retention Directive, despite the pressure from politicians. Sweden, Germany and Romania are all facing EU fines due to ruling the law unconstitutional, with Germany being [fined 315,000 Euros per day][3] until it obeys the directive.
+
+**Data retention 2.0**
+
+But if the ECJ does rule in favour of its advocate general, what will change exactly? Well, here's where we can put our cynic hats back on. Let's take a quick look at [what Villalon actually said about the Data Retention Directive.][4]
+
+Firstly, we should remember the advocate general maintains the aims of the directive are valid and that it should remain in place until lawmakers come up with a better solution. However, Villalon agreed with what privacy campaigners have been saying for years, stating that, in its current form, the directive allows authorities to "create a both faithful and exhaustive map of a large portion of a person's conduct strictly forming part of his private life, or even a complete and accurate picture of his private identity."
+
+He also said this type of surveillance would have a "chilling effect" on freedom of expression and that the directive is "as a whole incompatible with Article 52(1) of the Charter of Fundamental Rights of the European Union" because it's "not accompanied by the necessary principals for governing the guarantees needed to regulate access to the data and their use."
+
+So all good stuff, but what the advocate general is essentially saying is the aims of the Data Retention Directive are fine, and the actual process of collecting the data is fine, but there is not enough controls over how the data is accessed by the authorities. For instance, Villalon suggests that citizens must be notified after their data has been looked at. One of the reasons for this, is because the original directive was vaguely written, leaving scope for different countries to interpret what it could and couldn't do with the collected data.
+
+Villalon is also not calling for the directive to be ditched immediately. Rather he says the decision should be suspended in order for lawmakers to address his concerns. So this isn't exactly a scrapping of the Data Retention Directive, nor is it a recommendation that ISPs should no longer be forced to record our internet activity.
+
+**Do you trust the authorities?**
+
+Now lets not rubbish Villalon's recommendations – they're all good and much needed. But he is not proposing an end to mass surveillance. What we really need is to end mandatory data retention altogether. Because as long as the data is being recorded and stored, the risk that it will be abused by the authorities, completely under the radar, will always remain.
+
+But at the moment this is all speculation. It's worth noting that a number of big EU countries ([the UK][5] and [France in particular][6]) are very pro-data retention. So it's by no means certain that Villalon's recommendations will be implemented. We will have to wait until some time next year to hear ECJ's ruling.
+
+ [1]: http://gigaom.com/2013/12/12/european-metadata-law-is-incompatible-with-privacy-rights-top-legal-advisor-says/
+ [2]: http://www.digitalrights.ie/
+ [3]: http://www.pcworld.com/article/256571/germany_taken_to_court_for_failing_to_implement_data_retention.html
+ [4]: http://www.documentcloud.org/documents/894903-191080038-opinion-of-ag-in-digital-rights.html#document/p1
+ [5]: /blog/five-reasons-uk-politicians-hate-internet/
+ [6]: http://www.techdirt.com/articles/20110303/03520213350/
\ No newline at end of file
diff --git a/src/content/es/blog/2013-12-24-concerned-online-privacy-heres-five-us-politicians-keep-eye-2014.md b/src/content/es/blog/2013-12-24-concerned-online-privacy-heres-five-us-politicians-keep-eye-2014.md
new file mode 100644
index 000000000..540c9d04b
--- /dev/null
+++ b/src/content/es/blog/2013-12-24-concerned-online-privacy-heres-five-us-politicians-keep-eye-2014.md
@@ -0,0 +1,65 @@
+---
+title: Concerned about online privacy? Here's five US politicians to keep an eye-on in 2014
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-12-24T10:58:27+00:00
+url: /blog/concerned-online-privacy-heres-five-us-politicians-keep-eye-2014/
+heroImage: /images-static/uploads/800px-Flag_of_the_United_States.svg_-600x315.png
+thumbnailImage: /images-static/uploads/800px-Flag_of_the_United_States.svg_-600x315.png
+
+---
+Last year we rounded-up a selection of the [most anti-online privacy politicians in the US][1], followed by a [similar round-up focusing on the UK][2]. Since then Edward Snowden's PRISM revelations have had a huge impact on the political landscape and have revealed a broad church of politicians who have allied themselves with perhaps the most pervasive spying programme in history. So below we've rounded-up five US politicians who have chosen to back the NSA over the rights of the American people and who are definitely worth keeping an eye-on as we head into the new year.
+
+**Mike Rogers**
+
+![Mike Rogers](/images-static/uploads/rogers.png)
+
+Republican Mike Rogers made our list back in 2012 and it's no surprise that he enthusiastically [backed the NSA's spying programme][4]. Rogers was the main culprit behind the [Cyber Intelligence Sharing and Protection Act][5] (otherwise known as CISPA) that was thankfully hounded out of congress by online privacy campaigners. Since the PRISM revelations, Rogers has made a number of [smear attempts on Edward Snowden][6] and even [offered to pay for Snowden's ticket][7] back to the US to face charges. Perhaps most insulting was Rogers saying [French citizens should be "popping champagne corks"][8] over the fact the NSA spies on them. Charming!
+
+**Lamar Smith**
+
+![Mike Rogers](/images-static/uploads/Lamar-Smith-400x290-300x217.jpg)
+
+Lamar Smith joined a minority of Texan Republicans [to come out in full support of the NSA][10], when he voted against curbing the agency's spying powers. Smith has form when it comes to surveillance legislation. Back in 2012 he [introduced the FISA Amendment's Act][11], which extended the surveillance and spying powers enjoyed by the NSA for another five years. Lamar Smith is also the primary architect behind the failed, and much-maligned, [Stop Online Piracy Act][12] (SOPA) and he tried to [expand the Digital Millennium Copyright Act][13] to make it easier for police to engage in wiretapping over suspected breaches of copyright.
+
+**Al Franken**
+
+![Mike Rogers](/images-static/uploads/franken.png)
+
+Democrat Al Franken may seem an unfair entry on this list, given his [previous comments on online privacy][15] and efforts to introduce a [less draconian CISPA alternative][16], but Franken showed his true colours during the Snowden affair. Firstly, it must be pointed out that Franken [originally supported SOPA and PIPA][17] (but later backtracked), due to receiving a great deal of funding from the entertainment industry, so he never really supported online freedoms in a genuine sense. Nevertheless, Franken's [attempted to whitewash PRISM][18] by saying he was "well aware" of the programme and it's "not about spying on the American people," surprised many. Franken's cosy relationship with the NSA is even more worrying when you consider he's on the [Subcommittee on Privacy, Technology and the Law][19], which looks at data collection in the private sector.
+
+**Dutch Ruppersberger**
+
+![Dutch Ruppersberger](/images-static/uploads/ruppersberger.png)
+
+Democrat Dutch Ruppersberger co-authored CISPA along with Mike Rogers. He's also a member of the House Intelligence Committee, and represents the district that's home to the National Security Agency. So he knows a thing or two about mass surveillance. Perhaps unsurprisingly Ruppersberger [called Snowden a traitor][21] who is "going to cost lives short term and long term." But in case anyone thought the NSA broke any laws Ruppersberger assures everyone: "I'm a lawyer. I was trained to follow the constitution. I'm part of the checks and balances and believe me, no one's going to break the law on my watch." Wow we feel so reassured&#8230;
+
+**Diane Feinstein**
+
+![Diane Feinstein](/images-static/uploads/feinstein.png)
+
+Like Ruppersberger, Democrat Diane Feinstein is the chair of the House Intelligence Committee and she came out very [strongly in favor of PRISM][23], saying the NSA's spying programme was an important tool to stop terrorists. Feinstein [did soften her position when the extent of the NSA's spying on foreign allies was revealed][24], saying she was "totally opposed" to the activity. However, she followed this with a bill drafted to reform the NSA, which has been heavily criticised by activists. [According to the EFF][25], Feinstein's bill "codifies some the NSA's worst practices," including the collection of metadata of phone calls and does nothing to stop the agency from hacking into web services such as Google and Facebook.
+
+ [1]: /blog/americas-most-dangerous-anti-online-privacy-politicians/
+ [2]: /blog/the-uks-top-5-anti-online-privacy-politicans/
+ [4]: http://mikerogers.house.gov/news/documentsingle.aspx?DocumentID=339391
+ [5]: http://en.wikipedia.org/wiki/Cyber_Intelligence_Sharing_and_Protection_Act
+ [6]: http://www.opposingviews.com/i/politics/foreign-policy/war-terror/rep-mike-rogers-falsely-claims-edward-snowden-traded-nsa
+ [7]: http://abcnews.go.com/blogs/politics/2013/12/rep-mike-rogers-id-pay-for-edward-snowdens-ticket-back-to-u-s-to-face-charges/
+ [8]: http://www.politico.com/blogs/politico-live/2013/10/rogers-french-should-be-popping-champagne-over-nsa-176002.html
+ [10]: http://blog.chron.com/txpotomac/2013/07/10-texas-republicans-buck-party-in-vote-to-limit-nsa-data-collection/
+ [11]: http://www.dailydot.com/politics/who-voted-for-fisa/
+ [12]: http://en.wikipedia.org/wiki/Stop_Online_Piracy_Act
+ [13]: http://news.cnet.com/2100-1028_3-6064016.html?part=rss&tag=6064016&subj=news
+ [15]: http://www.huffingtonpost.com/2012/03/30/al-franken-privacy-facebook-google_n_1392442.html
+ [16]: http://www.theverge.com/2012/7/26/3189433/al-franken-cybersecurity-act-of-2012-amendments
+ [17]: http://en.wikipedia.org/wiki/List_of_US_Congresspersons_who_support_or_oppose_SOPA/PIPA
+ [18]: http://www.huffingtonpost.com/2013/06/11/al-franken-nsa_n_3423413.html
+ [19]: http://en.wikipedia.org/wiki/United_States_Senate_Judiciary_Subcommittee_on_Privacy,_Technology_and_the_Law
+ [21]: http://baltimore.cbslocal.com/2013/07/09/rep-dutch-ruppersberger-calls-nsa-leaker-a-traitor/
+ [22]: /images-static/uploads/feinstein.png
+ [23]: http://www.washingtonpost.com/blogs/post-politics/wp/2013/06/06/transcript-dianne-feinstein-saxby-chambliss-explain-defend-nsa-phone-records-program/
+ [24]: http://www.theguardian.com/world/2013/oct/28/nsa-surveillance-dianne-feinstein-opposed-allies
+ [25]: https://www.eff.org/deeplinks/2013/10/sen-feinsteins-nsa-bill-will-codify-and-extend-mass-surveillance
diff --git a/src/content/es/blog/2013-12-30-will-us-government-try-ban-vpns-2014.md b/src/content/es/blog/2013-12-30-will-us-government-try-ban-vpns-2014.md
new file mode 100644
index 000000000..8b559f2ee
--- /dev/null
+++ b/src/content/es/blog/2013-12-30-will-us-government-try-ban-vpns-2014.md
@@ -0,0 +1,33 @@
+---
+title: Will the US government try to ban VPNs in 2014?
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2013-12-30T04:06:23+00:00
+url: /blog/will-us-government-try-ban-vpns-2014/
+heroImage: /images-static/uploads/800px-Flag_of_the_United_States.svg_-600x315.png
+thumbnailImage: /images-static/uploads/800px-Flag_of_the_United_States.svg_-600x315.png
+
+---
+With online privacy coming under increasing attack, it's no surprise that more and more activists, and privacy-conscious internet users, want to shield their internet activity from potential evesdroppers - be they state institutions or private companies. Along with free tools such as TOR and I2P, one of the most popular methods of avoiding online surveillance is signing-up to a commercial Virtual Private Network.  Indeed, there is no shortage of VPN companies on the market, promising to give their customers security, anonymity and peace-of-mind while browsing. But, with the government seemingly waging war against online privacy, is it inevitable politicians will push for a ban?
+
+**VPNs on the rise**
+
+Since the PRISM scandal broke, VPN usage has been on the rise. IVPN saw a 56% increase in sign-ups in the two months following Edward Snowden's revelations. We also <a href="/blog/prism-is-the-biggest-influence-on-vpn-sign-ups/">ran a survey amongst our customers</a> back in August, which saw PRISM listed as the top reason for new VPN sign-ups. This increase in interest was mirrored by a few of our competitors, <a href="http://torrentfreak.com/nsa-spying-and-anti-piracy-laws-boost-demand-for-vpns-130824/">who also saw an uptick in business</a> following the revelations.
+
+Of course, the irony is a VPN will not protect you from the type of surveillance described in the PRISM documents. As you probably already know, the <a href="http://en.wikipedia.org/wiki/PRISM_(surveillance_program)">PRISM programme</a> involved the NSA creating a backdoor into Google, Facebook and other web services, allowing them to access the data held in accounts. VPNs may encrypt your traffic, and obscure your IP address, but if you upload a picture to Facebook, or send an email via Gmail, then that information is stored on Google and Facebook's servers. The only way to stop the NSA accessing that data is to avoid creating it in the first place.
+
+**Data retention**
+
+But VPNs are still likely to catch the attention of governments, not because they undermine PRISM, but because they undermine data retention practices. ISP-level data retention is, generally-speaking, when your internet service provider records the times you access the internet and what IP addresses you connect to, allowing authorities to determine your activity, down to the websites you've visited. Data retention has been<a href="http://en.wikipedia.org/wiki/Data_retention_directive"> mandatory in Europe since 2006</a>, with all ISPs forced to store data for the entirety of a user's subscription and up to two years after they unsubscribe. However, due to fierce opposition within certain EU states, the law <a href="http://gigaom.com/2013/12/12/european-metadata-law-is-incompatible-with-privacy-rights-top-legal-advisor-says/">may be significantly altered next year</a>.
+
+In the US both the <a href="http://news.cnet.com/8301-13578_3-57575160-38/congressman-endorses-data-retention-law-then-backs-away/">Obama administration</a> and <a href="http://news.cnet.com/8301-13578_3-57575160-38/congressman-endorses-data-retention-law-then-backs-away/">Republicans</a> have, at one time or another, pushed for a law similar to the EU Data Retention Directive. But although Washington's ambitions haven't yet been realised, US ISPs <a href="http://news.cnet.com/8301-13578_3-57575160-38/congressman-endorses-data-retention-law-then-backs-away/">still practice data retention voluntarily,</a> with some storing web logs for two years. VPNs may not protect users from PRISM, but they do threaten ISP-level data retention.
+
+**Warning shot**
+
+A warning shot appeared to have been fired back in June, when both Mastercard and Visa <a href="http://www.techdirt.com/articles/20130703/13150923710/">outlawed payments to a number of popular VPN providers</a>. This action followed a high profile case involving a hacker from the group Lulzsec, who had his anonymity compromised because <a href="http://www.thewire.com/technology/2011/09/lulzsec-hacker-exposed-service-he-thought-would-hide-him/42895/">the VPN he was using retained user data</a> (either voluntarily, or because it had been forced to by the FBI). Either way, the revelation caused a major breakdown in trust between VPNs and their customers. Since that incident we've also seen the UK government recently announce plans to implement a nationwide internet content filter that – among other things – <a href="http://www.gizmodo.co.uk/2013/09/uh-oh-uk-porn-filter-also-blocks-vpns/">will ban VPNs from being accessed.</a>
+
+So are VPNs' days numbered? Well, thankfully VPNs can be located all over the world and many companies use them in order to privately access their company intranet, making a blanket ban very tricky. Of course, governments could follow the UK's lead and stealthily ban VPNs via content filters, under the guise of 'protecting the children.' But it must be said circumventing the UK's content filter - or opting out - is not that difficult (although it may make you more noticeable to the authorities). 
+
+The other avenue the government could take is to force VPNs to retain customer data - and it's certainly possible that the EU's data retention law could be interpreted to encompass VPNs also. But for this to work in the US, lawmakers would probably need to implement a larger-scale data retention law that encompasses ISPs. Politicians will surely have to wait until the PRISM revelations are a more distant memory, before trying to push any mass surveillance legislation past the American people.
\ No newline at end of file
diff --git a/src/content/es/blog/2014-01-14-dont-expect-googles-conscious-home-to-keep-things-private.md b/src/content/es/blog/2014-01-14-dont-expect-googles-conscious-home-to-keep-things-private.md
new file mode 100644
index 000000000..eb7460a25
--- /dev/null
+++ b/src/content/es/blog/2014-01-14-dont-expect-googles-conscious-home-to-keep-things-private.md
@@ -0,0 +1,43 @@
+---
+title: Don't expect Google's "conscious home" to keep things private…
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2014-01-14T17:28:14+00:00
+url: /blog/dont-expect-googles-conscious-home-to-keep-things-private/
+heroImage: /images-static/uploads/Google-privacy.jpg
+thumbnailImage: /images-static/uploads/Google-privacy.jpg
+comments:
+  - author: lalala
+    date: 2014-01-26T18:59:06+01:00
+    content: |
+      Then why use Google Analytics on your website? Isn't it weird for a VPN provider? Anonymity is it compatible with this Google tracking service?
+  
+      Alternatives exist, Matomo for example (free software).
+
+---
+Two interesting Google-related news stories broke over the last few days. The first is that France's data protection authority, CNIL, has [issued the search giant with an 150,000 euro fine][1] after ruling its privacy policy violated the French Data Protection Act. And the second is that Google has confirmed the [$3.2 billion purchase of Nest][2], a company that develops internet connected home appliances and – in its own words – wants to "realize our vision of the conscious home." So we have a company that 's repeatedly violated privacy laws buying a company that wants to make your home "conscious" - sounds like the plot of a bad sci-fi movie.
+
+**Impotent regulation**
+
+While it's great news that CNIL has taken action against Google, the penalties imposed are laughable. Google's [last fiscal statement][3] revealed profits of $2.97 billion – and that's just for a single quarter. One hundred an fifty thousand euros is pocket change (despite being the largest fine the CNIL has issued to date) and if that's all the regulator can impose then the message is loud and clear: The regulation is not working. How can you expect companies as big as Google to take laws seriously if the only repercussion is a mild slap on the wrist?
+
+We've been here before when Google was issued with a [$22.5 million fine back in the summer of 2012][4] by the US Federal Trade Commission. That was the biggest fine in the history of the FTC (Google seems to building quite the track record) but, given CNIL's ruling,  it obviously didn't have much of an impact on Mountain View's approach to privacy.
+
+Google's dismissive attitude toward regulators goes back even further. The FTC's record fine was due to Google's inability to submit privacy audits and the privacy audits were requested because Google was [guilty of deceiving users and violating its own privacy policy][5], when it launched the failed social network Buzz.
+
+Even worse was [when Google lied to British and German regulators][6] about collecting data from unsecure Wi-Fi hotspots via its Street Cars. Google said the data collection was a simple mistake, until the US' Federal Communications Commission investigated and discovered the cars were specifically designed to collect the information. What did the regulators do? Pretty much nothing.
+
+**Google too big to fail?**
+
+So now we're expected to believe Google won't violate more privacy laws when it gets to control your toaster. Perhaps Google becoming too big to fail, just like the banks. It's already arguably the most important internet company in the world and has huge resources and a great deal of clout with policy makers. Plus imagine if regulators actually got tough and threatened to limit Google's services in their markets - I'm betting most people would have Google violate their privacy, rather than be cut off from its multitude of services (which span search, email, maps, storage and mobile ecosystems).
+
+Without strong regulators, and with the 'internet of things' around the corner, this situation is only going to get worse. Google has proven over and over again that it cannot be trusted. Now it's bought Nest, it's seems we're steadily marching toward a world where Google's tendrils extend into a multitude of home appliances. Who wants a "conscious home" when the consciousness cannot be trusted to keep things to itself?
+
+ [1]: http://www.theverge.com/2013/9/27/4778272/french-regulator-sanctions-against-google-for-privacy-policy
+ [2]: http://www.forbes.com/sites/roberthof/2014/01/13/look-out-apple-google-just-bought-nest-for-3-2-billion/
+ [3]: http://investor.google.com/earnings/2012/Q4_google_earnings.html
+ [4]: http://mashable.com/2012/08/09/ftc-google-22-5-million/
+ [5]: http://www.pcworld.com/article/242476/ftc_approves_google_buzz_settlement.html
+ [6]: http://www.dailymail.co.uk/news/article-2158307/Google-facing-new-privacy-probe-Street-View-cars-data-theft-alleged-misled-watchdog.html
diff --git a/src/content/es/blog/2014-01-28-individuals-responsible-online-privacy-governments-says-survey.md b/src/content/es/blog/2014-01-28-individuals-responsible-online-privacy-governments-says-survey.md
new file mode 100644
index 000000000..9ce32cdf8
--- /dev/null
+++ b/src/content/es/blog/2014-01-28-individuals-responsible-online-privacy-governments-says-survey.md
@@ -0,0 +1,35 @@
+---
+title: 'Individuals should be responsible for their online privacy, not governments, says survey'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2014-01-28T19:38:18+00:00
+url: /blog/individuals-responsible-online-privacy-governments-says-survey/
+heroImage: /images-static/uploads/it_photo_116356-600x400.jpg
+thumbnailImage: /images-static/uploads/it_photo_116356-600x400.jpg
+
+---
+Microsoft has released a new global privacy survey to coincide with [International Data Privacy Day][1] (which takes place today in case you didn't know). The findings reveal a somewhat confused attitude toward online privacy across both Europe and the US, with respondents claiming to care about online privacy, but at the same time failing to take simple actions, such as reading a company's privacy policy.
+
+You can check out [the full report here][2]. Perhaps the biggest finding is that 40% of all Europeans and 46% of all Americans believe that responsibility for consumers' online privacy rests with the individual. Only 30% of Europeans and 31% of Americans think companies are responsible for their customers' privacy. When it comes to governments, Europeans see a greater role required, with 30% believing states are responsible for protecting privacy compared to 23% in the US.
+
+As you can see from the chart below, a majority of respondents in both Europe and the US believe that companies should implement technological solutions to protect privacy, rather than offer more transparency or give users more privacy controls. This is a worrying attitude because while it makes life more simple for the consumer, it also places a great deal of trust in companies such as Google and Facebook to ensure its systems really are protecting privacy – as we all know [such companies are not deserving of this trust][3].
+
+![Techrole](/images-static/uploads/techrole.png)
+
+Even more disconcerting is the chart below, which shows a majority of respondents (taken from a group Microsoft defines as "tech elites") do not read the privacy policies of services they sign-up to online. Only 23% of actually read the statements before ticking the box. It's easy to blame foolish and ignorant consumers for this behaviour. But I reckon there's very few people who have read every privacy policy they've come across. Surely this is a wake-up call for regulators, and any privacy-concerned companies, to implement more digestable and easy-to-read policies. Some companies get this right, but many policies are plagued by legalise and are too dense for the average consumer to read through.
+
+
+![Terms](/images-static/uploads/terms-600x247.png)
+
+For its part Microsoft says the survey results confirm its belief privacy will be achieved through collaboration with the global community.
+
+> "Baseline privacy legislation, industry self-regulation, user education and technology tools need to come together, which is driving a lot of what Microsoft does," said chief privacy officer Brendon Lynch.
+
+Microsoft also said consumers' preference for privacy through technology is in-line with its recent decision to [implement tracking protection lists][6] for Internet Explorer. However, judging by the results of the survey, it doesn't seem like much is going to change. When asked "what activities are you willing to trade privacy for ease of use" nearly 50% of US respondents said "shopping," while almost 40% said gaming, social networking and banking. It's clear there's a long way to go before people's expectations of privacy match-up with their actual online behaviour and attitudes.
+
+ [1]: http://en.wikipedia.org/wiki/Data_Privacy_Day
+ [2]: http://www.microsoft.com/en-us/twc/privacy/data-privacy-day.aspx
+ [3]: /blog/dont-expect-googles-conscious-home-to-keep-things-private/
+ [6]: http://windows.microsoft.com/en-gb/internet-explorer/products/ie-9/features/tracking-protection
\ No newline at end of file
diff --git a/src/content/es/blog/2014-04-10-heartbleed-passwords-change.md b/src/content/es/blog/2014-04-10-heartbleed-passwords-change.md
new file mode 100644
index 000000000..035d677fc
--- /dev/null
+++ b/src/content/es/blog/2014-04-10-heartbleed-passwords-change.md
@@ -0,0 +1,53 @@
+---
+title: Heartbleed – What passwords to change
+authors: ["Ed Holden"]
+categories: ["Privacy & Security"]
+tags: ["Security"]
+draft: false
+date: 2014-04-10T17:24:26+00:00
+url: /blog/heartbleed-passwords-change/
+comments:
+  - author: James Bryce
+    date: 2014-04-12T10:02:57+02:00
+    content: |
+      Very helpful list, it's nice to have a clear breakdown with all the news stories out at the moment. Thanks guys!
+  - author: Rich
+    date: 2014-04-12T20:12:09+02:00
+    content: |
+      Mashable says YES, change password for Netflix: <a href="http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/#:eyJzIjoiZiIsImkiOiJfdHJhYzIxOWFwd2Npc3pwbCJ9" rel="nofollow ugc">http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/#:eyJzIjoiZiIsImkiOiJfdHJhYzIxOWFwd2Npc3pwbCJ9</a>
+  - author: Barry Rueger
+    date: 2014-04-13T03:21:05+02:00
+    content: |
+      _If a service provider is yet to apply the patch, you should not change your password. Instead, wait until you receive confirmation from an official channel that the servers have been patched._ 
+
+      I probably have log in IDs at at least 50 to 75 web sites here and there. To date not one of them has e-mailed me to say "Hey we fixed it, now change your password."
+
+      This advice is pretty much useless unless system admins are pro-active in letting users know when systems have been patched.
+  - author: David
+    date: 2014-04-13T17:31:32+02:00
+    content: |
+      I seriously question the advice that passwords not be changed until the site has announced that it has applied the fix. This simply leaves the user vulnerable if in fact their password is compromised.
+
+      I think better advice is to identify those sites where compromise would have a serious impact &#8230; e.g., a bank or investment account &#8230; and change those passwords frequently &#8230; e.g., daily &#8230; until AFTER the fix is applied &#8230; be sure to make one last change AFTER the fix.
+
+      Of particular concern would be any email providers for accounts which could be used to recover password access to other accounts.
+
+---
+**Graphic updated on ******16/04 @ 17:37 CEST - (Netflix changes)****
+
+The Heartbleed bug - a major security flaw in OpenSSL - has seriously disrupted the online community this week. OpenSSL is one of the most popular pieces of encryption software, and the bug has potentially exposed millions of user details to hackers.
+
+Some online service providers acted quickly, patching the flaw as soon as it was announced. However, many others have yet to act.
+
+
+If a service provider is yet to apply the patch, you should not change your password. Instead, wait until you receive confirmation from an official channel that the servers have been patched. Only then should you log in and update your details.
+
+Conflicting reports have led to panic - nobody seems to know which sites have been affected, or whether their servers have been patched.
+
+To dispel the confusion, we've created a simple password change checklist. It identifies the major sites which have been affected by Heartbleed - and whether they've patched their servers yet.
+
+[Link to the full graphic][1]
+
+[![Heartbleed - What passwords to change](/images-static/uploads/ivpn_heartbleed_16042014.png)][1]
+
+ [1]: /images-static/uploads/ivpn_heartbleed_16042014.png
diff --git a/src/content/es/blog/2014-06-18-quick-guide-fcc-corruption-infographic.md b/src/content/es/blog/2014-06-18-quick-guide-fcc-corruption-infographic.md
new file mode 100644
index 000000000..d27b3206a
--- /dev/null
+++ b/src/content/es/blog/2014-06-18-quick-guide-fcc-corruption-infographic.md
@@ -0,0 +1,32 @@
+---
+title: A Quick Infographic Guide to FCC Corruption
+# Example: /blog/this-is-a-good-post
+url: /blog/quick-guide-fcc-corruption-infographic/
+highlighted: false
+draft: false
+authors:
+  - Dennis Kügler
+categories:
+  - Privacy & Security
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - Privacy
+date: 2014-06-18T17:41:30.000Z
+# 1920px X 500px
+heroImage: /images-static/uploads/fcc-corrupt-600x271.png
+# 740px X 740px
+thumbnailImage: /images-static/uploads/fcc-corrupt-600x271.png
+---
+The incestuous relationship between the [Federal Communications Commission,][1] and the telecommunications industry it's supposed to regulate, is [very well documented][2]. Numerous FCC executives and employees have left the organisation only to be employed at Comcast and other telcos, while the FCC itself is being run by the former head of lobby groups that would like nothing more than to see net neutrality ground into the dust.
+
+It's clear. The FCC cannot be trusted to regulate on net neutrality in an impartial manner and Americans must do everything in their power to stop the likes of [Tom Wheeler][3] and his cronies from letting [some of the most hated companies in the country][4] screw-up the online eco-system. Below is an infographic  that's designed to give a quick overview of just how intertwined the FCC, ISPs and industry lobby groups really are. A key part of winning this war is spreading as much information about the FCC's compromised interests as we can - so please feel free to share!
+
+**A Quick Guide to FCC Corruption (click to enlarge)**
+
+[![A Quick Guide to FCC Corruption](/images-static/uploads/A-Quick-Guide-to-FCC-Corruption1.jpg)][5]
+
+ [1]: http://en.wikipedia.org/wiki/Federal_Communications_Commission
+ [2]: http://www.vice.com/read/former-comcast-and-verizon-attorneys-now-manage-the-fcc-and-are-about-to-kill-the-internet
+ [3]: http://en.wikipedia.org/wiki/Tom_Wheeler
+ [4]: http://bgr.com/2014/05/20/comcast-twc-customer-satisfaction-survey-study/
+ [5]: /images-static/uploads/A-Quick-Guide-to-FCC-Corruption1.jpg
\ No newline at end of file
diff --git a/src/content/es/blog/2014-07-15-uk-citizens-care-online-privacy-24-hours-two-simple-things.md b/src/content/es/blog/2014-07-15-uk-citizens-care-online-privacy-24-hours-two-simple-things.md
new file mode 100644
index 000000000..aa16502e5
--- /dev/null
+++ b/src/content/es/blog/2014-07-15-uk-citizens-care-online-privacy-24-hours-two-simple-things.md
@@ -0,0 +1,68 @@
+---
+title: 'UK citizens: If you care about online privacy you have 24 hours to do two simple things'
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2014-07-15T14:31:07+00:00
+url: /blog/uk-citizens-care-online-privacy-24-hours-two-simple-things/
+heroImage: /images-static/uploads/1200px-Flag_of_the_United_Kingdom.svg_-600x300.png
+thumbnailImage: /images-static/uploads/1200px-Flag_of_the_United_Kingdom.svg_-600x300.png
+comments:
+  - author: coxy
+    date: 2014-07-15T18:15:03+02:00
+    content: |
+      Thanks for posting this. :)
+  - author: Chris
+    date: 2014-07-15T22:56:15+02:00
+    content: |
+      Done!
+  - author: Tony
+    date: 2014-07-15T23:41:00+02:00
+    content: |
+      "Tell your MP you support the amendment that has been tabled by Tom Watson MP"
+
+      That's funny, because he is my MP.
+
+---
+The UK is currently one of [the worst countries in Europe when it comes to pushing online surveillance laws][1] (if not the worst). Don't let them get away with more of this bullshit without voicing your opposition. Now's the time to press a few buttons in the name of online privacy.
+
+If you're from the UK and you're reading this blog post then you probably have already heard of the UK government's attempt to [rush through new online surveillance measures][2], in a move that has been widely condemned by activists and privacy conscious politicians as undemocratic and non-transparent. The legislation is now heading into the House of Commons. If you care about this stuff there are two really quick things you can do to **make sure you express your opposition!**
+
+## **What is the problem?**
+
+Super quick recap:
+
+  * The EU implemented the [EU Data Retention Directive in 2006][3]. This forced all ISPs in Europe to store the data of customers for your entire subscription period, plus two years after your subscription ends. So basically there's a record of every domain you've visited sitting with your ISP.
+  * In April the EU Court of Justice finally ruled that [this draconian law was a violation of human rights][4].
+  * With the Data Retention Directive on its way out, the UK is now trying to push through the Data Retention and Investigatory Powers bill to replace it. DRIP basically does [all the bad things the EU legislation did and even worse stuff.][5]
+
+## **What should you do?**
+
+There's two things you can do right now:
+
+**1. Send a personal email to your MP**
+
+[This is where you can find out who your local MP is][6]. Once you find this information email your MP with a personal message (or even better call them), explaining that **you are opposed to the Data Retention and Investigatory Powers bill. **
+
+It's important to make the message personal. You can also make it very short, just a couple of paragraphs. But here's a quick outline of the main points you might want to address (edit: also make sure you say the bill is being put to the House of Commons within 24 hours):
+
+  1. Tell your MP you support the amendment that has been tabled by Tom Watson MP, Caroline Lucas MP, and David Davis MP. This amendment brings the bill's "sunset clause" forward to December 31, so that Parliament has a chance to debate its provisions at the end of this year.
+  2. The EU Court of Justice recently ruled blanket data retention incompatible with human rights legislation. This means the EU-wide Data Retention Directive – which was implemented almost a decade ago – will be scrapped or reformed soon. Also point out that a number of European countries, including Germany, never implemented the Data Retention Directive in the first place because they found it violated human rights.
+  3. There is no need to rush through emergency legislation. This bill – especially in the light of Edward Snowden's revelations concerning GCHQ's online monitoring – needs proper scrutiny.
+
+**2. Email the committee of MPs who are reviewing the legislation.**
+
+You've got until Thursday to do this. [Follow the link over here][7] - 38 Degrees have a handy template and email submission form. Or you can copy and paste the email you sent to your MP.
+
+**That's it!**
+
+Obviously parliament is dominated by three parties who all support data retention, so this is an uphill struggle. But it's important to let them know there's a sizable portion of the UK online community who is opposed to such draconian surveillance laws. There are MP's on our side. Let's stop being such pushovers when it comes to online privacy. If enough MPs are swayed then hopefully they'll vote for Tom Watson's amendment and it can buy us more breathing space. Go forth and complain!
+
+ [1]: /blog/five-reasons-uk-politicians-hate-internet/
+ [2]: http://www.independent.co.uk/life-style/gadgets-and-tech/news/new-data-bill-contains-sweeping-surveillance-powers-that-affect-everyone-in-the-uk-9605381.html
+ [3]: http://en.wikipedia.org/wiki/Data_Retention_Directive
+ [4]: http://www.bbc.com/news/world-europe-26935096
+ [5]: https://www.openrightsgroup.org/assets/files/pdfs/reports/DRIP_joint_briefing.pdf
+ [6]: http://www.parliament.uk/mps-lords-and-offices/mps/
+ [7]: https://secure.38degrees.org.uk/page/speakout/government-snooping-committee
diff --git a/src/content/es/blog/2014-08-18-internet-censorship-around-the-world.md b/src/content/es/blog/2014-08-18-internet-censorship-around-the-world.md
new file mode 100644
index 000000000..3d09f2596
--- /dev/null
+++ b/src/content/es/blog/2014-08-18-internet-censorship-around-the-world.md
@@ -0,0 +1,28 @@
+---
+title: Internet Censorship Around the World
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2014-08-18T08:46:26+00:00
+url: /blog/internet-censorship-around-the-world/
+comments:
+- author: Snowden
+  date: 2014-11-15T19:56:57+01:00
+  content: |
+    Hi! I've read that your company was founded by guys from some UK University. I understand that a libertarian people may live everywhere, but we know the fact that UK and USA intelligent services work together in order to spying for everyone on the planet. NSA created Google, Facebook, TOR etc, so we can't trust company from UK even if it's official location in Malta. In other words, how can we trust IVPN and check you are not a honeypot?
+- author: jake
+  date: 2016-02-27T02:32:13+01:00
+  content: |
+    I'd like to see a response to this too
+
+---
+In 2013, Freedom House released a <a href="http://www.freedomhouse.org/report/freedom-net/freedom-net-2013" target="_blank" rel="noopener noreferrer">'Freedom on the Net' report</a>, detailing internet censorship and restrictions around the world. In the report, each country was awarded a 'Freedom on the Net' score out of 100. This was based on three different metrics - limits placed on online content, obstacles to internet access, and violations of user rights. Based on this score, countries were then graded as Free, Partly Free, or Not Free. Some countries - those in grey - were not included in the report.
+
+![Map of Censorship around the World](/images-static/uploads/internet-censorship-map.png)
+
+Online freedom is a hotly contested topic, and one of the biggest political issues of our time. Since its conception, the internet has revolutionised communication, and promoted free speech across the globe. However, some governments see the internet as dangerous and inflammatory. They seek to regulate the net, preventing citizens from freely communicating and collaborating.
+
+The IVPN team have created a [map of internet freedom][1] around the world, based on the 2013 report. IVPN are avid supporters of online privacy, and believe that internet access should be unrestricted for all.
+
+ [1]: /internet-censorship "Map of Internet Freedom around the world"
diff --git a/src/content/es/blog/2014-09-09-americas-worst-anti-online-privacy-politicians.md b/src/content/es/blog/2014-09-09-americas-worst-anti-online-privacy-politicians.md
new file mode 100644
index 000000000..24555e0a5
--- /dev/null
+++ b/src/content/es/blog/2014-09-09-americas-worst-anti-online-privacy-politicians.md
@@ -0,0 +1,65 @@
+---
+title: America's worst 'anti-online-privacy' politicians
+authors: ["Dennis Kügler"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2014-09-09T15:32:34+00:00
+url: /blog/americas-worst-anti-online-privacy-politicians/
+heroImage: /images-static/uploads/onlineprivacyflag-600x315.png
+
+---
+Every year or so we take a look at which [US politicians are making a concerted effort to destroy what little privacy we have left on the web][1]. From CISPA-supporters, to Snowden-haters, these are the people who have firmly planted their flag in the anti-online privacy camp, preferring to support entities who are pushing for surveillance and the curtailing of online freedoms. Some of these politicians are historical offenders, with a track record that stretches over decades, while others are new to the debate. Either way, they all deserved to be named and shamed. So read on and let the hate flow through you.
+
+## America's worst 'anti-online-privacy' politicians
+
+### Mike Rogers
+
+[![Rogers](2)][2]
+
+If someone made a videogame around the online privacy debate then Republican [Mike Rogers][3] would probably be the end of game boss, complete with a predictable AI routine that involves backing anything and everything that involves more surveillance. This is the man that said [you can't have your privacy violated][4] if you don't know it's being violated. He said [French citizens should celebrate the fact that the NSA spies on them][5]. And he offered to pay for Edward Snowden's ticket back to the US to face charges. It therefore comes as no surprise that Rogers is [the architect behind the dreadful CISPA legislation][6], which is still refusing to die. Thankfully, Rogers is [planning to retire from Congress in 2015.][7] Get the party poppers ready!
+
+### Diane Feinstein
+
+[![Feinstein](8)][8]
+
+[Democrat Diane Feinstein][9], who chairs the House Intelligence Committee, has tried to strike a moderate tone when it comes to the online privacy debate in the US (compared to those such as Mike Rogers). But in many ways her occasional criticisms of state surveillance have only made her a more insidious threat. This is no more evident than in Feinstein's efforts to [bring CISPA back from the dead in the form of CISA][10], which many activists claim is worse than the originally proposed surveillance bill. It also worth remembering [Feinstein was initially very much in favor of PRISM][11] – when the program was revealed – before [softening her position][12] when it turned out the NSA was spying on foreign leaders. Feinstein also helped [push FISA through the Senate][13], which allowed the government to continue collect data under secret court orders. But guess what? Feinstein hates it [when her and her own staff are being spied on by the CIA][14]! Oh dear&#8230;
+
+### Howard Coble
+
+[![Coble](15)][15]
+
+Eighty-three year old Republican [Howard Coble][16] has a long track record in not understanding the internet and supporting terrible legislation that's impacted the online space. Most recently he [came out in favor of CISPA][17], no surprise there, but perhaps worse was his [introduction of the Digital Millennium Copyright Act][18] in 1997 to the House of Representatives. Most people reading this will be familiar with the DMCA acronym, which has almost become a byword for online censorship and restriction on free expression. Coble also helped push through the [NET Act in the 90s][19], which made it easier to prosecute people for copyright theft. What a set of credentials!
+
+### Lamar Smith
+
+[![Smith](20)][20]
+
+[Remember SOPA][21]? Yep that's partly this guy's fault. But you have to give some credit to Texas [Republican Lamar Smith][22], as his piracy bill sparked one of the first [global protests over an online policy][23]. A great example of how public sentiment can actually  change things. Of course, SOPA isn't the only evidence of Smith's Big Brother credentials. The congressman also introduced [the FISA Amendment Act in 2012][13], which extended the NSA's spying powers and he attempted to expand the Digital Millennium Copyright Act, so police could more easily wiretap file sharers. Lamar's love of online surveillance also surpasses his loyalty to the great state of Texas. Last year Smith [voted against an amendment to curb the NSA's surveillance powers][24], despite the amendment being backed by a non-partisan majority of Texan House members.
+
+**What do you guys think? Any politicians who also deserve a dishonourable mention? Let us know in the comments.**
+
+ [1]: /blog/americas-most-dangerous-anti-online-privacy-politicians/
+ [2]: /images-static/uploads/rogers.png
+ [3]: http://en.wikipedia.org/wiki/Mike_Rogers_%28Michigan_politician%29
+ [4]: https://www.techdirt.com/articles/20131029/18020225059/mike-rogers-you-cant-have-your-privacy-violated-if-you-dont-know-about-it.shtml
+ [5]: http://www.politico.com/blogs/politico-live/2013/10/rogers-french-should-be-popping-champagne-over-nsa-176002.html
+ [6]: http://en.wikipedia.org/wiki/Cyber_Intelligence_Sharing_and_Protection_Act
+ [7]: http://www.politico.com/story/2014/03/mike-rogers-michigan-house-intelligence-committee-105127.html
+ [8]: /images-static/uploads/feinstein.png
+ [9]: http://en.wikipedia.org/wiki/Dianne_Feinstein
+ [10]: http://www.cispaisback.org/
+ [11]: http://www.washingtonpost.com/blogs/post-politics/wp/2013/06/06/transcript-dianne-feinstein-saxby-chambliss-explain-defend-nsa-phone-records-program/
+ [12]: http://www.theguardian.com/world/2013/oct/28/nsa-surveillance-dianne-feinstein-opposed-allies
+ [13]: http://www.wired.com/2012/09/house-approves-spy-bill/
+ [14]: https://www.techdirt.com/articles/20140311/11492726531/whats-feinstein-so-upset-about-cia-just-spied-senate-intelligence-committee-metadata.shtml
+ [15]: /images-static/uploads/Howard-coble-400x287.jpg
+ [16]: http://en.wikipedia.org/wiki/Howard_Coble
+ [17]: http://ballotpedia.org/Howard_Coble
+ [18]: http://en.wikipedia.org/wiki/Digital_Millennium_Copyright_Act
+ [19]: http://en.wikipedia.org/wiki/NET_Act
+ [20]: /images-static/uploads/Lamar-Smith-400x290.jpg
+ [21]: http://en.wikipedia.org/wiki/Stop_Online_Piracy_Act
+ [22]: http://en.wikipedia.org/wiki/Lamar_S._Smith
+ [23]: http://www.washingtonpost.com/politics/2012/01/17/gIQA4WYl6P_story.html
+ [24]: http://blog.chron.com/txpotomac/2013/07/10-texas-republicans-buck-party-in-vote-to-limit-nsa-data-collection/
diff --git a/src/content/es/blog/2015-01-27-new-ivpn-client-v2-0-windows.md b/src/content/es/blog/2015-01-27-new-ivpn-client-v2-0-windows.md
new file mode 100644
index 000000000..266d78b52
--- /dev/null
+++ b/src/content/es/blog/2015-01-27-new-ivpn-client-v2-0-windows.md
@@ -0,0 +1,100 @@
+---
+title: The all new IVPN Client v2.0 for Windows
+authors: ["Fedir Nepyivoda"]
+categories: ["Releases"]
+tags: ["Apps"]
+draft: false
+date: 2015-01-27T15:28:31+00:00
+url: /blog/new-ivpn-client-v2-0-windows/
+comments:
+  - author: JJ
+    date: 2015-02-14T04:18:36+01:00
+    content: |
+      Great job guys, really nice program, but small problem relating to the old DNS issue like <a href="/knowledgebase/troubleshooting/my-vpn-is-connected-but-i-cannot-browse-the-internet-why/" rel="nofollow ugc">/knowledgebase/troubleshooting/my-vpn-is-connected-but-i-cannot-browse-the-internet-why/</a>
+
+      I used to have to tick box to stop IVPN from setting dns and input opendns but now I have not an option for this, so I can connect but not use IVPN, unless I re-enter dns everytime.
+
+      Thanks for the good work.
+  - author: Anonymous
+    date: 2015-03-06T13:52:02+01:00
+    content: |
+      Nice move, IVPN team! I've set it on always-on. Works flawlessly.
+  - author: Anonymous
+    date: 2015-05-25T19:05:41+02:00
+    content: |
+      Hurry it up on the Mac version will ya? XP Can we get an ETA on it please??
+
+---
+After much hard work we are proud to present our new [IVPN Client for Windows][1]. Behind the completely reworked user interface and improved stability we are thrilled to introduce the IVPN Firewall. When enabled it completely protects your data from leaking outside of the secure VPN tunnel, no matter what.
+
+__Please note__ that this release is for Windows only, we are already working on a similar update for the Mac OSX IVPN client that should be available in the next few months.
+
+![Windows](/images-static/uploads/ivpn-main-window.png)
+
+## IVPN Firewall — Complete leak protection implemented properly
+
+Once enabled the IVPN Firewall integrates deep into the OS using Microsoft's own WFP API ([Windows Filtering Platform API][2]) and filters all network packets. The Firewall is independent of the IVPN client so even if a component of the IVPN Client crashes filtering will continue uninterrupted.
+
+The IVPN Firewall can be configured to switch on automatically during VPN connection or you can enable it manually when you need it. You can even configure the 'always-on' IVPN Firewall to protect the system all the time even before Windows is booted. This will ensure that no traffic will bypass the VPN tunnel even during the boot up phase.
+
+To get a better idea how data is protected by the IVPN Firewall let's review the weak points of any VPN software.
+
+### Network configuration and routing table changes
+
+VPN security relies heavily on the integrity of a systems network configuration, most importantly the routing table. This presents a significant risk if the network configuration and/or routing table is changed inadvertently. This may lead to some or all traffic bypassing the VPN tunnel silently and a complete loss of privacy and anonymity.
+
+A few examples of events that could cause the network to be reconfigured suddenly and without notice:
+
+  * Disconnection from or connection to Wi-Fi or wired network.
+  * Weak Wi-Fi signal which causes Wi-Fi to reconnect.
+  * Awaking from Sleep and/or Hibernation states.
+  * Network errors that force the network adapter to reset.
+  * Third-party security software that reconfigures the routing table for its own needs.
+  * Reboot or configuration change of the network router you are connected to.
+  * Static route addition by the DHCP server.
+  * &#8230; and many others.
+
+The IVPN Firewall completely eliminates these threats by only allowing traffic through the VPN tunnel.
+
+### Boot time protection
+
+Native and third-party Windows services can use your internet connection even before the system is fully booted. Any application installed on your system has the opportunity to connect to a server on the Internet and to exchange data long before you are able to connect to a VPN. However the IVPN Firewall can be configured to protect your system all the time, ensuring that no traffic will leak outside the VPN tunnel even when the IVPN Client, its service, or even Windows is not fully booted. Such traffic will just be filtered out until everything finishes loading and the connection with the VPN is established.
+
+### IPv6
+
+As IPv6 becomes more popular, more and more ISP's and Wi-Fi hotspots around the world allocate an IPv6 subnetwork for their clients along with an IPv4 address.
+
+According to the [Google IPv6 adoption statistics][3] 14.5% of all US traffic is IPv6. Some countries such as Belgium have an adoption rate exceeding 30%.
+
+Its important to understand that when IPv6 is enabled on the network you are connected to it will take precedence over IPv4 for all of connections to hosts with IPv6 support.
+
+This IPv6 traffic will most likely silently bypass your VPN tunnel.
+
+As a result if you have no control over the configuration of the router you are connected to (e.g. a public Wi-Fi hotspot), or when the default configuration of your router is set to announce any IPv6 network your ISP has allocated to you and you haven't disabled IPv6 in your Windows OS (which is enabled by default), you may find that you have IPv6 support which is a major potential threat to your privacy.
+
+When the IVPN Firewall is enabled its impossible for any IPv6 traffic to leak outside of the VPN tunnel, giving you absolute peace of mind.
+
+### Software stability and crashes
+
+All software has bugs and may crash for a variety of reasons. For example, out of memory errors will crash practically any foreground application.
+
+Software designed for security must fail safe in the event of a crash, fully maintaining the security of the host system.
+
+The IVPN Firewall ensures that if the VPN client, any part of the tunnel or Windows OS crashes, no traffic will leave the computer until IVPN Firewall is disabled manually or a new VPN tunnel is established.
+
+### A few screenshots of the new UI
+
+![IVPN Client connected to the VPN with IVPN Firewall enabled.](/images-static/uploads/ivpn-main-connected.png)
+
+![Selecting a server for a VPN connection.](/images-static/uploads/ivpn-server-list.png)
+
+![IVPN Firewall configuration](/images-static/uploads/ivpn-settings-firewall.png)
+
+Try IVPN today by [signing up for one of our subscription plans][4]. We offer a full 7 day unconditional money back guarantee if you are not satisfied.
+
+To download the IVPN Client 2.0 for all versions of Windows please visit the [setup page][1].
+
+ [1]: /apps/
+ [2]: https://msdn.microsoft.com/en-us/library/windows/desktop/aa366510(v=vs.85).aspx
+ [3]: http://www.google.com/intl/en/ipv6/statistics.html#tab=per-country-ipv6-adoption
+ [4]: /signup/
diff --git a/src/content/es/blog/2015-05-26-scheduled-server-maintenance-june-2015.md b/src/content/es/blog/2015-05-26-scheduled-server-maintenance-june-2015.md
new file mode 100644
index 000000000..9b9c59f42
--- /dev/null
+++ b/src/content/es/blog/2015-05-26-scheduled-server-maintenance-june-2015.md
@@ -0,0 +1,28 @@
+---
+title: Scheduled server maintenance – June 2015
+authors: ["Dennis Kügler"]
+categories: ["IVPN News"]
+tags: []
+draft: false
+date: 2015-05-26T09:27:35+00:00
+url: /blog/scheduled-server-maintenance-june-2015/
+
+---
+In preparation for the new Multi-hop network we need to perform maintenance on several servers. Expected downtime is less than 30 mins per server. Only the servers listed below will be affected. Any active connections to the servers below will be disconnected at the time of the upgrade. __All times shown using 24-hour clock__.
+
+### Monday 1st June
+
+| Server | Location | PST | EST | UTC | BST | CEST |
+| ------ | -------- | --- | --- | --- | --- | ---- |
+| nl1.gw (gw1.nl) | Amsterdam | 23:00 | 02:00 | 07:00 | 08:00 | 09:00 |
+
+### Tuesday 2nd June
+
+| Server | Location | PST | EST | UTC | BST | CEST |
+| ------ | -------- | --- | --- | --- | --- | ---- |
+| gb1.gw (gw1.uk) | London | 23:00 | 02:00 | 07:00 | 08:00 | 09:00 |
+| us-tx.gw (gw1.us) | Dallas, TX | 01:00 | 04:00 | 09:00 | 10:00 | 11:00 |
+| gb2.gw (gw2.uk) | London | 02:00 | 05:00 | 10:00 | 11:00 | 12:00 |
+| nl2.gw (gw2.nl) | Amsterdam | 03:00 | 06:00 | 11:00 | 12:00 | 13:00 |
+| us-ut.gw (gw3.us) | Salt Lake, UT | 04:00 | 07:00 | 12:00 | 13:00 | 14:00 |
+| ch1.gw (gw1.ch) | Zurich, CH | 05:00 | 08:00 | 13:00 | 14:00 | 15:00 |
diff --git a/src/content/es/blog/2015-08-26-20-faster-windows-10-less-secure.md b/src/content/es/blog/2015-08-26-20-faster-windows-10-less-secure.md
new file mode 100644
index 000000000..35cfd7956
--- /dev/null
+++ b/src/content/es/blog/2015-08-26-20-faster-windows-10-less-secure.md
@@ -0,0 +1,73 @@
+---
+title: '20% Faster & [Windows] 10% Less Secure'
+authors: ["Ed Holden"]
+categories: ["Privacy & Security"]
+tags: ["Security"]
+draft: false
+date: 2015-08-25T22:21:42+00:00
+url: /blog/20-faster-windows-10-less-secure/
+comments:
+  - author: Ind
+    date: 2015-08-27T04:55:40+02:00
+    content: |
+      You forgot to mention the fact that Cortana watches you on webcam, listens to your microphone and when you turn Cortana off its still active and transmitting back to Microsoft. You can only stop this with host and firewall rules, no switches.
+  - author: Michael
+    date: 2015-08-27T10:49:44+02:00
+    content: |
+      Very interesting post thanks!
+    
+      I'll pass it on to some friends.
+        
+      I still cringe when people ask why I run Linux DD-WRT and VPN, yet they are busting at the seams for this next Windoze Edition and actually still trust Microshaft.
+        
+      Keep up the excellent work IVPN&#8230;.and of course these excellent blogs :)
+  - author: Tim
+    date: 2015-09-27T16:47:16+02:00
+    content: |
+      Alzo do not think using a proxy at the os level will stop that data nack to MS as I and others have proven the OS has a cal home ceature that overixes the OS proxy config and goes direct instead. So yes indeed it will take some very specific firewall configs and frankly I would also dou le heck it does not also bypasss the vpn client config in the same way it does the proxy confif we tested. The answer here would be foe home use to config your router vpn to ivpn thus taking control from the pc os layer. MS is one to learn wht works and win 10 is straight out of Google's play book. By offering the os free they are offering as a service and thus in return they get your data. You will notice the enterprise pro editions ha e real security features as no corp is going to allow its data to go back to ms. 
+
+      The share your Wi-Fi creds is the sthpidezt things ever thought of. Seeing how outlook etc auto add to your contacts. Not everyone you email is a close friend and very well can be an adversary or worse and now you are givi g the free untethered access to your home possibly work networks ans what if gou tend to reuse the same passwords. Consider that your home is full of comm devices all hooked to Wi-Fi. That means with little know how they can listen and watch you thru a xbox kinect or that noce samsung tv wih built in mic and video. 
+
+      But yeh lets share your password creds with your entire contact list. It seems MS has decided you really did not make a user/password for any secuorty reaso at all so shard it with everyone to take care of that inconvenience. I guess thats the new ms strategy higher safer securoty thru no secuirty.. Sounds like someone was doing lsd while reading Art of war
+
+---
+Microsoft's latest operating system Windows 10 has been making waves in the tech world. With an estimated adoption rate of 20.1% in the first 12 months it is a safe bet to say that Windows 10 will be coming soon to a desktop, laptop or tablet near you. While the speed and efficiency benefits of Windows 10 are evident, we must ask ourselves what security implications this brings?
+
+Technology companies such as Google have made headlines time and time again over their shady security practices and the large amount of data they collect about users. Microsoft seems to have taken a lesson from the likes of Google with Windows 10. In this article we will discuss a handful of "features" which are included in Windows 10 and enabled by default and how they compromise our everyday security. As consumers we have the right to privacy and that includes privacy about our daily activities and browsing activities. These are facts about our lives and how we spend our time which we should share only should we find it necessary and not something we should be obligated to share for the profit of another company.
+
+Windows 10 by default takes the very friendly choice of automatically going through most of your personal data including contacts, calendar, mail and messages with the guise of improving your Windows experience. Information collected from the Operating System is linked with an individualized ID ("Advertising ID") assigned to you. This information is then uploaded to the Microsoft servers where it is used for the purpose of making your Windows experience better and your operating system smarter.
+
+Smarter means more involved. If you decide security is for you and encrypt your hard drive then Windows automatically stores that data on One Drive which opens up its own set of security issues. The security violations mentioned above go further as Microsoft's own security policy (See here: http://www.microsoft.com/en-us/privacystatement/default.aspx) state that Microsoft can scan and analyze all information that passes through their services (including outlook, MSN and live) in addition to information obtained from Cortona (enabled by default in Windows 10) - including but not limited to searches, reminders, notes and actions. Your location is also recorded via GPS hardware or Wi-Fi location data if available.
+
+Should you allow the default settings when installing Windows 10 or during an upgrade you will be consenting to all of the above. The good news is that there is something you can do about it. You can protect your privacy with a few easy steps which we will discuss below.
+
+**Privacy Settings**
+
+1. Search for Privacy from the start menu
+2. Turn off the following options:
+  * "Send Microsoft information about how I write"
+  * "Let apps use my Advertising ID"
+  * "Location"
+
+**Advertising ID**
+
+1. Search for advertising
+2. Open the "Choose if apps can use my advertising ID" option
+3. Disable the advertising ID
+
+We also suggest disabling Windows 10's new "Wi-Fi Sense" feature which in essence uploads your Wi-Fi passwords to the cloud and then shares them with all of your contacts so that they can "borrow" your Wi-Fi networks. While this may seem like a handy feature you must consider the security risks that this poses. Protecting your Wi-Fi network can be a crucial part of your regular security regimen and we suggest you disable this feature. Please read on to find out how.
+
+**Disable Wi-Fi Sense**
+
+1. Open the Settings pane in Windows 10
+2. Locate "Change Wi-Fi Settings"
+3. Scroll down past your list of Wi-Fi networks
+4. Locate and Disable "Wi-Fi Sense"
+
+While disabling the above options will make Windows 10 "dumber" and disable many of its "learning" abilities it will also make Windows 10 a lot more secure. Everything comes at a price and smarter electronics often come at the price of less security. In modern electronics security should be the priority and not an option, unfortunately that is not the choice of many major tech companies.
+
+At IVPN we value your security. We do not store personal information about our clients, we do not keep logs and we do not assume that security is secondary to "software intelligence".  If you care about your privacy you can follow the simple steps above to make Windows 10 more secure. We also suggest using a high quality security focused VPN such as IVPN.
+
+We have a live chat team available for inquiries anytime. Happy surfing and stay safe.
+
+-IVPN Team
diff --git a/src/content/es/blog/2015-10-28-port-forwarding-reservations-now-available.md b/src/content/es/blog/2015-10-28-port-forwarding-reservations-now-available.md
new file mode 100644
index 000000000..8ca0e10f2
--- /dev/null
+++ b/src/content/es/blog/2015-10-28-port-forwarding-reservations-now-available.md
@@ -0,0 +1,32 @@
+---
+title: Port forwarding reservations now available
+authors: ["Dennis Kügler"]
+categories: ["Releases"]
+tags: ["Privacy"]
+draft: false
+date: 2015-10-28T17:26:24+00:00
+url: /blog/port-forwarding-reservations-now-available/
+
+---
+
+
+> July 2023 update: Port Forwarding is being phased out from the IVPN service and is no longer offered to new customers.\
+> You can find more information in a [blog post][1] about this change.
+
+
+Today we are excited to release the first of many upgrades to our network, **reservation based** port forwarding. Port forwarding is an advanced feature for customers who need to run servers whilst connected to IVPN (for more info see [what is port forwarding?][2]).
+
+**Please note:** If you do not understand port forwarding then you almost certainly do not require it and we strongly recommend that you leave it disabled as it can introduce security risks.
+
+Previously if you had port forwarding enabled, when you connected to a server you were required to login to the client area on the website to check which port number had been assigned to you. However if you disconnected at any time and reconnected to a new server you would receive a new port number. Our new port forwarding system enables you to login to the client area and reserve a port which will be assigned to you indefinitely, every time you connect to a server you will receive the same port number. No more having to reconfigure your software!
+
+To reserve your port, simply login to the [client area][3] and click on your username and then the **Configure Port Forwarding** link. You can then enable port forwarding (if you haven't already) and retrieve your long term port reservation. Please note that both UDP and TCP traffic will be forwarded on your reserved port.
+
+**Note:** If you do not login to the network for 14 days your reservation may be released and you will be required to login to the client area and reserve another port.
+
+In the next week we will be releasing our highly anticipated new Multi-hop network together with major updates to the Windows and OSX clients. Stay tuned and follow us on twitter at [@ivpnnet][4].
+
+ [1]: /blog/gradual-removal-of-port-forwarding/
+ [2]: /knowledgebase/general/what-is-port-forwarding/
+ [3]: /clientarea/
+ [4]: https://twitter.com/ivpnnet
diff --git a/src/content/es/blog/2015-11-26-introducing-the-ivpn-client-v2-4-for-windows-osx.md b/src/content/es/blog/2015-11-26-introducing-the-ivpn-client-v2-4-for-windows-osx.md
new file mode 100644
index 000000000..06cac2cd5
--- /dev/null
+++ b/src/content/es/blog/2015-11-26-introducing-the-ivpn-client-v2-4-for-windows-osx.md
@@ -0,0 +1,93 @@
+---
+title: 'Introducing the IVPN client v2.4 for Windows & OSX'
+authors: ["Ed Holden"]
+categories: ["Releases"]
+tags: ["Apps"]
+draft: false
+date: 2015-11-26T18:34:57+00:00
+url: /blog/introducing-the-ivpn-client-v2-4-for-windows-osx/
+comments:
+  - author: Maarten Billemont
+    date: 2015-11-30T22:27:45+01:00
+    content: |
+      Wonderful news!
+
+      Are there any plans to publish the source code for these clients under a Free Software license so that we can build it ourselves and don't need to rely on pre-built binaries?
+  - author: Mr. A. Dog
+    date: 2015-12-15T11:46:54+01:00
+    content: |
+      I am very happy that you have the Firewall features in Mac OSX now. Bravo!
+  - author: MK
+    date: 2016-04-04T17:49:09+02:00
+    content: |
+      The firewall feature is excellent. Thank you! I now have version 2.6 on OSX, and I have 2 feature suggestions:
+
+      1. If there were some way to see what the current upload / download speed is. Perhaps this could be done via mousing-over the iVPN icon (just as with the Tunnelblick icon).
+
+      2. If it were possible to have a sound play upon connection and a (different) sound play up on disconnection. I liked this about Tunnelblick.
+        
+      Thank you!
+  - author: Gerhard
+    date: 2016-06-16T23:51:17+02:00
+    content: |
+      Please also brings a client for Ubuntu / Kubuntu &#8230; out.
+  - author: SmallTownPleb
+    date: 2016-07-26T12:26:34+02:00
+    content: |
+      Is macOS Sierra compatible with this client? I know this new OS broke my Logitech peripherals.
+  - author: Ed Holden
+    date: 2016-07-26T17:01:15+02:00
+    content: |
+      Not yet, we're still testing, a lot of new changes in Sierra which require updates to the OSX app. We will release updates ASAP to ensure full compatibility before release.
+  - author: LKO
+    date: 2016-11-05T15:54:35+01:00
+    content: |
+      Great work IVPN - very happy to see this!
+
+      Are there plans to release an iOS app? At this stage the OpenVPN works but it's not reliable.
+  - author: Dennis Kügler
+    date: 2016-11-07T12:34:07+01:00
+    content: |
+      Yes, we're actively developing an iOS client and hoping to release v1 before the end of the year.
+  - author: Liam
+    date: 2016-11-07T16:49:04+01:00
+    content: |
+      Amazing! Thank you for your response. Keep up the great work - you've also kept me as a customer now.
+  - author: Nick
+    date: 2017-01-02T02:58:05+01:00
+    content: |
+      Is this fully open-source? If not, it hardly matters what features you put in, as it'll be untrustworthy at a fundamental level. The client does look sleek though - but where's the Linux version? Must say its strange to completely ignore Linux, but attempt to push out iOS versions. Also, what's the point of your "multi-hops" - which enemies are you trying to avoid? It seems like its just marketing, because the hops are done by the same company. So if someone was wiretapping IVPN, your multi-hops wouldnt do a thing to stop them, unless the traffic is tunnelled again, to hide the contents of it.
+  - author: LKO
+    date: 2017-01-09T19:29:09+01:00
+    content: |
+      Any updates on the iOS client?
+
+---
+We're thrilled to releasing major new updates to our IVPN client for Windows and OSX. We've listened carefully to customers and this release addresses almost every feature request we've had in the past year. We've put extra effort onto the OSX client as it has previously not received as much attention as the windows client. That's also changing as both clients are built from a common code base. All future releases of the IVPN client software will be for both OSX and Windows at the same time. To facilitate this we have aligned the OSX client version with that of the windows version, 2.4
+
+## Full mesh Multi-hop network support
+
+For both clients, we have introduced the capability to multi-hop on our <a href="/blog/multihop-v2-network-now-available/" target="_blank" rel="noopener noreferrer">new full mesh network</a>. When you connect to an entry server using multi-hop, your traffic will be routed securely and directly to the exit server for maximum performance (no intermediate servers). Both IVPN clients have updated versions of OpenVPN and the obfsproxy transport (useful if you're in China etc.) and a significant number of bugs have been squashed making this by far the most stable release we have published.
+
+## IVPN Firewall - Robust leak protection for OSX
+
+The OSX client has the same robust IVPN Firewall that we introduced for the Windows client earlier this year. The IVPN Firewall ensures full protection against data leaks by implementing low level firewall rules using OSX's native PF firewall. It doesn't matter if your connection drops or  your network configuration changes, the only exit for packets is through the VPN tunnel until it is explicitly disabled, providing a significant increase in your privacy and security.
+
+The firewall is independent of the IVPN client so even if a component of the IVPN Client crashes filtering will continue uninterrupted. The IVPN Firewall can be configured to switch on automatically during VPN connection or you can enable it manually when you need it. You can even configure the 'always-on' IVPN Firewall so it starts before any other processes, ensuring that no traffic will bypass the VPN tunnel even during the boot up phase.
+
+In addition, the IVPN Firewall protects against data leaks as a result of network configuration and routing table changes, IPv6 leaks and software crashes. For more information about how these types of leaks occur see our previous post on the <a href="/blog/new-ivpn-client-v2-0-windows/" target="_blank" rel="noopener noreferrer">IVPN Firewall for Windows</a>.
+
+## New UI for OSX
+
+![Home screen for IVPN Client](/images-static/uploads/osx-client-homescreen.png)
+
+![IVPN client connected](/images-static/uploads/osx-client-connected.png)
+
+![IVPN client - exit selection](/images-static/uploads/osx-client-exit-server.png)
+
+![OSX client preferences](/images-static/uploads/osx-client-preferences.png)
+
+## Download links
+
+  * <a href="/apps-windows/" rel="noopener noreferrer">IVPN client for Windows 7/8/10</a> (<a href="https://github.com/ivpn/desktop-app-ui/blob/master/CHANGELOG_windows.md" target="_blank" rel="noopener noreferrer">changelog</a>)
+  * <a href="/apps-macos/" rel="noopener noreferrer">IVPN client for OSX 10.7+</a> (<a href="https://github.com/ivpn/desktop-app-ui/blob/master/CHANGELOG_macos.md" target="_blank" rel="noopener noreferrer">changelog</a>)
diff --git a/src/content/es/blog/2015-11-26-multihop-v2-network-now-available.md b/src/content/es/blog/2015-11-26-multihop-v2-network-now-available.md
new file mode 100644
index 000000000..5002a699b
--- /dev/null
+++ b/src/content/es/blog/2015-11-26-multihop-v2-network-now-available.md
@@ -0,0 +1,44 @@
+---
+title: Multi-hop v2 network now available
+authors: ["Ed Holden"]
+categories: ["Releases"]
+tags: ["Apps", "Privacy"]
+draft: false
+date: 2015-11-26T18:30:19+00:00
+url: /blog/multihop-v2-network-now-available/
+comments:
+  - author: Adam vij
+    date: 2017-01-02T03:00:06+01:00
+    content: |
+      I would like to see what you think about:
+
+      <a href="https://airvpn.info/topic/15854-airvpn-must-offer-multi-hop-double-vpn-and-tor-overvpn-in-openvpn-config/?p=52124" rel="nofollow ugc">https://airvpn.info/topic/15854-airvpn-must-offer-multi-hop-double-vpn-and-tor-overvpn-in-openvpn-config/?p=52124</a>
+
+      Since I am considering signing up for IVPN, but your multi-hop seems a bit.. pointless?
+  - author: John
+    date: 2017-04-21T06:48:22+02:00
+    content: |
+      i think the multi hop is great and the only reason I will join.
+  - author: Micheal
+    date: 2018-09-07T09:55:45+02:00
+    content: |
+      Taking guidance from a blog about <a href="https://www.bestvpnguru.com/best-multi-hop-vpn-chain/" rel="nofollow">Multi Hop VPN</a> and comparing your features with it&#8230;. I think it will be a good idea to join in.. Thanks a lot.
+  - author: Oliver
+    date: 2020-04-02T17:11:05+02:00
+    content: |
+      Multi hop is a amazing feature and everyone should try this :)
+
+---
+We're extremely excited to launch the much anticipated multi-hop v2 network today. This new network has been built from scratch to offer the highest levels of performance and privacy based on our experience running a VPN network over the last 6 years.
+
+Every server in the network is now both an entry and exit server. When you connect you can choose both where your data will enter into our network and where it will exit providing significantly more flexibility over our existing 3 location setup. Multi-hop is an important privacy  technology as it makes traffic analysis significantly more difficult for adversaries to correlate traffic entering our network with that exiting it. Adversaries would at a minimum require access to the data centers in two different jurisdictions at them same time to identify the source of a connection.
+
+We've invested significant time developing a full mesh network so all connections between servers are direct (unlike a hub and spoke model), thereby ensuring the maximum possible speed whilst relaying traffic through multiple servers. Multi-hop servers are located in different countries so it does however come with the cost of higher latency and lower speeds. Customers should therefor <a href="/privacy-guides/will-a-vpn-protect-me/" target="_blank" rel="noopener noreferrer">carefully consider their threat model</a> when deciding whether it is necessary to use the new multi-hop network over the existing singlehop network which will always be the fastest.
+
+To use the new multi-hop network you can use our <a href="/blog/introducing-the-ivpn-client-v2-4-for-windows-osx/" target="_blank" rel="noopener noreferrer">latest IVPN v2.4 client</a> launching today or any OpenVPN compatible client. When using a non-IVPN client simply append the short name (2 letter country code) of the exit server to your username e.g. if you connect to the UK server with the username **ivpn123456@ro** then your traffic will enter the VPN in the UK and exit in Romania. Of course if you are using the latest IVPN client v2.4 then this configuration is fully transparent.
+
+The DNS servers for multi-hop connections are now positioned in the exit location. Previously if you connected to UK->NL your DNS requests would be resolved by a DNS server based in the location where you connected i.e. the UK. Now your requests will be forwarded through the tunnel to a DNS server in the exit location (in this case NL). This again mitigates the risk of traffic analysis thereby improving your security.
+
+As mentioned in the <a href="/blog/port-forwarding-reservations-now-available/" target="_blank" rel="noopener noreferrer">previous blog update</a>, we now have a reservation based port forwarding system so you can keep the same port number for as long as you want. In addition to port forwarding on the standard singlehop network you can also use port forwarding on the multi-hop network. So if you activate port forwarding and connect to UK->NL, any traffic sent to the server in NL on your assigned port will be forwarded through the VPN to the UK server and then through the VPN to your device.
+
+We hope you're as excited about these developments as we are. If you have any feedback we'd love to hear it - <feedback@ivpn.net>.
diff --git a/src/content/es/blog/2016-01-21-should-gibraltar-be-classified-as-a-member-of-the-five-eyes-alliance.md b/src/content/es/blog/2016-01-21-should-gibraltar-be-classified-as-a-member-of-the-five-eyes-alliance.md
new file mode 100644
index 000000000..26b568a3c
--- /dev/null
+++ b/src/content/es/blog/2016-01-21-should-gibraltar-be-classified-as-a-member-of-the-five-eyes-alliance.md
@@ -0,0 +1,129 @@
+---
+title: Should Gibraltar be classified as a member of the 'five eyes' alliance?
+authors: ["Ed Holden"]
+categories: ["IVPN News"]
+tags: ["Privacy"]
+draft: false
+date: 2016-01-21T08:42:33+00:00
+url: /blog/should-gibraltar-be-classified-as-a-member-of-the-five-eyes-alliance/
+comments:
+  - author: ThatOnePrivacyGuy
+    date: 2016-01-21T19:20:17+01:00
+    content: |
+      ThatOnePrivacyGuy here,
+
+      I'm inferring that this blog post is in direct response to my VPN Comparison Chart in which I mark Gibraltar as a "Fourteen eyes country" (with a note explaining Gibraltar itself isn't a fourteen eyes country, but it is a British Overseas Territory of the UK, which is). I have created a thread on reddit on the /r/vpn subreddit where I will respond to questions and comments and in which I have posed the question to the community after providing the information I originally used to make this decision. The relevant thread can be found here:
+
+      <a href="https://www.reddit.com/r/VPN/comments/421973/should_gibraltar_be_classified_as_a_fourteen_eyes/" rel="nofollow ugc">https://www.reddit.com/r/VPN/comments/421973/should_gibraltar_be_classified_as_a_fourteen_eyes/</a>
+  - author: ThatOnePrivacyGuy
+    date: 2016-01-21T21:12:35+01:00
+    content: |
+      ThatOnePrivacyGuy here,
+
+      After some consideration, I have changed my VPN Comparison Chart in the /r/vpn sidebar to show Gibraltar NOT as a Fourteen Eyes Country, but I have left the note that was there in place as a warning for the reasons discussed in my thread.
+  - author: Michael
+    date: 2016-01-25T04:32:06+01:00
+    content: |
+      It's clear to see how these Alliances have been operating for probably longer than we realised. Australian's wanted to cut ties to the Commonwealth quite some time ago but of course that did not eventuate. Aus ticks a lot of boxes from above but that one tie to the "Commonwealth" keeps us in the FVEY's.
+    
+      I have noticed using IVPN tuneling via the UK recently that there have been "Read this about changes in how we handle your data" type notices on G0ggleye sites.
+        
+      Switch to the US or NL and the notice is gone. It seems the UK are digging their claws in. I guess most will click "Okay I got it" rather than read it.
+
+      Privacytools.io has and maintains a very informative collection of tools and explains the 5-14 eyes agreements for anyone who is interested.
+
+      Thanks for the informative blog post @Ed Holden.
+  - author: Anonymous
+    date: 2016-02-28T22:09:12+01:00
+    content: |
+      Gibraltar is a British territory, so although it isn't a part of the UK and has its own parliament and judiciary, the UK is still responsible for its defense and foreign policy.
+
+      This means that Gibraltar is within GCHQ's jurisdiction through the UK's membership in the Five Eyes, the Nine Eyes, and the Fourteen Eyes.
+  - author: Crypto | Seb
+    date: 2016-04-26T07:54:43+02:00
+    content: |
+      I am sort of on the fence with this one. Do I believe that Gibraltar is able to be controlled by high authority government entities within the UK? Yes. Do I think this is at all likely to happen? No. Let me do some explaining.
+
+      I have always told people that security, privacy and anonymity come in multiple levels. In this day and age, we can't just rely on a home security system to keep us safe and never lock our front door. The same applies for the digital world as well. In the Reddit post, someone mentioned "for OPSEC purposes.." and I immediately saw the flaw in that because one would be outright foolish to place their unconditional trust in a VPN company if it was life or prison for them.
+
+      I am a firm believer that IVPN is standing up for our privacy in the digital world on incredible levels. I also believe they could improve the system to garner more trust from their user-base (which I would happily discuss with their admins :P). But in the end, they are a great job at providing a service that is secure and keeps who we are anonymous and what we do private. Should they receive such a high-powered lawful request to turn on logs and identify a customer, from an Intelligence agency like the GCHQ, it is you who is at fault if they are able to fulfill this request and come knocking on your door with a search warrant. Placing all your eggs in one basket is a surefire way to get owned. 
+
+      Chaining multiple VPNs together or using the Tor Browser on top of IVPN is not only easy to do, but can only further the anonymity you acquire. **
+
+      Crypto | Seb
+
+      <a href="https://twitter.com/cryptoseb" rel="nofollow ugc">https://twitter.com/cryptoseb</a>
+  - author: Will
+    date: 2016-12-28T21:48:19+01:00
+    content: |
+      iVPN should get a lot of credit for being transparent about what they can and cannot do. On this topic, the crucial question is probably data retention. Can the jurisdiction of the company's incorporation compel iVPN to keep and turn over customer data, including actual internet traffic, logs, and other items related to clients? iVPN's data privacy policy is spelled out here:
+
+      <a href="/privacy/" rel="nofollow ugc">https://www.ivpn.net/privacy/</a>
+
+      That's about as good as it gets for vpn services. If your vpn service does not keep the data, they can't turn it over to whoever compels them to do so.
+
+      That is not completely bulletproof, but it is a good start. As far as Gibraltar goes, it is a British Overseas Territory, and each territory has differences in how it is governed. Unlike British Crown Dependencies (the channel islands, Isle of Mann) territories can have varying degrees of separation from the UK government. If GHCQ (that large Doughnut shaped building in Cheltenham) is listening to internet traffic in and out of Gibraltar, what would they "hear"? iVPN's entry and exit node servers are not in Gibraltar. The British government is responsible for Gibraltar's defense and foreign policy, so could some part of it compel a private Gibraltarian company like iVPN to hand over client data, or force it to "split tunnel" or "mirror" their server traffic in foreign countries?
+
+      It may be possible, but unlikely. Gibraltar is self-governing, and it would be a stretch for the Brits to ask for this. Gibraltar is pretty good when it comes to the privacy of companies incorporated there, so they would be unlikely to go along.
+
+      I would worry about the Brits, but I would worry a lot more about the American and EU governments, and, at the moment, Spain. The EU might have good data privacy laws for individuals, but for companies like iVPN it might be different. Spain after the Brexit vote now wants "co-sovereignity" over Gibraltar, which the citizens of Gibraltar have fiercely rejected (and rightly so).
+  - author: Ken Westmoreland
+    date: 2017-06-08T20:56:08+02:00
+    content: |
+      Australia has never sought to 'cut ties' with the Commonwealth of Nations- the majority of Commonwealth members are republics, and had the referendum in 1999 gone the other way, existing agreements like the Five Eyes agreements would have remained the same.
+
+      In theory, the UK still has the right to legislate for Gibraltar and suspend its Constitution (just as it did that of another Overseas Territory, the Turks and Caicos) whereas the 1986 Australia Act removed the UK Parliament's right to legislate for Australia - in addition, the Privy Council was also removed as Australia's highest court of appeal. 
+
+      In conclusion, not the same as Australia.
+  - author: NaiveSinner
+    date: 2017-09-12T02:34:46+02:00
+    content: |
+      Er guys, the spooks have been seen to break the law, time and time again. That's why giving them more power is dangerous. If it's a serious case like stopping a terrorist nuke or WMD no one is going to give a sh1t, but most of the spying by volume by definition of mass surveillance, has 0% to do with that. Thus, breaking the law, it is encouraging love of the power that the technology gives them, mission-creep and corruption by power, plain and simple. An Age-old problem for humans. The same failure of restraint that some extremist is doing, just different tools and a lot more cold-blooded. So, why is the discussion about whether spying is happening under the laws of the UK / Gibraltar? What about illegally? Thus the geographic region is irrelevant! When they have secret courts where you don't get to challenge the evidence? That's dangerous, to assume that they aren't doing something, just because it is illegal to do it&#8230; With the ignorant corrupt culture in the UK today, who's to stop them? They know it's like that! Superhumans don't exist, and power corrupts, end of story. They're spooks - at least some of whom are the best professional liars in the UK, arguably. Or certainly are working hand-in-hand with their counterparts in Westminster. All this debate, implying they cannot use something against you in legal proceedings because it was gathered illegally, which is NOT a point of law in the UK. There, even cops can lie and break the law to gather evidence but the evidence is still admissible - shameful and rights-abusing but true - that "evidence must be gathered legally" is the USA you're thinking about. So, sure, RIPA and IPA don't apply (or do?) so one of the TENS of UK Gov agencies that have powers to snoop on you since RIPA (let alone the Investigatory Powers Act) won't have such an easy time doing so&#8230; but you're naive if you think they go so far into intelligence gathering via electronic means, but suddenly stop at the Gibraltan border etc. The UK maintains a whole base in Cyprus for one reason only: Sigint. Well, maybe the sexy Cypriot women help sway it, but people need to realize the mentality of these British Government / Establishment people. They are power-crazy. Now, obviously your threat model may fear none of that, it doesn't matter, etc. But they (Gov ministers) keep talking about banning encryption, guys! Like it was an any-way-near sane option to consider! Scary times, and I don't want to sow FUD, honestly. It's just&#8230; well, naivety in others is a tool they use, too, remember that.
+
+---
+There is a widely circulated misconception that Gibraltar is a part of the United Kingdom (UK). This misconception is reflected in the apparent classification of Gibraltarian VPN service providers as UK service providers. Such a classification misleads the users of Gibraltarian VPN services (such as IVPN) by giving them the false impression that Gibraltarian VPN services are governed by the UK laws and hence are subject to the signals intelligence sharing of the [five eyes][1] or 'fourteen eyes' alliances.
+  
+The purpose of this article is to demonstrate that Gibraltar is not a part of the United Kingdom (UK) and, therefore, Gibraltarian VPN service providers are not subject to the intelligence sharing alliance of the 'five eyes'. In Section 2, an examination of the relationship between Gibraltar and UK is provided. Section 3 contains arguments showing that Gibraltar is not a part of the UK. In Section 4, a conclusion is drawn. 
+
+## What is the relationship between Gibraltar and UK?
+
+The main relationship between Gibraltar and UK stems from the fact that the British monarch is the head of state of both Gibraltar and UK. However, such a relationship is not enough to make Gibraltar a part of UK. For example, no one argues that Andorra is a part of France although the President of France is the head of Andorra (together with the Spanish/Roman Catholic Bishop of Urgell). 
+
+## Arguments showing that Gibraltar is not a part of the UK
+
+Gibraltar is not a part of the UK due to the following reasons:
+
+  * Gibraltar has its own system of governance, including a parliament and a government. The members of these two institutions are elected by the Gibraltar electorate. The parliament has 17 members, whereas the government consists of 10 members. The [official website of the Gibraltar parliament][2] states that the "the Gibraltar Parliament is the heart of democracy in Gibraltar and the rock foundation of the sovereignty of 'Gibraltarians' in the widest sense". 
+      * Gibraltar is not governed by the UK laws, but by legislation which suits Gibraltar's own particular requirements and not the UK requirements.
+      * The [Gibraltar Legislation Support Unit][3] (LSU), together with ministers and government departmental officials, is responsible for drafting the Gibraltarian legislation. The Gibraltarian legislation is not drafted by the UK Office of the Parliamentary Counsel (an institution responsible for drafting all UK government Bills).
+      * Gibraltar has its own independent legal system. The Supreme Court of Gibraltar has unlimited jurisdiction to resolve any civil or criminal disputes. Other judicial institutions in Gibraltar include: the Court of Appeal of Gibraltar, Court of First Instance, and Magistrates' Court.
+      * Gibraltar uses its own currency (the Gibraltar pound) which is controlled by Gibraltar's government.
+      * Gibraltar is not officially represented in the UK parliament.
+      * Gibraltar is excluded from 4 areas of EU policy, namely, Customs Union, Common Commercial Policy, Common Agriculture Policy, Common Fisheries Policy. In comparison, the UK is obliged to comply with all those four areas. If Gibraltar was a part of the UK, the EU policies applying to UK would have applied to Gibraltar as well.
+      * Gibraltar is not obliged to comply with neither UK nor EU VAT rules. See [Article 28 of the 1971 UK Assession Treaty][4]. 
+          * The [Gibraltar Constitution Order 2006][5] clearly states that the Constitution of Gibraltar gives the people of Gibraltar a degree of self-government.
+          * The taxation in Gibraltar differs significantly from the taxation in UK. In comparison with UK, no corporate tax is levied on income which is not accrued in and derived from Gibraltar.
+          * The law enforcement in Gibraltar is in the hands of the Royal Gibraltar Police Force, not in the hands of the UK Police.
+          * The British Foreign and Commonwealth Office pointed out that Gibraltar is a separate territory enjoying the individual and collective rights accorded by the Charter of the United Nations.
+          * The British government clearly supported the right of self-determination of the people of Gibraltar.</ul> 
+        ## Conclusion
+        
+        In the light of the aforementioned observations, it can be concluded that Gibraltarian VPN service providers should not be classified as UK service providers and hence are not subject to the signals intelligence sharing of the 'five eyes' or 'fourteen eyes' alliances. To do the opposite would mean to disregard the important difference between the regulatory regimes applying to Gibraltar and UK. For example, Gibraltarian VPN service providers are not obliged to comply with the comprehensive UK laws regulating the information society (e.g. [UK Digital Economy Act 2010][6]).
+        
+        Hence, the UK government is not entitled to conduct direct surveillance of Gibraltarian VPN networks. For example, the UK [Regulation of Investigatory Powers Act 2000][7] (RIPA) allows certain UK public bodies to demand that a VPN service provider provides access to a customer's communications in secret. RIPA does not apply to Gibraltar. 
+        
+        Even the data protection authorities of Gibraltar and UK are different. The data protection authority of Gibraltar is called [Gibraltar Regulatory Authority][8] (GRA). The GRA supervises the enforcement of the [Data Protection Act 2004][9], a Gibraltarian law implementing the European data protection laws. The UK authority responsible for the enforcement of the [UK Data Protection Act 1998][10] is called [Information Commissioner's Office][11] (ICO). 
+        
+        In the future, we can expect that Gibraltar will preserve its self-governance and independent legal system. The autonomous status of Gibraltar makes it an attractive location for companies wishing to preserve the privacy and security of their customers.
+
+ [1]: https://en.wikipedia.org/wiki/Five_Eyes
+ [2]: http://www.parliament.gi/
+ [3]: https://www.gibraltar.gov.gi/new/legislation-support-unit
+ [4]: http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A62001CJ0030
+ [5]: http://www.gibraltarlaws.gov.gi/constitution/Gibraltar_Constitution_Order_2006.pdf
+ [6]: http://www.legislation.gov.uk/ukpga/2010/24/contents
+ [7]: https://en.wikipedia.org/wiki/Regulation_of_Investigatory_Powers_Act_2000
+ [8]: http://www.gra.gi/
+ [9]: http://www.gibraltarlaws.gov.gi/articles/2004-01o.pdf
+ [10]: http://www.legislation.gov.uk/ukpga/1998/29/contents
+ [11]: https://ico.org.uk/
diff --git a/src/content/es/blog/2016-09-23-closed-affiliate-program.md b/src/content/es/blog/2016-09-23-closed-affiliate-program.md
new file mode 100644
index 000000000..7567a8ad5
--- /dev/null
+++ b/src/content/es/blog/2016-09-23-closed-affiliate-program.md
@@ -0,0 +1,102 @@
+---
+title: Why we closed our affiliate program
+authors: ["Ed Holden"]
+categories: ["IVPN News"]
+tags: ["Transparency"]
+draft: false
+date: 2016-09-23T11:52:10+00:00
+url: /blog/closed-affiliate-program/
+comments:
+  - author: That One Privacy Guy
+    date: 2016-09-23T15:40:46+02:00
+    content: |
+      Congratulations for making such a big and important decision for the sake of the industry and your customers!
+  - author: Happy customer
+    date: 2016-09-23T23:22:31+02:00
+    content: |
+      Good that you don't support this very unethical behavior. I made a good decision by choosing you as my VPN provider.
+  - author: Shany
+    date: 2016-09-25T14:40:53+02:00
+    content: |
+      Love you guys as a VPN service! Keep up the good work!!
+  - author: CHris
+    date: 2016-11-12T01:24:06+01:00
+    content: |
+      Thank you for this decision you made.
+  - author: Bill
+    date: 2016-11-29T09:42:42+01:00
+    content: |
+      I am using different VPN affiliate programs on my blog and its working good. PureVPN is doing good in conversion.
+    
+      VPN is untap industry for affiliates. You should not close it.
+  - author: Allvpn.org
+    date: 2016-12-05T21:42:47+01:00
+    content: |
+      A strange decision. Although we do not clean up your service from allvpn.org rating, because it is based on users opinions rather than remuneration.
+  - author: Will
+    date: 2016-12-21T23:18:17+01:00
+    content: |
+      Thank you both to iVPN and That One Privacy Guy for your efforts on this. In fairness to the affiliates who did not comply, it cannot be assumed that they are unscrupulous. But without complying, there is no way iVPN.net can determine that. It is hard to justify the overhead to run the affiliate program in these circumstances, and it's a shame that the handful of affiliates who were willing to comply find themselves disadvantaged by those who would not.
+
+      Keep up the good work. iVPN does a good job of educating their clients and the public about what a VPN can and cannot do, especially with respect to the topics of privacy, jurisdiction and data retention. The comparison websites are helpful, but better to understand in as much depth as you can what a VPN provider can and cannot do.
+  - author: MSVCP140
+    date: 2017-02-02T00:22:33+01:00
+    content: |
+      :-) OK !
+  - author: Chris
+    date: 2017-04-18T16:25:51+02:00
+    content: |
+      Good move, thanks for putting your customers first! Keep up the good work and thanks for the transparent communication.
+  - author: stephen
+    date: 2017-05-08T17:32:55+02:00
+    content: |
+      Good move, back you 100% on this - one more good reason to use your service :)
+  - author: Carl
+    date: 2017-06-11T12:18:22+02:00
+    content: |
+      Counter productive move.
+    
+      Now all those affiliate bloggers will start advertising other crappy VPNs out there.
+        
+      No benefit to the end user who reads those reviews instead of digging up on their own a little bit.
+        
+      So congratulations, you didn't fix anything, you just made a bigger problem imho.
+  - author: Technological Slavery
+    date: 2017-09-12T01:36:41+02:00
+    content: |
+      "VPN is untap industry for affiliates" - Hey genius, some things are worth more than squeezing a financial derivative out of someone else's hard work! Privacy and integrity are two things rapidly disappearing in this world, yet loved when still encountered. Business doesn't have to be about hating your fellow man (including by mildly or heavily deceiving him about which product to buy). Engineering excellence, intelligent management and leadership are to be cherished. If we can help maintain a culture that involves these qualities, then perhaps we can expand it to politics and the wider world, who knows? It's certainly overdue. But the more we keep thinking we're clever to make money - to play someone else's game the rules of which were never voted upon democratically (World Banking System, anyone?) the more we are destined to suffer the same upon us - and NO ONE can watch their back 24/7. You end up dying of exhaustion, believe me! From having lived under oppression, I know what ethics are worth. IF this company actually has some, it is vastly more important that they are upheld than some middlemen oxygen-thieves make themselves some easy money. Go find a job, fool. A REAL one.
+  - author: mark
+    date: 2017-12-20T19:04:25+01:00
+    content: |
+      Wow, finally I see someone else say something about this. I can tell you how frustrated I was a few months ago when I was looking for a new provider. Its so frustrating going around in circles trying to find REAL reviews. Its so discouraging. It's counterproductive and unsustainable behavior though. there really should be a legit vpn review
+  - author: Nikko
+    date: 2018-07-01T16:32:11+02:00
+    content: |
+      Good work. It took me a long time to find IVPN because of all the liars out there. They made ProtonVPN look good, but not even one day into their free trial, their server quit and leaked all over my desktop, and I couldn't even hit their website from the open Net. Reading this blog post has increased my trust level one full point in favor of IVPN. Trust is the most important factor in choosing a VPN.
+  - author: Alexander
+    date: 2020-03-19T10:48:39+01:00
+    content: |
+      This response is linguistically crafted with excellence. Well written, and in a way that strikes or "pokes" the person mentally, to get your valid points across and heard.
+  - author: parbriz bmw seria 3 2013
+    date: 2020-04-16T02:16:30+02:00
+    content: |
+      Thanks for another great post. Where else may anybody get that kind of information in such an ideal means of writing? I've a presentation subsequent week, and I'm on the search for such info.</a>
+
+---
+A few weeks ago, we communicated to affiliates that our affiliate program would be closing. For those interested, this post provides some background on how we reached that decision.
+
+When IVPN launched, we never intended to create an affiliate program. We simply provided a link in our control panel, for customers to refer friends and receive credit. When we realised professional affiliates were signing up as customers to get a link, we created a separate signup page for them. As the VPN industry grew, a dizzying number of 'Best/top VPN' comparison sites popped up. And with the increasing competition, along came increasingly unethical behavior (which is certainly not unique to the VPN industry).
+
+One example is the voucher code scam, where affiliates advertise coupons/vouchers that don't exist (we don't offer any coupons/vouchers) to rank their website on Google for keywords such as 'ivpn coupon'. They do this to take advantage of the fact that many Internet shoppers are conditioned, when arriving on a checkout page, to open a new browser tab to search for discount codes. They would then find the affiliates page, click through on the link, and arrive back on the IVPN site. Even though they don't receive any discount, the affiliate still gets paid, even though they didn't actually refer the customer to us. We would have made the sale anyway, and so the affiliate is effectively stealing 25% of our revenue. 
+
+One of the most offensive practices is the offer to pay for top rankings. In some cases, these artificial rankings are disclosed within 'sponsored' areas. But in many cases, they are not. In addition, it's clear to us that many unscrupulous affiliates rank providers in order of potential revenue. Providers that have better commission offerings, or website conversion rates, go straight to the top. It's not hard to see why. Many affiliates are spending thousands, or even tens of thousands, of dollars on advertising to get visitors to their site, and they lose if a visitor clicks through to a VPN and doesn't buy.
+
+Why does this matter? When someone goes to Google and asks for the 'Best VPN' they expect to find information aiding them in identifying the best VPN for their needs. Not only would the above practices compromise this, but in some cases, people are using VPNs in circumstances where compromising their anonymity could be life threatening. For this reason alone, its imperative that companies advertising VPN services are honest about their relationship with the brands they are advocating. In the USA this principle is encoded in [FTC guidelines][1]. 
+
+In May of this year, we were contacted by That One Privacy Site stating that they had found that several of our affiliates had not implemented a clear and conspicuous disclaimer, even though it was required in our terms of service. We proceeded to audit our affiliates, and discovered that less than 5% were in compliance. It was a major failing on our part to have not caught this earlier. 
+
+We sent out an email asking all affiliates to implement the disclosure within 6 weeks. The response was depressing, with only a handful willing to comply, and many on the offensive. Indeed, too few compliant affiliates remained to justify the overhead of running an affiliate program. We would rather focus on building a better VPN service. 
+
+We would like to thank all honest and hard working affiliates who worked with us over the last five years, and helped to grow IVPN into the service it is today.
+
+ [1]: https://www.ftc.gov/sites/default/files/attachments/press-releases/ftc-publishes-final-guides-governing-endorsements-testimonials/091005revisedendorsementguides.pdf
diff --git a/src/content/es/blog/2017-03-15-new-ivpn-app-ios.md b/src/content/es/blog/2017-03-15-new-ivpn-app-ios.md
new file mode 100644
index 000000000..50ed1a4af
--- /dev/null
+++ b/src/content/es/blog/2017-03-15-new-ivpn-app-ios.md
@@ -0,0 +1,37 @@
+---
+title: The new IVPN app for iOS
+authors: ["Ed Holden"]
+categories: ["Releases"]
+tags: ["Apps", "Protocols"]
+draft: false
+date: 2017-03-15T16:29:02+00:00
+url: /blog/new-ivpn-app-ios/
+comments:
+  - author: Question?
+    date: 2017-04-13T13:53:54+02:00
+    content: |
+      Please say how you prevent IPv6 data leak on iOS? How you keep persistent connection and make sure no leak during delay switching between Wi-Fi and Cellular networks?
+  - author: Anon
+    date: 2017-04-29T11:26:22+02:00
+    content: |
+      Please answer iVPN?
+  - author: Anonymous
+    date: 2017-05-01T09:22:53+02:00
+    content: |
+      Unfortunately iVPN rarely update their blog or respond to comments. Open a support ticket.
+
+---
+After hundreds (if not thousands) of requests, we're proud to release the IVPN app for mobile devices running iOS. If you'd like to download it immediately simply navigate to the [iOS setup][1] page. I'd like to take this opportunity to provide interested customers with more information about the security configuration and design goals of the app.
+
+When we first started working on an iOS app we quickly discovered that implementing OpenVPN was not possible due to the app store terms of service being incompatible with the GPL, the license under which OpenVPN is released. Unless of course you are the holder of the copyright in which case you can relicense it under some proprietary license, which of course OpenVPN technologies has done so they can publish the OpenVPN connect app. 
+
+Before the launch of this app we offered customers who didn't want to install the OpenVPN Connect app the possibility to configure L2TP/IPSec on their iOS device. Our configuration (like with all other VPN providers offering L2TP/IPSec) required that you use a public pre-shared key. This pre-shared key made an active MITM (Man in the middle attack) possible where the adversary impersonates our server and is then able to decrypt and eavesdrop on the connection. Even though the risk of this attack occurring is small, its bad security and we made it very clear on our website that L2TP/IPSec shouldn't be used for anything other than bypassing geographic restrictions. For more info see [is using L2TP/IPSec with a public pre-shared key secure?][2]
+
+The new IVPN iOS app uses IPSec with full certificate based authentication, eliminating the previous risks of a MITM attack. One of the advantages of using the native iOS VPN client and IPSec is 'On demand' VPN connections. As we have implemented it in our app, iOS will always establish a VPN connection before sending traffic to a particular domain (or all domains in our case). This ensures that the iOS app never leaks any data whilst you are connected to an IVPN server. Even when waking from sleep, the first packet of data will trigger the 'On Demand' rules to reestablish the VPN connection, queuing the packets until the connection is established. 
+
+One the most common complaints from mobile customers in the past was having to add/configure new servers as they were deployed on our network. The new app will always have the latest list of servers available on our network and will always connect to the least loaded server in a location. In addition when choosing a location to connect to, you can see which locations have the lowest latency from your current location, ensuring the best performance at all times from all locations.
+
+We encourage all customers to install the app and test it out. Customers who don't have an active IVPN account can signup for a free trial and even purchase a subscription using in-app purchase. All customers have access to all server locations from all clients regardless of where they signed up from. And if you have any feedback please send it! <feedback@ivpn.net>.
+
+ [1]: /apps-ios/
+ [2]: /knowledgebase/general/is-using-l2tporipsec-with-a-public-pre-shared-key-secure/
diff --git a/src/content/es/blog/2017-07-14-are-anti-malware-products-uploading-your-private-data.md b/src/content/es/blog/2017-07-14-are-anti-malware-products-uploading-your-private-data.md
new file mode 100644
index 000000000..f07bf2e89
--- /dev/null
+++ b/src/content/es/blog/2017-07-14-are-anti-malware-products-uploading-your-private-data.md
@@ -0,0 +1,142 @@
+---
+title: Are Anti-Malware products Uploading Your Private Data?
+authors: ["mirimir"]
+categories: ["Privacy & Security"]
+tags: ["Privacy", "Security"]
+draft: false
+date: 2017-07-14T12:57:13+00:00
+url: /blog/are-anti-malware-products-uploading-your-private-data/
+
+---
+Given that you're reading this on IVPN's website, you probably care about online privacy. And you probably use VPN services to hide your online activity from ISPs. That's prudent, because ISPs clearly spy on their customers. In March 2017, the Trump administration [blocked FCC rules][1] that would have protected the privacy of ISP customers. The argument was that ISPs should have the same rights to use customer data "for commercial purposes" that Google _et alia_ do. And there's arguably more in play than ISP profits, given [MPAA's efforts to fight "piracy"][2] and [complaints from the FBI about "going-dark"][3]. That's even starker in the UK. The Investigatory Powers Bill, which went into effect in November 2016, requires ISPs to [retain users' browsing history "for up to a year"][4].
+
+OK, so you use VPNs. But what about other threats to privacy and security? Well, there's a fundamental problem: with modern designs, [manufacturers arguably have ultimate control over hardware][5]. The driver is ostensibly enhanced security and efficiency for enterprise customers. Most users can only trust that these capabilities won't be used to pwn them. For desktops, key concerns are [Intel's Management Engine][6] and [AMD's Platform Security Processor][7]. It's possible to [disable parts of Intel ME][8] on some hardware, but [brickage is possible][9].
+
+Moving right along, what about operating systems? You're most likely using [Windows (39%) or Android (37%)][10]. There is long-standing concern among privacy-conscious users about spying by Microsoft, especially since Windows 10. Windows 10 does indeed [scan computers for pirated software][11]. Google's business is based on personal data, and it's rather upfront about that. Both [Microsoft][12] and [Google][13] disclose that they share personal data with third parties for various commercial and legal reasons. Conversely, Apple has staked its reputation on protecting users' [privacy][14] and [security][15] with extreme ecosystem control. The downside for users is that ecosystem control means higher cost devices. One might say that Apple sells stuff to you, Google sells you to others, and Microsoft does some of both.
+
+So anyway, the top concern for Windows users is clearly malware. That's been the case for decades. For most users, the major threats are probably [ransomware][16], [botnets][17] and [banking trojans][18]. Some also worry about [NSA][19] and [CIA][20] malware. However, while the cyberweapon toolkits are impressive, widescale deployment seems unlikely.
+
+However, there is a quandary for Windows users who want protection against malware, but also have hardcore concerns about their privacy. Back in the day, anti-malware software scanned local processes and files, relying on periodically updated threat databases. But given the volatile threat environment, it's become common to [share user information with providers in real time][21]. That apparently includes geographic location, URLs, running processes, names and paths of files, and even "suspicious" files themselves (even documents). The [Emsisoft blog][22] has also covered this issue.
+
+Let's say that you've installed the IVPN client on your Windows machine. You use an anti-malware app, registered with (and perhaps paid for) using your real name. So now, the anti-malware servers may see what IVPN exit you're using, what websites you're visiting, what files you're streaming and downloading, what other software you're running, what documents you're working on, etc, etc, etc. Even if you're using a free anti-malware app, there are potentially still records of what you're doing with and without the IVPN client connected.
+
+There are many anti-malware products, so I will focus on the best-rated and most privacy-friendly. The top award in AV-Comparatives' [2016 Summary Report][23] went to Avira Anti-Virus Pro. The runners up were Bitdefender Internet Security and Kaspersky Lab Internet Security. Other highly rated products were Emsisoft Anti-Malware, ESET Internet Security, Tencent PC Manager, and ThreatTrack VIPRE. However, according to AV-Comparatives' 2014 report, [Data transmission in Internet security products][21], Bitdefender doesn't let users opt out of uploading "suspicious" files. And Tencent isn't listed. The others do permit opting out. Conversely, AhnLab Internet Security apparently wasn't rated in 2016, but it reportedly never collects URLs or file names, and doesn't upload files, just hashes. And finally, Windows Defender (or Microsoft Security Essentials on Windows 7) is arguably the default (and [occasionally recommended][24]) solution for Windows users. It's too bad that we don't have a more comprehensive set of [CIA anti-malware reviews][25].
+
+So what do these anti-malware providers disclose in their privacy policies? Well, AhnLab and Emsisoft both say that they won't share personally identifiable information (PII) with third parties, without exception:
+
+[AhnLab][26]: "AhnLab will not collect any personal information other than [data collected during software use] and will not disclose such data to any third party."
+
+[Emsisoft][27]: "Any information we collect from you is only used by us to serve you better. Your information is never given to a third party."
+
+Avira and Kaspersky disclose that they will share PII when requested or required:
+
+[Avira][28]: "Finally, Avira may disclose your PII if we are required by law to provide it to governmental agencies, courts or other authorities."
+
+[Kaspersky][29]: "We are always ready to assist national and international law enforcement agencies if they request it."
+
+The others go even further. They disclose that they will share PII voluntarily, when there are concerns about "unethical" activity and "safety":
+
+[ESET][30]: "We may disclose Personal Information and any other information about you if we believe it is reasonably necessary to respond to legal requests (including court orders, subpoenas, government inquiry), to protect the safety, property, or rights of ESET, to prevent or stop any illegal, unethical, or legally actionable activity, or to comply with the law."
+
+[Malwarebytes][31]: "We may disclose PII to government agencies, law enforcement officials, and private parties as we, in our sole discretion, believe necessary: (1) to satisfy or comply with any applicable law, regulation or legal process; (2) to respond to lawful requests, including subpoenas, warrants or court orders; (3) to protect our property, rights and safety and the rights, property and safety of third parties or the public in general; and (4) to prevent or stop activity we consider to be illegal or unethical." [But what about >[this claim][32] re user privacy?]
+
+[Microsoft][33]: "Microsoft may access or disclose information about you, including the content of your communications, in order to: (a) comply with the law or respond to lawful requests or legal process; (b) protect the rights or property of Microsoft or our customers, including the enforcement of our agreements or policies governing your use of the services; or (c) act on a good faith belief that such access or disclosure is necessary to protect the personal safety of Microsoft employees, customers, or the public. We may also disclose personal information as part of a corporate transaction such as a merger or sale of assets."
+
+[ThreatTrack][34]: "We may also disclose your personal information to third parties to: Comply with any court order or other legal obligation. &#8230; Protect the rights, property, or safety of ThreatTrack Security, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction."
+
+Still, none of them are likely as bad as [Shrive][35], or even the FBI's [NIT malware][36] or [Geek Squad operation][37].
+
+I've looked at data uploading by seven anti-malware products. I used a fresh Windows 7 Ultimate SP1 (64-bit) VirtualBox VM for each product. I declined all data-sharing options during installation. After updating the products threat database, I did a full system scan, enabled all data-sharing options, and scanned again. The Windows 7 VMs reached the Internet through a [pfSense VPN-gateway VM][38], and I captured packets during scans using the utility in the pfSense WebGUI. Using Wireshark, I analyzed TCP conversations in each capture file.
+
+**AhnLab V3 Internet Security 8.0**
+  
+It uploaded ~7 KB during scan with Smart Defense off, and nothing during rescan with it on.
+
+**Avira Anti-Virus Pro:**
+  
+There was no opt-out for Protection Cloud during installation.
+  
+It tried to deanonymize during installation using [Mixpanel][39].
+  
+It uploaded ~38 KB during scans, with Protection Cloud off or on.
+
+**Emsisoft Anti-Malware:**
+  
+It uploaded nothing during scans, with Anti-Malware Network off or on.
+
+**ESET Internet Security:**
+  
+It required email to install, and hid LiveGrid options during installation.
+  
+It uploaded ~120 KB on first scan, but nothing during rescans.
+
+**Kaspersky Internet Security:**
+  
+It uploaded >400 KB with Kaspersky Security Network off, but just ~15 KB during rescan with it on.
+
+**Microsoft Security Essentials:**
+  
+It hid Microsoft Active Protection Service "basic membership" during installation.
+  
+It uploaded ~25 KB with basic MAPS, and nothing during rescan with MAPS fully enabled.
+
+**ThreatTrack VIPRE:**
+  
+It required email to install.
+  
+It uploaded 120 bytes with ThreatNet off, and 3.8 KB with it enabled.
+
+Bottom line, AhnLab and Emsisoft seem to be the best options from a privacy perspective. Both clearly state that they won't share user information with third parties, without exception. AhnLab allegedly doesn't upload anything except aggregate statistics. With Anti-Malware Network enabled, Emisoft does upload name and path for "suspicious" files, but users can opt out. Emsisoft Anti-Malware was just a third-rank product in AV-Comparatives' [2016 Summary Report][23], but AV-Comparatives notes that "all of the programs in our test reached an acceptable level overall". AhnLab apparently didn't choose "to have the effectiveness of their products independently evaluated", and that could be taken as evidence of poorer performance.
+
+On the other hand, Avira and Kaspersky received higher ratings from AV-Comparatives. Neither discloses that it shares PII voluntarily. And both provide the option to decline uploading. However, whichever anti-malware product you choose, declining uploading will increase the risk of detection failure. You could allow uploading while working without the VPN connected, and disable it before connecting. You could also use different anti-malware products with and without the VPN connected. In that case, it would be prudent to delete or encrypt sensitive files that you've downloaded through the VPN.
+
+**Update**
+
+I didn't look carefully at Bitdefender Internet Security, because users can't opt out of uploading "suspicious" files. Of the products that I did research, only AhnLab and Emsisoft assert that they won't share user information with third parties. Even so, I didn't find any evidence that any anti-malware provider had compromised its users.
+
+Until now, that is. This excerpt from a [Europol press release][40] needs no explanation:
+
+> With the help of Bitdefender, an internet security company advising Europol's European Cybercrime Centre (EC3), Europol provided Dutch authorities with an investigation lead into Hansa in 2016. Subsequent inquiries located the Hansa market infrastructure in the Netherlands, with follow-up investigations by the Dutch police leading to the arrest of its two administrators in Germany and the seizure of servers in the Netherlands, Germany and Lithuania.
+
+Bitdefender has admitted that it compromised a user.
+
+ [1]: https://transition.fcc.gov/Daily_Releases/Daily_Business/2017/db0301/DOC-343702A1.pdf
+ [2]: https://variety.com/2017/digital/news/copyright-alerts-piracy-mpaa-comcast-att-1201971756/
+ [3]: https://www.fbi.gov/services/operational-technology/going-dark
+ [4]: http://www.theverge.com/2016/11/23/13718768/uk-surveillance-laws-explained-investigatory-powers-bill
+ [5]: https://news.ycombinator.com/item?id=13806688
+ [6]: http://www.techrepublic.com/article/is-the-intel-management-engine-a-backdoor/
+ [7]: https://libreboot.org/faq/#amd
+ [8]: https://news.ycombinator.com/item?id=13416378
+ [9]: https://github.com/corna/me_cleaner/wiki/How-does-it-work%3F
+ [10]: http://gs.statcounter.com/os-market-share
+ [11]: http://www.businessinsider.com/why-windows-10-scans-for-pirated-games-2015-8?IR=T
+ [12]: https://privacy.microsoft.com/en-us/privacystatement
+ [13]: https://www.google.com/policies/privacy/
+ [14]: https://www.wired.com/2016/06/apples-differential-privacy-collecting-data/
+ [15]: http://www.zdnet.com/article/the-state-of-mobile-device-security-android-vs-ios/
+ [16]: http://www.zdnet.com/article/ransomware-an-executive-guide-to-one-of-the-biggest-menaces-on-the-web/
+ [17]: https://us.norton.com/botnet/
+ [18]: https://ibsintelligence.com/ibs-journal/ibs-news/kaspersky-report-highlights-rise-of-financial-malware-in-2016/
+ [19]: https://theintercept.com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/
+ [20]: https://wikileaks.org/ciav7p1/
+ [21]: https://www.av-comparatives.org/wp-content/uploads/2014/04/avc_datasending_2014_en.pdf
+ [22]: http://blog.emsisoft.com/2015/06/26/antivirus-software-protecting-your-files-at-the-price-of-your-privacy/
+ [23]: https://www.av-comparatives.org/wp-content/uploads/2017/02/avc_sum_201612_en.pdf
+ [24]: http://www.zdnet.com/article/ex-top-mozilla-dev-to-windows-users-ditch-all-antivirus-except-microsofts-defender/
+ [25]: http://sanfrancisco.cbslocal.com/2017/03/08/wikileaks-cia-documents-antivirus-software-reviews/
+ [26]: http://download.ahnlab.com/global/brochure/[AhnLab]V3_EULA_ENG_paid.pdf
+ [27]: https://www.emsisoft.com/en/software/privacy/
+ [28]: https://www.avira.com/en/general-privacy
+ [29]: https://eugene.kaspersky.com/tag/law-enforcement/
+ [30]: https://www.eset.com/us/privacy/
+ [31]: https://www.malwarebytes.com/privacy/
+ [32]: https://forums.malwarebytes.com/topic/197534-little-questions-about-copyrights/?do=findComment&comment=1108095
+ [33]: https://privacy.microsoft.com/en-us/security-essentials-privacy
+ [34]: https://www.threattrack.com/privacy.aspx
+ [35]: https://www.theatlantic.com/entertainment/archive/2016/10/black-mirror-season-three-review-shut-up-and-dance-netflix/504929/
+ [36]: https://www.eff.org/pages/playpen-cases-frequently-asked-questions
+ [37]: http://www.ocweekly.com/news/fbi-used-best-buys-geek-squad-to-increase-secret-public-surveillance-7950030
+ [38]: /privacy-guides/advanced-privacy-and-anonymity-part-6/
+ [39]: https://en.wikipedia.org/wiki/Mixpanel
+ [40]: https://www.europol.europa.eu/newsroom/news/massive-blow-to-criminal-dark-web-activities-after-globally-coordinated-operation
diff --git a/src/content/es/blog/2018-02-13-updated-desktop-apps-for-windows-and-macos.md b/src/content/es/blog/2018-02-13-updated-desktop-apps-for-windows-and-macos.md
new file mode 100644
index 000000000..e18aeb5ca
--- /dev/null
+++ b/src/content/es/blog/2018-02-13-updated-desktop-apps-for-windows-and-macos.md
@@ -0,0 +1,59 @@
+---
+title: Updated desktop apps for Windows and macOS
+authors: ["Ed Holden"]
+categories: ["Releases"]
+tags: ["Apps"]
+draft: false
+date: 2018-02-13T12:54:09+00:00
+url: /blog/updated-desktop-apps-for-windows-and-macos/
+heroImage: /images-static/uploads/ivpn-blog-01@2x.png
+thumbnailImage: /images-static/uploads/ivpn-blog-01@2x.png
+comments:
+  - author: drakakur
+    date: 2018-02-22T17:56:31+01:00
+    content: |
+      Very happy with the Android app! Any chance you'll make a similar app for Linux/Ubuntu as well?
+        
+---
+Today we're pleased to release updates for our mac and windows clients. The new clients are available immediately for new and existing customers. To download the latest version, just visit the [IVPN for macOS][1] and [IVPN for Windows][2] pages.
+
+The aim of this update it to bring our desktop apps in line with our new android and iOS apps in terms of layout, design and usability, and to build on the feedback we've received from our users.
+
+## Update summary
+
+A few bigger changes:
+
+  * Mac and Windows users will see a new interface. This new layout should; 
+      * Remove the need to log in before every connection
+      * Make the set up and first connection process more intuitive
+      * Make multi-hop easier to use and easier to configure
+      * Improve consistency across desktop clients and mobile apps
+  * Mac users now have the option to "show icon in system dock" in their preferences. No more '&#8230;er&#8230; im.. sure I er&#8230; had a window open?&#8230; somewhere?&#8230;'
+  * We have implemented one of the top feature requests - the ability for the app to automatically select different protocol and ports if it detects that it is behind a restrictive firewall.
+  * Start at login should now work for all users.
+  * We've also squashed a few other bugs and improved overall performance and stability.
+
+## How can I get it?
+
+To download the latest version, just visit the IVPN for macOS and IVPN for Windows pages. If you do not upgrade right away, don't worry, your client will automatically update in the next few weeks.
+
+## How can I let you know what I think of it?
+
+As always, please let us know what you think about the changes we've made, and what you think we should do next by emailing support@ivpn.net.
+
+P.S if you haven't already, please download our mobile apps for iOS and Android.
+
+A few months back we did a quiet launch of our mobile apps for Android and iOS. We wanted to ensure they were as stable and polished as we could before general release. We're now looking to make these available to all of our users. That means no more openVPN configurations on mobile.
+
+You can download the apps by visiting the [IVPN for iOS][3] and [IVPN for android][4] pages, or if you're on desktop, just scan these QR codes.
+
+[![Android button](/images-static/uploads/button-googleplay-qr@2x.png)][5]
+
+[![Android button](/images-static/uploads/button-appstore-qr@2x.png)][6]
+
+ [1]: /apps-macos/
+ [2]: /apps-windows/
+ [3]: /apps-ios/
+ [4]: /apps-android/
+ [5]: https://play.google.com/store/apps/details?id=net.ivpn.client
+ [6]: https://itunes.apple.com/us/app/ivpn-serious-privacy-protection/id1193122683?mt=8
diff --git a/src/content/es/blog/2018-03-15-collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties.md b/src/content/es/blog/2018-03-15-collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties.md
new file mode 100644
index 000000000..9ea2fdc84
--- /dev/null
+++ b/src/content/es/blog/2018-03-15-collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties.md
@@ -0,0 +1,105 @@
+---
+title: Collection of User Data by ISPs and Telecom Providers, and Sharing with Third Parties
+authors: ["mirimir"]
+categories: ["Privacy & Security"]
+tags: ["Privacy"]
+draft: false
+date: 2018-03-15T08:47:49+00:00
+url: /blog/collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties/
+comments:
+  - author: Customer
+    date: 2018-03-21T15:27:49+01:00
+    content: |
+      Your open vpn settings dont include a certificate- this is lnt secure and needs to be adressed
+
+---
+There are some age-old questions among Internet users, especially those concerned about privacy. Basically, "Is my ISP watching me?", and "Is it sharing data about my online activity, such as search and browsing history, with third parties?" And back in the day, the analogous question was "Is the phone company listening?" Indeed, Bell Labs reportedly [suppressed][1] the telephone answering machine for 60 years, because it feared that recording technology would frighten away its customers.
+
+Any service that provides Internet access (ISPs, Wi-Fi hotspots, and telecom providers) can obviously see what resources users are accessing. Unless data is encrypted, providers can also see the content. And even with encryption, [traffic patterns][2] provide some information about activity. Finally, all bets are off when the NSA, or another similarly resourceful TLA, is interested.
+
+If you're living in China, especially in such areas of unrest as Tibet or Xinjiang, online privacy is an [fantasy][3]. But what about the US and EU, where privacy is supposedly protected?
+
+Well, there's this funny difference between US and EU attitudes toward privacy. In the US, there's relatively little concern about commercial use of private data. I mean, consider the information that credit reporting services buy and sell. The massive [Equifax Data Breach][4] made that very clear. Also, providers of credit cards [sell user data][5] to online advertising firms. [Google][6] and [Facebook][7], for example, use such data to link online and meatspace activity.
+
+On the other hand, there <u>is</u> concern about warrantless government access to such data. There's the Fourth Amendment. By law, Social Security numbers were not to be used as IDs. And there is no national ID card. Since 9/11, there's been government pressure for explicit access to more and more data. However, legislative efforts have failed, and there is still [no mandatory requirement][8] for data retention by Internet and telecom providers. Or by VPN providers, by the way. However, the government can access any data that has been retained, through normal warrants, or non-disclosable [National Security Letters][9] (NSLs).
+
+Conversely, in the EU, there is great concern about commercial use of private data. There's the [Right to Be Forgotten][10]. And the [General Data Protection Regulation][11] (GDPR) will go into effect on May 25, 2018. It "was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy." And "[i]t applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company's location." Such personal data includes "name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address." Basically, anything "that can be used to directly or indirectly identify the person." And consent must be unambiguous, not buried in "long illegible terms and conditions full of legalese".
+
+However, there's far less concern about government access to such data. The 2006 [Data Retention Directive][12] (DRD) "compels all ISPs and telecommunications service providers operating in Europe to collect and retain a subscriber's incoming and outgoing phone numbers, IP addresses, location data, and other key telecom and Internet traffic data for a period of 6 months to 2 years." But in 2014, the EU Court of Justice [annulled][13] the 2006 DRD.
+
+In response, the UK [enacted][14] the Data Retention and Investigatory Powers Act (DRIPA) in 2014. The EU Court of Justice also annulled that in 2016, and the UK proposed [amendments][15]. However, in January 2018, the court [ruled][16] those amendments insufficient.
+
+It appears that EU members are generally reconciling their data retention laws for consistency with GDPR. However, notwithstanding annulment of the DRD, the EU apparently [won't apply][17] GDPR to law enforcement: "The European Commission hopes to set an international standard with its upcoming proposal to give police easier access to data from tech companies, and has already asked the United States to cooperate."
+
+So anyway, let's focus on the US, where data retention by Internet and telecom providers directly exposes users to commercial exploitation, and indirectly exposes them to the government. ISPs have typically [retained][18] logs of IP address assignments, to insure that IP addresses can be linked to users.
+
+Back in the day, it's my impression that traditional ISPs didn't retain very much data about users' online activity. Maybe it cost too much to store, and there weren't opportunities to monetize it. Or maybe they were afraid of customer backlash. But over the past decade or so, that has clearly changed. Development of the online advertising industry, which targets ads based on pervasive behavioral tracking, has provided opportunities. And it has [changed][19] everyone's expectations. With the rise of smartphones, [cell providers][20] know "where you are, what you're searching for and what you like". That is valuable data for advertisers, and Internet providers want to profit.
+
+In late 2016, after many years of lobbying by privacy advocates, the Federal Communications Commission (FCC) agreed to [regulate][21] data use by ISPs and telecom providers. Use of such private data as browsing history and app usage would have required prior consent, but IP and MAC addresses would have remained fair game.
+
+But in early April 2017, Congress and President Trump [repealed][22] those rules, months before they would have taken effect. Major ISPs and telecom providers supported the repeal, arguing that such firms as Google and Facebook would have remained unregulated. So now everyone can do as they like, subject only to public opinion, and complaints to the FCC.
+
+That does work, sometimes. For example, MoviePass CEO Mitch Lowe [bragged][23] at the 2018 Entertainment Finance Forum that "We watch how you drive from home to the movies. We watch where you go afterwards." That generated considerable upset among privacy advocates. And shortly thereafter, MoviePass announced that it had [removed][24] those capabilities from its iOS app. Similarly, in late 2017, after protests and an [FTC complaint from EPIC][25], Uber [stopped][26] tracking its users after rides. But that's arguably less reliable than regulation. People can choose whether or not to use MoviePass or Uber, but there's typically little choice about Internet access, outside large cities.
+
+Some major ISPs and telecom providers (AT&T, Comcast and Verizon) quickly [reassured][27] the public that they will not sell, and have never sold, users' private data. Of course, as noted above, they will provide it to the government as required by warrants and NSLs. But that's not why they fought for the right to collect it. Like Google and Facebook, they want to make money in the behaviorally targeted advertising market.
+
+Third Door Media has this [chilling prediction][28] for 2018:
+
+> In 2018, a growing threat to Google, and to a somewhat lesser extent Facebook, will be the ISPs and wireless providers such as AT&T, Charter, Comcast, Sprint, T-Mobile and Verizon. Verizon, with its ownership of Oath (the combination of AOL's ad tech and content properties and Yahoo's remnants), is probably best positioned to take advantage of the new anti-regulatory climate. Net neutrality was an obvious gift late this year. But the gifts started coming this past spring. In March, the Senate voted to reverse FCC privacy rules that would have limited ISP's ability to sell user data without consent — for ad targeting and other purposes. FCC Chairman (and former Verizon lawyer) Ajit Pai argued consumers would be confused if ISPs were held to different privacy standard than companies like Google and Facebook.
+> 
+> The breadth of data ISPs have on users through their internet and mobile behaviors is wide. It includes geolocation data, browsing data, listening and watching data, app usage data and other non-personally identifiable information (PII) that can be used to inform highly detailed user profiles. It's a marketer's dream playground, a privacy-minded consumer's nightmare.
+
+Also, contrary to assurances, telecom providers are indeed [selling][29] "customers' personal information and real-time location to third parties". The unsecured APIs for data access have been taken down, but the [initial report][30] remains a frightening read:
+
+> But what these services show us is even more alarming: US telcos appear to be selling direct, non-anonymized, real-time access to consumer telephone data to third party services — not just federal law enforcement officials — who are then selling access to that data.
+> 
+> Given the trivial "consent" step required by these services and unlikely audit controls, it appears that <u>these services could be used to track or de-anonymize nearly anyone with a cell phone in the United States with potentially no oversight</u>. [emphasis added]
+
+And yes, [the FCC's action to end net neutrality][31] in December 2017 was another gift to Internet providers. Indeed, Internet access in the US may change dramatically this year. That's arguably a distinct issue from privacy, although it may be instrumental in the evolving role of ISPs and telecom providers in the online ad industry. That is, they can now [block][32] (or at least, slow) particular Internet traffic, affecting both content and ads. It further [strengthens][33] their position vs content providers, including Google etc. And against users.
+
+So what can we do to protect our privacy?
+
+Well, using a VPN service will prevent Internet providers from tracking and monetizing users' online activity. Because all they see is encrypted VPN packets. It will also prevent them from throttling or blocking particular websites or traffic types, except based on traffic volume and patterns. Internet providers could throttle or block VPN traffic, but VPN providers can obfuscate connections in various ways. Some providers use SSH or SSL tunneling. IVPN uses the obfsproxy framework, developed by the Tor Project to penetrate the Great Firewall of China (GFW) and such. It seems unlikely that US Internet providers will go as far as China does to block VPNs.
+
+That's the good news. But perhaps the focus on throttling and blocking is misguided. There have been instances of that, following on [disputes][34] over peering fees and such. And VPNs could obviously protect against that, using obfuscation if necessary. However, it appears that AT&T's plans focus on [preferential treatment][35] of traffic from "data sponsors". While AT&T [claims][36] that it's "not interested in creating fast lanes and slow lanes on anyone's internet", other Internet providers haven't made such assurances about paid prioritization. It's hard to imagine how VPNs could help with that. Unless VPN providers paid for prioritization. Or unless VPNs <u>became</u> Internet providers. We can dream, right?
+
+So anyway, by all means, use a VPN. If you really care about your privacy, use [nested VPN chains][37]. Plus Whonix for Tor, if it matters a lot. And [study OPSEC][38].
+
+ [1]: https://io9.gizmodo.com/5691604/how-ma-bell-shelved-the-future-for-60-years
+ [2]: https://en.wikipedia.org/wiki/Traffic_analysis
+ [3]: https://www.engadget.com/2018/02/22/china-xinjiang-surveillance-tech-spread/
+ [4]: https://clark.com/tag/equifax-data-breach/
+ [5]: http://www.businessinsider.com/credit-cards-sell-purchase-data-to-advertisers-2013-4?IR=T
+ [6]: https://www.washingtonpost.com/news/the-switch/wp/2017/05/23/google-now-knows-when-you-are-at-a-cash-register-and-how-much-you-are-spending/
+ [7]: https://www.technologyreview.com/s/603283/how-facebook-learns-about-your-offline-life/
+ [8]: https://www.eff.org/issues/mandatory-data-retention/us
+ [9]: https://www.eff.org/issues/national-security-letters
+ [10]: https://mashable.com/2018/02/27/right-to-be-forgotten-google-transparency-report/
+ [11]: https://www.eugdpr.org/
+ [12]: https://www.eff.org/issues/mandatory-data-retention/eu
+ [13]: http://www.europarl.europa.eu/legislative-train/theme-area-of-justice-and-fundamental-rights/file-data-retention-directive-annulled
+ [14]: http://www.legislation.gov.uk/ukpga/2014/27/contents/enacted
+ [15]: https://www.theguardian.com/technology/2017/nov/30/police-to-lose-phone-and-web-data-search-authorisation-powers
+ [16]: https://www.theguardian.com/uk-news...ruled-unlawful-appeal-ruling-snoopers-charter
+ [17]: https://www.euractiv.com/section/data-protection/news/commission-wants-to-extend-law-for-police-data-access-to-the-us/
+ [18]: https://torrentfreak.com/how-long-does-your-isp-store-ip-address-logs-120629/
+ [19]: https://mashable.com/2008/01/03/isps-behavioral-advertising/
+ [20]: http://money.cnn.com/2013/12/16/technology/mobile/wireless-carrier-sell-data/index.html
+ [21]: https://www.epic.org/privacy/intl/data_retention.html
+ [22]: https://www.usatoday.com/story/tech/news/2017/04/04/isps-can-now-collect-and-sell-your-data-what-know-internet-privacy/100015356/
+ [23]: https://beta.techcrunch.com/2018/03/05/moviepass-ceo-proudly-says-the-app-tracks-your-location-before-and-after-movies/
+ [24]: https://9to5mac.com/2018/03/07/moviepass-ios-privacy-update/
+ [25]: https://epic.org/privacy/internet/ftc/uber/Complaint.pdf
+ [26]: https://arstechnica.com/tech-policy/2017/08/uber-to-stop-tracking-customers-after-ride-is-over/
+ [27]: https://www.engadget.com/2017/03/31/atandt-comcast-and-verizon-explain-that-they-dont-sell-your-brow/
+ [28]: https://marketingland.com/digital-advertising-2018-trends-230473
+ [29]: https://www.csoonline.com/article/3233211/security/mobile-carriers-sell-users-personal-information-to-third-parties.html
+ [30]: https://medium.com/@philipn/want-to-see-something-crazy-open-this-link-on-your-phone-with-wifi-turned-off-9e0adb00d024
+ [31]: https://www.theverge.com/2017/12/14/16776154/fcc-net-neutrality-vote-results-rules-repealed
+ [32]: http://www.alistdaily.com/technology/net-neutrality-marketing/
+ [33]: http://adage.com/article/opinion/end-net-neutrality-good-advertisers/311399/
+ [34]: https://www.vox.com/cards/network-neutrality/how-does-netflixs-recent-peering-dispute-with-comcast-affect-net
+ [35]: https://www.att.com/att/sponsoreddata/en/index.html
+ [36]: https://www.attpublicpolicy.com/consumer-broadband/lets-take-action-and-enact-a-federal-consumer-bill-of-rights/
+ [37]: /privacy-guides/advanced-privacy-and-anonymity-part-1/
+ [38]: /privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-1/
diff --git a/src/content/es/blog/2018-04-19-you-cant-always-get-what-you-want-the-eternal-conflict-between-lawful-access-and-privacy.md b/src/content/es/blog/2018-04-19-you-cant-always-get-what-you-want-the-eternal-conflict-between-lawful-access-and-privacy.md
new file mode 100644
index 000000000..e62100c62
--- /dev/null
+++ b/src/content/es/blog/2018-04-19-you-cant-always-get-what-you-want-the-eternal-conflict-between-lawful-access-and-privacy.md
@@ -0,0 +1,117 @@
+---
+title: "You can't always get what you want: the eternal conflict between lawful
+  access and privacy"
+# Example: /blog/this-is-a-good-post
+url: /blog/you-cant-always-get-what-you-want-the-eternal-conflict-between-lawful-access-and-privacy/
+draft: false
+authors:
+  - mirimir
+categories:
+  - Privacy & Security
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - Privacy
+date: 2018-04-19T20:47:36.000Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/law-vs-privacy.png
+---
+In late March, the US Clarifying Lawful Overseas Use of Data Act (CLOUD Act) [took effect][1]. And predictably, the US Supreme Court [just dismissed][2] United States v. Microsoft Corp. In that case, Microsoft was fighting a subpoena for data stored in an Irish data center. And now its objection is moot, because the CLOUD Act stipulates:
+
+> A [service provider] shall comply with the obligations of this chapter to preserve, backup, or disclose the contents of a wire or electronic communication and any record or other information pertaining to a customer or subscriber within such provider's possession, custody, or control, regardless of whether such communication, record, or other information is located within or outside of the United States.
+
+This is bad news, for sure. But it's no surprise, in the current environment. With all those terrorists and criminals to worry about. And when it's the feds vs Microsoft, Congress can just change the law. And this is obviously not just about the US. Russia demanded access to encrypted Telegram messages, Telegram refused, and now Russia has [blocked][3] Telegram, plus many other services and websites that rely on Google and Amazon hosting.
+
+Anyway, the CLOUD Act was arguably the US response to [outreach][4] from the EU:
+
+> A senior Commission official said on Thursday (9 November) that the EU executive suggested creating a new EU-US arrangement that would allow police to access data from companies that may be located in other jurisdictions. EU officials made that proposal to US Attorney General Jeff Sessions in June, during a joint EU-US justice ministerial meeting in Malta last June, but have not yet received a response from Sessions' office.
+
+Although the EU doesn't have its new rules yet, it just released a [detailed proposal][5]. In contrast to the 2006 Data Retention Directive, which the EU Court of Justice [annulled][6] in 2014, the current proposal would reportedly mandate preservation <u>only</u> of specific data, upon order of [judicial authorities][7]. It would also enable said judicial authorities to issue EU-wide production orders, requiring response "within 10 days, and within 6 hours in cases of emergency". And one expects that this fast-track data sharing will soon include the US.
+
+So in 1996, John Perry Barlow issued "A Declaration of the Independence of Cyberspace". And in 2016, he [said][8]:
+
+> I will stand by much of the document as written. I believe that it is still true that the governments of the physical world have found it very difficult to impose their will on cyberspace. Of course, they are as good as they ever were at imposing their will on people whose bodies they can lay a hand on, though it is increasingly easy, as it was then, to use technical means to make the physical location of those bodies difficult to determine.
+
+Perhaps understandably, "the governments of the physical world" are concerned. I mean, terrorists and criminals! And so there's an NGO for that, the [Internet & Jurisdiction Policy Network][9]:
+
+> The Internet & Jurisdiction Policy Network addresses the tension between the cross-border nature of the internet and national jurisdictions. Its Paris-based Secretariat facilitates a global multistakeholder process to enable transnational cooperation. Participants in the Policy Network work together to preserve the cross-border nature of the Internet, protect human rights, fight abuses, and enable the global digital economy. Since 2012, the Internet & Jurisdiction Policy Network has engaged more than 200 key entities from six stakeholder groups around the world.
+
+Whatever role the I&J Policy Network plays in practice, their [Retrospect][10] database is very informative:
+
+> Retrospect is the flagship, open-access publication of the Internet & Jurisdiction policy network, documenting policy developments, judicial decisions, international agreements, and other cases that reflect jurisdictional tensions on the cross-border internet. Retrospect is supported by the I&J Observatory.
+
+Police count on their ability to intercept the communications of suspects. In the US, that supposedly requires a search warrant, which judges issue based on other evidence. For the US Postal Service, this is called a ["mail cover"][11]. Sealed domestic first-class mail supposedly can't be opened without a search warrant. But only administrative approval is required for inspection of other mail, and all external information (addresses, postmarks, etc) can be recorded. International mail has often been opened for inspection, however.
+
+For communications generally, this process is termed [lawful intercept][12]. The US [Communications Assistance for Law Enforcement Act (CALEA)][13] mandates that telecommunication service providers must support lawful intercept (aka wiretap) for telephone, VoIP, email and other Internet traffic. Telecommunication equipment generally includes built-in interfaces to support CALEA.
+
+In the early 1990s, when CALEA was enacted, that was enough. But in the 1970s, academic research into strong cryptography had [accelerated][14]. It was no longer the province of government agencies. And by the mid 1990s, with the microcomputer revolution, strong encryption was on the way to becoming the norm for telecommunications.
+
+CALEA had grown out of concerns about communications "going dark", given the shift to digital telephony, and the resulting technical complexity of wiretaps. They were no longer just about telephone wires and alligator clips. But now everyone and their little yellow dog can use strong encryption. What's an honest cop to do?
+
+The answer was [key escrow][15]. We could all have our securely encrypted telecommunications, but governments (and employers, but that's a separate issue) would have the private keys, enabling lawful intercept. In the US, the NSA developed the [Clipper chip][16], to implemented key escrow. The Clinton administration [supported][17] it: "Our policy is designed to provide better encryption to individuals and businesses while ensuring that the needs of law enforcement and national security are met."
+
+But the Electronic Privacy Information Center (EPIC) and the Electronic Frontier Foundation (EFF) — and more generally, the nascent Silicon Valley sector — opposed the Clipper chip. They argued that development and commercialization of the Internet depended on privacy through secure encryption. And if the US hobbled its Internet sector, it would lose out to foreign competitors. And that was enough to kill the proposal.
+
+After the Clipper Chip went down, it seems that LEA took another track. They got friendlier with the NSA. In 1982, the Reagan administration created the [South Florida Drug Task Force][18], comprising agents from the DEA, FBI, "the Customs Service, the Coast Guard and other agencies". Just what those "other agencies" were isn't clear. But in 1994, the DEA created the [Special Operations Division (SOD)][19]. And it clearly includes the NSA. For more about SOD, see [Online Privacy Through OPSEC and Compartmentalization: Part 3][20].
+
+Also, based on documents from Edward Snowden's trove, it appears that the NSA redoubled efforts to [compromise][21] commercial encryption systems, and to [weaken][22] the encryption standards that underlie them. For example, it's been claimed that the NSA influenced the RSA Corp. to [weaken][23] the "extended random" feature in RSA's BSAFE crypto library.
+
+In any case, the debate over the conflicting needs for lawful intercept and telecommunications privacy has continued. Also, in recent years, strong encryption on devices, especially iPhones, has become far more common. And police, of course, expect lawful access to everything. Just as they've always had lawful access to safes. Because there's no safe that can't be brute forced. So governments still want [key escrow][24]. In 2011, the FBI launched the ["Going Dark"][25] initiative. And, notwithstanding the evident insecurity of key escrow, they seek some [magical][26] alternative. FBI Director Christopher Wray denies that "it's impossible" to solve "going dark" while protecting privacy. Congress is [working][27] on it. But the NSA is still there as backup, and now it's [not even a secret][28].
+
+So hey, keep your eye on the I&J Policy Network's [Retrospect][10] database.
+
+**Edit**
+
+A few hours after this post went live, I searched Google, to see if it had been indexed yet. And I found this 2016 [paper][29] by Stephanie K. Pell: "You Can't Always Get What You Want: How Will Law Enforcement Get What it Needs in a Post-CALEA, Cybersecurity-Centric Encryption Era?" Sadly, I didn't find it while researching the post. Because it's a great paper. And she has great taste in titles. I only found it because I searched for "you can't always get what you want lawful access privacy".
+
+She's a former prosecutor from Florida. Her paper uses, as an example, a case that she handled in ~2000, involving gun smuggling by the IRA. She argues that investigators have become accustomed to getting electronic data through CALEA etc. And more and more, that this has amounted to electronic mass surveillance. 
+
+She agrees with security experts that maintaining such lawful access, against pervasive "strong" encryption, would require the introduction of vulnerabilities. Such as backdoors or key escrow. And that this would expose users to malicious adversaries. She points out that the privacy vs lawful access debate is really just about competing perspectives on security. And that it's unclear "what law enforcement actually needs".
+
+Her paper came out before the The Shadow Brokers dumped all those hacking tools from the NSA. And that's the canonical example. If the bloody NSA can't keep its stuff secured, what hope would there be for securely maintaining massive key-escrow databases? There could be a system-wide encryption compromise. She argues that this would be an unacceptable risk, and that investigators will need to get data on a case-by-case basis. Just as they did when she was a prosecutor.
+
+She does raise disturbing aspects of IoT devices.
+
+> Moreover, the IoT adds to the metadata-rich investigative environment available to law enforcement. Because most metadata is difficult to encrypt and is likely to remain unencrypted for the foreseeable future, it will continue to enhance law enforcement capabilities.
+
+Basically, she points out that IoT devices are user-installed bugs. 
+
+> IoT and its ever-expanding networked sensors may provide platforms and apertures for viewing activities and recording communications content.
+
+She argues that investigators can compel access to IoT data held by providers. And indeed, Amazon [released][30] Echo data last year to investigators in Arkansas, regarding a murder case. She also notes the potential for "lawful hacking" of insecure IoT devices. Consider the [Mirai botnet][31].
+
+She also raises the possibility of lawful hacking for smartphones, "infecting them with malware capable of capturing voice communications and keystrokes before they are encrypted." And that brings to mind the FBI's use of [network investigative techniques][32]. And of course, all those NSA tools.
+
+But that's better, she argues, than mass surveillance. And I can't help but agree.
+
+ [1]: https://www.eff.org/deeplinks/2018/03/responsibility-deflected-cloud-act-passes
+ [2]: https://www.supremecourt.gov/opinions/17pdf/17-2_1824.pdf
+ [3]: https://www.nytimes.com/2018/04/18/world/europe/russia-telegram-shutdown.html
+ [4]: https://www.euractiv.com/section/data-protection/news/commission-wants-to-extend-law-for-police-data-access-to-the-us/
+ [5]: http://europa.eu/rapid/press-release_IP-18-3343_en.htm
+ [6]: https://www.europarl.europa.eu/legislative-train/theme-area-of-justice-and-fundamental-rights/file-data-retention-directive-annulled
+ [7]: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2616397
+ [8]: https://www.economist.com/news/international/21690200-internet-idealism-versus-worlds-realism-how-john-perry-barlow-views-his-manifesto
+ [9]: https://www.internetjurisdiction.net/
+ [10]: https://www.internetjurisdiction.net/publications/retrospect
+ [11]: https://en.wikipedia.org/wiki/Mail_cover
+ [12]: https://en.wikipedia.org/wiki/Lawful_interception
+ [13]: https://en.wikipedia.org/wiki/Communications_Assistance_for_Law_Enforcement_Act
+ [14]: https://en.wikipedia.org/wiki/History_of_cryptography
+ [15]: https://en.wikipedia.org/wiki/Key_escrow
+ [16]: https://en.wikipedia.org/wiki/Clipper_chip
+ [17]: https://epic.org/crypto/clipper/gore_statement_feb_94.html
+ [18]: https://www.nytimes.com/1986/09/04/us/4-year-fight-in-florida-just-can-t-stop-drugs.html
+ [19]: http://www.reuters.com/article/us-dea-sod-idUSBRE97409R20130805
+ [20]: /privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3/
+ [21]: https://www.spiegel.de/international/germany/inside-the-nsa-s-war-on-internet-security-a-1010361.html
+ [22]: https://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption
+ [23]: https://blog.cryptographyengineering.com/2017/12/19/the-strange-story-of-extended-random/
+ [24]: https://www.publicsafety.gc.ca/cnt/rsrcs/pblctns/fv-cntry-mnstrl-2017/index-en.aspx
+ [25]: https://www.fbi.gov/services/operational-technology/going-dark
+ [26]: https://arstechnica.com/tech-policy/2018/03/fbi-again-calls-for-magical-solution-to-break-into-encrypted-phones/
+ [27]: https://www.theregister.co.uk/2018/04/09/us_encryption_backdoors/
+ [28]: https://www.theregister.co.uk/2017/01/12/obama_nsa_sigint_fbi_dea/
+ [29]: https://scholarship.law.unc.edu/cgi/viewcontent.cgi?article=1306&context=ncjolt
+ [30]: https://www.pbs.org/newshour/nation/amazon-releases-echo-data-murder-case-dropping-first-amendment-argument
+ [31]: https://blog.cloudflare.com/inside-mirai-the-infamous-iot-botnet-a-retrospective-analysis/
+ [32]: https://en.wikipedia.org/wiki/Network_Investigative_Technique
\ No newline at end of file
diff --git a/src/content/es/blog/2018-07-23-new-trusted-wi-fi-networks-feature-for-ivpn-apps.md b/src/content/es/blog/2018-07-23-new-trusted-wi-fi-networks-feature-for-ivpn-apps.md
new file mode 100644
index 000000000..6a3c5a0a0
--- /dev/null
+++ b/src/content/es/blog/2018-07-23-new-trusted-wi-fi-networks-feature-for-ivpn-apps.md
@@ -0,0 +1,30 @@
+---
+title: New 'trusted Wi-Fi networks' feature for IVPN apps
+authors: ["Ed Holden"]
+categories: ["Releases"]
+tags: ["Apps", "Privacy", "Security"]
+draft: false
+date: 2018-07-23T12:57:04+00:00
+url: /blog/new-trusted-wi-fi-networks-feature-for-ivpn-apps/
+comments:
+  - author: Simon
+    date: 2018-12-12T08:55:09+01:00
+    content: |
+      What about iOS?
+
+---
+Today we're releasing a new 'trusted Wi-Fi networks' feature for our desktop and Android apps. Some customers have different security requirements depending on whether they trust the specific Wi-Fi network they are connected to or not. For example, customers who use our VPN exclusively for Wi-Fi security often only want to be connected to the VPN when they are on untrusted networks e.g. public hotspot. Ideally they would like the VPN client to automatically establish a connection on networks they don't trust and disconnect on those they do. Another use case is customers who use the VPN for privacy but who have VPN routers on trusted networks they connect to - in this case they don't want to connect whilst connected to this network or they would establish nested VPN tunnels which perform very poorly.
+
+Our new feature allows customers to set a trust status for all Wi-Fi networks that they have connected to (trusted, untrusted, none) and then define what actions should be taken automatically when joining a network with the defined trust status. When connecting to a untrusted network you can choose whether to automatically connect to the VPN and/or enable the firewall. Conversely, when connecting to a trusted network you can choose whether to automatically disconnect from the VPN and/or disable the firewall. In addition you can specify the default trust status of all new Wi-Fi networks that are joined (trusted, untrusted, none) so in most cases you don't need to do anything when joining a new network (we recommend setting the default as 'untrusted').
+
+## macOS demo
+
+![Trusted networks on macOS](/images-static/uploads/trusted-networks-macos.gif)
+
+## Windows demo
+
+![Trusted networks on Windows](/images-static/uploads/trusted-networks-windows.gif)
+
+## Android demo
+
+![Trusted networks on Android](/images-static/uploads/trusted-networks-droid.gif)
diff --git a/src/content/es/blog/2018-08-28-new-pause-vpn-feature-for-ivpn-apps.md b/src/content/es/blog/2018-08-28-new-pause-vpn-feature-for-ivpn-apps.md
new file mode 100644
index 000000000..e5f68c241
--- /dev/null
+++ b/src/content/es/blog/2018-08-28-new-pause-vpn-feature-for-ivpn-apps.md
@@ -0,0 +1,25 @@
+---
+title: New 'Pause VPN' feature for IVPN apps
+authors: ["Ed Holden"]
+categories: ["Releases"]
+tags: ["Apps"]
+draft: false
+date: 2018-08-28T10:25:22+00:00
+url: /blog/new-pause-vpn-feature-for-ivpn-apps/
+
+---
+We've recently released new versions of our desktop and Android apps with a new 'Pause VPN' feature. Based on feedback from customers, we discovered that some were disconnecting temporarily from the VPN in order to connect to various services that were blocked whilst connected e.g. some payment gateways etc. When disconnected these customers were sometimes forgetting to reconnect after completing their task, leaving them in an insecure state until they remembered to manually reconnect. This could be hours or more, representing a serious privacy threat. Whilst being disconnected for even a few seconds is unacceptable for many of our hardcore privacy customers (who we don't expect to use this feature) we felt it was important to mitigate the risk of being left insecure for those who want to disconnect and understand the risk of doing so.
+
+In response we developed the 'Pause VPN' button which, when pushed, gives you the option to immediately pause the VPN for a configurable amount of time. When you do this, the VPN remains connected but your data is routed through your default ISP connection instead of our VPN gateways. To ensure that you are aware of this, we have a model window above all other windows (see below) that shows you the state of the connection and the time remaining until the VPN connection automatically resumes. Whenever you want, you can instantly resume your VPN privacy or if required add additional time to the pause VPN auto-resume timer.
+
+## macOS demo
+
+![Pause VPN on macOS](/images-static/uploads/pause-resume-vpn-macos.gif)
+
+## Windows demo
+
+![Pause VPN on Windows](/images-static/uploads/pause-resume-vpn-windows.gif)
+
+## Android demo
+
+![Pause VPN on Android](/images-static/uploads/pause-resume-droid.gif)
\ No newline at end of file
diff --git a/src/content/es/blog/2018-12-11-introducing-wireguard-fully-automated.md b/src/content/es/blog/2018-12-11-introducing-wireguard-fully-automated.md
new file mode 100644
index 000000000..f07d7acc4
--- /dev/null
+++ b/src/content/es/blog/2018-12-11-introducing-wireguard-fully-automated.md
@@ -0,0 +1,45 @@
+---
+title: Introducing WireGuard, fully automated.
+# Example: /blog/this-is-a-good-post
+url: /blog/introducing-wireguard-fully-automated/
+draft: false
+authors:
+  - Nick Pestell
+categories:
+  - Releases
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - Apps
+  - Protocols
+  - Security
+  - WireGuard
+date: 2018-12-11T14:05:43.000Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/wireguard.png
+---
+In November 2009, almost 10 years ago IVPN was launched. We knew that in order to become the most trusted provider we had to demonstrate our security expertise and execute flawlessly and consistently over many years. On day one we launched a full mesh multi-hop network using Linux policy based routing with all VPN gateways passing strict CIS benchmark compliance, an industry first. In January 2015 we introduced the IVPN firewall which is integrated deep into the OS using Microsoft's WFP API and independent from the app itself. Even if the app crashed we could guarantee no data leaks. In September 2016 we took a strong stance against corrupt 'pay for play' affiliates. In the past few years we have launched dozens of new features specifically to improve our customer's security. Today we are more excited than ever to launch what we believe is the future of VPN technology, [WireGuard][1]
+
+WireGuard is an extremely fast, secure and simple protocol relative to OpenVPN, the default that we use in our current apps. Its simplicity and size ensure a much smaller attack surface relative to other protocols (roughly 1% of OpenVPN). This greatly enhances its ability to be peer reviewed and audited. It uses state-of-the-art cryptography, employing the <a class="external-link" href="http://www.noiseprotocol.org/" rel="nofollow">Noise protocol framework</a>, <a class="external-link" title="Curve25519" href="https://en.wikipedia.org/wiki/Curve25519" rel="nofollow">Curve25519</a> for <a class="external-link" title="Key exchange" href="https://en.wikipedia.org/wiki/Key_exchange" rel="nofollow">key exchange</a>, <a class="external-link" title="ChaCha20" href="https://en.wikipedia.org/wiki/ChaCha20" rel="nofollow">ChaCha20</a> for encryption, <a class="external-link" title="Poly1305" href="https://en.wikipedia.org/wiki/Poly1305" rel="nofollow">Poly1305</a> for authentication and <a class="external-link" title="BLAKE2s" href="https://en.wikipedia.org/wiki/BLAKE2s" rel="nofollow">BLAKE2s</a> for hashing. WireGuard has excellent documentation, we strongly recommend reviewing the conceptual overview on the [homepage][1] and the [white-paper][2] for the more technically inclined.
+
+In our own testing we have seen consistent speed improvements with WireGuard over OpenVPN. To continually ensure our customers security and privacy one of IVPN's design goals is to increase the time customers spend connected to the VPN, that some customers don't remain connected 24/7 may surprise our more hardcore privacy users. Customers have repeatedly told us that one of the reasons for disconnecting is the requirement for their maximum line speed for certain applications. We strongly believe that WireGuard's speed will increase the time customers spend connected and therefor their security and privacy.
+
+This simplicity of WireGuard requires that certain functions are left out of the protocol and up to the user to implement, such as key and IP address management. For VPN providers this is a major technical challenge as encryption keys have to be securely generated within the VPN client and distributed to all VPN gateways, an IP address has to be leased from a pool and sent to the client, all before the user can connect to the VPN server. Current VPN services offering WireGuard require that the user manually generate the keys and upload them to specific servers through the control panel on their website. To continue demonstrating our expertise we set the bar high and have built a fully automated solution that securely generates keys within the client, uploads them to an IVPN server which then distributes them to all VPN gateways in our infrastructure within seconds. Using WireGuard on the client couldn't be easier, the user simply has to select it and will be able to connect immediately.
+
+As part of our initiative to become increasingly open and to advance the industry we plan to open-source the code that manages all this complexity. Our hope is that VPN providers integrate this code into their infrastructure and continually improve it for the benefit of all. We are also sponsoring WireGuard development and encourage all customers to [make a donation][3] if they are able.
+
+**WARNING: The WireGuard protocol is currently under heavy development and should be considered experimental. At this time we do not recommend using WireGuard except for testing or in situations where security is not critical. Our Wireguard VPN servers are completely separate from our OpenVPN servers to ensure no security risks. We welcome all customers to begin testing, simply select the protocol from within the IVPN client.** 
+
+_27/04/2020 update: Since its merge into Linux Kernel (v5.6) and the release of WireGuard 1.0, we consider the protocol to be ready for wide-scale use. We now offer WireGuard to all our subscribers._
+
+_More information:_ [https://ivpn.net/wireguard/][4]
+
+We look forward to hearing your feedback!
+
+Nick Pestell
+
+CEO, IVPN
+
+ [1]: https://www.wireguard.com/
+ [2]: https://www.wireguard.com/papers/wireguard.pdf
+ [3]: https://www.wireguard.com/donations/
+ [4]: /wireguard/
\ No newline at end of file
diff --git a/src/content/es/blog/2019-02-18-ivpn-is-now-a-tracking-free-provider.md b/src/content/es/blog/2019-02-18-ivpn-is-now-a-tracking-free-provider.md
new file mode 100644
index 000000000..bb70053a6
--- /dev/null
+++ b/src/content/es/blog/2019-02-18-ivpn-is-now-a-tracking-free-provider.md
@@ -0,0 +1,45 @@
+---
+title: IVPN is now a Tracking Free provider
+authors: ["Viktor Vecsei"]
+categories: ["IVPN News"]
+tags: ["Privacy", "Transparency"]
+draft: false
+date: 2019-02-18T13:31:43+00:00
+url: /blog/ivpn-is-now-a-tracking-free-provider/
+comments:
+  - author: Anonymous
+    date: 2019-12-10T14:50:28+01:00
+    content: |
+      You say that you have removed every trace of trackers from your website. You explicitely mention Adobe Typekit. Yet this page is still connecting to p.typekit.net, which is Adobe's tracking pixel. Please explain this.
+  - author: Viktor Vecsei
+    date: 2019-12-10T20:37:23+01:00
+    content: |
+      Thanks for spotting this. We have removed the Adobe dependencies when the post was published, but due to an error it made its way back into our /blog/ section recently (not the rest of the website, though). This is now fixed and you should not see it any more.
+
+---
+VPN services, like IVPN, exist to protect the privacy of their customers. The focus of this mission is to stop ISP's, governments or other potential adversaries snooping on your activities and using the information gathered for their benefit.
+
+We believe this list should also include corporations that collect data on you through uninvited, unconsented and unknowable ways. The list starts with Facebook and Google, but does not end there; many services rely on revenue from targeting ads based on [behavioral data harvested][1] from your activities.
+
+VPNs alone can't make you completely invisible to all these threats; encrypting your traffic and masking your IP is just a part of the solution. There are two specific things a VPN provider could do, however, to fight this problem:
+
+  1. Stop advertising through services that rely on data extraction and behavioral profiling as [part of a surveillance economy.][2]
+  2. Stop using third party tools and trackers on their website and in their apps. This way feeding of data collection schemes is avoided by not passing on information about visitor activities to external actors.
+
+If you are wondering how VPN companies are doing on this front, the short answer is: badly. At the time of publication of this post 18 of the 20 top VPN firms (selected by declared number of servers and website traffic data) advertise either on Facebook, Google or both. Also, 18 of the same 20 VPN providers have at least 1 third party tool or tracker active on their website, with the most notorious using more than 15.
+
+We believe this isn't right.  
+We don't have any ads running on Facebook and stopped our limited campaigns in Google Ads. We don't work with ad networks that target users based on their individual profiles. We have also removed every trace of the small number of third party tools and trackers we had on our website (Unbounce, Adobe Typekit).
+
+IVPN is now a Tracking Free VPN provider. We call other privacy focused services to stop supporting surveillance economy businesses with advertising dollars and shared visitor data.
+
+To check how your preferred VPN service is doing on this front, you can do the following:
+
+  1. Install the Privacy Badger extension and visit their website to see how many trackers they use.
+  2. Go to their Facebook page and visit "Info and Ads" section to check whether they run any ads in any countries.
+  3. Go to SpyFu.com (free) or Ahrefs.com (paid), enter their website URL and check the "PPC" section to assess whether they run Google Search ads.
+
+If you don't like what you see, we suggest letting your provider know about that. The other choice is switching to one that is more concerned with protecting your privacy than furthering their business goals regardless of who they support in the process.
+
+ [1]: https://www.eff.org/deeplinks/2009/08/behavioral-tracking
+ [2]: https://medium.com/@vvecsei/fighting-the-surveillance-economy-a-practical-guide-for-individuals-and-companies-cb9719fe1098
diff --git a/src/content/es/blog/2019-03-21-ivpn-no-logging-claim-verified-by-independent-audit.md b/src/content/es/blog/2019-03-21-ivpn-no-logging-claim-verified-by-independent-audit.md
new file mode 100644
index 000000000..73b91046d
--- /dev/null
+++ b/src/content/es/blog/2019-03-21-ivpn-no-logging-claim-verified-by-independent-audit.md
@@ -0,0 +1,57 @@
+---
+title: IVPN no-logging claim verified by independent audit
+# Example: /blog/this-is-a-good-post
+url: /blog/ivpn-no-logging-claim-verified-by-independent-audit/
+draft: false
+authors:
+  - Nick Pestell
+categories:
+  - IVPN News
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - Audit
+  - Security
+date: 2019-03-21T16:15:26.000Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/audit.png
+comments:
+  - author: Liz_siz
+    date: 2019-08-03T05:48:02+02:00
+    content: |
+      Bravo, excellent idea
+  - author: Adilalhawa
+    date: 2019-08-09T06:11:11+02:00
+    content: |
+      Hello world
+  - author: yizakqsdux
+    date: 2019-12-09T18:57:58+01:00
+    content: |
+      I diverse these this prepackaged (fit the most part)
+  - author: Anonymous
+    date: 2019-12-10T15:32:19+01:00
+    content: |
+      Well done on passing the audit! Although it should be noted that this audit did not investigate all of your systems. Basically, this audit only covers yours servers. It doesn't cover your client software (ie apps) nor your other systems, such as customer support and billing. Do you have any plans to have those audited?
+  - author: Viktor Vecsei
+    date: 2019-12-10T20:28:15+01:00
+    content: |
+      Thanks for your comment! A comprehensive audit is under way right now. Please see more here: <a href="/blog/ivpn-to-undergo-extensive-security-audit/" rel="nofollow ugc">https://www.ivpn.net/blog/ivpn-to-undergo-extensive-security-audit/</a>
+
+
+---
+From the start of IVPN, almost 10 years ago, we engineered our systems to not log any data that could be tied to an individual user account. Until now our customers had no way to verify this but today we're proud to announce the results of an independent audit conducted by [Cure53][1].
+
+Below is an excerpt from the conclusion ([Download][2] the full unredacted report from Cure53's website)
+
+> "To conclude this Cure53 audit and verification of the IVPN privacy-related claims yielded very positive results. The outcomes of this March 2019 audit, paired with fluent communications as well as the general handling of every aspect discussed during the assessment, attest to the considerable dedication to privacy matters at the IVPN project. Based on the findings, it is safe to say that all of the IVPN's privacy statements could be verified as truthful within the defined scope. The requirements for both general security claims to be considered appropriate were successfully well met for all VPN gateways."
+
+The scope of the audit was to verify the no-logging claims made in our privacy policy and included all IVPN systems that are involved in serving a customers VPN connection, including the VPN gateway servers and authentication servers. A total of 3 auditors spent 7 days performing the audit during March 2019. 
+
+When we setup IVPN and configured the our systems not to log, it required a lot more than directing logs to the null device. We have a complex configuration of scripts that set up and tear down dynamic configurations for port forwarding, multi-hop etc. These scripts communicate and store state information without persisting any data to disk, one of many design decisions we've made as a security-focused company. 
+
+Cure53 was able to identify only one issue which they classified as 'low' impact and which they said "does not negatively impact this conclusion". The issue was that our DNS servers temporarily cache their responses to improve performance however none of this data is related to a customer IP address or user account in any way and is only stored temporarily until the cache timeout. This means that if an adversary had access to a DNS server they could see what domains had been recently resolved but not which customer IP had sent the request. Regardless we decided to disable the caching so this issue has been fully mitigated. 
+
+We expect this report to provide another strong signal that we take our customers privacy and security very seriously and are dedicated to being as transparent as possible. If you have any questions relating to this audit please do not hesitate to [contact us][3].
+
+ [1]: https://cure53.de/
+ [2]: https://cure53.de/audit-report_ivpn.pdf
+ [3]: /contactus/
diff --git a/src/content/es/blog/2019-06-11-block-ads-and-beat-data-surveillance-with-ivpns-antitracker.md b/src/content/es/blog/2019-06-11-block-ads-and-beat-data-surveillance-with-ivpns-antitracker.md
new file mode 100644
index 000000000..928f1f057
--- /dev/null
+++ b/src/content/es/blog/2019-06-11-block-ads-and-beat-data-surveillance-with-ivpns-antitracker.md
@@ -0,0 +1,116 @@
+---
+title: Block ads and beat data surveillance with IVPN's AntiTracker
+authors: ["Viktor Vecsei"]
+categories: ["Releases"]
+tags: ["Apps", "Privacy"]
+draft: false
+date: 2019-06-11T12:25:33+00:00
+url: /blog/block-ads-and-beat-data-surveillance-with-ivpns-antitracker/
+comments:
+  - author: Two Bits
+    date: 2019-06-13T10:54:48+02:00
+    content: |
+      Great job. You guys have effectively copied Perfect Privacy.
+  - author: Anonymous
+    date: 2019-06-15T21:22:15+02:00
+    content: |
+      You're saying that like it's the only VPN giving this feature. PP is not the only VPN out there, and it's also not the only one offering this as a feature.
+  - author: Anon
+    date: 2019-06-17T17:25:05+02:00
+    content: |
+      You Guys are amazing!!! Thanks a lot! :-).
+  - author: Jack
+    date: 2019-06-18T03:54:22+02:00
+    content: |
+      The new AntiTracker feature is awesome, thank you! I previously used a popular browser-based ad-blocker but I never liked the idea of having a browser plug-in needing to analyze all of my browsing data to determine what to block (which is how browser-based ad blockers work). Network level tracker-blocking and ad-blocking is definitely the better way to do it (for efficiency, privacy, and security). Also, another problem I've had with browser-based ad-blockers is that they can "break" certain websites, but I haven't had this problem with AntiTracker. Again, thank you for this great new feature!
+  - author: Aero
+    date: 2019-06-19T01:03:32+02:00
+    content: |
+      Could we get user selectable Hardcore mode, particularly if more companies get added? That is, I'm still too embedded in the Google eco-system to be able to go hardcore on them. I would love to go hardcore on Facebook, though.
+  - author: JPL_anon
+    date: 2019-06-19T04:13:51+02:00
+    content: |
+      AntiTracker is an awesome new feature and it works great! I no longer need to use and maintain ad blockers in my browsers anymore (that all have settings and whitelists etc that take some time to maintain). Kudos to an excellent new feature. Thank you from a very happy customer!
+  - author: Viktor Vecsei
+    date: 2019-06-19T12:10:03+02:00
+    content: |
+      Thanks for the feedback! We are collecting requests like this and we'll evaluate the options for improving this feature.
+  - author: Anonymous
+    date: 2019-06-19T16:36:10+02:00
+    content: |
+      Of course there are others out there, Anonymous, but the striking resemblance to TrackStop is quite noteworthy! Coincidence? lol
+    
+      Perfect Privacy rolled this out in 2016, and yes, you are correct, many other VPNs (including IVPN) have followed their lead.
+  - author: Anonymous
+    date: 2019-06-19T16:37:45+02:00
+    content: |
+      Perfect Privacy has this. It's a custom filter for all social media domains. Give it a shot.
+  - author: Anon_223
+    date: 2019-06-24T19:50:14+02:00
+    content: |
+      Could you publish the Android app with the antiTracker on F-droid so it can be kept up-to-date easier?
+  - author: Viktor Vecsei
+    date: 2019-06-24T23:22:55+02:00
+    content: |
+      Thanks for the recommendation, we will explore this.
+  - author: IVPN FAN
+    date: 2019-07-14T19:29:44+02:00
+    content: |
+      Please have some toggles for websites hardcore mode. Like I'd never use google search, google maps or facebook, but I'd need Youtube. Great job btw, make IVPN great again!
+  - author: WubbaLubbaDubDub
+    date: 2019-08-20T20:15:09+02:00
+    content: |
+      Is this based on Pi Hole on your backend DNS server? Or have you implemented it using HOSTS file blocking or something else?
+  - author: Viktor Vecsei
+    date: 2019-08-21T09:24:50+02:00
+    content: |
+      A curated block list is applied on our DNS servers (no relation to Pi-Hole, similar logic) ->
+    
+      <a href="/knowledgebase/general/antitracker-faq/" rel="nofollow ugc">https://www.ivpn.net/knowledgebase/general/antitracker-faq/</a>
+  - author: Stephen
+    date: 2019-08-30T07:50:15+02:00
+    content: |
+      it would be good if you guys do what Trackstop do and mess with the device fingerprint. apparently it is so sophisticated the power to be can track you with this alone
+    
+      ps finished the 3 day trial and it was great. $100 US is expensive when converted to australian dollar
+
+---
+IVPN's core mission is to help people control what information they share with others. Our VPN service solves a key privacy problem by encrypting your traffic, making it inaccessible to your ISP and anyone else who may wish to surveil your online activity.
+
+However, there is a lot more going on in terms of privacy violations when you are connected to the Internet. Thousands of companies track your movement across websites, profile your activities and sell that information to advertisers or the highest bidding data brokers.
+
+
+Adding an ad blocker to our core service provides multiple benefits. First, it makes the browsing experience faster and less overwhelming. IVPN's DNS-based blocking solution doesn't allow calls to ad services to go through when visiting websites, fulfilling this need much more effectively compared to browser extensions.
+
+This feature also has the added benefit of blocking the data trackers that companies use to build a profile of you by tracking your browsing behavior. An enhanced privacy protection is what we work towards at IVPN, we consider this even more valuable than ad blocking; so naming the tool 'AntiTracker' seemed a logical choice. This way every user of our VPN service can block not only unwanted ads, adware and malicious websites, but also data tracking operations.
+
+### Hardcore Mode: block Google and Facebook domains
+
+Privacy-conscious individuals are becoming increasingly frustrated by the complete disregard for, and empty promises about privacy from the flagship bearers of the surveillance economy: Google and Facebook. As an ethical [Tracking Free company][1] we strive to support anyone who plans to cut ties with them.
+
+One major step towards that goal is enabling the optional 'Hardcore Mode' of our AntiTracker feature to make the majority of their services inaccessible, and block domains for Facebook and Google services. This is particularly useful in two scenarios:
+
+  1. To receive the best protection available against their tracking methods and trying to go 'off the grid' from their pervasive scanning.
+  2. To wean yourself off their services and start looking for alternatives, contributing to a profiling-free and more competitive Internet.
+
+Keep in mind that URLs, services and dependencies from these two companies will likely not work when you go 'all in' with Hardcore Mode.
+
+We believe our solution has arrived at a critical time, not only due to the overwhelming success of data surveillance business models - which make it ever harder to preserve your privacy online without extra safeguards - but because the key players are [making it increasingly harder][2] to fight back with conventional methods. IVPN's AntiTracker feature goes one step towards a future in which no one can be surveilled, profiled and discriminated against by governments [based on what they do online][3].
+
+### Get started
+
+You can use the AntiTracker tool right now by downloading the [latest versions][4] of the IVPN application from our website.  
+Please note that some websites might not be accessible when using this tool - you can learn more about common questions and tips in our related [Knowledge Base article][5].  
+For Android users this feature won't be available in the Play Store distributed app version due to Google policies (surprise, surprise) and we recommend downloading the latest version [directly from our website][6].
+
+We would also like to invite you to give feedback on our AntiTracker tool after testing it by [sending us a message][7].  
+   
+Thank you for supporting the vision of a tracking free future!
+
+ [1]: /blog/ivpn-is-now-a-tracking-free-provider/
+ [2]: https://www.cnet.com/news/google-holds-firm-on-chrome-changes-that-may-break-ad-blockers/
+ [3]: https://www.bbc.com/news/world-us-canada-48486672
+ [4]: /apps/
+ [5]: /knowledgebase/general/antitracker-faq/
+ [6]: /apps-android/
+ [7]: /contactus/
diff --git a/src/content/es/blog/2019-07-11-windows-support-and-privacy-improvements-for-wireguard.md b/src/content/es/blog/2019-07-11-windows-support-and-privacy-improvements-for-wireguard.md
new file mode 100644
index 000000000..ed322ba15
--- /dev/null
+++ b/src/content/es/blog/2019-07-11-windows-support-and-privacy-improvements-for-wireguard.md
@@ -0,0 +1,55 @@
+---
+title: Windows support and privacy improvements for WireGuard
+# Example: /blog/this-is-a-good-post
+url: /blog/windows-support-and-privacy-improvements-for-wireguard/
+draft: false
+authors:
+  - Nick Pestell
+categories:
+  - Releases
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - Apps
+  - Protocols
+  - Privacy
+  - WireGuard
+date: 2019-07-11T07:56:15.000Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/windows.png
+---
+When picking a VPN service there are multiple criteria for evaluation, starting with questions like [who owns the company][1] behind it, whether your [provider keeps logs][2] and [what happens with the data][3] you share. Two further measures are usually on the top of the remaining list: the type of security the service provides and the connection speed you can achieve while using it. 
+
+On these two fronts, a newcomer protocol, [WireGuard][4], offers the possibility for significant improvements to existing solutions for VPN services. While it is still in its test phase, and requires formal reviews and further audits before being ready for prime time, WireGuard clearly offers improved security and better speeds over currently-preferred protocols like OpenVPN.   
+
+
+Implementing WireGuard in our applications and offering its use through our service was a key priority for us last year. In a pioneering move [we integrated][5] it in our Android, iOS and macOS apps last December. Since then, feedback from our subscribers who have tested the solution have been overwhelmingly positive. As Windows was not officially supported by WireGuard at the time of our initial launch, adding the option to our app remained on our to-do list. After a recent release by the team behind the protocol, we are now happy to offer the test use of WireGuard in all of our applications.
+
+**WARNING: The WireGuard protocol is currently under heavy development and should be considered experimental. At this time we do not recommend using WireGuard except for testing or in situations where security is not critical. We keep our WireGuard VPN servers completely separate from our OpenVPN servers to ensure there are no security risks.**
+
+_27/04/2020 update: Since its merge into Linux Kernel (v5.6) and the release of WireGuard 1.0, we consider the protocol to be ready for wide-scale use. We now offer WireGuard to all our subscribers._  
+
+_More information:_ [https://www.ivpn.net/wireguard/][10]
+
+Existing subscribers can start testing WireGuard simply by downloading the latest version of our Windows application and enabling WireGuard in the Settings (please see our [guide][6] and [FAQ][7] for more information). If you are not using IVPN yet, you can take advantage of our 3-day obligation-free trial option to test the service. 
+
+We have further news regarding our WireGuard implementation: As a VPN provider with a chief focus on privacy protection, we have considered and evaluated the possible risks of using the protocol during our tests. Security experts in our team have identified and solved multiple issues – including users' public IP being stored in memory indefinitely, the lack of real dynamic IP allocation and no 'identity-hiding forward secrecy' offered – and have taken significant steps towards eventually recommending WireGuard as a default VPN protocol to use. If you are curious about these technical solutions please review our article [Using WireGuard for Privacy Protection][8].  
+
+
+If you have any feedback, questions or concerns about WireGuard for IVPN, our [team is standing by][9] for your message.
+
+Looking forward to hearing your test impressions.  
+
+
+Nick Pestell &  
+the IVPN team
+
+ [1]: /facts
+ [2]: /blog/ivpn-no-logging-claim-verified-by-independent-audit/
+ [3]: /privacy/
+ [4]: https://www.wireguard.com/
+ [5]: /blog/introducing-wireguard-fully-automated/
+ [6]: /setup/windows-10-wireguard/
+ [7]: /knowledgebase/general/wireguard-faq/
+ [8]: /knowledgebase/general/using-wireguard-for-privacy-protection/
+ [9]: /contactus/
+ [10]: /wireguard/
\ No newline at end of file
diff --git a/src/content/es/blog/2019-10-09-ivpn-to-undergo-extensive-security-audit.md b/src/content/es/blog/2019-10-09-ivpn-to-undergo-extensive-security-audit.md
new file mode 100644
index 000000000..5641f948f
--- /dev/null
+++ b/src/content/es/blog/2019-10-09-ivpn-to-undergo-extensive-security-audit.md
@@ -0,0 +1,31 @@
+---
+title: IVPN to undergo extensive security audit
+# Example: /blog/this-is-a-good-post
+url: /blog/ivpn-to-undergo-extensive-security-audit/
+draft: false
+authors:
+  - Nick Pestell
+categories:
+  - IVPN News
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - Audit
+  - Security
+date: 2019-10-09T14:54:37.000Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/audit.png
+---
+Earlier this year IVPN published results of an audit that [verified our no-logging claims][1]; we are now taking the next steps towards demonstrating trustworthiness and commitment to protecting customer privacy in a transparent way. 
+
+Today we are ready to announce that a comprehensive security audit will be performed on all of our systems starting next month (November 2019). It will be carried out by cure53, an independent firm who possess the necessary experience and expertise after completing numerous similar projects in the industry. The scope is extensive and includes:
+
+  * Public VPN service infrastructure
+  * IVPN internal server infrastructure
+  * IVPN website
+
+The audit will be undertaken by six security auditors; due to its scope we expect the process to take a considerable amount of time. We forecast a conclusion early in the new year (January 2020) and aim to publish the results shortly thereafter.
+
+Nick Pestell  
+CEO
+
+ [1]: /blog/ivpn-no-logging-claim-verified-by-independent-audit/
\ No newline at end of file
diff --git a/src/content/es/blog/2019-11-29-introducing-a-new-ivpn-subscription-plan.md b/src/content/es/blog/2019-11-29-introducing-a-new-ivpn-subscription-plan.md
new file mode 100644
index 000000000..5d7e54ce4
--- /dev/null
+++ b/src/content/es/blog/2019-11-29-introducing-a-new-ivpn-subscription-plan.md
@@ -0,0 +1,52 @@
+---
+title: Introducing a new IVPN subscription plan
+# Example: /blog/this-is-a-good-post
+url: /blog/introducing-a-new-ivpn-subscription-plan/
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - IVPN News
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - Subscriptions
+date: 2019-11-29T16:06:34.000Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/pricing.png
+comments:
+  - author: Gamix
+    date: 2019-12-09T13:12:04+01:00
+    content: |
+      Thanks for this awesomes plans :)
+
+---
+IVPN is working towards a future where mass surveillance is not a key part of our reality. To make our VPN service more accessible to customers looking for privacy protection we are introducing a new, more affordable subscription plan. 
+
+Customers signing up today have the chance to choose between IVPN Standard, covering up to 2 personal devices, and IVPN Pro covering up to 7, with additional tools such as Multi-hop and Port forwarding available.
+
+> July 2023 update: Port Forwarding is being phased out from the IVPN service and is no longer offered to new customers.\
+> You can find more information in a [blog post][1] about this change.
+
+Below is a detailed comparison of our new plans:
+
+
+|          |             |    |
+| -------- | ----------------- | ------------ |
+| **Plan** | **IVPN Standard** | **IVPN Pro** |
+| Monthly price | $6 | $10 |
+| Annual price | $60 | $100 |
+| Devices covered | 2 | 7 |
+| All locations and protocols accessible | ✅ | ✅ |
+| AntiTracker | ✅ | ✅ |
+| Multi-hop | ❌ | ✅ |
+| Port Forwarding | ❌ | ❌ |
+
+
+A note to current IVPN customers: all existing subscriptions are converted to IVPN Pro with the added benefit of 7 device coverage, improved from the previous limit of 5. Moving forward, IVPN Pro Quarterly plans cost $30 and will not be offered to new subscribers.
+
+With any questions about our new plans please [contact][2] our customer service team directly.
+
+IVPN Team
+
+ [1]: /blog/gradual-removal-of-port-forwarding/
+ [2]: /contactus/
diff --git a/src/content/es/blog/2019-12-12-password-less-vpn-authentication.md b/src/content/es/blog/2019-12-12-password-less-vpn-authentication.md
new file mode 100644
index 000000000..57062cfca
--- /dev/null
+++ b/src/content/es/blog/2019-12-12-password-less-vpn-authentication.md
@@ -0,0 +1,30 @@
+---
+title: Password-less VPN authentication
+# Example: /blog/this-is-a-good-post
+url: /blog/password-less-vpn-authentication/
+draft: false
+authors:
+  - Nick Pestell
+categories:
+  - Releases
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - Apps
+  - Security
+date: 2019-12-12T15:17:26.000Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/password-less.png
+---
+TL;DR - We no longer require customers to specify a password when connecting to the VPN as we have randomly generated usernames and the password doesn't affect the security of the VPN tunnel in any way. You still require a password to login to the website Client Area. 
+
+To understand more about this decision read on.
+
+An authenticator is the means by which an identity is confirmed e.g. password or 2FA token. When designing information systems its important to choose an authenticator that is commensurate with the sensitivity of the information to which the use of the authenticator permits access. Companies use VPN technology to permit offsite staff secure access to their corporate networks. If an attacker were able to steal an employees credentials they would have full access to all the internal servers on the corporate network. Privacy VPN services use the same technology but instead of providing secure access to an internal network they provide secure access to the Internet. If an attacker were able to steal some credentials they would simply gain access to the Internet like any other IVPN customer and could do no more than use our service without paying for it.
+
+The username and password are only used to check that you have a paid account. They are not used in any way to establish the security of the VPN tunnel itself i.e. cryptographic keys are not derived from them.
+
+IVPN have always generated random usernames (62^8 combinations), so from now on we will use the username as the identifier and remove the requirement for a password. This not only simplifies user experience, but removes the confusion about needing a strong password for the VPN tunnel. 
+
+New versions of the IVPN apps will be released today with the username field renamed to 'Account ID' and the password field removed. If you are connecting with a non-IVPN app simply specify any password.
+
+Please note: This has no effect on the client area. To access the IVPN Client Area on the website you still need to enter the email address and password you signed up with.
\ No newline at end of file
diff --git a/src/content/es/blog/2020-01-23-independent-security-audit-concluded.md b/src/content/es/blog/2020-01-23-independent-security-audit-concluded.md
new file mode 100644
index 000000000..0eb317ca9
--- /dev/null
+++ b/src/content/es/blog/2020-01-23-independent-security-audit-concluded.md
@@ -0,0 +1,107 @@
+---
+# Example: /blog/this-is-a-good-post
+url: /blog/independent-security-audit-concluded/
+highlighted: true
+draft: false
+authors:
+  - Nick Pestell
+date: 2020-01-23T16:27:01.000Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/audit.png
+comments:
+  - author: John Ivpnuser
+    date: 2020-01-29T05:15:33.000Z
+    content: |
+      I can't seem to access the report!?
+  - author: John Doe
+    date: 2020-01-31T00:09:18.000Z
+    content: >
+      Thank you to everyone involved in the audit and being transparent about
+      it. I understand that not every minor detail cannot be covered, but it's
+      good to at least know that you guys are making an effort to show things
+      are being done. Again thank you, I don't see much activity in regards to
+      promotion of your services but I hope I prosperous new year to you all and
+      that you keep this transparency up in the future.
+  - author: Viktor Vecsei
+    date: 2020-02-05T08:31:48.000Z
+    content: >
+      The link is working on our end. Please contact our customer service team
+      here if you still can't access it: <a href="/contactus/" rel="nofollow
+      ugc">/contactus</a> - they are ready to send it to you directly through
+      other channels.
+  - author: cure69
+    date: 2020-03-04T10:05:31.000Z
+    content: |
+      great to see, thanks for doing this =)
+  - author: Jorge
+    date: 2020-03-14T14:43:41.000Z
+    content: >
+      I am not that IT literate; So how if at all does this audit correlate to
+      logging" either network or user related?
+  - author: spinon
+    date: 2020-03-15T00:22:40.000Z
+    content: >
+      The total number of issues found in the Cure53 audit (9) does not tally
+      with the sum of the numbers in parentheses. Why the glaring discrepancy?
+  - author: Viktor Vecsei
+    date: 2020-04-14T10:16:18.000Z
+    content: >
+      No-logs claim specifically was scrutinized in an earlier audit: <a
+      href="/blog/ivpn-no-logging-claim-verified-by-independent-audit/"
+      rel="nofollow
+      ugc">https://www.ivpn.net/blog/ivpn-no-logging-claim-verified-by-independent-audit/</a>
+  - author: Viktor Vecsei
+    date: 2020-04-14T10:22:37.000Z
+    content: >
+      The number of low errors indicated in the original blog post (1) was
+      incorrect. It is actually 3 - as visible in the full audit PDF linked. So
+      the total issue count was shown correctly, while we made a basic addition
+      error on that specific type. This is now fixed. Sorry.
+title: Independent security audit concluded
+categories:
+  - IVPN News
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - Audit
+  - Transparency
+socalUrls:
+  redditUrl: https://www.reddit.com/r/IVPN/comments/f1oyw6/extensive_independent_security_audit_of_the_ivpn/
+---
+We're pleased to announce that an independent security audit of the IVPN service conducted by Cure53 has concluded. The audit was conducted by 6 members of the Cure 53 team over 21 man-days in late November and December. 
+
+The purpose of the audit was to evaluate the security of our information systems by measuring how well they conform to a set of security best practices. The audit identifies vulnerabilities that may affect the security or privacy of our customers and provides recommendations on how to resolve them. However, an audit only provides a snapshot of the systems in scope during the period in which it was conducted. We hope that publishing the results of these audits increases our customer's confidence in the security of our systems and demonstrates our commitment to operating transparently wherever possible.
+
+The scope of the audit was very extensive and included our public VPN service infrastructure, our internal backend servers supporting our VPN service and penetration testing of our public web servers. A white-box approach was used whereby Cure53 was given full access to all our code repositories and a dedicated audit environment created to replicate our exact production environment. No access to production VPN servers or infrastructure was granted to members of the cure53 team.
+
+A total of 9 issues (3 high, 2 medium, 3 low, 1 info) were discovered, all of which were either immediately resolved or have since been resolved. Although the general assessment concludes the audit on the positive note and the vast majority of infrastructure was shown to be designed with high levels of security, the audit identified two vulnerabilities which we'd like to expand on below.
+
+1. **Disabled CSRF token**
+
+During the audit it was identified that CSRF protection middleware on the IVPN website was commented out.
+
+Although it was re-enabled immediately, it showed that our development process failed to protect us from this code being deployed in the first place. We believe that the code disabling CSRF was pushed to production accidentally by a developer with intention to debug some transient issue on staging and then merged it to production branch.
+
+The attacker would yield no personal data (beyond what would be required to be already known for the attack to succeed) or affect the privacy or security of the customers VPN service in any way. The only possible adverse effect would be locking the user out of their account by modifying their password. Regardless, we take this vulnerability very seriously and have already done the following to ensure this vulnerability can't be exposed again:
+
+  * Created strict rules within our deployment process to peer-review code before deployment (and configured branch permissions to ensure this).
+  * Added automated tests to ensure this specific vulnerability cannot be deployed.
+
+**2. Add-on modules vulnerabilities**
+
+We have a legacy system from the early years of our business which contained modules with various security issues. This system has multiple levels of protection and were only accessible to someone
+
+  * with access to our internal network
+  * with valid access credentials to the legacy server
+  * with 2FA authentication set up on the legacy server
+
+Although only a few people in the company could theoretically exploit these modules, we acknowledge that they should have been removed earlier and it shows that we had a blind spot in the legacy part of our infrastructure. To resolve this issue we immediately deactivated the insecure modules.
+
+### Commitments going forward {#Commitments-going-forward-2020-and-beyond}
+
+We believe that extensive regular audits are necessary to ensure our customer's security and continued trust. We are committed to conducting an annual audit of all our infrastructure. We will initiate another comprehensive audit of similar scope towards the end of this year and every 12 months after that.
+
+We have made available the [Cure53 report][1] for those interested in more detail. For transparency we decided to publish the full report with only the details about the vulnerabilities removed to ensure sensitive information about our infrastructure was not exposed (internal hostnames, code snippets etc).
+
+IVPN Team
+
+ [1]: https://cure53.de/summary-report_ivpn_2019.pdf
\ No newline at end of file
diff --git a/src/content/es/blog/2020-02-10-ivpn-applications-are-now-open-source.md b/src/content/es/blog/2020-02-10-ivpn-applications-are-now-open-source.md
new file mode 100644
index 000000000..bd5b766fc
--- /dev/null
+++ b/src/content/es/blog/2020-02-10-ivpn-applications-are-now-open-source.md
@@ -0,0 +1,37 @@
+---
+title: IVPN applications are now open source
+# Example: /blog/this-is-a-good-post
+url: /blog/ivpn-applications-are-now-open-source/
+highlighted: true
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - IVPN News
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - Apps
+  - Open Source
+  - Transparency
+date: 2020-02-10T11:08:57.000Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/github.png
+socalUrls:
+  redditUrl: https://www.reddit.com/r/IVPN/comments/f296ed/ivpn_applications_are_now_open_source/
+---
+Today we are excited to announce the open sourcing of all IVPN applications (Android, macOS, iOS and Windows) under GPLv3 license. 
+
+This is a first step in a multi-year plan to open source many parts of our service. The planned next step is releasing key parts of our infrastructure to the public with the ultimate goal of enabling anyone to set up and verify our VPN server configuration.
+
+Similarly to other projects we have been working on in the past year ([security audit,][1] [defining ethical boundaries][2], [going tracking-free][3]), our aim is to improve our transparency and build trust with current and future IVPN customers. Another motivation for open sourcing was to help developers start or improve information security and privacy enhancing projects. 
+
+Members of the IVPN team have been using, supporting, and building on Free and Open Source Software for decades in our personal and professional lives. We are happy to join the long list of companies working on open software. 
+
+Head over to our [GitHub page][4] to review our active repositories and start working with us towards a future where open software supports individual privacy and Internet freedom.
+
+IVPN Team
+
+ [1]: /blog/independent-security-audit-concluded/
+ [2]: /ethics/
+ [3]: /blog/ivpn-is-now-a-tracking-free-provider/
+ [4]: https://github.com/ivpn
\ No newline at end of file
diff --git a/src/content/es/blog/2020-04-06-ivpn-for-android-is-now-available-on-f-droid.md b/src/content/es/blog/2020-04-06-ivpn-for-android-is-now-available-on-f-droid.md
new file mode 100644
index 000000000..9b6947d64
--- /dev/null
+++ b/src/content/es/blog/2020-04-06-ivpn-for-android-is-now-available-on-f-droid.md
@@ -0,0 +1,38 @@
+---
+title: IVPN for Android is now available on F-Droid
+# Example: /blog/this-is-a-good-post
+url: /blog/ivpn-for-android-is-now-available-on-f-droid/
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - Releases
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - Apps
+  - Open Source
+  - Privacy
+  - Transparency
+date: 2020-04-06T12:00:00.000Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/f-droid.png
+socalUrls:
+  redditUrl: https://www.reddit.com/r/IVPN/comments/fvxsj5/ivpn_for_android_is_now_available_on_fdroid/
+---
+This year we are working on projects that increase transparency and offer better privacy protection for our customers. In Febuary [we open sourced][1] all our client software and plan doing the same for other parts of our service. To complete the first phase of this project, we have submitted our Android client successfully to F-Droid, an open source repository for Android apps.
+
+Members of our community suggested this step so they can bypass Google Play when using our service. With the help of F-Droid, now anyone can [install our app][2] and access important updates without any dependency on Google's privacy-violating platform.
+
+While preparing the submission, we have found values [published][3] by the F-Droid team that align well with our own: "F-Droid respects your privacy. We don't track you, or your device. We don't track what you install. You don't need an account to use the client, and it sends no additional identifying data when talking to our web server other than its version number."
+
+These words have resonated with us. By writing this post, we want to highlight the privacy gains from using their platform: transparency provided by [reproducible builds][4] and the option to break free from centralized app stores. 
+
+If you are concerned about your privacy, use F-Droid for installing not just IVPN, but all apps for your Android device. If you are a developer, submitting your applications to the platform is a great move. We hope to see more privacy protecting tools published on the platform.
+
+IVPN Team
+
+
+ [1]: /blog/ivpn-applications-are-now-open-source/
+ [2]: https://f-droid.org/
+ [3]: https://f-droid.org/en/about/
+ [4]: https://www.f-droid.org/en/2019/05/05/trust-privacy-and-free-software.html
\ No newline at end of file
diff --git a/src/content/es/blog/2020-04-07-most-people-dont-need-a-commercial-vpn-to-work-from-home-securely.md b/src/content/es/blog/2020-04-07-most-people-dont-need-a-commercial-vpn-to-work-from-home-securely.md
new file mode 100644
index 000000000..2a4e92641
--- /dev/null
+++ b/src/content/es/blog/2020-04-07-most-people-dont-need-a-commercial-vpn-to-work-from-home-securely.md
@@ -0,0 +1,30 @@
+---
+title: Most people don't need a commercial VPN to work from home securely
+# Example: /blog/this-is-a-good-post
+url: /blog/most-people-dont-need-a-commercial-vpn-to-work-from-home-securely/
+draft: false
+authors:
+  - Nick Pestell
+categories:
+  - Privacy & Security
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags: []
+date: 2020-04-07T13:25:11.000Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/work-from-home.png
+---
+Many small businesses and their employees are concerned about the security of their data whilst working from home during the coronavirus pandemic. We see a lot of confusion surrounding this topic, even from fairly technical folk and there is unfortunately a lot of misinformation being spread by commercial VPN providers themselves. **TL;DR - Most people do NOT need a commercial VPN provider to work from home securely and any provider telling you otherwise is probably selling you snake-oil.** It's a bit like arguing that you should put on a helmet to drive your car around your neighbourhood at 30 mph. Yes you're less vulnerable than without it but does the risk justify the cost? No, not in our opinion. This excludes employees on the move who are connecting from untrusted networks and especially those with more sensitive threat models e.g. journalists.
+
+Before we dive in I want to emphasise that this article makes quite a few assumptions. To start we assume you are an employee working from home for a small to medium size company which hosts their applications in the cloud and those applications use TLS/HTTPS (as shown by the little lock in the browser bar) and you don't have an extreme threat model involving sophisticated government agencies or other well funded adversaries attempting to steal your data.
+
+VPN technology was originally developed to allow enterprises to extend their private internal networks over the Internet. Instead of having to purchase expensive dedicated links between sites (e.g. a remote site and the head office) they could purchase two routers which established a secure connection over the Internet. The VPN ensured the confidentiality and integrity of the data whilst traversing the public Internet. There is also the 'road warrior' configuration where staff requiring remote access to their company's internal servers could establish a VPN from their laptop to a VPN router connected to the company's internal network. These companies typically have strong perimeter defences and relatively lax controls on the internal network. The VPN router in this case not only ensures data confidentiality and integrity but also **access control** i.e. only authenticated users with authorisation are allowed access to defined servers on the internal VPN. Many, perhaps most large companies still operate these VPN routers which enable their employees to work from any Internet enabled remote location securely. If you are working for such a company, you will typically be using a VPN client form Cisco, Citrix, Sonicwall etc. with strong authentication e.g. 2FA with a RSA hardware token. In this case a VPN is obviously necessary whilst working from home, without it you won't be able to access the applications you need to do your job (email, CRM etc.)
+
+The other use-case for a VPN is offered by a commercial VPN provider. These companies make various claims about ensuring your security, privacy and anonymity. Although the same basic VPN technology is used, the goals are very different. When you connect to a commercial VPN provider you are not attempting to access a server on their private network (as in the enterprise case above), rather you are connecting to a VPN router/server which is simply connected to the public Internet i.e. you connect from the public Internet and once connected have access to the same public Internet.
+
+Although this may at first seem pointless it actually creates several side-effects which are potentially desirable. Because the VPN server acts as a proxy server i.e. processes all Internet requests on behalf of all connected users using the same source IP address it effectively masks the IP assigned to you by your ISP. In addition the data traversing the VPN link between your device and the VPN server is encrypted so the company providing you Internet access (your ISP) cannot see which websites you access. However what we are attempting to address here is the security of your data. What attacks does encrypting your Internet traffic between your device and a random server on the Internet prevent?
+
+The most cited reason for using a VPN for security is to prevent attacks on untrusted networks e.g. public Wi-Fi. The presumption here is that the Wi-Fi operator may be malicious or that the Wi-Fi network itself doesn't implement encryption thereby enabling various eavesdropping attacks. These are valid concerns and using a VPN may well mitigate these attacks. However in this article we are discussing working from home and assuming you are connecting to a Wi-Fi network that you trust or directly control. We're also assuming you have configured your Wi-Fi with WPA2 or WPA3 (typical on most modern routers, you can verify this in your router configuration) and a strong passphrase so all traffic sent from your devices to your home router is encrypted with a similar level of security to that used by a commercial VPN provider. Ok so what about the data sent from your home router to the destination server? Well this is where ubiquitous TLS (https) connections save the day, yes that little lock in your browser bar that everyone talks about. If its there when you connect to a website (or the address starts with https) then you are using TLS, a modern encryption protocol that ensures that all data between the browser and web server is encrypted.
+
+By now you're probably seeing that there are multiple layers of encryption on the Internet and generally speaking for most people's security needs we don't need more than one layer. So lets take the case of Jane who works for Acme inc. a company with 100 remote employees with all their applications in the cloud. Jane uses Gsuite, Zoom, Salesforce, Slack and a custom app hosted on AWS. Whenever she connects to any of these apps, a secure encrypted connection is established and all data sent by the browser is encrypted until it reaches the application server. As Jane is connected via Wi-Fi, the encrypted TLS data is again encrypted by her network adapter between her laptop and her Wi-Fi router. Then from her home router to the Salesforce server it is protected by the TLS encryption established by her browser. At no point is the data vulnerable to an eavesdropper. If Jane was convinced to use a commercial VPN provider then there would be an additional layer of encryption between her laptop and the VPN server, offering no value unless you are concerned that the underlying TLS encryption is not sufficient, which is not normally a concern for most organisations. And when using a VPN, the connection from the VPN server to the salesforce server is not encrypted by the VPN, only the path from the user device to the VPN server.
+
+So we don't think Jane needs a commercial VPN to work securely from home in this scenario. However if Jane is concerned about her ISP snooping on the websites she is visiting or she needs some basic IP layer anonymity then there may be a use-case for a commercial VPN provider but thats a subject for another article.
\ No newline at end of file
diff --git a/src/content/es/blog/2020-04-22-beta-ivpn-linux-app-released.md b/src/content/es/blog/2020-04-22-beta-ivpn-linux-app-released.md
new file mode 100644
index 000000000..f37fe0aca
--- /dev/null
+++ b/src/content/es/blog/2020-04-22-beta-ivpn-linux-app-released.md
@@ -0,0 +1,48 @@
+---
+title: Beta IVPN Linux app released
+# Example: /blog/this-is-a-good-post
+url: /blog/beta-ivpn-linux-app-released/
+highlighted: true
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - Releases
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - Apps
+  - Open Source
+date: 2020-04-22T14:57:51.000Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/linux.png
+socalUrls:
+  redditUrl: https://www.reddit.com/r/IVPN/comments/g62o2e/ivpn_cli_linux_app_is_out_in_open_beta_feedback/
+---
+**tl;dr**: The [IVPN Linux CLI app][1] is available for testing - all feedback is welcome.
+
+IVPN apps have been available for most major platforms since the [release of our iOS][2] app back in 2017. The obvious missing piece was an app for Linux.
+
+Better support for Linux is big development priority for us this year. As a first milestone, we are releasing a beta command-line app with support for firewall, [WireGuard][3], [AntiTracker][4] and [Multi-hop][5] included.
+
+![Linux Example](/images-static/uploads/LIN.gif)
+
+Minimum requirements:
+
+  * 64-bit OS / Linux kernel 3.10+
+  * OpenVPN version v2.3.10+
+  * Third-party binary dependencies installed (OpenVPN, if not present by default; WireGuard; Obfsproxy, if required)
+
+During internal testing, we have verified everything works as expected on the latest versions of some popular distributions (Ubuntu, Fedora, Debian, Mint) plus some LTS editions.
+
+We invite you to [download the client][1] and start testing with us. Drop your feedback in the [dedicated Reddit thread][6], add issues [on GitHub][7] or [contact us][8] to share your findings. Please include your distribution version details plus any error messages.
+
+Next project milestone is a GUI app, which we expect to release in the coming months.
+
+ [1]: /apps-linux/
+ [2]: /blog/new-ivpn-app-ios/
+ [3]: /wireguard/
+ [4]: /antitracker/
+ [5]: /what-is-a-multihop-vpn
+ [6]: https://www.reddit.com/r/IVPN/comments/g62o2e/ivpn_cli_linux_app_is_out_in_open_beta_feedback/
+ [7]: https://github.com/ivpn/desktop-app-cli
+ [8]: /contactus/
diff --git a/src/content/es/blog/2020-04-22-updating-the-ivpn-certificate-authority.md b/src/content/es/blog/2020-04-22-updating-the-ivpn-certificate-authority.md
new file mode 100644
index 000000000..b2a913a67
--- /dev/null
+++ b/src/content/es/blog/2020-04-22-updating-the-ivpn-certificate-authority.md
@@ -0,0 +1,46 @@
+---
+title: Updating the IVPN Certificate Authority
+# Example: /blog/this-is-a-good-post
+url: /blog/updating-the-ivpn-certificate-authority-2020/
+highlighted: true
+draft: false
+authors:
+  - Iain Douglas
+categories:
+  - IVPN News
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags: []
+date: 2020-05-18T10:22:33.085Z
+thumbnailImage: /images-static/uploads/server_certificate_small.png
+---
+This is an advanced warning that you may need to take action to continue using our service beyond 20th July 10:56 2020 UTC.
+
+The IVPN Certificate Authority (CA) is used to sign certificates we issue for our servers. This allows your computer to verify that the VPN server it is connecting to is one of IVPN's and not one operated by someone else. You can use our service after 20 July with the following app versions:
+
+* Windows v2.11.6 or newer
+* Android v1.66.2 or newer
+* iOS v1.19.0 or newer
+* macOS v2.11.7 or newer
+* all Linux versions
+
+Please check if your IVPN apps are up-to-date and download the latest versions to avoid disruptions.
+
+Configuration file users
+
+* OpenVPN - [Download][1] new files from here if your files are older than 23rd March 2020.
+* DD-WRT - Generate a new configuration with our [configurator][2].
+* Other OpenVPN - You will need to download our [new CA certificate file.][3]
+
+**WireGuard and IPSec/IKEv2 - no action required.**
+
+### More info
+
+The IVPN CA was created 10 years ago and will expire on 20th July 2020. When this happens certificates issued by the CA will become untrusted and OpenVPN connections to our VPN servers will stop working.
+
+In preparation for this event, we have created a new CA and root certificate. We used this to create new VPN server certificates. We also used the old CA to cross sign the new CA root certificate. We have already updated our infrastructure and until 20th July connections to our servers using the old CA certificate and the new CA certificate will be trusted.
+
+If you have any questions please contact <support@ivpn.net>
+
+ [1]: /releases/config/ivpn-openvpn-config.zip
+ [2]: /clientarea/ddwrt
+ [3]: /releases/config/ca.crt
diff --git a/src/content/es/blog/2022-01-31-ivpn-apps-on-all-platforms-to-undergo-security-audit.md b/src/content/es/blog/2022-01-31-ivpn-apps-on-all-platforms-to-undergo-security-audit.md
new file mode 100644
index 000000000..cc7b0c167
--- /dev/null
+++ b/src/content/es/blog/2022-01-31-ivpn-apps-on-all-platforms-to-undergo-security-audit.md
@@ -0,0 +1,21 @@
+---
+title: IVPN apps to undergo security audit for 2022 
+# Example: /blog/this-is-a-good-post
+url: /blog/ivpn-apps-on-all-platforms-to-undergo-security-audit-2022/
+highlighted: true
+draft: false
+authors:
+  - Nick Pestell
+categories:
+  - IVPN News
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - Audit
+date: 2022-01-31T13:11:33.085Z
+thumbnailImage: /images-static/uploads/audit.png
+---
+Last year in March 2021 we published a comprehensive 3rd party audit of our IVPN apps for all platforms (Windows, macOS, Linux, iOS, Android). As part of our ongoing commitment to annual audits, we will again be engaging cure53, an independent firm who possess the necessary experience after completing numerous similar projects in the industry. The audit is scheduled to start next week (7 Feb 2022) and we expect to publish the results no later than end of March 2022.
+
+Nick Pestell  
+CEO  
+IVPN  
diff --git a/src/content/es/blog/2023-03-15-ivpn-infrastructure-audit-concluded.md b/src/content/es/blog/2023-03-15-ivpn-infrastructure-audit-concluded.md
new file mode 100644
index 000000000..3355962f0
--- /dev/null
+++ b/src/content/es/blog/2023-03-15-ivpn-infrastructure-audit-concluded.md
@@ -0,0 +1,35 @@
+---
+title: IVPN infrastructure security audit concluded
+url: /blog/ivpn-infrastructure-audit-concluded/
+highlighted: true 
+draft: false 
+authors:
+  - Nick Pestell
+categories:
+  - IVPN News
+tags:
+  - Audit
+  - Security
+date: 2023-03-15T11:04:37.000Z
+thumbnailImage: /images-static/uploads/audit.png
+---
+We're pleased to announce that an independent security audit of the new IVPN gateway infrastructure has concluded.
+
+We recently decided it was necessary to upgrade our VPN gateway servers to a major new OS version which included many configuration changes. This provided a good opportunity to audit the new servers in our testing environment before deploying them to production for customer use.
+
+## Audit results
+
+Two senior members of the Cure53 team conducted the audit over 6 days in February 2023. The audit was divided into two work packages:
+
+1. Penetration tests and configuration review of the VPN gateway server.
+2. Source code-assisted penetration tests against the VPN server OS and OS setup. 
+
+A white-box approach was used whereby the auditors had access to our public and private Github code repositories and a dedicated test environment. No access to production VPN servers or infrastructure was granted to members of the Cure53 team.
+
+A total of 3 security vulnerabilities and 5 miscellaneous issues were discovered (1 medium, 6 low, 1 info). All issues have been remediated. As a result we are now planning the upgrade of our infrastructure with the new configuration. We have made the [Cure53 report](https://cure53.de/pentest-report_IVPN_2023.pdf) available for those interested in the details. For transparency we decided to publish the full report with only potentially sensitive information removed (internal hostnames etc).
+
+## Commitments going forward
+
+We believe that extensive regular audits are necessary to ensure our customer’s security and continued trust. We continue to commit to an annual security audit where we will focus on those parts of our infrastructure and apps that we believe to be the most critical.
+
+IVPN Team
\ No newline at end of file
diff --git a/src/content/es/blog/2023-06-29-gradual-removal-of-port-forwarding.md b/src/content/es/blog/2023-06-29-gradual-removal-of-port-forwarding.md
new file mode 100644
index 000000000..a72fcccdd
--- /dev/null
+++ b/src/content/es/blog/2023-06-29-gradual-removal-of-port-forwarding.md
@@ -0,0 +1,44 @@
+---
+title: Gradual removal of port forwarding from the IVPN service
+url: /blog/gradual-removal-of-port-forwarding/
+draft: false 
+authors:
+  - IVPN Staff
+categories:
+  - IVPN News
+tags:
+  - Subscriptions
+date: 2023-06-29
+---
+Protecting the interest of our customers and ensuring the stability of the service have been key principles for IVPN since starting our operations more than ten years ago. To keep delivering on these promises, we have made the decision to gradually phase out the port forwarding feature from the IVPN Pro plan. 
+
+## Reasons for this change
+
+Port forwarding enables activities, such as large scale abuse and sharing of objectionable materials that can have a negative effect on our servers and operations. While the majority of customers are not using the feature for such purposes, actions of a few can have undesirable consequences affecting the whole VPN network. 
+
+Since recent similar changes in the policies of another popular VPN service provider, we have seen a significant influx of new customers, and the risks posed by such activities have grown manyfold. A considerable increase in law enforcement inquiries and erosion of relationship with data centers could threaten our ability to keep serving our customers. 
+
+We have no insights into how any one specific customer uses IVPN, and that needs to stay that way. After careful deliberation, we have found no other way to avoid further negative outcomes, but to gradually remove the port forwarding feature from service. We expect this move will result in more favourable load and bandwidth conditions on our end points. These changes should enable a better customer experience for our subscribers going forward.
+
+## Timeline
+
+1. As of today (29 June 2023), Port forwarding is not offered for new customers as part of the Pro plan. Further, existing IVPN Pro customers cannot reserve new ports. Existing reservations will stay in place, and can be disabled by manual action. 
+
+2. We are disabling all reserved ports and completely remove this feature from our service on 30 September 2023. 
+
+## How does it affect you
+
+Overall, we expect this change to improve the service for the vast majority of our customers, whilst negatively affecting only a small percent.
+
+If you have an IVPN Standard account, this change does not affect you. 
+
+By default, port forwarding is disabled on Pro accounts. If you have a Pro account, and have not activated port forwarding in the My Account settings, then this change does not affect you either. We suggest reading our ['Do you support Port Forwarding?'](https://www.ivpn.net/knowledgebase/general/do-you-support-port-forwarding/) explainer to learn more. 
+
+This change will only affect IVPN Pro users who take advantage of port forwarding to host servers behind the VPN. Examples for this are gaming servers, media servers, web servers or blockchain nodes. Another popular application is running a seedbox or file server to distribute a significant quantity of data.
+For some of these use cases, there are alternate solutions, for example using a free mesh VPN like Tailscale to access your home servers from outside your private network. You can consult our ['How do I remotely connect to my home system or services?'](https://www.ivpn.net/knowledgebase/general/how-do-i-remotely-connect-to-my-home-system-or-services-behind-the-vpn-connection/) guide for more information.
+
+If you have an IVPN Pro subscription with port forwarding enabled, note that once you disable your current reserved port, you won't be able to enable this feature again. Further, your current port forwarding set up will stop working on 30 September. 
+
+If you have any questions or concerns about this change, [contact us](https://www.ivpn.net/contactus/).   
+
+IVPN Team
\ No newline at end of file
diff --git a/src/content/es/blog/2023-08-10-name-change-from-privatus-to-ivpn-limited.md b/src/content/es/blog/2023-08-10-name-change-from-privatus-to-ivpn-limited.md
new file mode 100644
index 000000000..1b0a37fcb
--- /dev/null
+++ b/src/content/es/blog/2023-08-10-name-change-from-privatus-to-ivpn-limited.md
@@ -0,0 +1,32 @@
+---
+title: Change of company name to IVPN Limited
+url: /blog/change-company-name-privatus-ivpn-limited/
+draft: false 
+authors:
+  - IVPN Staff
+categories:
+  - IVPN News
+tags:
+  - Transparency
+date: 2023-08-10T08:25:00.000Z
+---
+We have officially changed the name of the company operating IVPN from Privatus Limited to IVPN Limited. Ownership structure, jurisdiction, address and administrative registration details are unchanged.  
+
+The reason for this move is to bring our product and brand name into alignment, reducing confusion and providing clarity to customers, partners and other parties about the operator of the service.
+
+To reiterate, this change only concerns the name of the company, and has no effect on:
+
+* Ownership structure of the company
+* Team behind IVPN
+* Registration number or other company details
+* Gibraltar jurisdiction, registered address 
+* Legal guidelines, processes for data requests and transparency reports
+
+In the coming days, we will update the company name on various assets of IVPN, including, but not limited to, different pages of our website, apps, and GitHub pages. 
+
+Our new company details, for reference:
+
+*IVPN Limited
+5 Secretary’s lane
+GX11 1AA
+Gibraltar*
diff --git a/src/content/es/blog/battery-life-apple-silicon-build-ivpn-app.md b/src/content/es/blog/battery-life-apple-silicon-build-ivpn-app.md
new file mode 100644
index 000000000..fec0ddb5d
--- /dev/null
+++ b/src/content/es/blog/battery-life-apple-silicon-build-ivpn-app.md
@@ -0,0 +1,74 @@
+---
+title: Battery life improvements with Apple silicon builds
+url: /blog/battery-life-apple-silicon-build-ivpn-app/
+highlighted: false
+draft: false
+authors:
+  - Alexandr Stelnykovych
+  - Viktor Vecsei
+categories:
+  - Under the Hood	
+tags:
+  - Apps
+date: 2021-11-10T09:35:00.000Z
+thumbnailImage: /images-static/uploads/silicon_thumb.png
+---
+We have tested the battery consumption rate of the IVPN app with constant VPN connectivity using two protocols (WireGuard and OpenVPN) on two different app builds (M1 and Intel). We concluded that using a dedicated Apple silicon app build with WireGuard protocol can offer up to 22% increase in battery life over OpenVPN on Intel build version when bandwidth is not limited. This translates to up to 2,5 hours of extra use time on an M1 Macbook Air. In contrast, a test with artificial speed limits demonstrated only a modest (2%) improvement. Read on for detailed results. 
+
+## Why these tests?
+
+When connected, VPN apps have the potential to be notorious battery hogs due to the constant encryption operations being performed. While apps (including our software) run well on M1 Rosetta without a dedicated build, we have received customer requests for an ARM version, citing expectations around improved battery performance. 
+As a result, we planned to validate whether customer assumptions are true. If, and only if tests show that significant gains can be achieved in battery performance we were ready to commit to compiling an M1 version of the IVPN app going forward.  
+
+## Testing process design
+
+Device used: 2020 M1 Macbook Air
+
+Testing battery drain time (100% to 0%) with machine unplugged
+
+Conducting eight test runs with active VPN connection, combination of:
+- Protocol a/b: OpenVPN, WireGuard
+- Speed limit a/b: Yes (21 Mbps), No 
+- Build a/b: Intel, M1 Apple silicon  
+<br>
+
+Further notes for testing environment:
+- Results are derived from total seconds measured until battery is fully discharged 
+- Power adapter unplugged, start at full battery
+- No additional applications installed 
+- IVPN App in connected state, no other apps running
+- IVPN connected to the same server for each test run
+- Throttled download speed matching in limited runs
+- IVPN app UI is active and visible
+- Battery status configuration: Turn off display - Never
+- Display True Tone: disabled
+- macOS version: 12.0.1 (Monterey)
+- IVPN Client v3.3.63
+
+## What are the findings? 
+
+  | Intel | M1
+-- | -- | --
+  | Battery drain time(hours) | Battery drain time(hours)
+OpenVPN(speed limit 21Mbs) | 14,15 | 14,03
+WireGuard(speed limit 21Mbs) | 14,29 | 14,48
+OpenVPN | 10,61 | 10,96
+WireGuard | 12,33 | 13,01
+
+![Image](/images-static/uploads/silicon_tests.png)
+
+Looking at the chart above we can deduce customers connecting through OpenVPN on an Intel-based IVPN app build could potentially achieve a ≈22% or 2,5 hours increase in battery life by switching both app builds and VPN protocols.
+
+We have to note these results are artificial and achieving them could be unrealistic. Speed-limited tests might replicate everyday use with more fidelity, since you use similar amounts of bandwidth for similar tasks even if you switch protocols and builds. Comparing the results of these tests show the lower bound for expected improvements is roughly 2%. 
+We are planning to replicate these tests with the recently released M1 Pro and Max in the coming weeks and update this post with the results. 
+
+Following these findings, we released a dedicated M1 ARM build and will continue to support it from now on. The choice between the Intel and M1 versions will be optional for all customers. For the best battery performance, please download the [appropriate build](https://www.ivpn.net/apps-macos/) for your device. If you are currently using the Intel version, you will not be prompted to upgrade to the Apple silicon version, you must download and install it manually.
+
+## Test it yourself
+
+To confirm the results or add your findings for M1 Pro or Max, follow these steps:
+1. Download both M1 and Intel IVPN macOS app builds [here](https://www.ivpn.net/apps-macos/).
+2. If you don’t have an active IVPN subscription, [email us](https://www.ivpn.net/contactus/) for a demo account.
+3. Download the test scripts used [here](https://github.com/ivpn/m1-battery-drain-tests).
+
+If you decide to carry these tests out, please post your results on [Reddit](https://www.reddit.com/r/IVPN/). 
diff --git a/src/content/es/blog/better-tracker-blocking-controls-with-antitracker-plus.md b/src/content/es/blog/better-tracker-blocking-controls-with-antitracker-plus.md
new file mode 100644
index 000000000..2abd625e1
--- /dev/null
+++ b/src/content/es/blog/better-tracker-blocking-controls-with-antitracker-plus.md
@@ -0,0 +1,73 @@
+---
+title: Better tracker blocking controls with AntiTracker Plus
+url: /blog/better-tracker-blocking-controls-with-antitracker-plus/
+highlighted: true
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - Releases
+tags:
+  - Apps
+  - Privacy
+date: 2023-08-07T07:25:00.000Z
+thumbnailImage: /images-static/uploads/tracker-blocker.png
+
+---
+IVPN AntiTracker is an optional feature of the VPN service that improves privacy protection by blocking requests from unwanted trackers and ads. Before today, AntiTracker operated with one blocklist option - OISD Big.
+
+With AntiTracker Plus we introduce ten different blocklist options to choose from: 
+
+* three combined lists with three different levels of blocking effectiveness
+* seven popular lists to select individually
+
+These options give you more control over the trade-off between more effective blocking and better usability. 
+
+For list combinations, you can choose from Basic, Comprehensive and Restrictive options, with each tier containing more entries that are blocked. The Restrictive option might cause websites and services to break, and is only recommended for the most privacy-conscious customers.
+
+We build and offer blocklists using the following sources:
+
+* [1Hosts][1]
+* [AdGuard DNS Filter][2]
+* [Developer Dan / Lightswitch05][3]
+* [EasyList][4]
+* [HaGeZi][5]
+* [OISD][6]
+* [Steven Black hosts][7]
+
+Please consult our [AntiTracker Plus FAQ entry][8] to learn more about list combinations and individual lists.
+
+### Getting started with Plus lists
+
+Access the AntiTracker settings in the IVPN app. Here you can select one of the new predefined, or individual lists to use under the "Block List” option.
+
+* On iOS, you need to reconnect to the VPN service to activate the new block list
+* On Android, block list selection is only available when not connected to the VPN service
+* When using Desktop apps, you can change lists any time
+
+<figure>
+    <img src="/images-static/uploads/at-plus.png"> 
+</figure>
+
+Note: 
+
+* For existing app installs, OISD Big is unchanged as default selection
+* For new setups, the Basic combination is the default selection
+
+We recommend reviewing and testing different options to find the most fitting for your needs.
+
+Hardcore mode, an additional AntiTracker setting that blocks all domains of Google and Facebook, is available in combination with each list option. 
+
+IVPN Staff
+
+
+*For AntiTracker Plus, we utilise various open-source blocklists, each owned and maintained by dedicated creators. We adhere to the provisions of their respective licenses. To learn more about these licenses, please visit the individual project pages of the resources, linked above.*
+
+ [1]: https://o0.pages.dev/
+ [2]: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+ [3]: https://github.com/lightswitch05/hosts
+ [4]: https://easylist.to/
+ [5]: https://github.com/hagezi/dns-blocklists
+ [6]: https://oisd.nl/downloads
+ [7]: https://github.com/StevenBlack/hosts
+ [8]: /knowledgebase/general/antitracker-plus-lists-explained/
diff --git a/src/content/es/blog/command-line-interface-for-ivpn-released.md b/src/content/es/blog/command-line-interface-for-ivpn-released.md
new file mode 100644
index 000000000..006e4249b
--- /dev/null
+++ b/src/content/es/blog/command-line-interface-for-ivpn-released.md
@@ -0,0 +1,58 @@
+---
+title: Command-line interface for IVPN released
+# Example: /blog/this-is-a-good-post
+url: /blog/command-line-interface-ivpn-released/
+highlighted: false
+draft: false
+authors:
+  - Alexandr Stelnykovych
+categories:
+  - Releases
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - apps
+date: 2020-05-20T11:50:34.740Z
+# 740px X 740px
+thumbnailImage: "/images-static/uploads/thumb_mac_cli-2x.png"
+# Ratio 1:1, example 500x500
+images:
+  - /images-static/uploads/og-mac-cli-2x.png
+---
+As privacy advocates and technologists we are constantly working on features which we think will improve the user experience of the IVPN apps. Less than a month after the release of the Linux app, we are proud to release a command-line interface (CLI) for the macOS and Windows apps. After installing v2.12.0, it is possible to connect to the IVPN network using either the command line or graphical interface.
+
+To get started, open a Command Prompt from the Start menu on Windows or run Terminal.app on macOS. Enter `ivpn connect -any -country Canada` and hit enter - this simple command will start a VPN connection to an IVPN server in Canada. You can also try running `ivpn connect -last` to connect with the last successfully used connection settings.
+
+![command line interface gif](/images-static/uploads/blog-command-line-interface-release-2.gif)
+
+You can control all aspects of the IVPN app through the command line. Run `ivpn -h` to learn more about the available commands and parameters:
+
+```html
+$ ivpn -h
+Command-line interface for IVPN client (www.ivpn.net)
+version:2.12.0 (date:2020-05-13 commit:f8da51caf76cab956c1cc38819d08e04a337a296)
+
+Usage: ivpn COMMAND [OPTIONS...] [COMMAND_PARAMETER] [-h|-help]
+
+COMMANDS:
+status           Prints full info about IVPN state
+connect LOCATION Establish new VPN connection
+disconnect       Disconnect active VPN connection (if connected)
+servers FILTER   Show servers list
+firewall         Firewall management
+wgkeys           WireGuard keys management
+dns DNS_IP       Default 'custom DNS' management for VPN connection
+antitracker      Default AntiTracker configuration management for VPN connection
+logs             Logging management
+login ACCOUNT_ID Login operation (register ACCOUNT_ID on this device)
+logout           Logout from this device (if logged-in)
+account          Get info about current account
+
+Tips:
+ ivpn COMMAND -h         Show detailed description of command
+ ivpn -h -full           Show detailed description about all commands
+```
+
+\
+Our continued aim is to make the IVPN experience as seamless as possible. We have added the CLI option on macOS and Windows for customers who prefer to operate through the command line. It is just an option: you can also continue using the IVPN app graphical interface as before.
+
+IVPN Team
\ No newline at end of file
diff --git a/src/content/es/blog/device-management-for-better-control.md b/src/content/es/blog/device-management-for-better-control.md
new file mode 100644
index 000000000..81be506f9
--- /dev/null
+++ b/src/content/es/blog/device-management-for-better-control.md
@@ -0,0 +1,46 @@
+---
+title: Introducing device management for better control of logged in devices
+url: /blog/device-management-for-better-control/
+highlighted: false
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+ - Releases
+tags:
+ - Subscriptions
+ - Apps
+date: 2024-02-13T05:55:00.000Z
+thumbnailImage: /images-static/uploads/rnew_release.png
+---
+We are introducing IVPN device management, an opt-in (disabled by default) feature that helps you review and log out from devices currently logged in to IVPN apps. 
+
+This step is a direct response to frequent customer requests for better device controls. IVPN plans come with a device limit - 2 and 7 for Standard and Pro respectively. Prior to this update, reaching this limit necessitated logging out from all devices in case unused ones were not identifiable or accessible.
+
+<figure>
+    <img width="600px" src="/images-static/uploads/device_management_account_area.png"> 
+</figure>
+
+After [activating device management](/account/device-management) in the Account dashboard on ivpn.net:
+
+* A list becomes available with devices currently logged in, each labeled with an assigned name
+
+* IVPN apps start showing these associated device names
+
+* You will have the ability to log out from individual devices or all of them simultaneously
+
+* Disable Device Management option becomes available
+
+<figure>
+    <img width="600px" src="/images-static/uploads/device_naming_android.png"> 
+</figure>
+
+Device management is disabled by default due to a minor privacy tradeoff consideration. When device management is activated, an extra field for the device name is added to the temporary record table which helps limiting the number of connected devices. However, these device names, allocated by IVPN, are non-unique and recycled from a set list of seven across all accounts. This approach guarantees that device names alone do not link back to your account in case an adversary was able to gain access to this specific data.
+  
+We recommend reviewing our updated [privacy policy](/privacy/), which outlines how we manage device limits and provides information on device management implementation. You can also consult the [FAQ entry](/knowledgebase/general/device-management-faq/) on Device management for further details.
+
+If you have any questions or feedback about this update, don’t hesitate to [contact us](/contactus/).
+
+
+
+
diff --git a/src/content/es/blog/dns-over-https-doh-macos-linux-windows.md b/src/content/es/blog/dns-over-https-doh-macos-linux-windows.md
new file mode 100644
index 000000000..42c020749
--- /dev/null
+++ b/src/content/es/blog/dns-over-https-doh-macos-linux-windows.md
@@ -0,0 +1,28 @@
+---
+title: DNS over HTTPS (DoH) support on macOS, Linux and Windows
+url: /blog/dns-over-https-doh-macos-linux-windows/
+draft: false
+authors:
+  - IVPN Staff
+categories:
+  - Releases
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - Apps
+  - Security
+date: 2022-04-05T07:56:15.000Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/linux.png
+---
+IVPN offers custom DNS servers which, when accessed through the VPN ensure that your DNS queries are encrypted between your device and our DNS server. This is a necessity, as DNS queries are not encrypted by the DNS protocol and can be easily read by an adversary observing your traffic (even when using HTTPS for your web traffic). 
+
+Our DNS servers are logless, audited and also offer an Anti-tracker solution, which blocks most 3rd party trackers. However, some customers have additional requirements which require DNS over HTTPS (DoH) support to securely use 3rd party DNS servers.  DNS over HTTPS encrypts your DNS queries using HTTPS (tunneled through the VPN) and appears just like any other web traffic.
+
+You can now configure a custom DNS server which supports DNS over HTTPS from within the IVPN app on macOS, Linux and Windows 8, 10 or 11. Customers who do not require the use of a 3rd party DNS server (e.g. custom filtering lists) do not need to configure DNS over HTTPS. Doing so does not provide any additional security or privacy over the IVPN DNS server - unless you trust your DNS provider more than IVPN.
+
+If you have any questions please don't hesitate to [reach out][1] to our technical support team.
+
+IVPN Staff
+
+
+ [1]: https://www.ivpn.net/contactus/
diff --git a/src/content/es/blog/extending-two-factor-authentication-to-ivpn-apps.md b/src/content/es/blog/extending-two-factor-authentication-to-ivpn-apps.md
new file mode 100644
index 000000000..01a6527bf
--- /dev/null
+++ b/src/content/es/blog/extending-two-factor-authentication-to-ivpn-apps.md
@@ -0,0 +1,26 @@
+---
+title: Extending two-factor authentication to IVPN apps
+url: /blog/extending-two-factor-authentication-to-ivpn-apps/
+highlighted: false
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - Releases
+tags:
+  - Apps
+  - Security
+date: 2021-09-07T07:05:00.000Z
+thumbnailImage: /images-static/uploads/password-less.png
+---
+Last year we added a two-factor authentication (2FA) option for [web-based account logins](/blog/new-open-source-ivpn-website-subscribe-without-email/). This week we are extending the time-based OTP (one-time password) support to IVPN apps. If you have 2FA enabled on your account you will need to use the previously set up authentication method when logging in to apps.
+
+A couple of notes about this change:
+
+1. We will activate this feature on 9th September 2021 for all IVPN apps: Android, iOS, and both CLI and GUI versions on Linux, macOS and Windows.
+2. 2FA for apps is only available for accounts that were created after November 2020 (account ID format: i-XXXX-XXXX-XXXX). If you wish to use 2FA for apps and have an IVPN subscription created before this date (account ID format: ivpnXXXXXXXX), contact our customer service to help you make the switch. 
+3. If you don't have 2FA enabled, these changes don't affect you and no further action is required. If you plan to enable 2FA now, you can do so by logging into the client dashboard on [https://www.ivpn.net](https://www.ivpn.net).
+
+If you have any questions or issues about this change, [contact us](/contactus/).
+
+IVPN Staff
diff --git a/src/content/es/blog/helping-people-decide-if-they-need-a-vpn-doineedavpn-launch.md b/src/content/es/blog/helping-people-decide-if-they-need-a-vpn-doineedavpn-launch.md
new file mode 100644
index 000000000..f3142f36f
--- /dev/null
+++ b/src/content/es/blog/helping-people-decide-if-they-need-a-vpn-doineedavpn-launch.md
@@ -0,0 +1,33 @@
+---
+title: Helping people decide if they need a VPN - DoINeedAVPN launch
+url: /blog/helping-people-decide-if-they-need-a-vpn-doineedavpn-launch/
+highlighted: false
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - Under the Hood
+tags:
+  - Open Source
+  - Privacy
+  - Security
+date: 2021-03-17T11:15:00.000Z
+thumbnailImage: /images-static/uploads/doineed.png
+images:
+  - /images-static/uploads/doineed_og_1200_627.png
+---
+TL;DR: We have created an open-source <a href="https://www.doineedavpn.com/" target="_blank">tool</a> that helps people decide if they need a commercial VPN.
+
+Releasing a blog post titled ["Why you don't need a VPN"](/blog/why-you-dont-need-a-vpn/) seemed like a bold move for some who follow IVPN. Who heard of a business that turns away potential customers?
+
+For us, publishing that piece felt inevitable. We were jaded by the marketing hype and over-promises by popular providers, who chase new audiences and position their solutions as a privacy and security cure-all. After incorporating certain points made in the original blog post to our home page copy, we realized we should do more.
+
+Most websites that discuss VPNs detail finding the best one, or picking the most suitable for you. There is less focus is on whether a commercial VPN is a fitting choice for your needs and threat model. Promoting VPNs is more lucrative than steering people away from them. Yet A VPN won't make you anonymous and for that purpose Tor is a better fit. Protecting your data on WiFi networks you don't trust is better solved by running your own VPN. Commercial VPNs can only partly solve other problems and we wanted to address these as well.
+
+{{< figure class="shadow" src="/images-static/uploads/Screenshot 2021-03-16 at 17.16.09.png" title="" >}}
+
+<a href="https://www.doineedavpn.com/" target="_blank">DoINeedAVPN.com</a> lists twenty-one privacy, security and anti-censorship concerns. It evaluates the combination of selections and recommends the use of commercial VPNs or alternative tools, where applicable. If the user picks issues that VPNs cannot solve, like hiding financial transactions, or stopping Facebook from tracking them, we steer them clear from using a commercial VPN service. We provide a detailed explanation for each selection, no matter if a VPN solves that issue or not.
+
+For better transparency, we have added a 'decision tree' <a href="https://www.doineedavpn.com/outcomes" target="_blank">explanation page</a> where you can review the logic behind the recommendations and each end state. Similarly to IVPN website and app projects, <a href="https://www.doineedavpn.com/" target="_blank">DoINeedAVPN.com</a> is open source. If you have spotted a bug or found a way to improve the project, open an issue <a href="https://github.com/ivpn/doineedavpn.com" target="_blank">on GitHub</a> or [contact us](/contactus/). Any suggestions and feedback is welcome.
+
+We hope this tool will provide clarity for people who want to understand what a commercial VPN can and cannot do for them.
diff --git a/src/content/es/blog/in-support-of-ukraine.md b/src/content/es/blog/in-support-of-ukraine.md
new file mode 100644
index 000000000..7dc14af63
--- /dev/null
+++ b/src/content/es/blog/in-support-of-ukraine.md
@@ -0,0 +1,33 @@
+---
+title: "In support of Ukraine: distributing free IVPN accounts"
+url: /blog/in-support-of-ukraine
+draft: false
+authors:
+  - IVPN Staff
+categories:
+  - IVPN News
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - Privacy
+  - Security
+date: 2022-02-28T07:56:15.000Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/ukrflag.png
+---
+*__March 16 Update__: Visit our [dedicated Support Ukraine page][3] to request a free IVPN account. This offer is open to anyone in Ukraine, Russia and Belarus.*
+
+IVPN has multiple team members hailing from Ukraine. Their reality has shifted from living and working in a  peaceful environment to fleeing the country and hiding in bomb shelters in a matter of days. We are standing up for the right of self-determination and sovereignty of our colleagues and all Ukrainians. We will do our best as individuals and as a company to support them.
+
+Beyond internal measures and this statement, we want to help anyone affected by offering free VPN service. Some digital communication  channels are cut off or [limited in Ukraine][1], and increasingly [censored in Russia][2]. We are distributing free subscriptions to anyone in these two countries so they can try to circumvent current and future limitations.
+
+Why include Russia? While their nation is an aggressor in this conflict, we believe many Russians are against this move, and continue to look for information from outside of their country through free and unrestricted Internet access.
+
+If you are a citizen of Ukraine, Russia or Belarus, or you reside in these countries please visit our dedicated [free account request page][3] to take up on this offer.
+
+Furthermore, if you need information, tips or assistance on using privacy tools and anti-censorship measures, we will do our best to help.
+
+IVPN Staff
+
+ [1]: https://twitter.com/gatech_ioda
+ [2]: https://www.bbc.com/news/technology-60533083
+ [3]: https://www.ivpn.net/supportua/
\ No newline at end of file
diff --git a/src/content/es/blog/insights-about-apple-app-store-rules-for-vpn-apps.md b/src/content/es/blog/insights-about-apple-app-store-rules-for-vpn-apps.md
new file mode 100644
index 000000000..173314fac
--- /dev/null
+++ b/src/content/es/blog/insights-about-apple-app-store-rules-for-vpn-apps.md
@@ -0,0 +1,103 @@
+---
+title: Insights about Apple App Store Rules for VPN Apps
+# Example: /blog/this-is-a-good-post
+url: /blog/insights-apple-app-store-rules-vpn-apps/
+highlighted: false
+draft: false
+authors:
+  - Juraj Hilje
+categories:
+  - Under the hood
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - apps
+date: 2020-06-03T12:40:14.612Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/app_store.png
+---
+As VPN developers and maintainers of the iOS VPN app distributed on the App Store, we deal with App Review and many of its peculiarities on a weekly basis. In this post we will look at:
+
+* What **unique requirements** VPN apps need to meet to be approved for App Store
+* How Apple's App Review **affects release cycle** for VPN apps on the App Store
+* Which **countries are not allowed** to distribute VPN apps
+* Behind-the-scene insight on how Apple is **reviewing VPN apps** (good & the bad parts)
+
+We’ll share some of my experiences and suggestions on how to handle the App Review process. Additionally, I will cover some unique requirements the App Review process holds for VPN apps.
+
+## About the App Review Process
+
+Every new app or update that is released in the App Store goes through a screening process called the App Review. Even though Apple uses automated tools to filter potential issues, there is also a manual review involved, conducted by an Apple Review Team member. This process has evolved over time, most noticeably in terms of reducing the review time (from a few weeks to under 24 hours), as well as defining clear rules and guidelines. One thing has stayed the same : it is fairly rigorous.
+
+Though the App Review guidelines and process have changed over the years, the main purpose remained the same — creating a trustworthy ecosystem, a safe environment where the App Store customer can rest assured that all the apps sold there meet certain basic requirements.
+
+For this same reason, Apple Review policies often create friction and overhead for app developers. Developing an app that looks and works great is a challenge in and of itself, but when you plan to release that app in the App Store, it also becomes a product that has to comply with high standards in other areas: appropriate content, customer privacy, special legal requirements, and many others.
+
+Think of it in terms of pharmaceutical production — inventing a new type of medicine that does its job is not enough. Before you can place it on the market, it has to comply with FDA rules that ensure its safety and efficiency.
+
+As daunting as they may sometimes be, these Guidelines provide safety for all parties involved. Once your app is available on the App Store, your customers are sure that your product complies at least with a minimum quality the App Store policies require. That means they’ll be more likely to purchase your app, and [purchase it at a higher average price](https://appleinsider.com/articles/19/07/03/apples-app-store-generated-80-more-revenue-than-google-play-with-a-third-as-many-installs-in-first-half-of-2019 "https\://appleinsider.com/articles/19/07/03/apples-app-store-generated-80-more-revenue-than-google-play-with-a-third-as-many-installs-in-first-half-of-2019").
+
+## Specific Rules for VPN Apps
+
+In June 2019, Apple made a separate section for VPN apps in App Store Review Guidelines. The primary goal of this change is to purge the App Store of VPN apps that share user data to 3rd parties. Though this rule is supposed to improve privacy for VPN app users, Apple seems to be struggling with its implementation.
+
+To this day, a [large percentage of VPN apps](https://www.top10vpn.com/research/investigations/free-vpn-ios-apps-data-sharing/ "https\://www.top10vpn.com/research/investigations/free-vpn-ios-apps-data-sharing/") on the App Store do not comply with this rule. For many of these apps, you don’t need to conduct an audit or a deep-level analysis to determine they’re in breach of this rule — reading their privacy policy is enough.
+
+Let’s take a look at some of the prerequisites and recommendations a VPN app has to meet in order to get approved by the App Store.
+
+### User Data Collection
+
+After Guidelines update in June 2019, Apple clearly prohibits 3rd-party data sharing for VPN apps.
+
+It can be expected that, over a perceivable period of time, the App Store will begin weeding these apps out. The new VPN apps that have a privacy policy which doesn’t comply with this rule won’t be approved. As for the VPN apps currently sold on the App Store, they may experience problems with pushing an update, or Apple may remove the app from the App Store and its owner from Apple Developer Program.
+
+To make sure your VPN app complies with this rule, you have to clearly state what user data your app collects, how it uses it, and you have to state that you don’t share user info with third parties. Furthermore, you have to familiarize your users with this information before they purchase or start using the service. In other words, before your user can connect to your VPN service, your app has to show them a separate screen containing the privacy policy that complies with this App Store rule.
+
+### Countries where VPNs are Illegal or Restricted
+
+It is common for countries to invest in methods of blocking known VPN service providers. In some countries with repressive governments, using a VPN is even restricted or illegal. At the time of writing this article (May 2020), these countries are Belarus, Iraq, Oman, Turkmenistan, North Korea, China, Turkey, The UAE, Russia, and Iran.
+
+If a new VPN app, or an update of an existing one, is made available in mentioned App Store territories, the App Store will reject the app/update.
+
+However, sometimes the App Store Review team fails to check this and releases a VPN app in one of these countries. When this happens, you can expect that the App Review team will file a rejection at some point for one of your subsequent updates, demanding you pull the app from countries where VPNs are illegal.
+
+### App Review Reliability for VPN Apps
+
+The App Review process relies on manual work from an employee that has to do [50 to 100 app reviews per day](https://www.cnbc.com/2019/06/21/how-apples-app-review-process-for-the-app-store-works.html "https\://www.cnbc.com/2019/06/21/how-apples-app-review-process-for-the-app-store-works.html"). This makes it close to impossible for the review team to test and screen every detail and use-case in your app. Sometimes, they approve an app that doesn’t comply with one of their rules. This may lead to inconsistency with reinforcing App Store rules and guidelines. It often happens that they approve one app with a certain feature, while they reject another with the exact same feature.
+
+If you feel that the App Review team misunderstood your feature and just blindly quoted the Guidelines, make your case by stating the reasons behind it. This approach will most likely result with an approval — if it was indeed a misunderstanding and not a violation of the rules.
+
+But even when you manage to squeeze an app that doesn’t comply with the rules and guidelines past the review team and onto the App Store, you’re not permanently in the clear. The App Review team might notice their mistake the next time you try to push an update.
+
+### Grey Areas
+
+Continuing with inconsistencies, an interesting example is ads- and content-blocking, and how Apple is dealing with approving or rejecting this feature. It is usually implemented using a public iOS API (NEPacketTunnelProvider) to configure a VPN tunnel and filter the outgoing DNS requests.
+
+There have been reports (for example [here](https://adguard.com/en/blog/adguard-pro-discontinued.html "https\://adguard.com/en/blog/adguard-pro-discontinued.html") and [here](https://www.fastcompany.com/90236881/apple-tightlipped-on-removal-of-freedom-and-other-content-blocking-apps "https\://www.fastcompany.com/90236881/apple-tightlipped-on-removal-of-freedom-and-other-content-blocking-apps")) of apps that were pulled from App Store, with rejection response from App Review: "Guideline 2.5.1 - Performance - Software Requirements: Your app uses a VPN profile or root certificate to block ads or other content in a third-party app, which is not allowed on the App Store."
+
+In July 2019, in IVPN iOS app we introduced a similar feature called “[AntiTracker](https://www.ivpn.net/blog/block-ads-and-beat-data-surveillance-with-ivpns-antitracker/ "https\://www.ivpn.net/blog/block-ads-and-beat-data-surveillance-with-ivpns-antitracker/")”, that is used to block ads and data trackers across the entire device. But at some point in the future, Apple could demand that we remove this feature in order to be approved for App Store.
+
+## Conclusion
+
+App Review for VPN apps is usually more strict than the one for apps in some other categories, which is understandable, given the sensitive nature of the services provided by VPNs. Eventually, I expect there’ll be little to no room to veer around Apple’s rules and guidelines in this realm.
+
+If you are an iOS developer or perhaps a stakeholder that plans to distribute a VPN app on the App Store, do your best to follow good practices:
+
+**Don't share user data with 3rd-party services**
+
+At some point, Apple will surely weed out VPN apps that violate 3rd-party data sharing or other rules. Be careful with using any 3rd-party services and libraries in your app.
+
+**Be transparent with your users**
+
+VPN users will value clear and honest communication in release notes, new feature announcements and system status notifications, rather than vague and clever marketing quotes.
+
+**Have a clear business model**
+
+It looks like shady free VPN apps on the App Store are [coming to an end](https://appleinsider.com/articles/20/03/09/apple-removed-sensor-tower-vpn-ad-blocking-apps-for-gathering-user-data "https\://appleinsider.com/articles/20/03/09/apple-removed-sensor-tower-vpn-ad-blocking-apps-for-gathering-user-data"). Earn user trust with honesty and transparency, and base your business model on paid subscriptions.
+
+- - -
+
+### Further sources
+
+*[https://developer.apple.com/app-store/review/guidelines/](https://developer.apple.com/app-store/review/guidelines/ "https\://developer.apple.com/app-store/review/guidelines/")*\
+*[https://developer.apple.com/app-store/review/](https://developer.apple.com/app-store/review/ "https\://developer.apple.com/app-store/review/")*[\
+*https://www.technadu.com/apples-new-vpn-guidelines-havent-changed-app-store/70249/*](https://www.technadu.com/apples-new-vpn-guidelines-havent-changed-app-store/70249/ "https\://www.technadu.com/apples-new-vpn-guidelines-havent-changed-app-store/70249/")
diff --git a/src/content/es/blog/introducing-a-redesigned-ivpn-for-android.md b/src/content/es/blog/introducing-a-redesigned-ivpn-for-android.md
new file mode 100644
index 000000000..077ccc0f2
--- /dev/null
+++ b/src/content/es/blog/introducing-a-redesigned-ivpn-for-android.md
@@ -0,0 +1,42 @@
+---
+title: Introducing a redesigned IVPN for Android
+# Example: /blog/this-is-a-good-post
+url: /blog/redesigned-ivpn-for-android/
+highlighted: false
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - Releases
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - Apps
+  - Open Source
+date: 2020-09-28T13:15:00.000Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/thumb-2x_andr.png
+# Ratio 1:1, example 500x500
+images:
+  - /images-static/uploads/1.jpg
+---
+After kicking off the round of releases with [iOS earlier this month](https://www.ivpn.net/blog/release-revamped-ivpn-app-iphones-ipads/ "https\://www.ivpn.net/blog/release-revamped-ivpn-app-iphones-ipads/"), today we are introducing a rebuilt IVPN app for Android. The goals for this project were similar: to deliver a solution that offers better user control, a clearer overview of connection status and location, and enables a smoother setup process.
+
+An overview on what changed:
+
+![ivpn android interactive map](/images-static/uploads/1.jpg)
+
+*Select servers for Single- and Multi-Hop connections quicker on an interactive map*
+
+![ivpn android pullup menu](/images-static/uploads/2.jpg)
+
+*Switch protocols, network protection settings and enable AntiTracker through the pull-up menu*
+
+![ivpn android account management](/images-static/uploads/3.jpg)
+
+*Get an overview on your subscription and set up IVPN on other devices easier*
+
+Similarly to the iOS and iPadOS counterparts, IVPN for Android is open source. You can find the details and ways to contribute on our [GitHub page](https://github.com/ivpn/android-app).
+
+We hope you have a smooth experience with our new Android app - please drop us a line if you have any feedback.
+
+IVPN Staff
\ No newline at end of file
diff --git a/src/content/es/blog/introducing-split-tunnelling-to-ivpn-for-windows.md b/src/content/es/blog/introducing-split-tunnelling-to-ivpn-for-windows.md
new file mode 100644
index 000000000..da25270fc
--- /dev/null
+++ b/src/content/es/blog/introducing-split-tunnelling-to-ivpn-for-windows.md
@@ -0,0 +1,26 @@
+---
+title: Introducing split tunnelling to IVPN for Windows
+url: /blog/introducing-split-tunnelling-to-ivpn-for-windows/
+highlighted: false
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - Releases
+tags:
+  - Apps
+  - Privacy
+date: 2021-09-14T05:00:00.000Z
+thumbnailImage: /images-static/uploads/split.png
+---
+Split tunnels enable you to remain connected to your VPN while simultaneously accessing specific apps and services directly, bypassing the VPN tunnel.  With this solution you can protect your privacy and connect to services that restrict or block customers who use commercial VPNs. This can be very useful when you need to access banking, streaming or gaming providers using your personal IP address.
+
+Split tunnels were previously supported on IVPN for Android, today we are adding this functionality to our Windows app, with Linux support coming later. Currently this feature is in beta and may still contain some bugs although it has been extensively tested internally.
+
+To enable split tunnelling update to the latest app version (v3.3.40) and define which applications you want to exclude from the tunnel. For example, to connect to Steam directly while using IVPN, add the Steam app to the list of Excluded Applications in the IVPN settings before launching it. If you plan to use split tunnelling to access local libraries of streaming services, follow the steps laid out in our [dedicated guide](/knowledgebase/general/can-i-access-hulu-or-netflix-or-bbc-iplayer-using-ivpn/).
+
+Note that these benefits come with risks. A split tunnel creates an intentional leak and so depending on your threat model we suggest reviewing our [Split Tunnel Uses and Limitations](/knowledgebase/general/split-tunnel-uses-and-limitations/) article to learn about potential issues and how to mitigate them.
+
+If you have any questions or feedback about split tunnels, [reach out to us](/contactus/).
+
+IVPN Staff
diff --git a/src/content/es/blog/ipv6-over-ipv4-available-for-testing.md b/src/content/es/blog/ipv6-over-ipv4-available-for-testing.md
new file mode 100644
index 000000000..dee2c9616
--- /dev/null
+++ b/src/content/es/blog/ipv6-over-ipv4-available-for-testing.md
@@ -0,0 +1,23 @@
+---
+title: IPv6 (over IPv4) available for testing
+url: /blog/ipv6-over-ipv4-available-for-testing/
+highlighted: false
+draft: false
+authors:
+  - Nick Pestell
+categories:
+  - Releases
+tags:
+  - Apps
+  - WireGuard
+date: 2021-06-29T07:05:00.000Z
+---
+We now provide the option to receive an IPv6 address when connecting to our servers using WireGuard. This enables those with only an IPv4 address to access the IPv6 Internet. Access to IPv6 to connect to our servers using IPv6 is under development, and not yet included in this update.
+
+IPv6 over IPv4 is now available in all IVPN apps. If required, enable the option to see your assigned IPv6 address after connecting as well as the geolocation for both the IPv4 and IPv6 address. These two might be different in some due to how geolocation providers collect and publish this information. If you have a native IPv6 connection this feature will also display your IPv6 information when disconnected from the VPN.
+
+All our backend infrastructure (e.g. authentication servers) are IPv6 enabled which also allows us to better bypass blocks that previously prevented some customers from being able to login to the app. Similarly in cases where a website or service has blocked our IPv4 address, customers may have success in accessing the service over IPv6.
+
+Its important to note that when using this feature you will have both an IPv4 and IPv6 address i.e. dual-stack and will have effectively no control over which protocol is chosen when both IPv4 and IPv6 DNS records are returned for a host. Operating systems implement [RFC 6724](https://datatracker.ietf.org/doc/html/rfc6724) to varying degrees but applications can also implement their own logic which mostly follows the ‘Happy Eyeballs’  algorithm as defined in [RFC 8305](https://datatracker.ietf.org/doc/html/rfc8305). Happy Eyeballs attempts to optimize the user experience by trying both connections in parallel and using the first connection returned. For example, if you visit the IVPN website after enabling IPv6 in the app you will see in the header which protocol your browser has selected for our website (either an IPv4 or IPv6 address).
+
+If you have any questions about this feature please reach out to our support team.
diff --git a/src/content/es/blog/ivpn-apps-on-all-platforms-to-undergo-security-audit.md b/src/content/es/blog/ivpn-apps-on-all-platforms-to-undergo-security-audit.md
new file mode 100644
index 000000000..0d8e7481c
--- /dev/null
+++ b/src/content/es/blog/ivpn-apps-on-all-platforms-to-undergo-security-audit.md
@@ -0,0 +1,23 @@
+---
+title: IVPN apps on all platforms to undergo security audit
+url: /blog/ivpn-apps-on-all-platforms-to-undergo-security-audit/
+highlighted: false
+draft: false
+authors:
+  - Nick Pestell
+categories:
+  - IVPN News
+tags:
+  - Audit
+  - Apps
+  - Transparency
+date: 2020-12-11T10:53:00.000Z
+thumbnailImage: /images-static/uploads/audit.png
+---
+Earlier this year IVPN published results of a comprehensive [3rd party infrastructure audit](/blog/independent-security-audit-concluded/) that included VPN, web, authentication, API servers and supporting infrastructure. Following the open-sourcing of our apps in February this year, we decided to commission a comprehensive audit of IVPN apps for all platforms (Windows, macOS, Linux, iOS, Android).
+
+For this project we have engaged cure53, an independent firm who possess the necessary experience after completing numerous similar projects in the industry.  Five security auditors with expertise in each app platform will undertake the audit. It is scheduled to start in early February 2021 and we expect to publish the results no later than March 2021.
+
+Nick Pestell  
+CEO  
+IVPN  
diff --git a/src/content/es/blog/ivpn-apps-security-audit-2022-concluded.md b/src/content/es/blog/ivpn-apps-security-audit-2022-concluded.md
new file mode 100644
index 000000000..f1065a35c
--- /dev/null
+++ b/src/content/es/blog/ivpn-apps-security-audit-2022-concluded.md
@@ -0,0 +1,43 @@
+---
+title: IVPN apps security audit for 2022 concluded
+url: /blog/ivpn-apps-security-audit-2022-concluded/
+highlighted: false
+draft: false 
+authors:
+  - Nick Pestell
+categories:
+  - IVPN News
+tags:
+  - Audit
+  - Security
+date: 2022-04-06T10:04:37.000Z
+thumbnailImage: /images-static/uploads/audit.png
+---
+We’re pleased to announce that an independent security audit of the IVPN apps conducted by Cure53 has concluded.
+
+Since our last audit 12 months ago we have made significant updates to apps on all platforms and judged that a new audit with similar scope is necessary this year.
+
+It’s important to note an audit only provides a snapshot of the code in scope during the period in which it was conducted. We hope that publishing the results increases our customer’s confidence in the security of our apps and shows our commitment to operating transparently wherever possible.
+
+## Audit results
+
+Three senior members of the Cure53 team conducted the audit over 13 days in February and early March. A white-box approach was used whereby the auditors had access to our public Github code repositories and a dedicated test environment for backend services. No access to production VPN servers or infrastructure was granted to members of the Cure53 team.
+
+A total of 8 vulnerabilities (1 high, 6 medium, 1 info) were discovered. All except one issue has been resolved, the remaining issue (IVP-04-014 WP, Medium) is complex to resolve without significantly affecting the user experience. The issue relates to how the daemon authenticates requests (from the user interface), which could lead to a malicious app being able to manipulate the VPN tunnel e.g. disconnect. We believe the probability of this being exploited is low, but are committed to finding a solution.
+
+12 miscellaneous issues were discovered, 9 of which have already been resolved and 3 of which we deemed to be very low risk and have accepted it. The [Cure53 report][1] is available for those interested in the details. For transparency we decided to publish the full report with only potentially sensitive information removed (internal hostnames, code snippets etc).
+
+*Update: 
+We have addressed a vulnerability (IVP-04-014 WP) mentioned in the audit report relating to how the daemon authenticates requests (from the UI), which could lead to a malicious app being able to manipulate the VPN tunnel e.g. disconnect without the users consent. We believe the probability of this being exploited is low, but we committed to finding a solution. Today we’re releasing a new version of the desktop app (3.8.7) with Enhanced App Authentication (EAA) which significantly mitigates this vulnerability.* 
+
+*EAA implements an additional authentication factor between the IVPN app (UI) and the daemon that manages the VPN tunnel. To enable it you will be required to define a separate password and will then be required to manually enter this password when starting the app. This functionality can be configured from the new ‘Advanced’ tab within the GUI or Command-line interface (see 'ivpn eaa --help).*
+
+
+## Commitments going forward 
+
+We believe that extensive regular audits are necessary to ensure our customer’s security and continued trust. We are committed to conducting an annual security audit where we will focus on those parts of our infrastructure and apps that we believe to be the most important.
+
+IVPN Team
+
+[1]: https://cure53.de/pentest-report_IVPN_2022.pdf
+
diff --git a/src/content/es/blog/ivpn-apps-security-audit-concluded.md b/src/content/es/blog/ivpn-apps-security-audit-concluded.md
new file mode 100644
index 000000000..fe4423041
--- /dev/null
+++ b/src/content/es/blog/ivpn-apps-security-audit-concluded.md
@@ -0,0 +1,31 @@
+---
+title: IVPN apps security audit concluded
+url: /blog/ivpn-apps-security-audit-concluded/
+draft: false 
+authors:
+  - Nick Pestell
+categories:
+  - IVPN News
+tags:
+  - Audit
+  - Security
+date: 2021-03-12T10:54:37.000Z
+thumbnailImage: /images-static/uploads/audit.png
+---
+We're pleased to announce that an independent security audit of the IVPN apps conducted by Cure53 has concluded. 
+
+Since open sourcing our apps more than a year ago, our focus has been on a complete rewrite of our desktop apps for Windows and macOS. The goal was to deliver a more robust, secure and intuitive app experience using a single unified code base for all OSs including Linux.
+
+One of the security requirements was a full code audit and pen test by an independent 3rd party. This enabled discovering and fixing all vulnerabilities and issues before releasing the new desktop apps to customers. Since that process has successfully concluded, we expect to release the new IVPN desktop app in the next two weeks. The auditors have also reviewed the latest versions of our mobile apps for iOS and Android. 
+
+It's important to note an audit only provides a snapshot of the code in scope during the period in which it was conducted. We hope that publishing the results increases our customer's confidence in the security of our systems and shows our commitment to operating transparently wherever possible.
+
+## Audit results
+Five members of the Cure53 team conducted the audit over 18 person-days in late February and early March. A white-box approach was used whereby the auditors had access to our public Github code repositories and a dedicated test environment for backend services. No access to production VPN servers or infrastructure was granted to members of the Cure53 team.
+
+A total of 4 vulnerabilities (2 critical, 2 medium) were discovered, all in the new unreleased desktop app and which were immediately resolved. 10 miscellaneous issues were discovered, 8 of which were immediately resolved and 2 of which we deemed the risk very low and are investigating solutions for. We have made the [Cure53 report](https://cure53.de/pentest-report_IVPN.pdf) available for those interested in the details. For transparency we decided to publish the full report with only potentially sensitive information removed (internal hostnames, code snippets etc).
+
+## Commitments going forward 
+We believe that extensive regular audits are necessary to ensure our customer's security and continued trust. We are committed to conducting an annual security audit where we will focus on those parts of our infrastructure and apps that we believe to be the most important.
+
+IVPN Team
diff --git a/src/content/es/blog/ivpn-for-ios-now-offers-dns-over-https.md b/src/content/es/blog/ivpn-for-ios-now-offers-dns-over-https.md
new file mode 100644
index 000000000..d026c30ee
--- /dev/null
+++ b/src/content/es/blog/ivpn-for-ios-now-offers-dns-over-https.md
@@ -0,0 +1,35 @@
+---
+title: IVPN for iOS now offers DNS over HTTPS
+url: /blog/ivpn-for-ios-now-offers-dns-over-https/
+highlighted: false
+draft: false
+authors:
+  - Juraj Hilje
+categories:
+  - Releases
+tags:
+  - Apps
+  - Open source
+date: 2021-03-18T14:05:00.000Z
+thumbnailImage: /images-static/uploads/thumb-2x.png
+images:
+---
+We are introducing DNS over HTTPS with the latest version of IVPN for iOS (2.3.0), out now.  
+
+What are the new options available?
+
+* For existing Custom DNS settings, it is now possible to enable HTTPS or TLS protocol
+* You can now configure a custom DNS over HTTPS server that is used when there is no VPN connection
+
+<figure class="shadow">
+    <img width="400px" src="/images-static/uploads/disc_customdns.jpg">
+</figure>
+
+To make use of these changes you need iOS 14 or later installed on your devices.
+
+DNS over HTTPS is only available with OpenVPN and WireGuard protocols. For IKEv2 we had to disable this feature due to a bug in iOS 14 that prevents using NEDNSSettingsManager API and NEVPNManager API together from the same container app, resulting in identifier conflict error. We plan to enable the feature for future iOS releases as soon as Apple fixes this issue. 
+
+Further changes in this version:
+
+* WireGuard is now the default protocol.
+* We have upgraded OpenVPN and OpenSSL to the latest version. 
diff --git a/src/content/es/blog/ivpn-infrastructure-fifth-audit-announcement.md b/src/content/es/blog/ivpn-infrastructure-fifth-audit-announcement.md
new file mode 100644
index 000000000..4ed06b12b
--- /dev/null
+++ b/src/content/es/blog/ivpn-infrastructure-fifth-audit-announcement.md
@@ -0,0 +1,30 @@
+---
+title: IVPN infrastructure is ready for 5th annual security audit
+url: /blog/ivpn-infrastructure-fifth-audit-announcement/
+draft: false 
+authors:
+  - Nick Pestell
+categories:
+  - IVPN News
+tags:
+  - Audit
+  - Security
+date: 2022-12-28T05:04:37.000Z
+thumbnailImage: /images-static/uploads/audit.png
+---
+In-line with our commitment to perform an annual security audit of IVPN systems, we have commissioned the independent security auditing organisation [Cure53][1] to conduct a security audit at the end of February 2023. We aim to publish the results of the audit no later than April 2023. 
+
+We have recently decided to upgrade our VPN gateway servers to a new major OS version which includes many configuration changes. The scope of the audit includes a pen-test and thorough security audit of the configuration of these new VPN gateway servers which are currently in a test environment, and due to go into production following the remediation of issues found by Cure53. 
+
+A note on the chosen scope and 'no-logs' audits:
+
+In 2019 IVPN has [commissioned a 'no-logs' audit][2] to demonstrate that our service is not configured to collect and store information relating to customer connections. 
+
+After considering a repeat of this audit scope, we have decided that claims around 'no logs' audits can be misleading, or at best ambiguous to customers. We often remark that audits are just a snapshot in time. Any VPN service receiving a stamp of 'no logs' from independent evaluators can update their systems and start collecting sensitive customer information the following day. 
+
+For this reason, our aim this year, and from now on is arranging audits that focus on parts of our systems that have undergone significant updates. We believe such reviews meaningfully contribute to improving the security of our systems.
+
+
+[1]: https://www.cure53.de 
+[2]: https://www.ivpn.net/blog/ivpn-no-logging-claim-verified-by-independent-audit/
+
diff --git a/src/content/es/blog/ivpn-now-accepts-monero-payments-runs-full-node.md b/src/content/es/blog/ivpn-now-accepts-monero-payments-runs-full-node.md
new file mode 100644
index 000000000..e122482e7
--- /dev/null
+++ b/src/content/es/blog/ivpn-now-accepts-monero-payments-runs-full-node.md
@@ -0,0 +1,38 @@
+---
+title: IVPN now accepts Monero payments, runs full node
+url: /blog/ivpn-now-accepts-monero-payments-runs-full-node/
+highlighted: false
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - IVPN News
+tags:
+  - Subscriptions
+  - Privacy
+date: 2021-01-13T12:00:00.000Z
+thumbnailImage: /images-static/uploads/monero-ivpn.png
+# images:
+#   - /images-static/uploads/
+---
+The core mission of IVPN is to help our customers protect their privacy. We believe maintaining financial privacy is important for achieving freedom from surveillance, and we seek to support projects that help this cause.
+
+Bitcoin, as the most widely used cryptocurrency, has great potential to assist us to conduct financial transactions anonymously. Bitcoin transactions, however, are transparent and traceable through blockchain analysis methods. If one correlates your personal information to your wallet address, they can associate your Bitcoin transactions with your persona.
+
+The Monero project aims to improve on the anonymity promise by implementing safeguards against traceability issues by using [ring signatures](https://www.getmonero.org/resources/moneropedia/ringCT.html) and [stealth addresses](https://www.getmonero.org/resources/moneropedia/stealthaddress.html) by default. To help customers subscribe to IVPN anonymously, we now accept Monero as payment for our service. 
+
+Payments deposited go to IVPN's self-hosted Monero wallet, this way both our customers and IVPN maintain independence from centralized payment providers. We also run our own node to verify transactions and to support the Monero network.
+
+As a first step, we have enabled Monero payments for new IVPN accounts and those [registered after 10 November 2020](/blog/new-open-source-ivpn-website-subscribe-without-email/). Existing customers who registered before that date and wish to switch to Monero at once can ask for a refund on their subscription and generate a new account. 
+
+If you are new to cryptocurrencies or Monero, here are a few basic tips to use them to improve your financial privacy:
+
+* When you plan to purchase goods or services online anonymously, use Monero instead of Bitcoin. 
+* Use self-hosted wallets (or just..wallets) as opposed to hosted wallets to hold your cryptocurrency - "[not your keys, not your coins](https://www.youtube.com/watch?v=AcrEEnDLm58&feature=emb_title)".
+* Where possible, pick merchants that accept direct payments to their wallets as opposed to using payment provider intermediaries. 
+
+For detailed information on Monero and more tips on getting started, visit: [https://www.getmonero.org](https://www.getmonero.org/)
+
+We are assessing making other cryptocurrencies available for direct payments in the future; contact us if you have a favored solution we should look into.
+
+IVPN Staff
diff --git a/src/content/es/blog/ivpn-preparing-sixth-security-audit.md b/src/content/es/blog/ivpn-preparing-sixth-security-audit.md
new file mode 100644
index 000000000..e524a5256
--- /dev/null
+++ b/src/content/es/blog/ivpn-preparing-sixth-security-audit.md
@@ -0,0 +1,31 @@
+---
+title: IVPN preparing for 6th annual security audit
+url: /blog/ivpn-preparing-sixth-security-audit/
+highlighted: true
+draft: false
+authors:
+  - Nick Pestell
+categories:
+  - IVPN News
+tags:
+  - Audit
+  - Apps
+  - Transparency
+date: 2024-02-15T12:53:00.000Z
+thumbnailImage: /images-static/uploads/audit.png
+---
+Consistent with our pledge to conduct a yearly review of our systems, we have commissioned the independent security auditing organisation [Cure53](https://cure53.de/) to perform a security audit in March 2024. 
+
+As we remarked [last year](https://www.ivpn.net/blog/ivpn-infrastructure-fifth-audit-announcement/), audits we arrange focus on parts of our systems that received significant updates. Accordingly, the scope of the sixth annual security audit will include:
+
+* IVPN website
+
+* IVPN web API
+
+* Related IVPN Web Servers & Infrastructure
+
+The audit will be undertaken by 3 security auditors. We expect a conclusion for the audit and publication of results to happen within the next two months. 
+
+Nick Pestell
+CEO
+IVPN
\ No newline at end of file
diff --git a/src/content/es/blog/ivpn-tunnelcrack-vulnerability-assessment.md b/src/content/es/blog/ivpn-tunnelcrack-vulnerability-assessment.md
new file mode 100644
index 000000000..212a01493
--- /dev/null
+++ b/src/content/es/blog/ivpn-tunnelcrack-vulnerability-assessment.md
@@ -0,0 +1,70 @@
+---
+title: IVPN TunnelCrack vulnerability assessment
+url: /blog/ivpn-tunnelcrack-vulnerability-assessment/
+highlighted: false
+authors:
+  - IVPN Staff
+categories:
+  - Privacy & Security
+tags:
+  - security
+  - apps
+date: 2023-09-07T08:25:00.000Z
+thumbnailImage: /images-static/uploads/tunnelcrack.png
+---
+## Context
+
+[TunnelCrack][1] is the combination of two independent security vulnerabilities (LocalNet attack and ServerIP attack) that affect VPN applications. The research paper detailing these vulnerabilities was published and presented on 11 August 2023. IVPN apps were not tested by the researchers, and unlike other providers, we did not receive a vulnerability disclosure.
+
+We have completed the assessment and investigation of the current IVPN applications on each platform we support. Below you can review the results of this process.
+
+
+## Assessment of IVPN apps 
+
+In summary:
+
+- iOS IVPN app was vulnerable to LocalNet attack, as LAN traffic was going outside the VPN tunnel by default when the VPN connection was active.  This was identified as a consistent issue across all VPN providers assessed during the research.
+- Desktop and Android IVPN apps were potentially vulnerable to LocalNet attack, when local network traffic bypassing was enabled in the app (disabled by default).
+- Android app was potentially vulnerable to ServerIP attack, in an event of backend failure when OpenVPN protocol was used.
+
+The detailed assessment below covers the IVPN application versions in production at the time TunnelCrack details were released (Windows v3.11.15, macOS and Linux v3.11.14, iOS v.2.10.0, Android v.2.10.0). As highlighted after each section, all potential vulnerabilities were patched and released with the latest IVPN app versions released since then. 
+
+For a detailed explanation of the possible attacks please consult the [dedicated website][1] or the [research paper][2] about TunnelCrack.
+
+
+
+
+## LocalNet attack
+
+The **LocalNet attack** enables an adversary to leak traffic outside the VPN tunnel by making a remote server appear to be on the local network.
+
+**Desktop (macOS, Linux, Windows)** - Potentially vulnerable on all desktop platforms if the option Allow LAN traffic when IVPN firewall is enabled was activated. This option is **disabled** by default in the IVPN desktop apps.
+
+> This issue is fixed in the latest version of IVPN for Desktop apps. The IVPN Firewall now adds exceptions only for non-routable IP addresses of local interfaces.
+
+**Android**  - Potentially vulnerable when the option Bypass VPN for local networks was activated. This option is **disabled** by default in the IVPN Android app.
+
+> This issue is fixed in the latest version of IVPN for Android apps. The app disables local network access when the local network is using public IP addresses.
+
+**iOS** - IVPN for iOS was vulnerable to this type of attack. When VPN connection was active, LAN traffic went outside VPN tunnel by default.
+
+> In the latest version of IVPN for iOS apps, we have added a new "Disable LAN traffic" option that offers a fix for this issue when using OpenVPN and WireGuard protocols. When enabled, the app will not allow any traffic outside VPN tunnel to the local network. This solution is implemented using ‘includeAllNetworks’ and ‘excludeLocalNetworks’ APIs. When enabled, it can cause connectivity issues, e.g. loosing connection when switching from WiFi to cellular network.
+
+&nbsp;
+## ServerIP attack
+
+The **ServerIP** attack detailed in the research uses DNS to spoof the IP address of the VPN server before the VPN is enabled. Traffic can be eavesdropped because the traffic for a VPN server is routed outside the tunnel. A proxy on the spoofed IP address passes VPN traffic to the correct VPN server so the user is unaware of an issue.
+
+**Desktop (macOS, Linux, Windows)** - IVPN desktop apps are not vulnerable to this type of attack because adversaries are unable to spoof the VPN host IP. The apps do not use DNS to access VPN hosts, while data obtained from the VPN API server is protected by a certificate pinning mechanism.
+
+**Android**  - IVPN for Android app was potentially vulnerable to the ServerIP attack. 
+The app uses certificate pinning when accessing api.ivpn.net, blocking any communication with a spoofed API server, thus obtaining a spoofed server IP address is not plausible. However, in the event of a backend failure the Android app obtained an empty server IP list, and connected to the VPN server using DNS as a fallback. This issue was only applicable to connections through the OpenVPN protocol. WireGuard connections are not affected.
+
+> This issue is fixed in the latest version of IVPN for Android apps. We have removed the fallback logic to connect using DNS (hostname), and the app now only connects to an OpenVPN server using an IP address.
+
+**iOS** - Our iOS application is not vulnerable to this type of attack. The app uses certificate pinning when accessing api.ivpn.net, and blocks any communication with spoofed API server, so obtaining a spoofed server IP address is not plausible. The app does not use DNS to access VPN servers, only IP addresses. 
+
+
+
+ [1]: https://tunnelcrack.mathyvanhoef.com/
+ [2]: https://papers.mathyvanhoef.com/usenix2023-tunnelcrack.pdf
diff --git a/src/content/es/blog/kill-switch-and-wireguard-multi-hop-added-to-ivpn-for-ios.md b/src/content/es/blog/kill-switch-and-wireguard-multi-hop-added-to-ivpn-for-ios.md
new file mode 100644
index 000000000..7ab3a62f3
--- /dev/null
+++ b/src/content/es/blog/kill-switch-and-wireguard-multi-hop-added-to-ivpn-for-ios.md
@@ -0,0 +1,22 @@
+---
+title: Kill Switch and WireGuard Multi-hop added to IVPN for iOS
+url: /blog/kill-switch-and-wireguard-multi-hop-added-to-ivpn-for-ios/
+highlighted: false
+draft: false
+authors:
+  - Juraj Hilje
+categories:
+  - Releases
+tags:
+  - Apps
+  - Security
+date: 2021-11-09T08:00:00.000Z
+thumbnailImage: /images-static/uploads/thumb-2x.png
+---
+Kill Switch and WireGuard Multi-hop options are now available in the latest version of our iOS app (v2.5.0).  
+
+The Kill Switch protects from leaking data outside of the VPN by preventing network connections if the tunnel is unavailable. When you enable the IVPN Kill Switch, iOS forces your network traffic over the VPN tunnel. This includes connections to certain Apple services that otherwise [bypass the tunnel](https://nakedsecurity.sophos.com/2020/03/30/apples-ios-13-4-hit-by-vpn-bypass-vulnerability/). When connected to the VPN, if the tunnel becomes unavailable for any reason, the system drops all network connections immediately. Disconnecting manually from the service will not activate the Kill Switch, i.e. non-tunnelled connections will work as expected. 
+
+Kill Switch is currently available for WireGuard and OpenVPN protocols only, as a [bug in iOS](https://developer.apple.com/forums/thread/653116) prevents faultless implementation for IKEv2.
+
+This iOS release also includes WireGuard Multi-hop support. Multi-hop routes your traffic through two VPN servers, offering improved privacy.
diff --git a/src/content/es/blog/kill-switch-changes-ivpn-android.md b/src/content/es/blog/kill-switch-changes-ivpn-android.md
new file mode 100644
index 000000000..6d363265a
--- /dev/null
+++ b/src/content/es/blog/kill-switch-changes-ivpn-android.md
@@ -0,0 +1,32 @@
+---
+title: Kill switch changes in IVPN for Android
+url: /blog/kill-switch-changes-ivpn-android/
+highlighted: false
+draft: false
+authors:
+  - Aleksandr Mykhailenko
+categories:
+  - Under the Hood
+tags:
+  - Apps
+  - Security
+date: 2021-10-14T10:15:00.000Z
+thumbnailImage: /images-static/uploads/thumb-2x_andr.png
+---
+TL;DR - Before our latest Android update (2.7.0) customers had two different options for a kill switch: one implemented by IVPN, and another available through device settings in the Android OS. We have removed our custom solution from the IVPN app and suggest using the native Android solution from now on. 
+
+A Kill switch is implemented to block all network traffic when the VPN connection is active and it fails/disconnects without the user explicitly stopping the connection. We added a custom kill switch to IVPN for Android in 2018 so customers who had no access to the native solution or preferred not to use it could have a different option.
+
+We built our solution on an Android service called VPNService - the same that facilitates the VPN connection. The Android OS can only have one VPNService active at the same time; when one starts, the other stops. This means that the kill switch functionality can only become active after the VPN halts; otherwise, the kill switch would stop the connection.  
+
+What are the ramifications?
+
+1. Since the VPN and the kill switch service cannot run in parallel, there is a small gap between the old service stopping and the new one starting. This has the potential to cause traffic leaks.
+
+2. Due to how Android OS treats service life cycles, there are no guarantees the kill switch service will be active without interruptions:  
+   a. the OS can terminate it when it’s out of memory and for various other reasons - it is possible to restart the service, but traffic may leak before this happens  
+   b. the app may crash for various other reasons  
+
+These cases are unlikely, but they fail to deliver on the promises of a kill switch. Furthermore, most customers can now access the (better) native solution.
+
+For these reasons we have removed the custom solution from the Android app, and we recommend using the native kill switch. You can find a quick guide for enabling it in the IVPN Android app. 
diff --git a/src/content/es/blog/launch-ivpn-light-short-term-vpn-paid-btc-lightning.md b/src/content/es/blog/launch-ivpn-light-short-term-vpn-paid-btc-lightning.md
new file mode 100644
index 000000000..69b0f95a6
--- /dev/null
+++ b/src/content/es/blog/launch-ivpn-light-short-term-vpn-paid-btc-lightning.md
@@ -0,0 +1,37 @@
+---
+title: Launch of IVPN Light - short-term VPN access paid with BTC Lightning
+url: /blog/launch-ivpn-light-short-term-vpn-paid-btc-lightning/
+highlighted: false
+authors:
+  - Viktor Vecsei
+categories:
+  - Releases
+tags:
+  - subscriptions
+  - wireguard
+date: 2023-09-15T08:25:00.000Z
+thumbnailImage: /images-static/uploads/ivpnlight.png
+---
+
+Equipped with a [BTC Lightning wallet](https://bitcoiner.guide/lightning/) and some sats, you can now set up an [IVPN WireGuard tunnel](https://www.ivpn.net/light/) in minutes without creating an account or sharing any personal information. 
+
+Benefits of using [IVPN Light](https://www.ivpn.net/light/): 
+
+- Short duration access option, you can get a "throwaway" VPN tunnel for 3 hours or up to 30 days duration
+- Priced in sats and affordable - you can purchase access for as little as 500 sats (3 hours)
+- Access up to 5 locations or 1 entry-exit node MultiHop combination with one payment
+- No account required - we only keep a record of your Lightning payment on our self-hosted BTCPayServer, no personal information is collected
+
+
+Differences versus a regular [IVPN subscription](https://www.ivpn.net/pricing/): 
+
+- [WireGuard](https://www.wireguard.com/) app or CLI is required to connect, IVPN apps do not support Light tunnels
+- You can only pay with BTC Lightning
+- To continue using the Light service after expiration, you need to purchase access again - no subscription or top-up option
+
+Our general [Privacy Policy](https://www.ivpn.net/privacy) applies to this service.
+
+IVPN Light is an experiment in supporting Lightning adoption. We look forward to your feedback and appreciate any ideas for improvement:
+
+https://github.com/ivpn/ivpn.net  
+https://www.ivpn.net/contactus/ 
diff --git a/src/content/es/blog/misleading-promises-of-the-worlds-fastest-anonymous-military-grade-vpns.md b/src/content/es/blog/misleading-promises-of-the-worlds-fastest-anonymous-military-grade-vpns.md
new file mode 100644
index 000000000..144aad52d
--- /dev/null
+++ b/src/content/es/blog/misleading-promises-of-the-worlds-fastest-anonymous-military-grade-vpns.md
@@ -0,0 +1,163 @@
+---
+title: Misleading promises of the world's fastest, anonymous, military-grade VPNs
+url: /blog/misleading-promises-of-the-worlds-fastest-anonymous-military-grade-vpns/
+highlighted: false
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - Industry Insights
+tags:
+  - Privacy
+  - Security
+date: 2020-12-04T08:41:00.000Z
+thumbnailImage: /images-static/uploads/greates_cereal.png
+images:
+  - /images-static/uploads/greatest_cereal_og.jpg
+---
+Trust is hard to build and telling the truth is a valuable habit to support this process.
+
+Trust is also easy to lose and telling lies (even white ones) is a fast way to diminish it.
+
+When picking a VPN service, the most important questions to ask are: do I trust them to act in my best interest? Can I trust that they do not inspect my traffic or log my activities?
+
+Most popular VPN services are guilty of a practice that plagues bad parenting, budding relationships and political discourse: false promises. However, they stay popular as most customers don’t know they were enticed by lies.
+
+We discussed how popular providers over-promise in our earlier post, ‘[Why you don’t need a VPN](/blog/why-you-dont-need-a-vpn/)’. Now we observe the five most common, misleading tropes in the industry.
+
+TL;DR - 9 out of 10 of frequently recommended VPN services we observed used at least one of the misleading wordings we have identified. The three boldest (PIA, HotSpotShield, CyberGhost) used all five. TunnelBear was the only provider to pass with a clean slate.
+
+Here are the promises and claims we recommend providers to get rid of:
+
+* * *
+
+## 1\. “Become anonymous”
+
+and its variations, “achieve anonymity”, “total anonymity”, or “surf the web without a trace”.
+
+Perfect anonymity online is close to impossible to attain. You need to understand your threat model, use tactics like compartmentalization, airgapped and burner devices, getting around device fingerprinting... and the list goes on. Using a VPN alone will get you nowhere near an anonymous presence online. You can be tracked without major efforts after giving out personally identifiable information, through collected behavioral data and with cross-device tracking.
+
+VPN services promising “total anonymity” are not just misleading, they are dangerous to their customers - especially to journalists, dissidents and people living under totalitarian regimes. Why do they do this? Because fear, uncertainty and doubt creates a strong emotional need, and promising a cure-all sells the service.
+
+6 out of 10 most recommended providers are guilty of promising “anonymity” in some shape or form.
+
+Misleading samples:  
+ExpressVPN home page - "Stay secure and anonymous online"  
+CyberGhost home page - Promises "total data anonymity across all apps and platforms"  
+ProtonVPN home page - "Our anonymous VPN service enables Internet without surveillance"
+
+{{< figure src="/images-static/uploads/Screenshot-2020-11-18-at-17.44.14.png" title="Using a no-logs VPN does not make you anonymous - ExpressVPN disagrees" >}}
+
+## 2\. “Complete privacy”
+
+and its variations, "most private", perfect privacy", "truly private browsing” or "absolute privacy".
+
+Next on the list is the little brother of the anonymity promise, “perfect privacy”. Privacy is a spectrum. Just as zero privacy is not possible - even in extreme cases your thoughts can remain private - you cannot attain complete privacy either. There are many ways to capture your behavior, actions and inputs offline and online, generating pieces of data that reflect a piece of your personality or behavior. That data can be used to violate your privacy.
+
+Some providers also add “total security” and “perfect security” to their promises - a similarly dumbfounded claim.
+
+6 out of 10 most recommended providers are guilty of promising “complete privacy” or variation of it.
+
+Misleading samples:  
+Private Internet Access home page, black friday promo - "Full online privacy for only 1,94 €/month"  
+SurfShark country promo pages - "allows you to surf in complete privacy"  
+VyprVPN (get vyprvpn page) - "Total Privacy and Security"
+
+{{< figure src="/images-static/uploads/Screenshot-2020-12-02-at-17.33.47.png" title="Absolute privacy and total data anonymity provided by CyberGhost" >}}
+
+## 3\. “Fastest VPN”
+
+and “highest speeds” or “best VPN speeds”.
+
+Using a mediocre VPN can slow your connection down - speed matters, and this pushes brands to make lofty claims about it.
+
+Yet most VPN companies use the same service providers and very similar hardware setups to run their servers. Recent advancements in VPN protocols (particularly WireGuard) offer better speeds, but if the “best” services use them, it creates no speed advantages for any of them.
+
+While many other factors affect your connection speed, you need to trust your VPN to pick good infrastructure partners, use the latest hardware, deploy the best protocols, not oversell their servers or throttle your speeds.
+
+Good VPN providers will likely yield similar speeds for a significant sample size of customers averaged over time. Measurements will vary across different locations, devices, times, etc. and network conditions change all the time. There are no universally applicable metrics to award the title of “Fastest VPN”.
+
+For these reasons such claims can not be true, and assuming one service will offer the fastest connection for each potential subscriber is misleading.
+
+Misleading samples:  
+NordVPN Fast VPN page - "The fastest VPN experience on the planet"  
+HotSpotShield Fastest VPN page - "Get the world’s fastest VPN experience"  
+TorGuard VPN and Proxy network page - "The fastest VPN and Proxy Network"
+
+{{< figure src="/images-static/uploads/Screenshot-2020-11-18-at-18.14.00.png" title="NordVPN promises the best possible speed for every person on Earth" >}}
+
+## 4\. “Military grade encryption”
+
+or "industry-leading encryption" and "most encryption".
+
+“Military grade encryption” is a popular marketing gimmick in the VPN provider sales vocabulary. There is no fixed standard set in militaries for encryption, and implementations vary across different segments of armed forces.
+
+There are weak encryption protocols which you obviously don’t want to see used by a VPN service e.g. PPTP. However, the vast majority of providers implement the same level of encryption using OpenVPN or Wireguard with the default cipher (AES-256-GCM / ChaCha20). Providers don’t develop their own encryption protocols (excluding obfuscation layers). Providers calling their encryption technology “industry-leading” is misleading.
+
+Misleading samples:  
+ExpressVPN Blog - "ExpressVPN for routers protects all your devices with military grade encryption!"  
+Private Internet Access home page - "...to provide the highest speeds and most encryption."  
+SurfShark streaming promo - "all of your data is protected by a military-grade encryption system"
+
+{{< figure src="/images-static/uploads/Screenshot-2020-12-01-at-16.46.51.png" title="Three paragraphs, at least three misleading claims by PIA" >}}
+
+## 5\. “The best VPN”
+
+or "market leading VPN" and “best VPN for X”.
+
+Eight out of ten VPN providers we looked at claimed they are the best for everyone or for a specific purpose. This number alone demonstrates the issue with this claim.
+
+No VPN solution works universally well for each customer’s needs. A comparison website, after careful, independent evaluation might judge that a brand offers the “best all-around solution on the market”. But for service providers to claim they are the best for you is a bold move.
+
+This problem points to a general issue with US-focused marketing, where advertisers enjoy flexibility for wording in advertising. But even there you need to support your claims with substantial, objective evidence.
+
+Misleading samples:  
+TorGuard country promo pages - "Don’t settle for second best. Use the best VPN for Australia."  
+NordVPN home page title - "NordVPN: Best VPN service. Online security starts with a click."  
+VyprVPN home page - "Get the best VPN for streaming with lightning-fast and reliable connections"
+
+{{< figure src="/images-static/uploads/Screenshot-2020-12-01-at-16.45.31.png" title="Surfshark working hard to rank for \"best VPN\" keywords" >}}
+
+* * *
+
+We have empathy for the marketing teams of VPN providers. The competition is fierce. Writing copy that sells is hard. You need to optimise for juicy search keywords.
+
+Yet, you should not make promises or claims that are untrue.
+
+Start removing the misleading words from your websites today.
+
+* * *
+
+_Addendum:_
+
+VPN providers included in this research and their score:  
+Private Internet Access 5/5  
+CyberGhost 5/5  
+HotSpotShield 5/5  
+TorGuard 4/5  
+NordVPN 4/5  
+ExpressVPN 4/5  
+VyprVPN 3/5  
+SurfShark 3/5  
+ProtonVPN 1/5  
+TunnelBear 0/5
+
+[Download](/resources/misleading_overpromise.xlsx) the full table to review scores.
+
+All websites were observed during a period between 15 November and 1 December 2020.
+
+References:  
+<a href="https://www.cyberghostvpn.com/en_US/" rel="nofollow">https://www.cyberghostvpn.com/en_US/</a>  
+<a href="https://www.expressvpn.com" rel="nofollow">https://www.expressvpn.com</a>  
+<a href="https://protonvpn.com" rel="nofollow">https://protonvpn.com</a>  
+<a href="https://www.privateinternetaccess.com" rel="nofollow">https://www.privateinternetaccess.com</a>  
+<a href="https://surfshark.com/servers/turkey" rel="nofollow">https://surfshark.com/servers/turkey</a>  
+<a href="http://get.vyprvpn.com" rel="nofollow">get.vyprvpn.com</a>  
+<a href="https://www.hotspotshield.com/what-is-a-vpn/fastest-vpn/" rel="nofollow">https://www.hotspotshield.com/what-is-a-vpn/fastest-vpn/</a>  
+<a href="https://torguard.net/network/" rel="nofollow">https://torguard.net/network/</a>  
+<a href="https://nordvpn.com/features/fast-vpn/" rel="nofollow">https://nordvpn.com/features/fast-vpn/</a>  
+<a href="https://www.expressvpn.com/blog/popular-vpn-app-for-routers/" rel="nofollow">https://www.expressvpn.com/blog/popular-vpn-app-for-routers/</a>  
+<a href="https://surfshark.com/blog/how-to-stream-premier-league" rel="nofollow">https://surfshark.com/blog/how-to-stream-premier-league</a>  
+<a href="https://torguard.net/australia-vpn.php" rel="nofollow">https://torguard.net/australia-vpn.php</a>  
+<a href="https://nordvpn.com" rel="nofollow">https://nordvpn.com</a>  
+<a href="https://www.vyprvpn.com" rel="nofollow">https://www.vyprvpn.com</a>  
diff --git a/src/content/es/blog/new-ivpn-apps-for-macos-and-windows.md b/src/content/es/blog/new-ivpn-apps-for-macos-and-windows.md
new file mode 100644
index 000000000..bf4e4a92b
--- /dev/null
+++ b/src/content/es/blog/new-ivpn-apps-for-macos-and-windows.md
@@ -0,0 +1,54 @@
+---
+title: New IVPN apps for macOS and Windows
+url: /blog/new-ivpn-apps-for-macos-and-windows/
+highlighted: false
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - Releases
+tags:
+  - Apps
+  - Open source
+date: 2021-03-25T10:25:00.000Z
+thumbnailImage: /images-static/uploads/macos_ivpn_map_thumb.png
+images:
+  - /images-static/uploads/macos_ivpn_map.png
+---
+Today marks the release of new macOS and Windows desktop apps that improve on the previous IVPN experience in a number of ways. It's easier to search for and discover servers to connect to, frequently used settings became more accessible and we provide better visual verifications of your connected status. A new QR code based setup method, first added to our [mobile apps](/blog/release-revamped-ivpn-app-iphones-ipads/), is now also available in the desktop apps.
+
+The goal with this project was to deliver a secure and intuitive app experience using a single unified code base for Linux, macOS and Windows. New IVPN for [macOS](/apps-macos) and [Windows](/apps-windows/) versions (v3.3.1) are now available to download and install from our website or through checking for updates in the apps manually.
+
+Please note that the new IVPN desktop apps do not support 32-bit operating system versions. If you are on such a system we recommend either upgrading to a 64-bit OS, or keeping current IVPN versions to continue using our service.
+
+An overview on the most important changes in the new IVPN desktop apps:
+
+1.  A map is now available for selecting servers. Your new public IP and location is visible in the app. Firewall and AntiTracker settings, along with protocol switching is easy to access.
+
+    <figure>
+        <img width="700px" src="/images-static/uploads/macos_ivpn_map.png"> 
+    </figure>
+
+2.  Server selection now offers search, server sorting and favorite servers options. You can also set the locations to exclude for Fastest server connection.
+
+    <figure>
+        <img width="700px" src="/images-static/uploads/macos_ivpn_servers.png"> 
+    </figure>
+
+3.  Dark theme is now available on IVPN for Windows.
+
+    <figure>
+        <img width="658px" src="/images-static/uploads/windows_dark_mode.png">
+    </figure>
+
+4.  New account page featuring a QR code for quick setup on other devices.
+
+    <figure>
+        <img width="650px" src="/images-static/uploads/qr_code_ivpn_setup.png"> 
+    </figure>
+
+As with all our apps, IVPN for macOS and Windows are open source. Review the source code and contribute on our [GitHub page](https://github.com/ivpn).
+
+You can also [contact us](/contactus/) to share your experience or report any issues with the new apps.
+
+IVPN Staff
diff --git a/src/content/es/blog/new-ivpn-for-android-version-v2.4.0-with-bypass-vpn-and-mock-location-options.md b/src/content/es/blog/new-ivpn-for-android-version-v2.4.0-with-bypass-vpn-and-mock-location-options.md
new file mode 100644
index 000000000..1fa21100f
--- /dev/null
+++ b/src/content/es/blog/new-ivpn-for-android-version-v2.4.0-with-bypass-vpn-and-mock-location-options.md
@@ -0,0 +1,36 @@
+---
+title: New IVPN for Android version v2.4.0 with bypass VPN and mock location options
+url: /blog/new-ivpn-for-android-version-v2.4.0-with-bypass-vpn-and-mock-location-options/
+highlighted: false
+draft: false
+authors:
+  - Aleksandr Mykhailenko
+categories:
+  - Releases
+tags:
+  - Apps
+  - Privacy
+date: 2021-04-19T08:25:00.000Z
+thumbnailImage: /images-static/uploads/thumb-2x_andr.png
+---
+IVPN for Android app v2.4.0 is now available to download from the Play Store and our website. Two key additions to this version allow you to bypass the VPN for local networks and to mock your location information.
+
+With the ‘Bypass VPN for local networks’ feature you can access devices on the local network whilst connected e.g. your network printer.
+
+<figure class="center">
+    <img width="390px" src="/images-static/uploads/ivpn-for-android-version-v2.4.0-1.png"> 
+</figure>
+
+The Mock location option offers additional privacy gains. There are numerous ways to track information about you while you are using an Android device - chief amongst them is harvesting your GPS location. The data from this source can be used, for example, by advertising networks to generate personalized ads targeting you. 
+
+To help you prevent this problem, we have added the ‘Mock Location’ feature to the IVPN app. It allows matching your GPS location with a VPN server location. To enable this feature go to the advanced settings section in the IVPN client and follow the setup guides - some steps will require you to change device settings. 
+
+Please note that the Mock location feature is not foolproof, so we discourage relying on it if you need to protect your location information in high-risk scenarios.
+
+<figure class="center">
+    <img width="390px" src="/images-static/uploads/ivpn-for-android-version-v2.4.0-2.gif"> 
+</figure>
+
+We hope these additions will help you achieve a seamless always-on VPN experience and offer increased privacy protections.
+
+[Contact us](/contactus/) to share any feedback and suggestions about this release.
diff --git a/src/content/es/blog/new-ivpn-linux-app-with-gui-now-available.md b/src/content/es/blog/new-ivpn-linux-app-with-gui-now-available.md
new file mode 100644
index 000000000..0aec5c2eb
--- /dev/null
+++ b/src/content/es/blog/new-ivpn-linux-app-with-gui-now-available.md
@@ -0,0 +1,48 @@
+---
+title: New IVPN Linux app with GUI now available
+# Example: /blog/this-is-a-good-post
+url: /blog/ivpn-linux-app-gui-available/
+highlighted: true
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - Releases
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - Apps
+  - Open Source
+date: 2020-10-13T12:08:38.756Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/screenshot-2020-10-13-at-14.11.13.png
+# Ratio 1:1, example 500x500
+images:
+  - /images-static/uploads/clipboard-october-9-2020-1_38-pm.png
+---
+Improving the user experience for Linux customers has been a big priority for us in 2020. Earlier this year we released a fully featured CLI app. Today, following the redesigned Android and iOS/iPadOS apps, we are releasing the next iteration of our Linux app with a graphical interface.
+
+A quick overview of the app:
+
+![server selection ivpn linux gui](/images-static/uploads/clipboard-october-9-2020-1_39-pm.png)
+
+*Interactive map with server choice screens for single- and multi-hop connections*
+
+![quick settings ivpn linux gui](/images-static/uploads/clipboard-october-9-2020-1_38-pm.png)
+
+*Accessible Firewall + AntiTracker toggle and quick protocol switcher*
+
+![protocol settings ivpn linux gui](/images-static/uploads/clipboard-october-12-2020-3_00-pm.png)
+
+*Further protocol, DNS and Firewall options under Settings*
+
+![account setup ivpn linux gui](/images-static/uploads/clipboard-october-9-2020-1_39-2-pm.png)
+
+*Account overview with QR code for quick setup on other devices*
+
+We have tested the app on current Debian and Red Hat based distributions including CentOS, Debian 64, Fedora and Ubuntu. Your mileage may vary - [let us know](https://www.ivpn.net/contactus/ "https\://www.ivpn.net/contactus/") if you encounter any issues.
+
+The app is open source - you can review its code and contribute [on GitHub](https://github.com/ivpn/desktop-app).
+
+Download IVPN for Linux [here](https://www.ivpn.net/apps-linux/) to get started. [Contact us](https://www.ivpn.net/contactus/ "https\://www.ivpn.net/contactus/") if you have any feedback or suggestions.
+
+IVPN Staff
\ No newline at end of file
diff --git a/src/content/es/blog/new-open-source-ivpn-website-subscribe-without-providing-your-email.md b/src/content/es/blog/new-open-source-ivpn-website-subscribe-without-providing-your-email.md
new file mode 100644
index 000000000..2f3d14800
--- /dev/null
+++ b/src/content/es/blog/new-open-source-ivpn-website-subscribe-without-providing-your-email.md
@@ -0,0 +1,52 @@
+---
+title: "New open-source IVPN website: subscribe without providing your email"
+# Example: /blog/this-is-a-good-post
+url: /blog/new-open-source-ivpn-website-subscribe-without-email/
+highlighted: true
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - IVPN News
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - Open Source
+  - Privacy
+  - Transparency
+  - Subscriptions
+date: 2020-11-10T11:33:25.348Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/screenshot-2020-11-10-at-13.30.29.png
+# Ratio 1:1, example 500x500
+images:
+  - /images-static/uploads/screenshot-2020-11-10-at-13.38.57.png
+---
+**In a nutshell**
+
+Generating an account for our VPN service no longer requires an email address, and we dropped renewing subscriptions by default in favor of a pre-paid system. We have introduced a new onboarding process with QR code setup, and two-factor authentication for account IDs that act as a sole identifier.\
+We have also changed our website structure and copy, emphasizing our policies and the limitations of VPNs. The website is now open-source on GitHub and supports light/dark mode switching.
+
+**Why the changes?**
+
+We've been vocal about the shortcomings of the VPN industry and our competitors for multiple reasons. Two of them stand out:
+
+1. VPN services promise privacy protection, yet most of them collect and share personally identifiable information about you. Methods for this include using Google Analytics, website trackers and third-party tools - all shunned by IVPN. A handful of services stopped these violations, but yet they still require an email address to sign up. Disclosing your email address makes you personally identifiable and should not be necessary to subscribe to a privacy protection service.
+2. Most VPN services over-promise on the actual value they offer - they claim to make you anonymous and invisible on the internet and pledge to solve every privacy problem online. As we have demonstrated in a [previous blog post](https://www.ivpn.net/blog/why-you-dont-need-a-vpn/), false promises are rampant on VPN websites, marketing materials and landing pages. We aim to do better, and do it in the most transparent way possible.
+
+![ivpn new website dark mode do you need a vpn](/images-static/uploads/screenshot-2020-11-10-at-13.26.14.png)
+
+**What has changed exactly?**
+
+1. We have dropped the email address requirement and removed our initial signup form. From now on, customers create a unique identifier instantly by pressing a 'Generate account' button. The generated Account ID is the only information you need to manage your account and use our service (please keep it secret, keep it safe - 2FA is supported). If you pay for your subscription with cash or anonymously sourced cryptocurrency, no personally identifiable information can be tied to your IVPN account.
+2. Our subscriptions are now pre-paid by default. Getting a recurring subscription is optional during account generation, and we don't store any payment details unless you ask us to. You can now add 2 and 3 years of service time with one payment (and a discount). 
+3. We have revamped our website and written new copy that's clear on VPN capabilities and their value for privacy protection. Review our home page to see how we think a responsible VPN service should communicate without overselling or creating fear, uncertainty, and doubt.
+4. The IVPN website - following precedent set by our apps - is now open-source. Source code is available on [GitHub](https://github.com/ivpn/ivpn.net/). You can follow changes to any page on [ivpn.net](https://ivpn.net/ "https://ivpn.net"), e.g. our Privacy Policy or Terms of Service.
+
+![ivpn signup form without email prepaid](/images-static/uploads/screenshot-2020-11-10-at-13.38.57.png)
+
+Note to current IVPN subscribers:
+
+* As a first step, we have implemented our new account creation flow and client area only for newly created subscriptions.
+* We plan to migrate each existing, previously created account to the new system later this year and offer an automated method for removing your email address on file.
+
+IVPN Staff
\ No newline at end of file
diff --git a/src/content/es/blog/privacy-issue-real-vpns-alone-cant-solve-it.md b/src/content/es/blog/privacy-issue-real-vpns-alone-cant-solve-it.md
new file mode 100644
index 000000000..d6c91f546
--- /dev/null
+++ b/src/content/es/blog/privacy-issue-real-vpns-alone-cant-solve-it.md
@@ -0,0 +1,140 @@
+---
+title: The privacy issue is real and you can't solve it with just a VPN
+url: /blog/privacy-issue-real-vpns-alone-cant-solve-it/
+highlighted: false
+authors:
+  - Viktor Vecsei
+categories:
+  - Industry Insights
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - privacy
+date: 2020-08-13T11:25:00.000Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/screenshot-2020-08-13-at-14.57.09.png
+# Ratio 1:1, example 500x500
+images:
+  - /images-static/uploads/image-from-rawpixel-id-323097-jpeg-1-.jpg
+---
+In the two previous posts in our series we have discussed even though mainstream VPN providers [over-promise on their services](https://www.ivpn.net/blog/why-you-dont-need-a-vpn/ "https\://www.ivpn.net/blog/why-you-dont-need-a-vpn/"), VPNs are useful and [necessary tools](https://www.ivpn.net/blog/vpn-imperfect-necessary-privacy-enhancing-tools/ "https\://www.ivpn.net/blog/vpn-imperfect-necessary-privacy-enhancing-tools/") for privacy protection. This third post looks beyond promises of VPNs to examine why and how sensitive data is accumulated of our lives, and what can we do about it. 
+
+In short, while some tools for surveillance resistance are useful to protect your privacy, we must take further actions to enact systemic changes.
+
+- - -
+
+## Privacy is a new, but fundamental human concept
+
+Ever since chimneys made fireplaces possible, the potential of having a private, safe space you can call a home fundamentally changed how humans relate to themselves and each other. Walls and closed doors shut out prying eyes, and the possibility of not sharing every detail of our lives [strengthened our agency](https://edri.org/evolution-concept-privacy/ "https\://edri.org/evolution-concept-privacy/") and helped [individual thinking flourish](https://constitutioncenter.org/blog/contraception-marriage-and-the-right-to-privacy "https\://constitutioncenter.org/blog/contraception-marriage-and-the-right-to-privacy"). Having multiple devices connected 24/7 to the Internet in your home is dismantling this status quo, as intimate details of your activities are shared with those you don’t even know. Very little you do on your phone escapes monitoring by multiple entities, microphones are listening in on your home, while police [have access](https://www.newsweek.com/amazon-ring-drones-monitor-protests-1523856) to cameras looking at your front lawn. There is no escape from surveillance.
+
+![privacy shielded by your home](/images-static/uploads/image-from-rawpixel-id-459469-jpeg-1-.jpg)
+
+Privacy, as a commonly accepted social convention, was unknown a thousand years ago. Now life in a true, thriving democracy cannot be complete without it. Lacking privacy, the possibility of experimentation and progress become stunted because of [chilling effects](https://www.socialcooling.com/ "https\://www.socialcooling.com/"). Discrimination and human rights abuses face [less obstacles](https://www.tandfonline.com/doi/full/10.1080/23738871.2016.1228990 "https\://www.tandfonline.com/doi/full/10.1080/23738871.2016.1228990"). Long arms of a government following an authoritarian vision can label, [locate, harass and discredit](https://www.theatlantic.com/magazine/archive/2020/09/china-ai-surveillance/614197/ "https\://www.theatlantic.com/magazine/archive/2020/09/china-ai-surveillance/614197/") anyone not following an agenda. Profit driven data collection [drives your profiling](https://www.salon.com/2020/06/20/were-losing-the-war-against-surveillance-capitalism-because-we-let-big-tech-frame-the-debate/ "https\://www.salon.com/2020/06/20/were-losing-the-war-against-surveillance-capitalism-because-we-let-big-tech-frame-the-debate/") with information from multiple sources chained together - mapping out your past, monitoring your present, directing your future. We established in our [earlier post ](https://www.ivpn.net/blog/vpn-imperfect-necessary-privacy-enhancing-tools/ "https\://www.ivpn.net/blog/vpn-imperfect-necessary-privacy-enhancing-tools/")even if you think have nothing to hide, those profiling you hold power over you.
+
+## Small breaches of trust set up large violations
+
+Here is why the privacy issue is so hard to pin down: most actions that end up causing privacy violations happen ‘in the dark’ and without us realising their long-term effect. A piece of data collected is seemingly harmless - but small increments in loss of control set us up for an enormous leap in violations. Google storing [thousands](https://www.theguardian.com/commentisfree/2018/mar/28/all-the-data-facebook-google-has-on-you-privacy "https\://www.theguardian.com/commentisfree/2018/mar/28/all-the-data-facebook-google-has-on-you-privacy") of personal data points on me? No problem, they are just building a better product. Facebook having [hundreds of pictures](https://www.businessinsider.com/instagram-facing-500-billion-in-fines-in-facial-recognition-lawsuit-2020-8?r=US&IR=T) of all your family members to [train their machine learning algorithm](https://bgr.com/2019/07/05/facebook-outage-reveals-ai-catalogs-every-photo-you-upload/ "https\://bgr.com/2019/07/05/facebook-outage-reveals-ai-catalogs-every-photo-you-upload/")? Everyone does that, it’s normal (no, they don’t, and [it’s not](https://www.cnet.com/news/amazon-google-and-microsoft-sued-over-photos-in-facial-recognition-database/?mkt_tok=eyJpIjoiTmpobE1EYzJZekJrTWpReCIsInQiOiJJSTgyWUZQZ3hEZU9xQnR5MEpuYUEzRmE4UWNWVDM4NmhkbzF0VERMWXF0VDl0VittTGtHdVB5SEFwdFVHYktmWDJQXC9kMzBiK1NhZmVHZW9XdmhpTzAya051XC9QNVk0NXBSRWlPS3BiVzQ5N0M2dm1TZXVWczJUWHpQeHh3ZFBTIn0%3D "https\://www.cnet.com/news/amazon-google-and-microsoft-sued-over-photos-in-facial-recognition-database/?mkt_tok=eyJpIjoiTmpobE1EYzJZekJrTWpReCIsInQiOiJJSTgyWUZQZ3hEZU9xQnR5MEpuYUEzRmE4UWNWVDM4NmhkbzF0VERMWXF0VDl0VittTGtHdVB5SEFwdFVHYktmWDJQXC9kMzBiK1NhZmVHZW9XdmhpTzAya051XC9QNVk0NXBSRWlPS3BiVzQ5N0M2dm1TZXVWczJUWHpQeHh3ZFBTIn0%3D")).
+
+Corporate entities whose business model rests on violating your privacy log your actions, thoughts, secrets and desires. They predict your future steps through these violations, [nudging you](https://theintercept.com/2018/04/13/facebook-advertising-data-artificial-intelligence-ai/ "https\://theintercept.com/2018/04/13/facebook-advertising-data-artificial-intelligence-ai/") into directions you might not explore by your own volition. Your government might [get access](https://www.wsj.com/articles/u-s-government-contractor-embedded-software-in-apps-to-track-phones-11596808801 "https\://www.wsj.com/articles/u-s-government-contractor-embedded-software-in-apps-to-track-phones-11596808801") to [this information](https://theintercept.com/2020/07/09/twitter-dataminr-police-spy-surveillance-black-lives-matter-protests/) (perhaps in an ‘all access backdoor’ form) to use it as they please. Your [credit score may tank](https://www.chron.com/opinion/article/Data-isn-t-just-being-collected-from-your-phone-15449776.php "https\://www.chron.com/opinion/article/Data-isn-t-just-being-collected-from-your-phone-15449776.php"), proper healthcare might [go out of reach](https://www.propublica.org/article/health-insurers-are-vacuuming-up-details-about-you-and-it-could-raise-your-rates "https\://www.propublica.org/article/health-insurers-are-vacuuming-up-details-about-you-and-it-could-raise-your-rates"), you might not get that job or police just knocks on your door [after a lawful protest](https://theintercept.com/2020/07/09/twitter-dataminr-police-spy-surveillance-black-lives-matter-protests/) - because of [privacy violating profiling](https://www.nytimes.com/interactive/2019/12/21/opinion/location-data-democracy-protests.html "https\://www.nytimes.com/interactive/2019/12/21/opinion/location-data-democracy-protests.html"). Global crises offer a [handy](https://www.politico.eu/article/coroanvirus-covid19-surveillance-data/ "https\://www.politico.eu/article/coroanvirus-covid19-surveillance-data/") opportunity for shortcuts leading to normalization of privacy issues. This is not just a problem under authoritarian regimes, but [becoming](https://www.jpost.com/israel-news/israelis-underestimating-gravity-of-govt-surveillance-expert-warns-624891 "https\://www.jpost.com/israel-news/israelis-underestimating-gravity-of-govt-surveillance-expert-warns-624891") [the](https://monitor.civicus.org/updates/2019/07/22/new-mass-surveillance-system-chile/ "https\://monitor.civicus.org/updates/2019/07/22/new-mass-surveillance-system-chile/") [norm](https://www.opendemocracy.net/en/opensecurity/big-democracy-big-surveillance-indias-surveillance-state/ "https\://www.opendemocracy.net/en/opensecurity/big-democracy-big-surveillance-indias-surveillance-state/") in stable democracies around the world.
+
+> Information is power. But like all power, there are those who want to keep it for themselves.\
+> *Aaron Swartz*
+
+The slippery privacy slope we found ourselves on came about organically because of familiar forces that shape our world: money and power. Those raking in the cash and carry out invasive monitoring for control have [no real incentives](https://www.theverge.com/2019/7/12/20692524/facebook-five-billion-ftc-fine-embarrassing-joke "https\://www.theverge.com/2019/7/12/20692524/facebook-five-billion-ftc-fine-embarrassing-joke") to curb their behavior. Capabilities and purpose are both aligned for effective tech companies in monopolistic positions and states with vast resources dismantling checks and balances. While the means are similar for the two groups, their goals are different.\
+For the former, monetisation of the [behavioral surplus](https://sciencenode.org/feature/shoshana-zuboff,-part-two-rendering-reality.php "https\://sciencenode.org/feature/shoshana-zuboff,-part-two-rendering-reality.php") derived from personal information through advertising is the goal. For the latter, dragnet surveillance and bulk data collection provide insights to actions of their citizens, enabling effective monitoring and control. There is no reason to change the status quo: the scope of data collection [will just keep increasing](https://www.idc.com/getdoc.jsp?containerId=prUS45213219 "https\://www.idc.com/getdoc.jsp?containerId=prUS45213219").
+
+## All watched over by machines of data collection
+
+It was a daunting task for us even to contemplate the scope of data harvested from our lives for this post. How does this work in action? Where does data originate? Who is collecting it and what information they derive from it?
+
+![we are all profiled carefully](/images-static/uploads/image-from-rawpixel-id-323097-jpeg-1-.jpg)
+
+1. On the micro-level, [trackers collect](https://petsymposium.org/2020/files/papers/issue2/popets-2020-0038.pdf "https\://petsymposium.org/2020/files/papers/issue2/popets-2020-0038.pdf") individual data points from a distinct source and group it together, representing a sequence or a session
+2. Data processors and their partners [trade, sell and acquire](https://www.ft.com/content/f1590694-fe68-11e8-aebf-99e208d3e521 "https\://www.ft.com/content/f1590694-fe68-11e8-aebf-99e208d3e521") these batches for analysis and other use
+3. By correlating different data sets with matching pieces of personally identifiable information (email address, name, physical address, unique sequence of actions), companies and adversaries match them to [your individual profile](https://www.fastcompany.com/90310803/here-are-the-data-brokers-quietly-buying-and-selling-your-personal-information "https\://www.fastcompany.com/90310803/here-are-the-data-brokers-quietly-buying-and-selling-your-personal-information") with high confidence. They create a chain of events that mirror your life spanning across days, weeks and years.
+4. For targeting purposes, the processors attach labels and flags to profiles that represent your household income, religion, [political preferences](https://twitter.com/VickerySec/status/1292721157888598017 "https\://twitter.com/VickerySec/status/1292721157888598017"), sexual identity and potentially a thousand plus other [inferred data points](https://privacyinternational.org/sites/default/files/2018-04/data%20points%20used%20in%20tracking_0.pdf "https\://privacyinternational.org/sites/default/files/2018-04/data%20points%20used%20in%20tracking_0.pdf").
+5. This information is then used to identify you for [law enforcement purposes](https://www.latimes.com/opinion/story/2020-07-27/lapd-big-data-policing-palantir), to influence your vote or to target you with advertisements carrying the right content, at the right place, at the right time. This is happening with such precision that you might think platforms are now [tapping your phone](https://newatlas.com/computers/facebook-not-secretly-listening-conversations/ "https\://newatlas.com/computers/facebook-not-secretly-listening-conversations/") to figure out your intimate thoughts.
+
+Where is your information leaking? While giving a complete picture is difficult, here are the key sources and channels where data derived from our actions originate and flow through:
+
+| Source                                            | Method                                                                                                                                                               | Information (sample)                                                                       | Sensitive knowledge (e.g.)                                       |
+| ------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------ | ---------------------------------------------------------------- |
+| Internet Service Provider, Cell Provider          | Logging through DNS and [deep packet inspection](https://security.stackexchange.com/questions/155057/my-isp-uses-deep-packet-inspection-what-can-they-observe)       | IP address; websites visited; length of visit                                              | Political affiliation, medical conditions                        |
+| Online services and apps (incl. Facebook, Google) | [Trackers in app](https://petsymposium.org/2020/files/papers/issue2/popets-2020-0017.pdf); customer profiles sold                                                    | IP address, email address,  location information,  customer preferences, generated content | Political affiliation, groups you belong to, what you believe in |
+| Websites you visit                                | [Trackers on website](https://petsymposium.org/2020/files/papers/issue2/popets-2020-0038.pdf); analytics services passing data                                       | IP address, actions taken on website, device information, email address                    | Content preferences, medical conditions, 'risky' research        |
+| Mobile location                                   | [Collecting GPS, cell tower information](https://arstechnica.com/tech-policy/2020/08/beware-of-find-my-phone-wi-fi-and-bluetooth-nsa-tells-mobile-users/)            | Location attached to device ID/phone number                                                | Who you associate with, identity of friends, where do you work   |
+| Credit card purchases                             | [Sharing purchase history ](https://www.forbes.com/sites/petercohan/2018/07/22/mastercard-amex-and-envestnet-profit-from-400m-business-of-selling-transaction-data/) | Date, vendor, item, amount                                                                 | Travel habits, activism support, adult content consumption       |
+| Email provider                                    | Scanning email content [and selling insights](https://www.techradar.com/news/your-email-provider-might-be-selling-your-personal-data)                                | Email content analysis, contacts, metadata                                                 | Secrets, desires, purchase habits, travel habits                 |
+| Health trackers                                   | Logging and selling [biometric data](https://techcrunch.com/2020/02/20/google-gobbling-fitbit-is-a-major-privacy-risk-warns-eu-data-protection-advisor/)             | Heart rate, workout habits                                                                 | Health issues, private life                                      |
+| Connected devices                                 | [Collecting voice](https://www.the-ambient.com/features/how-amazon-google-apple-use-smart-speaker-data-338), device usage data                                       | Search queries, apartment layout, consumption habits                                       | Details on your home, private conversation with family           |
+| Out-of-home                                       | CCTV, facial recognition, workplace monitoring                                                                                                                       | Date/time and location correlated                                                          | Where you are and when, travel habits, daily routine             |
+
+*Selling in the context of ‘Method’ might mean used for monetisation and profit extraction within the same corporate ecosystem. Google and Facebook can safely say ‘We never sell customer information, we care about user privacy’. That is technically correct, but they sell your attention to the highest bidder using private information gathered from you across their different services. Google Analytics, for example, is present on [87% of the 10.000](https://petsymposium.org/2020/files/papers/issue2/popets-2020-0038.pdf "https\://petsymposium.org/2020/files/papers/issue2/popets-2020-0038.pdf") most visited websites.*
+
+## Change is possible, and it starts with you
+
+There are concrete steps you can take today to protect your privacy first, then extend that change to help others do the same. As we discussed [before](https://www.ivpn.net/blog/why-you-dont-need-a-vpn/ "https\://www.ivpn.net/blog/why-you-dont-need-a-vpn/"), in most cases a VPN is not a sufficient solution to tackle privacy issues. To give you pointers for moving beyond one tool, we have collected what can you do to address the key problems:
+
+| Source                                            | Tools for resistance                                                     |
+| ------------------------------------------------- | ------------------------------------------------------------------------ |
+| Internet Service Provider, Cell Provider          | VPN; Tor                                                                 |
+| Online services and apps (incl. Facebook, Google) | Use privacy respecting services; email forwarding services               |
+| Websites you visit                                | Ads and tracker blockers (extensions, VPN)                               |
+| Mobile location                                   | Turn off location sharing; selective permissions; burner phone           |
+| Credit card purchases                             | Card masking services; stick to prepaid cards, cryptocurrency or cash    |
+| Email provider                                    | Use a paid email provider with no-logs policy and no ads (e.g. Tutanota) |
+| Health trackers                                   | Turn off logging and sharing; pick a product with privacy safeguards     |
+| Connected devices                                 | Buy non-connected devices; ditch smart speakers                          |
+| Out-of-home                                       | Wear masks; support anti-FRT legislation.                                |
+
+As you can see, using a VPN only solves one part of the entire issue, and partly helps with another. If you want to improve your privacy protection significantly, you need to do more.
+
+## Further challenges we cannot solve alone
+
+Most issues can be mitigated or solved with tactics or tools, others are complex or hard to resist. Examples of issues with no simple solutions:
+
+**Device fingerprinting online** 
+
+When visiting a website, the combination of the characteristics of your device, settings and browser information (e.g. user agent information, operating system, fonts and plugins installed) makes you unique and [personally identifiable](https://petsymposium.org/2020/files/papers/issue2/popets-2020-0041.pdf "https\://petsymposium.org/2020/files/papers/issue2/popets-2020-0041.pdf"). You can use a browser that’s [trying](https://brave.com/whats-brave-done-for-my-privacy-lately-episode-4-fingerprinting-defenses-2-0/) to counter this issue. Disabling JavaScript and using tools like Tails and CanvasBlocker might help. But in most cases, the more measures you take to hide yourself, the more unique your ‘fingerprint’ will become.
+
+**Mobile phone location based on cell tower data**
+
+To connect to your phone network, your device must communicate with cell towers that generate [logs at your mobile provider](https://petsymposium.org/2020/files/papers/issue2/popets-2020-0041.pdf "https\://petsymposium.org/2020/files/papers/issue2/popets-2020-0041.pdf"). Burner phones are a solution, but in certain countries you cannot legally get a SIM card without a photo ID.
+
+**Facial recognition through police cameras, CCTV**
+
+Masks are [somewhat efficient](https://www.vox.com/recode/2020/7/28/21340674/face-masks-facial-recognition-surveillance-nist "https\://www.vox.com/recode/2020/7/28/21340674/face-masks-facial-recognition-surveillance-nist") and you can [buy gear](https://www.businessinsider.com/clothes-accessories-that-outsmart-facial-recognition-tech-2019-10?r=US&IR=T "https\://www.businessinsider.com/clothes-accessories-that-outsmart-facial-recognition-tech-2019-10?r=US&IR=T") designed for countering this threat, but there is no perfect solution.
+
+**Compromised hardware layer**
+
+Malware and backdoors in hardware [you cannot trust](https://theprivacyissue.com/government-surveillance/pwned-on-arrival-hardware-supply-chain "https\://theprivacyissue.com/government-surveillance/pwned-on-arrival-hardware-supply-chain") are hard to detect and can cause leakage of sensitive data even if [other layers](https://twitter.com/cburniske/status/1269712449243975680 "https\://twitter.com/cburniske/status/1269712449243975680") are secure.
+
+**Services that don’t respect your privacy, but you ‘must’ use**
+
+If you cannot find [suitable substitutes](https://www.reddit.com/r/degoogle/ "https\://www.reddit.com/r/degoogle/") for Google Maps, peer pressure is too much for you to leave Facebook or other snooping services are mandatory for your work, your privacy will suffer.
+
+## Education, activism and resistance shows the path forward
+
+To solve each problem above, you can go ‘off the grid’. If you are living in the woods without a phone or any connected device, typing the next activist manifesto on an air-gapped machine - no-one can violate your privacy. Most of us, however, wish to stay and take part in our communities without the pressure of surveillance, as free individuals who can choose what they share and who they share it with.
+
+![wrestling the surveillance octopus](/images-static/uploads/image-from-rawpixel-id-543749-jpeg.jpg)
+
+There is a small minority who won’t settle for the new data collection status quo. Activists, journalists, academics, lawyers and tool makers are working on uncovering issues, bringing those ‘steps in the dark’ to light. They piece minor violations together and apply pressure on those grinding their way to more money and more power. Their contributions bring on [congressional hearings](https://www.wilmerhale.com/insights/client-alerts/20190314-senate-judiciary-committee-holds-hearing-on-gdpr-and-ccpa "https\://www.wilmerhale.com/insights/client-alerts/20190314-senate-judiciary-committee-holds-hearing-on-gdpr-and-ccpa"), [privacy legislations](https://www.velaw.com/insights/ccpa-2-0-the-california-privacy-rights-act-is-on-november-ballot/), and creation of [new tools of resistance](https://ssd.eff.org/en/module-categories/tool-guides). Here is what you can do to join this movement, start protecting yourself and further the bigger cause:
+
+**Education**
+
+Understanding the underlying issues better help put the problem into proper context and sets you off towards finding solutions. There are great resources on privacy issues, ranging from [blogs](https://teachprivacy.com/privacy-security-training-blog/ "https\://teachprivacy.com/privacy-security-training-blog/") through [books](https://www.theguardian.com/technology/2019/jan/20/shoshana-zuboff-age-of-surveillance-capitalism-google-facebook "https\://www.theguardian.com/technology/2019/jan/20/shoshana-zuboff-age-of-surveillance-capitalism-google-facebook") to [podcasts](https://theprivacyissue.com/privacy-and-society/download-privacy-security-podcasts "https\://theprivacyissue.com/privacy-and-society/download-privacy-security-podcasts"). We have published well-received [privacy guides](https://www.ivpn.net/privacy-guides/ "https\://www.ivpn.net/privacy-guides/") where you can start.
+
+**Activism**
+
+Experienced and motivated people actively work on privacy and surveillance related problems using technology, law and political channels. Join them and donate money or your time - start with [Tor](https://donate.torproject.org/ "https\://donate.torproject.org/"), [EFF](https://supporters.eff.org/donate/30for30--S "https\://supporters.eff.org/donate/30for30--S"), [NOYB](https://support.noyb.eu/join "https\://support.noyb.eu/join") and [Tactical Tech](https://tacticaltech.org/#/donate "https\://tacticaltech.org/#/donate").
+
+**Using tools of resistance** 
+
+As highlighted above, you can counter various privacy harms by using tools designed for your problems. Use open-source and paid products, donate to their creators. The best place to find alternatives to your current setup is the [PrivacyGuides](https://www.privacyguides.org/ "https\://www.privacyguides.org/") website and their [community](https://www.reddit.com/r/privacyguides/ "https\://www.reddit.com/r/privacyguides/"). Techlore also has great [guides](https://www.youtube.com/c/Techlore/playlists "https\://www.youtube.com/c/Techlore/playlists") (and a Discord channel) if video is your preferred format for learning.\
+Are you working on privacy enhancing tools and services? Contact us and we will do our best to amplify them.
+
+- - -
+
+Protecting personal privacy in the age of perpetual surveillance might seem like a Sisyphean task, but one thing to keep in mind is you are not alone in this. Many of us have similar needs, share your feelings of injustice and ready to work on solving the issues. Let us work together towards that future by using every mean available: education, activism that pushes for legislation, and building tools of resistance against this present day dystopia.
+
+*Illustrations displayed in the post are under public domain C00 license.*
diff --git a/src/content/es/blog/quantum-resistant-wireguard-connections-ivpn-apps.md b/src/content/es/blog/quantum-resistant-wireguard-connections-ivpn-apps.md
new file mode 100644
index 000000000..b2dce8995
--- /dev/null
+++ b/src/content/es/blog/quantum-resistant-wireguard-connections-ivpn-apps.md
@@ -0,0 +1,35 @@
+---
+title: Introducing quantum resistant WireGuard connections in IVPN apps
+url: /blog/quantum-resistant-wireguard-connections-ivpn-apps/
+highlighted: false
+draft: false
+authors:
+  - Alexandr Stelnykovych
+  - Viktor Vecsei
+categories:
+  - Releases
+tags:
+  - Apps
+  - WireGuard
+  - Security
+date: 2023-08-07T08:35:00.000Z
+thumbnailImage: /images-static/uploads/quantum-resistant.png
+
+---
+Quantum computing poses a threat to VPN security due to its potential to break traditional encryption algorithms much faster.
+
+In an attempt to mitigate this risk and provide quantum resistance, a PresharedKey (PSK) is now used in addition to existing encryption. A PresharedKey (PSK) is a secret key that is shared between the VPN client and server before establishing a connection. 
+
+This adds an extra layer of symmetric encryption to the connection, making it more difficult for potential quantum attackers to break the encryption. Using a Key Encapsulation Mechanism (KEM) with a PresharedKey (PSK) can increase the quantum resistance of a WireGuard connection, if the KEM is based on a post-quantum cryptographic algorithm. 
+
+Note, this approach doesn't make the connection entirely quantum-proof as it still relies on classical cryptographic primitives.
+
+Starting with the latest version of all IVPN apps, quantum-resistant WireGuard connections are initiated by default. No manual action is required to enable this feature. Quantum resistance does not affect the latency or the speed of the connection.
+
+For more details read our explainer about [quantum resistant VPN connections][1], or consult our [FAQ article][2] that addresses common questions. 
+
+Quantum resistant connections are available only with IVPN apps at this time, we will assess offering similar functionality for manual connections using a router or the native WireGuard client.
+
+ [1]: /knowledgebase/general/quantum-resistant-vpn-connections/
+ [2]: /knowledgebase/general/quantum-resistance-faq/
+ 
diff --git a/src/content/es/blog/release-of-revamped-ivpn-app-for-iphones-and-ipads.md b/src/content/es/blog/release-of-revamped-ivpn-app-for-iphones-and-ipads.md
new file mode 100644
index 000000000..3d5ca3213
--- /dev/null
+++ b/src/content/es/blog/release-of-revamped-ivpn-app-for-iphones-and-ipads.md
@@ -0,0 +1,50 @@
+---
+title: Release of revamped IVPN app for iPhones and iPads
+# Example: /blog/this-is-a-good-post
+url: /blog/release-revamped-ivpn-app-iphones-ipads/
+highlighted: false
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - Releases
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - Apps
+  - Open Source
+date: 2020-09-08T10:59:22.493Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/thumb-2x.png
+# Ratio 1:1, example 500x500
+images:
+  - /images-static/uploads/frame-264-2x.png
+---
+Today we are releasing redesigned iOS and iPadOS apps for IVPN. This is the first milestone in our project of rebuilding our applications for better usability and user experience.
+
+Why have we opted for redesign? There are specific aspects of the apps we aimed to improve:
+
+1. Easier controls accessible right in the main screen
+2. Better visual overview of connection status and location
+3. Smoother setup process and account management within our apps
+
+Let's see how these needs translated into the revamped version of our iOS and iPadOS apps:
+
+![server selection on ios ipados ivpn app](/images-static/uploads/frame-267-2x.png)
+
+A pull-up control panel is accessible from the main screen, providing a seamless way to select servers (including multi-hop), switch between protocols, or toggle AntiTracker.
+
+![interactive map on ios ipados ivpn app](/images-static/uploads/frame-264-2x.png)
+
+An interactive map helps with picking a new location and verifying it after connection. The app displays the new public IP address.
+
+![account management with qr code ios ipados ivpn app](/images-static/uploads/frame-276-2x.png)
+
+A dedicated account screen helps grabbing your username, serving as a sole identifier. A QR code enables quicker setup on other devices.
+
+iOS and iPadOS apps for IVPN are open source. You can review the source code and contribute on our [GitHub page.](https://github.com/ivpn/ios-app)
+
+The release of a new Android app is the next step for the project, followed by desktop apps on Linux (with a GUI), macOS and Windows.
+
+We welcome any feedback on the new app versions - please [contact us](https://www.ivpn.net/contactus/) to share your experience.
+
+IVPN Staff
diff --git a/src/content/es/blog/removal-of-kill-switch-from-our-ios-app-due-to-apple-ip-leak-issue.md b/src/content/es/blog/removal-of-kill-switch-from-our-ios-app-due-to-apple-ip-leak-issue.md
new file mode 100644
index 000000000..f9a63a695
--- /dev/null
+++ b/src/content/es/blog/removal-of-kill-switch-from-our-ios-app-due-to-apple-ip-leak-issue.md
@@ -0,0 +1,37 @@
+---
+title: Removal of kill switch from our iOS app due to Apple IP leak issue
+url: /blog/removal-of-kill-switch-from-our-ios-app-due-to-apple-ip-leak-issue/
+highlighted: false
+draft: false
+authors:
+  - Juraj Hilje
+  - Viktor Vecsei
+categories:
+  - Releases
+tags:
+  - Apps
+  - Privacy
+date: 2023-08-01T12:00:00.000Z
+thumbnailImage: /images-static/uploads/thumb-2x.png
+---
+**When using Apple services on iOS 16+, a VPN connection does not fully protect your privacy against Apple. Even with an active VPN connection and kill switch enabled, traffic from your iOS 16+ device to Apple servers can leak outside the VPN tunnel and expose your local IP address to Apple. For this reason, during the next release we are removing the kill switch feature from the IVPN iOS app. Connections to non-Apple servers are not vulnerable to this leak, thus general privacy benefits of your VPN connection are unaffected.**
+
+## Leak issue
+
+During recent tests of Apple's 'includeAllNetworks' feature, also known as kill switch, we found that the functionality is not working as expected, leading to some traffic leaking outside the VPN tunnel to Apple's servers.
+
+This means that, even when the VPN is connected, using Apple's services like Apple Maps or Apple Push Notifications may result in traffic bypassing the VPN tunnel, allowing Apple servers you connect to to see the user's local IP address.
+
+## Background
+
+The iOS VPN bypass issue was initially discovered in iOS 13.3.1. To resolve the problem, Apple introduced the ['includeAllNetworks'](https://developer.apple.com/documentation/networkextension/nevpnprotocol/3131931-includeallnetworks) feature in iOS 14+, which was designed to force all network traffic through the VPN tunnel.
+
+Recent tests [conducted by security researchers](https://restoreprivacy.com/latest-ios-found-to-bypass-vpn-connection-for-some-services/) revealed that on iOS 16.1+ devices, network traffic to Apple's servers still leaks outside the VPN tunnel, even when 'includeAllNetworks' is enabled.
+
+## Next steps by IVPN
+
+In our next iOS app release, we will remove the kill switch feature for iOS 16+ devices. This step is required to avoid providing a false sense of security to customers. 
+
+The feature will continue to be available for iOS 15 devices, as we have confirmed that 'includeAllNetworks' works effectively on those devices.
+
+Further, we are filing a bug report with Apple and will closely monitor this issue in future iOS versions.
diff --git a/src/content/es/blog/socks5-proxy.md b/src/content/es/blog/socks5-proxy.md
new file mode 100644
index 000000000..30286bb32
--- /dev/null
+++ b/src/content/es/blog/socks5-proxy.md
@@ -0,0 +1,35 @@
+---
+title: App-based VPN using SOCKS5
+url: /blog/socks5-proxies-app-based-vpn-tunnels/
+highlighted: false
+draft: false
+authors:
+  - Nick Pestell
+categories:
+  - Under the Hood	
+tags:
+  - Apps
+date: 2022-07-13T11:12:00.000Z
+thumbnailImage: /images-static/uploads/firefox-containers-thumbnail.png
+---
+
+Today we're launching our new SOCKS5 proxy service, available on all IVPN servers. This enables multiple new features but I feel the most exciting is the ability to configure individual apps (or browser tabs!) to route their traffic through a different VPN server than the one you are connected to. For example, you could connect to the Paris VPN server using the IVPN app, but configure your web browser to exit through the Singapore VPN server. With this setup, all the traffic generated by apps on your device will by default exit through the Paris server, except for traffic from the web browser which will exit through the Singapore VPN server. This feature can be supercharged for customers using Firefox by installing the "Firefox Multi-account Containers" addon which enables you to configure a different SOCKS5 proxy for each browser tab. See the section below for more details, including a video demo.
+
+Secondly, with the SOCKS5 service you can implement an application kill-switch, so traffic from the application would be unrouteable if the VPN connection is terminated. The IVPN app firewall already prevents any traffic leaking outside of the VPN connection, but for those not using the IVPN app SOCKS5 can provide a kill-switch functionality. 
+IVPN app users may also benefit from an additional killswitch if they need to disable the IVPN firewall to access local or remote resources, or if they feel more comfortable having multiple anti-leak controls. This works, because our SOCKS5 proxies are only available when the VPN is connected, so if the VPN is disconnected, the proxy is not available and no traffic can leak from the application.
+
+For more information on how to configure SOCKS5 please refer to our <a href="/knowledgebase/general/socks5-proxy-service/">SOCKS5 Knowledgebase article</a>.
+
+## Firefox Multi-Account Containers
+
+Besides being able to configure containers with their own VPN server, you can associate specific websites with a container. When you open the website, it will open in the associated container and all traffic will be routed through the associated VPN server. For example, you can create a container to route traffic through the London, UK server and associate the BBC news website with that container. When you visit the BBC news website, Firefox will launch it in the associated container, and the connection will be routed through the London, UK server without you having to do anything. Note that you need to be connected to the VPN first for this to work.
+
+{{< video src="/images-static/uploads/firefox-multi-account-containers-ivpn-demo-blog-50.mp4" type="video/mp4" preload="auto" >}}
+
+## Some technical details
+
+Each VPN server has a SOCKS5 proxy listening on port 1080. Once you are connected to any VPN server using Wireguard, OpenVPN, or IPSec you can configure your application to use the SOCKS proxy on any server in our network, including the one you are connected to. Every server in our network is interconnected using a Wireguard mesh. If you connect to Amsterdam using OpenVPN and then proxy your Firefox traffic to the Kyiv server, your Firefox traffic is encrypted to the Amsterdam server using OpenVPN, and then re-encrypted for the Kyiv server via the WireGuard mesh, where it will exit to its final destination.
+
+**Warning**
+
+Although this appears to be a multi-hop connection, it doesn't offer the same security properties as the multi-hop service available from within the apps. When using multi-hop via the IVPN apps, your data is encrypted for the exit server, so an attacker with access to the entry server would only see the encrypted data. When using a SOCKS5 proxy, an attacker with access to the entry server could see your unencrypted traffic after it has been decrypted by the OpenVPN tunnel, and before encrypting for the WireGuard mesh. This risk is somewhat mitigated by the use of layer 5+ encryption e.g. SSL/TLS. For customers with a threat model that requires multi-hop, and a fully end-end encrypted tunnel to the exit server, we recommend establishing a multi-hop connection from within the app before using  a SOCKS5 server (thereby establishing a triple-hop connection if you use a SOCKS5 proxy on a different server to your entry or exit server).
\ No newline at end of file
diff --git a/src/content/es/blog/test-the-new-ivpn-apps-in-our-first-beta-program.md b/src/content/es/blog/test-the-new-ivpn-apps-in-our-first-beta-program.md
new file mode 100644
index 000000000..d99afea1e
--- /dev/null
+++ b/src/content/es/blog/test-the-new-ivpn-apps-in-our-first-beta-program.md
@@ -0,0 +1,57 @@
+---
+title: Test the new IVPN apps in our first beta program
+# Example: /blog/this-is-a-good-post
+url: /blog/test-new-ivpn-apps-first-beta-program/
+highlighted: true
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - Releases
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - apps
+date: 2020-08-11T12:42:20.683Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/rnew_release.png
+# Ratio 1:1, example 500x500
+images:
+  - /images-static/uploads/protection.png
+socalUrls:
+  twitterUrl: https://twitter.com/ivpnnet/status/1293184826304995332
+  redditUrl: https://www.reddit.com/r/IVPN/comments/i7sawt/test_the_new_ivpn_apps_in_our_first_beta_program/
+---
+Our team is preparing new and revamped IVPN apps for shipping to all customers. Major changes include a redesigned UI on all platforms and the addition of GUI to our Linux app.
+
+We invite you to get a sneak peek, test our apps over the next few weeks and help deliver a bug-free release.
+
+![ivpn beta apps with new ui](/images-static/uploads/protection.png)
+
+**How to participate?**
+
+**iOS**: Get access to the beta app through TestFlight by following [this link](https://testflight.apple.com/join/FnmEzHHb), then log in with your existing username.\
+\
+**Android, macOS, Linux and Windows:** Download the beta application from the beta section on our site, install, then log in with your existing username.
+
+For testing on desktop, make sure that you have the latest IVPN apps installed (v2.12.4 for macOS\Windows, v2.12.5 for Linux) before installing the beta version.
+
+Note: our beta service is only available to customers who have an active subscription with IVPN. If you wish to participate in this test, but you are not a customer or your previous plan has expired, we recommend [purchasing](https://www.ivpn.net/signup/ "https\://www.ivpn.net/signup/") a new subscription.
+
+**What to look out for while testing?**\
+Hearing about your experiences is the aim of this project. While we welcome tips on improvements, we are primarily looking for reports on bugs we can fix before the full release.
+
+![slide up panel in ivpn beta apps](/images-static/uploads/slide_up_panel.png)
+
+**How to give feedback?**
+
+Pick the most convenient for you from these options:
+
+1. Post your findings in the dedicated [Reddit thread](https://www.reddit.com/r/IVPN/comments/i7sawt/test_the_new_ivpn_apps_in_our_first_beta_program/)
+2. Respond the the [tweet](https://twitter.com/ivpnnet/status/1293184826304995332) about the program
+3. Respond to our post [on Mastodon](https://mastodon.social/@ivpn/104671103222315153)
+4. Drop us an email to [beta@ivpn.net](mailto:beta@ivpn.net "mailto\:beta@ivpn.net")
+5. Send your findings through the TestFlight app (on iOS)
+
+Thanks for your participation and happy testing!
+
+IVPN Staff
\ No newline at end of file
diff --git a/src/content/es/blog/vpns-are-imperfect-but-necessary-privacy-enhancing-tools.md b/src/content/es/blog/vpns-are-imperfect-but-necessary-privacy-enhancing-tools.md
new file mode 100644
index 000000000..2230328f1
--- /dev/null
+++ b/src/content/es/blog/vpns-are-imperfect-but-necessary-privacy-enhancing-tools.md
@@ -0,0 +1,55 @@
+---
+title: VPNs are imperfect, but necessary privacy enhancing tools
+# Example: /blog/this-is-a-good-post
+url: /blog/vpn-imperfect-necessary-privacy-enhancing-tools/
+highlighted: false
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - Industry Insights
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - privacy
+  - security
+date: 2020-06-04T08:54:36.080Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/vpn.png
+---
+I’ve given everything away in the title. If you want better privacy online, use a VPN, but don’t expect perfect protection.
+
+Another blog post discussing the benefits of a VPN might feel unnecessary in 2020. Hundreds of companies give you thousands of reasons on why you need one, bombarding you through ads, flashy landing pages and YouTube shout-outs. These promotions are often misleading or even harmful.This is why we need clarity.
+
+The first article in this series is [‘Why you don’t need a VPN’](https://www.ivpn.net/blog/why-you-dont-need-a-vpn/ "https\://www.ivpn.net/blog/why-you-dont-need-a-vpn/"). There we have established that VPNs are not useful, or not alone sufficient for most use cases mentioned in VPN marketing lingo. They won’t provide perfect privacy, total anonymity or complete security.
+
+Today we aim to set the record straight by expanding all use cases you need a VPN for. Commercial VPNs are imperfect tools, with the potential of giving a false sense of security. However, there are real, demonstrable privacy- and security-protecting benefits of using one.
+
+## Privacy under attack
+
+Privacy violations were the [most important reasons](https://www.wired.com/2014/05/sandvine-report/ "https\://www.wired.com/2014/05/sandvine-report/") for VPN usage in the past ten years. [Permanent records are created](https://theintercept.com/2015/11/12/edward-snowden-explains-how-to-reclaim-your-privacy/ "https\://theintercept.com/2015/11/12/edward-snowden-explains-how-to-reclaim-your-privacy/") about most human beings from the moment we go online. Data collected on our actions is used to profile us, [grabbing our attention](https://www.amazon.com/Attention-Merchants-Scramble-Inside-Heads/dp/0804170045/ref=sr_1_1?dchild=1&keywords=attention+merchants&qid=1591259691&s=books&sr=1-1 "https\://www.amazon.com/Attention-Merchants-Scramble-Inside-Heads/dp/0804170045/ref=sr_1_1?dchild=1&keywords=attention+merchants&qid=1591259691&s=books&sr=1-1") and influence our behavior. This data is immensely valuable - we are now a desirable commodity. Our privacy is under constant attack every day from [governments](https://www.pbs.org/wgbh/frontline/article/with-or-without-the-patriot-act-heres-how-the-nsa-can-still-spy-on-americans/ "https\://www.pbs.org/wgbh/frontline/article/with-or-without-the-patriot-act-heres-how-the-nsa-can-still-spy-on-americans/") and [corporations](https://www.amazon.com/Age-Surveillance-Capitalism-Future-Frontier/dp/1610395697 "https\://www.amazon.com/Age-Surveillance-Capitalism-Future-Frontier/dp/1610395697"). Even if you think have nothing to hide, those profiling you hold power over you.
+
+Those who want to resist becoming exploited data sources need tools to stop the unwanted capture of information. VPNs alone can’t do that in entirety, no matter what certain providers promise. They can be an essential part of an online security and privacy improving toolkit, however:
+
+1. You need to be are aware of the limitations of VPNs
+2. You need to trust your VPN provider more than you trust your ISP and/or your government
+
+In short, a VPN encrypts the data between your device and the VPN server. This protects your connection from data collection and snooping by entities you don’t trust. They can also solve other problems, like getting around censorship and geographical blocking.
+
+## What VPNs can do for you
+
+Let’s go through the benefits of using a VPN in 2020. What exact advantages are there?
+
+1. **Privacy benefits of encryption**. Using a commercial VPN hides your browsing history from your internet service providers, including your mobile provider. A list of websites you have visited in a period gives powerful insights into your life. If you connect to a VPN, your ISP won’t be able to sell your browsing history to advertisers and data brokers. Legislations covering the possibilities for commercial transactions vary from country to country, but they are [permissive in the United States](https://www.theverge.com/2017/3/31/15138526/isp-privacy-bill-vote-trump-marsha-blackburn-internet-browsing-history "https\://www.theverge.com/2017/3/31/15138526/isp-privacy-bill-vote-trump-marsha-blackburn-internet-browsing-history") specifically since 2017.\
+   Governments in many countries (US and UK included) have a wide range of investigative powers and can also get your detailed browsing history from ISPs. These companies are very unlikely to put up any fight against official requests. Your VPN provider might and they are less likely to keep logs on your activities. This is where the trust factor comes in: a transparent, audited VPN service with clear no-logs policy can be an ally your ISP never will be.
+2. **Privacy benefits of IP address masking**. When connecting to a VPN, it hides your private IP and ideally mixes your new public address with many other users. This means no one can associate your activity with your persona based on this identifier alone. In addition, this provides increased anonymity on peer-to-peer networks. Websites have a harder time figuring out you are visiting them, associating your actions tied to a personal profile. This adds limited tangible value to identity protection, however, as there are dozens of different other ways to identify users of apps and visitors of websites. If any of the other signals give away your persona, you lose your initial anonymity.
+3. **Information security benefits of encryption** on Wi-Fi networks you don’t trust. Since a VPN tunnel encrypts your connection between your device and the server, the operator of a network can’t monitor or log what you do online. It protects you from common attacks capturing your sensitive data, like [Man-in-the-Middle](https://en.wikipedia.org/wiki/Man-in-the-middle_attack "https\://en.wikipedia.org/wiki/Man-in-the-middle_attack") or [Evil Twin](https://www.darkreading.com/attacks-breaches/understanding-evil-twin-ap-attacks-and-how-to-prevent-them-/a/d-id/1333240 "https\://www.darkreading.com/attacks-breaches/understanding-evil-twin-ap-attacks-and-how-to-prevent-them-/a/d-id/1333240"), which make eavesdropping on your connection possible when connecting to a Wi-Fi you cannot fully trust. For these reasons, if you care about privacy, use a VPN when accessing the Internet in hotels, cafes, libraries and government run places. There is a flip-side to this: if you are the network operator or you trust them, these issues won’t affect you much. In that case, a VPN is only necessary if you care about other problems discussed in this post.
+4. Connecting to a VPN servers in another country can **unlock websites and content blocked** from you. Most common use case is accessing geo-fenced content, for example Netflix shows available only in the US, and BBC iPlayer in the UK. The increased demand for this advantage has enabled a new breed of VPN providers focusing on this specific need, offering free or cheap services [at the expense of sound security practices](https://www.forbes.com/sites/simonchandler/2019/09/23/too-many-vpns-put-our-privacy-and-security-at-risk/#42ad9b2261df "https\://www.forbes.com/sites/simonchandler/2019/09/23/too-many-vpns-put-our-privacy-and-security-at-risk/#42ad9b2261df") and strict privacy policies. In other cases, governments censor tools and websites or even cut off parts of the internet, forcing citizens to turn to technical solutions. This happens not only under oppressive regimes, but in [autocratic states](https://en.wikipedia.org/wiki/Censorship_of_Wikipedia "https\://en.wikipedia.org/wiki/Censorship_of_Wikipedia") that are still democracies. VPNs are useful for getting quick, stable access to blocked sites - yet you should not use a free one, no matter how desperate you are.
+
+Do you need a commercial VPN to solve these issues?
+
+* for the second problem, a trusted [proxy](https://en.wikipedia.org/wiki/Proxy_server "https\://en.wikipedia.org/wiki/Proxy_server") could be sufficient
+* to address the third issue only, you can [roll your own VPN](https://mikkel.hoegh.org/2019/11/01/home-vpn-server-wireguard "https\://mikkel.hoegh.org/2019/11/01/home-vpn-server-wireguard") server, but that won’t protect your privacy
+
+To get the benefits of any other points or their combinations, you should pick and use a trustworthy commercial service.
+
+To summarize, if you care about your privacy online and understand the limitations of how a VPN can help you protect it: you need one. In the next post in this series, we’ll go beyond VPNs to talk about the bigger picture in this fight for the right to privacy and personal autonomy.
diff --git a/src/content/es/blog/who-owns-your-vpn-you-should-find-out.md b/src/content/es/blog/who-owns-your-vpn-you-should-find-out.md
new file mode 100644
index 000000000..3b4c328c6
--- /dev/null
+++ b/src/content/es/blog/who-owns-your-vpn-you-should-find-out.md
@@ -0,0 +1,54 @@
+---
+title: Who owns your VPN? You should find out
+url: /blog/who-owns-your-vpn-you-should-find-out/
+highlighted: false
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - Industry Insights
+tags:
+  - Transparency
+date: 2021-03-03T14:55:00.000Z
+thumbnailImage: /images-static/uploads/98cac49a-146a-48a6-be26-3fd68d3b5448.png
+images:
+  - /images-static/uploads/who-owns-your-vpn-you-should-find-out.png
+---
+Trust is, or should be, the number one factor in picking a VPN service. This is a point we have mentioned in [previous posts](/blog/misleading-promises-of-the-worlds-fastest-anonymous-military-grade-vpns/) in this series, but it's worth expanding on and taking a closer look at the why.
+
+Can you trust the service to encrypt your connection and not log any information about you? Can you trust its owners to act on your best interest when someone tries to identify you, be it a data broker or an overzealous government entity? Can you trust someone you don’t know and cannot hold accountable? 
+
+A common defense by companies hiding their ownership in the VPN industry is the following: "we are a privacy company, so our owners wish to remain anonymous". In other cases they reason anonymous operators can <a href="https://slate.com/technology/2019/02/best-vpn-companies-trust-privacy.html" target="_blank">fight government pressure better</a>. These are red herring arguments. Privacy protection services don't exist to serve their owners, they exist to serve their customers. If a government agency wants to pressure operators of large-scale VPN services, they have the means to find them.  
+If anything goes wrong and the VPN service bails on its promises, those in charge need to take responsibility. If a company that is supposed to protect you is registered in an obscure location, it shields the owner's identity, which is beneficial for them, but not for you. The chance for accountability is lost.
+
+A further reason to learn and understand who is behind the VPN service is to assess their motivation. Entrepreneurs motivated by financial gains can run services at a high quality and some may put principles before profits. Yet if those operators have a history of <a href="https://twitter.com/kennwhite/status/1201747679405105152?lang=en" target="_blank">running malware</a>, or investing in data mining services, their commitment to protect your privacy is less clear. If having some unwelcome connections is a reason for hiding their ownership, that is a cause for alarm.  
+
+Some popular VPNs are owned by vertically integrated conglomerates that also operate <a href="https://www.j2global.com/brands/technology" target="_blank">media companies</a> and run tech comparison websites. They are not breaking any laws, yet corporate visions rarely include activism motivated by the desire to challenge a new surveillance status quo. Rather, they tend to favor structures and decisions that prefer creating shareholder value and improving <a href="https://investor.j2global.com/corporate-information/overview/default.aspx" target="_blank">financial performance indicators</a>.
+
+When considering other reasons for obfuscated ownership, we can only contemplate the worst cases. We have no proof on any top VPN services being <a href="https://www.computerweekly.com/news/252466203/Top-VPNs-secretly-owned-by-Chinese-firms" target="_blank">secretly owned</a> by governments or malicious actors that use them as <a href="https://twitter.com/swiftonsecurity/status/977593310893236224?lang=en" target="_blank">honeypots</a>. This is something we cannot rule out either, and the consequences are grave.
+
+<figure>
+    <img width="400px" src="/images-static/uploads/6a9bd8cf-eab4-4159-98c2-005d4c9b9983.png"> 
+</figure>
+
+If you are evaluating VPN services, we suggest researching the owners of your top choices. 
+
+You can start with the following steps:
+
+1. Review their website and look for information on who operates the service: About Us pages, Terms and Conditions, Career sections.
+2. Do a <a href="https://duckduckgo.com/" target="_blank">DuckDuckGo</a> search on the operators or use sources like Crunchbase or LinkedIn to find out more about their background. Based on the available information, you can determine whether their profile fits the mission of protecting your privacy.
+3. Check if the team members are listed on the website or other public spaces. Relevant activity on platforms like GitHub and LinkedIn are good signs.
+4. Do a search on Reddit and Twitter for the company and brand name and see what pops up - are there any obvious issues or reports of maleficence?
+
+What we would consider red flags:
+
+* No company name provided on the website, or a company registered in an obscure location with no owners specified.
+* Vague missions statements and no persons responsible listed on the About Us page.
+* No trace of the brand name, owners or staff mentioned outside of the homepage of the service.
+* Repeated complaints about the service without any redress.
+
+The VPN industry has changed considerably in the past couple of years. Gone are the days where companies serving millions of customers could get by with obfuscated ownership and unclear policies. This is a welcome trend, but transparency should be the norm for every VPN service. We hereby call on VPN providers to do the following:
+
+1. Fully disclose final and beneficial owners of the service, so customers know who is responsible for protecting their data.
+2. Announce the jurisdictions they operate in and publicise law enforcement response guidelines to make customer aware of their policies.
+3. Disclose team members and include information about background on your website.
diff --git a/src/content/es/blog/why-we-refuse-modern-marketing.md b/src/content/es/blog/why-we-refuse-modern-marketing.md
new file mode 100644
index 000000000..18a076d3a
--- /dev/null
+++ b/src/content/es/blog/why-we-refuse-modern-marketing.md
@@ -0,0 +1,57 @@
+---
+title: "Why we refuse modern marketing, even when it hurts our growth"
+url: /blog/why-we-refuse-modern-marketing/
+highlighted: false
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - Under the Hood
+tags:
+  - Privacy
+  - Subscriptions
+  - Transparency
+date: 2021-07-21T11:25:00.000Z
+thumbnailImage: /images-static/uploads/modern_marketing_thumb.png
+---
+1. Modern marketing is surveillance. It enables anyone with funds to follow us around and pester us with ads for stuff we don't need. The surveillance economy forces companies to participate, since their competitors would outpace them otherwise.  Alternative options are limited: most eyeballs and dollars are captured by a couple of companies that made online surveillance the new normal. Even companies who claim they stand for privacy help keep the status quo. 
+
+2. Modern marketing is dark patterns. It locks down information and trials that should be accessible without having to give up our personal details. Social validation inserts and fake countdown timers push us to quick decisions, triggering our fear of missing out. Once we become a customer, it uses artificial rewards and puts up roadblocks so we don’t switch services. 
+
+3. Modern marketing is human experiments. Our actions are turned into funnels, relentlessly optimized for growth and profit without ethical considerations. Human actions become data to be used for achieving better key performance indicators. We are a billion guinea pigs, subject to billions of micro-experiments every day.
+
+4. Modern marketing is misinformation. Affiliate programs and paid editorials make writers and content creators push products for a cut in profits, breaking the promise of honest reviews and editorial independence. Participants ignore the conflict of interest and share biased opinion.
+
+5. Modern marketing bribes us. To achieve virality and capture our data, apps ask for our permission to reveal contacts and spam them with offers. We are beholden to sharing, inviting, liking and other compelled actions to get access and feel rewarded.
+
+6. Modern marketing over-promises. It allows companies to make lofty claims about the benefits of their products and announce they are the best choice for everyone. It incentivises brands to hide limitations and negative externalities, then use the fine print to escape criticism. 
+
+7. Modern marketing is spam. It manufactures customer feedback on e-commerce sites, perverting the wisdom of the crowd. It uses fake ratings on company review sites that yield a 4-star-plus score on landing pages for social validation. It generates an army of fake commenters mentioning, recommending and defending subpar products in community spaces.
+
+8. Modern marketing is useless content. It’s keyword optimized SEO friendly articles, destined to be AI generated, dominating search results. It judges the work of content marketers on indicators like emails captured and free trials started, instead of delivering value by putting forth valuable, factual information.
+
+9. Modern marketing is buying influence. YouTubers who know little about information security advertise VPNs and endorse products they would never use themselves. Vodka, energy drink and flu pill brands spend millions per quarter to get carried into your attention via Instagram influencers.
+
+
+We refuse to take part in the surveillance economy, not as marketers, nor as subjects whose attention it captures. We say no to dark patterns and calculated experiments to improve our conversion funnel. We don’t want to buy influence and pay others to write favorable reviews of our service. We won’t pollute the internet with fake comments, made-up reviews and sales-focused content. 
+
+
+This is why we don't do modern marketing.
+
+- - -
+
+You can argue this blog post is marketing. Fair enough. We run a business to help people resist online surveillance. Growing our customer base results in additional profits we can reinvest into improving our service. Yet we refuse to use privacy-violating and unethical tactics that many of our competitors take advantage of in pursuit of business goals. 
+
+What we can do instead:
+
+* Improving our service and communicating our progress through channels allowed by our ethical guidelines
+
+* Being vocal about our values, e.g. through blog posts like this
+
+* Creating educational materials for and with communities who share our goals
+
+* Sponsor organizations and projects that share our values
+
+To mark this shift from experimenting with marketing tools to being very clear about the strict boundaries, we have [revamped](https://github.com/ivpn/ivpn.net/pull/213/files) our [Ethics page](https://www.ivpn.net/ethics) to show our stance on these issues. 
+
+We are sure other companies face similar dilemmas around marketing. If you are reading this as a conflicted business owner or marketer, [let us know](https://www.ivpn.net/contactus/). Let’s take a stand and attempt to fight the trends that erode our digital spaces together. 
diff --git a/src/content/es/blog/why-you-dont-need-a-vpn.md b/src/content/es/blog/why-you-dont-need-a-vpn.md
new file mode 100644
index 000000000..95aa82735
--- /dev/null
+++ b/src/content/es/blog/why-you-dont-need-a-vpn.md
@@ -0,0 +1,94 @@
+---
+title: Why you don't need a VPN
+# Example: /blog/this-is-a-good-post
+url: /blog/why-you-dont-need-a-vpn/
+highlighted: false
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - Industry Insights
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - privacy
+  - security
+date: 2020-05-19T06:22:00.000Z
+# 1920px X 500px
+heroImage: ""
+images: ["/images-static/uploads/don-t-need-vpn.png"]
+# 740px X 740px
+thumbnailImage: /images-static/uploads/don-t-need-vpn.png
+socalUrls:
+  redditUrl: https://www.reddit.com/r/IVPN/comments/gmodf9/why_you_dont_need_a_vpn_first_post_in_vpn_worst/
+---
+
+If you have to ask: 'do I need a VPN for this problem?', the answer is no, most of the time.
+
+Let us forget the ‘Family Online Safety' TV inserts and the thirteen 'Best Fastest Secure VPN’ ads on a single search result page. They exist to answer this question with a loud "yes, definitely, all the time". They also want you to stop looking for the correct solution.
+
+Commercial VPNs are not useful or not alone sufficient for:
+
+* providing better [security when 'working from home'](/blog/most-people-dont-need-a-commercial-vpn-to-work-from-home-securely/)
+* achieving anonymity
+* defending yourself from hackers ("Mr. Robot") when at home
+* solving all privacy issues, like unwanted profiling by social networks or search engines
+* protecting your passwords
+* hiding your mobile phone location (GPS)
+* helping you avoid data breaches on services you use online
+* defending against "cyber threats" and identity theft
+* preventing your medical information or family photos getting in the wrong hands
+
+Do you see these issues popping up in ads for leading VPN brands? No surprise.
+
+![private internet access printer malfunction](/images-static/uploads/1.png)
+
+People want quick assurance and safety. Just give me a one-step solution and let's consider the matter solved. Old-school locks keep people from going through your basement door and they are easy to use, yet burglars can break in the windows. Face masks can protect you and others in a pandemic, but if you shake hands and touch your eyes, they become useless. The promise of one service to solve all information security and privacy issues sounds comforting - but it does not exist.
+
+Hundreds of VPN companies exploit the need for safety by pushing their solutions as a cure-all for various digital ailments. "Protecting your privacy" or "securing your data" are frequently not their primary motivations. In the pursuit of growth and profits, they desperately need new problems to solve with an existing solution. There is serious money in exploiting fear, uncertainty and doubt, and the barrier of entry to this game is very low.
+
+- - -
+
+A lot has changed in the past 10 years. Using a VPN then protected you from the most pressing privacy and security threats online. Websites logging your visits and ISPs monitoring your browsing history were principal issues. Attacks on privacy through undisclosed or unconsented data collection are more pervasive now. Social sites, data brokers and ad networks are all after your intimate personal details; the list of companies building a profile of you is much longer.
+
+Regarding security issues, one often overlooked fact is a VPN only encrypts your connection between your device and the providers server. This protects you from rogue Wi-Fi operators, ISPs with malicious intent or hackers on the same network. Your data, however, gets decrypted when leaving the server and reaches further nodes in the network as secures as it was when it entered the VPN network.
+
+On the brighter side, the level of default encryption for your connection and data traveling on the internet has improved. Most websites [use HTTPS by default](https://news.umich.edu/how-lets-encrypt-doubled-the-internets-percentage-of-secure-websites-in-four-years/) (indicated by that padlock in your browser's address bar). DNS over HTTPS, providing further protection against eavesdropping by encrypting DNS requests, is [rolled out in browsers](https://blog.mozilla.org/blog/2020/02/25/firefox-continues-push-to-bring-dns-over-https-by-default-for-us-users/)[.](https://blog.mozilla.org/blog/2020/02/25/firefox-continues-push-to-bring-dns-over-https-by-default-for-us-users/.) These developments limit the possibilities for snooping, even if you don’t use a VPN. They do not make such services useless, but further put 'VPNs are indispensable for online security' claims into question.
+
+![nordvpn credit card theft on subway underground](/images-static/uploads/2.png)
+
+Most VPN companies refuse to educate their customers about the limitations of their service. They don't just ignore developments detrimental to the ‘marketability’ of their product, they claim VPNs solve a whole set of new, unrelated issues. The same lock for your basement door secures your whole house and prevents strangers peeking through the window. Sometimes, turning the key can make you and all your belongings magically disappear.
+
+Companies making such claims not only fail to fulfill their stated mission of securing your data and privacy. They harm by offering a false sense of security. Getting people to pay 30 bucks for a lifetime access to The Security Button is easy. Building trust through transparency, educating customers on threat models and suggesting complementary tools for better protection are hard. These steps are essential, however, as a VPN alone won't provide complete security, perfect privacy and will certainly not make you anonymous.
+
+![expressvpn promise of anonymity](/images-static/uploads/3.png)
+
+So when do you need a VPN?\
+"Never use them", [warn some](https://gist.github.com/joepie91/5a9909939e6ce7d09e29), disillusioned with VPN providers and their practices. We believe that is a misstatement. Commercial VPNs can be useful if you use them for specific jobs they can help with. These are:
+
+1. Keeping some control over your privacy. They hide your real IP address from websites you visit and peer-to-peer nodes you connect to. It also prevents ISPs and mobile network operators from tracking the domains and IPs you visit.
+2. Protecting your connection from '[Man in the Middle](https://en.wikipedia.org/wiki/Man-in-the-middle_attack)' and [other common attacks](https://en.wikipedia.org/wiki/Evil_twin_(wireless_networks)) on networks you don’t trust. Useful when connected to Wi-Fi in airports, hotels, cafes and libraries.
+3. Circumventing censorship or geographical blocks on websites and content. Some VPNs can help you retrieve information and media otherwise inaccessible.
+
+That's it.
+
+One last note: please remember that if you use a commercial VPN, your internet traffic goes through the VPN provider’s network. Whoever is in control of the servers can see and log anything you do online, if they choose to. You better trust the service you are signing up for - we will get to that in a future post of Industry Insights.
+
+> Update: We have published a tool called ['Do I need a VPN'](https://www.doineedavpn.com).\
+> It builds on the key points of this blog posts to help evaluate whether a VPN is a right choice for you.\
+> The project is [open source](https://github.com/ivpn/doineedavpn.com) - please pass it along an help us improve it.
+
+- - -
+
+*Disclaimer: This post addresses commercial VPNs marketed for 'regular users'. Corporate VPNs set up by organizations for their staff serve a different purpose; use them when required by your company. This post is not applicable for users with non-regular threat models: journalists, activists living under repressive regimes, or anyone at risk of being targeted by resourceful individuals or state actors. If any of that applies to you, you need a VPN as part of your security and privacy toolkit. We recommend starting [here](<https://freedom.press/training/>) and using tools recommended by [PrivacyGuides](http://www.privacyguides.org) to protect yourself.*
+
+Useful resources in this matter (not always correct):\
+<https://schub.wtf/blog/2019/04/08/very-precarious-narrative.html>\
+<https://drewdevault.com/2019/04/19/Your-VPN-is-a-serious-choice.html>\
+<https://krebsonsecurity.com/tag/vpn/>\
+<https://www.youtube.com/watch?v=WVDQEoe6ZWY> (we are happy to sponsor your video, Tom)
+
+Screencap sources:\
+<https://www.youtube.com/watch?v=jXwX-VTJoFw> - [archived version ](https://web.archive.org/web/20200424044453/https://www.youtube.com/watch?v=jXwX-VTJoFw)\
+<https://www.ispot.tv/ad/IU7h/nordvpn-terrible-at-secrets> - [archived version ](https://archive.is/16Wsn)\
+<https://www.ispot.tv/ad/IlT0/nordvpn-online-privacy-made-easy-299> - [archived version ](https://archive.is/BzqPX)\
+<https://www.facebook.com/192711594106057/videos/726462231019564/>
diff --git a/src/content/es/blog/wireguard-port-forwarding-enabled.md b/src/content/es/blog/wireguard-port-forwarding-enabled.md
new file mode 100644
index 000000000..aa2d69bdf
--- /dev/null
+++ b/src/content/es/blog/wireguard-port-forwarding-enabled.md
@@ -0,0 +1,31 @@
+---
+title: WireGuard Port Forwarding enabled
+url: /blog/wireguard-port-forwarding-enabled/
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - Releases
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - Apps
+  - Protocols
+  - WireGuard
+date: 2022-02-16T07:56:15.000Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/windows.png
+---
+
+> July 2023 update: Port Forwarding is being phased out from the IVPN service and is no longer offered to new customers.\
+> You can find more information in a [blog post][1] about this change.
+
+After the recent addition of [Multi-Hop for WireGuard][2], we are now introducing port forwarding support for Wireguard. Port forwarding allows incoming connections on a specific port, enabling you to run various services on your device that need to be accessible from the Internet. This feature comes with potential threats, so we suggest reviewing our [brief introduction][3] to port forwarding.
+
+You can enable port forwarding for both WireGuard and OpenVPN by logging in and visiting the [Port Forwarding tab][4] in your client area.
+
+Please note that WireGuard port forwarding will not be activated automatically until you have disconnected all your active sessions at least once. After doing so please wait 10 mins and reconnect using your chosen protocol.
+
+ [1]: /blog/gradual-removal-of-port-forwarding/
+ [2]: /blog/kill-switch-and-wireguard-multi-hop-added-to-ivpn-for-ios/
+ [3]: /knowledgebase/general/what-is-port-forwarding/
+ [4]: /account/port-forwarding
diff --git a/src/content/es/blog/your-vpn-provider-wont-go-to-jail-for-you.md b/src/content/es/blog/your-vpn-provider-wont-go-to-jail-for-you.md
new file mode 100644
index 000000000..2bd3d605f
--- /dev/null
+++ b/src/content/es/blog/your-vpn-provider-wont-go-to-jail-for-you.md
@@ -0,0 +1,66 @@
+---
+title: Your VPN provider won't go to jail for you for 5 dollars
+url: /blog/your-vpn-provider-wont-go-to-jail-for-you/
+highlighted: false
+draft: false
+authors:
+  - Viktor Vecsei
+categories:
+  - Industry Insights
+# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
+tags:
+  - privacy
+  - transparency
+date: 2023-08-18T08:54:36.080Z
+# 740px X 740px
+thumbnailImage: /images-static/uploads/thumb_5d.png
+---
+The phrase in the title is a common trope that comes up when VPN services are discussed. While this statement is technically correct, it can be misleading, as it implies that all providers handle law enforcement requests and prepare for worst case scenarios similarly, so their conduct cannot be a differentiating factor when you evaluate them.
+In this blog post we explain why competent service operators can avoid having to share sensitive information about you without facing severe legal consequences. The reasons laid out will also highlight why you are better off choosing a VPN service run by privacy activists who will prioritise principles before profits in difficult situations.
+
+Let's start with clarifying the statement in the post title:
+A VPN provider might face jail time for not complying with valid legal requests for sharing information as per the rules of the jurisdiction they operate in. Since reputable VPN services operate in countries that rely on the rule of law for fighting crime and national security, those responsible for your privacy will have no choice but to comply when facing pressure from law enforcement, so they can avoid prosecution.
+
+We believe these observations apply to most VPN companies, however in every case, people running them have choices. Choices that prepare them for when law enforcement come knocking, in their conduct when responding to requests, and around reacting to the worst-case scenarios. 
+
+
+<figure>
+    <img src="/images-static/uploads/justice_5d.jpg"> 
+</figure>
+
+
+A list of things a VPN service can do to make sure that no sensitive information about you, or your activities need to be shared with authorities:
+
+1. **Choose the right jurisdiction**. If the country the service is incorporated in provides proper safeguards for running a VPN service, they can simply state they have no information to give when receiving a valid request. This is only possible if there is no legal requirement to keep any customer records or log their activities. This should be a basic requirement for VPN service, yet many continue to operate in jurisdictions that don't fulfil these criteria.  
+
+2. **Have clear legal guidelines**. If the jurisdiction choice is prudent, VPN services can simply ignore requests coming from outside of the country they operate in, and might only reply to queries coming in the right format through the right channels. If interested parties want to receive any information, they can only do so if they have done the legwork, which might require jumping through legal hoops. Even if that happens, when the provider addresses other points in this list properly, they will have no information to provide. 
+
+3. **Know as little about you as possible**. If your provider has nothing to give, they are not liable to hand it over. With proper jurisdiction and internal policies when building the service, there is no need to keep personally identifiable information about you. This includes not collecting your email address or your name, or "limited connection data to improve the service". Zero information about users should be the goal. Payment information can also tie you to your VPN subscriptions, so it's prudent to offer options where no information is shared with third parties (like anonymity-friendly cryptocurrency, or cash). 
+
+4. **Have a protective privacy policy**. A concise and clear privacy policy is not just a promise to users, but a signal to authorities. It shows that it's within the rights of the VPN service to not keep records on their customers and not log their activities, clearly communicating boundaries. Even if one comes equipped with email addresses, IP addresses or timestamps, the service can be up front on why they cannot assist with investigations.
+
+5. **Be transparent about requests**. Similarly to the privacy policy, this is as much of a signal towards authorities as to customers. Publishing the number of requests alongside the number of cases where data was shared (which should be zero), a transparency report shows that their jurisdiction choice and policies are prudent. 
+
+If the provider makes the right choices on the above points, there is a very good chance they can safeguard you from data requests about your subscription information and VPN use. 
+
+<figure>
+    <img src="/images-static/uploads/cabinet_5d.jpg"> 
+</figure>
+
+
+However, things can go wrong, and circumstances can change. Even if a provider has done everything right for a decade or more, there are unknowns and new threats they cannot influence. 
+
+Laws might change, jurisdictions can join surveillance cooperations, and covert operations can target individuals responsible for keeping your data private. For these eventualities, providers can establish a clear plan so they do not face the "go to jail for $5" dilemma. 
+
+Here are some measures for the proverbial stuff hitting the fan scenarios:
+
+1. **Move jurisdictions as soon as possible**. Starting companies and drafting up new legal guidelines is not a five-minute exercise, however if faced with a choice of complying with fresh logging requirements, it is a required option that must be exercised to protect users.
+
+2. **Have a warrant canary and trigger it**. If the first option is not workable for any reason, your provider can trigger its warrant canary to alert users to an event that cannot be publicised and could jeopardise their privacy. Such an event would likely severely affect the reputation of the service, thus providers who prioritise profits over principles will not be ready to do this.
+
+3. **Shut down their operations**. VPN services run by activists would rather do this than to hand over customer data to authorities. At IVPN, we are conscious of the fact that we have one life and a reputation to uphold, and rather do something else than to violate our principles. We deliberately phrased this paragraph to reiterate our earlier promise to this action, if required. 
+
+Yes, your VPN provider won't go to jail for you, and that includes IVPN staff. Yet operators of well-run services don’t need to face such risks if they prepare their legal protections and policies right.
+
+By evaluating providers against the points above, you can separate those willing to go lengths to safeguard your privacy from those that care more about those five bucks.  
+
diff --git a/src/content/es/categories/industry-insights/_index.md b/src/content/es/categories/industry-insights/_index.md
new file mode 100644
index 000000000..b0183b2a1
--- /dev/null
+++ b/src/content/es/categories/industry-insights/_index.md
@@ -0,0 +1,8 @@
+---
+title: Industry Insights
+weight: 40
+showOldWarning: true
+---
+# Industry Insights
+
+Improving the standards in the VPN industry is an important part of our work. Here we cover recent developments, and make recommendations to others in the VPN space.
diff --git a/src/content/es/categories/ivpn-news/_index.md b/src/content/es/categories/ivpn-news/_index.md
new file mode 100644
index 000000000..cc9e4c1a2
--- /dev/null
+++ b/src/content/es/categories/ivpn-news/_index.md
@@ -0,0 +1,8 @@
+---
+title: IVPN News
+weight: 10
+---
+
+# IVPN News
+
+General news about IVPN - changes to our service and infrastructure, yearly audit results and announcements about business and ethical choices.
\ No newline at end of file
diff --git a/src/content/es/categories/privacy-security/_index.md b/src/content/es/categories/privacy-security/_index.md
new file mode 100644
index 000000000..687d67aa8
--- /dev/null
+++ b/src/content/es/categories/privacy-security/_index.md
@@ -0,0 +1,8 @@
+---
+title: Privacy & Security
+weight: 50
+showOldWarning: true
+---
+# Privacy & Security
+
+Privacy and information security news and updates from our staff and guest authors. Review our [Privacy Guides](/privacy-guides/) for in-depth tutorials on privacy.
diff --git a/src/content/es/categories/releases/_index.md b/src/content/es/categories/releases/_index.md
new file mode 100644
index 000000000..459be99fd
--- /dev/null
+++ b/src/content/es/categories/releases/_index.md
@@ -0,0 +1,7 @@
+---
+title: Releases
+weight: 20
+---
+# Releases
+
+Improvements of the IVPN apps. Important milestones: addition of WireGuard, tracker and ad-blocking and open sourcing of our apps.
\ No newline at end of file
diff --git a/src/content/es/categories/under-the-hood/_index.md b/src/content/es/categories/under-the-hood/_index.md
new file mode 100644
index 000000000..16eed300e
--- /dev/null
+++ b/src/content/es/categories/under-the-hood/_index.md
@@ -0,0 +1,7 @@
+---
+title: Under the Hood
+weight: 30
+---
+# Under the Hood
+
+Insights into challenges and solutions at IVPN. The authors are our engineers and experts who build and run IVPN’s network and apps.
\ No newline at end of file
diff --git a/src/content/es/pages/account.md b/src/content/es/pages/account.md
new file mode 100644
index 000000000..31ebefbfb
--- /dev/null
+++ b/src/content/es/pages/account.md
@@ -0,0 +1,11 @@
+---
+title: My Account
+url: /account/
+# Leave empty for default, `application` for client area and signup
+layout: application
+menu:
+  - main
+isMenuCta: true
+hasSeperator: false
+---
+# Application
\ No newline at end of file
diff --git a/src/content/es/pages/antitracker.md b/src/content/es/pages/antitracker.md
new file mode 100644
index 000000000..d7587a254
--- /dev/null
+++ b/src/content/es/pages/antitracker.md
@@ -0,0 +1,24 @@
+---
+title: VPN with Ad block and Anti-Tracking
+description: Increase your privacy protection by using IVPN with built-in tracking protection. We block requests from advertising and data harvesting companies to make your browsing experience lighter and more private.
+url: /antitracker/
+---
+# AntiTracker
+
+AntiTracker is a built-in tool for IVPN apps that blocks ads, web trackers, adware and malware. It prevents snooping on your activities by social networks, data brokers and marketers. This provides additional privacy protection on top of the regular VPN benefits gained by using IVPN.
+
+Most websites and apps either run ads or pass on user data to third parties, enabling companies to build a detailed profile of your preferences. Besides profiting from ads, site operators might get paid by the third parties for valuable information about your behavior.
+
+{{< figure class="features__image--light" src="/images-static/uploads/what-is-a-vpn-3-rd-party-trackers.svg" alt="What is a VPN - 3-rd party trackers" >}}
+{{< figure class="features__image--dark" src="/images-static/uploads/what-is-a-vpn-3-rd-party-trackers-dark.svg" alt="What is a VPN - 3-rd party trackers" >}}
+
+With AntiTracker enabled in the IVPN apps, network connection requests by third-party trackers are stopped. This prevents companies from profiling you based on the actions you have taken in a browser or in apps. Since AntiTracker blocks advertising services, they won't collect your personal information, and ads targeted to you won’t follow you around.
+
+For stronger protection against the leaders of the surveillance economy, you can also block domains for Facebook and Google services by enabling AntiTracker's Hardcore mode.
+
+{{< figure class="features__image--light" src="/images-static/uploads/what-is-a-vpn-antitracker.svg" alt="What is a VPN - Antitracker" >}}
+{{< figure class="features__image--dark" src="/images-static/uploads/what-is-a-vpn-antitracker-dark.svg" alt="What is a VPN - Antitracker" >}}
+
+Each IVPN plan includes AntiTracker, it works on every device supported by our service and uses a selection of continuously updated [block lists](/knowledgebase/general/antitracker-plus-lists-explained/).
+
+To learn more about IVPN’s AntiTracker visit our dedicated [FAQ](/knowledgebase/general/antitracker-faq/). 
diff --git a/src/content/es/pages/apps-android.md b/src/content/es/pages/apps-android.md
new file mode 100644
index 000000000..729bd47f3
--- /dev/null
+++ b/src/content/es/pages/apps-android.md
@@ -0,0 +1,62 @@
+---
+title: IVPN for Android - Open-source VPN app for your Android
+description: The IVPN app for Android offers you comprehensive privacy leak protection with the IVPN firewall, automatic connection on insecure Wi-Fi and Multi-hop.
+h1: IVPN for Android
+subtitle: Supports Android 5.0+
+url: /apps-android/
+platform: android
+layout: apps
+image: apps/android-app
+releases: [{
+    cta: Download,
+    downloads: [
+        {
+            cta: Google Play,
+            url: "https://play.google.com/store/apps/details?id=net.ivpn.client"
+        },
+        {
+            cta: F-Droid,
+            url: https://f-droid.org/en/packages/net.ivpn.client/
+        },
+        {
+            cta: Accrescent,
+            url: https://accrescent.app/app/net.ivpn.client
+        },
+        {
+            cta: .APK file,
+            url: https://www.ivpn.net/releases/android/IVPNv2.10.7site.apk
+        }
+    ],
+    github: https://github.com/ivpn/android-app,
+    changelog: https://github.com/ivpn/android-app/blob/main/CHANGELOG.md,
+    checksum: [
+        {
+            title: .apk SHA256,
+            value: e091ee87d73eda39036854ca02be2c0451502730043fe39a8242403124965ceb
+        },
+        {
+            title: .apk sign cert SHA256,
+            value: 88a6b40fc97fdc842f231f50eb12de116f5b759e3c5b38aaccaf6a7b393c85bb
+        }
+    ]
+}]
+---
+## Features
+
+- WireGuard and OpenVPN protocols.
+- WireGuard privacy controls - Define automatic key and IP address rotation schedule.
+- AntiTracker that blocks ads, adware, malicious websites and data harvesting trackers.
+- Ability to define trusted Wi-Fi networks and create rules for automatic VPN connection/disconnection.
+- Split tunnel to allow some apps to bypass the VPN.
+- Multi-hop VPN routes. Connect through multiple servers in separate jurisdictions for enhanced privacy.
+- Custom DNS servers, DoT via Android native Private DNS.
+- Mock location for GPS.
+- Tapjacking protection.
+
+## Manual configuration
+
+If you prefer not to use the IVPN app please follow the relevant setup guide below.
+
+- [WireGuard](/setup/android-wireguard/)
+- [OpenVPN for Android](/setup/android-openvpn-for-android/)  
+- [IPSec with IKEv2](/setup/android-ipsec-with-ikev2/)  
diff --git a/src/content/es/pages/apps-ios.md b/src/content/es/pages/apps-ios.md
new file mode 100644
index 000000000..d3afcd6d2
--- /dev/null
+++ b/src/content/es/pages/apps-ios.md
@@ -0,0 +1,32 @@
+---
+title: IVPN for iOS - Open-source VPN app for your iPhone and iPad
+description: The IVPN app for iOS is designed for iPhone and iPad and offers you comprehensive privacy leak protection, automatic connection on insecure Wi-Fi and Multi-hop.
+h1: IVPN for iOS
+subtitle: Supports iOS/iPadOS 14.0+
+url: /apps-ios/
+platform: ios
+layout: apps
+image: apps/ios-app
+releases: [{
+    cta: Get it on App Store,
+    download: "https://apps.apple.com/us/app/ivpn-serious-privacy-protection/id1193122683?mt=8",
+    github: https://github.com/ivpn/ios-app,
+    changelog: https://github.com/ivpn/ios-app/blob/master/CHANGELOG.md
+}]
+---
+## Features
+
+- WireGuard, OpenVPN or IPSec protocols.
+- WireGuard privacy controls - Define automatic key and IP address rotation schedule.
+- AntiTracker that blocks ads, adware, malicious websites and data harvesting trackers.
+- Ability to define trusted Wi-Fi networks and create rules for automatic VPN connection/disconnection
+- Multi-hop VPN routes. Connect through multiple servers in separate jurisdictions for enhanced privacy.
+- Custom DNS servers, with DoH or DoT.
+
+## Manual configuration
+
+If you prefer not to use the IVPN app please follow the relevant setup guide below.
+
+- [WireGuard](/setup/ios-wireguard/)
+- [OpenVPN Connect](/setup/ios-openvpn-connect/)  
+- [IPSec with IKEv2](/setup/ios-ipsec-ikev2/)
diff --git a/src/content/es/pages/apps-linux-legacy.md b/src/content/es/pages/apps-linux-legacy.md
new file mode 100644
index 000000000..4c8fd487a
--- /dev/null
+++ b/src/content/es/pages/apps-linux-legacy.md
@@ -0,0 +1,97 @@
+---
+title: IVPN for Linux - Open-source VPN app for Linux
+description: IVPN for Linux offers you comprehensive privacy leak protection with the IVPN firewall, automatic connection on insecure Wi-Fi and Multi-hop.
+h1: IVPN for Linux
+subtitle: In open beta - supports 64-bit Linux 3.10+
+url: /apps-linux-legacy/
+draft: true
+platform: linux
+layout: apps
+image: apps/linux-app
+releases: [
+    {
+        title: Base Package,
+        description: "Base package contains everything you need to connect to IVPN with command line interface. IVPN GUI app is provided as a separate package you can find below.",
+        cta: Download,
+        downloads: [
+            {
+                cta: Download .DEB file,
+                url: https://cdn.ivpn.net/releases/linux/2.12.8/ivpn_2.12.8_amd64.deb
+            },
+            {
+                cta: Download .RPM file,
+                url: https://cdn.ivpn.net/releases/linux/2.12.8/ivpn-2.12.8-1.x86_64.rpm
+            }
+        ],
+        github: https://github.com/ivpn/desktop-app-cli,
+        changelog: https://github.com/ivpn/desktop-app-cli/blob/master/CHANGELOG.md,
+        checksum: [
+            {
+                title: SHA256 .deb,
+                value: c2ff205408d7c3e4fe74310e9a19ea7617e68215986c01b499f329d7744ee83b
+            },
+            {
+                title: SHA256 .rpm,
+                value: bd7b7a16830013388f0f8712464fc1ed63d46f2fa3dc8704f5ba645df0e3ebc0
+            }
+        ]
+    },
+    {
+        title: IVPN GUI App,
+        description: "Please note: base package is required to be installed prior to installing GUI app.",
+        cta: Download,
+        downloads: [
+            {
+                cta: Download .DEB file,
+                url: https://cdn.ivpn.net/releases/linux/ui/3.2.0/ivpn-ui_3.2.0_amd64.deb
+            },
+            {
+                cta: Download .RPM file,
+                url: https://cdn.ivpn.net/releases/linux/ui/3.2.0/ivpn-ui-3.2.0-1.x86_64.rpm
+            },
+            {
+                cta: Download .AppImage file,
+                url: https://cdn.ivpn.net/releases/linux/ui/3.2.0/ivpn-ui-3.2.0.AppImage
+            }
+        ],
+        github: https://github.com/ivpn/desktop-app-cli,
+        changelog: https://github.com/ivpn/desktop-app-ui2/blob/master/CHANGELOG.md,
+        checksum: [
+            {
+                title: SHA256 .deb,
+                value: 2f1a33920ff6826be485c1d420083e2e2df45f220b903f8083bad5fea5940dab
+            },
+            {
+                title: SHA256 .rpm,
+                value: 6eaf4333be05c86a15f6eda442305484afef484214264dadc4005841c4866b00
+            },
+            {
+                title: SHA256 .AppImage,
+                value: 537ea33aab4dd375700387d4187663c1551172e600dc68b9e5832f851e503de3
+            }
+        ]
+    }
+]
+---
+## Features
+
+- WireGuard or OpenVPN protocols.
+- GUI or CLI (command-line interface).
+- WireGuard privacy controls - Define automatic key and IP address rotation schedule.
+- AntiTracker that blocks ads, adware, malicious websites and data harvesting trackers.
+- Firewall / killswitch - Ability to configure as on-demand or always-on. Offers comprehensive protection against DNS, IPv6, disconnection and WebRTC leaks.
+- Ability to define trusted Wi-Fi networks and create rules for automatic VPN connection/disconnection.
+- Multi-hop VPN routes. Connect through multiple servers in separate jurisdictions for enhanced privacy.
+- Allow LAN traffic when connected to VPN.
+- Pause VPN for when disabling VPN connection temporarily is required.
+- Obfsproxy option to circumvent censorship.
+
+## Manual configuration
+
+If you prefer not to use the IVPN app please follow the relevant setup guide below.
+
+- [OpenVPN using NetworkManager Setup Guide](/setup/linux-netman/)  
+- [OpenVPN using terminal Setup Guide](/setup/linux-terminal/)  
+- [Linux IPSec with IKEv2 Setup Guide](/setup/linux-ipsec-with-ikev2/)  
+- [WireGuard using terminal Setup Guide](/setup/linux-wireguard/)  
+- [WireGuard using NetworkManager Setup Guide](/setup/linux-wireguard-netman/)  
diff --git a/src/content/es/pages/apps-linux.md b/src/content/es/pages/apps-linux.md
new file mode 100644
index 000000000..41ed521f4
--- /dev/null
+++ b/src/content/es/pages/apps-linux.md
@@ -0,0 +1,266 @@
+---
+title: IVPN for Linux - Open-source VPN app for Linux
+description: IVPN for Linux offers you comprehensive privacy leak protection with the IVPN firewall, automatic connection on insecure Wi-Fi and Multi-hop.
+h1: IVPN for Linux
+subtitle: Supports 64-bit Linux 3.10+
+url: /apps-linux/
+platform: linux
+layout: apps-single
+imageLight: /images-static/uploads/apps/linux-app-3.3.7-light@2x.png
+imageDark: /images-static/uploads/apps/linux-app-3.3.7-dark@2x.png
+contents:
+- item:
+    title: Features
+    anchor: features
+- item:
+    title: Packages
+    anchor: packages
+- item:
+    title: Install from IVPN Repository
+    anchor: install
+    subitems:
+    - item:
+        title: Ubuntu
+        anchor: ubuntu
+    - item:
+        title: Debian
+        anchor: debian
+    - item:
+        title: Mint
+        anchor: mint
+    - item:
+        title: Fedora
+        anchor: fedora
+    - item:
+        title: CentOS
+        anchor: centos
+    - item:
+        title: Arch Linux
+        anchor: arch
+    - item:
+        title: Fedora Silverblue
+        anchor: silverblue
+- item:
+    title: Install from Binaries
+    anchor: binaries
+- item:
+    title: Install from Source Code
+    anchor: source
+- item:
+    title: Install the Snap
+    anchor: snap
+- item:
+    title: Useful Links
+    anchor: useful-links
+---
+## Features {#features}
+
+* WireGuard or OpenVPN protocols.
+* GUI or CLI (command-line interface).
+* WireGuard privacy controls - Define automatic key and IP address rotation schedule.
+* AntiTracker that blocks ads, adware, malicious websites and data harvesting trackers.
+* Firewall / kill switch - Ability to configure as on-demand or always-on. Offers comprehensive protection against DNS, IPv6, disconnection and WebRTC leaks.
+* Ability to define trusted Wi-Fi networks and create rules for automatic VPN connection/disconnection.
+* Multi-hop VPN routes. Connect through multiple servers in separate jurisdictions for enhanced privacy.
+* Allow LAN traffic when connected to VPN.
+* Pause VPN for when disabling VPN connection temporarily is required.
+* Obfsproxy option to circumvent censorship.
+* Custom DNS servers, with DoH.
+* Split Tunnel to allow designated apps to bypass the VPN tunnel.
+
+## Packages {#packages}
+
+### Base Package  
+
+Base package contains everything you need to connect to IVPN with command line interface. IVPN GUI app is provided as a separate package you can find below.  
+[Changelog](https://github.com/ivpn/desktop-app/blob/master/CHANGELOG.md)  
+
+### IVPN GUI App  
+
+Please note: base package is required to be installed prior to installing GUI app.  
+[Changelog](https://github.com/ivpn/desktop-app/blob/master/CHANGELOG.md)  
+
+## Install from IVPN Repository {#install}
+
+### Ubuntu {#ubuntu}
+
+```pkgconfig
+# Add IVPN's GPG key
+curl -fsSL https://repo.ivpn.net/stable/ubuntu/generic.gpg | gpg --dearmor > ~/ivpn-archive-keyring.gpg
+
+sudo mv ~/ivpn-archive-keyring.gpg /usr/share/keyrings/ivpn-archive-keyring.gpg
+
+# Set Appropriate Permissions for GPG key
+sudo chown root:root /usr/share/keyrings/ivpn-archive-keyring.gpg && sudo chmod 644 /usr/share/keyrings/ivpn-archive-keyring.gpg
+
+# Add the IVPN repository
+curl -fsSL https://repo.ivpn.net/stable/ubuntu/generic.list | sudo tee /etc/apt/sources.list.d/ivpn.list
+
+# Set Appropriate Permissions for Repository
+sudo chown root:root /etc/apt/sources.list.d/ivpn.list && sudo chmod 644 /etc/apt/sources.list.d/ivpn.list
+
+# Update APT repo info
+sudo apt update
+
+# To install IVPN software (CLI and UI)
+sudo apt install ivpn-ui
+
+# To install only IVPN CLI
+sudo apt install ivpn
+```
+
+### Debian {#debian}
+
+```pkgconfig
+# Add IVPN's GPG key
+curl -fsSL https://repo.ivpn.net/stable/debian/generic.gpg | gpg --dearmor > ~/ivpn-archive-keyring.gpg
+
+sudo mv ~/ivpn-archive-keyring.gpg /usr/share/keyrings/ivpn-archive-keyring.gpg
+
+# Set Appropriate Permissions for GPG key
+sudo chown root:root /usr/share/keyrings/ivpn-archive-keyring.gpg && sudo chmod 644 /usr/share/keyrings/ivpn-archive-keyring.gpg
+
+# Add the IVPN repository
+curl -fsSL https://repo.ivpn.net/stable/debian/generic.list | sudo tee /etc/apt/sources.list.d/ivpn.list
+
+# Set Appropriate Permissions for Repository
+sudo chown root:root /etc/apt/sources.list.d/ivpn.list && sudo chmod 644 /etc/apt/sources.list.d/ivpn.list
+
+# Update APT repo info
+sudo apt update
+
+# To install IVPN software (CLI and UI)
+sudo apt install ivpn-ui
+
+# To install only IVPN CLI
+sudo apt install ivpn
+```
+
+### Mint {#mint}
+
+```pkgconfig
+# Add IVPN's GPG key
+curl -fsSL https://repo.ivpn.net/stable/mint/generic.gpg | gpg --dearmor > ~/ivpn-archive-keyring.gpg
+
+sudo mv ~/ivpn-archive-keyring.gpg /usr/share/keyrings/ivpn-archive-keyring.gpg
+
+# Set Appropriate Permissions for GPG key
+sudo chown root:root /usr/share/keyrings/ivpn-archive-keyring.gpg && sudo chmod 644 /usr/share/keyrings/ivpn-archive-keyring.gpg
+
+# Add the IVPN repository
+curl -fsSL https://repo.ivpn.net/stable/mint/generic.list | sudo tee /etc/apt/sources.list.d/ivpn.list
+
+# Set Appropriate Permissions for Repository
+sudo chown root:root /etc/apt/sources.list.d/ivpn.list && sudo chmod 644 /etc/apt/sources.list.d/ivpn.list
+
+# Update APT repo info
+sudo apt update
+
+# To install IVPN software (CLI and UI)
+sudo apt install ivpn-ui
+
+# To install only IVPN CLI
+sudo apt install ivpn
+```
+
+### Fedora {#fedora}
+
+```pkgconfig
+# Add the IVPN repository
+sudo dnf config-manager --add-repo https://repo.ivpn.net/stable/fedora/generic/ivpn.repo
+
+# To install IVPN software (CLI and UI)
+sudo dnf install ivpn-ui
+
+# To install only IVPN CLI
+sudo dnf install ivpn
+```
+
+### CentOS {#centos}
+
+```pkgconfig
+# Install Yum-utils
+sudo yum install yum-utils
+
+# Add the IVPN repository
+sudo yum-config-manager --add-repo https://repo.ivpn.net/stable/centos/generic/ivpn.repo
+
+# To install IVPN software (CLI and UI)
+sudo yum install ivpn-ui
+
+# To install only IVPN CLI
+sudo yum install ivpn
+
+# Required for CentOS 8
+sudo yum install libXScrnSaver
+```
+
+### Arch Linux {#arch}
+
+AUR - ArchLinux User Repository. Can be used by distributions based on ArchLinux: (e.g. ArchLinux, Manjaro ...)
+
+Base package: [ivpn](https://aur.archlinux.org/packages/ivpn/)  
+UI package: [ivpn-ui](https://aur.archlinux.org/packages/ivpn-ui/)  
+
+Using a AUR helper/Pacman wrapper  automates the installation process:
+
+```pkgconfig
+yay -S ivpn
+yay -S ivpn-ui
+```
+
+Note: Other AUR helper/Pacman wrapper utilities are available.
+
+### Fedora Silverblue {#silverblue}
+
+IVPN client can be installed on [Fedora Silverblue](/knowledgebase/linux/fedora-silverblue/).
+
+## Install from Binaries {#binaries}
+
+### .DEB
+
+[Base package](https://repo.ivpn.net/stable/pool/ivpn_3.14.2_amd64.deb)  
+SHA256: 12d1005eeb92c5b35bf83b9df51317ec4ac08efc6fbb7ab01e962250f23b891d  
+
+[UI package](https://repo.ivpn.net/stable/pool/ivpn-ui_3.14.2_amd64.deb)  
+SHA256: f64cd84b4e0ce252f0c066977d180b953c55f2b485cf7a5437b1e4c7af1959f7  
+
+### .RPM
+
+[Base package](https://repo.ivpn.net/stable/pool/ivpn-3.14.2-1.x86_64.rpm)  
+SHA256: 45dba6b5a281646bde6b6651661092024aafc0165268e3245fb515dabb866996  
+
+[UI package](https://repo.ivpn.net/stable/pool/ivpn-ui-3.14.2-1.x86_64.rpm)  
+SHA256: 0b3602497cf599060e44b0912923f3a5bc2f9325c8d34856bc7ef2eb019bb6ee  
+
+## Install from Source Code {#source}
+
+[Daemon + CLI](https://github.com/ivpn/desktop-app#compilation_linux_daemon)  
+[UI](https://github.com/ivpn/desktop-app#compilation_linux_ui)  
+
+## Install the Snap {#snap}
+
+Get the IVPN App from the [Snap Store](https://snapcraft.io/ivpn) by typing `sudo snap install ivpn`.  
+
+<p>
+    <a href="https://snapcraft.io/ivpn">
+        <img class="features__image--light" src="/images-static/uploads/snap-store-white@2x.png" alt="Get it from the Snap Store" width="182">
+        <img class="features__image--dark" src="/images-static/uploads/snap-store-black@2x.png" alt="Get it from the Snap Store"  width="182">
+    </a>
+</p>
+
+### Snap Notes:
+
+* The [snapd](https://snapcraft.io/docs/installing-snapd) daemon is required.
+* Uninstall prior versions (DEB, RPM, etc.) of the IVPN App before switching to the snap release channel and vice versa.
+* The **Split Tunnel** feature is not available due to strong restrictions of the snap environment.
+
+## Useful Links {#useful-links}
+
+If you prefer not to use the IVPN app please follow the relevant setup guide below.
+
+* [WireGuard using terminal](/setup/linux-wireguard/)
+* [WireGuard using NetworkManager](/setup/linux-wireguard-netman/)
+* [OpenVPN using terminal](/setup/linux-terminal/)
+* [OpenVPN using NetworkManager](/setup/linux-netman/)
+* [IPSec with IKEv2](/setup/linux-ipsec-with-ikev2/)
diff --git a/src/content/es/pages/apps-macos.md b/src/content/es/pages/apps-macos.md
new file mode 100644
index 000000000..e74d0b287
--- /dev/null
+++ b/src/content/es/pages/apps-macos.md
@@ -0,0 +1,63 @@
+---
+title: IVPN for macOS - Open-source VPN app for your Mac
+description: IVPN for macOS offers you comprehensive privacy leak protection with the IVPN firewall, automatic connection on insecure Wi-Fi and Multi-hop.
+h1: IVPN for macOS
+subtitle: Supports macOS 10.14+
+url: /apps-macos/
+platform: macos
+layout: apps
+image: apps/macos-app
+releases: [{
+    cta: Download,
+    downloads: [
+        {
+            cta: Intel,
+            url: "https://repo.ivpn.net/macos/bin/IVPN-3.14.12.dmg"
+        },
+        {
+            cta: Apple Silicon,
+            url: https://repo.ivpn.net/macos/bin/IVPN-3.14.12-arm64.dmg
+        }
+    ],
+    github: https://github.com/ivpn/desktop-app,
+    changelog: https://github.com/ivpn/desktop-app/blob/master/CHANGELOG.md,
+    checksum: [
+        {
+            title: SHA256 Intel,
+            value: 802426e0ab7eacd1bb2b9da39eb31d59cf3c0d250073b77692449a4d9ec77dbe
+        },
+        {
+            title: SHA256 Apple Silicon,
+            value: eb41d2049ae30518b940eafc439043d527729070dea6b8df0165923055b64949
+        }
+    ]
+}]
+---
+## Features
+
+- Supports WireGuard or OpenVPN protocols.
+- Supports GUI or CLI (command-line interface).
+- WireGuard privacy controls - Define automatic key and IP address rotation schedule.
+- AntiTracker that blocks ads, adware, malicious websites and data harvesting trackers.
+- Firewall / killswitch - Ability to configure as on-demand or always-on. Offers comprehensive protection against DNS, IPv6, disconnection and WebRTC leaks.
+- Ability to define trusted Wi-Fi networks and create rules for automatic VPN connection/disconnection.
+- Multi-hop VPN routes. Connect through multiple servers in separate jurisdictions for enhanced privacy.
+- Allow LAN traffic when connected to VPN.
+- Pause VPN for when disabling VPN connection temporarily is required.
+- Obfsproxy option to circumvent censorship.
+- Custom DNS servers, with DoH.
+- Auto-update.
+- Auto-connect on launch / on joining insecure Wi-Fi.
+
+## Manual configuration
+
+If you prefer not to use the IVPN app please follow the relevant setup guide below.
+
+- [WireGuard](/setup/macos-wireguard/)
+- [Tunnelblick (OpenVPN)](/setup/macos-openvpn-tunnelblick/)  
+- [IPSec with IKEv2](/setup/macos-ipsec-with-ikev2/)   
+
+## Download legacy version
+
+Download [IVPN-2.12.17.dmg](https://cdn.ivpn.net/releases/osx/IVPN-2.12.17.dmg)  
+SHA256: 0fd09967482f53c801dc55eaf23a88ad341da37f58d70d9c9e24c2e5aeb36c22  
diff --git a/src/content/es/pages/apps-windows.md b/src/content/es/pages/apps-windows.md
new file mode 100644
index 000000000..18c1a3e81
--- /dev/null
+++ b/src/content/es/pages/apps-windows.md
@@ -0,0 +1,55 @@
+---
+title: IVPN for Windows - Open-source VPN app for your Windows PC
+description: IVPN for Windows offers you comprehensive privacy leak protection with the IVPN firewall, automatic connection on insecure Wi-Fi and Multi-hop.
+h1: IVPN for Windows
+subtitle: Supports Windows 10 / 11 (64-bit)
+url: /apps-windows/
+platform: windows
+layout: apps
+image: apps/windows-app-3.3.7
+releases: [{
+    cta: Download,
+    download: https://repo.ivpn.net/windows/bin/IVPN-Client-v3.14.2.exe,
+    github: https://github.com/ivpn/desktop-app,
+    changelog: https://github.com/ivpn/desktop-app/blob/master/CHANGELOG.md,
+    checksum: [
+        {
+            title: SHA256,
+            value: 78e363c6405134ab4424650f2d0435c5a2f4120fcd1b0d4ce062fcd3f6dc471a
+        }
+    ]
+}]
+---
+## Features
+
+- WireGuard or OpenVPN protocols.
+- GUI or CLI (command-line interface).
+- WireGuard privacy controls - Define automatic key and IP address rotation schedule.
+- AntiTracker that blocks ads, adware, malicious websites and data harvesting trackers.
+- Firewall / killswitch - Ability to configure as on-demand or always-on. Offers comprehensive protection against DNS, IPv6, disconnection and WebRTC leaks.
+- Ability to define trusted Wi-Fi networks and create rules for automatic VPN connection/disconnection.
+- Multi-hop VPN routes. Connect through multiple servers in separate jurisdictions for enhanced privacy.
+- Allow LAN traffic when connected to VPN.
+- Pause VPN for when disabling VPN connection temporarily is required.
+- Obfsproxy option to circumvent censorship.
+- Custom DNS servers, with DoH.
+- Split tunneling.
+- Auto-update.
+- Auto-connect on launch / on joining insecure Wi-Fi.
+
+## Manual configuration
+
+If you prefer not to use the IVPN app please follow the relevant setup guide below.
+
+- [WireGuard (Windows 10)](/setup/windows-10-wireguard/)  
+- [OpenVPN GUI (Windows 10)](/setup/windows-10-openvpn-community/)
+- [OpenVPN GUI (Windows 8)](/setup/windows-8-openvpn-community/)
+- [IPSec with IKEv2 (Windows 10)](/setup/windows-10-ipsec-with-ikev2/)
+
+## Download legacy versions
+
+[IVPN-Client-v3.12.0.exe](https://repo.ivpn.net/windows/bin/IVPN-Client-v3.12.0.exe)  
+SHA256: 2425f3e339eeb8bb8ac11734b2db918083eea6d2cd9172109e0748b2fcd62f19  
+
+[IVPN-Client-v2.12.17.exe](https://cdn.ivpn.net/releases/win/IVPN-Client-v2.12.17.exe)  
+SHA256: 7dce2cd90a2828f308c5c9063776d05af6074d974c57ee69a7ea79030640149a  
diff --git a/src/content/es/pages/apps.md b/src/content/es/pages/apps.md
new file mode 100644
index 000000000..89e4156be
--- /dev/null
+++ b/src/content/es/pages/apps.md
@@ -0,0 +1,7 @@
+---
+title: IVPN Apps - Open-source VPN apps for every device
+description: IVPN offers you open-source VPN apps for all your devices including comprehensive leak protection, automatic connection on insecure Wi-Fi and Multi-hop.
+url: /apps/
+layout: apps-redirect
+---
+## Please select your OS
diff --git a/src/content/es/pages/contactus.md b/src/content/es/pages/contactus.md
new file mode 100644
index 000000000..99cafab25
--- /dev/null
+++ b/src/content/es/pages/contactus.md
@@ -0,0 +1,20 @@
+---
+title: Contact IVPN
+h1: Contact us
+intro: Amet minim mollit non deserunt ullamco est sit aliqua dolor do amet sint. Velit officia consequat duis enim velit mollit. Exercitation veniam consequat sunt nostrud amet.
+url: /contactus/
+---
+# Contact us
+
+Send an email and we'll normally reply within a few hours (in some rare cases up to 24 hours).
+
+Should your message contain any sensitive data you may encrypt your email using  the PGP key below.
+
+<p markdown="1">
+    <a href="mailto:support@ivpn.net" class="cta cta--is-blue">Support</a>
+    <a href="mailto:press@ivpn.net" class="cta cta--is-blue">Press inquiries</a>
+    <br>
+    <a href="/resources/support@ivpn.net(938BFC14).asc" class="cta ">Download PGP key</a>
+    <br>
+    <br>
+</p>
diff --git a/src/content/es/pages/ethics.md b/src/content/es/pages/ethics.md
new file mode 100644
index 000000000..b561a59d4
--- /dev/null
+++ b/src/content/es/pages/ethics.md
@@ -0,0 +1,113 @@
+---
+title: Ethical guidelines for privacy protection | IVPN
+description: Learn about the privacy-first ethical direction we follow. We explain how we approach transparency and how/what we communicate to new customers.
+url: /ethics/
+sections:
+  - type: text_one_narrow_column
+    content: >-
+      # Ethical Guidelines
+
+      We consider the effects of our choices with regarding to running our service. We follow a privacy-first mindset that goes beyond the basics.
+
+
+      Every decision matters: how and what we communicate to new customers, what information we collect and what tools we use to improve our service.
+
+      We believe in leading by example, and commit to the following:
+      
+      #### No personal information
+
+      We aim for zero user information collected as defined in our concise [privacy policy](https://www.ivpn.net/privacy). We don’t ask for your email address or any other personal information.
+
+      #### No trackers
+
+      Trackers by ad companies and social networks monitor your actions and aid in profiling you. You won’t find them on ivpn.net - we are a tracking free provider.
+
+      #### No third-party tools
+
+      Tools like Google Analytics collect personally identifiable information. We use software hosted only on IVPN controlled servers to ensure your privacy.
+
+      #### No secrets
+
+      IVPN’s [ownership, company structure and team](https://www.ivpn.net/team/) is public, so you know who is responsible for protecting your privacy.
+
+      #### No false promises
+
+      Some services try to convince everyone to get a VPN and become anonymous online. We don't advertise benefits that are not attainable by using a VPN.
+
+      #### Openness and accountability 
+
+      Our applications are open source and available for review on our [GitHub page](https://github.com/ivpn). We commission regular [audits](https://www.ivpn.net/blog/tags/audit/) to back up our claims. 
+      
+  - type: text_one_narrow_column
+    content: >-
+      ## How we don’t do marketing
+      
+      We are committed to spreading the word about IVPN’s mission and help more people protect their privacy.  Considering the state of modern marketing, this is a challenging task.
+
+
+      We consider most marketing methods harmful, and refuse to engage in them. The following list represents all tactics we have considered and either rejected or eliminated over the years.
+      
+      #### Paid reviews
+
+      We have closed down our affiliate program to protest against the practice of paid reviews and misleading recommendations by “best VPN” websites.
+      
+      #### Surveillance ads
+
+      Surveillance ads use personal information and behavioral data for personal targeting and retargeting purposes. We reject Facebook, Google and all forms of programmatic advertising.
+
+      #### Dark patterns
+      
+      We shun fake reviews, made up social proofs, countdown timers, expiring deals, exit consoles and tricks that make it hard to cancel our service.
+
+      #### Fear, uncertainty and doubt
+
+      Pushing subscriptions with scare tactics is common in the VPN industry. We won’t claim that everyone without a VPN is under grave threat.
+
+      #### Buying endorsements
+
+      We believe influencers and YouTube creators with no information security expertise should not endorse VPN services in exchange for payment.
+
+      #### Spam
+    
+      We shun spam on social media and buying email lists of prospective customers, two marketing tactics frequently used by VPN providers.
+      
+  - type: text_one_narrow_column
+    content: >-
+      ## How we attract new customers
+
+      Our mission supersedes making profit and we reinvest most of our revenue into improving our service and educational projects. Yet IVPN is a business and we are working on attracting new customers, while keeping our values and commitments in mind.
+      
+      <table>
+        <tr>
+          <th><h3 style="margin:0">Method</h3></th>
+          <th style="width:35%"><h3 style="margin:0">Examples</h3></th> 
+        </tr>
+        <tr>
+          <td><strong>Improving our service</strong> <br>Consistent improvements to our service lead to customers recommend us to others.</td>
+          <td>WireGuard support<br>Linux CLI and GUI<br>IPv6 support</td> 
+        </tr>
+        <tr>
+          <td><strong>Educational projects</strong><br>We allocate time and resources to projects that spread information about privacy and trustworthy VPNs.</td>
+          <td><a href="https://www.ivpn.net/privacy-guides/">IVPN Privacy Guides</a><br><a href="https://www.ivpn.net/blog/categories/industry-insights/">Educational blog posts</a><br><a href="https://www.doineedavpn.com">Do I need a VPN?</a><br><a href="https://theprivacyissue.com">The Privacy Issue</a></td> 
+        </tr>
+        <tr>
+          <td><strong>Community and social channels</strong><br>We share information about our progress in dedicated IVPN communities.</td>
+          <td><a href="https://mastodon.social/@ivpn">Mastodon</a><br><a href="https://www.reddit.com/r/ivpn">Reddit</a><br><a href="https://twitter.com/ivpnnet">Twitter</a></td> 
+        </tr>
+        <tr>
+          <td><strong>Journalists and reviewer cooperation</strong><br>We share progress updates and demo accounts with journalists and ethical VPN reviewers. No compensation is offered.</td>
+          <td><a href="https://arstechnica.com/gadgets/2018/12/testing-wireguard-with-an-early-adopter-vpn-service/">Ars Technica</a><br><a href="https://themarkup.org/the-breakdown/2021/08/12/how-private-is-my-vpn">The Markup</a><br>Techlore<br>Privacy Guides</td> 
+        </tr>
+        <tr>
+          <td><strong>Sponsorships</strong><br>We sponsor non-profit organisations and development projects that focus on privacy.</td>
+          <td><a href="https://www.eff.org">EFF</a><br><a href="https://www.torproject.org">Tor Project</a><br><a href="https://www.wireguard.com">WireGuard</a></td> 
+        </tr>
+          <tr>
+          <td><strong>Supporting privacy educators</strong><br>We financially support ethical content creators, who possess the necessary background to evaluate and endorse VPNs.</td>
+          <td><a href="https://optoutpod.com">Seth For Privacy</a><br><a href="https://www.thenewoil.org">The New Oil</a><br><a href="https://www.monerotalk.live">Monero Talk</a></td> 
+        </tr>
+      </table>
+
+      If you have made it all the way to the end, and agree with our values, please consider sharing this page. That can help us stay within these defined boundaries and prove that growing a business is possible without resorting to unethical tools.  
+
+---
diff --git a/src/content/es/pages/headless.md b/src/content/es/pages/headless.md
new file mode 100644
index 000000000..df5f2de49
--- /dev/null
+++ b/src/content/es/pages/headless.md
@@ -0,0 +1,5 @@
+---
+url: /account/headless/
+layout: application
+hideHeaders: true
+---
diff --git a/src/content/es/pages/home.md b/src/content/es/pages/home.md
new file mode 100644
index 000000000..2c50775df
--- /dev/null
+++ b/src/content/es/pages/home.md
@@ -0,0 +1,102 @@
+---
+title: VPN for Privacy & Security | IVPN | Resist Online Surveillance
+description: Audited, open-source VPN service with WireGuard, killswitch and tracker blocker. No logs, no false promises. Anonymous signup with 30 day money back guarantee.
+url: /
+isMenuCta: false
+hasSeperator: false
+sections:
+  - type: heading_text_two_cta_two_column
+    light_image: /images-static/uploads/ivpn-home.png
+    light_image_retina: /images-static/uploads/ivpn-home@2x.png
+    dark_image: /images-static/uploads/ivpn-home-dark.png
+    dark_image_retina: /images-static/uploads/ivpn-home-dark@2x.png
+    content: >-
+      # Resista la vigilancia en línea
+
+      Lo que usted hace en línea puede ser rastreado por organizaciones que quizás no conozca o en las que no confíe y pase a formar parte de un registro permanente. Una VPN no puede resolver esto por sí sola, pero puede evitar que su ISP pueda compartir o vender sus datos.
+    cta_one_label: Crear cuenta IVPN
+    cta_one_is_blue: true
+    cta_one_url: /signup/
+    cta_one_note: No es necesario email
+    cta_two_label: IVPN en GitHub
+    cta_two_is_blue: false
+    cta_two_url: https://github.com/ivpn
+  - type: usps_three_column_home
+    usps:
+      - name: Sin logs
+        description: No registramos ninguna actividad del usuario relacionada con el uso del servicio VPN, como se explica en nuestra clara [política de privacidad](/privacidad).
+      - name: Sin datos de clientes
+        description: Somos un servicio de privacidad, por lo que no recopilamos ni almacenamos ningún dato personal al registrarse, ni siquiera su correo electrónico. También aceptamos efectivo, monero y bitcoin.
+      - name: Sitio web y aplicaciones de código abierto
+        description: Este sitio web y la aplicación IVPN para todas las plataformas son de código abierto para mayor transparencia y seguridad.
+      - name: Sin servicios en la nube ni almacenamiento de datos
+        description: Todos los servidores que administran el servicio IVPN son autohospedados y operados por IVPN, incluidos el correo electrónico y el chat en vivo.
+      - name: Auditorías de seguridad independientes
+        description: Nos comprometemos a realizar [auditorías de seguridad anuales](/blog/tags/audit/) para mejorar nuestras prácticas de seguridad y transparencia.
+      - name: Sin reseñas falsas
+        description: Nunca pagamos por reseñas y no tenemos un programa de afiliados, por lo que no nos encontrará en las listas de las "10 mejores VPN".
+      - name: Sin falsas promesas ni tonterías
+        description: No prometemos anonimato ni "cifrado de grado militar". Publicamos extensas [guías de privacidad](/privacy-guides/) y educamos a nuestros clientes sobre lo que una VPN puede lograr de manera realista.
+      - name: Defensores de la privacidad
+        description: Donamos regularmente a organizaciones que luchan por el derecho a la privacidad como EFF, Open Rights Group y el proyecto Tor.
+      - name: Transparencia
+        description: Nuestro modelo de negocio se basa exclusivamente en suscripciones pagas. No somos propietarios de ningún otro servicio VPN ni sitios de revisión de VPN. Revise [el equipo](/equipo/) que opera IVPN y la propiedad de la empresa.
+  - type: heading_text_one_column
+    content: "## Características"
+  - type: features_image_three_column
+    light_image: /images-static/uploads/home-app-light.png
+    light_image_retina: /images-static/uploads/home-app-light-2x.png
+    dark_image: /images-static/uploads/home-app-dark.png
+    dark_image_retina: /images-static/uploads/home-app-dark-2x.png
+    features_col_one:
+      - description: "Choice of **WireGuard, OpenVPN or IPSec** protocols using either the IVPN apps or any other compatible VPN client."
+      - description: "**WireGuard privacy controls** - Define a custom schedule for automatic key and IP address rotation."
+      - description: "**AntiTracker** that blocks ads, adware, malicious websites and data harvesting trackers."
+      - description: "**Killswitch / Firewall** option on macOS, Windows, Linux, Android and using the built-in On-demand feature on iOS. Offers protection against DNS, IPv6, disconnection and WebRTC leaks."
+      - description: "Private non-logging **DNS servers** accessible through our VPN."
+    features_col_two:
+      - description: "**Multi-hop VPN routes**. Connect through multiple servers in separate jurisdictions for enhanced privacy."
+      - description: "Define **trusted Wi-Fi networks** and create rules for automatic connection / disconnection."
+      - description: "**Pause VPN** for when you need to disable the VPN temporarily after which connection is automatically restored (except iOS)."
+      - description: "**Obfsproxy** to circumvent censorship (Windows, macOS and Linux clients)."
+  - type: heading_text_one_column
+    content: "## Do you really need a VPN?"
+  - type: text_two_column
+    content_column_1: |-
+      ### Despite what many VPN providers advertise VPNs are useless (at best ineffective) at:
+
+      <ul class="list--is-red">
+      <li>Achieving anonymity.</li>
+      <li>Preventing Google or Facebook from collecting your private data.</li>
+      <li>Preventing unwanted profiling by social networks or search engines.</li>
+      <li>Providing better security when ‘working from home’.</li>
+      <li>Protecting your passwords.</li>
+      <li>Hiding your mobile phone location (GPS).</li>
+      <li>Helping you avoid data breaches on services you use online.</li>
+      <li>Defending against “cyber threats” and identity theft.</li>
+
+      </ul>
+
+      ### Do not rely on a VPN to protect you in any of the above scenarios. 
+
+    content_column_2: >
+      ### However, a trustworthy VPN can be very effective at:
+
+
+      * Encrypting your data so your ISP or mobile network provider cannot monitor or log your online activity. Without a VPN, HTTPS still exposes the domain name or IP address you are visiting to the ISP.
+
+      * Encrypting your DNS requests so your ISP or mobile network provider cannot monitor or log the domains you visit. 
+
+      * Increasing your security on untrusted public networks by preventing MITM attacks.
+
+      * Masking your IP address from websites and servers you connect to.
+
+      * Circumventing censorship or geographical blocks on websites and content. 
+  - type: heading_text_cta_one_column
+    content: >-
+      Using a VPN should be part of an overall strategy to protect your privacy - **but only if you trust the VPN provider more than your ISP**.
+    cta_label: Generate IVPN account
+    cta_is_blue: true
+    cta_url: /signup/
+    cta_note: no email required
+---
diff --git a/src/content/es/pages/knowledgebase/android/_index.md b/src/content/es/pages/knowledgebase/android/_index.md
new file mode 100644
index 000000000..6db1b7794
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/android/_index.md
@@ -0,0 +1,7 @@
+---
+title: Android - IVPN Help
+url: /knowledgebase/android/
+section: android
+layout: help
+---
+## Android
diff --git a/src/content/es/pages/knowledgebase/android/developer-options-on-the-android-phone.md b/src/content/es/pages/knowledgebase/android/developer-options-on-the-android-phone.md
new file mode 100644
index 000000000..5430e1c23
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/android/developer-options-on-the-android-phone.md
@@ -0,0 +1,34 @@
+---
+title: Developer Options on the Android phone - IVPN Help
+h1: Developer Options on the Android phone
+url: /knowledgebase/android/developer-options-on-the-android-phone/
+sections:
+    - android
+sectionTitle: Android
+layout: help-details
+weight: 60
+---
+# Developer Options on the Android phone
+
+The Settings app on Android includes a screen called Developer options that lets you configure system behaviors that help you profile and debug your app performance. Despite the name, they contain some settings that can be useful to an ordinary user.
+
+### Enable developer options
+
+On Android 4.1 and lower, the Developer options screen is available by default. On Android 4.2 and higher, you must enable this screen. To enable developer options, tap the Build Number option 7 times. You can find this option in one of the following locations, depending on your Android version:
+
+* Android 9 (API level 28) and higher: **Settings > About Phone > Build Number**
+* Android 8.0.0 (API level 26) and Android 8.1.0 (API level 26): **Settings > System > About Phone > Build Number**
+* Android 7.1 (API level 25) and lower: **Settings > About Phone > Build Number**
+
+At the top of the Developer options screen, you can toggle the options on and off. 
+
+<figure class="center">
+    <img width="390px" src="/images-static/uploads/developer-options-on-the-android-phone-1.png"> 
+</figure>
+
+### Device and Operating system specifics
+
+The steps above will work in most cases. But sometimes they can differ.
+
+For example, for some Samsung devices you may need to tap "Software information", then tap "Build number" seven times.  
+[https://www.samsung.com/uk/support/mobile-devices/how-do-i-turn-on-the-developer-options-menu-on-my-samsung-galaxy-device/](https://www.samsung.com/uk/support/mobile-devices/how-do-i-turn-on-the-developer-options-menu-on-my-samsung-galaxy-device/)  
diff --git a/src/content/es/pages/knowledgebase/android/error 424 public key not found.md b/src/content/es/pages/knowledgebase/android/error 424 public key not found.md
new file mode 100644
index 000000000..b15053f35
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/android/error 424 public key not found.md	
@@ -0,0 +1,19 @@
+---
+title: Error 424 public key not found - IVPN Help
+h1: Error 424 public key not found
+url: /knowledgebase/android/error-424-public-key-not-found/
+sections:
+    - android
+sectionTitle: Android
+layout: help-details
+weight: 20
+---
+# Error 424 public key not found
+
+Try logging out from the IVPN app and back in to force the app to resync with our WireGuard key management servers - this may resolve the issue with generating WireGuard keys.
+
+You can also try regenerating WireGuard keys manually. In the IVPN app, navigate to `Settings` - `VPN protocol`, select `WireGuard`, tap on the `WireGuard details` -> `Re-generate keys`.
+
+To additionally rule out any software-related issues with the app, try clearing its cache in your phone's Settings - Applications area, then uninstall the app, restart your device and install it back.
+
+In case the issue persists, high chances are that your current network is blocking the calls to our key management servers. If nothing from the above works, you may try connecting from a different, less-restrictive network or try connecting to our OpenVPN servers instead.
\ No newline at end of file
diff --git a/src/content/es/pages/knowledgebase/android/ivpn-doesnandsharp039t-start-on-boot.md b/src/content/es/pages/knowledgebase/android/ivpn-doesnandsharp039t-start-on-boot.md
new file mode 100644
index 000000000..4fb7fb5fc
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/android/ivpn-doesnandsharp039t-start-on-boot.md
@@ -0,0 +1,17 @@
+---
+title: IVPN doesn't start on boot - IVPN Help
+h1: IVPN doesn't start on boot
+url: /knowledgebase/android/ivpn-doesnandsharp039t-start-on-boot/
+sections:
+    - android
+sectionTitle: Android
+layout: help-details
+weight: 50
+---
+# IVPN doesn't start on boot
+
+If the IVPN app does not start up automatically when your device boots up, check the following, please:
+
+1. Make sure that you have the latest version of IVPN app installed on your device.
+2. On your device, navigate to `Settings` - `Battery` - `Battery Optimisation` and verify that **Automatic optimisation** for IVPN app is **Disabled**.
+3. Some vendors, e.g. Xiaomi, might require you to provide additional permission to allow app Autostart on boot. Navigate to `Settings` - `Permissions` - `Autostart` and tap on the switch next to the IVPN app icon to have it enabled.
diff --git a/src/content/es/pages/knowledgebase/android/mock-location-option.md b/src/content/es/pages/knowledgebase/android/mock-location-option.md
new file mode 100644
index 000000000..24d786619
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/android/mock-location-option.md
@@ -0,0 +1,35 @@
+---
+title: Mock Location Option - IVPN Help
+h1: Mock Location Option
+url: /knowledgebase/android/mock-location-option/
+sections:
+    - android
+sectionTitle: Android
+layout: help-details
+weight: 70
+---
+# Mock Location Option
+
+Most Android devices have a built-in feature that helps you spoof your location with the ‘Mock location’ option. This feature is designed for developers, so to take advantage of it you need to enable Developer Options. We have prepared a [guide](/knowledgebase/android/developer-options-on-the-android-phone/) to do that - we suggest starting here. 
+
+When you select IVPN as a mock location app you enable fake location information to be relayed to the GPS network and your phone network operator. The mock location will match the gateway location you connected to.
+
+### Enable Mock Location
+
+To use this feature, go to **Settings > System > Advanced > Developer Options** and choose **Select mock location app** option in the **Debugging**.
+
+<figure class="center">
+    <img width="390px" src="/images-static/uploads/mock-location-option-1.png"> 
+</figure>
+
+Now choose the IVPN app on the next opened screen.
+
+<figure class="center">
+    <img width="390px" src="/images-static/uploads/mock-location-option-2.png"> 
+</figure>
+
+The alternative way to find **Select mock location app** option is to search for this option in your device's settings - just like in the screenshot below.
+
+<figure class="center">
+    <img width="390px" src="/images-static/uploads/mock-location-option-3.png"> 
+</figure>
diff --git a/src/content/es/pages/knowledgebase/android/unable-to-click-andsharp039okandsharp039-on-the-connection-request-prompt-why.md b/src/content/es/pages/knowledgebase/android/unable-to-click-andsharp039okandsharp039-on-the-connection-request-prompt-why.md
new file mode 100644
index 000000000..15dca5ce2
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/android/unable-to-click-andsharp039okandsharp039-on-the-connection-request-prompt-why.md
@@ -0,0 +1,19 @@
+---
+title: Unable to click 'OK' on the connection request prompt, why? - IVPN Help
+h1: Unable to click 'OK' on the connection request prompt, why?
+url: /knowledgebase/android/unable-to-click-andsharp039okandsharp039-on-the-connection-request-prompt-why/
+sections:
+    - android
+sectionTitle: Android
+layout: help-details
+weight: 30
+---
+# Unable to click 'OK' on the connection request prompt, why?
+
+When you run the IVPN client for the first time, rebooted your device or used another VPN application prior to IVPN, you might be seeing a 'Connection request' prompt asking you to allow or cancel setting up a VPN connection.
+
+![](/images-static/uploads/android-connection-request.png)
+
+If you are unable to click OK or check the "I trust this application" checkbox, there might be another app on top of the dialogue. Among the apps that can cause this issue are Lux Brightness, Night Mode, and Twilight.
+
+To avoid this problem, close all apps running in the background and try clicking 'OK' once again.
diff --git a/src/content/es/pages/knowledgebase/android/what-permissions-does-your-app-require-and-why.md b/src/content/es/pages/knowledgebase/android/what-permissions-does-your-app-require-and-why.md
new file mode 100644
index 000000000..23f8d50aa
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/android/what-permissions-does-your-app-require-and-why.md
@@ -0,0 +1,23 @@
+---
+title: What permissions does your app require and why? - IVPN Help
+h1: What permissions does your app require and why?
+url: /knowledgebase/android/what-permissions-does-your-app-require-and-why?/
+sections:
+    - android
+sectionTitle: Android
+layout: help-details
+weight: 10
+---
+# What permissions does your app require and why?
+
+Our app can ask for Location, Camera and Storage permissions.
+
+**Location** permission is required for our 'Network Protection' feature to work. It needs to have the list of your device's known WiFi SSID names as well as the type and the name of the network you are currently connected to. This allows you to set and manage the 'Trust' status for these networks and allow the app to trigger the actions based on the rules you have defined.
+
+The prompt asking for this permission will only appear when you enable the 'Network Protection' feature. If you don't plan to use the said feature, you can have the granted earlier permission removed.
+
+Our app has no other need for your location other than to provide the SSID name.
+
+**Storage** access permission is required for our app to generate the log file and attach it to your mail application if you have 'Enable logging' option enabled and would like to send us diagnostic logs to troubleshoot a certain issue.
+
+Access to your phone’s **Camera** is needed to scan the QR code with your IVPN username for a seamless authentication experience.
\ No newline at end of file
diff --git a/src/content/es/pages/knowledgebase/billing/_index.md b/src/content/es/pages/knowledgebase/billing/_index.md
new file mode 100644
index 000000000..b1934aefe
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/billing/_index.md
@@ -0,0 +1,7 @@
+---
+title: Billing - IVPN Help
+url: /knowledgebase/billing/
+section: billing
+layout: help
+---
+## Billing
diff --git a/src/content/es/pages/knowledgebase/billing/does-ivpn-offer-a-free-trial.md b/src/content/es/pages/knowledgebase/billing/does-ivpn-offer-a-free-trial.md
new file mode 100644
index 000000000..2d93c7c30
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/billing/does-ivpn-offer-a-free-trial.md
@@ -0,0 +1,14 @@
+---
+title: Does IVPN offer a free trial? - IVPN Help
+h1: Does IVPN offer a free trial?
+url: /knowledgebase/billing/does-ivpn-offer-a-free-trial/
+sections:
+    - billing
+    - general
+sectionTitle: Billing
+layout: help-details
+weight: 11
+---
+# Does IVPN offer a free trial?
+
+We do not have a free trial option. We offer an affordable one week paid plan which can be used to test our service out. With our [30-day money-back guarantee](/refunds/), you can [sign up](/pricing/) and try IVPN with no risks.
diff --git a/src/content/es/pages/knowledgebase/billing/how-can-i-cancel-my-ivpn-subscription.md b/src/content/es/pages/knowledgebase/billing/how-can-i-cancel-my-ivpn-subscription.md
new file mode 100644
index 000000000..8b612231f
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/billing/how-can-i-cancel-my-ivpn-subscription.md
@@ -0,0 +1,17 @@
+---
+title: How can I cancel my IVPN subscription? - IVPN Help
+h1: How can I cancel my IVPN subscription?
+url: /knowledgebase/billing/how-can-i-cancel-my-ivpn-subscription/
+sections:
+    - billing
+sectionTitle: Billing
+layout: help-details
+weight: 30
+---
+# How can I cancel my IVPN subscription?
+
+1. Login to the [Client area](/account/login/#id).
+
+2. Navigate to `Billing Settings`.
+
+3. Uncheck `Recurring payments`.
diff --git a/src/content/es/pages/knowledgebase/billing/how-can-i-delete-my-ivpn-account.md b/src/content/es/pages/knowledgebase/billing/how-can-i-delete-my-ivpn-account.md
new file mode 100644
index 000000000..dbf0b32b3
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/billing/how-can-i-delete-my-ivpn-account.md
@@ -0,0 +1,15 @@
+---
+title: How can I delete my IVPN account? - IVPN Help
+h1: How can I delete my IVPN account?
+url: /knowledgebase/billing/how-can-i-delete-my-ivpn-account/
+sections:
+    - billing
+sectionTitle: Billing
+layout: help-details
+weight: 120
+---
+# How can I delete my IVPN account?
+
+We respect your privacy & understand the importance of being able to have a full control over your personal information. You can permanently delete your account and purge our database of any related information.
+
+To delete your IVPN account, login to the [Client Area](/account/login/#id), navigate to `Account settings` area, click on the `Delete account` button and confirm the action. Note, this process is irreversible.
diff --git a/src/content/es/pages/knowledgebase/billing/how-can-i-pay-with-cash.md b/src/content/es/pages/knowledgebase/billing/how-can-i-pay-with-cash.md
new file mode 100644
index 000000000..66d9ce288
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/billing/how-can-i-pay-with-cash.md
@@ -0,0 +1,23 @@
+---
+title: How can I pay with cash? - IVPN Help
+h1: How can I pay with cash?
+url: /knowledgebase/billing/how-can-i-pay-with-cash/
+sections:
+    - billing
+sectionTitle: Billing
+layout: help-details
+weight: 20
+---
+# How can I pay with cash?
+
+<div markdown="1" class="notice notice--info">
+Due to the manual processing required we accept cash payments only for 1, 2, or 3 years. Cash payments are not refundable.
+</div>
+
+1. [Sign up](/pricing/) for a new account. 
+
+2. On the checkout page, select 1 year or longer and click on the `Cash` button.
+
+3. After you click the `Cash` button you will be redirected to a page with instructions on how and where to send the cash.
+
+If you would like to add more time to an existing account, login to the [Client Area](/account/login/), click on the `Billing Settings` -> `Extend your account`, select 1 year or longer and click on the `Cash` button to checkout.
diff --git a/src/content/es/pages/knowledgebase/billing/how-can-i-reactivate-my-account.md b/src/content/es/pages/knowledgebase/billing/how-can-i-reactivate-my-account.md
new file mode 100644
index 000000000..b309b276a
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/billing/how-can-i-reactivate-my-account.md
@@ -0,0 +1,15 @@
+---
+title: How can I reactivate my account? - IVPN Help
+h1: How can I reactivate my account?
+url: /knowledgebase/billing/how-can-i-reactivate-my-account/
+sections:
+    - billing
+sectionTitle: Billing
+layout: help-details
+weight: 110
+---
+# How can I reactivate my account?
+
+To reactivate your inactive account, login to the [Client Area](/account/login/#id) - click on `Billing Settings` - `Extend your account`, select time you would like to add and checkout with the preferred payment method.
+
+If your IVPN account has been inactive for 3 months it will be automatically deleted from our systems. If you have discovered that your old IVPN account is deleted, you can generate a new one [here](/pricing/).
diff --git a/src/content/es/pages/knowledgebase/billing/i-paid-with-bitcoin-but-the-invoice-is-still-unpaid-why.md b/src/content/es/pages/knowledgebase/billing/i-paid-with-bitcoin-but-the-invoice-is-still-unpaid-why.md
new file mode 100644
index 000000000..f1950bf36
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/billing/i-paid-with-bitcoin-but-the-invoice-is-still-unpaid-why.md
@@ -0,0 +1,15 @@
+---
+title: I paid with Bitcoin but the invoice is still unpaid. Why? - IVPN Help
+h1: I paid with Bitcoin but the invoice is still unpaid. Why?
+url: /knowledgebase/billing/i-paid-with-bitcoin-but-the-invoice-is-still-unpaid-why/
+sections:
+    - billing
+sectionTitle: Billing
+layout: help-details
+weight: 70
+---
+# I paid with Bitcoin but the invoice is still unpaid. Why?
+
+BTCPay invoices are only valid for 60 minutes due to exchange rate volatility. If a payment is received more than 60 minutes after the invoice is generated, we will need to manually process the payment.
+
+To expedite this process please send our [billing department](/contactus/) the Bitcoin transaction hash.
diff --git a/src/content/es/pages/knowledgebase/billing/i-paid-with-paypal-but-my-account-is-still-pending-why.md b/src/content/es/pages/knowledgebase/billing/i-paid-with-paypal-but-my-account-is-still-pending-why.md
new file mode 100644
index 000000000..78ae955f5
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/billing/i-paid-with-paypal-but-my-account-is-still-pending-why.md
@@ -0,0 +1,13 @@
+---
+title: I paid with PayPal but my account is still pending. Why? - IVPN Help
+h1: I paid with PayPal but my account is still pending. Why?
+url: /knowledgebase/billing/i-paid-with-paypal-but-my-account-is-still-pending-why/
+sections:
+    - billing
+sectionTitle: Billing
+layout: help-details
+weight: 60
+---
+# I paid with PayPal but my account is still pending. Why?
+
+Accounts are activated automatically after payment has been received from the payment processor. This requires that PayPal sends a message to our servers indicating that the payment was successful. In very rare circumstances this message between servers can fail. However, it's more likely that you have sent an [e-check payment](https://www.paypal.com/us/webapps/helpcenter/helphub/article/?solutionId=FAQ1082) (a payment made from your bank account) which won't clear for a few days (unlike a credit/debit card which is instant). If this is the case please be patient until PayPal processes the payment.
diff --git a/src/content/es/pages/knowledgebase/billing/paid-with-paypal-using-echeck-but-ivpn-account-is-still-in-pendingorsuspended-state-why.md b/src/content/es/pages/knowledgebase/billing/paid-with-paypal-using-echeck-but-ivpn-account-is-still-in-pendingorsuspended-state-why.md
new file mode 100644
index 000000000..f87ce8dd0
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/billing/paid-with-paypal-using-echeck-but-ivpn-account-is-still-in-pendingorsuspended-state-why.md
@@ -0,0 +1,17 @@
+---
+title: Paid with PayPal using eCheck but IVPN account is still in Pending/Suspended state. Why? - IVPN Help
+h1: Paid with PayPal using eCheck but IVPN account is still in Pending/Suspended state. Why?
+url: /knowledgebase/billing/paid-with-paypal-using-echeck-but-ivpn-account-is-still-in-pendingorsuspended-state-why/
+sections:
+    - billing
+sectionTitle: Billing
+layout: help-details
+weight: 130
+---
+# Paid with PayPal using eCheck but IVPN account is still in Pending/Suspended state. Why?
+
+Unfortunately, eChecks are not instant. They function the same as paper checks and can take up to 7 business days to clear. The name may appear to sound fast, however, the process is not.
+
+If your payment is still in a 'Pending' status that means we won't receive the funds until the transaction is cleared by PayPal. See more on the following [PayPal FAQ page](https://www.paypal.com/us/smarthelp/article/i-sent-an-echeck,-but-the-payment-is-pending.-why-faq572).
+
+For instant payments, consider using the bank card payment method. Please note, we do not accept American Express or Prepaid/Gift cards at this time.
diff --git a/src/content/es/pages/knowledgebase/billing/paypal-wonandsharp039t-let-me-pay-with-my-credit-card-can-you-help.md b/src/content/es/pages/knowledgebase/billing/paypal-wonandsharp039t-let-me-pay-with-my-credit-card-can-you-help.md
new file mode 100644
index 000000000..776a8c53a
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/billing/paypal-wonandsharp039t-let-me-pay-with-my-credit-card-can-you-help.md
@@ -0,0 +1,15 @@
+---
+title: PayPal won't let me pay with my credit card. Can you help? - IVPN Help
+h1: PayPal won't let me pay with my credit card. Can you help?
+url: /knowledgebase/billing/paypal-wonandsharp039t-let-me-pay-with-my-credit-card-can-you-help/
+sections:
+    - billing
+sectionTitle: Billing
+layout: help-details
+weight: 50
+---
+# PayPal won't let me pay with my credit card. Can you help?
+
+Unfortunately, we do not have any control over how PayPal collects payments from customers. Our servers simply pass a request to PayPal to collect payment (this happens during the redirect to PayPal's website) and if payment is successful our servers are notified and the account is provisioned. As far as we know PayPal only accepts credit cards from non-PayPal customers based in the USA.
+
+If you are having problems paying with PayPal, you will need to contact PayPal to investigate the issue or try alternative payment methods available on the checkout page.
diff --git a/src/content/es/pages/knowledgebase/billing/voucher-cards-faq.md b/src/content/es/pages/knowledgebase/billing/voucher-cards-faq.md
new file mode 100644
index 000000000..22a513696
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/billing/voucher-cards-faq.md
@@ -0,0 +1,49 @@
+---
+title: Voucher cards FAQ - IVPN Help
+h1: Voucher cards FAQ
+url: /knowledgebase/billing/voucher-cards-faq/
+sections:
+    - billing
+sectionTitle: Billing
+layout: help-details
+weight: 10
+---
+# Voucher cards FAQ
+
+<div markdown="1" class="notice notice--info">
+Voucher payment method is only available for accounts that were created after November 2020 (Account ID format: i-XXXX-XXXX-XXXX). If you wish to use vouchers and have an IVPN account created before this date (Account ID format: ivpnXXXXXXXX), contact our customer service to help you make the switch or generate a new account.
+</div>
+
+1. ### Where can I purchase an IVPN voucher?
+    Physical voucher cards are currently available on [Amazon US](https://amazon.com/dp/B0BL8FWDRL) and [ProxyStore DE](https://shop.proxysto.re/category/69). Digital vouchers can be purchased in the [ProxyStore Onlineshop](https://digitalgoods.proxysto.re/en). We plan to introduce it to other vendors and countries in the future.
+
+2. ### How do I redeem the voucher?
+    One physical voucher card can be redeemed for either 2 years of IVPN Standard or 1 year of IVPN Pro. It can be used for activating a newly generated account as well as extending the duration of an existing one.
+
+    #### New accounts:
+    - Select the preferred plan and generate your IVPN Account ID [here](/pricing/)
+    - Click on the `Add more time` - "Have a voucher code? `Redeem it here`" link
+    - Enter the voucher code and press `Add Time`
+
+    #### Existing accounts:
+    - Log into your [Client Area](/account/login#id)
+    - Click on the `Add more time` - "Have a voucher code? `Redeem it here`" link
+    - Enter the voucher code and press `Add Time`
+
+3. ### The voucher redeem page says the code is invalid or has already been used.
+    Reach out to our [support team](/contactus/) including the voucher code in your message and we will look into this.
+
+4. ### I have lost my Account ID. Can you help me recover it?
+    Send us a [message](/contactus/) including your voucher code and we will look up your Account ID.
+
+    <div markdown="1" class="notice notice--warning">
+    Please note: Voucher codes are stored in our system only for 30 days after use. Account recovery is not possible after this period.
+    </div>
+
+5. ### Can I get a refund for my voucher purchase?
+
+    Voucher purchases are non-refundable.
+
+6. ### There are shipping issues with my order / I received a damaged card
+
+    Unfortunately, we are unable to help with these types of issues. For assistance, please contact the vendor you have purchased the voucher from.
diff --git a/src/content/es/pages/knowledgebase/general/_index.md b/src/content/es/pages/knowledgebase/general/_index.md
new file mode 100644
index 000000000..856a68028
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/_index.md
@@ -0,0 +1,7 @@
+---
+title: General - IVPN Help
+url: /knowledgebase/general/
+section: general
+layout: help
+---
+## General
diff --git a/src/content/es/pages/knowledgebase/general/answers-for-18-questions-to-ask-your-vpn-service-provider.md b/src/content/es/pages/knowledgebase/general/answers-for-18-questions-to-ask-your-vpn-service-provider.md
new file mode 100644
index 000000000..3d2e29d53
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/answers-for-18-questions-to-ask-your-vpn-service-provider.md
@@ -0,0 +1,62 @@
+---
+title: Answers for "18 Questions to ask your VPN Service provider" - IVPN Help
+h1: Answers for "18 Questions to ask your VPN Service provider"
+url: /knowledgebase/general/answers-for-18-questions-to-ask-your-vpn-service-provider/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 160
+---
+# Answers for "18 Questions to ask your VPN Service provider"
+
+1.  #### Is there a monthly bandwidth-usage limit?
+    No, we do not record bandwidth used and therefore there is no limit.
+
+2.  #### Do you throttle connections that use excessive bandwidth?
+    No.
+
+3.  #### How many devices are allowed per account?
+    2 on the Standard and 7 on the Pro plan. See our [Pricing Page](/pricing/).
+
+4.  #### How many hops are there in your VPN connections?
+    We have a choice of both single and multi-hop connections. The Multi-hop feature is available in our Pro plan.
+
+5.  #### What type(s) of VPN encryption do you use? Why?
+    We use the highest AES-256 with 4096-bit RSA keys.
+
+6.  #### Do you support perfect forward secrecy? If so, how?
+    Yes, our OpenVPN servers are configured to automatically generate new encryption keys every hour. If an adversary was able to crack the encryption key, they would only be able to decrypt the traffic captures since the last key rotation.
+
+7.  #### Do you provide users with Diffie Hellman key files?
+    No, this is a server configuration.
+
+8.  #### How do you authenticate clients – certificates/keys, or usernames/passwords?
+    We issue a random Account ID to each customer to log in to our IVPN app and for OpenVPN connections. WireGuard uses a public and private key pair.
+
+9.  #### Do you employ HMAC-Based TLS Authentication? If so, why?
+    Yes, it mitigates DDOS and buffer overflow attacks on our servers.
+
+10. #### Do you ever email passwords to customers?
+    No.
+
+11. #### Does each customer have a unique client certificate and key?
+    No.
+
+12. #### Are your VPN gateway servers hosted, co-located or in-house?
+    We use dedicated hosted servers and co-located servers.
+
+13. #### Are any of your VPN gateway servers running on VPS or cloud servers?
+    No.
+
+14. #### How are your VPN gateway servers protected?
+    We build each server according to strict CIS benchmarks. This includes full disk encryption, fifo logs writing to tempfs, strict change control procedures etc. We reinstall the system from scratch when we take delivery of it. We use LUKS encryption such that it requires a password to be entered as part of the boot process.
+
+15. #### Where is user account information stored?
+    On a hardened database server that is not exposed to the general Internet.
+
+16. #### How is communication between servers secured?
+    OpenVPN using AES-256.
+
+17. #### Do you allow port forwarding by users?
+    No.
diff --git a/src/content/es/pages/knowledgebase/general/antitracker-faq.md b/src/content/es/pages/knowledgebase/general/antitracker-faq.md
new file mode 100644
index 000000000..30706cac7
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/antitracker-faq.md
@@ -0,0 +1,64 @@
+---
+title: AntiTracker FAQ - IVPN Help
+h1: AntiTracker FAQ
+url: /knowledgebase/general/antitracker-faq/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 200
+---
+# AntiTracker FAQ
+
+1.  #### What is AntiTracker?
+
+    AntiTracker is a new IVPN feature that enables you to block trackers that collect various information about your browser activity (e.g. Google Analytics), known malicious websites, and ads. This, on par with the encryption IVPN provides, significantly increases your online privacy. 
+     
+    See our in-depth [blog post](/blog/block-ads-and-beat-data-surveillance-with-ivpns-antitracker/) for more info on the subject.
+
+2.  #### How does it work?
+    The AntiTracker feature uses a specially configured DNS server to block domains from a selection of continuously updated [block lists](/knowledgebase/general/antitracker-plus-lists-explained/).
+
+3.  #### How can I activate the AntiTracker?
+    - On desktop apps for **macOS**, **Windows**, and **Linux**, toggle the AntiTracker switch located below the IVPN Firewall switch on the right side of the app.  
+
+    - On mobile apps for **Android** and **iOS**, swipe up on the app's main window to toggle the AntiTracker switch.  
+
+    - To activate AntiTracker using our desktop apps' **CLI** interface, type `ivpn antitracker -on` in a Terminal or include it with the **connect** command, like `ivpn connect -antitracker se.gw.ivpn.net`  
+
+    <div markdown="1" class="notice notice--warning">
+    The AntiTracker does not work unless you are connected to an IVPN server.
+    </div>
+
+4.  #### Which VPN protocols does it work with?
+    AntiTracker is configured to work across all OpenVPN and WireGuard servers.
+
+5.  #### Can I use it together with my browser’s ads/tracking-blocking extension?
+    Yes. Do keep in mind though, when using other tracker-blocking extensions, e.g. Privacy Badger or Ghostery, along with our AntiTracker you might see that the webpage still loads and contains various trackers. This happens because the AntiTracker is not purging these trackers from the webpage but rather prevents them from relaying any gathered data in your browser, thus mitigating a leak.
+
+6.  #### On which devices can I use AntiTracker?
+    AntiTracker is available across all our [native apps](/apps/) for Windows, macOS, Linux, iOS, and Android.  
+
+    The AntiTracker can also be enabled on routers and other manual connections by specifying a [specific DNS IP address](/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers/).
+
+7.  #### What is “Hardcore Mode”?
+    Hardcore Mode extends the AntiTracker feature further by completely blocking all domains owned by the flagship bearers of the surveillance economy, Google and Facebook/Meta. 
+
+    Do not be surprised to discover that the majority of services linked to those corporations, starting from YouTube, Facebook, Instagram, and Gmail, and down to the widely used Google Search and services using their domains will not work once you switch to Hardcore Mode.
+
+8.  #### How do I activate the Hardcore Mode?
+    If you are mentally prepared to fully cut any ties with those companies, follow the steps below:
+
+    - On desktop apps for **macOS**, **Windows**, and **Linux**, click the `Settings` gear icon at the top of the app's main window, click the AntiTracker tab on the left, then check **Hardcore Mode**.  
+
+    - On mobile apps for **Android** and **iOS**, tap the `Settings` gear icon at the top of the screen, tap the `AntiTracker` menu, enable the `AntiTracker` (if it is not enabled already), then toggle **Hardcore Mode** on.
+
+    - If you are using our desktop apps' **CLI** interface, type `ivpn antitracker -on_hardcore` in a Terminal or include it with the **connect** command, like `ivpn connect -antitracker_hard fi.gw.ivpn.net`
+
+    - To enable the Hardcore Mode on routers and other manual connections, use one of the [specific DNS IP addresses](/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers/).
+
+9.  #### Are there limitations to Hardcore Mode?
+    Hardcore mode uses autonomous system numbers (ASN) to detect extra domains based on Facebook/Meta and Google IP addresses.  The IP addresses themselves are not blocked, but any domains associated with those addresses that are not already part of the AntiTracker's blocklist will be blocked.  As a result, if an app or service uses an IP address directly, like if it is hard-coded into an app, access to Facebook/Meta and Google services will be available. 
+
+    For example, WhatsApp (owned by Facebook/Meta) uses IP addresses directly and access to messages and services may be available when Hardcore Mode is active.  This is likely a feature to bypass network restrictions that try to block WhatsApp content.
+
diff --git a/src/content/es/pages/knowledgebase/general/antitracker-plus-lists-explained.md b/src/content/es/pages/knowledgebase/general/antitracker-plus-lists-explained.md
new file mode 100644
index 000000000..b713509c8
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/antitracker-plus-lists-explained.md
@@ -0,0 +1,86 @@
+---
+title: AntiTracker Plus Lists Explained - IVPN Help
+h1: AntiTracker Plus Lists Explained
+url: /knowledgebase/general/antitracker-plus-lists-explained/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 10
+---
+# AntiTracker Plus Lists Explained
+
+**AntiTracker Plus** extends IVPN's original advertising and tracker blocking system by providing three combinations of lists to choose from with the option to choose any one of seven individual lists.  The goal is to offer more control over what is blocked and not blocked.
+
+Adjust the current AntiTracker block list selection via the IVPN App's `Settings > AntiTracker` area.  For manual VPN connections, check this [article](/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers/) for details on DNS server IP addresses.
+
+<div markdown="1" class="notice notice--info">
+Note: Hardcore Mode remains optionally available with each AntiTracker Plus list option to block known Google and Facebook domains.
+</div>
+
+## List Sources
+
+* [1Hosts](https://o0.pages.dev/)
+* [AdGuard DNS Filter](https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt)
+* [Developer Dan / Lightswitch05](https://github.com/lightswitch05/hosts)
+* [EasyList](https://easylist.to/)
+* [HaGeZi](https://github.com/hagezi/dns-blocklists)
+* [OISD](https://oisd.nl/downloads)
+* [Steven Black hosts](https://github.com/StevenBlack/hosts)
+
+## List Combinations
+
+### Basic
+
+Offers a convenient level of blocking.  May offer access to services that rely on some level of tracking.  Includes:
+
+* **1Hosts Lite** - "balanced; set & forget, doesn't hamper user experience (UX)"
+* **AdGuard** - "default filter for AdGuard Home and for the public AdGuard DNS servers"
+* **EasyList + EasyPrivacy** - "EasyList is a popular list used by many ad blockers and forms the basis of over a dozen combination filter lists. EasyPrivacy is a supplementary filter list that removes all forms of tracking from the internet, including tracking scripts and information collectors."
+* **OISD Small** - "smaller, less comprehensive variant of the big list, which [focuses] mainly on Ads, (Mobile) App Ads"
+* **Steven Black Unified = Ads + Malware**
+
+<br />
+
+### Comprehensive
+
+Offers a moderate level of blocking.  Recommended as a reasonable balance between privacy and usability.  Includes:
+
+* **Basic** list sources from above
+* **1Hosts Pro** - "strict; has some minimal breakages, prioritizes privacy & safety (adblocking) over UX"
+* **Developer Dan Ads + Tracking** - "A programmatically expanded list of hosts used for advertisements and tracking"
+* **HaGeZi Multi Normal** - "All-round protection"
+* **OISD Big** - "The big list blocks: Ads, (Mobile) App Ads, Phishing, Malvertising, Malware, Spyware, Ransomware, CryptoJacking, Scam ... Telemetry/Analytics/Tracking (Where not needed for proper functionality)"
+
+<br />
+
+### Restrictive
+
+Offers an intense level of blocking.  Some online services may break.  Includes:
+
+* **Comprehensive** list sources from above
+* **1Hosts Xtra** - "extremly aggressive & restrictive"
+* **Developer Dan Aggressive Tracking** - "I do not recommend this list for most users. It is a very aggressive block list for tracking, geo-targeting, & ads. This list will likely break functionality, so do not use it unless you are willing to maintain your own whitelist."
+* **HaGeZi Multi Ultimate** - "Aggressive protection"
+
+<br />
+
+### Individual
+
+The option also exists to select a single list for blocking instead of the collections above:
+
+* **EasyList + EasyPrivacy** - "EasyList is a popular list used by many ad blockers and forms the basis of over a dozen combination filter lists. EasyPrivacy is a supplementary filter list that removes all forms of tracking from the internet, including tracking scripts and information collectors."
+* **OISD Big** - "The big list blocks: Ads, (Mobile) App Ads, Phishing, Malvertising, Malware, Spyware, Ransomware, CryptoJacking, Scam ... Telemetry/Analytics/Tracking (Where not needed for proper functionality)"
+* **Developer Dan Ads + Tracking** - "A programmatically expanded list of hosts used for advertisements and tracking"
+* **Steven Black Unified = Ads + Malware**
+* **1Hosts Xtra** - "extremly aggressive & restrictive"
+* **HaGeZi Multi Light** - "Cleans the Internet and protects your privacy! Blocks Ads, Tracking, Metrics, some Malware and Fake."
+* **HaGeZi Multi Pro** - "Cleans the Internet and protects your privacy! Blocks Ads, Affiliate, Tracking, Metrics, Telemetry, Phishing, Malware, Scam, Fake, Coins and other 'Crap'."
+* **HaGeZi Multi Pro++** - "Aggressive[ly] cleans the Internet and protects your privacy! Blocks Ads, Affiliate, Tracking, Metrics, Telemetry, Phishing, Malware, Scam, Fake, Coins and other 'Crap'."
+* **HaGeZi Multi Ultimate** - "It may contain false positive domains that limit functionality. Therefore it should only be used by experienced users."
+
+<br />
+
+#### List Licensing
+
+For AntiTracker Plus, we utilise various open-source blocklists, each owned and maintained by dedicated creators. We adhere to the provisions of their respective licenses.  To learn more about these licenses, please visit the individual project pages of the resources, linked above.
diff --git a/src/content/es/pages/knowledgebase/general/antivirus-detects-malware-in-the-ivpn-installer-why.md b/src/content/es/pages/knowledgebase/general/antivirus-detects-malware-in-the-ivpn-installer-why.md
new file mode 100644
index 000000000..9d898b819
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/antivirus-detects-malware-in-the-ivpn-installer-why.md
@@ -0,0 +1,67 @@
+---
+title: Antivirus detects malware in the IVPN installer, why? - IVPN Help
+h1: Antivirus detects malware in the IVPN installer, why?
+url: /knowledgebase/general/antivirus-detects-malware-in-the-ivpn-installer-why/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 600
+---
+# Antivirus detects malware in the IVPN installer, why?
+
+False positive detections are common in the antivirus industry. They occur when a benign program is wrongfully flagged as malicious due to an overly broad detection signature or algorithm used in an antivirus product.
+
+As long as the installation file was downloaded from our [website](/apps/) you can rest assured it's 100% secure and should be added to your antivirus' exceptions list.
+
+### How to add IVPN installer to the exception list
+
+#### Avast
+
+1. Open the Avast Antivirus user interface and select `☰ Menu` ▸ `Settings`.
+
+2. Select the `General` tab, then scroll down and click the `Exclusions panel` to expand the section.
+
+3. Click on the `File paths` tab: specify the IVPN installer file location manually into the text box, or alternatively click `Browse...`, tick the relevant file, then click `OK`.
+
+For further information see the following [Avast](https://support.avast.com/en-us/article/Antivirus-scan-exclusions) article.
+
+#### Eset
+
+1. Open the Eset user interface and click `Setup` ▸ `Enter application preferences`.
+
+2. Click `General` ▸ `Setup` ▸ `Add`.
+
+3. Navigate to the IVPN installer file, select it from the file system tree and click `OK`.
+
+4. Save the changes and restart your computer.
+
+For further information see the following [Eset](https://support.eset.com/kb3258/) article.
+
+#### Norton
+
+1. In the Norton main window, click Settings.
+
+2. Click `Antivirus` ▸ `Scans and Risks` tab.
+
+3. Under Exclusions / Low Risks, In the Items to Exclude from Auto-Protect, SONAR and Download Intelligence Detection row, click `Configure`.
+
+4. In the window that appears, click `Add Files` & select the IVPN installer file.
+
+5. Click `Ok` & `Apply`.
+
+For further information see the following [Norton](https://support.norton.com/sp/en/us/home/current/solutions/v3672136_ns_retail_en_us) article.
+
+#### AVG
+
+1. Double-click the `AVG icon` on your desktop to open the program.
+
+2. Go to `Menu` ▸ `Settings` ▸ `Components` and click `Customize` next to File Shield.
+
+3. Select the `Exceptions` tab.
+
+4. Type the file or folder location manually into the text box or click `browse` and tick the relevant folder, then click `OK` to confirm.
+
+5. Click `Add`.
+
+For further information see the following [AVG](https://support.avg.com/SupportArticleView?l=en&urlName=How-to-exclude-file-folder-or-website-from-AVG-scanning&supportType=home) article.
diff --git a/src/content/es/pages/knowledgebase/general/can-i-access-hulu-or-netflix-or-bbc-iplayer-using-ivpn.md b/src/content/es/pages/knowledgebase/general/can-i-access-hulu-or-netflix-or-bbc-iplayer-using-ivpn.md
new file mode 100644
index 000000000..431916fb6
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/can-i-access-hulu-or-netflix-or-bbc-iplayer-using-ivpn.md
@@ -0,0 +1,28 @@
+---
+title: Can I access Hulu / Netflix / BBC iPlayer using IVPN? - IVPN Help
+h1: Can I access Hulu / Netflix / BBC iPlayer using IVPN?
+url: /knowledgebase/general/can-i-access-hulu-or-netflix-or-bbc-iplayer-using-ivpn/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 120
+---
+# Can I access Hulu / Netflix / BBC iPlayer using IVPN?
+
+A VPN service can be used to not only protect your privacy but also to gain access to services not available in your current location, such as Hulu, Netflix, Amazon, BBC, Disney+ and so on.
+
+IVPN, however, is focused specifically on protecting the privacy of our customers and although many customers do use IVPN to access these services we make no guarantee about the availability of these services when connected to our network.
+
+<div markdown="1" class="notice notice--warning">
+Most streaming services are currently on an active campaign to block all VPN and Proxy connections. They are targeting massive amounts of IPv4 addresses at this time. Due to the exhaustion of the IPv4 space and strict registrar reporting requirements, it is quickly becoming impossible to get around this block.
+</div>
+
+In case you want to access your local streaming content while routing everything else via the VPN, this is achievable with our Split Tunnel feature by excluding the streaming application from the VPN tunnel. 
+
+The feature is currently available in our Windows and Android apps. 
+<div markdown="1" class="notice notice--info">
+Split Tunnel rules cannot be applied on apps installed from the Microsoft Store. As a workaround, Windows users can use Split Tunnel feature to exclude the web browser from the VPN and use it to watch the streaming content instead.
+</div>
+
+[Split Tunnel uses and limitations](/knowledgebase/general/split-tunnel-uses-and-limitations/)
diff --git a/src/content/es/pages/knowledgebase/general/command-line-client-faq.md b/src/content/es/pages/knowledgebase/general/command-line-client-faq.md
new file mode 100644
index 000000000..4908b6453
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/command-line-client-faq.md
@@ -0,0 +1,153 @@
+---
+title: Command Line Client FAQ - IVPN Help
+h1: Command Line Client FAQ
+url: /knowledgebase/general/command-line-client-faq/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 610
+---
+# Command Line Client FAQ
+
+1.  ### How do I log in?
+    ```
+    ivpn login
+    ```
+    or
+    ```
+    ivpn login < IVPN Account ID >
+    ```
+    The IVPN Account ID is available via the [Client Area](/account/) or [sign up](/signup/) today.
+
+2.  ### How do I log out?
+    ```
+    ivpn logout
+    ```
+
+3.  ### How do I see available servers?
+    ```
+    ivpn servers
+    ivpn servers Paris
+    ivpn servers land
+    ivpn servers -country "United States"
+    ivpn servers -protocol ovpn
+    ivpn servers -protocol WireGuard
+    ```
+
+4.  ### How do I connect?
+    ```
+    ivpn connect -fastest
+    ivpn connect Tokyo
+    ivpn connect -country_code -any US
+    ivpn connect -protocol WireGuard -city London
+    ivpn connect nl.gw.ivpn.net
+    ```
+
+5.  ### How do I disconnect?
+    ```
+    ivpn disconnect
+    ```
+
+6.  ### How do I use the firewall?
+    ```
+    ivpn firewall -status
+    ivpn firewall -on
+    ivpn firewall -off
+    ivpn firewall -lan_allow
+    ivpn firewall -lan_block
+    ```
+
+7.  ### How do I manage WireGuard keys?
+    ```
+    ivpn wgkeys -status
+    ivpn wgkeys -regenerate
+    ivpn wgkeys -rotation_interval 2
+    ```
+    Check our [WireGuard FAQ](/knowledgebase/general/wireguard-faq/) for more information.
+
+8.  ### How do I use the AntiTracker?
+    ```
+    ivpn antitracker -on
+    ivpn antitracker -off
+    ivpn antitracker -on_hardcore
+    ```
+    Check our [AntiTracker FAQ](/knowledgebase/general/antitracker-faq/) for more information.
+
+9.  ### How do I use a custom DNS server?
+    ```
+    ivpn dns 1.1.1.1
+    ivpn dns -off
+    ```
+
+    <div markdown="1" class="notice notice--warning">
+    You cannot use Custom DNS together with AntiTracker as once the latter is enabled, it will override the IP address you have specified.
+    </div>
+
+10. ### How do I use a different protocol and port?
+    Different combinations are available for different VPN protocols.
+
+    - **OpenVPN**: UDP:53, UDP:80, UDP:443, UDP:1194, UDP:2049, UDP:2050, TCP:80, TCP:443, TCP:1443
+    - **WireGuard**: UDP:53, UDP:80, UDP:443, UDP:1194, UDP:2049, UDP:2050, UDP:30587, UDP:41893, UDP:48574, UDP:58237
+
+    ```
+    ivpn connect -protocol OpenVPN -port TCP:443 de.gw.ivpn.net
+    ivpn connect -protocol WireGuard -port UDP:53 sg.wg.ivpn.net
+    ```
+
+    TCP and UDP offer different connection benefits. Check [this article](/knowledgebase/general/tcp-and-udp-connections/) for more details.
+
+11. ### How do I Multi-hop entering in Brazil and exiting in Canada?
+
+    ```
+    ivpn connect -exit_svr ca.gw.ivpn.net br.gw.ivpn.net
+    ```
+
+    <div markdown="1" class="notice notice--warning">
+    Entry and exit servers must be in different countries.
+    </div>
+
+    Multi-hop is available with IVPN Pro plans. [Upgrade](/signup/) today.
+
+12. ### How do I enable obfsproxy?
+
+    ```
+    ivpn -o connect es.gw.ivpn.net
+    ```
+    or
+    ```
+    ivpn -obfsproxy connect es.gw.ivpn.net
+    ```
+
+13. ### How do I manage logs?
+
+    ```
+    ivpn logs -show
+    ivpn logs -on
+    ivpn logs -off
+    ```
+
+    Logs are stored:  
+    - **Linux**: `/opt/ivpn/log/IVPN_Agent.log`
+
+14. ### How do I check my account status?
+
+    ```
+    ivpn account
+    ```
+
+15. ### How do I get help?
+
+    ```
+    ivpn -h
+    ivpn -h -full
+    ivpn connect -h
+    ivpn servers -h
+    ivpn firewall -h
+    ivpn wgkeys -h
+    ivpn dns -h
+    ivpn antitracker -h
+    ivpn logs -h
+    ```
+
+[Contact](/contactus/) our support department 24/7 with any questions.
diff --git a/src/content/es/pages/knowledgebase/general/configuring-the-ivpn-app-to-autoconnect.md b/src/content/es/pages/knowledgebase/general/configuring-the-ivpn-app-to-autoconnect.md
new file mode 100644
index 000000000..e398f1ea6
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/configuring-the-ivpn-app-to-autoconnect.md
@@ -0,0 +1,29 @@
+---
+title: Configuring the IVPN app to autoconnect - IVPN Help
+h1: Configuring the IVPN app to autoconnect
+url: /knowledgebase/general/configuring-the-ivpn-app-to-autoconnect/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 12
+---
+# Configuring the IVPN app to autoconnect
+
+IVPN desktop apps can be configured to autoconnect when the application is started or as soon as the IVPN daemon/service is started.
+
+The last option can be especially useful to those who prefer to control the app via CLI/terminal commands and have their system connected to the VPN server as quickly as possible, during the system boot up or when the user is logged into the system (depends on the OS).
+
+The basic autoconnect functionality can be enabled in the app’s `Settings` - `General` area by having both `Launch at login` and `Autoconnect on launch` options checked.
+
+By additionally enabling the `Allow background daemon to manage autoconnect` option, the connection to the VPN server will be established as soon as the IVPN app’s daemon is started:
+
+* Linux: during system boot up
+* macOS: user is logged into the system
+* Windows: during system boot up (on Cold Startup) or user session is started
+ 
+This option can also be enabled via the following CLI/terminal command:
+```
+ivpn autoconnect -on_launch on
+```
+The same logic is applied when using the Wi-Fi Control feature (Trusted Networks) together with the `Allow background daemon to apply WiFi Control settings` option enabled.
diff --git a/src/content/es/pages/knowledgebase/general/custom-dns.md b/src/content/es/pages/knowledgebase/general/custom-dns.md
new file mode 100644
index 000000000..43f8a1603
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/custom-dns.md
@@ -0,0 +1,54 @@
+---
+title: Custom DNS - IVPN Help
+h1: Custom DNS
+url: /knowledgebase/general/custom-dns/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 560
+---
+# Custom DNS
+
+IVPN apps are configured to automatically apply our internal [zero-logging](https://www.ivpn.net/blog/ivpn-no-logging-claim-verified-by-independent-audit) DNS IP address every time you connect to the VPN server to mitigate DNS leaks on your system.
+
+We understand that in some cases, one can benefit more from using a custom DNS server. No matter the reason you need to use one, with IVPN apps, you can have it customized in just a few steps. 
+
+DNS requests made to public DNS servers will first pass through the VPN tunnel, so there is still a level of privacy and security in place when using a Custom DNS server.
+
+### Windows, macOS, and Linux
+
+<div markdown="1" class="notice notice--info">
+Supported address types: IPv4, DNS-over-HTTPS
+</div>
+
+- **GUI:** Access the `Settings` area by tapping on the “gear” icon and navigate to the `DNS` tab.  Check the `Use Custom DNS` box and enter the preferred IPv4 address or the DNS-over-HTTPS URI string plus that DoH provider's corresponding IPv4 address.
+
+- **Command Line:** Open a Terminal window and run, e.g.: `ivpn dns 1.1.1.1` or `ivpn dns -doh https://cloudflare-dns.com/dns-query 1.1.1.1`. Type `ivpn dns -off` to revert back to using IVPN DNS.
+
+### iOS
+
+<div markdown="1" class="notice notice--info">
+Supported address types: IPv4, DNS-over-HTTPS, DNS-over-TLS
+</div>
+
+Custom DNS in the IVPN app for iOS can be configured and used when the VPN is connected or disconnected. 
+- In the IVPN app, navigate to `Settings` and enter the preferred IPv4 or DoH/DoT address in the `Custom DNS for VPN` or/and `Disconnected Custom DNS` areas.
+
+### Android
+
+<div markdown="1" class="notice notice--info">
+Supported address types: IPv4. DNS-over-TLS via Android native Private DNS feature
+</div>
+
+- Access the `Settings` area by tapping on the “gear” icon and navigate to `Custom DNS`. Toggle the `Use Custom DNS` switch on and enter the preferred IPv4-based IP address.
+
+- DNS-over-TLS can be set using the Android OS native Private DNS feature. On your device, navigate to `Settings` - `More connections` - `Private DNS`. Select `Configure Private DNS` and enter the preferred DoT address.
+
+### Current limitations
+
+- Custom DNS works only with OpenVPN and WireGuard VPN protocols
+
+- Custom DNS cannot be used together with AntiTracker as the latter will override the entries specified in the Custom DNS field
+
+- IPv6-based IP addresses are not yet supported
diff --git a/src/content/es/pages/knowledgebase/general/device-management-faq.md b/src/content/es/pages/knowledgebase/general/device-management-faq.md
new file mode 100644
index 000000000..3828c5ae2
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/device-management-faq.md
@@ -0,0 +1,70 @@
+---
+title: Device Management FAQ - IVPN Help
+h1: Device Management FAQ
+url: /knowledgebase/general/device-management-faq/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 199
+---
+# Device Management FAQ
+
+### What is Device Management?
+
+Device Management is an opt-in (disabled by default) feature that allows you to see the number and the list of devices that are currently added to your IVPN account (logged in to the IVPN app) and log specific or all devices out directly from the Account area on our website.
+
+### What information do you store for Device Management?
+
+When Device management is enabled, entries in the temporary record table used for limiting the number of connected devices are appended by an additional field that specifies the Device name. The device names are defined and assigned by IVPN and are not unique, therefore cannot be used to identify your account in case an adversary was able to gain access to this data. For this specific reason, we have made it impossible to set unique device names or identifiers. Please, see our [Privacy Policy](/privacy/) for more details.
+
+### How can I enable Device Management?
+
+<div markdown="1" class="notice notice--info">
+Device Management is only available for accounts that were created after November 2020 (account ID format: i-XXXX-XXXX-XXXX). If you have an IVPN subscription created before this date (account ID format: ivpnXXXXXXXX) and wish to make use of the feature, contact our customer service to help you make the switch.
+</div>
+
+To enable the feature, log in to the [Account](/account/login#id) area - `Device Management` tab and click on the `Enable device management` button.
+
+![](/images-static/uploads/device-management-1.png)
+
+### How does the device naming assignment work?
+
+Once enabled, the feature makes use of predefined phrases below (first two on IVPN Standard and all seven on IVPN Pro plan) that are assigned to existing and new devices in a specific order:
+
+```
+Silent Circuit
+Infinite Cipher
+Shadow Grid
+Galactic Wave
+Cosmic Helix
+Zenith Core
+Onyx Eclipse
+```
+
+Following the list order above, the first device that is logged in to the IVPN app will be named “**Silent Circuit**”, the second “**Infinite Cipher**” up until adding the seventh device assigned as “**Onyx Eclipse**”.
+
+Devices that were already logged in to the IVPN app prior to the activation of Device Management will be assigned the names in the order you have authenticated them in the past, e.g. the very first device you have logged in to the IVPN app on will be named “**Silent Circuit**”, the second “**Infinite Cipher**” and so on.
+
+We recommend storing these device identifiers and the device pairs safely, e.g. in open-source password managers with strong encryption, so you can easily identify and remove devices when you don’t have access to them. For extra security, you can [enable 2FA](/knowledgebase/general/do-you-offer-two-factor-authentication/) for both Account area and IVPN apps authentication.
+
+### Where can I find my device name?
+
+The assigned device name is located in the IVPN app `Settings` - `Account` area (head-with-shoulders icon on the top-left corner of the app's main window on iOS and Android).
+
+<img src="/images-static/uploads/device-management-2.png" hight="50%" width="50%"/><br></br>
+
+It can also be retrieved using the `ivpn account` CLI/terminal command on your desktop systems.
+
+### How can I delete (log out) my devices?
+
+- In your [Account](/account/login#id) area - `Device Management` tab, locate the required device and click on the `Delete` button. Use the `Log out from all devices` button to log all of your devices out and reset the device counter to zero.
+
+![](/images-static/uploads/device-management-3.png)
+
+- In the IVPN app on your device, navigate to the `Settings` - `Account` area and click on the `Log out` button or use the option to “Log out from all devices”. This option becomes available when you attempt to log in to the app and the device limit has already been reached.
+
+- Log out from all devices by using the `ivpn login -force` CLI/terminal command on your desktop systems.
+
+- Request log out from all devices by reaching out to our [support team](/contactus/).
+
diff --git a/src/content/es/pages/knowledgebase/general/do-you-allow-p2p-or-bittorrent-or-torrents-downloading.md b/src/content/es/pages/knowledgebase/general/do-you-allow-p2p-or-bittorrent-or-torrents-downloading.md
new file mode 100644
index 000000000..73a7dfa62
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/do-you-allow-p2p-or-bittorrent-or-torrents-downloading.md
@@ -0,0 +1,13 @@
+---
+title: Do you allow P2P / BitTorrent / torrents downloading? - IVPN Help
+h1: Do you allow P2P / BitTorrent / torrents downloading?
+url: /knowledgebase/general/do-you-allow-p2p-or-bittorrent-or-torrents-downloading/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 20
+---
+# Do you allow P2P / BitTorrent / torrents downloading?
+
+We do not restrict the use of any protocols, however, our upstream providers in the USA have threatened to disconnect our servers on multiple occasions as a result of the high number of DMCA notices we receive. **We kindly request that customers avoid USA based servers for P2P (including USA exit servers on Multi-hop)**.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-allow-smtp-email-whilst-connected-to-ivpn.md b/src/content/es/pages/knowledgebase/general/do-you-allow-smtp-email-whilst-connected-to-ivpn.md
new file mode 100644
index 000000000..445b146bc
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/do-you-allow-smtp-email-whilst-connected-to-ivpn.md
@@ -0,0 +1,15 @@
+---
+title: Do you allow SMTP (email) whilst connected to IVPN? - IVPN Help
+h1: Do you allow SMTP (email) whilst connected to IVPN?
+url: /knowledgebase/general/do-you-allow-smtp-email-whilst-connected-to-ivpn/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 310
+---
+# Do you allow SMTP (email) whilst connected to IVPN?
+
+We do not allow SMTP port 25 traffic to be sent through our servers. As this opens up the possibility to spam millions of people from behind our VPN servers, we have decided to block SMTP port 25 as a way to keep the reputation of our IP addresses in a cleaner state.
+
+To send email while connected to our VPN servers, consider using a secure email connection. When email is sent over a secure connection, there may be a higher level of trust and the email may be accepted by the email service provider. Port 25 is the default outgoing email port, but this offers no security.  Ports available for secure SMTP are 465 and 587, which include SSL or TLS. Check your email provider's support documentation for details about which ports are available for secure outgoing messages.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-have-advanced-privacy-guides.md b/src/content/es/pages/knowledgebase/general/do-you-have-advanced-privacy-guides.md
new file mode 100644
index 000000000..b56c38205
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/do-you-have-advanced-privacy-guides.md
@@ -0,0 +1,15 @@
+---
+title: Do you have advanced privacy guides? - IVPN Help
+h1: Do you have advanced privacy guides?
+url: /knowledgebase/general/do-you-have-advanced-privacy-guides/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 500
+---
+# Do you have advanced privacy guides?
+
+IVPN offers both introductory and advanced privacy guides. These guides cover much more than just VPN services and are a great resource for those looking to setup more sophisticated security configurations or get a deeper understanding of how privacy protection tools can be used to enhance your privacy.
+
+Visit our [Privacy Guides](/privacy-guides/) section.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-have-an-affiliate-program.md b/src/content/es/pages/knowledgebase/general/do-you-have-an-affiliate-program.md
new file mode 100644
index 000000000..7a827320e
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/do-you-have-an-affiliate-program.md
@@ -0,0 +1,13 @@
+---
+title: Do you have an affiliate program? - IVPN Help
+h1: Do you have an affiliate program?
+url: /knowledgebase/general/do-you-have-an-affiliate-program/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 360
+---
+# Do you have an affiliate program?
+
+No, the previous IVPN affiliate program has been closed and details for this closure can be found on our [Blog](/blog/). If you were previously a member of the IVPN affiliate program and have any questions please contact affiliates@ivpn.net.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall.md b/src/content/es/pages/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall.md
new file mode 100644
index 000000000..fbfc09fe9
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall.md
@@ -0,0 +1,74 @@
+---
+title: Do you offer a kill switch or VPN firewall? - IVPN Help
+h1: Do you offer a kill switch or VPN firewall?
+url: /knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 150
+---
+# Do you offer a kill switch or VPN firewall?
+
+Yes, the IVPN apps on Windows, macOS, Linux, and iOS 15 have an integrated firewall that offers the 'kill switch' solution ensuring your privacy is protected in every possible scenario. If you are interested in knowing more about our kill switch please continue reading.
+
+An Internet kill switch is a mechanism to prevent data from leaking outside of the VPN tunnel when the tunnel fails for any reason. Traditionally the kill switch software will monitor the Internet connection of the computer on which it is running and either block all traffic or disconnect the network connection if it detects that the VPN has failed.
+
+IVPN has implemented a secure and robust mechanism called the IVPN firewall. Once enabled the IVPN Firewall integrates deep into the operating system (using Microsoft’s own WFP API on Windows, `pf` on macOS, and `iptables` on Linux) and filters all network packets. The Firewall is independent of the IVPN client, so even if a component of the IVPN Client crashes filtering will continue uninterrupted. The IVPN Firewall can be configured to switch on automatically during a VPN connection, or you can enable it manually when you need it. You can also set the 'always-on' IVPN Firewall to protect the system all the time, even before the OS is booted. This will ensure that no traffic will bypass the VPN tunnel even during the boot-up phase.
+
+Many events could cause the network to be reconfigured suddenly and without notice which could expose your personal IP address. For example:
+
+- Disconnection from or connection to Wi-Fi or wired network.
+- Weak Wi-Fi signal which causes Wi-Fi to reconnect.
+- Awaking from Sleep and/or Hibernation states.
+- Network errors that force the network adapter to reset.
+- Third-party security software that reconfigures the routing table for its own needs.
+- Reboot or configuration change of the network router you are connected to.
+- Static route addition by the DHCP server.
+- … and many others.
+
+A traditional kill switch solution needs to react to all of these events and do so fast enough that not a single packet is leaked before the connection is blocked/disconnected. The IVPN Firewall completely eliminates these threats by only allowing traffic through the VPN tunnel. Everything else is blocked.
+
+### Boot time protection
+
+Native and third-party services can use your internet connection even before the system is fully booted. Any application installed on your system has the opportunity to connect to a server on the Internet and to exchange data long before you are able to connect to a VPN. However, the IVPN Firewall can be configured to protect your system all the time, ensuring that no traffic will leak outside the VPN tunnel even when the IVPN Client, its service, or even the operating system is not fully booted. Such traffic will just be filtered out until everything finishes loading, and the connection with the VPN is established. When using a traditional kill switch, it is only effective once the operating system starts the application.
+
+### IPv6
+
+As IPv6 becomes more popular, more and more ISPs and Wi-Fi hotspots around the world allocate an IPv6 subnetwork for their clients along with an IPv4 address.
+
+According to the Google IPv6 adoption statistics, 14.5% of all US traffic is IPv6. Some countries, such as Belgium, have an adoption rate exceeding 30%.
+
+It is important to understand that when IPv6 is enabled on the network you are connected to it will take precedence over IPv4 for all of the connections to hosts with IPv6 support.
+
+This IPv6 traffic will most likely silently bypass your VPN tunnel.
+
+As a result, if you have no control over the configuration of the router you are connected to (e.g. a public Wi-Fi hotspot), or when the default configuration of your router is set to announce any IPv6 network your ISP has allocated to you and you haven’t disabled IPv6 in your OS (which is enabled by default), you may find that you have IPv6 support which is a major potential threat to your privacy.
+
+When the IVPN Firewall is enabled it is impossible for any IPv6 traffic to leak outside of the VPN tunnel, giving you absolute peace of mind.
+
+### DNS
+
+When you connect using our native apps your system's DNS is replaced with IVPN's DNS servers. This is done to ensure that neither your ISP nor anyone else can eavesdrop on what websites you visit.
+
+However, some 3rd-party applications or web browsers are configured to use their own DNS. When using such apps, your system's DNS is generally ignored, essentially causing a DNS leak. 
+
+The IVPN Firewall adds rules to your system to block all DNS queries that are sent to a non-IVPN DNS server making any DNS leaks impossible.
+
+### WebRTC
+
+WebRTC (Web Real-Time Communication) is an API drafted by the W3C that supports browser-to-browser applications for voice calling, video chat, and P2P file sharing (without the need of either internal or external plugins). WebRTC implements STUN (Session Traversal Utilities for NAT), a protocol that allows the discovery of your externally assigned IP address (to facilitate the applications above).
+
+In some cases, the request to the STUN server may leak outside of the VPN and expose your ISP-issued IP address. However, if you are using our kill switch, then these leaks will be blocked.
+
+### Software stability and crashes
+
+All software has bugs and may crash for a variety of reasons. For example, out-of-memory errors will crash practically any foreground application.
+
+Software designed for security must fail-safe in the event of a crash, fully maintaining the security of the host system.
+
+The IVPN Firewall ensures that if the VPN client, any part of the tunnel, or your desktop OS crashes, no traffic will leave the computer until IVPN Firewall is disabled manually or a new VPN tunnel is established.
+
+### Conclusion
+
+Using the IVPN firewall enhances your security and privacy steps further. From ensuring your privacy at boot time to blocking IPv6 and protecting against IP, DNS, and traffic leaks during a software crash.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-offer-dedicated-or-static-ip-addresses.md b/src/content/es/pages/knowledgebase/general/do-you-offer-dedicated-or-static-ip-addresses.md
new file mode 100644
index 000000000..62bdd4f58
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/do-you-offer-dedicated-or-static-ip-addresses.md
@@ -0,0 +1,13 @@
+---
+title: Do you offer dedicated or static IP addresses? - IVPN Help
+h1: Do you offer dedicated or static IP addresses?
+url: /knowledgebase/general/do-you-offer-dedicated-or-static-ip-addresses/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 110
+---
+# Do you offer dedicated or static IP addresses?
+
+No, we do not offer dedicated or static IP addresses for privacy reasons. We use shared IPs to ensure sufficient interface crowding on the servers. Crowding is used to increase the total number of users sharing the same IP,  which combined with encryption makes it harder for a 3rd party to attribute an outgoing connection to an incoming one thereby significantly increasing your privacy.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-offer-ipv6.md b/src/content/es/pages/knowledgebase/general/do-you-offer-ipv6.md
new file mode 100644
index 000000000..1ceb95462
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/do-you-offer-ipv6.md
@@ -0,0 +1,13 @@
+---
+title: Do you support IPv6? - IVPN Help
+h1: Do you support IPv6?
+url: /knowledgebase/general/do-you-support-ipv6/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 210
+---
+# Do you support IPv6?
+
+We provide the option to receive an IPv6 address when connecting to our servers using WireGuard (IPv6 over IPv4). This enables those with only an IPv4 address to access the IPv6 Internet. Access to IPv6 by connecting to our servers using IPv6 is currently under development.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-offer-openvpn-wireguard-config-files.md b/src/content/es/pages/knowledgebase/general/do-you-offer-openvpn-wireguard-config-files.md
new file mode 100644
index 000000000..9ef6089ba
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/do-you-offer-openvpn-wireguard-config-files.md
@@ -0,0 +1,15 @@
+---
+title: Do you offer OpenVPN, WireGuard config files? - IVPN Help
+h1: Do you offer OpenVPN, WireGuard config files?
+url: /knowledgebase/general/do-you-offer-openvpn-wireguard-config-files/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 230
+---
+# Do you offer OpenVPN, WireGuard config files?
+
+OpenVPN config files can be generated and downloaded [here](/openvpn-config).
+
+WireGuard config file generator is available in the [Client Area](/account/wireguard-config).
diff --git a/src/content/es/pages/knowledgebase/general/do-you-offer-two-factor-authentication.md b/src/content/es/pages/knowledgebase/general/do-you-offer-two-factor-authentication.md
new file mode 100644
index 000000000..3ad5d7701
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/do-you-offer-two-factor-authentication.md
@@ -0,0 +1,27 @@
+---
+title: Do you offer Two-Factor Authentication? - IVPN Help
+h1: Do you offer Two-Factor Authentication?
+url: /knowledgebase/general/do-you-offer-two-factor-authentication/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 550
+---
+# Do you offer Two-Factor Authentication?
+
+Yes, and it can be easily enabled in just a few steps:
+
+1. Login to your [Client Area](/account/login/#id)
+
+2. Navigate to `Account settings` and check the `2-factor authentication` checkbox.
+
+3. Scan the barcode using the preferred TOTP (Time-based One-Time Password) app, e.g. **Google Authenticator**.
+
+4. Enter the generated 6-digit code and click on the `Enable` button to confirm the 2FA activation.
+
+5. Store **Backup Codes** you will see on the next page somewhere safe - it can be used to disable the 2FA in the future.
+
+<div markdown="1" class="notice notice--warning">
+2FA for IVPN apps is only available for accounts that were created after November 2020 (account ID format: i-XXXX-XXXX-XXXX). If you wish to use 2FA for apps and have an IVPN subscription created before this date (account ID format: ivpnXXXXXXXX), contact our customer service to help you make the switch.
+</div>
diff --git a/src/content/es/pages/knowledgebase/general/do-you-reboot-servers-during-a-maintenance-window.md b/src/content/es/pages/knowledgebase/general/do-you-reboot-servers-during-a-maintenance-window.md
new file mode 100644
index 000000000..a8e20a85d
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/do-you-reboot-servers-during-a-maintenance-window.md
@@ -0,0 +1,13 @@
+---
+title: Do you reboot servers during a maintenance window? - IVPN Help
+h1: Do you reboot servers during a maintenance window?
+url: /knowledgebase/general/do-you-reboot-servers-during-a-maintenance-window/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 190
+---
+# Do you reboot servers during a maintenance window?
+
+Yes, when necessary we perform scheduled upgrades and maintenance of the network between 03:00-04:00 EST (GMT -5) on Sundays. We recommend following our [Twitter](https://twitter.com/ivpnstatus) account for notices of when there may be brief outages.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-support-blackberry.md b/src/content/es/pages/knowledgebase/general/do-you-support-blackberry.md
new file mode 100644
index 000000000..c6f02505d
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/do-you-support-blackberry.md
@@ -0,0 +1,15 @@
+---
+title: Do you support BlackBerry? - IVPN Help
+h1: Do you support BlackBerry?
+url: /knowledgebase/general/do-you-support-blackberry/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 540
+---
+# Do you support BlackBerry?
+
+At this time, native BlackBerry devices -- including those with BlackBerry OS 10 -- do not support OpenVPN.  Due to the lack of OpenVPN support on these devices, they will not work.
+
+BlackBerry devices based on Android (PRIV) have been reported to work.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-support-chromebook.md b/src/content/es/pages/knowledgebase/general/do-you-support-chromebook.md
new file mode 100644
index 000000000..540d91b24
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/do-you-support-chromebook.md
@@ -0,0 +1,19 @@
+---
+title: Do you support Chromebook? - IVPN Help
+h1: Do you support Chromebook?
+url: /knowledgebase/general/do-you-support-chromebook/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 270
+---
+# Do you support Chromebook?
+
+Not officially.
+
+At this time, Google Chromebook has very limited native VPN support. We have had some customers report success using IPSec however we highly suggest OpenVPN for security reasons. At this time OpenVPN is not fully compatible with Google Chromebook at the ChromeOS level.
+
+Newer models of Chromebooks support Android apps via the Google Play store. The [IVPN App for Android](/apps-android/) may work on these newer Chromebooks and can be installed just like any other app, though there are recent reports that interacting with the app after installing causes a black screen and the app is unusable.
+
+If it does work, please note that the Android subsystem and the ChromeOS subsystem are not 100% in alignment and it may be the case that the default ChromeOS web browser does not make use of the VPN tunnel. You might consider installing an additional web browser from the Google Play store to take full advantage of the VPN connection.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-support-port-forwarding.md b/src/content/es/pages/knowledgebase/general/do-you-support-port-forwarding.md
new file mode 100644
index 000000000..300a60d5f
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/do-you-support-port-forwarding.md
@@ -0,0 +1,31 @@
+---
+title: Do you support Port Forwarding? - IVPN Help
+h1: Do you support Port Forwarding?
+url: /knowledgebase/general/do-you-support-port-forwarding/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 14
+---
+# Do you support Port Forwarding?
+
+Port Forwarding is not available with our service. See our [blog post](/blog/gradual-removal-of-port-forwarding) to understand why.
+
+### What is not possible without port forwarding?
+
+Remote access to services and systems running behind a VPN. Review our dedicated [article](/knowledgebase/general/how-do-i-remotely-connect-to-my-home-system-or-services-behind-the-vpn-connection) about this for more details and a possible workaround.
+
+### Is it possible to P2P/torrent without Port Forwarding?
+
+The short answer to the question: Yes, you can download and upload data even with closed port.
+
+ - If the port is closed that only means you can not accept incoming connections, but you can still connect to peers who accept connections. In torrent terminology they say that you are in passive mode. A client in passive mode can connect to a client with open port (active mode), but not to a client with a closed port. 
+
+ - If your port would be open then you would be able to accept connections too. In torrent terminology this is called active mode. A client with open port can connect to both active and passive clients.
+
+If your port is closed, that only means you can't connect to other peers with closed ports. In this case you may get less peers to connect to. If the torrent has a lot of peers, your client will likely be able to find enough peers with open port to achieve high download speeds. If the torrent has few peers, then it is likely that with open port you would get better results. 
+
+In the rare case when all peers have their ports closed, then you won't be able to connect to any of them. You will have to wait until a peer with open port comes in (active mode).
+
+Please review our [ToS](/tos) about P2P usage on the IVPN network.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-support-tunnelblick-or-viscosity.md b/src/content/es/pages/knowledgebase/general/do-you-support-tunnelblick-or-viscosity.md
new file mode 100644
index 000000000..30d627917
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/do-you-support-tunnelblick-or-viscosity.md
@@ -0,0 +1,19 @@
+---
+title: Do you support Tunnelblick / Viscosity? - IVPN Help
+h1: Do you support Tunnelblick / Viscosity?
+url: /knowledgebase/general/do-you-support-tunnelblick-or-viscosity/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 420
+---
+# Do you support Tunnelblick / Viscosity?
+
+Yes. Both Tunnelblick and Viscosity are software packages designed for macOS which allow you to connect to VPN services like IVPN.
+
+See our [Tunnelblick setup guide](/setup/macos-openvpn-tunnelblick/) for more details.
+
+<div markdown="1" class="notice notice--info">
+We highly recommend using the IVPN client over a 3rd party client such as Tunnelblick as we have implemented many advanced security features.
+</div>
diff --git a/src/content/es/pages/knowledgebase/general/does-ivpn-protect-ssh-connections.md b/src/content/es/pages/knowledgebase/general/does-ivpn-protect-ssh-connections.md
new file mode 100644
index 000000000..98df09e9e
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/does-ivpn-protect-ssh-connections.md
@@ -0,0 +1,13 @@
+---
+title: Does IVPN protect SSH connections? - IVPN Help
+h1: Does IVPN protect SSH connections?
+url: /knowledgebase/general/does-ivpn-protect-ssh-connections/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 490
+---
+# Does IVPN protect SSH connections?
+
+Yes, when using IVPN all traffic (including SSH connections running on your computer) is forwarded through the VPN.  For maximum efficiency, tunnelling the TCP-based SSH protocol through a UDP VPN tunnel is the best option.
diff --git a/src/content/es/pages/knowledgebase/general/does-ivpn-support-pfsense-firewall.md b/src/content/es/pages/knowledgebase/general/does-ivpn-support-pfsense-firewall.md
new file mode 100644
index 000000000..89c55c398
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/does-ivpn-support-pfsense-firewall.md
@@ -0,0 +1,15 @@
+---
+title: Does IVPN support pfSense firewall? - IVPN Help
+h1: Does IVPN support pfSense firewall?
+url: /knowledgebase/general/does-ivpn-support-pfsense-firewall/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 320
+---
+# Does IVPN support pfSense firewall?
+
+Yes and we provide advanced documentation on how to prevent and test for IP leaks when using pfSense.
+
+Please see the [pfSense setup guide](/setup/router/pfsense/) for more information.
diff --git a/src/content/es/pages/knowledgebase/general/does-ivpn-support-roku-media-players.md b/src/content/es/pages/knowledgebase/general/does-ivpn-support-roku-media-players.md
new file mode 100644
index 000000000..574521d58
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/does-ivpn-support-roku-media-players.md
@@ -0,0 +1,15 @@
+---
+title: Does IVPN support Roku media players? - IVPN Help
+h1: Does IVPN support Roku media players?
+url: /knowledgebase/general/does-ivpn-support-roku-media-players/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 450
+---
+# Does IVPN support Roku media players?
+
+Roku media players do not have a built-in VPN client and cannot natively run any VPN client software including IVPN.
+
+You can still share an IVPN connection with a Roku media player by using a supported VPN router. Please see our [Routers Setup](/setup/router/) page for more information.
diff --git a/src/content/es/pages/knowledgebase/general/does-ivpn-support-synology-nas.md b/src/content/es/pages/knowledgebase/general/does-ivpn-support-synology-nas.md
new file mode 100644
index 000000000..eeb2aef0c
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/does-ivpn-support-synology-nas.md
@@ -0,0 +1,13 @@
+---
+title: Does IVPN support Synology NAS? - IVPN Help
+h1: Does IVPN support Synology NAS?
+url: /knowledgebase/general/does-ivpn-support-synology-nas/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 440
+---
+# Does IVPN support Synology NAS?
+
+Yes. We recommend an updated version of the Diskstation Manager to ensure that OpenVPN will work properly. Please see our [Synology OpenVPN setup guide](/setup/nas/synology-6/) for more information.
diff --git a/src/content/es/pages/knowledgebase/general/does-ivpn-support-windows-10.md b/src/content/es/pages/knowledgebase/general/does-ivpn-support-windows-10.md
new file mode 100644
index 000000000..3258b3cfe
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/does-ivpn-support-windows-10.md
@@ -0,0 +1,15 @@
+---
+title: Does IVPN support Windows 10? - IVPN Help
+h1: Does IVPN support Windows 10?
+url: /knowledgebase/general/does-ivpn-support-windows-10/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 370
+---
+# Does IVPN support Windows 10?
+
+Yes, the latest version of the [IVPN client for Windows](/apps-windows/) has been extensively tested on Windows 10.
+
+If you have any issues running IVPN on Windows 10, please contact our [support department](/contactus/).
diff --git a/src/content/es/pages/knowledgebase/general/does-voip-work-with-ivpn.md b/src/content/es/pages/knowledgebase/general/does-voip-work-with-ivpn.md
new file mode 100644
index 000000000..1b0ea720b
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/does-voip-work-with-ivpn.md
@@ -0,0 +1,15 @@
+---
+title: Does VoIP work with IVPN? - IVPN Help
+h1: Does VoIP work with IVPN?
+url: /knowledgebase/general/does-voip-work-with-ivpn/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 520
+---
+# Does VoIP work with IVPN?
+
+In general, VoIP (Voice over IP) services will work properly with IVPN. These services are forwarded through the VPN just like all other services. 
+
+Please take into account that VoIP services are very dependent on latency therefore the quality of the call may vary greatly depending on your internet connection and the distance from you to the VPN server and the VPN server to the VoIP endpoint.
diff --git a/src/content/es/pages/knowledgebase/general/firewall-exceptions.md b/src/content/es/pages/knowledgebase/general/firewall-exceptions.md
new file mode 100644
index 000000000..7e1c68c83
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/firewall-exceptions.md
@@ -0,0 +1,104 @@
+---
+title: Firewall Exceptions - IVPN Help
+h1: Firewall Exceptions
+url: /knowledgebase/general/firewall-exceptions/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 470
+---
+# Firewall Exceptions
+
+The IVPN App for Windows, macOS, and Linux includes a feature to allow IP addresses and subnets to bypass the app's kill switch firewall.  This can be useful to access local network devices that are outside of the range of the current LAN.  It can also be useful if a corporate VPN is required to run concurrently with the IVPN App.  It is also possible to include the IP address for a website in the firewall exception list and traffic to that website will bypass the VPN connection, like a split tunnel for a specific website.
+
+To make use of this feature, adding a firewall exception to the IVPN App is the first step and adding a static route to the computer system is the second step.  The firewall exception instructs the IVPN App to allow the traffic to bypass its firewall and the static route instructs the computer system to route the traffic outside of the VPN tunnel.
+
+To add a firewall exception, go to IVPN App's `Settings > IVPN Firewall > Exceptions` area and enter an IP address or a subnet.
+
+To add a static route, three details are required:
+1. The IP address or subnet from the exception
+1. The subnet mask for #1 above as an IP address or in [CIDR notation](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation)
+1. The IP address for the computer system's default gateway (i.e. the local router)
+
+In the examples below, `a.b.c.d` represents the default gateway and needs to be replaced with the actual local default gateway IP address.
+
+<div markdown="1" class="notice notice--warning">
+Note: These static routes are temporary and will have to be added after each reboot.
+</div>
+
+### Windows
+
+Open a Command Prompt via the **Run as administrator** option.
+
+Show the routing table:
+```
+route PRINT
+```
+
+Add a static route for subnet `192.168.100.0/24`:
+```
+route ADD 192.168.100.0 MASK 255.255.255.0 a.b.c.d
+```
+
+Delete the route:
+```
+route DELETE 192.168.100.0 MASK 255.255.255.0 a.b.c.d
+```
+
+
+### macOS
+
+Show the routing table:
+```
+netstat -rn
+```
+
+Add a static route for subnet `192.168.192.0/20`:
+```
+sudo route -n add -net 192.168.192.0/20 a.b.c.d
+```
+
+Delete the route:
+```
+sudo route -n delete -net 192.168.192.0/20
+```
+
+
+### Linux
+
+Show the routing table:
+```
+route
+routel
+ip route
+```
+
+Add a static route for IP address `192.168.111.111`:
+```
+sudo ip route add 192.168.111.111/32 via a.b.c.d
+```
+
+Delete the route:
+```
+sudo ip route del 192.168.111.111/32
+```
+
+
+### Example of a Website Exception
+
+Connect the VPN and visit a website to check the current IP address: [https://www.dnsleaktest.com](https://www.dnsleaktest.com)
+
+Determine a website's IP address using one of these commands:
+```
+nslookup dnsleaktest.com
+dig +short dnsleaktest.com
+```
+
+Add an exception to the IVPN App's firewall for that website's IP address using the `/32` CIDR notation subnet mask.
+
+Add a static route to the system for the website's IP address using the `/32` or `255.255.255.255` subnet mask.
+
+Refresh the page.
+
+This may offer a way to access a site that uses one or two IP addresses for hosting, though for larger sites with complicated infrastructure, like streaming sites and those that rely on redirects to content delivery networks, this type of exception might not behave as expected.
diff --git a/src/content/es/pages/knowledgebase/general/how-can-i-connect-to-the-multihop-network.md b/src/content/es/pages/knowledgebase/general/how-can-i-connect-to-the-multihop-network.md
new file mode 100644
index 000000000..506058e69
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/how-can-i-connect-to-the-multihop-network.md
@@ -0,0 +1,67 @@
+---
+title: How can I connect to the Multi-hop network? - IVPN Help
+h1: How can I connect to the Multi-hop network?
+url: /knowledgebase/general/how-can-i-connect-to-the-multihop-network/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 170
+---
+# How can I connect to the Multi-hop network?
+
+<div markdown="1" class="notice notice--info">
+These instructions are not required when using the official <a href="/apps/">IVPN client</a>. Simply select the Multi-hop tab on the main screen.<br></br>
+The Multi-hop feature is available in our Pro plan and can be used with any WireGuard and OpenVPN clients.<br></br>
+Entry and Exit-hop servers must be in different countries.
+</div>
+
+Multi-hop-ready config files for WireGuard can be generated in the [Client Area](/account/wireguard-config). OpenVPN config file generator is available [here](/openvpn-config). Read on if you prefer to create configuration file manually  or simply want to understand how our port based Multi-hop solution works.
+
+Every server has a unique port number reserved for Multi-hop connections which can be found on our [server status](/status/) page.
+
+![](/images-static/uploads/wireguard-multihop.jpg)
+
+Choose the Exit-hop server for your Multi-hop connection, note its **Multi-hop Port** number, **Public key** and follow the instructions relevant to the VPN protocol you use below:
+
+### WireGuard
+
+In your WireGuard config '**[Peer]**' section, specify the **Entry-hop server hostname** with the **Exit-hop server Multi-hop port** separated with a colon in the '**Endpoint**' field, and the **Exit-hop server Public key** in the '**PublicKey**' field.
+
+*Endpoint = [Entry-hop server address]**:**[Exit-hop server Multi-hop port]<br>
+PublicKey = [Exit-hop server Public Key]*
+
+Below, is an example of the WireGuard Multi-hop connection config with Entry server in Ukraine and Exit server in Austria:
+
+>[Interface]<br>
+>PrivateKey = *****<br>
+>Address = 172.x.y.z/32, fd00:4956:504e:ffff::x.y.z/128<br>
+>DNS = 172.16.0.1<br><p>
+>[Peer]<br>
+>PublicKey = 83LUBnP97SFpnS0y1MpEAFcg8MIiQJgW1FRv/8Mc40g=<br>
+>AllowedIPs = 0.0.0.0/0, ::/0<br>
+>Endpoint = ua1.wg.ivpn.net:25601<br>
+>PersistentKeepalive = 25
+
+### OpenVPN
+
+1. [Download](/openvpn-config) and open the .ovpn config file with the location of the **Entry-hop server** using any text editor
+2. Replace port number in line 4 (*remote xx.gw.ivpn.net <u>**2049**</u>*) with the **Exit-hop server Multi-hop port**
+3. Replace the location code in line 16 (*verify-x509-name <u>**XX**</u> name-prefix*) with the **Exit-hop server location code**
+
+To lookup the location codes, open the [server status](/status/) page. Note the server names are in the format XY.gw.ivpn.net where X is the location code and Y is a number uniquely identifying the server. Ignore the number and use the code before it:
+
+| Server | Location code|
+|---|---|
+| at1.gw.ivpn.net | **at** |
+| ua1.gw.ivpn.net | **ua** |
+| us-nj1.gw.ivpn.net | 	**us-nj** | 
+
+Below, is an example of the OpenVPN Multi-hop connection config file with Entry server in Ukraine and Exit server in Austria:
+
+![](/images-static/uploads/openvpn-multihop.png)
+
+### Obfsproxy (via OpenVPN)
+
+Check our article on manual Linux connections for details:
+[Linux - OBFS3 and OBFS4 Obfuscation with Obfsproxy to Circumvent Censorship](https://www.ivpn.net/knowledgebase/linux/linux-obfs3-and-obfs4-obfuscation-with-obfsproxy-to-circumvent-censorship/)
diff --git a/src/content/es/pages/knowledgebase/general/how-do-i-remotely-connect-to-my-home-system-or-services-behind-the-vpn-connection.md b/src/content/es/pages/knowledgebase/general/how-do-i-remotely-connect-to-my-home-system-or-services-behind-the-vpn-connection.md
new file mode 100644
index 000000000..4abffc6a5
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/how-do-i-remotely-connect-to-my-home-system-or-services-behind-the-vpn-connection.md
@@ -0,0 +1,21 @@
+---
+title: How do I remotely connect to my home system or services behind the VPN connection? - IVPN Help
+h1: How do I remotely connect to my home system or services behind the VPN connection?
+url: /knowledgebase/general/how-do-i-remotely-connect-to-my-home-system-or-services-behind-the-vpn-connection/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 13
+---
+# How do I remotely connect to my home system or services behind the VPN connection?
+
+When you are connected to a VPN service, the VPN gateway server protects your device from potentially hostile incoming connections in the same way that your router or firewall does.
+
+Remote access to services and devices (like media, file, web servers, etc.) or the system itself running behind a VPN becomes impossible without opening the port on the server and forwarding the traffic to the recipient – a service called Port Forwarding which is [not available](/blog/gradual-removal-of-port-forwarding) with IVPN.
+
+One way to solve this is to enable and configure Port Forwarding on the router, though this often requires owning a static IP address provided by your ISP with the router connected directly to the Internet (not behind NAT).
+
+Another way is to use an open-source software called [Tailscale](https://tailscale.com/) that interconnects your devices into a single, secure peer-to-peer WireGuard mesh network allowing you to access your services and resources from anywhere on the Internet, even those behind IVPN or ISP NAT.
+
+The service is free to individuals and supported on plethora of popular operating systems and devices. To explore this solution we suggest reviewing documentation and setup guides published by Tailscale [here](https://tailscale.com/kb/1017/install/).
\ No newline at end of file
diff --git a/src/content/es/pages/knowledgebase/general/how-do-i-send-a-secure-pgp-encrypted-email-to-ivpn.md b/src/content/es/pages/knowledgebase/general/how-do-i-send-a-secure-pgp-encrypted-email-to-ivpn.md
new file mode 100644
index 000000000..294104e5b
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/how-do-i-send-a-secure-pgp-encrypted-email-to-ivpn.md
@@ -0,0 +1,15 @@
+---
+title: How do I send a secure PGP encrypted email to IVPN? - IVPN Help
+h1: How do I send a secure PGP encrypted email to IVPN?
+url: /knowledgebase/general/how-do-i-send-a-secure-pgp-encrypted-email-to-ivpn/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 280
+---
+# How do I send a secure PGP encrypted email to IVPN?
+
+Import our [PGP key](/contactus/) and send a secure email support request to [support@ivpn.net](mailto:support@ivpn.net) and we'll respond ASAP. 
+
+Please be sure to include your own public key with your message.
diff --git a/src/content/es/pages/knowledgebase/general/how-many-devices-or-simultaneous-connections-can-i-have-to-ivpn.md b/src/content/es/pages/knowledgebase/general/how-many-devices-or-simultaneous-connections-can-i-have-to-ivpn.md
new file mode 100644
index 000000000..1c92d4d08
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/how-many-devices-or-simultaneous-connections-can-i-have-to-ivpn.md
@@ -0,0 +1,19 @@
+---
+title: How many devices or simultaneous connections can I have to IVPN? - IVPN Help
+h1: How many devices or simultaneous connections can I have to IVPN?
+url: /knowledgebase/general/how-many-devices-or-simultaneous-connections-can-i-have-to-ivpn/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 10
+---
+# How many devices or simultaneous connections can I have to IVPN?
+
+You can install the IVPN App on as many devices as you require and, by default, a single subscription allows 2 devices with an IVPN Standard plan or 7 devices with an IVPN Pro plan. Please note that each time you log in to our IVPN App, this counts as adding one device. Each time you log out of the app, this counts as removing one device. Whether our app is connected or not and powered on or not, simply logging in is enough to occupy one of the device slots.
+
+<div markdown="1" class="notice notice--info">
+Our terms of service do not permit the sharing of accounts with another person (including within a single household etc). You may wish to investigate the use of a VPN router for household access to allow many devices to share a single connection, though this does require some technical expertise to set up. See our <a href="/setup/router/ddwrt/">DD-WRT router page</a> for more info.
+</div>
+
+Our intention with this policy is to prevent large-scale abuse (sharing of credentials) and ensure fair access for all customers considering that VPN bandwidth is a shared limited resource.
diff --git a/src/content/es/pages/knowledgebase/general/how-many-ips-do-you-have-in-total-or-per-server.md b/src/content/es/pages/knowledgebase/general/how-many-ips-do-you-have-in-total-or-per-server.md
new file mode 100644
index 000000000..0cbadddd7
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/how-many-ips-do-you-have-in-total-or-per-server.md
@@ -0,0 +1,13 @@
+---
+title: How many IPs do you have (in total or per server)? - IVPN Help
+h1: How many IPs do you have (in total or per server)?
+url: /knowledgebase/general/how-many-ips-do-you-have-in-total-or-per-server/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 290
+---
+# How many IPs do you have (in total or per server)?
+
+As a privacy service, we maintain a very small pool of IP addresses per server, usually 3 to 5. We need to keep the number of IP addresses low to ensure sufficient interface crowding on the servers. Crowding is used to increase the total number of users sharing the same IP address, which combined with encryption, makes it harder for a 3rd-party to attribute an outgoing connection to an incoming one. If you are looking for a large pool of IP addresses then you may be better off with a proxy service that specializes in this type of offering.
diff --git a/src/content/es/pages/knowledgebase/general/how-much-does-ivpn-cost.md b/src/content/es/pages/knowledgebase/general/how-much-does-ivpn-cost.md
new file mode 100644
index 000000000..644ddce6b
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/how-much-does-ivpn-cost.md
@@ -0,0 +1,15 @@
+---
+title: How much does IVPN cost? - IVPN Help
+h1: How much does IVPN cost?
+url: /knowledgebase/general/how-much-does-ivpn-cost/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 470
+---
+# How much does IVPN cost?
+
+Please see the pricing on our [sign up](/pricing/) page. 
+
+You may also be interested in [what payment methods does IVPN accept](/knowledgebase/general/what-payment-methods-do-you-accept/).
diff --git a/src/content/es/pages/knowledgebase/general/how-to-verify-warrant-canary-signature.md b/src/content/es/pages/knowledgebase/general/how-to-verify-warrant-canary-signature.md
new file mode 100644
index 000000000..cdaddb306
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/how-to-verify-warrant-canary-signature.md
@@ -0,0 +1,35 @@
+---
+title: How to verify Warrant Canary signature? - IVPN Help
+h1: How to verify Warrant Canary signature?
+url: /knowledgebase/general/how-to-verify-warrant-canary-signature/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 300
+---
+# How to verify Warrant Canary signature?
+
+The warrant canary is signed using a PGP key. Please install [GnuPG](https://www.gnupg.org/) if you haven't already.
+
+To verify the signature:
+
+1.  Download and import the IVPN public key from [/resources/pubkey.txt](/resources/pubkey.txt).
+
+    ```
+    gpg --import pubkey.txt
+    ```
+
+2.  Download the latest canary from [/resources/canary.txt](/resources/canary.txt) and verify.
+
+3.  ```
+    gpg --verify canary.txt
+    ```
+
+You should see a message similar to below confirming the signature is good
+
+```
+gpg: Signature made Tue Nov  4 16:23:00 2014 CET using RSA key ID B647BA69
+gpg: Good signature from "IVPN Administrator "
+```
+
diff --git a/src/content/es/pages/knowledgebase/general/in-which-countries-do-you-have-servers-or-where-are-your-servers-located.md b/src/content/es/pages/knowledgebase/general/in-which-countries-do-you-have-servers-or-where-are-your-servers-located.md
new file mode 100644
index 000000000..949769c96
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/in-which-countries-do-you-have-servers-or-where-are-your-servers-located.md
@@ -0,0 +1,13 @@
+---
+title: In which countries do you have servers / Where are your servers located? - IVPN Help
+h1: In which countries do you have servers / Where are your servers located?
+url: /knowledgebase/general/in-which-countries-do-you-have-servers-or-where-are-your-servers-located/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 260
+---
+# In which countries do you have servers / Where are your servers located?
+
+Please see our [server status](/status/) page.
diff --git a/src/content/es/pages/knowledgebase/general/is-using-l2tporipsec-with-a-public-pre-shared-key-secure.md b/src/content/es/pages/knowledgebase/general/is-using-l2tporipsec-with-a-public-pre-shared-key-secure.md
new file mode 100644
index 000000000..774339f6a
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/is-using-l2tporipsec-with-a-public-pre-shared-key-secure.md
@@ -0,0 +1,25 @@
+---
+title: Is using L2TP/IPSec with a public pre-shared key secure? - IVPN Help
+h1: Is using L2TP/IPSec with a public pre-shared key secure?
+url: /knowledgebase/general/is-using-l2tporipsec-with-a-public-pre-shared-key-secure/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 40
+---
+# Is using L2TP/IPSec with a public pre-shared key secure?
+
+No, it is not secure and should only be used where security is not required/important e.g. If you are streaming content that requires an IP in a different location. To understand why it is not secure read on.
+
+For wide compatibility with client devices and ease of setup the L2TP/IPSec service uses a pre-shared key for authentication. This key is often published on a VPN providers website and is therefor accessible by anyone.
+
+However this pre-shared key is not used to encrypt the data between your device and the VPN servers, only to authenticate the server to the client device. A passive adversary eavesdropping on the connection is unable to decrypt the tunnel data. However there does exist a risk of an active MITM (Man in the middle attack) where the adversary impersonates the VPN server and is then able to decrypt and eavesdrop on the connection.
+
+This capability requires some technical sophistication on the part of the attacker but the possibility is very real and therefore we strongly recommend that customers who require security use an OpenVPN based VPN service. Furthermore [leaked NSA presentations released by the "Der Spiegel" publication](http://www.spiegel.de/media/media-35529.pdf) indicate that IKE is being exploited in an unknown manner to decrypt IPSec traffic.
+
+### Further technical info
+
+IPSec uses a protocol called IKE (Internet Key Exchange) which is used to set up a security association (SA) between the client and server. IKE has two phases, during the first phase the client and server generate and exchange [nounces](http://en.wikipedia.org/wiki/Cryptographic_nonce) after which they perform a [Diffie–Hellman](http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange) key exchange. Both sides then use the nounce, the Diffie-Hellman shared secret and the pre-shared key to generate the IKE keys. These IKE Keys are then used in the second stage to generate the IPSec SA's which contain the session keys used to encrypt the tunnel data.
+
+Because of the Diffie-Hellman operation in phase 1 a passive eavesdropper would be unable to derive the same set of session keys used to encrypt the tunnel data. However as mentioned above an active MITM attack is possible due to the use of the pre-shared key in which case the adversary would be able to eavesdrop or even inject malicious data into the connection.
diff --git a/src/content/es/pages/knowledgebase/general/my-ip-is-being-leaked-by-webrtc-how-do-i-disable-it.md b/src/content/es/pages/knowledgebase/general/my-ip-is-being-leaked-by-webrtc-how-do-i-disable-it.md
new file mode 100644
index 000000000..500000e8d
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/my-ip-is-being-leaked-by-webrtc-how-do-i-disable-it.md
@@ -0,0 +1,37 @@
+---
+title: My IP is being leaked by WebRTC. How do I disable it? - IVPN Help
+h1: My IP is being leaked by WebRTC. How do I disable it?
+url: /knowledgebase/general/my-ip-is-being-leaked-by-webrtc-how-do-i-disable-it/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 30
+---
+# My IP is being leaked by WebRTC. How do I disable it?
+
+WebRTC (Web Real-Time Communication) is an API drafted by the W3C that supports browser-to-browser applications for voice calling, video chat, and P2P file sharing (without the need of either internal or external plugins). WebRTC implements STUN (Session Traversal Utilities for Nat), a protocol that allows the discovery of your externally assigned IP address (to facilitate the applications above).
+
+Due to the way in which Windows selects the adapter when sending traffic (source IP address selection), the request to the STUN server may leak outside of the VPN and expose your ISP issued IP address. However, if you are using a VPN firewall, such as the [IVPN Firewall](/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall/) available in our [apps](/apps/), then these leaks will be blocked.
+
+However, it is still possible for the site to identify your internally assigned IP addresses as these are detected by the browser locally using JavaScript. Please follow the instructions below to disable WebRTC.
+
+To test whether you are vulnerable please visit this [demo page](https://diafygi.github.io/webrtc-ips/).
+
+### Mozilla Firefox
+
+1. Type `about:config` in the address bar.
+
+2. Scroll down to `media.peerconnection.enabled`, double click to set it to `false`.
+
+### Internet Explorer
+
+No action is necessary.
+
+### Google Chrome (Android only)
+
+1. In your Chrome address bar type `chrome://flags/#disable-webrtc` and hit Enter
+
+2. `WebRTC Stun origin` header should be set to **Enabled**
+
+3. Restart your Chrome browser for changes to take effect.
diff --git a/src/content/es/pages/knowledgebase/general/quantum-resistance-faq.md b/src/content/es/pages/knowledgebase/general/quantum-resistance-faq.md
new file mode 100644
index 000000000..2c6db33f4
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/quantum-resistance-faq.md
@@ -0,0 +1,65 @@
+---
+title: Quantum Resistance FAQ - IVPN Help
+h1: Quantum Resistance FAQ
+url: /knowledgebase/general/quantum-resistance-faq/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 10
+---
+# Quantum Resistance FAQ
+
+### Do you offer any protection against quantum computing attacks?
+
+Yes, all IVPN apps provide quantum-resistant WireGuard connections enabled by default.
+
+### How can the VPN tunnel become resistant to quantum computer attacks?
+
+The WireGuard configuration includes an optional parameter called "PresharedKey", which can be used to enhance the security of the VPN connection.
+    
+A PresharedKey (PSK) is a secret key that is shared between the VPN client and server before establishing a connection. The PSK is used to add an additional layer of symmetric encryption, making it more difficult for attackers to break the connection.
+    
+Using a Key Encapsulation Mechanism (KEM) with a PresharedKey (PSK) can potentially increase the quantum resistance of a WireGuard connection, provided that the KEM is based on a post-quantum cryptographic algorithm.
+    
+We make use of the [liboqs](https://github.com/open-quantum-safe/liboqs) library and the following KEM algorithms for exchanging keys:
+    
+- desktop apps: [Kyber-1024](https://pq-crystals.org/kyber/) + [Classic-McEliece-348864](https://classic.mceliece.org/)
+- mobile apps: [Kyber-1024](https://pq-crystals.org/kyber/)
+        
+For more details read about [quantum resistant vpn connections](/knowledgebase/general/quantum-resistant-vpn-connections/).
+
+### How often is PresharedKey rotated?
+
+A new PresharedKey is generated together with the new WireGuard key pair. The frequency at which the keys are rotated can be adjusted from 1 to 30 days.
+
+### Which platforms is quantum resistance available on?
+
+Quantum resistance is available in IVPN apps for all platforms.
+
+### Which servers are quantum-resistant?
+
+All WireGuard servers.
+
+### How can I verify that quantum resistance is enabled?
+
+On desktop apps, navigate to `Settings` - `Connection` - `WireGuard key information` area:
+
+![](/images-static/uploads/desktop-verify-quantum.png)
+    
+On mobile apps, navigate to `Settings` - `WireGuard` - `WireGuard details`:
+   
+<img width="390px" src="/images-static/uploads/mobile-verify-quantum.png"> 
+
+### Is it compatible with other IVPN features like Multi-hop and AntiTracker?
+
+Yes.
+
+### Will it reduce my speed, increase latency?
+
+No, it does not affect the latency or the speed of the connection.
+
+### Can I enable quantum resistance for manual connections using a native WireGuard client or router?
+
+Quantum resistant connections are available only with IVPN apps at this time.
+
diff --git a/src/content/es/pages/knowledgebase/general/quantum-resistant-vpn-connections.md b/src/content/es/pages/knowledgebase/general/quantum-resistant-vpn-connections.md
new file mode 100644
index 000000000..4e9ad58b9
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/quantum-resistant-vpn-connections.md
@@ -0,0 +1,141 @@
+---
+title: Quantum-Resistant VPN connections - IVPN Help
+h1: Quantum-Resistant VPN connections
+url: /knowledgebase/general/quantum-resistant-vpn-connections/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 9
+---
+# Quantum-Resistant VPN connections
+
+Quantum computing poses a threat to VPN security due to its potential to break traditional encryption algorithms (e.g., AES, RSA) and key exchange mechanisms (e.g., Diffie-Hellman) much faster. 
+
+## Current Problems with VPNs and Quantum Resistance
+
+VPNs rely on encryption algorithms like AES (Advanced Encryption Standard) and RSA (Rivest-Shamir-Adleman) to secure data transmission. However, these encryption methods are vulnerable to attacks from quantum computers, which can efficiently solve the underlying mathematical problems and decrypt the data.
+
+Quantum computing has seen significant advancements in recent years, with companies like IBM and Google investing heavily in research and development. As a result, the threat of large-scale quantum computers breaking existing encryption methods is becoming more imminent, necessitating the need for quantum-resistant encryption.
+
+## Possible Solutions for Quantum-Resistant VPNs
+
+### Post-Quantum Cryptography
+
+Post-quantum cryptography focuses on developing new encryption algorithms that are resistant to quantum computing attacks. Several post-quantum algorithms are being researched, including lattice-based, code-based, and multivariate cryptographic schemes.
+Currently, there are no widely-used VPN protocols that have fully adopted post-quantum cryptography (PQC). 
+
+### Hybrid Cryptosystems
+
+Hybrid encryption is an approach that combines classical encryption algorithms with post-quantum encryption algorithms to enhance security during the transition period when both types of cryptography coexist. The idea is to maintain compatibility with existing systems while providing quantum resistance.
+
+In a hybrid encryption scheme, data is encrypted using two separate layers of encryption. The first layer is a classical encryption algorithm, such as AES or RSA, which is widely used and well-understood. The second layer is a post-quantum encryption algorithm, designed to be secure against quantum computers.
+
+By combining both algorithms, even if one of them is compromised, the other layer of encryption should still provide security. In the context of quantum computing, if a quantum computer manages to break the classical encryption algorithm, the post-quantum algorithm would still protect the data.
+
+In a VPN connection, hybrid encryption can be applied to both the data encryption process and the key exchange mechanism. For example, a VPN may use a classical key exchange protocol like Diffie-Hellman alongside a post-quantum key exchange algorithm to establish secure communication channels. Similarly, data transmitted over the VPN could be encrypted using both classical and post-quantum algorithms.
+
+This approach ensures that VPN connections remain secure during the transition to post-quantum cryptography while maintaining compatibility with existing systems and infrastructure.
+
+### Key Encapsulation Mechanism (KEM)
+
+The Key Encapsulation Mechanism (KEM) is a cryptographic primitive used to securely exchange keys between two parties over an insecure channel. Post-quantum KEMs are designed to provide a level of security that is resistant to attacks from quantum computers.
+
+In a VPN connection, the key exchange process is a crucial step in establishing a secure communication channel between the client and server. Traditional key exchange methods, such as Diffie-Hellman (DH) and Elliptic Curve Diffie-Hellman (ECDH), are vulnerable to attacks by quantum computers through Shor's algorithm.
+
+Post-quantum KEMs, such as those based on lattice-based cryptography (e.g., Kyber), error-correcting codes (e.g., Classic McEliece), or multivariate cryptography, are being developed to replace traditional key exchange algorithms that are vulnerable to quantum attacks, such as the widely-used Diffie-Hellman key exchange or RSA.
+
+In a quantum-resistant VPN, a post-quantum KEM is used to establish a shared secret between the client and the server over an insecure channel. This shared secret can then be used as a pre-shared key or as input to derive symmetric keys for encrypting and decrypting the actual data transmitted over the VPN tunnel.
+
+#### Cryptographic libraries that support KEM:
+<br>
+There are several libraries available that provide Key Encapsulation Mechanism (KEM) functionality, including those implementing post-quantum cryptographic algorithms:
+<br></br>
+
+* liboqs (Open Quantum Safe): The Open Quantum Safe (OQS) project, led by the Centre for Applied Cryptographic Research at the University of Waterloo and the National Research Council of Canada, provides the liboqs library. liboqs is a C library that offers a collection of quantum-resistant cryptographic algorithms, including key encapsulation mechanisms and digital signature schemes. The library serves as a testing ground for experimental algorithms and is intended for research and development purposes. You can find the liboqs library on [GitHub](https://github.com/open-quantum-safe/liboqs).
+
+* PQClean: PQClean is another library that offers a collection of implementations of post-quantum cryptography schemes, including KEMs. It focuses on providing clean, secure, and portable implementations of these schemes, which are suitable for integration into various cryptographic libraries and applications. PQClean is available on [GitHub](https://github.com/PQClean/PQClean).
+
+* CRYSTALS (Cryptographic Suite for Algebraic Lattices) libraries: The CRYSTALS project provides implementations of lattice-based cryptographic schemes, including the Kyber KEM and Dilithium digital signature algorithm. Both Kyber and Dilithium are finalists in the NIST Post-Quantum Cryptography Standardization process. The implementations can be found on GitHub ([Kyber](https://github.com/pq-crystals/kyber), [Dilithium](https://github.com/pq-crystals/dilithium)).
+
+These libraries provide a starting point for developers and researchers interested in experimenting with KEM functionality, particularly for post-quantum cryptography. It is important to note that many of these implementations are intended for research, development, and testing purposes, and their security and performance should be carefully evaluated before integrating them into production environments.
+
+## Implementing Quantum Resistance in WireGuard using PresharedKey
+
+WireGuard connections, by default, are not quantum-resistant. WireGuard uses the ChaCha20 encryption algorithm, Poly1305 for authentication, and Curve25519 for key exchange, which are considered secure against classical attacks but are vulnerable to quantum computing attacks.
+To make WireGuard connections more quantum-resistant, a PresharedKey (PSK) can be used in addition to the existing encryption. This adds an extra layer of symmetric encryption to the connection, making it more difficult for potential quantum attackers to break the encryption. 
+
+<div markdown="1" class="notice notice--warning">
+Note, this approach doesn't make the connection entirely quantum-proof as it still relies on classical cryptographic primitives.
+<br></br>
+For complete quantum resistance, a transition to post-quantum cryptographic algorithms is necessary. These algorithms are designed to be secure against both classical and quantum computing attacks. In the future, it's expected that VPN protocols, including WireGuard, will incorporate post-quantum cryptography to provide enhanced security.
+</div>
+
+### Preshared Key (PSK) Concept
+
+The WireGuard configuration includes an optional parameter called "PresharedKey" which can be used to enhance the security of the VPN connection.
+
+A PresharedKey (PSK) is a secret key that is shared between the VPN client and server before establishing a connection. The PSK is used to add an additional layer of symmetric encryption, making it more difficult for attackers to break the connection.
+
+Using a Key Encapsulation Mechanism (KEM) with a PresharedKey (PSK) can potentially increase the quantum resistance of a WireGuard connection, provided that the KEM is based on a post-quantum cryptographic algorithm.
+
+### Exchanging PresharedKey using KEM
+
+The table below is illustrating the algorithm/logic for exchanging a PresharedKey between the client and server using a post-quantum Key Encapsulation Mechanism (KEM).
+
+![](/images-static/uploads/quantum-resistance-1.png)
+
+As an example, see the [Client](https://github.com/open-quantum-safe/liboqs-go/blob/main/examples/client_server_kem/client/client_kem.go) and [Server](https://github.com/open-quantum-safe/liboqs-go/blob/main/examples/client_server_kem/server/server_kem.go) Go-lang implementations of sharing a PresharedKey using a KEM (the example uses liboqs-go, which is a wrapper for the original liboqs library).
+
+## Communication channel options for exchanging the PSK
+
+### Using the initial WireGuard tunnel 
+
+Using this approach the PSK is generated each time before the connection starts. But it uses an initial WireGuard connection for key exchange.
+
+![](/images-static/uploads/quantum-resistance-2.png)
+
+<strong>Pros</strong>: If the API server is blocked for the user, but they are able to access the WireGuard server, we can bypass such blocks and access the API server through the WireGuard tunnel
+
+<strong>Cons</strong>: The need to establish an additional WireGuard tunnel, which will lead to extra delays before establishing a real connection
+
+### Using REST API over HTTPS
+
+Since the Key Encapsulation Mechanism is developed to securely exchange keys between two parties over an insecure channel, it does not matter which channel is used. Using an API call before each WireGuard connection is simpler e.g.:
+
+![](/images-static/uploads/quantum-resistance-3.png)
+
+<strong>Pros</strong>: Easy to implement
+
+<strong>Cons</strong>: Impossible to exchange PSK when the API server is not accessible to a user
+
+### Using REST API over HTTPS only when regenerating WG keys
+
+Using this method, the PSK is updated during the WireGuard keys regeneration phase.
+
+<strong>Pros</strong>: Easy to implement
+
+<strong>Cons</strong>: Using the same PSK for each connection, until the new WireGuard keys are regenerated
+
+## IVPN's solution for quantum-resistant WireGuard connections
+
+IVPN apps and infrastructure make use of the last method for exchanging the PSK (via REST API over HTTPS during WireGuard key regeneration phase) with multiple KEM Algorithms for enhanced security.
+
+The aim of using multiple KEM algorithms for PresharedKey generation is to increase the overall security and robustness of the key exchange process. By combining different KEM algorithms, we create a "hybrid" approach that mitigates the risk of any single algorithm being compromised or broken by an attacker, whether it be a classical or quantum computer. This strategy helps to ensure that even if one algorithm is found to be vulnerable, the other algorithm(s) can still provide a strong level of security for the key exchange.
+
+Chosen algorithms:
+
+1. Kyber (Kyber-1024). Kyber is one of the finalists in the NIST post-quantum cryptography project. It has a high Claimed NIST Level and it has a not too long Public-Key size (1568 bytes).
+
+2. Classic McEliece (Classic-McEliece-348864). It is based on the McEliece cryptosystem, and its security has been studied and withstood attacks for decades. The main disadvantage is the large public key size. That's why we use the Classic-McEliece-348864 variant with the lowest NIST level, as it utilizes the smallest key size possible for this algorithm (261120 bytes).
+
+A PresharedKey rotation is integrated into the current mechanism of WireGuard key rotation using a quantum-resistant Key Encapsulation Mechanism:
+
+* The Client sends multiple public keys (public key for each KEM algorithm)
+* The Server returns multiple ciphers (secrets encoded by different KEM algorithms)
+
+The resulted PresharedKey is calculated as the SHA256 sum of all ciphers by both, client and server, and is used in hardening WireGuard connections against quantum computer attacks.
+
+### Conclusion
+
+Quantum computing presents a significant threat to the security of VPN connections. By adopting post-quantum cryptography and implementing quantum-resistant measures like PresharedKeys in WireGuard, VPN providers can ensure the privacy and security of their users in a post-quantum world.
diff --git a/src/content/es/pages/knowledgebase/general/socks5-proxy-service.md b/src/content/es/pages/knowledgebase/general/socks5-proxy-service.md
new file mode 100644
index 000000000..d7418098f
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/socks5-proxy-service.md
@@ -0,0 +1,163 @@
+---
+title: SOCKS5 Proxy Service - IVPN Help
+h1: SOCKS5 Proxy Service
+url: /knowledgebase/general/socks5-proxy-service/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 210
+---
+# SOCKS5 Proxy Service
+
+## Overview
+
+Our SOCKS v5 proxy service enables you to configure an application, e.g. a web browser to:
+
+1. Route its traffic through a different VPN server than the one you are connected to. This enables you to effectively set up VPN connections to multiple VPN servers at the same time. For example you could connect to the Paris VPN server but configure your Firefox web browser to exit the Singapore VPN server. All your traffic will exit the Paris server except for traffic from the Firefox web browser which will exit the Singapore VPN server. With the Firefox Multi-Account Containers addon you can even configure different VPN servers for each tab of the Firefox browser.
+1. Force traffic to be unrouteable if the VPN connection is terminated (application kill switch). The IVPN app firewall already prevents any traffic leaking outside of the VPN connection whilst connected, though you may want an additional kill switch if you need to disable the IVPN firewall to access local or remote resources. This works because our SOCKS5 proxies are only available when the VPN is connected, so if the VPN is disconnected, the proxy is not available and no traffic can leak from the application.
+
+## How to use the SOCKS5 service
+
+All IVPN VPN servers offer a SOCKS v5 proxy service.  The service is available on port `1080` when the VPN is connected.  SOCKS5 proxy services are not available when the VPN is disconnected.
+
+The local IP address for the proxy service is `10.1.0.1` and this address is associated with the DNS name `socks5.gw.ivpn.net`, which is the VPN server hosting the client device's connection. This is helpful if you want to configure an application to always send its traffic to the SOCKS5 proxy on the same server that you are connected to giving you the additional kill switch functionality described in the overview above.
+
+Hostnames are available on our [server status page](https://www.ivpn.net/status), though typically follow the rule of adding `socks5.` at the beginning of the VPN server's hostname, like `socks5.es1.gw.ivpn.net` or `socks5.nl1.wg.ivpn.net`.
+
+No authentication (username/password) is required for the proxy connection.
+
+## Add SOCKS5 Proxy Settings
+
+### All platforms: Mozilla Firefox
+
+1. Go to the Firefox `Settings/Preferences` area, search for **proxy**, then click the `Settings...` button
+
+1. Select `Manual Proxy configuration`
+
+1. In the `SOCKS Host` field, enter the desired IP address or hostname.  Check our [server status page](https://www.ivpn.net/status) for proxy IP addresses and hostnames
+
+1. In the `Port` field beside the `SOCKS Host` field, enter **1080**
+
+1. Make sure `SOCKS v5` is selected
+
+1. Put a checkmark beside `Proxy DNS when using SOCKS v5` otherwise the VPN server's DNS will be used for DNS queries
+
+1. Click `OK`
+
+![](/images-static/uploads/socks5-firefox.png)
+
+Select `No Proxy` at the top of the `Connection Settings` area to disable the proxy settings.
+
+### All platforms: Firefox Multi-Account Containers
+
+The Firefox Multi-Account Containers add-on allows you to associate tabs with a specific container. Tabs in different containers use separate website storage areas, which limits 3rd party tracking and also enables other features such as being able to sign in to the same account (e.g. Gmail) with two different identities in the same browser. Another feature of these containers is that they can be configured with their own SOCKS5 proxy so we can create one or multiple containers each associated with different exit VPN servers. For example, you could be connected to the London server with the IVPN app, but have three tabs open, one sending traffic to the Amsterdam VPN server, one to the Singapore VPN server and one to the Kyiv VPN server (all via the SOCKS5 proxy on those servers).
+
+1. Install the [Firefox Multi-Account Containers add-on](https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/)
+
+1. Click the extension icon in the toolbar and select `Manage Containers`, then `New Container`
+
+1. Give the container a name e.g. `IVPN - Amsterdam` and a color to easily identify tabs in this container and click `OK`
+
+1. Click on the extension icon in the toolbar again and select `Manage Containers` and select the container you just created
+
+1. Click on the link at the bottom `Advanced proxy settings`, enter the proxy address (e.g. `socks://socks5.nl8.gw.ivpn.net:1080` or `socks://socks5.sg1.gw.ivpn.net:1080`) and click `Apply to container`
+
+1. Open a new tab in this container by selecting the extension icon and selecting the container name and navigate to [DNSleaktest.com](https://www.dnsleaktest.com) to verify that the VPN traffic is exiting in the location you configured
+
+{{< video src="/images-static/uploads/firefox-multi-account-containers-ivpn-demo.mp4" type="video/mp4" preload="auto" >}}
+
+### Windows: [Chromium-based browsers](https://en.wikipedia.org/wiki/Chromium_(web_browser)), like Brave, Google Chrome, Microsoft Edge, Opera
+
+1. Edit the browser shortcut properties by clicking the desktop icon and pressing `Alt + Enter`
+
+1. At the end of the the `Target:` field, add a space plus `--proxy-server=socks5://` plus the proxy server IP address or hostname:
+
+    ` --proxy-server=socks5://10.1.0.1` (proxy on connected VPN server)
+
+    ` --proxy-server=socks5://socks5.gw.ivpn.net` (proxy on connected VPN server)
+
+    ` --proxy-server=socks5://socks5.fr1.gw.ivpn.net` (proxy on `fr1` server in France)
+
+1.   Click `OK` to apply and save the changes
+
+![](/images-static/uploads/socks5-edge.png)
+
+Remove the added `--proxy-server=socks5://...` text from the end of the `Target:` field to disable the proxy settings.
+
+### macOS: Safari
+
+1. Open the Safari Preferences
+
+1. Go to `Advanced > Proxies:` and click the `Change Settings...` button
+
+1. Put a checkmark beside `SOCKS Proxy`
+
+1. Enter the desired IP address or hostname in the `SOCKS Proxy Server` field.  Check our [server status page](https://www.ivpn.net/status) for proxy IP addresses and hostnames
+
+1. In the `Port` field beside the `SOCKS Proxy Server` field, enter **1080**
+
+1. Click the `OK` button on the `Advanced` settings screen
+
+1. Click the `Apply` button on the `Network` screen
+
+Remove the check mark beside `SOCKS Proxy` in the `Network > Advanced > Proxies` area, then click `OK` and `Apply` to disable the proxy settings.
+
+![](/images-static/uploads/sock5-macos.png)
+
+### macOS: [Chromium-based browsers](https://en.wikipedia.org/wiki/Chromium_(web_browser)), like Brave, Google Chrome, Microsoft Edge, Opera
+
+1. Open the browser Settings
+
+1. Search for "proxy" and click the button to "Open your computer's proxy settings"
+
+1. Enter the desired IP address or hostname in the `SOCKS Proxy Server` field.  Check our [server status page](https://www.ivpn.net/status) for proxy IP addresses and hostnames
+
+1. In the `Port` field beside the `SOCKS Proxy Server` field, enter **1080**
+
+1. Click the `OK` button on the `Advanced` settings screen
+
+1. Click the `Apply` button on the `Network` screen
+
+Remove the check mark beside `SOCKS Proxy` in the `Network > Advanced > Proxies` area, then click `OK` and `Apply` to disable the proxy settings.
+
+### Android and iOS
+
+Android and iOS currently support HTTPS proxy services; SOCKS5 proxies are not supported.
+
+
+## Compatibility with Other IVPN Features
+
+### AntiTracker
+
+No.
+
+The standard DNS is used by the SOCKS5 proxy.  This standard DNS runs on the VPN server itself and all DNS queries are fully encrypted.
+
+### Custom DNS ([IVPN app](https://www.ivpn.net/apps/))
+
+No.
+
+The standard DNS is used by the SOCKS5 proxy.  This standard DNS runs on the VPN server itself and all DNS queries are fully encrypted.
+
+### IPv6
+
+IPv6 sites and services are available through the proxy connection, though a pure IPv6 proxy service is not available.  Proxy IP addresses are currently in the IPv4 address space.  All VPN protocols provide this IPv6-through-IPv4 access, which differs from a VPN-only connection where IPv6-through-IPv4 is available for WireGuard connections.
+
+### Multi-Hop
+
+Yes, with port-based Multi-Hop.  Add a proxy to a web browser and it results in a triple-hop connection: **entry server** to **exit server** to **proxy server**.
+
+The original Multi-Hop system used a suffix on the IVPN Account ID, like `@fr` to exit in France, and this original system is not 100% compatible with the SOCKS5 proxy service.  For a triple-hop connection and access to all proxy servers, please switch from this original suffix-based system to the port-based system.  This [knowledge base article](https://www.ivpn.net/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) offers details on switching to port-based Multi-Hop.
+
+### Obfsproxy
+
+Yes, for Windows, macOS, and Linux.
+
+### Split Tunnel ([IVPN app](https://www.ivpn.net/apps/))
+
+No.  A web browser included in the split tunnel bypass list will not be able to make use of the proxy service.
+
+### VPN Protocols
+
+Yes.  All VPN protocols provided by IVPN are supported (IPSec with IKEv2, OpenVPN, WireGuard).
diff --git a/src/content/es/pages/knowledgebase/general/split-tunnel-faq.md b/src/content/es/pages/knowledgebase/general/split-tunnel-faq.md
new file mode 100644
index 000000000..2a0d11ac2
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/split-tunnel-faq.md
@@ -0,0 +1,62 @@
+---
+title: Split Tunnel FAQ - IVPN Help
+h1: Split Tunnel FAQ
+url: /knowledgebase/general/split-tunnel-faq/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 589
+---
+# Split Tunnel FAQ
+
+1.  ### What is Split Tunnel?
+    Split Tunnel is a feature that lets you choose which apps use the VPN tunnel and which bypass it. Check the following [article](/knowledgebase/general/split-tunnel-uses-and-limitations/) for more details on the feature uses and limitations.
+
+2.  ### Which platforms is Split Tunnel available on?
+    The Split Tunnel feature is currently available on our apps for Windows, Linux and Android.
+
+3.  ### What types of VPN Split Tunneling do you offer?
+
+    #### App-based Split Tunneling (Windows, Linux and Android) 
+    All apps on the system are using the VPN connection with the exception to those added to the Split Tunnel list.
+    
+    #### Inverse app-based Split Tunneling (Windows and Linux)
+    Apps in the Split Tunnel list use the VPN connection. Everything else on the system is not using the VPN.
+
+4.  ### Can I use Split Tunnel to exclude a specific website/s from the VPN?
+    We do not currently offer a URL-based Split Tunnel functionality.
+
+5.  ### Which DNS server does the app added to the Split Tunnel list use?
+    If the [IVPN Firewall](/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall/) is enabled, apps excluded from the VPN tunnel will use the DNS server set by the IVPN app. Otherwise, DNS requests may leak to your ISP.
+
+    In the Inverse Split Tunnel mode, the DNS requests may leak to your ISP provided DNS servers unless `Block DNS servers not specified by the IVPN application` option is enabled.
+    
+    Run the extended test on the [dnsleaktest](https://dnsleaktest.com) page to confirm.
+
+6.  ### How can I activate the Split Tunnel?
+
+    #### Windows
+    In the IVPN app, go to `Settings` - `Split Tunnel`, enable the `Split Tunnel` option, click on the `Add application` button and select the app from the list or add the path to the app's executable manually.
+    
+    For inverse Split Tunnel functionality, have the `Inverse mode` option checked. Note, you cannot use the IVPN Firewall in this mode.
+
+    Split Tunnel can also be managed via CLI. Run `ivpn splittun -h` command for details.
+
+    You can have multiple apps added to the Split Tunnel list. The user defined Split Tunnel configuration persists through the system reboot and is automatically applied when the IVPN app is started.
+
+    It is impossible to add some apps to the Split Tunnel list (e.g  apps installed via Microsoft Store).
+
+    #### Linux
+    To start the app in the Split Tunnel environment, it has to be launched from the IVPN app.
+
+    Navigate to `Settings` - `Split Tunnel`, enable the `Split Tunnel` option, click on the `Launch application` button and start the required app from the list or by specifying the path to the binary.
+
+    For inverse Split Tunnel functionality, have the `Inverse mode` option checked. Note, you cannot use the IVPN Firewall in this mode.    
+
+    The apps can also be quickly started in the Split Tunnel environment from the app's main UI window by clicking on the `+` icon in the `Split Tunnel mode active` area, as well as via the terminal (see `ivpn splittun -h` for details).
+
+    #### Android
+    In the IVPN app, access `Settings` by tapping on the `Gear` icon in the top right. Navigate to `Split Tunnelling` area and toggle the switch **'On'** next to the apps you want to use the VPN and **'Off** for those that must to use your default connection.
+
+    The user defined Split Tunnel configuration persists through the system reboot and is automatically applied when the IVPN app is started.
\ No newline at end of file
diff --git a/src/content/es/pages/knowledgebase/general/split-tunnel-uses-and-limitations.md b/src/content/es/pages/knowledgebase/general/split-tunnel-uses-and-limitations.md
new file mode 100644
index 000000000..7b744fdd8
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/split-tunnel-uses-and-limitations.md
@@ -0,0 +1,53 @@
+---
+title: Split Tunnel Uses and Limitations - IVPN Help
+h1: Split Tunnel Uses and Limitations
+url: /knowledgebase/general/split-tunnel-uses-and-limitations/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 590
+---
+# Split Tunnel Uses and Limitations
+
+The IVPN App's split tunnel feature offers a way to bypass the VPN tunnel for select applications and services e.g. to access video streaming services or for gaming. This is a convenient way to protect your privacy while offering the convenience of accessing content and services that may not be friendly to VPN server IP addresses.
+
+With any convenience, there is often a trade-off. For the split tunnel feature, the trade-off is an intentional leak. The IVPN App has been designed to prevent leaks, so please be aware that these intentional leaks present with the split tunnel feature may include unexpected behaviours. These are detailed below.
+
+**Active Applications and Connections**
+
+The split tunnel feature has an impact on applications and connections that are launched after the split tunnel is activated and the VPN is connected. Applications and connections that were already active before the split tunnel is enabled may still use the VPN connection instead of bypassing it.
+
+For example, after the VPN is connected, when an already-open web browser is added to the split tunnel application list, that web browser will continue to use the VPN tunnel. Restart the web browser to make use of the split tunnel bypass.
+
+Torrents present an interesting example. When the VPN connection is enabled and a torrent client is not part of the split tunnel bypass, all peer connections use the VPN connection. Add the torrent client to the split tunnel list and activate the bypass feature in the IVPN App and existing peer connections will continue to use the VPN while any new peer connections will bypass the VPN. Restart the torrent client to make sure all connections bypass the tunnel (if this is your preference).
+
+Generally, restarting an application after enabling the split tunnel feature will make sure its traffic bypasses the VPN.
+
+**Child Processes**
+
+An application added to the split tunnel list might spawn child processes (additional programs running independently in-support-of or to-provide-extra-features-for the parent application). These child processes will make use of the tunnel based on the status of the parent process in the split tunnel application list.
+
+Valve's Steam client is an example of a parent application that spawns child processes (the games themselves). When the Steam client is in the split tunnel application list, games launched will also make use of the bypass.
+
+Other gaming launchers, like the Epic Games Launcher, may behave in a similar manner. One way to test for certain is to check ping times to gaming servers. Games that bypass the VPN will likely have lower ping times to servers that are geographically close. Games that use the VPN will likely have higher ping times due to the extra hop through the VPN server.
+
+**DNS**
+
+The Domain Name System (DNS) offers a way to turn a network hostname, like [ivpn.net](https://ivpn.net), into an IP address. Network communication relies on IP addresses and hostnames are offered to make accessing network clients easy for humans.
+
+An application that uses the split tunnel feature in the IVPN App will likely rely on the operating system's DNS service, which is likely protected by the IVPN App's VPN connection. DNS queries from a web browser that uses the split tunnel, for example, may appear to come from the VPN server, which may have an impact on accessing some online content. Run a [DNS leak test](https://www.dnsleaktest.com/) to be certain.
+
+Using an application's built-in DNS option, like [Mozilla Firefox's DNS-over-HTTPS feature](https://support.mozilla.org/en-US/kb/firefox-dns-over-https#w_manually-enabling-and-disabling-dns-over-https), offers a way to correct unexpected DNS-related issues.
+
+The IVPN App includes a [Custom DNS](https://www.ivpn.net/knowledgebase/general/custom-dns/) feature that handles DNS requests for all applications on the system, whether they use the VPN tunnel or bypass it via the split tunnel.  Switching to a Custom DNS server in the IVPN App might help with applications that do not behave as expected, though please consider that all requests on the system will use this DNS and not the VPN server's DNS. 
+
+**Multicast and UDP**
+
+Applications designed to receive Multicast or UDP packets might end up dropping incoming packets depending on the local network interface binding and precedence. Testing is likely required to confirm whether an application or service behaves as expected when it is part of the split tunnel list and excluded from the VPN with respect to Multicast and UDP traffic.
+
+**Privacy**
+
+Bypassing the VPN tunnel for some applications and services means that your ISP and any observer can see the actual destination of some of your Internet traffic. The convenience of accessing content or improving a gaming experience is ultimately a choice.
+
+Please consider the privacy implications when adding applications to the IVPN App's split tunnel application list.
diff --git a/src/content/es/pages/knowledgebase/general/tcp-and-udp-connections.md b/src/content/es/pages/knowledgebase/general/tcp-and-udp-connections.md
new file mode 100644
index 000000000..35301d9d6
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/tcp-and-udp-connections.md
@@ -0,0 +1,21 @@
+---
+title: TCP and UDP Connections - IVPN Help
+h1: TCP and UDP Connections
+url: /knowledgebase/general/tcp-and-udp-connections/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 590
+---
+# TCP and UDP Connections
+
+Generally, UDP traffic is more a efficient protocol compared to TCP due to the simpler design. UDP is a lightweight protocol with no ordering of messages, no connection tracking, and fewer packets for overhead. TCP is a heavyweight protocol with more overhead required for the initial handshake and every subsequent packet.
+
+UDP is typically used for video streaming and Internet service providers have a tendency to employ traffic shaping techniques to keep the massive quantities of video traffic under control. This shaping can catch UDP-based VPN traffic accidentally, which may result in a slower connection that expected. Switching to the TCP protocol may result in a connection with better performance.
+
+By default, IVPN apps and our [OpenVPN configuration files](/openvpn-config) use a UDP connection to take advantage of the benefits and efficiency of the protocol. We offer OpenVPN connections on UDP 53, 80, 443, 1194, 2049, 2050 and TCP 80, 443, 1443. Since all networks are different, our IVPN apps makes it easy to [change the protocol and port](/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect/) for the connection.
+
+For manual OpenVPN connections, you can also generate and download TCP-based [OpenVPN configuration files](/openvpn-config).
+
+Currently, IPSec and WireGuard only use UDP-based connections, so there are fewer tuning options. IPSec is the least configurable because it only accepts connections on UDP port 500. WireGuard can accept connections on any UDP port. We offer ports 53, 80, 443, 1194, 2049, 2050, 30587, 41893, 48574, and 58237 for WireGuard connections.
diff --git a/src/content/es/pages/knowledgebase/general/using-wireguard-for-privacy-protection.md b/src/content/es/pages/knowledgebase/general/using-wireguard-for-privacy-protection.md
new file mode 100644
index 000000000..fee4ae7f6
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/using-wireguard-for-privacy-protection.md
@@ -0,0 +1,172 @@
+---
+title: Using WireGuard® for Privacy Protection - IVPN Help
+h1: Using WireGuard® for Privacy Protection
+url: /knowledgebase/general/using-wireguard-for-privacy-protection/
+sections:
+    - general
+    - privacy
+sectionTitle: General
+layout: help-details
+weight: 530
+---
+# Using WireGuard® for Privacy Protection
+
+WireGuard® is a new VPN protocol that utilises state-of-the-art cryptography. It aims to be simpler and more performant than IPsec and OpenVPN. This promises huge benefits for its users:
+
+- Much easier to audit, due to its small codebase
+- Faster speeds
+- Easy to configure
+- More reliable: it supports user roaming and has less overhead
+
+If you're not familiar with it, we highly recommend reading the excellent [white paper on WireGuard, written by its author, Jason A. Donenfeld](https://www.wireguard.com/papers/wireguard.pdf).
+
+### Security vs Privacy
+
+WireGuard was not designed with commercial VPN providers who offer privacy services in mind. As such, it leaves certain issues (e.g. IP address assignment, key distribution etc.) to the implementers.
+
+The border between privacy and security is very blurred by nature and needs to be specifically defined, so as to understand, where WireGuard makes compromises that need to be addressed.
+
+We define the split as the following:
+
+- The security of the protocol is concerned with protecting the data in a tunnel from being accessed by adversaries: either by breaking the encryption, MITM attacks, or by any other means, no matter how complicated.
+
+- Privacy is concerned with whether an adversary can learn anything about you, your communication or any party you've communicated with. It has more to do with the metadata rather than the actual data.
+
+Privacy can be violated, even when security is rock solid. For example, when the fact that two parties communication can be determined. Or when a certain piece of information about a party becomes known after the communication took place. However, it should be noted that, if security is weak, privacy cannot be guaranteed at all.
+
+WireGuard provides a very high level of security, let's take a look at where it is not particularly effective at with protecting privacy, and how we at IVPN fix these issues.
+
+### Problem 1: The public IP address of a peer is stored in memory indefinitely
+
+If you run WireGuard command line utility wg(8) on a server with root privileges, you will see entries similar to this:
+
+```
+peer: TmljZSBUcnkgISA6KSB3b3J0aCBjaGVja2luZw==
+endpoint: 198.51.100.23:39812
+allowed ips: 192.0.2.131/32 
+latest handshake: 22 hours, 42 minutes, 5 seconds ago
+transfer: 1.99 KiB received, 2.76 KiB sent
+```
+
+As you can see, WireGuard is associating public IP address of a peer (endpoint field in the output above) with the key.
+
+This is not really any different from any other VPN protocol: it needs to know where to send encrypted packets to.
+
+What is different is that other protocols keep track if the peer is active. When a peer is determined to be inactive, or if the connection is closed, other VPN protocols purge the peer information. WireGuard doesn't do this.
+
+WireGuard doesn't really have a concept of a connection, it is connection-less, peers can stop exchanging data at any time and expect to be able to continue at any point in the future. This helps, for example, when a peer wakes from sleep mode or when a user is roaming and switches from mobile to Wi-Fi.
+
+This is not optimal for privacy, however, as a peer's IP address may be stored long after it stops sending data to the tunnel.
+
+#### Solution
+
+The WireGuard protocol uses sessions to manage various aspects of the peer data exchange, sessions last maximum for 180 seconds.
+
+Internally WireGuard stores the time of the latest handshake so that it knows what to do when exchanging data with a peer:
+
+- When fewer than 120 seconds have elapsed, just send data as the session is still active
+
+- 120 to 179 seconds have elapsed, send data and interleave a handshake to renew the session.
+
+- More than 180 seconds have elapsed, handshake to renew the session before data is sent.
+
+Knowing this, we can solve the issue of WireGuard holding on to peer information indefinitely and reduce it to a minimum.
+
+When it is reasonably clear that the remote peer has stopped talking (i.e. latest handshake is more than 180 seconds ago), the peer's configuration can be deleted and then reinstated.
+
+This removes the peer information and configures the server to wait for an incoming handshake. The example above becomes:
+
+```
+peer: TmljZSBUcnkgISA6KSB3b3J0aCBjaGVja2luZw==
+allowed ips: 192.0.2.131/32
+```
+
+We handle this within our "key management daemon" – specially developed software which manages keys on our gateway.
+
+It scans the list of peers for those that have the latest handshake time greater than 180 seconds ago and deletes/reinstates their configuration.
+
+Our KMD interacts directly with the WireGuard kernel module to manage the information it requires (we don’t write config files).
+
+#### Summary
+
+We don't store connection data or metadata about your keys and we take care to ensure that we don't hold on to data any longer than is required by the WireGuard protocol for optimal usage.
+
+### Problem 2: WireGuard doesn't provide a mechanism for tunnel IP address allocation.
+
+In order to operate, each tunnel requires an internal tunnel IP address to be assigned on both ends, regardless of which protocol is used.
+
+Protocols like OpenVPN and IPSec rely on DHCP to assign a dynamic tunnel IP address during connection to the peer.
+
+However, as discussed above, WireGuard doesn't have the concept of connections. And because of its architecture, it cannot rely on mechanisms like DHCP for tunnel IP address assignment to the peers.
+
+In WireGuard, the responsibility to allocation tunnel IP addresses in shifted away from the protocol and to the user. In some environments, a simple static address assignment may be possible.
+
+However, this doesn't scale well to large numbers of clients. A mechanism is required to dynamically generate tunnel IP addresses and distribute public keys prior to the connection being made.
+
+This mechanism should be implemented in a way that the privacy of customers cannot be compromised.
+
+#### Solution
+
+At IVPN, we solve this by assigning a random tunnel IP address for each key provided.
+
+It works like this:
+
+1. You generate a key pair.
+2. You provide us with the public key.
+3. We generate a random IP address from a huge private network range and return it back to you.
+4. We distribute both, your public key and the generated IP address to all our gateways.
+5. You configure your client with the private key you generated in step 1 and the IP address we returned in step 3.
+
+All of these steps are done automatically in a fraction of a second when using our apps.
+
+Since the private network range is huge, we can allocate random addresses from it and not worry that we will run out of them. Neither do we have to reclaim any previously-used internal IP addresses to avoid exhaustion.
+
+IP Addresses are deleted together with keys, either by apps (when you log out), or alternatively when your account gets suspended or cancelled or by you through our website.
+
+#### Summary
+
+We allocate random tunnel IP addresses which we provide to you or our Apps to complete the WireGuard connection setup. There is no need for us to keep track of the usage of these addresses nor reclaim them since they are allocated from the huge private network range.
+
+For added privacy, we provide a mechanism to rotate these addresses at your request, as described below.
+
+### Problem 3: Without real dynamic IP address allocation, users can be tracked under some circumstances.
+
+As discussed in previous sections, WireGuard relies on statically assigned tunnel IP addresses, while other protocols like OpenVPN and IPSec, can change the tunnel IP address on every connection.
+
+The private tunnel IP address should never be seen on the public internet, as it’s always secured by the protocol's encryption.
+
+If an adversary monitors the traffic, there is no way to know that the packet from a specific user on the public internet is associated with a particular device or internal tunnel IP address.
+
+However, software running on the user's computer may actually see your tunnel interface and the associated internal IP address.
+
+Another option to extract this tunnel IP address is through WebRTC if it is enabled in a browser etc.
+
+If extracted, this can serve as an identifier, when other measures are not implemented.
+
+#### Solution
+
+All IVPN clients apps support periodically changing IP addresses. This process is implemented together with key regeneration (see below).
+
+By default, this happens once per day and can be changed from within the app's settings to up to once every 30 days.
+
+#### Summary
+
+Your tunnel IP address is no longer static and it becomes more difficult to track a user if it gets exposed through WebRTC or by software.
+
+### Problem 4: WireGuard doesn't offer "identity-hiding forward secrecy"
+
+As discussed on the WireGuard [mailing list](https://lists.zx2c4.com/pipermail/wireguard/2019-January/003777.html), the WireGuard protocol doesn't offer identity-hiding forward secrecy.
+
+If an attacker records all traffic to/from a server, then breaks into the server and extracts the WireGuard private key from it, they will be able to correlate traffic with specific users.
+
+#### Solution
+
+All IVPN client apps support periodic, automatic key regeneration which also changes the internal IP address. During this process, the client creates a new key pair and uploads a new key to the server, and we provide the client with a new IP address.
+
+The new key is distributed to our servers and the client switches to using it and the new IP address. This is designed to be completely transparent to the user.
+
+The default is to regenerate the key once per day. It can be changed in the app's settings to be regenerated between once a day to once every 30 days.
+
+#### Summary
+
+Previous sessions cannot be identified or tracked.
diff --git a/src/content/es/pages/knowledgebase/general/what-are-tcp-connections.md b/src/content/es/pages/knowledgebase/general/what-are-tcp-connections.md
new file mode 100644
index 000000000..2f44c908b
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/what-are-tcp-connections.md
@@ -0,0 +1,20 @@
+---
+title: What are TCP connections? - IVPN Help
+h1: What are TCP connections?
+url: /knowledgebase/general/what-are-tcp-connections/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 80
+---
+# What are TCP connections?
+
+The IVPN client uses the UDP protocol by default as it is the fastest. If you are unable to connect using UDP you may wish to connect using TCP. We offer the ability to use TCP for cases when the underlying Internet connection is not stable or you are positioned behind a very restrictive firewall. Both protocols are equally secure.
+
+| # Normal (UDP) mode | # TCP mode |
+|---|---|
+| Faster | Slower (usually around 5-10%) |
+| Can be slower with a very unreliable Internet connection | Very stable even with an unreliable connection |
+| Works through most firewalls | Should work through even more restrictive firewalls |
+| Maximum security | Maximum security |
diff --git a/src/content/es/pages/knowledgebase/general/what-is-a-multihop-vpn-service.md b/src/content/es/pages/knowledgebase/general/what-is-a-multihop-vpn-service.md
new file mode 100644
index 000000000..d7826e772
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/what-is-a-multihop-vpn-service.md
@@ -0,0 +1,15 @@
+---
+title: What is a Multi-hop VPN service? - IVPN Help
+h1: What is a Multi-hop VPN service?
+url: /knowledgebase/general/what-is-a-multihop-vpn-service/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 570
+---
+# What is a Multi-hop VPN service?
+
+When connecting to a Multi-hop server, instead of your traffic being routed through a single VPN server, it is routed through two VPN servers. This technology has been carefully incorporated into the IVPN network using the same 256-bit OpenVPN and WireGuard encryption as the single-hop VPN servers. Multi-hop connections offer significantly higher levels of anonymity and privacy, however, they are slightly slower than single-hop connections due to the additional hop that your traffic is routed through. We offer our customers a choice of single and Multi-hop connections for both WireGuard and OpenVPN.
+
+The Multi-hop feature is available in our Pro plan.
diff --git a/src/content/es/pages/knowledgebase/general/what-is-the-default-encryption-cipher-for-vpn-connections.md b/src/content/es/pages/knowledgebase/general/what-is-the-default-encryption-cipher-for-vpn-connections.md
new file mode 100644
index 000000000..26889ec25
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/what-is-the-default-encryption-cipher-for-vpn-connections.md
@@ -0,0 +1,15 @@
+---
+title: What is the default encryption cipher for VPN connections? - IVPN Help
+h1: What is the default encryption cipher for VPN connections?
+url: /knowledgebase/general/what-is-the-default-encryption-cipher-for-vpn-connections/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 510
+---
+# What is the default encryption cipher for VPN connections?
+
+If you use OpenVPN 2.4 or later and do not specify a cipher in your OpenVPN configuration file, then `AES-256-GCM` is used by default. If use a version of OpenVPN older than v2.4 then `AES-256-CBC` will be used as the default.
+
+If you use WireGuard, ChaCha20 is in place to encapsulate packets.
diff --git a/src/content/es/pages/knowledgebase/general/what-makes-ivpn-so-fast.md b/src/content/es/pages/knowledgebase/general/what-makes-ivpn-so-fast.md
new file mode 100644
index 000000000..7ba0a32d5
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/what-makes-ivpn-so-fast.md
@@ -0,0 +1,25 @@
+---
+title: What makes IVPN so fast? - IVPN Help
+h1: What makes IVPN so fast?
+url: /knowledgebase/general/what-makes-ivpn-so-fast/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 50
+---
+# What makes IVPN so fast?
+
+The IVPN network was designed to be as fast as possible to encourage customers to remain connected 24/7. We have researched the international wholesale bandwidth markets to find network providers with the most reliable and high performance tier 1 bandwidth. Premium bandwidth is expensive but this is the foundation for a fast service. Consider the following about speed:
+
+- It is commonly misunderstood that speed = capacity. If someone asks how fast is your connection and you say 30Mb/s then you are referring to the capacity or bandwidth of the connection, not the speed. The combination of latency and bandwidth gives the perception of how fast a connection is. So bandwidth refers to how wide the pipe is, not how fast it is. Latency is the delay caused by the time it takes for a packet to travel from the source to the destination. Together, latency and bandwidth define the speed of a network.
+
+- Bandwidth and latency are related. If the bandwidth is saturated then congestion occurs and latency is increased. However, if the bandwidth of a connection is not saturated, the latency will not decrease. Bandwidth can always be increased but latency cannot be decreased. Use the ping utility to measure the latency between your device and our servers.
+
+- We've placed VPN servers as physically close to our customer base as possible and continually revise existing and new locations for opportunities to get servers closer to customers thereby decreasing the latency and increasing the speed of our VPN service. 
+
+- We build VPN servers which can easily handle the heavy encryption overhead for hundreds of users simultaneously. We have a minimum server specification which includes multi-core Xeon processors.
+
+- We maintain an extremely low subscriber ratio per server to ensure that performance does not decline at peak periods. The majority of our servers operate at a fraction of their capacity to allow for bursts during high demand periods.
+
+- Finally, high performance relies on constant monitoring to forward plan capacity and resolve communication problems as close to real time as possible. We've implemented a 24/7 enterprise class monitoring system to alert our network engineers of any issues and allow us to spot trends and ensure we can always meet our customers expectations.
diff --git a/src/content/es/pages/knowledgebase/general/what-payment-methods-do-you-accept.md b/src/content/es/pages/knowledgebase/general/what-payment-methods-do-you-accept.md
new file mode 100644
index 000000000..2a7c2fd29
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/what-payment-methods-do-you-accept.md
@@ -0,0 +1,25 @@
+---
+title: What payment methods do you accept? - IVPN Help
+h1: What payment methods do you accept?
+url: /knowledgebase/general/what-payment-methods-do-you-accept/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 400
+---
+# What payment methods do you accept?
+
+IVPN accepts the following payment methods via our website:
+
+* Bitcoin (via our own BTCPay server)
+* Monero (self-hosted)
+* PayPal
+* Credit/Debit Cards (except American Express and any types of Prepaid/Gift Cards)
+* In-app payments via our mobile apps for [iOS](/apps-ios/) and [Android](/apps-android/) (Play Store version only)
+* Physical voucher cards
+* Cash
+
+To pay with cash see [how can I pay with cash](/knowledgebase/billing/how-can-i-pay-with-cash/). Voucher cards can be purchased on [Amazon US](https://www.amazon.com/dp/B0BL8FWDRL).
+
+We run our own nodes for both Bitcoin and Monero.
diff --git a/src/content/es/pages/knowledgebase/general/what-speed-can-i-expect-or-how-fast-is-ivpn.md b/src/content/es/pages/knowledgebase/general/what-speed-can-i-expect-or-how-fast-is-ivpn.md
new file mode 100644
index 000000000..f7eee71b0
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/what-speed-can-i-expect-or-how-fast-is-ivpn.md
@@ -0,0 +1,19 @@
+---
+title: What speed can I expect / how fast is IVPN? - IVPN Help
+h1: What speed can I expect / how fast is IVPN?
+url: /knowledgebase/general/what-speed-can-i-expect-or-how-fast-is-ivpn/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 60
+---
+# What speed can I expect / how fast is IVPN?
+
+This is a difficult question to answer accurately without testing. All our servers are deployed on industry-leading tier-1 multi-gigabit networks with full-duplex gigabit ethernet interfaces. However, the performance you experience when connected to the IVPN network is based on much more than the theoretical maximum throughput of our servers.
+
+We maintain a very low ratio of users per server to ensure sufficient bandwidth is available at all times. Most customers in the USA and Europe find that they can sustain around 70% of the underlying Internet bandwidth depending on factors such as time of day and whether the server is on the same continent. When testing, always use a downloading application that can open enough download processes to saturate your connection.
+
+For more information about the speed of our network, see [what makes IVPN so fast](/knowledgebase/general/what-makes-ivpn-so-fast/).
+
+Although we do not have a free trial option, we offer an affordable one week paid plan which can be used to test the speed of our servers. With our [30-day money-back guarantee](/refunds/), you can [sign up](/signup/) and try IVPN with no risks.
diff --git a/src/content/es/pages/knowledgebase/general/what-technologies-do-you-use-at-ivpn.md b/src/content/es/pages/knowledgebase/general/what-technologies-do-you-use-at-ivpn.md
new file mode 100644
index 000000000..53a5a410e
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/what-technologies-do-you-use-at-ivpn.md
@@ -0,0 +1,31 @@
+---
+title: What technologies do you use at IVPN? - IVPN Help
+h1: What technologies do you use at IVPN?
+url: /knowledgebase/general/what-technologies-do-you-use-at-ivpn/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 140
+---
+# What technologies do you use at IVPN?
+
+We use only open-source software at IVPN. Below is a list of some of the technologies we have used to build our network.
+
+- [CentOS](https://www.centos.org/) - Enterprise-class Linux distribution
+
+- [Puppet](https://puppet.com/) and [the Foreman](https://theforeman.org/) - Centralized configuration management for all our servers.
+
+- [Zabbix](https://www.zabbix.com/) - Distributed network monitoring solution.
+
+- [OSSEC](https://www.ossec.net/) - Host intrusion detection and centralized logging platform.
+
+- [OpenVPN](https://openvpn.net/) - Encryption and authentication for all server to server communications.
+
+- [OpenSwan](https://www.openswan.org/projects/openswan) - Providing IPSec services to customers.
+
+- [WireGuard](https://www.wireguard.com/) - WireGuard VPN services for customers.
+
+- [FreeRadius](https://freeradius.org/) - AAA services.
+
+- [Tarsnap](https://www.tarsnap.com/) - Backup of critical data.
diff --git a/src/content/es/pages/knowledgebase/general/what-vpn-protocols-do-you-offer.md b/src/content/es/pages/knowledgebase/general/what-vpn-protocols-do-you-offer.md
new file mode 100644
index 000000000..3ab487e15
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/what-vpn-protocols-do-you-offer.md
@@ -0,0 +1,15 @@
+---
+title: What VPN protocols do you offer? - IVPN Help
+h1: What VPN protocols do you offer?
+url: /knowledgebase/general/what-vpn-protocols-do-you-offer/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 130
+---
+# What VPN protocols do you offer?
+
+IVPN supports OpenVPN, WireGuard® & IPSec with IKEv2 (available on our native iOS app) VPN protocols. We do not support PPTP or L2TP/IPSec.
+
+View our [setup guides](/apps/) for more information.
diff --git a/src/content/es/pages/knowledgebase/general/where-can-i-download-the-vpn-software-for-my-computer.md b/src/content/es/pages/knowledgebase/general/where-can-i-download-the-vpn-software-for-my-computer.md
new file mode 100644
index 000000000..318fec6d7
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/where-can-i-download-the-vpn-software-for-my-computer.md
@@ -0,0 +1,13 @@
+---
+title: Where can I download the VPN software for my computer? - IVPN Help
+h1: Where can I download the VPN software for my computer?
+url: /knowledgebase/general/where-can-i-download-the-vpn-software-for-my-computer/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 390
+---
+# Where can I download the VPN software for my computer?
+
+The IVPN client software in the [Apps](/apps/) section and instructions for manual setups are available in our [Setup Guides](/apps/) section.
diff --git a/src/content/es/pages/knowledgebase/general/why-is-the-location-of-the-server-not-accurate.md b/src/content/es/pages/knowledgebase/general/why-is-the-location-of-the-server-not-accurate.md
new file mode 100644
index 000000000..bb0b7280a
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/why-is-the-location-of-the-server-not-accurate.md
@@ -0,0 +1,15 @@
+---
+title: Why is the location of the server not accurate? - IVPN Help
+h1: Why is the location of the server not accurate?
+url: /knowledgebase/general/why-is-the-location-of-the-server-not-accurate/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 340
+---
+# Why is the location of the server not accurate?
+
+If you are using a website to lookup the location of your IP and find that the location does not match the server that you are connected to then the geolocation data from the website is inaccurate/out of date. These websites purchase geolocation data from specialized providers who collect this information from various sources.
+
+For geolocation providers determining the country based on an IP is relatively accurate (95%-99% percent) since the country is required information when an IP range is allocated and IP registrars supply that information for free. However, determining the physical location down to a city is more difficult and less accurate because there is no official source for the information and ISPs often base IP addresses in a city where the company is basing its operations. Accuracy rates for cities is 50-80% according to dnsstuff.com. If you would like a more accurate tool to determine the location try using - [https://www.yougetsignal.com/tools/visual-tracert/](https://www.yougetsignal.com/tools/visual-tracert/), however even this tool can be inaccurate.
diff --git a/src/content/es/pages/knowledgebase/general/wireguard-faq.md b/src/content/es/pages/knowledgebase/general/wireguard-faq.md
new file mode 100644
index 000000000..e4f42aced
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/general/wireguard-faq.md
@@ -0,0 +1,77 @@
+---
+title: WireGuard FAQ - IVPN Help
+h1: WireGuard FAQ
+url: /knowledgebase/general/wireguard-faq/
+sections:
+    - general
+sectionTitle: General
+layout: help-details
+weight: 480
+---
+# WireGuard FAQ
+
+1.  #### What is WireGuard?
+    WireGuard is a new VPN protocol that utilizes “state-of-the-art” cryptography. It was designed to be faster, simpler and considerably more performant compared to other VPN protocols. If you wish to learn more about it, visit the [WireGuard website](https://www.wireguard.com/).
+
+2.  #### Which OS/Platforms are supported by WireGuard?
+    WireGuard is available on our Windows, macOS, Linux, iOS & Android clients. 
+    
+    On desktop apps, WireGuard can be selected in the IVPN app's `Settings/Preferences` area - `Connection` tab. On mobile apps, navigate to `Settings` - `VPN Protocol` area.
+    
+    If you would like to configure WireGuard on a native WireGuard app or WireGuard client on your router, see our manual setup guides [here](/apps/).
+
+3.  #### What cryptography is used in WireGuard?
+    WireGuard utilizes the following [protocols and primitives](https://www.wireguard.com/protocol/):
+
+    <div markdown="1" class="notice notice--info">
+    <a href="http://cr.yp.to/chacha.html">ChaCha20</a> for symmetric encryption, authenticated with <a href="http://cr.yp.to/mac.html">Poly1305, using <a href="https://tools.ietf.org/html/rfc7539">RFC7539's AEAD construction</a><br>
+    <a href="http://cr.yp.to/ecdh.html">Curve25519</a> for ECDH<br>
+    <a href="https://blake2.net/">BLAKE2s</a> for hashing and keyed hashing, as described in <a href="https://tools.ietf.org/html/rfc7693">RFC7693</a><br>
+    <a href="http://cr.yp.to/siphash/siphash-20120918.pdf">SipHash</a> for hashtable keys<br>
+    <a href="https://eprint.iacr.org/2010/264">HKDF</a> for key derivation, as described in <a href="https://tools.ietf.org/html/rfc5869">RFC5869</a><br>
+    <a href="https://www.wireguard.com/protocol/#key-exchange-and-data-packets">Noise_IK handshake</a> from <a href="http://noiseprotocol.org/noise.pdf">Noise</a>, building on the work of <a href="http://www.curvecp.org/">CurveCP</a>, <a href="http://cr.yp.to/highspeed/naclcrypto-20090310.pdf">NaCL</a>, <a href="http://research.microsoft.com/en-us/um/people/klauter/security_of_kea_ake_protocol.pdf">KEA+</a>, <a href="http://webee.technion.ac.il/~hugo/sigma-pdf.pdf">SIGMA</a>, <a href="https://eprint.iacr.org/2009/408.pdf">FHMQV</a>, and <a href="https://eprint.iacr.org/2010/638.pdf">HOMQV</a><br>
+    All packets are sent over UDP
+    </div>
+
+4.  #### How resilient is a WireGuard connection?
+    WireGuard is built for roaming. If your device changes networks, e.g. from Wi-Fi to a mobile/cellular, the connection will persist because as long as the client sends correctly authenticated data to our WireGuard VPN server, the server keeps the connection alive.
+
+5.  #### What ports do you use for WireGuard?
+    ```
+    UDP 53
+    UDP 80
+    UDP 443
+    UDP 1194
+    UDP 2049
+    UDP 2050
+    UDP 30587
+    UDP 41893
+    UDP 48574
+    UDP 58237
+    ```
+
+6.  #### What IP addresses are issued for WireGuard connections?
+    The IP address is randomly assigned from `172.16.0.0/12` range.
+
+7.  #### Which servers can I connect to with WireGuard?
+    The full list of our WireGuard servers can be viewed on the [Servers](/status/) page.
+
+8.  #### How many devices can I connect with WireGuard?
+    2 on the Standard and 7 on the Pro plan.
+
+9.  #### Do I need to manually create and add public key in the Client Area when adding a new device?
+    No, when using the IVPN app keys are automatically generated and the public key uploaded to our server the moment you select the WireGuard protocol in the app.
+
+    If you are not using an IVPN app, you can also generate and download a WireGuard configuration file in the [Account Area](/account/wireguard-config) using a key pair you have manually generated on your own device or a key pair generated by us.
+
+10. #### How do I verify that I am connected?
+    Our website shows a connection status at the top of the page or inside the 'Menu' on mobile devices. There is a green 'Connected' or a red 'Disconnected' dot, which indicates your status. Another way to ensure that you are properly connected to IVPN is to simply visit the [dns leak test](https://www.dnsleaktest.com/) website. As long as you see the revealed location matches the selected IVPN server & the IP address is different to the one provided by your ISP - this gives you reasonable assurance that your traffic is routed through the VPN service.
+
+11. #### Does WireGuard support IPv6?
+    Yes.
+
+12. #### Can I use Multi-hop with WireGuard?
+    Yes.
+
+13. #### What DNS server is used when connecting with WireGuard?
+    We provide our own, secure and absolutely logless DNS server which is pushed and applied automatically to your device when you connect. The IP address of the standard DNS server is `172.16.0.1`. The AntiTracker DNS address is `10.0.254.2`. The AntiTracker's Hardcore Mode DNS address is `10.0.254.3`.
diff --git a/src/content/es/pages/knowledgebase/ios/_index.md b/src/content/es/pages/knowledgebase/ios/_index.md
new file mode 100644
index 000000000..a087774de
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/ios/_index.md
@@ -0,0 +1,7 @@
+---
+title: iOS - IVPN Help
+url: /knowledgebase/ios/
+section: ios
+layout: help
+---
+## iOS
diff --git a/src/content/es/pages/knowledgebase/ios/ios-how-to-enable-multihop.md b/src/content/es/pages/knowledgebase/ios/ios-how-to-enable-multihop.md
new file mode 100644
index 000000000..6fbef44e6
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/ios/ios-how-to-enable-multihop.md
@@ -0,0 +1,22 @@
+---
+title: iOS - How to enable Multi-hop - IVPN Help
+h1: iOS - How to enable Multi-hop
+url: /knowledgebase/ios/ios-how-to-enable-multihop/
+sections:
+    - ios
+sectionTitle: iOS
+layout: help-details
+weight: 30
+---
+# iOS - How to enable Multi-hop
+
+Multi-hop increases privacy by sending the encrypted traffic through two countries, which makes tracking attempts extremely difficult.
+
+1. Tap the `Multi-hop` toggle to the **ON** position (to the right). This reveals a second server location.
+2. Choose whichever server you prefer for the first hop. A geographically close server may be a good choice for increased speed.
+3. Choose a server in a different country as the second hop.
+4. Connect.
+
+Switch back to a single-hop connection by toggling the `Multi-hop` option **OFF**.
+
+The Multi-hop feature is available in our Pro plan.
diff --git a/src/content/es/pages/knowledgebase/ios/ivpn-would-like-to-add-vpn-configurations-why-do-i-see-this-message.md b/src/content/es/pages/knowledgebase/ios/ivpn-would-like-to-add-vpn-configurations-why-do-i-see-this-message.md
new file mode 100644
index 000000000..4fa97ad26
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/ios/ivpn-would-like-to-add-vpn-configurations-why-do-i-see-this-message.md
@@ -0,0 +1,17 @@
+---
+title: '"IVPN would like to add VPN configurations". Why do I see this message? - IVPN Help'
+h1: '"IVPN would like to add VPN configurations". Why do I see this message?'
+url: /knowledgebase/ios/ivpn-would-like-to-add-vpn-configurations-why-do-i-see-this-message/
+sections:
+    - ios
+sectionTitle: iOS
+layout: help-details
+weight: 10
+---
+# "IVPN would like to add VPN configurations". Why do I see this message?
+
+The message is a simple iOS system warning notifying you that all your traffic will be routed through the VPN tunnel. It is also informing you that our client needs to add a VPN configuration into your device's network environment which can only be done if you allow doing so. Should you disallow it, it will be impossible to connect to any of IVPN servers.
+
+You can also receive this message in case you have just installed IVPN client and trying to establish the VPN connection for the first time. It might also be shown if you are trying to connect for the first time after reinstalling or updating the IVPN app to the newer version.
+
+![](/images-static/uploads/ios-add-configurations.png)
diff --git a/src/content/es/pages/knowledgebase/ios/native-ios-kill-switch-known-issues.md b/src/content/es/pages/knowledgebase/ios/native-ios-kill-switch-known-issues.md
new file mode 100644
index 000000000..143e56e42
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/ios/native-ios-kill-switch-known-issues.md
@@ -0,0 +1,23 @@
+---
+title: Known issues with Native iOS Kill Switch - IVPN Help
+h1: Known issues with Native iOS Kill Switch
+url: /knowledgebase/ios/known-issues-with-native-ios-kill-switch/
+sections:
+    - ios
+sectionTitle: iOS
+layout: help-details
+weight: 40
+---
+# Known issues with Native iOS Kill Switch
+
+<div markdown="1" class="notice notice--warning">
+Kill switch is not available on devices with iOS 16+. Learn why in our blog post <a href="/blog/removal-of-kill-switch-from-our-ios-app-due-to-apple-ip-leak-issue/">here</a>.
+</div>
+
+A list of known issues with the Kill Switch enabled for VPN tunnel in the iOS app:
+
+* [OpenVPN] OpenVPN tunnel will take slightly longer to reconnect to a different gateway.
+* [OpenVPN] When switching networks, OpenVPN tunnel will reconnect instead of just routing traffic through a different network interface.
+* Approx. 1-3 seconds delay to engage the Kill Switch after VPN is connected, and the same delay to disengage it after VPN is disconnected.
+* In some cases, if there are multiple VPN profiles saved in the iOS Settings, Internet traffic gets blocked after switching networks or disabling the Airplane mode. Removing all VPN profiles in the iOS Settings and reconnecting the VPN resolves the issue.
+* When the Kill Switch is active, the [Personal Hotspot](https://support.apple.com/en-gb/HT204023) network is not available.
\ No newline at end of file
diff --git a/src/content/es/pages/knowledgebase/ios/v2ray.md b/src/content/es/pages/knowledgebase/ios/v2ray.md
new file mode 100644
index 000000000..771d370ae
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/ios/v2ray.md
@@ -0,0 +1,42 @@
+---
+title: Obfuscation with V2Ray on iOS - IVPN Help
+h1: Obfuscation with V2Ray on iOS
+url: /knowledgebase/ios/v2ray/
+sections:
+    - ios
+sectionTitle: iOS
+layout: help-details
+weight: 50
+---
+# Obfuscation with V2Ray on iOS
+
+<div markdown="1" class="notice notice--warning">
+Obfuscation with V2Ray on iOS is currently in beta.
+</div>
+
+VPN obfuscation is a technique that masks VPN traffic to make it appear like standard internet traffic, helping to evade detection and bypass internet restrictions or censorship.
+
+When using WireGuard we offer the powerful V2Ray proxy protocol. It is available in two variants, you may find one is more performant and/or reliable depending on multiple variables relating to your location and the path your traffic takes to the VPN server. We recommend experimenting with both variants.
+
+## V2Ray protocols
+
+**V2Ray (VMESS/QUIC)** is a modern protocol designed to provide robust security and high performance, while reducing latency compared to traditional protocols. It makes your data appear as regular HTTPS traffic.
+
+**V2Ray (VMESS/TCP)** is a traditional, widely-used protocol that guarantees reliable, ordered data delivery. It makes your data appear as regular HTTP traffic.
+
+## Supported features on iOS
+
+* VPN protocols: WireGuard
+* V2Ray protocols: VMESS/QUIC, VMESS/TCP
+* Single and multi hop
+* WiFi network interface
+
+## Limitations and known issues
+
+* V2Ray does not work on mobile/cellular networks
+* When switching WiFi networks, VPN needs to be manually reconnected
+* Before connecting VPN + V2Ray, VPN without V2Ray needs to be connected; app does this automatically when V2Ray is enabled
+* App might fail to connect in the following cases:
+  * When using MultiHop
+  * When changing servers while the VPN is connected
+  * When switching QUIC and TCP protocols while connected
diff --git a/src/content/es/pages/knowledgebase/linux/_index.md b/src/content/es/pages/knowledgebase/linux/_index.md
new file mode 100644
index 000000000..57a7bd917
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/linux/_index.md
@@ -0,0 +1,7 @@
+---
+title: Linux - IVPN Help
+url: /knowledgebase/linux/
+section: linux
+layout: help
+---
+## Linux
diff --git a/src/content/es/pages/knowledgebase/linux/building-the-ivpn-cli-client-for-linux-on-a-raspberry-pi.md b/src/content/es/pages/knowledgebase/linux/building-the-ivpn-cli-client-for-linux-on-a-raspberry-pi.md
new file mode 100644
index 000000000..4d7f319cc
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/linux/building-the-ivpn-cli-client-for-linux-on-a-raspberry-pi.md
@@ -0,0 +1,98 @@
+---
+title: Building the IVPN CLI Client for Linux on a Raspberry Pi - IVPN Help
+h1: Building the IVPN CLI Client for Linux on a Raspberry Pi
+url: /knowledgebase/linux/building-the-ivpn-cli-client-for-linux-on-a-raspberry-pi/
+sections:
+    - linux
+sectionTitle: Linux
+layout: help-details
+weight: 11
+---
+# Building the IVPN CLI Client for Linux on a Raspberry Pi
+
+<div markdown="1" class="notice notice--info">
+This was tested using <a href="https://www.raspberrypi.org/downloads/raspberry-pi-os/">Raspberry Pi OS May 2023 (bullseye)</a> and the <a href="https://github.com/ivpn/desktop-app">Official IVPN CLI Client version 3.10.15</a> for 32-bit and 64-bit systems.
+</div>
+
+1.  Install packages for compiling, building, and connecting:
+
+    ```
+    $ sudo apt install ruby ruby-dev ruby-full rpm curl git openvpn libiw-dev
+    ```
+
+2.  Install FPM:
+
+    ```
+    $ sudo gem install --no-document fpm
+    Fetching ...
+    ...
+    Successfully installed fpm-1.15.1
+    ```
+
+3.  Determine the ARM architecture for your Raspberry Pi device:
+
+    ```
+    $ uname -m
+    ```
+
+    32-bit systems will be identfied with `armv6l` or `armv7l` and 64-bit systems with `aarch64`.
+
+    Install the most recent version of Go via [https://golang.org/dl/](https://golang.org/dl/) for your device's architecture:
+
+    ```
+    $ wget https://go.dev/dl/go1.20.5.linux-arm64.tar.gz
+    $ sudo tar -C /usr/local -xzf go1.20.5.linux-arm64.tar.gz
+    $ rm -i go1.20.5.linux-arm64.tar.gz
+    ```
+
+    <div markdown="1" class="notice notice--info">
+    <strong>Note:</strong> The IVPN Client requires Go version 1.18 or higher and the Raspberry Pi OS repositories include an older version of the golang package:
+    <br><br>
+    <code>$ apt-cache policy golang
+    golang:
+    Installed: (none)
+    Candidate: 2:1.15~1
+    </code>
+    </div>
+
+4.  Add Go to the `$PATH` and define the `$GOPATH` variable by adding two lines to the bottom of `~/.profile`, then source the file:
+
+    ```
+    $ echo -e "\n\nPATH=$PATH:/usr/local/go/bin\nGOPATH=$HOME/go" >> ~/.profile
+    $ source ~/.profile
+    ```
+
+    Verify the changes and add the `$GOPATH` folder:
+
+    ```
+    $ which go
+    /usr/local/go/bin/go
+    $ mkdir -v $GOPATH
+    mkdir: created directory '/home/pi/go'
+    ```
+
+5.  Follow the build instructions for the Linux base package (daemon + CLI) from the IVPN App's [GitHub page](https://github.com/ivpn/desktop-app#compilation_linux_daemon):
+
+    ```
+    $ git clone https://github.com/ivpn/desktop-app.git
+    $ cd desktop-app/cli/References/Linux/
+    $ CL="https://raw.githubusercontent.com/ivpn/desktop-app/master/CHANGELOG.md"
+    $ VER=$(curl -s $CL | grep "## Version" | head -n 1 | awk '{ print $3 }')
+    $ echo $VER
+    $ ./build.sh -v $VER
+    ...
+    ---------------------------
+    DEB package...
+    Created package {:path=>"ivpn_3.10.23_arm64.deb"}
+    ---------------------------
+    ...
+    Copying compiled packages to '/home/pi/desktop-app/cli/References/Linux/_out_bin'...
+    ```
+
+6.  Install the new package:
+
+    ```
+    $ sudo apt install ./_out_bin/ivpn_3.10.23_arm64.deb
+    ```
+
+7. Check our [Command Line Client FAQ](/knowledgebase/general/command-line-client-faq/) for the next steps.
diff --git a/src/content/es/pages/knowledgebase/linux/fedora-silverblue.md b/src/content/es/pages/knowledgebase/linux/fedora-silverblue.md
new file mode 100644
index 000000000..fadb940b0
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/linux/fedora-silverblue.md
@@ -0,0 +1,68 @@
+---
+title: Linux - Fedora Silverblue - IVPN Help
+h1: Linux - Fedora Silverblue
+url: /knowledgebase/linux/fedora-silverblue/
+sections:
+    - linux
+sectionTitle: Linux
+layout: help-details
+weight: 150
+---
+# Installing IVPN on Fedora Silverblue
+
+Fedora Silverblue is unique because it uses an immutable filesystem and an ostree-based package management system. This means that the system files cannot be modified once they are installed, ensuring greater stability and security of the operating system. 
+
+IVPN client can be installed on Fedora Silverblue using `rpm-ostree`.
+
+Commands to install the IVPN client on Fedora Silverblue:
+
+<div class="highlight">
+<pre>
+<code class="language-shell" data-lang="shell">
+<span># Add the IVPN repository</span>
+cd /etc/yum.repos.d/
+sudo wget https://repo.ivpn.net/stable/fedora/generic/ivpn.repo
+
+<span># install IVPN client</span>
+rpm-ostree install ivpn
+<span># install UI for IVPN client, if required</span>
+rpm-ostree install ivpn-ui
+
+<span># reboot system</span>
+systemctl reboot
+
+<span># enable IVPN service to start automatically</span>
+sudo systemctl enable ivpn-service
+<span># start IVPN stervice</span>
+sudo systemctl start ivpn-service
+</code>
+</pre>
+</div>
+
+To correctly uninstall 'ivpn' package on Fedora Silverblue, extra steps should be performed manually:
+
+<div class="highlight">
+<pre>
+<code class="language-shell" data-lang="shell">
+<span># logout from ivpn account</span>
+ivpn logout
+
+<span># uninstall IVPN client</span>
+rpm-ostree uninstall ivpn
+
+<span># uninstall IVPN User Interface (if installed)</span>
+rpm-ostree uninstall ivpn-ui
+
+<span># stop and disable IVPN service</span>
+sudo systemctl stop ivpn-service
+sudo systemctl disable ivpn-service
+
+<span># manualy remove leftovers</span>
+sudo rm -fr /etc/opt/ivpn
+sudo rm -fr /var/log/ivpn
+
+<span># reboot system</span>
+systemctl reboot
+</code>
+</pre>
+</div>
diff --git a/src/content/es/pages/knowledgebase/linux/ivpn-on-qubes-os.md b/src/content/es/pages/knowledgebase/linux/ivpn-on-qubes-os.md
new file mode 100644
index 000000000..82f5a88db
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/linux/ivpn-on-qubes-os.md
@@ -0,0 +1,158 @@
+---
+title: IVPN on Qubes OS - IVPN Help
+h1: IVPN on Qubes OS
+url: /knowledgebase/linux/ivpn-on-qubes-os/
+sections:
+    - linux
+sectionTitle: Linux
+layout: help-details
+weight: 8
+---
+# IVPN on Qubes OS
+
+<div markdown="1" class="notice notice--warning">
+This guide was produced using Qubes OS release 4.1.1 (R4.1) and fedora-36 as VM template
+</div>
+
+### Introduction
+
+Qubes OS uses a ProxyVM as an intermediary between other VMs in the system and the outside world. The primary function of a ProxyVM is to handle network traffic for other VMs, allowing those VMs to remain isolated from the internet, untrusted and potentially hostile networks.
+
+In Qubes OS, each VM is assigned a specific role, such as a NetVM (for networking) or an AppVM (for running applications). When an AppVM needs to connect to the internet, it sends its network traffic to the designated NetVM.
+
+Alternatively, an AppVM can send its network traffic directly to a ProxyVM for processing. This configuration, known as a "ProxyVM-based NetVM", allows the ProxyVM to enforce various security policies, such as blocking certain types of traffic or limiting access to specific resources. It also allows the use of a Virtual Private Network (VPN) connection, which can provide additional privacy and security for network traffic.
+
+By configuring a ProxyVM to use a VPN connection, all network traffic from the other VMs in the system can be routed through the VPN, ensuring that the traffic is encrypted and anonymized before it leaves the system. This approach can be especially useful when accessing sensitive or confidential information over untrusted networks.
+
+In summary, using a Proxy VM in Qubes OS can provide a flexible and customizable framework for managing network security and isolation, including the ability to use a VPN connection for added privacy and security.
+
+This guide describes the configuration for the following setup:
+
+<div markdown="1" class="notice notice--info">
+App VM/s -> Proxy VM (with IVPN) -> Internet
+</div>
+
+### Creating ProxyVM
+
+1. Navigate to Qube manager (`Main menu` -> `Qubes Tools` -> `Qube Manager`):
+
+2. Create “New qube” with the following parameters: 
+
+    - Name and label: **ivpn-proxy**
+    - Type: **StandaloneVM (fully persistent)**
+    - Template: **fedora-36**
+    - Networking: **default (sys-firewall)**
+    - Advanced tab -> “Provide network access to other qubes“: **enabled**
+
+3. Press `OK`
+
+### Installing IVPN client
+
+1. Start the recently created **ivpn-proxy** cube (`right-click` -> `Start/Resume`)
+
+2. Open **ivpn-proxy** terminal (`Main menu` -> `Service: ivpn-proxy` -> `ivpn-proxy: Terminal`)
+
+3. Install IVPN client (CLI and UI; refer to <a href="/apps-linux/#fedora" target="_blank">Fedora setup instructions</a>)
+
+4. Add IVPN client to **ivpn-proxy** VM menu: 
+
+    - `Main menu` -> `Service: ivpn-proxy` -> `Settings` 
+    - In the Applications tab: select `IVPN` from the list and press the `>` button
+    - Press `OK`
+
+### Configuring IVPN client
+
+IVPN client must start and establish a VPN connection automatically when ProxyVM (**ivpn-proxy**) starts. It must also block all network traffic when not connected to the VPN server.
+
+1. Start the IVPN app (`Main menu` -> `Service: ivpn-proxy` -> `ivpn-proxy: IVPN`)
+
+2. Log in using your IVPN account ID (i-XXXX-XXXX-XXXX or ivpnXXXXXXXX)
+
+3. In the app's `Settings` - `General` area:
+
+    - Autoconnect On launch: **Enabled**
+    - Allow background daemon to manage autoconnect: **Enabled**
+
+4. `Settings` - `IVPN Firewall`:
+    
+    - Always-on firewall: **Enabled**
+
+5. `Settings` -> `DNS`:
+
+    - Force management of DNS using resolv.conf: **Enabled**(!)
+
+6. Select preferred VPN settings (VPN protocol, server, etc.) and connect
+
+### DNS: Configuring DNAT on ProxyVM
+
+Qubes OS requires the **/usr/lib/qubes/qubes-setup-dnat-to-ns** script to be run every time after updating DNS settings on ProxyVM.
+
+The **/usr/lib/qubes/qubes-setup-dnat-to-ns** script sets up the necessary DNAT (Destination Network Address Translation) rules by modifying the iptables configuration. This allows DNS requests to be properly forwarded from AppVM-s.
+
+There are various approaches to execute this script automatically:
+
+#### Approach 1 - Modify the VM startup script:
+
+<div markdown="1" class="notice notice--info">
+This approach is easy but not robust: DNS will not work if DNS settings change on ProxyVM; it will also not work for situations when it takes too long time for system to boot
+</div>
+
+1. Open **ivpn-proxy** terminal (`Main menu` -> `Service:ivpn-proxy` -> `ivpn-proxy: Terminal`)
+
+2. Update **/rw/config/rc.local** file with the following command: 
+    ```
+    cat <<EOF | sudo tee -a /rw/config/rc.local
+    sleep 10 # Waiting a bit so that IVPN can establish a connection
+    systemctl restart systemd-resolved # for Qubes OS 4.2 only (tested on Qubes OS 4.2-RC4)
+    /usr/lib/qubes/qubes-setup-dnat-to-ns
+    EOF
+    ```
+
+#### Approach 2 - Modify IVPN ‘dns’ script:
+
+<div markdown="1" class="notice notice--info">
+This approach is more robust because DNAT will be updated every time when IVPN updates DNS settings.
+</div>
+
+1. Open the **/opt/ivpn/etc/firewall.sh** script file on **ProxyVM (ivpn-proxy)** and add the following right after the `elif [[ $1 = "-set_dns" ]]; then` line:
+    ```
+    #QUBES OS - specific operation
+    systemctl restart systemd-resolved || echo "Error: systemd-resolved" # this line is required for Qubes OS 4.2 (tested on Qubes OS 4.2-RC4)
+    /usr/lib/qubes/qubes-setup-dnat-to-ns || echo "Error: failed to run '/usr/lib/qubes/qubes-setup-dnat-to-ns'"
+    ```
+
+
+2. The contents of **/opt/ivpn/etc/firewall.sh** should look as follows:
+    ```
+    ...
+    #DNS rules
+    elif [[ $1 = "-set_dns" ]]; then
+
+    #QUBES OS - specific operation
+    systemctl restart systemd-resolved || echo "Error: systemd-resolved" # this line is required for Qubes OS 4.2 (tested on Qubes OS 4.2-RC4)
+    /usr/lib/qubes/qubes-setup-dnat-to-ns || echo "Error: failed to run '/usr/lib/qubes/qubes-setup-dnat-to-ns'" 
+
+    get_firewall_enabled || return 0
+    ...
+    ```
+
+### AppVM
+
+All AppVMs that need to use the VPN connection have to be configured to use **ivpn-proxy** ProxyVM.
+
+1. In Qube manager (`Main menu` -> `Qubes Tools` -> `Qube Manager`), create “New qube” with the following parameters: 
+
+    - Name and label: **my-app-vm**
+    - Type: **AppVM** 
+    - Template: **fedora-36**
+    - Networking: **ivpn-proxy**(!)
+
+2. Press `OK`
+
+That is it. Now, all traffic from my-app-vm will go through the VPN connection.
+
+### Final steps
+
+1. Reboot your system
+
+2. To confirm that you are connected to the IVPN network, check the connection status tool on our website and run a dns leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com)
diff --git a/src/content/es/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-fedora.md b/src/content/es/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-fedora.md
new file mode 100644
index 000000000..b54409075
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-fedora.md
@@ -0,0 +1,75 @@
+---
+title: Autostart OpenVPN in systemd (Fedora) - IVPN Help
+h1: Autostart OpenVPN in systemd (Fedora)
+url: /knowledgebase/linux/linux-autostart-openvpn-in-systemd-fedora/
+sections:
+    - linux
+sectionTitle: Linux
+layout: help-details
+weight: 17
+---
+# Autostart OpenVPN in systemd (Fedora)
+
+In order to configure OpenVPN to autostart for systemd, complete the following steps:
+
+1.  Move the .ovpn file with the desired server location to the '/etc/openvpn' folder:
+
+    ```
+    # sudo cp /location/whereYouDownloadedConfigfilesTo/Germany.ovpn /etc/openvpn/
+    ```
+
+2.  Edit the .ovpn file you copied in the previous step and change the line 'auth-user-pass' to 'auth-user-pass pass':
+
+    ```
+    # sudo nano /etc/openvpn/Germany.ovpn
+    ```
+
+    If nano is not installed:
+
+    ```
+    # sudo yum install nano
+    ```
+
+3.  In the '/etc/openvpn/client' folder, create a text file:
+
+    ```
+    # sudo nano /etc/openvpn/client/pass
+    ```
+
+    and enter your  IVPN Account ID (starts with 'ivpn') on the first line and any non-blank text on the 2nd line, then press 'Ctrl X' to save the changes and exit the text editor.
+
+4.  (Optional) Change the permissions on the pass file to protect the credentials:
+
+    ```
+    # sudo chmod 400 /etc/openvpn/client/pass
+    ```
+
+5.  Rename and move the .ovpn file to 'client.conf':
+
+    ```
+    # sudo cp /etc/openvpn/Germany.ovpn /etc/openvpn/client/client.conf
+    ```
+
+6.  Enable the OpenVPN service to run while booting:
+
+    ```
+    # sudo systemctl enable openvpn-client@client.service
+    ```
+
+7.  Reload the daemons:
+
+    ```
+    # sudo systemctl daemon-reload
+    ```
+
+8.  Start the OpenVPN service:
+
+    ```
+    # sudo service openvpn-client@client.service start
+    ```
+
+9.  Reboot and test if it is working by checking the external IP:
+
+    ```
+    # curl ifconfig.co
+    ```
diff --git a/src/content/es/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-ubuntu.md b/src/content/es/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-ubuntu.md
new file mode 100644
index 000000000..f6bb51d84
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-ubuntu.md
@@ -0,0 +1,92 @@
+---
+title: Autostart OpenVPN in systemd (Ubuntu) - IVPN Help
+h1: Autostart OpenVPN in systemd (Ubuntu)
+url: /knowledgebase/linux/linux-autostart-openvpn-in-systemd-ubuntu/
+sections:
+    - linux
+sectionTitle: Linux
+layout: help-details
+weight: 16
+---
+# Autostart OpenVPN in systemd (Ubuntu)
+
+In order to configure OpenVPN to autostart for systemd, complete the following steps:
+
+1.  Run the command:
+
+    ```
+    # sudo nano /etc/default/openvpn
+    ```
+
+    and uncomment, or remove, the "#" in front of
+
+    ```
+    AUTOSTART="all"
+    ```
+
+    then press 'Ctrl X' to save the changes and exit the text editor.
+
+2.  Move the .ovpn file with the desired server location to the '/etc/openvpn' folder:
+
+    ```
+    # sudo cp /location/whereYouDownloadedConfigfilesTo/Germany.ovpn /etc/openvpn/    
+    ```
+
+3.  Edit the .ovpn file you copied in the previous step and change the line 'auth-user-pass' to 'auth-user-pass pass':
+
+    ```
+    # sudo nano /etc/openvpn/Germany.ovpn
+    ```
+
+    then press 'Ctrl X' to save the changes and exit the text editor.
+
+4.  In the '/etc/openvpn' folder, create a text file called pass:
+
+    ```
+    # sudo nano /etc/openvpn/pass
+    ```
+
+    and enter your IVPN Account ID (starts with 'ivpn') on the first line and any non-blank text on the 2nd line, then press 'Ctrl X' to save the changes and exit the text editor.
+
+5.  (Optional) Change the permissions on the pass file to protect the credentials:
+
+    ```
+    # sudo chmod 400 /etc/openvpn/pass
+    ```
+
+6.  Rename the .ovpn file to 'client.conf':
+
+    ```
+    # sudo cp /etc/openvpn/Germany.ovpn /etc/openvpn/client.conf
+    ```
+
+7.  On Ubuntu 16.04 LTS, OpenVPN installs and initiates a service by default. If you are using Ubuntu 16.04 LTS, skip to step 10.  
+    For Ubuntu 18.04 LTS and up, enable the OpenVPN service to run while booting:
+
+    ```
+    # sudo systemctl enable openvpn@client.service
+    ```
+
+8.  Reload the daemons:
+
+    ```
+    # sudo systemctl daemon-reload
+    ```
+
+9.  Start the OpenVPN service:
+
+    ```
+    # sudo service openvpn@client start
+    ```
+
+10. Reboot and test if it is working by checking the external IP:
+
+    ```
+    # curl ifconfig.co
+    ```
+
+    If curl is not installed:
+
+    ```
+    # sudo apt install curl
+    ```
diff --git a/src/content/es/pages/knowledgebase/linux/linux-autostart-wireguard-in-systemd.md b/src/content/es/pages/knowledgebase/linux/linux-autostart-wireguard-in-systemd.md
new file mode 100644
index 000000000..6dcddf674
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/linux/linux-autostart-wireguard-in-systemd.md
@@ -0,0 +1,50 @@
+---
+title: Autostart WireGuard in systemd - IVPN Help
+h1: Autostart WireGuard in systemd
+url: /knowledgebase/linux/linux-autostart-wireguard-in-systemd/
+sections:
+    - linux
+sectionTitle: Linux
+layout: help-details
+weight: 15
+---
+# Autostart WireGuard in systemd
+
+These steps are mostly distribution agnostic and have been tested on Debian unstable and Fedora.
+
+1.  Generate a valid and working WireGuard configuration file `/etc/wireguard/wg0.conf`. Our [setup guide](/setup/linux-wireguard/) offers details.
+
+    <div markdown="1" class="notice notice--warning">
+    Note: You may have to replace the <strong>Endpoint</strong> hostname with the WireGuard server IP address in the WireGuard configuration file. DNS may or may not be applied when systemd brings the wg0 interface up.
+    </div>
+
+2.  Add the WireGuard service to systemd:
+
+    ```
+    sudo systemctl enable wg-quick@wg0.service
+    sudo systemctl daemon-reload
+    ```
+
+3.  Start the new service immediately:
+
+    ```
+    sudo systemctl start wg-quick@wg0
+    ```
+
+4.  Reboot your computer system to verify the automatic connection on startup works as expected.
+
+5.  Check the service status:
+
+    ```
+    systemctl status wg-quick@wg0
+    ```
+
+6.  To remove the service and clean up the system:
+
+    ```
+    sudo systemctl stop wg-quick@wg0
+    sudo systemctl disable wg-quick@wg0.service
+    sudo rm -i /etc/systemd/system/wg-quick@wg0*
+    sudo systemctl daemon-reload
+    sudo systemctl reset-failed
+    ```
diff --git a/src/content/es/pages/knowledgebase/linux/linux-avc-denial-with-selinux.md b/src/content/es/pages/knowledgebase/linux/linux-avc-denial-with-selinux.md
new file mode 100644
index 000000000..1e5909a73
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/linux/linux-avc-denial-with-selinux.md
@@ -0,0 +1,18 @@
+---
+title: AVC denial with selinux - IVPN Help
+h1: AVC denial with selinux
+url: /knowledgebase/linux/linux-avc-denial-with-selinux/
+sections:
+    - linux
+    - troubleshooting
+sectionTitle: Linux
+layout: help-details
+weight: 60
+---
+# AVC denial with selinux
+
+If you receive an 'AVC denial' error message in your logs, run the following command to change the security context of the directory containing your OpenVPN certificates:
+
+```
+chcon -t cert_t /your/certificates/dir/*
+```
diff --git a/src/content/es/pages/knowledgebase/linux/linux-cannot-import-ovpn-config-file.md b/src/content/es/pages/knowledgebase/linux/linux-cannot-import-ovpn-config-file.md
new file mode 100644
index 000000000..acdcc4c80
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/linux/linux-cannot-import-ovpn-config-file.md
@@ -0,0 +1,25 @@
+---
+title: Cannot import .ovpn config file - IVPN Help
+h1: Cannot import .ovpn config file
+url: /knowledgebase/linux/linux-cannot-import-ovpn-config-file/
+sections:
+    - linux
+sectionTitle: Linux
+layout: help-details
+weight: 50
+---
+# Cannot import .ovpn config file
+
+If you try to import the [OpenVPN config files](/openvpn-config) and receive the `'-----.ovpn' could not be read or does not contain recognized VPN connection information. Error: unknown PPTP file extension.` error, then you likely do not have the `network-manager-openvpn-gnome` package installed.
+
+1.  Install `network-manager-openvpn-gnome` package:
+
+    ```
+    sudo apt-get install openvpn network-manager-openvpn network-manager-openvpn-gnome
+    ```
+
+2.  Restart the networking service:
+
+    ```
+    sudo service network-manager restart
+    ```
diff --git a/src/content/es/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables.md b/src/content/es/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables.md
new file mode 100644
index 000000000..ff2a750a7
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables.md
@@ -0,0 +1,142 @@
+---
+title: How do I prevent VPN leaks using iptables? - IVPN Help
+h1: How do I prevent VPN leaks using iptables?
+url: /knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables/
+sections:
+    - linux
+    - troubleshooting
+sectionTitle: Linux
+layout: help-details
+weight: 30
+---
+# How do I prevent VPN leaks using iptables?
+
+<div markdown="1" class="notice notice--info">
+We recommend using our <a href="/apps-linux/">Linux CLI app</a> that offers an easy-to-use built-in Firewall solution that protects you from both IP and traffic leaks. Read on, if you would like to have a more granular Firewall configuration or prefer to use NetworkManager or a different VPN client.
+</div>
+
+If you're using stock OpenVPN in Linux, especially with Network Manager, leaks are possible if the VPN connection fails, or is temporarily interrupted. Also, if your ISP provides IPv6 connectivity, but your VPN service does not, traffic to IPv6-capable sites will bypass the VPN tunnel, and identify you to websites. Given that, it's prudent to have firewall (iptables) rules that: 1) restrict traffic to the VPN tunnel; 2) allow direct connections only to the VPN server; and 3) block IPv6 traffic.
+
+There are many ways to manage iptables rules. The old-school standard is shell scripting. And indeed, OpenVPN has hooks to run scripts, for routing and iptables, when the VPN connects and disconnects. That's convenient, certainly, but it's also complicated, and it requires editing VPN configuration files. Most VPN services use the "redirect-gateway def1" option to handle routing, but they don't touch iptables. So you need to disable "redirect-gateway def1", and handle routing changes in your scripts.
+
+For most customers we think using iptables-persistent is the better solution. The rules files are easy to understand, and there's no need for complicated rules chains with custom tables. It's easy to manage custom rules for particular circumstances (different locations, different VPNs, etc). And default rules load at reboot, which can be a lifesaver if you're working on remote servers.
+
+However, this approach has limitations for VPN services that specify servers by hostname (for load-balancing, etc). First, iptables does not interpret hostnames in saved rules, only in scripts for creating rules. And so you must get IPv4 addresses (using the host command) and use them in your rules file(s). Second, to prevent DNS leaks, the recommended rules do not allow DNS requests, except through the VPN tunnel. To ensure that the VPN can reconnect after interruption, you must either specify servers in configuration files by IP address, or add entries for them to /etc/hosts.
+
+<div markdown="1" class="notice notice--warning">
+This guide uses eth0 for the network adapter name. Please check <strong>ip a</strong> output in a Terminal to confirm the adapter name in your distribution.
+</div>
+
+Start by installing iptables-persistent:
+
+```
+$ sudo su
+# apt-get update
+# apt-get -y install iptables-persistent
+```
+
+The current iptables rules are saved as `/etc/iptables/rules.v4` and `/etc/iptables/rules.v6`.
+
+Then create new IPv4 rules for the VPN connection:
+
+```
+# nano /etc/iptables/vpn-rules.v4
+```
+
+<div class="highlight">
+<pre>
+<code class="language-shell" data-lang="shell">
+<span># You can delete all of these comments, if you like.</span>
+*filter
+
+<span># You drop everything by default.</span>
+:INPUT DROP [0:0]
+:FORWARD DROP [0:0]
+:OUTPUT DROP [0:0]
+
+<span># Some local processes need to hear from other ones.</span>
+-A INPUT -i lo -j ACCEPT
+
+<span># If you are running a server on port N, and have enabled forwarding in your VPN account, you must allow inbound traffic on the VPN. You may also want to limit access to a particular IP address (a.b.c.d). There can be multiple rules, one for each permitted port and source address.</span>
+-A INPUT -i tun0 -s a.b.c.d –dport N -j ACCEPT
+
+<span># You may need to allow traffic from local DHCP servers. If using Wi-Fi, use “wlan0” instead of “eth0”. This isn’t needed if your router provides persistent leases.</span>
+-A INPUT -i eth0 -s 255.255.255.255 -j ACCEPT
+
+<span># Then you allow related/established traffic, and drop everything else, without acknowledgement to peers.</span>
+-A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT
+-A INPUT -j DROP
+
+<span># Your device isn’t a router, so don’t allow forwarding. In any case, you’d also need to allow that using sysctl.</span>
+-A FORWARD -j DROP
+
+<span># Some local processes need to talk to other ones.</span>
+-A OUTPUT -o lo -j ACCEPT
+
+<span># You need rule(s) to allow connecting to VPN server(s). You must use IP addresses. If also using Wi-Fi, add another rule, with “-o wlan0”, instead of “-o eth0”. There can be multiple rules, one for each server.</span>
+-A OUTPUT -o eth0 -d e.f.g.h -j ACCEPT
+
+<span># You need a rule to allow outbound traffic through the VPN tunnel.</span>
+-A OUTPUT -o tun0 -j ACCEPT
+
+<span># You may want rule(s) to allow LAN access. There can be multiple rules, one for each LAN that you use. If also using Wi-Fi, add another rule, with “-o wlan0”, instead of “-o eth0”.</span>
+-A OUTPUT -o eth0 -d x.y.z.0/24 -j ACCEPT
+
+<span># Allow outgoing traffic to local DHCP servers. If using Wi-Fi, use “wlan0” instead of “eth0”. This isn’t needed if your router provides persistent leases.</span>
+-A OUTPUT -o eth0 -d 255.255.255.255 -j ACCEPT
+
+<span># Then you allow related/established traffic, and drop everything else, without acknowledgement to peers.</span>
+-A OUTPUT -m state –state RELATED,ESTABLISHED -j ACCEPT
+-A OUTPUT -j DROP
+
+COMMIT
+</code>
+</pre>
+</div>
+
+Then load the IPv4 VPN rules:
+
+```
+# iptables-restore < /etc/iptables/vpn-rules.v4
+```
+
+Now connect (or reconnect) the VPN. If it doesn't connect, restore the default rules:
+
+```
+# iptables-restore < /etc/iptables/rules.v4
+```
+
+If the VPN connects now, there must be errors in the iptables rules.
+
+Once the basic IPv4 setup is working, you can deal with IPv6. If you have IPv6 service from your ISP, and want to use IPv6 when you're not using VPNs, just create new IPv6 rules for the VPN connection:
+
+```
+# nano /etc/iptables/vpn-rules.v6
+```
+
+> *filter
+> 
+> :INPUT DROP [0:0]
+> :FORWARD DROP [0:0]
+> :OUTPUT DROP [0:0]
+> 
+> COMMIT
+
+Then load the IPv6 VPN rules:
+
+```
+# ip6tables-restore < /etc/iptables/vpn-rules.v6
+```
+
+Using "iptables-restore" to restore "vpn-rules.v6" is a classic fail, by the way.
+
+If you don't use VPN services that route IPv6, and don't need it, you may want to just disable it:
+
+```
+# echo 'net.ipv6.conf.all.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
+# echo 'net.ipv6.conf.default.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
+# echo 'net.ipv6.conf.lo.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
+# sudo sysctl -p
+```
+
+You can reverse those changes by editing `/etc/sysctl.conf`, and deleting those lines.
\ No newline at end of file
diff --git a/src/content/es/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-nftables-and-openvpn.md b/src/content/es/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-nftables-and-openvpn.md
new file mode 100644
index 000000000..c343f8e07
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-nftables-and-openvpn.md
@@ -0,0 +1,182 @@
+---
+title: Linux - How do I prevent VPN leaks using nftables and OpenVPN? - IVPN Help
+h1: Linux - How do I prevent VPN leaks using nftables and OpenVPN?
+url: /knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-nftables-and-openvpn/
+sections:
+    - linux
+    - troubleshooting
+sectionTitle: Linux
+layout: help-details
+weight: 30
+---
+# How do I prevent VPN leaks using nftables and OpenVPN?
+
+<div markdown="1" class="notice notice--info">
+We recommend using our <a href="/apps-linux/">Linux app</a> that offers an easy-to-use built-in Firewall solution that protects you from both IP and traffic leaks. Read on, if you would like to have a more granular Firewall configuration or prefer to use NetworkManager or a different VPN client.
+</div>
+
+As the successor to [iptables](/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables/), **nftables** is supported by the [netfilter project](https://www.netfilter.org/) and provides flexibility, scalability, plus performance improvements with firewall rules.  In this article, we present a script with a set of **nftables** firewall commands and rules to create a kill switch for a manual OpenVPN connection.
+
+
+### nftables Basics
+
+Install the `nftables` package as required.
+
+Disable the **iptables** service and enable the **nftables** service (if required) to automatically load firewall rules when the system boots:
+```
+sudo systemctl disable --now iptables
+sudo systemctl enable --now nftables
+```
+
+The system-wide configuration for **nftables** might be stored in one of the following locations based on your Linux distribution:
+```
+/etc/nftables.conf
+/etc/sysconfig/nftables.conf
+```
+
+Check the current **nftables** rules:
+```
+sudo nft list ruleset
+```
+
+Flush the current **nftables** rules (ie. to start over):
+```
+sudo nft flush ruleset
+sudo nft list ruleset
+```
+
+The rules in the script below can be stored in an `nft` script file and loaded into the system for testing.  The `/tmp/` folder is used as an example; please feel free to use a more permanent location if you reboot your system regularly:
+```
+sudo nft --file /tmp/killswitch.nft
+sudo nft list ruleset
+```
+
+Testing with **nftables** is relatively friendly.  For example, there is an optional rule in the script below to allow outbound access to the local network.  This rule is commented out by default.  Load the script below (`sudo nft --file ...`) and verfy that LAN access is not available.  Uncomment the line from the `nft` script, save the changes, then load the script again and check that LAN access is available.
+
+Once the testing is complete, copy the script to the system-wide configuration location mentioned above:
+```
+sudo cp /etc/nftables.conf /etc/nftables.conf.ORIGINAL
+sudo cp /tmp/killswitch.nft /etc/nftables.conf
+```
+
+Reboot the system and check the current **nftables** rules to confirm the desired boot-time behaviour.
+
+<div markdown="1" class="notice notice--warning">
+Please check the "define" lines at the top of the script below and adjust them based on your system's network interface names, LAN details, preferred VPN server location, preferred NTP sources, etc.  Rules marked OPTIONAL are not required, though they may add extra functionality.  Please consider your threat model prior to enabling these optional rules.
+</div>
+
+
+### nftables Rules Script
+
+Add the script below to a file using the text editor of your choice:
+
+```
+nano /tmp/killswitch.nft
+vi /tmp/killswitch.nft
+vim /tmp/killswitch.nft
+ed /tmp/killswitch.nft
+```
+
+<div class="highlight">
+<pre>
+<code class="language-shell" data-lang="shell">
+<span>#!/usr/sbin/nft -f</span>
+
+<span>## FLUSH existing rules and create a table called "killswitch".</span>
+flush ruleset
+add table inet killswitch
+
+<span>## NETWORK interfaces: Run "ip a" to confirm local interface device names.</span>
+define INET_DEV = eth0
+define VPN_DEV  = tun0
+
+<span>## VPN servers: Switzerland in this case.  Adjust accordingly: ivpn.net/status </span>
+<span>## dig +short ch{1,3}.gw.ivpn.net</span>
+define VPN_SERVERS = { 141.255.166.194, 185.212.170.138 }
+
+<span>## NTP servers: Adjust for your server pool.</span>
+<span>## dig +short {0..1}.pool.ntp.org | sort -h</span>
+define NTP_SERVERS = { 62.108.36.235, 85.214.96.5, 129.70.132.32, 136.243.202.118, 144.91.116.85, 185.242.112.53, 193.203.3.170, 213.160.74.205 }
+
+<span>## LAN: Adjust for your local LAN.</span>
+<span># define LAN_CLIENTS = { 192.168.0.2, 192.168.0.4-192.168.0.6 }</span>
+define LAN_CLIENTS = 192.168.0.0/24
+
+<span>## DROP everything by default for all chains ("INPUT", "FORWARD", "OUTPUT").</span>
+add chain inet killswitch INPUT { type filter hook input priority 0 ; policy drop ; }
+add chain inet killswitch FORWARD { type filter hook forward priority 0 ; policy drop ; }
+add chain inet killswitch OUTPUT { type filter hook output priority 0 ; policy drop ; }
+
+<span>## LOOPBACK: Some local processes need to hear from other ones.</span>
+add rule inet killswitch INPUT iifname "lo" counter accept
+
+<span>## LAN BROADCAST: You may need to allow traffic from local DHCP servers.</span>
+add rule inet killswitch INPUT iifname $INET_DEV ip saddr 255.255.255.255 counter accept
+
+<span>## OPTIONAL: Allow incoming SSH (22/TCP) from LAN.  Uncomment and adjust for other services as required or add additional rules.</span>
+<span>#add rule inet killswitch INPUT iifname $INET_DEV tcp dport 22 counter accept</span>
+
+<span>## ALLOW related/established traffic and drop everything else without acknowledgement to peers.</span>
+add rule inet killswitch INPUT ct state related,established accept
+add rule inet killswitch INPUT counter drop
+
+<span>## FORWARDING: Your device is not a router, so do not allow forwarding.  Enable logging just in case.</span>
+add rule inet killswitch FORWARD counter log prefix "NFT drop fwd: " drop
+
+<span>## LOOPBACK: Some local processes need to talk to other ones.</span>
+add rule inet killswitch OUTPUT oifname "lo" counter accept
+
+<span>## NTP: Allow outbound NTP requests because OpenVPN's certificate system is sensitive to time discrepancies.</span>
+add rule inet killswitch OUTPUT oifname $INET_DEV ip daddr $NTP_SERVERS udp dport 123 counter accept
+
+<span>## VPN: Allow outbound traffic to VPN servers defined above.</span>
+add rule inet killswitch OUTPUT oifname $INET_DEV ip daddr $VPN_SERVERS counter accept
+
+<span>## VPN: Allow outbound traffic through the VPN tunnel.</span>
+add rule inet killswitch OUTPUT oifname $VPN_DEV counter accept
+
+<span>## LAN BROADCAST: You may need to allow traffic to local DHCP servers.</span>
+add rule inet killswitch OUTPUT oifname $INET_DEV ip daddr 255.255.255.255 counter accept
+
+<span>## OPTIONAL: Allow outbound traffic to local network.</span>
+<span>#add rule inet killswitch OUTPUT oifname $INET_DEV ip daddr $LAN_CLIENTS counter accept</span>
+
+<span>## ALLOW related/established traffic.</span>
+add rule inet killswitch OUTPUT ct state related,established accept
+
+<span>## DROP everything else, without acknowledgement to peers.</span>
+<span>## LOGGING is useful for testing, though may consume log files over time.  Choose one rule or the other from below.</span>
+add rule inet killswitch OUTPUT counter log prefix "NFT drop out: " drop
+<span>#add rule inet killswitch OUTPUT counter drop</span>
+</code>
+</pre>
+</div>
+
+
+### Verifying
+
+Stop the OpenVPN connection, then check access to Internet sites, LAN, etc., using `ping` or other methods.  If logging is enabled on the **DROP** rule, check the system log (`dmesg | grep "NFT drop"`) to confirm outgoing traffic is blocked.
+
+
+### Handling IPv6
+
+The ruleset in the script above ends up blocking IPv6 traffic.  Link local IPv6 addresses are pingable from the local system (ie. `fe80:...`), though IPv6 traffic to other systems, like LAN and Internet destinations, is blocked.  This might be enough for your threat model, though there are other ways to block IPv6 traffic.
+
+- For OpenVPN 2.5 and up, the `block-ipv6` directive is available.  Edit the OpenVPN configuration file you use for your VPN connection and add the following directives above the `verb` line:
+```
+ifconfig-ipv6 fd15:53b6:dead::2/64 fd15:53b6:dead::1
+redirect-gateway ipv6
+block-ipv6
+```
+
+The `fd15:53b6:dead:` prefix and the three lines above are taken from the OpenVPN 2.5 man page.  The prefix is part of the IPv6 local range (`fd00::/8`) and is not routable over the Internet.
+
+- Disable IPv6 on the local system.  Unless you make use of local network IPv6 resources, it may be simplest to disable IPv6 entirely.  Run these commands:
+```
+echo 'net.ipv6.conf.all.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
+echo 'net.ipv6.conf.default.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
+echo 'net.ipv6.conf.lo.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
+sudo sysctl -p
+```
+
+To undo the change and restore IPv6 on your system, change the `disable_ipv6=1` bits to `disable_ipv6=0` or manually edit the `/etc/sysctl.conf` file and remove the three `disable_ipv6=1` lines, then run `sudo sysctl -p`.  A system reboot may or may not be required after re-enabling IPv6.
diff --git a/src/content/es/pages/knowledgebase/linux/linux-kill-switch-using-the-uncomplicated-firewall-ufw.md b/src/content/es/pages/knowledgebase/linux/linux-kill-switch-using-the-uncomplicated-firewall-ufw.md
new file mode 100644
index 000000000..9be3fb2f9
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/linux/linux-kill-switch-using-the-uncomplicated-firewall-ufw.md
@@ -0,0 +1,85 @@
+---
+title: Kill Switch using the Uncomplicated Firewall (UFW) - IVPN Help
+h1: Kill Switch using the Uncomplicated Firewall (UFW)
+url: /knowledgebase/linux/linux-kill-switch-using-the-uncomplicated-firewall-ufw/
+sections:
+    - linux
+sectionTitle: Linux
+layout: help-details
+weight: 70
+---
+# Kill Switch using the Uncomplicated Firewall (UFW)
+
+<div markdown="1" class="notice notice--info">
+We recommend using our <a href="/apps-linux/">Linux CLI app</a> that offers an easy-to-use built-in Firewall solution that protects you from both IP and traffic leaks. Read on, if you would like to have a more granular Firewall configuration or prefer to use NetworkManager or a different VPN client.
+</div>
+
+This guide shows you how to setup a firewall (similar to a 'kill switch') using the UFW to protect against packets leaking if the VPN fails for any reason.
+
+1.  Start by installing UFW:
+
+    ```
+    # sudo apt-get update
+    # sudo apt-get install ufw
+    ```
+
+2.  Enable UFW:
+
+    ```
+    # sudo ufw enable
+    ```
+
+3.  Block all outgoing traffic:
+
+    ```
+    # sudo ufw default deny outgoing
+    ```
+
+    ...and all incoming traffic:
+
+    ```
+    # sudo ufw default deny incoming
+    ```
+
+4.  Allow traffic through VPN tunnel:
+
+    ```
+    # sudo ufw allow out on tun0 from any to any
+    # sudo ufw allow in on tun0 from any to any
+    ```
+
+5.  Choose the IVPN server you will be connecting to and make an exception for it in UFW.  
+    Let's assume you choose Germany server. Navigate to the [Server Status page](/status/), find & resolve its domain name:
+
+    ```
+    # nslookup de1.gw.ivpn.net
+    ```
+
+    The output will be the IP addresses, which you need to specify in the UFW exception rule:
+
+    ```
+    # sudo ufw allow out from any to resolved.ip.address.here
+    ```
+
+    If you do not have or do not wish to use i.e. public DNS or the one provided by your ISP (skip this step if otherwise), update your hosts file accordingly:
+
+    ```
+    # echo "resolved.ip.address.here  de1.gw.ivpn.net" | sudo tee -a /etc/hosts
+    ```
+
+6.  You're done! In case you need to reset those rules and start anew:
+
+    ```
+    # sudo ufw reset
+    ```
+
+You can additionally disable IPv6:
+
+```
+# echo 'net.ipv6.conf.all.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
+# echo 'net.ipv6.conf.default.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
+# echo 'net.ipv6.conf.lo.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
+# sudo sysctl -p
+```
+
+...and reverse those changes by editing /etc/sysctl.conf, and deleting those lines.
\ No newline at end of file
diff --git a/src/content/es/pages/knowledgebase/linux/linux-obfs3-and-obfs4-obfuscation-with-obfsproxy-to-circumvent-censorship.md b/src/content/es/pages/knowledgebase/linux/linux-obfs3-and-obfs4-obfuscation-with-obfsproxy-to-circumvent-censorship.md
new file mode 100644
index 000000000..cde917697
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/linux/linux-obfs3-and-obfs4-obfuscation-with-obfsproxy-to-circumvent-censorship.md
@@ -0,0 +1,176 @@
+---
+title: Linux - OBFS3 and OBFS4 Obfuscation with Obfsproxy to Circumvent Censorship - IVPN Help
+h1: Linux - OBFS3 and OBFS4 Obfuscation with Obfsproxy to Circumvent Censorship
+url: /knowledgebase/linux/linux-obfs3-and-obfs4-obfuscation-with-obfsproxy-to-circumvent-censorship/
+sections:
+    - linux
+sectionTitle: Linux
+layout: help-details
+weight: 9
+---
+# OBFS3 and OBFS4 Obfuscation with Obfsproxy to Circumvent Censorship
+
+In some countries (like China, Iran, Vietnam, etc.), the government utilizes a very restrictive firewall and enforces local ISPs to throttle and block the traffic via Deep Packet Inspection. Work around these restrictions with the help of obfs4proxy by masking the VPN traffic.  This article offers details on using OBFS3 or OBFS4 with a single-hop or Multi-hop OpenVPN connection over TCP.
+
+<div markdown="1" class="notice notice--info">
+Our IVPN Linux client includes obfsproxy support. Check it out <a href="/apps-linux/">here</a>
+</div>
+
+
+1. Install the OBFS4 proxy package:
+
+    **Debian, Ubuntu, Mint**: `sudo apt install obfs4proxy`
+
+    **Fedora**: `sudo dnf install obfs4`
+
+    **openSUSE**: `sudo zypper install obfs4`
+
+    **Arch, Manjaro**: https://aur.archlinux.org/packages/obfs4proxy
+
+
+1. Create a helper script to set proxy variables and launch the `obfs4proxy` service:
+
+    ```
+    $ nano /path/to/obfs-helper.sh
+
+    #!/bin/bash
+    echo "Keep this running for the duration of the OpenVPN connection."
+    echo "Use Ctrl+c two times to exit."
+    mkdir -p /tmp/obfs
+    export TOR_PT_CLIENT_TRANSPORTS=obfs3,obfs4
+    export TOR_PT_MANAGED_TRANSPORT_VER=1
+    export TOR_PT_STATE_LOCATION=/tmp/obfs
+    /usr/bin/obfs4proxy
+    ```
+
+    Press `Ctrl+x` to save and exit the `nano` editor.  Make the script executable with `chmod +x /path/to/obfs-helper.sh`.  Be sure to use a real file location (not `/path/to/`).
+
+    This script creates a local proxy service for both OBFS3 and OBFS4.  Adjust the `export TOR_PT_CLIENT_TRANSPORTS=obfs3,obfs4` line if required (ie. `export TOR_PT_CLIENT_TRANSPORTS=obfs4` for OBFS4 only).
+
+
+1. Generate a single-hop OpenVPN configuration file:
+
+    IVPN OpenVPN configuration generator: https://www.ivpn.net/openvpn-config
+
+    In step 2 of the configuration generator, choose any **TCP** port for `Protocol / Port` and select `Use hostnames`.
+
+
+1. Edit the OpenVPN configuration file (ie. using `nano`, `vim`, or any text editor you prefer):
+
+    **OBFS3 single-hop**: Change line 4 port to `5145`
+
+    **OBFS4 single-hop**: Change line 4 port to `5146`
+
+    **OBFS3 Multi-hop**:
+    - Change line 4 port to the exit server's `OBFS 3 MultiHop Port` from the [server status page](https://www.ivpn.net/status) (ie. fr1 = 23402, jp2 = 20831, us-ca3 = 21302)
+    - Change line 16 `name-prefix` to match the exit server (ie. fr, jp, us-ca)
+
+    **OBFS4 Multi-hop**:
+    - Change line 4 port to the exit server's `OBFS 4 MultiHop Port` from the [server status page](https://www.ivpn.net/status) (ie. fr1 = 23403, jp2 = 20832, us-ca3 = 21303)
+    - Change line 16 `name-prefix` to match the exit server (ie. fr, jp, us-ca)
+
+    **For all connections** (OBFS3, OBFS4, single-hop, Multi-hop), add four lines after `verb 3`:
+
+    ```
+    tls-timeout 4
+    txqueuelen 1024      # Linux only
+    connect-retry-max 3  # adjust as required
+    route xx.xx.xx.xx 255.255.255.255 yy.yy.yy.yy
+    ```
+
+    Use the IP address from line 4 of the OpenVPN configuration file to replace `xx.xx.xx.xx` and use your network's default gateway IP address to replace `yy.yy.yy.yy`.  Run `ip route | grep default` to identify the default gateway IP address for your system.
+
+    Save the file (ie. `Taiwan-obfs4.ovpn`).
+
+
+1. **OBFS4 Only** - Create a  `socks5_auth` file:
+
+    This file contains the VPN server's public key/certificate and the Inter-Arrival Timing (IAT) mode (elapsed time after receipt of a packet until the next packet arrives).
+
+    **cert=...;** use the `OBFS 4 Public Key` from the [server status page](https://www.ivpn.net/status) for the server your traffic exits from.  A semi-colon at end of line is required.
+
+    **iat-mode=** can be 0, 1, or 2 and determines packet segmentation rules:  
+    - **0 = disabled**: packets are segmented by the network, network fingerprints could be detected  
+    - **1 = enabled**: packets are segmented by the OBFS4 proxy, maximum payload is 1448 bytes, prevents re-assembly for analysis  
+    - **2 = paranoid**: random packet size, prevents re-assembly for analysis, uncommon and may or may not offer benefits  
+
+    There will likely be a performance decrease for the VPN connection with IAT-modes 1 and 2.
+
+    Example: `socks5_auth` with IAT-mode 0:
+
+    ```
+    cert=abcdefghijklmnopqrstuvwxyz0123456789;
+    iat-mode=0
+    ```
+
+    Save the file to a convenient location (ie. `~/socks5_auth_fr1`, `/path/to/socks5_auth_us-ca3`).
+
+
+1. Launch the helper script and keep it running (ie. do not close the terminal window):
+
+    ```
+    $ /path/to/obfs-helper.sh
+    Keep this running for the duration of the OpenVPN connection.
+    Use Ctrl+c two times to exit.
+    VERSION 1
+    CMETHOD obfs3 socks5 127.0.0.1:aaaaa
+    CMETHOD obfs4 socks5 127.0.0.1:bbbbb
+    CMETHODS DONE
+    ```
+
+    `aaaaa` is the port number for OBFS3 connections.
+
+    `bbbbb` is the port number for OBFS4 connections.
+
+    The port numbers are random and change each time `obfs4proxy` is launched (via the helper script).
+
+
+1. Start the OpenVPN connection and keep the terminal window open:
+    
+    Replace `aaaaa` and `bbbbb` in the commands below with the actual port numbers from the step above.
+
+    **OBFS3 single-hop or Multi-hop**:
+    ```
+    sudo openvpn --config /path/to/France-obfs3.ovpn --socks-proxy 127.0.0.1 aaaaa
+    ```
+
+    **OBFS4 single-hop**:
+    ```
+    sudo openvpn --config /path/to/France-obfs4.ovpn --socks-proxy 127.0.0.1 bbbbb ~/socks5_auth_fr1
+    ```
+
+    **OBFS4 Multi-hop**, the `socks5_auth` file is for the exit server:
+    ```
+    sudo openvpn --config /path/to/France2Portugal-obfs4.ovpn --socks-proxy 127.0.0.1 bbbbb /path/to/socks5_auth_pt1
+    ```
+
+    **Note**:  Use a chained command with a variable to determine the random port to help with scripts and automation instead of manually replacing `aaaaa` and `bbbbb`:
+    ```
+    OBFS3PORT=$(ss -ltp | grep obfs4proxy | grep "fd=3" | awk '{ print $4 }' | awk -F":" '{ print $2 }')
+    OBFS4PORT=$(ss -ltp | grep obfs4proxy | grep "fd=4" | awk '{ print $4 }' | awk -F":" '{ print $2 }')
+    ```
+
+1. Run a [DNS leak test](https://www.dnsleaktest.com/) to verify the connection.
+
+
+1. Disconnect the OpenVPN connection first by using `Ctrl+c` in the OpenVPN terminal.  Stop the proxy service by using `Ctrl+c` twice in the other terminal.
+
+
+### Troubleshooting:
+
+- [DNS leak](https://www.ivpn.net/knowledgebase/linux/linux-webpages-do-not-load-or-dns-leaks-when-connecting-via-networkmanager/)
+
+- IPv6 leak:
+
+    - Use a firewall to allow connection to TCP port `5145` (OBFS3, single-hop), `5146` (OBFS4, single-hop), and/or any required `2xxxx` port for Multi-hop using [iptables](https://www.ivpn.net/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables/) or [ufw](https://www.ivpn.net/knowledgebase/linux/linux-kill-switch-using-the-uncomplicated-firewall-ufw/).  
+
+    - Disable IPv6:  
+
+    ```
+    echo 'net.ipv6.conf.all.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
+    echo 'net.ipv6.conf.default.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
+    echo 'net.ipv6.conf.lo.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
+    sudo sysctl -p
+    ```
+
+    **Note**: Change the three `disable_ipv6=1` to `disable_ipv6=0` to re-enable IPv6.
diff --git a/src/content/es/pages/knowledgebase/linux/linux-tray-icon-is-missing-in-gnome.md b/src/content/es/pages/knowledgebase/linux/linux-tray-icon-is-missing-in-gnome.md
new file mode 100644
index 000000000..a1c05f4a3
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/linux/linux-tray-icon-is-missing-in-gnome.md
@@ -0,0 +1,20 @@
+---
+title: Tray icon is missing in GNOME - IVPN Help
+h1: Tray icon is missing in GNOME
+url: /knowledgebase/linux/linux-tray-icon-is-missing-in-gnome/
+sections:
+    - linux
+    - troubleshooting
+sectionTitle: Linux
+layout: help-details
+weight: 70
+---
+# Tray icon is missing in GNOME
+
+In the GNOME desktop environment version 40, tray icons have been mostly removed and the tray icon for the IVPN App does not appear by default.  The IVPN App's tray icon can be restored by installing two packages using the command line via Terminal:
+
+```
+$ sudo dnf install gnome-extensions-app gnome-shell-extension-appindicator
+```
+
+After installing, launch the `Extensions` application and toggle the `KStatusNotifierItem` switch to **on**.  You may have to log out from the GNOME desktop, then log back in for the `Extesions` application to update.
diff --git a/src/content/es/pages/knowledgebase/linux/linux-webpages-do-not-load-or-dns-leaks-when-connecting-via-networkmanager.md b/src/content/es/pages/knowledgebase/linux/linux-webpages-do-not-load-or-dns-leaks-when-connecting-via-networkmanager.md
new file mode 100644
index 000000000..3fe267875
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/linux/linux-webpages-do-not-load-or-dns-leaks-when-connecting-via-networkmanager.md
@@ -0,0 +1,109 @@
+---
+title: Webpages do not load or DNS leaks when connecting via NetworkManager - IVPN Help
+h1: Webpages do not load or DNS leaks when connecting via NetworkManager
+url: /knowledgebase/linux/linux-webpages-do-not-load-or-dns-leaks-when-connecting-via-networkmanager/
+sections:
+    - linux
+sectionTitle: Linux
+layout: help-details
+weight: 110
+---
+# Webpages do not load or DNS leaks when connecting via NetworkManager
+
+When you connect to a VPN server using the NetworkManager, you might discover that it does not apply IVPN DNS IP address automatically. This may lead to either websites' domain names not resolving or your real DNS is being used, which is considered as a leak.
+
+If you are more comfortable with NetworkManager, feel free to apply IVPN DNS IP addresses manually:
+
+<div markdown="1" class="notice notice--warning">
+Syntax may differ depending on your Linux distro, substitute where required
+</div>
+
+1.  Install the `resolvconf` package:
+
+    ```
+    #sudo apt-get install resolvconf
+    ```
+
+2.  Open **head** file..:
+
+    ```
+    #sudo nano /etc/resolvconf/resolv.conf.d/head
+    ```
+
+    ... and on the new line (without quotes) enter `nameserver 10.0.254.1` and on another line nameserver `198.245.51.147`. Cntrl+X to save changes and exit the file.
+
+3.  Restart your system to apply the DNS changes or edit the **resolv.conf** file to apply the DNS immediately:
+
+    ```
+    #sudo nano /etc/resolv.conf
+    ```
+
+    Add both of our DNS IP addresses:
+
+    ```
+    nameserver 10.0.254.1
+    nameserver 198.245.51.147
+    ```
+
+    Remove or comment out (by adding '#' at the beginning of the line) lines containing your real DNS IP address  
+    Using a different Internal IP addresses activates the AntiTracker:  
+    * 10.0.254.1 = regular DNS with no blocking (OpenVPN)
+    * 10.0.254.2 = standard AntiTracker to block advertising and malware domains
+    * 10.0.254.3 = Hardcore Mode AntiTracker to also block Google and Facebook domains 
+
+4.  Confirm that your system is now using IVPN DNS. Running the, e.g. **nslookup ivpn.net** command should provide you with the following output.  
+    When disconnected from IVPN, your system should use `198.245.51.147` IP address:
+
+    ```
+    Server: 198.245.51.147
+    Address: 198.245.51.147#53
+    Non-authoritative answer:
+    Name:	ivpn.net
+    Address: 167.114.18.34
+    ```
+
+    When connected to IVPN, `10.0.254.1`:
+
+    ```
+    Server: 10.0.254.1
+    Address: 10.0.254.1#53
+    Non-authoritative answer:
+    Name:	ivpn.net
+    Address: 167.114.18.34
+    ```
+
+### Troubleshooting
+
+1.  In some Linux distros, there may be multiple services affecting the DNS sub-system. If you see an entry like `nameserver 127.0.0.53` in the /etc/resolv.conf file after making the changes above and rebooting your computer system, you may have to disable the systemd-resolved service and reboot your system:
+
+    ```
+    sudo systemctl disable systemd-resolved.service
+    ```
+
+2.  Another way to put and keep DNS servers in the resolv.conf file involves creating a file and changing a file attribute to preserve the file and contents:
+
+    ```
+    sudo rm -i /etc/resolv.conf
+    ```
+
+    Add our DNS servers to the resolv.conf file:
+
+    ```
+    #sudo nano /etc/resolv.conf
+    nameserver 10.0.254.1
+    nameserver 198.245.51.147
+    ```
+
+    Press `Ctrl+x` to save and exit the **nano** editor, then change the file attribute to prevent writes or file changes:
+
+    ```
+    sudo chattr +i /etc/resolv.conf
+    ```
+
+    This file attribute change persists over a reboot. Undo this change with:
+
+    ```
+    sudo chattr -i /etc/resolv.conf
+    ```
+
+    ... then restart your computer system to allow the resolv.conf file to be populated automatically.
diff --git a/src/content/es/pages/knowledgebase/linux/linux-wireguard-kill-switch.md b/src/content/es/pages/knowledgebase/linux/linux-wireguard-kill-switch.md
new file mode 100644
index 000000000..cc49faf11
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/linux/linux-wireguard-kill-switch.md
@@ -0,0 +1,57 @@
+---
+title: WireGuard Kill Switch - IVPN Help
+h1: WireGuard Kill Switch
+url: /knowledgebase/linux/linux-wireguard-kill-switch/
+sections:
+    - linux
+sectionTitle: Linux
+layout: help-details
+weight: 80
+---
+# WireGuard Kill Switch
+
+To ensure no traffic leaks outside and your real IP address is revealed in case the WireGuard VPN tunnel accidentally goes down, you can set up the Kill Switch which is configured using the **PostUp** and **PreDown** WG syntax.
+
+1.  Open the WireGuard config file with any text editors:
+
+    ```
+    $ sudo nano /etc/wireguard/wg0.conf
+    ```
+
+2.  Add the following two lines to the [Interface] section:
+
+    ```
+    PostUp  =  iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
+    PreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show  %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -D OUTPUT ! -o %i -m mark ! --mark $(wg show  %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
+    ```
+
+3.  Here's how the WG config file should look like afterwards:
+
+    ```
+    [Interface]
+    PrivateKey = abcdefghijklmnopqrstuvwxyz0123456789=
+    Address = 172.x.y.z/32
+    DNS = 172.16.0.1
+    PostUp  =  iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
+    PreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show  %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -D OUTPUT ! -o %i -m mark ! --mark $(wg show  %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
+    [Peer]
+    PublicKey = JPT1veXLmasj2uQDstX24mpR7VWD+GmV8JDkidkz91Q=
+    Endpoint = us-tx1.wg.ivpn.net:2049
+    AllowedIPs = 0.0.0.0/0
+    ```
+
+### Testing
+
+1.  One way to test a down tunnel is to delete the IP address from the WireGuard network interface, like this via the Terminal:
+
+    ```
+    sudo ip a del [IP address] dev [interface]
+    ```
+
+    In this example, it's possible to remove 172.x.y.z from the wg0 interface:
+
+    ```
+    sudo ip a del 172.x.y.z/32 dev wg0
+    ```
+
+    The PostUP iptables rule from step 2 above restricts all traffic to the tunnel and all outgoing attempts to get traffic out fail. To gracefully recover from this, you will likely have to use the **wg-quick** command to take the connection down, then bring it back up.
diff --git a/src/content/es/pages/knowledgebase/linux/linux-wireguard-rtnetlink-answers-operation-not-supported.md b/src/content/es/pages/knowledgebase/linux/linux-wireguard-rtnetlink-answers-operation-not-supported.md
new file mode 100644
index 000000000..af6e9d6f4
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/linux/linux-wireguard-rtnetlink-answers-operation-not-supported.md
@@ -0,0 +1,29 @@
+---
+title: 'WireGuard - "RTNETLINK answers: Operation not supported" - IVPN Help'
+h1: 'WireGuard - "RTNETLINK answers: Operation not supported"'
+url: /knowledgebase/linux/linux-wireguard-rtnetlink-answers-operation-not-supported/
+sections:
+    - linux
+sectionTitle: Linux
+layout: help-details
+weight: 20
+---
+# WireGuard - "RTNETLINK answers: Operation not supported"
+
+If you are trying to establish a WireGuard connection with a **wg-quick** command and receive the following error..:
+
+```
+$ ip link add dev wg0 type wireguard
+RNETLINK answers: Operation not supported
+Unable to access interface: Protocol not supported
+```
+
+..most likely the **wireguard** kernel module is not loaded in your system. To fix this, open the terminal and run the following command:
+
+```
+$ sudo modprobe wireguard
+```
+
+In case the issue is still there, reboot your machine.
+
+A chance exists that the **Secure Boot** feature is blocking the unsigned WireGuard kernel module.  In this case, you might consider either disabling the **Secure Boot** feature or signing the WireGuard module to raise the trust level.
diff --git a/src/content/es/pages/knowledgebase/linux/managing-the-ivpn-linux-client-at-system-boot.md b/src/content/es/pages/knowledgebase/linux/managing-the-ivpn-linux-client-at-system-boot.md
new file mode 100644
index 000000000..44e1a31d6
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/linux/managing-the-ivpn-linux-client-at-system-boot.md
@@ -0,0 +1,142 @@
+---
+title: Managing the IVPN Linux CLI client at System Boot - IVPN Help
+h1: Managing the IVPN Linux CLI client at System Boot
+url: /knowledgebase/linux/managing-the-ivpn-linux-client-at-system-boot/
+sections:
+    - linux
+sectionTitle: Linux
+layout: help-details
+weight: 10
+---
+# Managing the IVPN Linux CLI client at System Boot
+
+<div markdown="1" class="notice notice--warning">
+This article applies to the IVPN Linux CLI client.  The GUI client includes both Always-On and On-Demand firewall settings.
+</div>
+
+
+The IVPN Linux CLI client does not currently offer support for a persistent firewall or automatically connecting at system boot, though these features are planned for future releases.
+
+Using standard Linux features, it is possible to manage both the automatic connect and the firewall settings at system boot at either the user-level via **crontab** or the system-level using a **systemd unit file**.
+
+Please use only one of these options to avoid conflicts.
+
+### User-level: crontab
+
+<div markdown="1" class="notice notice--info">
+No root-level or sudo-style permissions are required for this option.
+</div>
+
+1.  Create a Bash script to first wait for the **ivpn-service** to become ready, then apply the connection options:
+
+    ```
+    $ nano /home/user/bin/auto-conn-ivpn.sh
+    #!/bin/bash
+    while ! ps -e | grep ivpn-service > /dev/null ; do
+        sleep 1
+    done
+    /usr/local/bin/ivpn firewall -on
+    /usr/local/bin/ivpn connect -p wg -antitracker Denmark
+    ```
+
+    Press `Ctrl+x` to save the file and exit from the `nano` editor.
+
+    <div markdown="1" class="notice notice--info">
+    Note: The script above uses a WireGuard connection to our server in Denmark. Please feel free to use whichever connection settings you prefer. Our <a href="/knowledgebase/general/command-line-client-faq/">Command Line Client FAQ</a> has details.
+    </div>
+
+2.  Make the script executable:
+
+    ```
+    $ chmod +x /home/user/bin/auto-conn-ivpn.sh
+    ```
+
+3.  Edit the **crontab** and add a line with the `@reboot` timing directive plus the path to the script above. Logging is optional:
+
+    ```
+    $ crontab -e
+    @reboot /home/user/bin/auto-conn-ivpn.sh > /home/user/auto-conn-ivpn.log
+    ```
+
+4.  Reboot your system to confirm the IVPN Linux client connects automatically.
+
+5.  Check the log file to see the connection details:
+
+    ```
+    $ cat /home/user/auto-conn-ivpn.log
+    ```
+
+To adjust the connection settings, edit the `/home/user/bin/auto-conn-ivpn.sh` script. No changes to the **crontab** are required.
+
+To de-activate this automatic boot-time connection, edit the **crontab** and comment out or remove the `@reboot /home/...` line.
+
+### System-level: systemd
+
+<div markdown="1" class="notice notice--info">
+Root-level or sudo-style access is required for this option.
+</div>
+
+1.  Create a Bash script with the connection options:
+
+    ```
+    $ sudo nano /usr/local/bin/ivpn-autoconnect.sh
+    #!/bin/bash
+    /usr/local/bin/ivpn firewall -on
+    /usr/local/bin/ivpn connect -p ovpn -antitracker Singapore
+    ```
+
+    Press `Ctrl+x` to save the file and exit from the `nano` editor.
+
+    <div markdown="1" class="notice notice--info">
+    Note: The script above uses an OpenVPN connection to our server in Singapore. Please feel free to use whichever connection settings you prefer. Our <a href="/knowledgebase/general/command-line-client-faq/">Command Line Client FAQ</a> has details.
+    </div>
+
+2.  Make the script executable:
+
+    ```
+    $ sudo chmod +x /usr/local/bin/ivpn-autoconnect.sh
+    ```
+
+3.  Create a **systemd unit file** to control the autoconnect service:
+
+    ```
+    $ sudo nano /lib/systemd/system/ivpn-autoconnect.service
+    [Unit]
+    Description=IVPN autoconnect service.
+    After=network.target ivpn-service.service
+    Requires=network-online.target ivpn-service.service
+
+    [Service]
+    Type=oneshot
+    ExecStartPre=sleep 2
+    ExecStart=/bin/bash /usr/local/bin/ivpn-autoconnect.sh
+    ExecStop=ivpn disconnect
+    RemainAfterExit=yes
+
+    [Install]
+    WantedBy=multi-user.target
+    ```
+
+    Press `Ctrl+x` to save the file and exit from the `nano` editor.
+
+4.  Enable the autoconnect service:
+
+    ```
+    $ sudo systemctl enable ivpn-autoconnect.service
+    ```
+
+5.  Reboot your system to confirm the IVPN Linux client connects automatically.
+
+6.  Check the autoconnect service status:
+
+    ```
+    $ sudo systemctl status ivpn-autoconnect.service
+    ```
+
+To adjust the connection settings, edit the `/usr/local/bin/ivpn-autoconnect.sh` script. No changes to the **systemd unit file** are required.
+
+To de-activate this automatic boot-time connection, disable the autoconnect service:
+
+```
+$ sudo systemctl disable ivpn-autoconnect.service
+```
diff --git a/src/content/es/pages/knowledgebase/macos/_index.md b/src/content/es/pages/knowledgebase/macos/_index.md
new file mode 100644
index 000000000..4af024f15
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/macos/_index.md
@@ -0,0 +1,7 @@
+---
+title: macOS - IVPN Help
+url: /knowledgebase/macos/
+section: macos
+layout: help
+---
+## macOS
diff --git a/src/content/es/pages/knowledgebase/macos/how-do-i-completely-uninstall-or-remove-tunnelblick.md b/src/content/es/pages/knowledgebase/macos/how-do-i-completely-uninstall-or-remove-tunnelblick.md
new file mode 100644
index 000000000..12c690ea1
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/macos/how-do-i-completely-uninstall-or-remove-tunnelblick.md
@@ -0,0 +1,14 @@
+---
+title: How do I completely uninstall / remove Tunnelblick? - IVPN Help
+h1: How do I completely uninstall / remove Tunnelblick?
+url: /knowledgebase/macos/how-do-i-completely-uninstall-or-remove-tunnelblick/
+sections:
+    - macos
+    - troubleshooting
+sectionTitle: macOS
+layout: help-details
+weight: 40
+---
+# How do I completely uninstall / remove Tunnelblick?
+
+Please follow the [uninstall instructions](https://tunnelblick.net/cUninstall.html) on Tunnelblick's website.
diff --git a/src/content/es/pages/knowledgebase/macos/how-to-resolve-error-ivpnapp-is-damaged-and-cannot-be-opened.md b/src/content/es/pages/knowledgebase/macos/how-to-resolve-error-ivpnapp-is-damaged-and-cannot-be-opened.md
new file mode 100644
index 000000000..d5cb91968
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/macos/how-to-resolve-error-ivpnapp-is-damaged-and-cannot-be-opened.md
@@ -0,0 +1,22 @@
+---
+title: How to resolve error "IVPN.app is damaged and cannot be opened." - IVPN Help
+h1: How to resolve error "IVPN.app is damaged and cannot be opened."
+url: /knowledgebase/macos/how-to-resolve-error-ivpnapp-is-damaged-and-cannot-be-opened/
+sections:
+    - macos
+    - troubleshooting
+sectionTitle: macOS
+layout: help-details
+weight: 90
+---
+# How to resolve error "IVPN.app is damaged and cannot be opened."
+
+This error is caused by the macOS extended file attributes which result in app signature verification failure. We are not sure what the root cause of this issue is and it seems to affect only a very small percentage of users. The solution, however, is very simple and does not introduce any security risks. You simply have to remove the extended file attributes on the IVPN.app package.
+
+1.  Open Terminal.app by navigating to the utilities folder within the applications folder.
+
+2.  Type the command below (where ~/Downloads/IVPN.app is the path to the IVPN.app file you extracted)
+
+    ```
+    xattr -rc ~/Downloads/IVPN.app
+    ```
diff --git a/src/content/es/pages/knowledgebase/macos/ivpnapp-wants-to-control-system-events-why-do-i-see-this-warning.md b/src/content/es/pages/knowledgebase/macos/ivpnapp-wants-to-control-system-events-why-do-i-see-this-warning.md
new file mode 100644
index 000000000..a743a3b58
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/macos/ivpnapp-wants-to-control-system-events-why-do-i-see-this-warning.md
@@ -0,0 +1,21 @@
+---
+title: '"IVPN.app wants to control System Events". Why do I see this warning? - IVPN Help'
+h1: '"IVPN.app wants to control System Events". Why do I see this warning?'
+url: /knowledgebase/macos/ivpnapp-wants-to-control-system-events-why-do-i-see-this-warning/
+sections:
+    - macos
+sectionTitle: macOS
+layout: help-details
+weight: 170
+---
+# "IVPN.app wants to control System Events". Why do I see this warning?
+
+Various new threats and vulnerabilities are discovered daily and reacting to them is vital to keep the device that holds your personal and sensitive information safe and secure. For that, Apple is continuously implementing new security features to its operating systems, which is definitely a good thing.
+
+<div markdown="1" class="notice notice--warning">
+[insert an app name here] wants to control "System Events". Allowing control will provide access to documents and data inside "System Events", and to perform actions within that app.
+</div>
+
+This is a new dialogue message that was added with the release of macOS Catalina. What you're seeing is warning that was not a part of previous versions of macOS - it's being more cautious and letting you know about things that you may want to weigh in on, such as whether to grant this or that application certain privileges, where in the past, it would've just gone ahead and granted them without asking you for specific permission.
+
+Our app provides a lot of features, which rely on various system events and triggers to work. For example, the "Start at login" feature needs to know when you are, well, logged into your computer to launch an app. The only way to know whether this event has actually occurred, IVPN app needs to have access to your computer's "System Events", hence the permission request message. Should you not allow this, the feature is not guaranteed to work as it was designed initially.
diff --git a/src/content/es/pages/knowledgebase/macos/macos-disposable-emails.md b/src/content/es/pages/knowledgebase/macos/macos-disposable-emails.md
new file mode 100644
index 000000000..24b575be7
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/macos/macos-disposable-emails.md
@@ -0,0 +1,46 @@
+---
+draft: true
+title: macOS - Disposable Emails - IVPN Help
+h1: macOS - Disposable Emails
+url: /knowledgebase/macos/macos-disposable-emails/
+sections:
+    - macos
+sectionTitle: macOS
+layout: help-details
+weight: 120
+---
+# macOS - Disposable Emails
+
+<div markdown="1" class="notice notice--warning">
+Disposable email is currently a beta feature. If you do not see the options described in this article, the beta has not been made available to you. If you would like to help us test this feature and join the beta, please email <a href="mailto:support@ivpn.net">support@ivpn.net</a>
+</div>
+
+Your email address is requested 100 times a day. Every time you provide it, you're trusting it won't fall into the wrong hands. IVPN's disposable email feature lets you create unlimited disposable email addresses you can share without concern, but immediately delete should they become compromised by spammers, sold to 3rd parties, or should you no longer require them.
+
+This article will show you how to use the IVPN disposable email feature on macOS to protect your real email address.
+
+### Creating a disposable email
+
+* To create a new Disposable Email address, launch the IVPN client, right-click the small `IVPN icon` and choose `Private Email`->`Manage...` as shown in the screenshot below:
+
+  ![](/images-static/uploads/Mac_PE_1.jpg)  
+
+* Once in the E-mail manager, click on the `Generate new` button to create your new random email address:
+
+  ![](/images-static/uploads/Mac_PE_2.png)
+
+* Once created, you can use that address right away.
+* You can optionally save a note along with that email address. You could use this to save information about the sites or services you have used this email address for. You can edit your note at any time by simply pressing the `Update notes` button and saving a new note.
+* Emails sent to those disposable email addresses will be forwarded to the email address associated with your IVPN account.
+
+### Deleting a disposable email
+
+To remove an email address you have created, simply:
+
+* Open your `Manage email` panel.
+* Select the email address you wish to delete from this list.
+* Click on a `Delete address` button. **This email address will stop receiving emails immediately and cannot be reinstated**.
+
+### Available on the web
+
+Just in case you ever need to sign up for something from another device, it is also possible to manage, create and delete disposable email addresses or even send mail from it in your personal [Client Area](/account/), under `VPN Account` - `Private emails` tab.
diff --git a/src/content/es/pages/knowledgebase/macos/macos-failed-to-regenerate-wireguard-keys-private-key-generation-error-133.md b/src/content/es/pages/knowledgebase/macos/macos-failed-to-regenerate-wireguard-keys-private-key-generation-error-133.md
new file mode 100644
index 000000000..3e22e4883
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/macos/macos-failed-to-regenerate-wireguard-keys-private-key-generation-error-133.md
@@ -0,0 +1,15 @@
+---
+title: "macOS - Failed to regenerate WireGuard keys. Private key generation error: 133 - IVPN Help"
+h1: "macOS - Failed to regenerate WireGuard keys. Private key generation error: 133"
+url: /knowledgebase/macos/macos-failed-to-regenerate-wireguard-keys-private-key-generation-error-133/
+sections:
+    - macos
+sectionTitle: macOS
+layout: help-details
+weight: 180
+---
+# macOS - Failed to regenerate WireGuard keys. Private key generation error: 133
+
+This error is caused when you attempt to connect to a WireGuard server using an old version of macOS. To use WireGuard, your device has to be running on [macOS version 10.14 or later](https://apps.apple.com/us/app/wireguard/id1451685025?mt=12).
+
+Updating your macOS device to a supported version will resolve this issue. If updating is not feasible, you can continue connecting using OpenVPN or [IPSec with IKEv2 VPN protocol](/setup/macos-ipsec-with-ikev2/).
diff --git a/src/content/es/pages/knowledgebase/macos/macos-how-do-i-completely-uninstall-or-remove-the-ivpn-application.md b/src/content/es/pages/knowledgebase/macos/macos-how-do-i-completely-uninstall-or-remove-the-ivpn-application.md
new file mode 100644
index 000000000..1fdebd2e7
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/macos/macos-how-do-i-completely-uninstall-or-remove-the-ivpn-application.md
@@ -0,0 +1,20 @@
+---
+title: macOS - How do I completely uninstall / remove the IVPN application? - IVPN Help
+h1: macOS - How do I completely uninstall / remove the IVPN application?
+url: /knowledgebase/macos/macos-how-do-i-completely-uninstall-or-remove-the-ivpn-application/
+sections:
+    - macos
+    - troubleshooting
+sectionTitle: macOS
+layout: help-details
+weight: 60
+---
+# macOS - How do I completely uninstall / remove the IVPN application?
+
+The uninstaller app is included in the installation .dmg image and is only required if you wish to completely remove all components of the IVPN application from your macOS computer. It is not required before installing a new version.
+
+You can download the latest .dmg image from the following link: [https://www.ivpn.net/apps-macos/](/apps-macos/)
+
+Open the downloaded image file and scroll down until you see the "Uninstall IVPN.app".
+
+After running the uninstaller app, restart your macOS computer system.
diff --git a/src/content/es/pages/knowledgebase/macos/macos-ivpn-helper-agent-is-not-starting.md b/src/content/es/pages/knowledgebase/macos/macos-ivpn-helper-agent-is-not-starting.md
new file mode 100644
index 000000000..fe35b3f53
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/macos/macos-ivpn-helper-agent-is-not-starting.md
@@ -0,0 +1,27 @@
+---
+title: macOS - IVPN Helper agent is not starting - IVPN Help
+h1: macOS - IVPN Helper agent is not starting
+url: /knowledgebase/macos/macos-ivpn-helper-agent-is-not-starting/
+sections:
+    - macos
+sectionTitle: macOS
+layout: help-details
+weight: 160
+---
+# macOS - IVPN Helper agent is not starting
+
+If you are unable to use IVPN app and getting the error about "IVPN Helper agent" being unable to start, follow the steps below:
+
+1.  Download the latest version of IVPN client for macOS from our website & double click on the installer.
+
+2.  Instead of moving the IVPN icon to your Applications folder in the popped up frame, scroll down and click on `Uninstall IVPN` - this will initiate a full uninstall process, removing any files associated with the app, including configuration files
+
+    ![](/images-static/uploads/macos-uninstaller.png)
+
+3.  Reboot your Mac -> install the IVPN app once again and check if the problem persists.
+
+In case the issue is still there, close the IVPN app, open the terminal on your macOS device and execute the following command:
+
+```
+sudo launchctl enable system/net.ivpn.client.Helper
+```
diff --git a/src/content/es/pages/knowledgebase/macos/macos-launch-at-login-is-not-available.md b/src/content/es/pages/knowledgebase/macos/macos-launch-at-login-is-not-available.md
new file mode 100644
index 000000000..2e6f01353
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/macos/macos-launch-at-login-is-not-available.md
@@ -0,0 +1,17 @@
+---
+title: macOS - "Launch at login" is not available - IVPN Help
+h1: macOS - "Launch at login" is not available
+url: /knowledgebase/macos/macos-launch-at-login-is-not-available/
+sections:
+    - macos
+sectionTitle: macOS
+layout: help-details
+weight: 190
+---
+# macOS - "Launch at login" is not available
+
+The IVPN App for macOS requires permission to access the `System Events.app` on macOS to provide a way for the IVPN App to integrate with the macOS at a low level.  By granting permission, the IVPN App is allowed to make entries in the event log related to VPN, routing and firewall processes, and launching the app on login.
+
+During the IVPN App's installation process, access to `System Events.app` is requested.  If access is denied, the "Launch at login" feature will be greyed out and unavailable.
+
+You can view this permission entry on a macOS computer by opening `System Preferences > Security & Privacy > Privacy tab > Automation` and checking that the IVPN App has a check mark denoting permission to access `System Events.app`.  Toggling this check mark will grant or deny access.  Access is required for the "Launch at login" feature.
diff --git a/src/content/es/pages/knowledgebase/macos/macos-what-credentials-are-required-for-the-helper-agent-portion-of-the-ivpn-app-install.md b/src/content/es/pages/knowledgebase/macos/macos-what-credentials-are-required-for-the-helper-agent-portion-of-the-ivpn-app-install.md
new file mode 100644
index 000000000..87210fb28
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/macos/macos-what-credentials-are-required-for-the-helper-agent-portion-of-the-ivpn-app-install.md
@@ -0,0 +1,15 @@
+---
+title: macOS - What credentials are required for the Helper Agent portion of the IVPN App install? - IVPN Help
+h1: macOS - What credentials are required for the Helper Agent portion of the IVPN App install?
+url: /knowledgebase/macos/macos-what-credentials-are-required-for-the-helper-agent-portion-of-the-ivpn-app-install/
+sections:
+    - macos
+sectionTitle: macOS
+layout: help-details
+weight: 150
+---
+# macOS - What credentials are required for the Helper Agent portion of the IVPN App install?
+
+During the IVPN App's installation, there is a `login prompt` with a `padlock icon` for our helper agent. Please enter your **macOS username** and **macOS password** to grant permission as the administrator of your computer system to allow access for the networking and firewall integration.
+
+We assign an **IVPN Account ID**, which starts with `ivpnXXXXXXXX` or `i-xxxx-xxxx-xxxx`, to your account. Please use this **IVPN Account ID** to log in to the IVPN App after the install is complete.
diff --git a/src/content/es/pages/knowledgebase/macos/tunnelblick-how-do-i-edit-the-openvpn-config-file.md b/src/content/es/pages/knowledgebase/macos/tunnelblick-how-do-i-edit-the-openvpn-config-file.md
new file mode 100644
index 000000000..28e93e6bb
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/macos/tunnelblick-how-do-i-edit-the-openvpn-config-file.md
@@ -0,0 +1,16 @@
+---
+title: Tunnelblick - How do I edit the OpenVPN config file? - IVPN Help
+h1: Tunnelblick - How do I edit the OpenVPN config file?
+url: /knowledgebase/macos/tunnelblick-how-do-i-edit-the-openvpn-config-file/
+sections:
+    - macos
+    - troubleshooting
+sectionTitle: macOS
+layout: help-details
+weight: 10
+---
+# Tunnelblick - How do I edit the OpenVPN config file?
+
+1. Click on the Tunnelblick icon in the top right menu bar and select `VPN details`.
+2. Select the server you wish to edit the config file for and click on the 'gear' icon with a small down arrow in the bottom left corner of the window.
+3. Select `Edit OpenVPN configuration file`. The file will open in your text editor. Make the necessary changes and save the file.
diff --git a/src/content/es/pages/knowledgebase/macos/tunnelblick-how-to-submit-diagnostic-data-to-ivpn.md b/src/content/es/pages/knowledgebase/macos/tunnelblick-how-to-submit-diagnostic-data-to-ivpn.md
new file mode 100644
index 000000000..33a005c86
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/macos/tunnelblick-how-to-submit-diagnostic-data-to-ivpn.md
@@ -0,0 +1,19 @@
+---
+title: Tunnelblick - How to submit diagnostic data to IVPN? - IVPN Help
+h1: Tunnelblick - How to submit diagnostic data to IVPN?
+url: /knowledgebase/macos/tunnelblick-how-to-submit-diagnostic-data-to-ivpn/
+sections:
+    - macos
+    - troubleshooting
+sectionTitle: macOS
+layout: help-details
+weight: 110
+---
+# Tunnelblick - How to submit diagnostic data to IVPN?
+
+If you are unable to resolve a technical issue and wish to contact IVPN support please include a copy of the log files by following the instructions below:
+
+1. Click on the Tunnelblick icon in the top right menu bar area.
+2. Click `VPN Details`.
+3. In the left side window select the server that you are trying to connect to.
+4. Click on the `log` tab on the right. `Click Copy diagnostic info to clipboard` and paste the data into an email to [support@ivpn.net](mailto:support@ivpn.net). Please include as much detail as possible about the issue you are experiencing.
diff --git a/src/content/es/pages/knowledgebase/macos/tunnelblick-opening-utun-no-buffer-space-available.md b/src/content/es/pages/knowledgebase/macos/tunnelblick-opening-utun-no-buffer-space-available.md
new file mode 100644
index 000000000..dbd223776
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/macos/tunnelblick-opening-utun-no-buffer-space-available.md
@@ -0,0 +1,18 @@
+---
+title: Tunnelblick - Opening utun - No buffer space available - IVPN Help
+h1: Tunnelblick - Opening utun - No buffer space available
+url: /knowledgebase/macos/tunnelblick-opening-utun-no-buffer-space-available/
+sections:
+    - macos
+    - troubleshooting
+sectionTitle: macOS
+layout: help-details
+weight: 80
+---
+# Tunnelblick - Opening utun - No buffer space available
+
+There is a bug in some versions of Tunnelblick which can result in the error above shown in the logs. To resolve follow the steps below.
+
+1. Ensure that you are running the [latest stable version of Tunnelblick](https://tunnelblick.net/downloads.html).
+2. Click on the Tunnelblick menu bar icon and then `VPN details`. Select the server you are trying to connect to and click the `advanced button`. Change the option `Load TUN driver automatically` to `Always load TUN driver`.
+3. If neither of the above resolve the issue, restart your computer and try again.
diff --git a/src/content/es/pages/knowledgebase/macos/tunnelblick-password-or-authentication-failure.md b/src/content/es/pages/knowledgebase/macos/tunnelblick-password-or-authentication-failure.md
new file mode 100644
index 000000000..02eb7b034
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/macos/tunnelblick-password-or-authentication-failure.md
@@ -0,0 +1,22 @@
+---
+title: Tunnelblick - Password or authentication failure - IVPN Help
+h1: Tunnelblick - Password or authentication failure
+url: /knowledgebase/macos/tunnelblick-password-or-authentication-failure/
+sections:
+    - macos
+    - troubleshooting
+sectionTitle: macOS
+layout: help-details
+weight: 30
+---
+# Tunnelblick - Password or authentication failure
+
+Tunnelblick stores usernames and passwords in the macOS keychain. If you are having authentication failures then you should first delete the keychain entries:
+
+1. Open `keychain access` utility by navigating to your `Applications` folder and then `Utilities`.
+2. Select `Login` under `keychains` and `all elements` under `Category`.
+3. In the search box in the top right, enter `Tunnelblick` to filter all the Tunnelblick keychain entries.
+4. Select all the Tunnelblick entries, select `edit` | `delete`.
+5. Close Tunnelblick and open it again and try to connect.
+
+If you continue to have authentication issues please see [I receive an 'authentication failure' message. What can I do?](/knowledgebase/troubleshooting/i-receive-an-andsharp039authentication-failureandsharp039-message-what-can-i-do/)
diff --git a/src/content/es/pages/knowledgebase/macos/tunnelblick-the-internet-does-not-appear-to-be-reachable-error.md b/src/content/es/pages/knowledgebase/macos/tunnelblick-the-internet-does-not-appear-to-be-reachable-error.md
new file mode 100644
index 000000000..6ba68d59b
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/macos/tunnelblick-the-internet-does-not-appear-to-be-reachable-error.md
@@ -0,0 +1,18 @@
+---
+title: Tunnelblick - "the internet does not appear to be reachable" error - IVPN Help
+h1: Tunnelblick - "the internet does not appear to be reachable" error
+url: /knowledgebase/macos/tunnelblick-the-internet-does-not-appear-to-be-reachable-error/
+sections:
+    - macos
+    - troubleshooting
+sectionTitle: macOS
+layout: help-details
+weight: 50
+---
+# Tunnelblick - "the internet does not appear to be reachable" error
+
+This issue is caused by the Tunnelblick DNS configuration. Please follow the steps below to resolve it:
+
+1. Click on the Tunnelblick icon in the taskbar and choose `VPN Details`.
+2. On the Details window, click on `Settings`. Click on the `Set DNS/WINS` option and select `Set nameserver` and re-connect.
+3. If that does not work, set it to `nameserver (3.0b10)` and re-connect. 
diff --git a/src/content/es/pages/knowledgebase/macos/tunnelblick-unable-to-load-nettunnelblicktap-kexts-error.md b/src/content/es/pages/knowledgebase/macos/tunnelblick-unable-to-load-nettunnelblicktap-kexts-error.md
new file mode 100644
index 000000000..393bd42c3
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/macos/tunnelblick-unable-to-load-nettunnelblicktap-kexts-error.md
@@ -0,0 +1,14 @@
+---
+title: Tunnelblick - "Unable to load net.tunnelblick.tap kexts" error - IVPN Help
+h1: Tunnelblick - "Unable to load net.tunnelblick.tap kexts" error
+url: /knowledgebase/macos/tunnelblick-unable-to-load-nettunnelblicktap-kexts-error/
+sections:
+    - macos
+    - troubleshooting
+sectionTitle: macOS
+layout: help-details
+weight: 70
+---
+# Tunnelblick - "Unable to load net.tunnelblick.tap kexts" error
+
+This is a common error and suggests that you have a conflict with other VPN software. Please see the [following solution](https://tunnelblick.net/cCommonProblems.html#an-openvpn-log-entry-says-tunnelblick-openvpnstart-status-247-error-unable-to-load-net.tunnelblick.tun-andor-net.tunnelblick.tap-kexts-in-5-tries.-status-71) on the Tunnelblick website.
diff --git a/src/content/es/pages/knowledgebase/macos/tunnelblick-why-is-the-dns-server-incorrect.md b/src/content/es/pages/knowledgebase/macos/tunnelblick-why-is-the-dns-server-incorrect.md
new file mode 100644
index 000000000..3f841c969
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/macos/tunnelblick-why-is-the-dns-server-incorrect.md
@@ -0,0 +1,16 @@
+---
+title: Tunnelblick - Why is the DNS server incorrect? - IVPN Help
+h1: Tunnelblick - Why is the DNS server incorrect?
+url: /knowledgebase/macos/tunnelblick-why-is-the-dns-server-incorrect/
+sections:
+    - macos
+    - troubleshooting
+sectionTitle: macOS
+layout: help-details
+weight: 20
+---
+# Tunnelblick - Why is the DNS server incorrect?
+
+Tunnelblick will automatically configure your macOS to use our private DNS servers when a VPN connection is established. If you are using DHCP, please ensure that you check the `Set nameserver` checkbox.
+
+However, if you have manually configured DNS servers, then regardless of the state of `Set nameserver`, your manually configured DNS servers will always be the only ones used. We strongly recommend that you configure your device to use DHCP and use the `Set nameserver` option to ensure that your privacy is not compromised due to DNS leaks.
diff --git a/src/content/es/pages/knowledgebase/macos/what-macos-version-is-required-for-ivpn-client.md b/src/content/es/pages/knowledgebase/macos/what-macos-version-is-required-for-ivpn-client.md
new file mode 100644
index 000000000..1fd63fec1
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/macos/what-macos-version-is-required-for-ivpn-client.md
@@ -0,0 +1,15 @@
+---
+title: What macOS version is required for IVPN client? - IVPN Help
+h1: What macOS version is required for IVPN client?
+url: /knowledgebase/macos/what-macos-version-is-required-for-ivpn-client/
+sections:
+    - macos
+sectionTitle: macOS
+layout: help-details
+weight: 130
+---
+# What macOS version is required for IVPN client?
+
+To use our native IVPN client, your macOS is required to be not older than version 10.10.
+
+macOS version 10.14 or later is [required](https://apps.apple.com/us/app/wireguard/id1451685025?mt=12) to use WireGuard VPN protocol.
diff --git a/src/content/es/pages/knowledgebase/macos/why-is-ivpn-agent-daemon-always-running.md b/src/content/es/pages/knowledgebase/macos/why-is-ivpn-agent-daemon-always-running.md
new file mode 100644
index 000000000..4133b542f
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/macos/why-is-ivpn-agent-daemon-always-running.md
@@ -0,0 +1,28 @@
+---
+title: Why is IVPN agent daemon always running? - IVPN Help
+h1: Why is IVPN agent daemon always running?
+url: /knowledgebase/macos/why-is-ivpn-agent-daemon-always-running/
+sections:
+    - macos
+    - troubleshooting
+sectionTitle: macOS
+layout: help-details
+weight: 100
+---
+# Why is IVPN agent daemon always running?
+
+The IVPN App has a client-server architecture. The IVPN agent runs as a daemon and is responsible for establishing connections, spawning OpenVPN processes, managing WireGuard interfaces, handling firewall rules, etc., whilst the client UI that you interact with is a separate component that communicates with the agent.
+
+Disabling the helper agent will cause the IVPN App to cease functioning.  In order to implement various security features, such as the Always-On firewall, it is important that the agent daemon is always running.
+
+<div markdown="1" class="notice notice--warning">
+Please note that by following the instructions below, the IVPN App and the privacy and security features it provides, like the Always-On firewall, will no longer function correctly.
+</div>
+
+1.  Quit the IVPN client by clicking on the menu bar icon and selecting `Quit`.
+
+1.  Stop the agent daemon by opening the macOS system `Settings > General > Login Items` and toggling the **IVPN** or **Privatus Limited** entry to `OFF`.  Confirm the change with your macOS user password or biometrics.
+
+Re-enable the agent daemon by toggling that name login item entry to `ON`.   Confirm the change with your macOS user password or biometrics, then open the IVPN App and click on the `Retry..` button.
+
+
diff --git a/src/content/es/pages/knowledgebase/mp/_index.md b/src/content/es/pages/knowledgebase/mp/_index.md
new file mode 100644
index 000000000..da265520e
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/mp/_index.md
@@ -0,0 +1,8 @@
+---
+title: Media Players - IVPN Help
+url: /knowledgebase/mp/
+section: mp
+layout: help
+---
+## Media Players
+
diff --git a/src/content/es/pages/knowledgebase/mp/connecting-to-ivpn-on-amazon-fire-tv.md b/src/content/es/pages/knowledgebase/mp/connecting-to-ivpn-on-amazon-fire-tv.md
new file mode 100644
index 000000000..ccb18c0f5
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/mp/connecting-to-ivpn-on-amazon-fire-tv.md
@@ -0,0 +1,36 @@
+---
+title: Connecting to IVPN on Amazon Fire TV - IVPN Help
+h1: Connecting to IVPN on Amazon Fire TV
+url: /knowledgebase/mp/connecting-to-ivpn-on-amazon-fire-tv/
+sections:
+    - mp
+sectionTitle: Media Players
+layout: help-details
+weight: 20
+---
+# Connecting to IVPN on Amazon Fire TV
+
+The IVPN App is not currently compatible with the Amazon implementation of Android.  If you would like to use IVPN on your Amazon Fire TV Stick, follow the instructions below to setup a connection using the OpenVPN for Android app.
+
+### Install the OpenVPN for Android app
+
+1. On your Fire device, navigate to `Settings` -> `Developers Options` and enable `Apps from Unknown Sources` and `ADB Debugging`.
+2. Install ES File Explorer app on the Fire device.
+3. Open ES File Explorer and download the latest version of OpenVPN for Android from [here](http://plai.de/android/ics-openvpn-latest-stable.apk)
+
+### Transfer the OpenVPN configuration files
+
+1. Install an FTP client on your computer system.
+2. Generate and download the [IVPN configuration files](/openvpn-config) on your computer system and extract the .ovpn files from the .zip file into a sub-folder.
+3. Open ES File Explorer on the Fire device and navigate to `Network` -> `Remote Manager` on the sidebar.
+4. Enable `Remote Manager` and make sure it gives an IP address for the FTP server.
+5. Enter the FTP server IP address from Remote Manager into the FTP client on the computer system. It may work best if the Fire device and the computer system are on the same network.
+6. Upload the sub-folder with the .ovpn files from your computer system to the Downloads folder on the Fire device via the FTP client.
+7. Disable the `Remote Manager` in the Fire device after the transfer is complete.
+8. In the ES File Explorer, navigate to `Local` -> `Download`. The OpenVPN configuration files should be inside the sub-folder.
+
+### Import the configuration
+
+1. Launch the OpenVPN for Android app.
+2. Follow our [OpenVPN for Android Setup Guide](/setup/android-openvpn-for-android/) starting on step #3.
+3. For the import in step #4, select the ES File Explorer as the navigator and go to the Download folder.
diff --git a/src/content/es/pages/knowledgebase/mp/how-do-i-connect-my-nvidia-shield-device.md b/src/content/es/pages/knowledgebase/mp/how-do-i-connect-my-nvidia-shield-device.md
new file mode 100644
index 000000000..65408df78
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/mp/how-do-i-connect-my-nvidia-shield-device.md
@@ -0,0 +1,25 @@
+---
+title: How do I connect my Nvidia Shield device? - IVPN Help
+h1: How do I connect my Nvidia Shield device?
+url: /knowledgebase/mp/how-do-i-connect-my-nvidia-shield-device/
+sections:
+    - mp
+sectionTitle: Media Players
+layout: help-details
+weight: 50
+---
+# How do I connect my Nvidia Shield device?
+
+The NVIDIA Shield and other similar devices use a limited implementation of Android. Our IVPN App has extra features that work well with the full version of Android, but not so well with limited versions.
+
+The OpenVPN for Android app should work because it's functionality is limited to just the VPN connection. We offer a guide for the [OpenVPN for Android app](/setup/android-openvpn-for-android/).
+
+This app should be available from the Play Store on your NVIDIA device. You will have to find a way to transfer the OpenVPN configuration files from step #1 to your device.
+
+Alternatively, you can consider setting up the VPN connection on the router, which will let all devices that connect to it share this VPN connection, including your Nvidia Shield.
+
+Here, at IVPN, we officially support pfSense, Asus-wrt, OpenWRT, DD-WRT & Tomato router firmware and if your device is one of the latter (or compatible to be flashed with either, which is always done at your own risk) you are very welcome to review our [router setup guides](/setup/router/).
+
+Generally, it is also possible to connect other routers that have **OpenVPN client** support & you can try using the setup guides above as a reference.
+
+Alternatively, you can also order a router with preconfigured IVPN on it from, e.g. [Vilfo](https://www.vilfo.com/providers/ivpn), [Flashrouters](https://www.flashrouters.com/vpn-types/ivpn) or [VPNrouters](https://www.vpnrouters.com/vpn-providers/ivpn-vpn-routers.html).
diff --git a/src/content/es/pages/knowledgebase/mp/how-to-use-ivpn-on-kodi-media-player.md b/src/content/es/pages/knowledgebase/mp/how-to-use-ivpn-on-kodi-media-player.md
new file mode 100644
index 000000000..f0526c89d
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/mp/how-to-use-ivpn-on-kodi-media-player.md
@@ -0,0 +1,18 @@
+---
+title: How to use IVPN on KODI media player? - IVPN Help
+h1: How to use IVPN on KODI media player?
+url: /knowledgebase/mp/how-to-use-ivpn-on-kodi-media-player/
+sections:
+    - mp
+sectionTitle: Media Players
+layout: help-details
+weight: 30
+---
+# How to use IVPN on KODI media player?
+
+To connect to an IVPN server on KODI media player, follow the steps below:
+
+1. Download the latest OpenVPN for Kodi release [from GitHub](https://github.com/brianhornsby/script.openvpn/releases).
+2. In your Kodi system, head to `System -> Settings -> Add-ons -> Install from zip file`. Choose the file you downloaded in the previous step. For more info see the [Kodi wiki](http://kodi.wiki/view/HOW-TO:Install_an_Add-on_from_a_zip_file).
+3. Download our [.ovpn config files](/openvpn-config). Unzip the archive & upload them to your Kodi system.
+4. Launch OpenVPN for Kodi addon, choose the .ovpn config file with the desired server location, import & connect.
diff --git a/src/content/es/pages/knowledgebase/mp/is-ivpn-compatible-with-appletv.md b/src/content/es/pages/knowledgebase/mp/is-ivpn-compatible-with-appletv.md
new file mode 100644
index 000000000..ac35720f0
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/mp/is-ivpn-compatible-with-appletv.md
@@ -0,0 +1,28 @@
+---
+title: Is IVPN compatible with AppleTV? - IVPN Help
+h1: Is IVPN compatible with AppleTV?
+url: /knowledgebase/mp/is-ivpn-compatible-with-appletv/
+sections:
+    - mp
+sectionTitle: Media Players
+layout: help-details
+weight: 40
+---
+# Is IVPN compatible with AppleTV?
+
+Currently, the AppleTV device has no capability to have a VPN client set up on it. One way to achieve getting a VPN-based connection on an AppleTV is to setup a router with a VPN connection, which the AppleTV connects through. This method provides a VPN connection to all the devices on your network.
+
+Apple networking devices, like AirPlay and AirPort, are severely limited in how they can be configured -- especially with VPN configurations. No Apple-based routers are capable of supporting a VPN connection that is compatible with the services we offer, but many off-the-shelf routers are capable of supporting a connection like this.
+
+We officially support DD-WRT and Tomato firmware, Asuswrt Merlin plus pfSense, so if your router already has this firmware or has the capability to run this firmware, then our VPN service is fully compatible. We provide setup guides for these custom firmware projects in our [router setup guide section](/setup/router/).
+
+If your router does not have one of the types firmware mentioned above, it may be possible to flash the firmware onto the router. Please note that you assume all risk in flashing your device. You can buy "pre-flashed" routers online from several companies if you prefer not to do this yourself.
+
+* [FlashRouters](https://www.flashrouters.com/vpn-types/ivpn)
+* [VPN Routers](https://www.vpnrouters.com/vpn-providers/ivpn-vpn-routers.html)
+
+Some routers feature a built-in OpenVPN client and we offer [OpenVPN configuration files](/openvpn-config), so it is possible to connect to our servers this way.
+
+Vilfo offers a dedicated VPN router with IVPN pre-configured. When you receive the router all you need to do is enter your IVPN Account ID (starts with ivpn) to connect.
+
+* [Vilfo router](https://www.vilfo.com/providers/ivpn?ref=ivpn) - Please note that if you purchase a router from Vilfo we receive a commission.
diff --git a/src/content/es/pages/knowledgebase/passwords/_index.md b/src/content/es/pages/knowledgebase/passwords/_index.md
new file mode 100644
index 000000000..5e6c6b77f
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/passwords/_index.md
@@ -0,0 +1,7 @@
+---
+title: Passwords - IVPN Help
+url: /knowledgebase/passwords/
+section: passwords
+layout: help
+---
+## Passwords
diff --git a/src/content/es/pages/knowledgebase/passwords/how-do-i-change-my-password.md b/src/content/es/pages/knowledgebase/passwords/how-do-i-change-my-password.md
new file mode 100644
index 000000000..1d159160b
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/passwords/how-do-i-change-my-password.md
@@ -0,0 +1,14 @@
+---
+title: How do I change my password? - IVPN Help
+h1: How do I change my password?
+url: /knowledgebase/passwords/how-do-i-change-my-password/
+sections:
+    - passwords
+    - troubleshooting
+sectionTitle: Passwords
+layout: help-details
+weight: 30
+---
+# How do I change my password?
+
+Navigate to [change password](/clientarea/changepwd/) form in the client area. If you are not logged in, please enter the email address you signed up with and password to login. If you cannot remember your password, request a [password reset](/recover/password/).
diff --git a/src/content/es/pages/knowledgebase/passwords/i-forgot-my-ivpn-account-id-what-should-i-do.md b/src/content/es/pages/knowledgebase/passwords/i-forgot-my-ivpn-account-id-what-should-i-do.md
new file mode 100644
index 000000000..a4ea47043
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/passwords/i-forgot-my-ivpn-account-id-what-should-i-do.md
@@ -0,0 +1,20 @@
+---
+title: I forgot my IVPN Account ID. What should I do? - IVPN Help
+h1: I forgot my IVPN Account ID. What should I do?
+url: /knowledgebase/passwords/i-forgot-my-ivpn-account-id-what-should-i-do/
+sections:
+    - passwords
+    - troubleshooting
+sectionTitle: Passwords
+layout: help-details
+weight: 10
+---
+# I forgot my IVPN Account ID. What should I do?
+
+The IVPN username begins with letters 'i-..' or 'ivpn..'
+
+To locate the IVPN username in old, 'ivpnXXXXXXXX' format, log in to the [Client Area](/account/) with your email address and your current password.
+
+Your IVPN username can also be found in the **Account details** area of our mobile apps or by clicking on the small IVPN app icon in your menu bar/system tray and navigating to **Account** menu element.
+
+We can also try and look up your account ID if you can send us an email (support@ivpn.net) with the information of your last purchase, such as **Invoice ID**, **Payment method** used, **Date and time** of the payment and **Amount paid**. **The last 4 digits of your bank card** (if paid with card), **Transaction ID** if it was a PayPal or a Bitcoin purchase.
diff --git a/src/content/es/pages/knowledgebase/passwords/i-forgot-my-password-what-should-i-do.md b/src/content/es/pages/knowledgebase/passwords/i-forgot-my-password-what-should-i-do.md
new file mode 100644
index 000000000..b964aea5c
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/passwords/i-forgot-my-password-what-should-i-do.md
@@ -0,0 +1,18 @@
+---
+title: I forgot my password. What should I do? - IVPN Help
+h1: I forgot my password. What should I do?
+url: /knowledgebase/passwords/i-forgot-my-password-what-should-i-do/
+sections:
+    - passwords
+    - troubleshooting
+sectionTitle: Passwords
+layout: help-details
+weight: 20
+---
+# I forgot my password. What should I do?
+
+Navigate to the [password reset](/recover/password/) page and enter your email address. You will receive instructions via email on how to reset your password. Once reset, you can log in to the Client Area using your email address and your new password.
+
+<div markdown="1" class="notice notice--info">
+If you have forgotten the email address you signed up with or no longer have access to it please <a href="/contactus/">contact us</a>.
+</div>
diff --git a/src/content/es/pages/knowledgebase/privacy/_index.md b/src/content/es/pages/knowledgebase/privacy/_index.md
new file mode 100644
index 000000000..535a63451
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/privacy/_index.md
@@ -0,0 +1,7 @@
+---
+title: Privacy - IVPN Help
+url: /knowledgebase/privacy/
+section: privacy
+layout: help
+---
+## Privacy
diff --git a/src/content/es/pages/knowledgebase/privacy/do-you-collect-or-store-any-usageorstats-information-relating-to-an-account.md b/src/content/es/pages/knowledgebase/privacy/do-you-collect-or-store-any-usageorstats-information-relating-to-an-account.md
new file mode 100644
index 000000000..3c329707c
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/privacy/do-you-collect-or-store-any-usageorstats-information-relating-to-an-account.md
@@ -0,0 +1,14 @@
+---
+title: Do you collect or store any usage/stats information relating to an account? - IVPN Help
+h1: Do you collect or store any usage/stats information relating to an account?
+url: /knowledgebase/privacy/do-you-collect-or-store-any-usageorstats-information-relating-to-an-account/
+sections:
+    - privacy
+    - general
+sectionTitle: Privacy
+layout: help-details
+weight: 50
+---
+# Do you collect or store any usage/stats information relating to an account?
+
+Unlike many service providers, IVPN purposefully does not log any usage data associated with an account as we provide an unlimited and unrestricted quota free service.
diff --git a/src/content/es/pages/knowledgebase/privacy/do-you-store-any-logs-that-could-be-used-to-identify-a-customer.md b/src/content/es/pages/knowledgebase/privacy/do-you-store-any-logs-that-could-be-used-to-identify-a-customer.md
new file mode 100644
index 000000000..8c641541c
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/privacy/do-you-store-any-logs-that-could-be-used-to-identify-a-customer.md
@@ -0,0 +1,14 @@
+---
+title: Do you store any logs that could be used to identify a customer? - IVPN Help
+h1: Do you store any logs that could be used to identify a customer?
+url: /knowledgebase/privacy/do-you-store-any-logs-that-could-be-used-to-identify-a-customer/
+sections:
+    - privacy
+    - general
+sectionTitle: Privacy
+layout: help-details
+weight: 10
+---
+# Do you store any logs that could be used to identify a customer?
+
+Our VPN servers do not store any logs that could be used to identify a customer. This is [backed up by a no-logs audit](/blog/ivpn-no-logging-claim-verified-by-independent-audit/) conducted by independent security researchers. For more info see our simple [Privacy Policy](/privacy/).
diff --git a/src/content/es/pages/knowledgebase/privacy/does-ivpn-offer-perfect-forward-secrecy-pfs.md b/src/content/es/pages/knowledgebase/privacy/does-ivpn-offer-perfect-forward-secrecy-pfs.md
new file mode 100644
index 000000000..2be9ffec9
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/privacy/does-ivpn-offer-perfect-forward-secrecy-pfs.md
@@ -0,0 +1,16 @@
+---
+title: Does IVPN offer Perfect Forward Secrecy (PFS)? - IVPN Help
+h1: Does IVPN offer Perfect Forward Secrecy (PFS)?
+url: /knowledgebase/privacy/does-ivpn-offer-perfect-forward-secrecy-pfs/
+sections:
+    - privacy
+    - general
+sectionTitle: Privacy
+layout: help-details
+weight: 40
+---
+# Does IVPN offer Perfect Forward Secrecy (PFS)?
+
+Yes, our OpenVPN servers are configured to automatically generate new encryption keys every hour. If an adversary was able to crack the encryption key, they would only be able to decrypt the traffic captures since the last key rotation.
+
+To give you some idea of the requirements to brute force an AES 256 bit key, 50 supercomputers that could check a billion billion (10^18) AES keys per second. If such a device could ever be made it would, in theory, require about 3 × 10^51 years to exhaust the 256-bit key space.
diff --git a/src/content/es/pages/knowledgebase/privacy/how-do-i-know-when-iandsharp039m-protected-by-ivpn.md b/src/content/es/pages/knowledgebase/privacy/how-do-i-know-when-iandsharp039m-protected-by-ivpn.md
new file mode 100644
index 000000000..751fbe617
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/privacy/how-do-i-know-when-iandsharp039m-protected-by-ivpn.md
@@ -0,0 +1,16 @@
+---
+title: How Do I Know when I'm Protected by IVPN? - IVPN Help
+h1: How Do I Know when I'm Protected by IVPN?
+url: /knowledgebase/privacy/how-do-i-know-when-iandsharp039m-protected-by-ivpn/
+sections:
+    - privacy
+    - general
+sectionTitle: Privacy
+layout: help-details
+weight: 20
+---
+# How Do I Know when I'm Protected by IVPN?
+
+To quickly check if your VPN is working you can use a website such as [infosniper.net](http://www.infosniper.net/) or [dnsleaktest.com](http://www.dnsleaktest.com/) or [utrace.de](http://en.utrace.de/). When you are connected and navigate to one of these websites, you should see an indication of the location of the server you are connected to and not your present location. This gives you reasonable assurance that your traffic is routed through the VPN service. However for more advanced users requiring a high level of security we recommend reviewing our guide [How to perform a VPN leak test](/privacy-guides/how-to-perform-a-vpn-leak-test/) to test that your VPN is not leaking any packets.
+
+However when using the website above please note that geolocation data is not 100% accurate. For geolocation providers (such as those above) determining the country is relatively accurate (95%-99%) since the country is required information when an IP range is allocated and IP registrars supply that information for free. However, determining the physical location down to a city is more difficult and less accurate because there is no official source for the information and ISP's often base IP addresses in a city where the company is basing its operations. Accuracy rates for cities is 50-80% according to dnsstuff.com. If you would like a more accurate tool to determine the location try using [Visual traceroute](http://www.yougetsignal.com/tools/visual-tracert/).
diff --git a/src/content/es/pages/knowledgebase/privacy/how-do-we-react-when-requested-by-an-authority-for-information-relating-to-a-customer.md b/src/content/es/pages/knowledgebase/privacy/how-do-we-react-when-requested-by-an-authority-for-information-relating-to-a-customer.md
new file mode 100644
index 000000000..58a674e06
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/privacy/how-do-we-react-when-requested-by-an-authority-for-information-relating-to-a-customer.md
@@ -0,0 +1,16 @@
+---
+title: How do we react when requested by an authority for information relating to a customer? - IVPN Help
+h1: How do we react when requested by an authority for information relating to a customer?
+url: /knowledgebase/privacy/how-do-we-react-when-requested-by-an-authority-for-information-relating-to-a-customer/
+sections:
+    - privacy
+    - general
+sectionTitle: Privacy
+layout: help-details
+weight: 60
+---
+# How do we react when requested by an authority for information relating to a customer?
+
+The company is incorporated in Gibraltar. If a court order is received from a recognized legal authority with jurisdiction over IVPN, then the company will comply with that order. However, the company cannot be compelled to hand over information which it does **not** have. Our [Legal Guidelines](/legal-process-guidelines/) page has more details.
+
+When a customer signs up we [do not request any personal information](/knowledgebase/privacy/what-information-do-you-collect-and-store-when-i-signup-for-your-service/). If it ever becomes required by law for us to keep a persistent log of our customers' connections or any personal data relating to their network activity, we will immediately notify our customers and do everything in our power to move jurisdictions or close the service to protect those who entrust their privacy to us.
diff --git a/src/content/es/pages/knowledgebase/privacy/what-happens-if-laws-change-forcing-ivpn-to-compromise-their-customers-privacy.md b/src/content/es/pages/knowledgebase/privacy/what-happens-if-laws-change-forcing-ivpn-to-compromise-their-customers-privacy.md
new file mode 100644
index 000000000..3b01976fd
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/privacy/what-happens-if-laws-change-forcing-ivpn-to-compromise-their-customers-privacy.md
@@ -0,0 +1,14 @@
+---
+title: What happens if laws change forcing IVPN to compromise their customers' privacy? - IVPN Help
+h1: What happens if laws change forcing IVPN to compromise their customers' privacy?
+url: /knowledgebase/privacy/what-happens-if-laws-change-forcing-ivpn-to-compromise-their-customers-privacy/
+sections:
+    - privacy
+    - general
+sectionTitle: Privacy
+layout: help-details
+weight: 70
+---
+# What happens if laws change forcing IVPN to compromise their customers' privacy?
+
+IVPN is committed to keeping its customers informed of any serious legislative threats to our service. If the laws in our jurisdiction change in a way that prevents us from upholding our privacy policy we will always inform our customers before those laws are enacted. We will also allow customers to cancel their subscription and will refund any fees that cover the remainder of their subscription period.
diff --git a/src/content/es/pages/knowledgebase/privacy/what-happens-if-you-receive-a-legal-notice-such-as-a-dmca-for-copyright-material-that-i-have-downloaded.md b/src/content/es/pages/knowledgebase/privacy/what-happens-if-you-receive-a-legal-notice-such-as-a-dmca-for-copyright-material-that-i-have-downloaded.md
new file mode 100644
index 000000000..8d9e2bd4e
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/privacy/what-happens-if-you-receive-a-legal-notice-such-as-a-dmca-for-copyright-material-that-i-have-downloaded.md
@@ -0,0 +1,14 @@
+---
+title: What happens if you receive a legal notice such as a DMCA for copyright material that I have downloaded? - IVPN Help
+h1: What happens if you receive a legal notice such as a DMCA for copyright material that I have downloaded?
+url: /knowledgebase/privacy/what-happens-if-you-receive-a-legal-notice-such-as-a-dmca-for-copyright-material-that-i-have-downloaded/
+sections:
+    - privacy
+    - general
+sectionTitle: Privacy
+layout: help-details
+weight: 30
+---
+# What happens if you receive a legal notice such as a DMCA for copyright material that I have downloaded?
+
+Since our customers are anonymous when using our service, such notices are directed to IVPN and our legal department will issue an appropriate response. Since we store no connection logs, we couldn't associate a request with a customer identity even if legally compelled to do so.
diff --git a/src/content/es/pages/knowledgebase/privacy/what-information-do-you-collect-and-store-when-i-signup-for-your-service.md b/src/content/es/pages/knowledgebase/privacy/what-information-do-you-collect-and-store-when-i-signup-for-your-service.md
new file mode 100644
index 000000000..1ced03bfa
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/privacy/what-information-do-you-collect-and-store-when-i-signup-for-your-service.md
@@ -0,0 +1,22 @@
+---
+title: What information do you collect and store when I sign up for your service? - IVPN Help
+h1: What information do you collect and store when I sign up for your service?
+url: /knowledgebase/privacy/what-information-do-you-collect-and-store-when-i-signup-for-your-service/
+sections:
+    - privacy
+    - general
+sectionTitle: Privacy
+layout: help-details
+weight: 80
+---
+# What information do you collect and store when I sign up for your service?
+
+To maximize your privacy, you will not be asked for any personal information like your name, physical address, phone number, and even email address. This also means that we have no way to contact you in the event of any account issues, network downtime, etc. If you wish to provide us with an email address so we can contact you about future issues you can optionally add one in the client area after signup. We will also not log any personally identifiable information e.g. IP address.
+
+Depending on how payment for the service is made, some payment information may be related to your account. For example, if PayPal is used to pay for the service, a PayPal transaction ID will be associated with your account (as well as the subscription ID if a PayPal subscription has been set up).
+
+| Date of payment | Amount | Payment method | Transaction ID | Subscription ID |
+|---|---|---|---|---|
+| 2020-01-24 | $100 | Paypal | XXX | XXX |
+
+IVPN is subject to EU law and is in compliance with the EU Data Protection Directive (Directive 95/46/EC), which prohibits companies from transferring data to overseas jurisdictions with weaker privacy laws. IVPN will not locate servers in countries where it's forced to break this compliance. Due to the nature of our logging practices, VPN servers do not contain any personally identifiable information and thus, if seized, could not be used to identify users.
diff --git a/src/content/es/pages/knowledgebase/privacy/what-information-is-collected-and-stored-about-all-visitors-to-your-website.md b/src/content/es/pages/knowledgebase/privacy/what-information-is-collected-and-stored-about-all-visitors-to-your-website.md
new file mode 100644
index 000000000..ce3aad9d2
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/privacy/what-information-is-collected-and-stored-about-all-visitors-to-your-website.md
@@ -0,0 +1,14 @@
+---
+title: What information is collected and stored about all visitors to your website? - IVPN Help
+h1: What information is collected and stored about all visitors to your website?
+url: /knowledgebase/privacy/what-information-is-collected-and-stored-about-all-visitors-to-your-website/
+sections:
+    - privacy
+    - general
+sectionTitle: Privacy
+layout: help-details
+weight: 90
+---
+# What information is collected and stored about all visitors to your website?
+
+IVPN uses [Matomo](https://matomo.org/) (formerly called Piwik) to analyze and aggregate information about our website visitors. When your web browser loads a page on our site, a small snippet of JavaScript code is executed within your browser which submits information about the device from which you are connecting such as your browser user-agent, language, screen resolution, referring website, a redacted IP address (167.114.18.34 becomes 167.114.0.0), etc. to a private server operated by IVPN. None of this information is personally identifying and is never shared with 3rd parties.
diff --git a/src/content/es/pages/knowledgebase/privacy/what-information-is-stored-when-i-stop-using-your-service.md b/src/content/es/pages/knowledgebase/privacy/what-information-is-stored-when-i-stop-using-your-service.md
new file mode 100644
index 000000000..115d94126
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/privacy/what-information-is-stored-when-i-stop-using-your-service.md
@@ -0,0 +1,20 @@
+---
+title: What information is stored when I stop using your service? - IVPN Help
+h1: What information is stored when I stop using your service?
+url: /knowledgebase/privacy/what-information-is-stored-when-i-stop-using-your-service/
+sections:
+    - privacy
+    - general
+sectionTitle: Privacy
+layout: help-details
+weight: 100
+---
+# What information is stored when I stop using your service?
+
+When a VPN account is terminated on our network due to the subscription ending, non-payment or for any other reason, all data associated with that VPN account including the account itself (with the exception of the accounting data below) is automatically deleted from all systems after 3 months. After the account is deleted the remaining accounting data below has no link to any past account ID. 
+
+If you want to delete your data immediately, simply click on the `Delete account` button within the [Client Area](/account/login/).
+
+| Date of payment | Amount | Payment method | Transaction ID | Subscription ID |
+|---|---|---|---|---|
+| 2020-01-24 | $100 | Paypal | XXX | XXX |
diff --git a/src/content/es/pages/knowledgebase/routers/_index.md b/src/content/es/pages/knowledgebase/routers/_index.md
new file mode 100644
index 000000000..949b38c55
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/routers/_index.md
@@ -0,0 +1,8 @@
+---
+title: Routers - IVPN Help
+url: /knowledgebase/routers/
+section: routers
+layout: help
+---
+## Routers
+
diff --git a/src/content/es/pages/knowledgebase/routers/dd-wrt-how-do-i-exclude-hosts-or-bypass-vpn-tunnel.md b/src/content/es/pages/knowledgebase/routers/dd-wrt-how-do-i-exclude-hosts-or-bypass-vpn-tunnel.md
new file mode 100644
index 000000000..039c27678
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/routers/dd-wrt-how-do-i-exclude-hosts-or-bypass-vpn-tunnel.md
@@ -0,0 +1,64 @@
+---
+title: DD-WRT - How do I exclude hosts / bypass VPN tunnel? - IVPN Help
+h1: DD-WRT - How do I exclude hosts / bypass VPN tunnel?
+url: /knowledgebase/routers/dd-wrt-how-do-i-exclude-hosts-or-bypass-vpn-tunnel/
+sections:
+    - routers
+    - troubleshooting
+sectionTitle: Routers
+layout: help-details
+weight: 10
+---
+# DD-WRT - How do I exclude hosts / bypass VPN tunnel?
+
+<div markdown="1" class="notice notice--warning">
+We do not provide support in getting this functionality working on your DD-WRT router. You agree to use these scripts at your own risk.
+</div>
+
+### WireGuard
+
+1. Go to `SETUP` / `TUNNELS`
+
+2. Set **Advanced settings**: Enable
+
+3. Set **Policy Based Routing**: Enter the IP address list in a CIDR notation.
+
+![](/images-static/uploads/ddwrt-pbr.png)
+
+<div markdown="1" class="notice notice--info">
+The hosts with the IP addresses specified in the Policy Based Routing (PBR) field will be routed via the WireGuard interface. Everything else will bypass the VPN tunnel and use the WAN interface instead.<br><br>
+The IP addresses are entered in a CIDR notation as a comma delimited list (no comma at the beginning and at the end).<br><br>
+When the list starts with a '#' symbol, all entries are ignored and PBR is disabled. This allows you to preserve the list for future use.<br><br>
+You can also specify a range of IPs by entering, e.g. - 192.168.1.64/26.
+</div>
+
+### OpenVPN
+
+1.  Go to `ADMINISTRATION` / `COMMANDS` / `COMMAND SHELL`. Enter the following commands whilst substituting the IPs you wish to bypass the VPN (each IP separated by a space character):
+
+    ```
+    nvram set no_vpn_lst="192.168.1.5 192.168.1.6 192.168.1.7"
+    nvram commit
+    ```
+
+2.  Copy the script from below into the COMMAND SHELL and click on `Save Custom Script`
+
+    ```
+    #!/bin/sh
+    sleep 30
+    NO_VPN_LST=`nvram get no_vpn_lst`
+    [ -z "$NO_VPN_LST" ] && exit 0
+    WAN_GWAY="0.0.0.0"
+    while [ $WAN_GWAY == "0.0.0.0" ]; do
+    sleep 3
+    WAN_GWAY=`nvram get wan_gateway`
+    done
+    ip route add default via $WAN_GWAY table 10
+    for ipa in $NO_VPN_LST; do
+    ip rule add from $ipa table 10
+    done
+    ip route flush cache
+    exit 0
+    ```
+
+3.  Reboot. Now the devices with the IPs on your list will be routed outside the OpenVPN tunnel.
diff --git a/src/content/es/pages/knowledgebase/routers/dd-wrt-tls-errors-incoming-plaintext-read-error-etc.md b/src/content/es/pages/knowledgebase/routers/dd-wrt-tls-errors-incoming-plaintext-read-error-etc.md
new file mode 100644
index 000000000..1602073cf
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/routers/dd-wrt-tls-errors-incoming-plaintext-read-error-etc.md
@@ -0,0 +1,20 @@
+---
+title: DD-WRT - TLS errors - incoming plaintext read error etc. - IVPN Help
+h1: DD-WRT - TLS errors - incoming plaintext read error etc.
+url: /knowledgebase/routers/dd-wrt-tls-errors-incoming-plaintext-read-error-etc/
+sections:
+    - routers
+    - troubleshooting
+sectionTitle: Routers
+layout: help-details
+weight: 20
+---
+# DD-WRT - TLS errors - incoming plaintext read error etc.
+
+This error usually means that you have configured the incorrect TLS cipher. Add the block below to the contents of the 'additional config' field on the OpenVPN client settings page:
+
+```
+cipher AES-256-CBC
+tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA
+auth SHA1
+```
diff --git a/src/content/es/pages/knowledgebase/routers/how-to-enable-a-andsharp039kill-switchandsharp039-in-my-dd-wrtortomato-router.md b/src/content/es/pages/knowledgebase/routers/how-to-enable-a-andsharp039kill-switchandsharp039-in-my-dd-wrtortomato-router.md
new file mode 100644
index 000000000..823e00fd7
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/routers/how-to-enable-a-andsharp039kill-switchandsharp039-in-my-dd-wrtortomato-router.md
@@ -0,0 +1,59 @@
+---
+title: How to enable a 'Kill switch' in my DD-WRT/Tomato router? - IVPN Help
+h1: How to enable a 'Kill switch' in my DD-WRT/Tomato router?
+url: /knowledgebase/routers/how-to-enable-a-andsharp039kill-switchandsharp039-in-my-dd-wrtortomato-router/
+sections:
+    - routers
+sectionTitle: Routers
+layout: help-details
+weight: 30
+---
+# How to enable a 'Kill switch' in my DD-WRT/Tomato router?
+
+To enhance your security and prevent any possible traffic leaking outside VPN tunnel whenever you are unexpectedly disconnected from IVPN, you need to slightly adjust firewall settings in a router you use:
+
+## DD-WRT
+
+### WireGuard:
+
+1.  Go to `Setup` - > `Tunnels`
+
+2.  Check **Kill Switch**
+
+3.  Click the `Save` button, then click the `Apply Settings` button.
+
+4.  Reboot your router.
+
+ <div markdown="1" class="notice notice--info">
+    This option will block the traffic only from clients connected via br0 interface. If you have made your own unbridged interfaces you have to add additional rules to your router's iptables firewall accordingly.<br><br>
+    If you use PBR (Policy Based Routing), the Killswitch rules will only apply to IP addresses you have specified in the PBR field. When PBR is disabled, then all LAN clients connected to br0 are blocked from accessing WAN.</div>
+
+### OpenVPN:
+
+1.  Go to `Administration` - > `Commands`
+
+2.  Add the following rules:
+    ```
+    iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
+    iptables -I FORWARD -i tun0 -o br -j ACCEPT
+    iptables -I FORWARD -i br0 -o $(nvram get wan_iface) -j DROP
+    iptables -I INPUT -i tun0 -j REJECT
+    iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
+    ```
+
+3.  Click on `Save Firewall` and Reboot router. 
+
+## Tomato
+
+1.  Go to `Administration` -> `Scripts` > `Firewall`
+
+2.  Add the following rules:  
+    ```
+    iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
+    iptables -I FORWARD -i tun0 -o br -j ACCEPT
+    iptables -I FORWARD -i br0 -o $(nvram get wan_iface) -j DROP
+    iptables -I INPUT -i tun0 -j REJECT
+    iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
+    ```
+
+3.  Save the rule and reboot router.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/_index.md b/src/content/es/pages/knowledgebase/troubleshooting/_index.md
new file mode 100644
index 000000000..9426681b1
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/_index.md
@@ -0,0 +1,7 @@
+---
+title: Troubleshooting - IVPN Help
+url: /knowledgebase/troubleshooting/
+section: troubleshooting
+layout: help
+---
+## Troubleshooting
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/error-connecting-to-ivpn-daemon.md b/src/content/es/pages/knowledgebase/troubleshooting/error-connecting-to-ivpn-daemon.md
new file mode 100644
index 000000000..e39e15e92
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/error-connecting-to-ivpn-daemon.md
@@ -0,0 +1,50 @@
+---
+title: 'Error Connecting to IVPN Daemon - IVPN Help'
+h1: 'Error Connecting to IVPN Daemon'
+url: /knowledgebase/troubleshooting/error-connecting-to-ivpn-daemon/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 190
+---
+# Error Connecting to IVPN Daemon
+
+In some cases, rebooting the computer system is enough to encourage the IVPN App's daemon/service to behave as expected.
+
+For Linux systems, the IVPN App's base package `ivpn` may need to be updated if the graphical interface package `ivpn-ui` has a higher version number.  [Update](https://www.ivpn.net/apps-linux/) the app's base package.
+
+In other cases, restarting the daemon/service may help.  Here are steps to restart the IVPN App's daemon/service manually:
+
+### Windows:
+
+1. Click the `Windows` or `Start` button and type `services.msc`
+1. Right-click the `Services` app and select `Run as Administrator`
+1. Look for the `IVPN Client` service in the list on the right, then right-click on it and choose to restart (if currently in `Enabled` state) or enable (if in `Disabled` state)
+1. Close the properties window, the `Services` window, and any other windows that were opened in this process
+1. Open the IVPN App.  Click "Retry" on the app's window if necessary
+
+
+### macOS:
+
+Run this command in a **Terminal** (Finder > Applications > Utilities > Terminal):
+
+```
+sudo launchctl enable system/net.ivpn.client.Helper
+```
+
+Note: The `sudo` portion of the command requires your macOS password.
+
+Also check that the IVPN App's agent is set to run.  Visit the macOS system `Settings > General > Login Items` area and toggle the **IVPN** or **Privatus Limited** entry to `ON`.  Confirm the change with your macOS user password or biometrics, then open the IVPN App and click on the `Retry..` button.
+
+
+### Linux (systemd):
+
+In a **Terminal**, run this command:
+
+```
+sudo systemctl restart ivpn-service.service
+```
+
+
+If the IVPN App's daemon/service error persists on Windows, macOS, or Linux, reinstalling the app might help.  Generally, we recommend uninstalling the app, rebooting the computer system, then [reinstalling](https://www.ivpn.net/apps/) the app.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/how-can-i-reset-my-dns-settings.md b/src/content/es/pages/knowledgebase/troubleshooting/how-can-i-reset-my-dns-settings.md
new file mode 100644
index 000000000..a267c8392
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/how-can-i-reset-my-dns-settings.md
@@ -0,0 +1,44 @@
+---
+title: How can I reset my DNS settings? - IVPN Help
+h1: How can I reset my DNS settings?
+url: /knowledgebase/troubleshooting/how-can-i-reset-my-dns-settings/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 60
+---
+# How can I reset my DNS settings?
+
+The following instructions will reset your DNS configuration to that provided by your router/ISP. This is necessary if a VPN client or a DNS leak protection script has crashed and left an unusable DNS configuration. You need to do this if you have Internet connectivity but are unable to browse to any websites i.e. your DNS is most likely not working.
+
+### Windows 10
+
+1. Right click the Start menu, then select `Network Connections`.
+2. Click `Change Adapter Options` below 'Change your network settings'.
+3. Right click on the network connection you're using and select `Properties`.
+4. Click on `Internet protocol Version 4 (TCP/IP v4)` and then on the `Properties` button.
+5. Make sure that you have `Obtain IP Address automatically` and `Obtain DNS Server Automatically` selected. This will configure your device to acquire the settings directly from your modem/router.
+6. Click `OK` and exit all the windows.
+7. Follow the instructions in [How do I clear or flush my DNS cache?](/knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache/) to flush your DNS resolver cache.
+
+### Windows 8
+
+1. Select the `Desktop` from the Start menu.
+2. From the Desktop window, right click the `Networks` icon in the system tray and select `Open Network and Sharing Center`.
+3. Under 'Active Networks' click on the active connection name, usually `Ethernet` or `Local area connection`.
+4. Click on the `Properties` button. This should take you to the `Network Connections Properties` window.
+5. Click on `Internet protocol Version 4 (TCP/IP v4)` and then on the `Properties` button.
+6. Make sure that you have `Obtain IP Address automatically` and `Obtain DNS Server Automatically` selected. This will configure your device to acquire the settings directly from your modem/router.
+7. Click `OK` and exit all the windows.
+8. Follow the instructions in [How do I clear or flush my DNS cache?](/knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache/) to flush your DNS resolver cache.
+
+### macOS
+
+1. Go to `System Preferences`.
+2. Click on `Network`.
+3. Select the first connection in your list and click `Advanced`.
+4. Select the `DNS` tab.
+5. Select any addresses in the list and attempt to remove them using the `-` button. If you cannot select them or the `-` is not active then you are already using your routers DHCP assigned DNS servers.
+6. Click `OK` and exit all the windows.
+7. Follow the instructions in [How do I clear or flush my DNS cache?](/knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache/) to flush your DNS resolver cache.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect.md b/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect.md
new file mode 100644
index 000000000..6b247b133
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect.md
@@ -0,0 +1,48 @@
+---
+title: How do I change the port or protocol used to connect? - IVPN Help
+h1: How do I change the port or protocol used to connect?
+url: /knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 70
+---
+# How do I change the port or protocol used to connect?
+
+Changing the port/protocol you use to connect to the VPN can increase your performance in some cases or unblock the connection if a certain port/protocol combination is blocked.  You may need to try multiple combinations to find the ideal setup for your connection.
+
+Different combinations are available for different VPN protocols:
+
+1. OpenVPN: UDP:53, UDP:80, UDP:123, UDP:443, UDP:1194, UDP:2049, UDP:2050, TCP:80, TCP:443, TCP:1194, TCP:1443, TCP:2049, TCP:2050, TCP:30587, TCP:41893, TCP:48574, TCP:58237, and any UDP or TCP port within the 5500-19999, 30000-65000 range.
+2. WireGuard: UDP:53, UDP:80, UDP:123, UDP:443, UDP:500, UDP:1194, UDP:2049, UDP:2050, UDP:4500, UDP:30587, UDP:41893, UDP:48574, UDP:58237, and any UDP port within the 5500-19999, 30000-65000 range.
+
+### For Windows, macOS, Linux, iOS, and Android:
+
+1. Open the IVPN client.
+2. Click on the "Gear" icon at the top right to access `Settings`. 
+3. Go to the `Connection` tab (`VPN protocol` on mobile clients).
+4. Select a different Port/Protocol combination.
+5. Retry the connection and repeat steps 1-4 as necessary.
+
+### Using CLI:
+
+Add the `-port` command argument `ivpn connect -port TCP:443 de.gw.ivpn.net` and try the connection again. You might have to try more than one combination to find the one best suited for your network.
+
+### For manual connection on any other platforms that you connect using our config files:
+
+#### OpenVPN
+<br>
+
+1. Open the .ovpn config file with any text editor and locate line 3 `proto udp` and line 4 `remote xx.gw.ivpn.net 2049`.
+2. Change those values to, e.g. `proto tcp` and `remote xx.gw.ivpn.net 443` (see all available port combinations above).
+3. Save the changes, (if required) create a new VPN profile in your OpenVPN client, and reconnect.
+4. In case the issue persists, go back to step 1 and try a different port.
+
+#### WireGuard
+<br>
+
+1. Open the WireGuard config file with any text editor.
+2. Change the port number in the `Endpoint` field, e.g. `ua1.wg.ivpn.net:443` (see all available port combinations above).
+3. Save the changes, (if required) create a new VPN profile in your WireGuard client, and reconnect.
+4. In case the issue persists, go back to step 1 and try a different port.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache.md b/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache.md
new file mode 100644
index 000000000..07657c78f
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache.md
@@ -0,0 +1,39 @@
+---
+title: How do I clear or flush my DNS cache? - IVPN Help
+h1: How do I clear or flush my DNS cache?
+url: /knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 110
+---
+# How do I clear or flush my DNS cache?
+
+The following instructions will flush the cache of your DNS resolver. This may be necessary if you are having DNS issues or you have [reset your DNS configuration](/knowledgebase/troubleshooting/how-can-i-reset-my-dns-settings/).
+
+### Windows 8 / Windows 10
+
+1.  On Windows 8 press the `Windows Key` or hover your mouse over the bottom left corner and click the Windows Icon. On Windows 10 click on the start button.
+2.  Begin typing `Command Prompt`.
+3.  Right-click the application and select `Run as Administrator`.
+4.  Enter the following command followed by the enter button:
+    ```
+    ipconfig /flushdns
+    ```
+
+### macOS
+
+1.  Click the `Terminal` icon in the dock or in Finder under Application/Utilities/Terminal.
+2.  Enter the following command followed by the enter button:
+    ```
+    sudo killall -HUP mDNSResponder
+    ```
+
+### Linux
+
+1.  Open a terminal window (gnome-terminal, konsole, xterm, etc.).
+2.  Enter the following command followed by the enter button:
+    ```
+    sudo /etc/init.d/nscd restart
+    ```
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-connect-to-the-vpn-from-a-remote-server.md b/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-connect-to-the-vpn-from-a-remote-server.md
new file mode 100644
index 000000000..2870a082e
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-connect-to-the-vpn-from-a-remote-server.md
@@ -0,0 +1,25 @@
+---
+title: How do I connect to the VPN from a remote server - IVPN Help
+h1: How do I connect to the VPN from a remote server
+url: /knowledgebase/troubleshooting/how-do-i-connect-to-the-vpn-from-a-remote-server/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 200
+---
+# How do I connect to the VPN from a remote server
+
+If you attempt to connect to the VPN from a server that you are remotely connected to, you will lose the connection to the server as soon as the VPN connects. This is because the VPN server pushes a new default route that sends the return traffic through the VPN. To prevent this, you'll need to edit the OpenVPN config file for the server you are connecting to and add the line below:
+
+```
+route A.B.C.D 255.255.255.255 net_gateway
+```
+
+where A.B.C.D is the IP address of the device you are connecting from.
+
+If you don't want to route all traffic through the VPN you can reject the default route pushed by the server by adding the directive below to the config file. You will then need to add your own static routes for the addresses you do want to route through the VPN.
+
+```
+route-nopull
+```
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-use-the-ping-command.md b/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-use-the-ping-command.md
new file mode 100644
index 000000000..8f540eca3
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-use-the-ping-command.md
@@ -0,0 +1,28 @@
+---
+title: How do I use the ping command? - IVPN Help
+h1: How do I use the ping command?
+url: /knowledgebase/troubleshooting/how-do-i-use-the-ping-command/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 100
+---
+# How do I use the ping command?
+
+You may need to use the "ping" utility to diagnose connectivity or DNS issues if you are having problems browsing websites while connected to the VPN.
+
+### Windows
+1. Open the Start menu.
+2. Start typing `Command Prompt`.
+3. Click `Command Prompt`.
+4. Type `ping 1.1.1.1` *(Replace 1.1.1.1 with the address you wish to ping)*.
+
+### macOS
+1. Open the `Applications` folder then goto `Utilities`.
+2. Click the `Terminal` application.
+3. Type `ping 1.1.1.1` *(Replace 1.1.1.1 with the address you wish to ping)*.
+
+### Linux
+1. Open a new `Terminal window`.
+2. Type `ping 1.1.1.1` *(Replace 1.1.1.1 with the address you wish to ping)*.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-verify-the-location-of-server.md b/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-verify-the-location-of-server.md
new file mode 100644
index 000000000..7653b3441
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-verify-the-location-of-server.md
@@ -0,0 +1,52 @@
+---
+title: How do I verify the location of a server? - IVPN Help
+h1: How do I verify the location of a server?
+url: /knowledgebase/troubleshooting/how-do-i-verify-the-location-of-server/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 220
+---
+# How do I verify the location of a server?
+
+Sometimes, when you check the location of a server using IP-based geolocation, the database may say the server is not where it is advertised. This is usually because the database is incorrect.
+
+You can, though, use tools available on the Internet to help verify the approximate location of a server. This technique is based on the understanding that the closer you are to a server the shorter the ping time should be. Whilst this may not be perfect it should be able to help you determine that a server is at least close to its stated location. For example, using a UK-based system I get the following ping times to various locations:
+
+| Location | Destination | Time ms |
+|---|---|---|
+| UK | gb1.gw.ivpn.net (UK) | 48 |
+| UK | fr1.gw.ivpn.net (France) | 49 |
+| UK | us-tx1.gw.ivpn.net (Texas, USA) | 152 |
+| UK | us-ut1.gw.ivpn.net (Utah, USA) | 186 |
+
+From the above, we can tell that the servers in Utah and Texas are further away than the ones in the UK and France but we can't really distinguish between the UK and France. We would need to ping the servers from a number of locations and compare the results to get a more accurate result. This is where Internet-based tools are useful. We will use the CA Technologies [Ping Test tool](https://asm.saas.broadcom.com/). This uses over 90 global locations to ping a server and displays the response time. (Note: The Ping Test tool was available previously, circa 2020, though seems to be behind a paywall/trial. This [ping test](https://www.wormly.com/test-remote-ping) may offer a similar experience without the paywall/trial.) Using the tool we can see (selected results):
+
+| Server: gb1.gw.ivpn.net (London, UK) |   | Server: fr1.gw.ivpn.net (Paris, FR) |
+|---|---|---|---|
+| *Test Location* | *Time ms* | *Test Location* | *Time ms* |
+| Manchester | 6.6 | Manchester | 14 |
+| London | 3.4 | London | 11 |
+| Edinburgh | 2.1 | Edinburgh | 9 |
+| Lille | 12 | Lille | 6 |
+| Milan | 26 | Milan | 20 |
+| Berlin | 21 | Berlin | 24 |
+| Frankfurt | 11 | Frankfurt | 14 |
+
+Interpreting the results: First, this neatly shows that this is not perfect. Edinburgh is geographically further away from London than Manchester but the results don't show this. You should discard outliers like this. For everything else, the closer the test location is to the target server, the shorter the ping time. You can have reasonable confidence that the servers are in the locations stated.
+
+At the time of writing, we have a server in Texas with the IP address 67.228.177.194 that is correctly geolocated. Some of the secondary IP addresses on the Texas server e.g. 67.213.212.242 are incorrectly geolocated* in Utah (the ISP's headquarter location). Let's use the ping test to see what's really happening (selected results):
+
+| Server: 67.228.177.194 (Texas) |   | Server: 67.213.212.242 (Utah) |
+|---|---|---|---|
+| *Test Location* | *Time ms* | *Test Location* | *Time ms* |
+| Atlanta, GA | 19 | Atlanta, GA | 19 |
+| Charlotte, NC | 25 | Charlotte, NC | 25 |
+| Los Angeles, CA | 30 | Los Angeles, CA | 30 |
+| Salt Lake City, UT | 35 | Salt Lake City, UT | 34 |
+| Dallas, TX | 4 | Dallas, TX | 4 |
+
+As you can see, at the time of writing, the ping times for both IP addresses are pretty much the same and Dallas TX is only 4 ms away from both. So we can be fairly sure that the geolocation is incorrect for the IP address 67.213.212.242.
+
+*We have submitted a request to the ISP to have the geolocation updated and they have agreed to do so.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/how-to-disable-enhanced-app-authentication-eaa.md b/src/content/es/pages/knowledgebase/troubleshooting/how-to-disable-enhanced-app-authentication-eaa.md
new file mode 100644
index 000000000..290723ddd
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/how-to-disable-enhanced-app-authentication-eaa.md
@@ -0,0 +1,37 @@
+---
+title: How to Disable Enhanced App Authentication (EAA)
+h1: How to Disable Enhanced App Authentication (EAA)
+url: /knowledgebase/troubleshooting/how-to-disable-enhanced-app-authentication-eaa
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 70
+---
+
+# How to Disable Enhanced App Authentication (EAA)
+
+### Via the IVPN App's Graphical Interface
+
+Go to the app's **Settings > Advanced > Enhanced App Authentication** area and click the `Disable` button, enter the EAA password, then click the `Disable` button.
+
+### Via the IVPN App's Command-Line Interface (CLI)
+
+Open a Command Prompt or Terminal and type `ivpn eaa -off`, type the EAA password, then press `Enter/Return`.
+
+### When the EAA Password is Lost
+
+Two options are available:
+
+- Use Windows Administrator access or macOS/Linux superuser (root) access to bypass the EAA password requirement to disable the EAA feature via the IVPN App directly.
+
+    **Windows:** right-click on the **Command Prompt** icon, click `Run as Administrator`. Type `ivpn eaa -off` and press `Enter`
+
+    **macOS/Linux:** In a Terminal, type `sudo ivpn eaa -off` or run `ivpn eaa -off` as root
+
+- EAA is based on a single file, which is protected for reading by a standard computer account with user-level privileges.  This file contains information about the EAA password.  If this file does not exist, EAA is disabled.  Removing this file manually will disable EAA.  Only a privileged user can remove this file (Windows Administrator, macOS/Linux superuser, or root).
+
+    **File locations:**  
+    Windows: `C:\Program Files\IVPN Client\etc\eaa`  
+    macOS: `/Library/Application Support/IVPN/eaa`  
+    Linux: `/opt/ivpn/mutable/eaa`  
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/how-to-submit-vpn-diagnostic-logs-to-ivpn.md b/src/content/es/pages/knowledgebase/troubleshooting/how-to-submit-vpn-diagnostic-logs-to-ivpn.md
new file mode 100644
index 000000000..12fac385b
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/how-to-submit-vpn-diagnostic-logs-to-ivpn.md
@@ -0,0 +1,81 @@
+---
+title: How to submit VPN diagnostic logs to IVPN? - IVPN Help
+h1: How to submit VPN diagnostic logs to IVPN?
+url: /knowledgebase/troubleshooting/how-to-submit-vpn-diagnostic-logs-to-ivpn/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 160
+---
+# How to submit VPN diagnostic logs to IVPN?
+
+If you are unable to resolve a technical issue please submit your logs by following the instructions below and contact our [support department](/contactus/) to request that they review them.
+
+### Windows
+
+1. Open the IVPN App and click on the gear icon to access the `Settings` area.
+2. Navigate to the `General` tab.
+3. Check on `Enable logging` and click the `Save` button.
+4. Use the VPN software in such a way that the error may be logged e.g. if you cannot connect then attempt to connect to the VPN.
+5. Go back to `Settings` > `General` and click on the `Submit logs` button.
+
+### macOS
+
+1. Open the IVPN application by clicking on the menu bar icon and then on `Show IVPN`.
+2. Click on the gear button in the top right and select `Preferences`.
+3. Navigate to the `General` tab.
+4. Check `Create log files` and close the window.
+5. Use the VPN software in such a way that the error may be logged e.g. if you cannot connect then attempt to connect to the VPN.
+6. Click on the small IVPN icon in your menu bar and then `Diagnostics logs`. Once the logs have been generated, click on the `Send logs` button.
+
+### Android
+
+1. Launch the IVPN App and tap on the gear icon to access the `Settings` menu.
+2. Click on the `VPN protocol` and select `OpenVPN`.
+3. Return one step back, scroll down, and toggle the `Enable logging` option **on**.
+4. Use the VPN software in such a way that the error may be logged e.g. if you cannot connect then attempt to connect to the VPN.
+5. Access the `Settings` menu once again and click on the `Send Logs` button.
+
+### iOS
+
+1. Launch the IVPN App and tap on the gear icon to access the `Settings` menu.
+2. Toggle the `Diagnostic logs` switch On.
+5. Use the VPN software in such a way that the error may be logged e.g. if you cannot connect then attempt to connect to the VPN.
+6. Access the Settings menu once again and click on the `Send Logs` button.
+
+### Linux
+
+#### GUI
+
+1. Open the IVPN App and click on the gear icon to access the `Settings` area.
+2. Navigate to the `General` tab.
+3. In the `Diagnostics` area, check `Allow logging`, then click the back button.
+4. Use the VPN software in such a way that the error may be logged e.g. if you cannot connect then attempt to connect to the VPN.
+5. Go back to `Settings` > `General` and click on the `Diagnostic logs ...` button to send.
+
+#### CLI
+
+IVPN CLI app stores logs in the following file - `/opt/ivpn/log/IVPN_Agent.log*`. Attach the file(s) to your email message to our support department or copy/paste the file contents into your support request.
+
+#### Manual
+
+1.  If you are using a different VPN client, use 'grep' to filter the OpenVPN logs from the system log e.g.
+    ```
+    sudo grep VPN /var/log/syslog
+    ```
+
+2.  If the step above outputs what appears to be the VPN logs then run the command below to create a log file in your home directory
+    ```
+    sudo grep VPN /var/log/syslog > ~/ivpn.log
+    ```
+
+3.  If you cannot see OpenVPN log entries in syslog, add the following line to the .ovpn file to enable file logging.
+    ```
+    log /var/log/openvpn
+    ```
+
+4.  If you are using NetworkManager, the following command will capture more details and create a file in your home directory:
+    ```
+    egrep -i "vpn|NetworkManager|nm-openvpn|nm-dispatcher" /var/log/syslog > ~/ivpn.log
+    ```
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/i-cannot-access-devices-on-my-local-network-why.md b/src/content/es/pages/knowledgebase/troubleshooting/i-cannot-access-devices-on-my-local-network-why.md
new file mode 100644
index 000000000..ddba8a561
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/i-cannot-access-devices-on-my-local-network-why.md
@@ -0,0 +1,19 @@
+---
+title: I cannot access devices on my local network. Why? - IVPN Help
+h1: I cannot access devices on my local network. Why?
+url: /knowledgebase/troubleshooting/i-cannot-access-devices-on-my-local-network-why/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 210
+---
+# I cannot access devices on my local network. Why?
+
+Whenever you use any of our desktop apps ([Windows](/apps-windows/), [macOS](/apps-macos/) or [Linux](/apps-linux/)) with the [IVPN Firewall](/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall/) enabled, please, keep in mind that all traffic is routed strictly through the VPN tunnel. This will prevent access to network printers, print servers, media servers, IP cameras, and all other devices on your local network.
+
+If you want to access and use a printer (or any other device) that resides on your local network – in the IVPN client, navigate to `Settings` - `IVPN Firewall` tab and check both `Allow LAN traffic when IVPN Firewall is enabled` and `Allow Multicast...` options.
+
+<div markdown="1" class="notice notice--warning">
+Note: Enabling these options will allow traffic only between devices that reside on the same local network and subnet mask. If you are unable to access them despite having these options checked, verify the IPs on both devices belong to the same local network and subnet mask.
+</div>
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do.md b/src/content/es/pages/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do.md
new file mode 100644
index 000000000..706dc2d07
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do.md
@@ -0,0 +1,70 @@
+---
+title: I cannot connect from China / Vietnam / Iran / Russia etc. What can I do? - IVPN Help
+h1: I cannot connect from China / Vietnam / Iran / Russia etc. What can I do?
+url: /knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 130
+---
+# I cannot connect from China / Vietnam / Iran / Russia etc. What can I do?
+
+If you are unable to connect from a country where there may be a restrictive national firewall we recommend enabling the **obfsproxy** or **V2Ray** options from within the IVPN client.
+
+When using OpenVPN we offer two solutions, V2Ray and Obfsproxy. For WireGuard, only V2Ray is currently available.
+
+Both solutions generally work well but you may find one solution is more performant and/or reliable depending on multiple variables relating to your location and the path your traffic takes to the VPN server. We recommend experimenting with both Obfsproxy and V2Ray options.
+
+<div markdown="1" class="notice notice--info">
+Obfuscation protocols are currently supported in the IVPN app for Windows, macOS, Linux and iOS (in beta). Adding the feature to the Android app is a work in progress.
+</div>
+
+### Graphical Interface for Windows, macOS, and Linux
+
+1. Click on the `Settings` gear icon.
+2. Click on the `Connection` tab.
+3. Select the preferred obfuscation option from the `Obfuscation` drop-down list.
+4. Exit `Settings` and connect to the VPN.
+
+### Command-Line Interface for Windows, macOS, and Linux
+
+Open a `Command Prompt` (Windows) or `Terminal` (macOS and Linux) and type one of the following commands.  Feel free to adjust the VPN protocol, obfuscation method and the server location as required:
+
+```
+ivpn connect -obfsproxy obfs4_iat1 -any Sweden
+```
+```
+ivpn connect -v2ray quic -p wireguard -fastest
+```
+
+Help is available with more **obfsproxy** & **V2Ray** options:
+
+```
+ivpn connect -h
+```
+
+### iOS
+
+<div markdown="1" class="notice notice--warning">
+Obfuscation with V2Ray on iOS is currently in <a href="/knowledgebase/ios/v2ray/" target="_blank">beta</a>.
+</div>
+
+1. Set the VPN protocol to `WireGuard`.
+2. Navigate to `Settings` - `Advanced` area.
+3. Toggle the `V2Ray` option on and select the preferred protocol.
+4. Exit `Settings` and connect to the VPN.
+
+### Inter-Arrival Timing (IAT) Mode
+
+This option is available for OBFS4 proxy and it is the elapsed time after receipt of a packet until the next packet arrives.  Three different options are available to determines packet segmentation rules:
+- **0 = disabled**: packets are segmented by the network, network fingerprints could be detected
+- **1 = enabled**: packets are segmented by the OBFS4 proxy, maximum payload is 1448 bytes, prevents re-assembly for analysis
+- **2 = paranoid**: random packet size, prevents re-assembly for analysis, uncommon and may or may not offer benefits
+
+There will likely be a performance decrease for the VPN connection with IAT-modes 1 and 2.
+
+### V2Ray options
+
+- **VMESS/QUIC**: a modern protocol designed to provide robust security and high performance, while reducing latency compared to traditional protocols. It makes your data appear as regular HTTPS traffic
+- **VMESS/TCP**: a traditional, widely-used protocol that guarantees reliable, ordered data delivery. It makes your data appear as regular HTTP traffic.
\ No newline at end of file
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/i-cannot-connect-to-the-vpn-what-can-i-do.md b/src/content/es/pages/knowledgebase/troubleshooting/i-cannot-connect-to-the-vpn-what-can-i-do.md
new file mode 100644
index 000000000..02afc1dd9
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/i-cannot-connect-to-the-vpn-what-can-i-do.md
@@ -0,0 +1,29 @@
+---
+title: I cannot connect to the VPN. What can I do? - IVPN Help
+h1: I cannot connect to the VPN. What can I do?
+url: /knowledgebase/troubleshooting/i-cannot-connect-to-the-vpn-what-can-i-do/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 20
+---
+# I cannot connect to the VPN. What can I do?
+
+Most connection failures are caused by something blocking the connection to our servers.  Before you begin troubleshooting a blocked connection please check the following:
+
+* Verify that your internet connection is working whilst disconnected from the VPN. Try loading a website or pinging a web address such as `8.8.8.8` or `1.1.1.1`. See [how to run the ping command](/knowledgebase/troubleshooting/how-to-run-the-ping-command/). If you are using the IVPN client, ensure that the IVPN firewall is not activated. If your connection is still not working then you will need to contact your ISP to resolve the issue.
+* Verify that the server you are connecting to is online and available on the [server status](/status/) page.
+* Double-check that you are using the correct IVPN Account ID (ivpnXXXXXXXX or i-XXXX-XXXX-XXXX). For more info see [I receive an 'authentication failure' message. What can I do?](/knowledgebase/troubleshooting/i-receive-an-andsharp039authentication-failureandsharp039-message--what-can-i-do/).
+
+Once you have verified all of the above, proceed to troubleshoot the connection as follows:
+
+1. Try connecting using a different OpenVPN port. See [how to change ports/protocols](/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect/).
+2. Try WireGuard VPN protocol - available in all of our [native apps](/apps/) for macOS, iOS, Windows, Linux and Android.
+3. Try IPSec with IKEv2 VPN protocol. Setup guides can be found [here](/apps/).
+4. Enable the [Obfsproxy](/knowledgebase/troubleshooting/i-cant-connect-from-china-or-vietnam-or-iran-etc-how-do-i-enable-obfsproxy/) feature and retry the connection.
+5. Temporarily disable any firewalls or antivirus software on your computer and retry the connection.
+6. Try another internet connection, some types of connections are particularly problematic such as public hotspots, cellular hotspots and hotel internet connections.
+7. Try another device as there may be an issue with your local device. Our service works with many different devices, see our [setup guides](/apps/).
+
+Still can't connect? Please see [how to submit VPN diagnostic logs to IVPN](/knowledgebase/troubleshooting/how-to-submit-openvpn-diagnostic-data-to-ivpn/) so we can help you diagnose the issue.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/i-lose-internet-connection-when-i-disconnect-from-ivpn-why.md b/src/content/es/pages/knowledgebase/troubleshooting/i-lose-internet-connection-when-i-disconnect-from-ivpn-why.md
new file mode 100644
index 000000000..2377569ae
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/i-lose-internet-connection-when-i-disconnect-from-ivpn-why.md
@@ -0,0 +1,17 @@
+---
+title: I lose Internet connection when I disconnect from IVPN. Why? - IVPN Help
+h1: I lose Internet connection when I disconnect from IVPN. Why?
+url: /knowledgebase/troubleshooting/i-lose-internet-connection-when-i-disconnect-from-ivpn-why/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 240
+---
+# I lose Internet connection when I disconnect from IVPN. Why?
+
+Most likely, you have IVPN Firewall (kill switch) enabled. It was designed to ensure that all traffic is routed strictly through the VPN tunnel to prevent any possible leaks or your real IP address from being exposed. Given the latter, it will also block the Internet connection if you disconnect from the IVPN network.
+
+To regain access to the Internet, you must either disable the IVPN Firewall or reconnect to any of the IVPN servers. You may also control its behaviour within the app's `Settings` area - `IVPN Firewall` tab.
+
+Feel free to read more about how our Firewall works [here](/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall/)
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/i-receive-an-andsharp039authentication-failureandsharp039-message-what-can-i-do.md b/src/content/es/pages/knowledgebase/troubleshooting/i-receive-an-andsharp039authentication-failureandsharp039-message-what-can-i-do.md
new file mode 100644
index 000000000..5f2bc899c
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/i-receive-an-andsharp039authentication-failureandsharp039-message-what-can-i-do.md
@@ -0,0 +1,18 @@
+---
+title: I receive an 'authentication failure' message. What can I do? - IVPN Help
+h1: I receive an 'authentication failure' message. What can I do?
+url: /knowledgebase/troubleshooting/i-receive-an-andsharp039authentication-failureandsharp039-message-what-can-i-do/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 80
+---
+# I receive an 'authentication failure' message. What can I do?
+
+1. Check that your IVPN Account ID is in the form 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX'. You can check this in the [Client Area](/account/).
+2. Check that the IVPN Account ID is entered in the correct case i.e. 'ivpnABcd12' is not the same as 'ivpnabcd12'.
+3. You may have reached the device limit for your account.  You may have to log out of the IVPN App on another device to free up a slot.
+4. There may be a network restriction blocking access to our authentication server.  You may have to try a different network.
+5. Try logging out from the IVPN App, then logging back in. This will refresh the account status. The logout button is available on the 'Account' screen in the IVPN App on mobile devices.  For macOS, the logout is accessible via the app's menu bar icon.  For Windows, please log out via the app's 'Settings' area on the 'Account' tab.
+6. If you are still unable to connect, your account is most likely disabled/suspended. Verify that your VPN account is active by logging into the client area. If your account has been suspended, [renew](/knowledgebase/billing/how-can-i-reactivate-my-account/) your account to automatically unsuspended it.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/my-real-location-is-detected-when-connected-to-vpn-how-to-disable-geolocation.md b/src/content/es/pages/knowledgebase/troubleshooting/my-real-location-is-detected-when-connected-to-vpn-how-to-disable-geolocation.md
new file mode 100644
index 000000000..c36d9e35d
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/my-real-location-is-detected-when-connected-to-vpn-how-to-disable-geolocation.md
@@ -0,0 +1,71 @@
+---
+title: My real location is detected when connected to VPN. How to disable geolocation? - IVPN Help
+h1: My real location is detected when connected to VPN. How to disable geolocation?
+url: /knowledgebase/troubleshooting/my-real-location-is-detected-when-connected-to-vpn-how-to-disable-geolocation/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 30
+---
+# My real location is detected when connected to VPN. How to disable geolocation?
+
+Most modern browsers implement the [geolocation API](http://dev.w3.org/geo/api/spec-source.html) as defined by the W3C which enables browsers to detect the geographic location of the device. This enables web services that rely on location information to function correctly. The specification doesn't define the location sources but the following are commonly used:
+
+1. Global Positioning System (GPS)
+2. Available Wi-Fi networks and signal strengths
+3. GSM/CDMA cell IDs
+4. IP address
+
+If you are connected to IVPN the IP address lookup should return the location of the VPN server. However, if your browser is configured to use any of the alternate location sources then your actual location may be revealed to web services. Most commonly your Wi-Fi network information will be used as there are large databases that map Wi-Fi networks to a geographic location (usually created by cars with GPS & Wi-Fi e.g. Google Street View cars).
+
+## How to disable geolocation in browsers?
+
+### Google Chrome
+
+1. Click the Chrome menu button on the browser toolbar (with the 3 dots).
+2. Click on `Settings`.
+3. Scroll down and click on `Advanced`.
+4. In the 'Privacy and security' section, click `Site settings`.
+5. Click 'Location' and toggle 'Ask before accessing' to 'Blocked'.
+
+For further information see [Google's location sharing](https://support.google.com/chrome/answer/142065?hl=en) page.
+
+### Firefox
+
+1. In the URL bar, type `about:config`.
+2. In the search bar type `geo.enabled`.
+3. Double click on the geo.enabled preference. Location-Aware Browsing should now be disabled.
+
+For further information see the [Firefox Location-Aware Browsing](https://www.mozilla.org/en-US/firefox/geolocation/) page.
+
+### Internet Explorer
+
+1. Open the Tools menu by clicking on the gear icon in the upper-right corner of the browser window.
+2. Open the `Privacy` tab.
+3. Under Location, select the option `Never Allow Websites To Request Your Physical Location`.
+
+### Microsoft Edge
+
+1. Hit the `Windows` button & select `Settings`
+2. Navigate to `Privacy` -> `Location` and toggle location to `Off`
+
+For further information see the [Windows 10 location service and privacy: FAQ](http://windows.microsoft.com/en-us/windows-10/location-service-privacy).
+
+### Apple Safari
+
+1.  Choose `System Preferences` from the Apple () menu.
+2.  Click the `Security & Privacy` icon in the System Preferences window.
+3.  Click the `Privacy` tab.
+4.  If the padlock icon in the lower left is locked  
+    ![](https://support.apple.com/library/content/dam/edam/applecare/images/en_US/il/locked_icon.png)  
+    , click it and enter an admin name and password to unlock it  
+    ![](https://support.apple.com/library/content/dam/edam/applecare/images/en_US/il/unlocked_icon.png)
+5.  Select `Location Services`.
+6.  Uncheck 'Safari' to disable geolocation. 
+
+### Opera
+
+1. In the URL bar, type `about:config`.
+2. In the Preferences Editor, expand the `Geolocation` section.
+3. Uncheck `Enable geolocation`.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/my-vpn-connection-is-randomly-disconnecting-what-can-i-do.md b/src/content/es/pages/knowledgebase/troubleshooting/my-vpn-connection-is-randomly-disconnecting-what-can-i-do.md
new file mode 100644
index 000000000..499775103
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/my-vpn-connection-is-randomly-disconnecting-what-can-i-do.md
@@ -0,0 +1,29 @@
+---
+title: My VPN connection is randomly disconnecting. What can I do? - IVPN Help
+h1: My VPN connection is randomly disconnecting. What can I do?
+url: /knowledgebase/troubleshooting/my-vpn-connection-is-randomly-disconnecting-what-can-i-do/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 50
+---
+# My VPN connection is randomly disconnecting. What can I do?
+
+Disconnections are frustrating and can potentially compromise your privacy. It is very helpful to have a basic understanding of what causes a VPN to disconnect in order to troubleshoot the issue.
+
+### What causes disconnections?
+
+The client software and server both send each other a cryptographically signed ping packet every 10 seconds to inform the other side that they are active/alive. If the client doesn't receive this ping packet (or any other data) from the server for longer than 120 seconds it assumes the server is no longer available and disconnects.  This happens because the ping packets are being either lost or blocked on the path between your device and the server. This could be a software or hardware router filtering these packets or an unreliable Internet connection which is causing packet loss.
+
+### What can you do?
+
+1. Change the port of the VPN protocol you use to connect, see [how to change ports/protocols](/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect/).
+2. Try WireGuard VPN protocol - available in all of our [native apps](/apps/) for macOS, iOS, Windows, Linux and Android.
+3. Try IPSec with IKEv2 VPN protocol. Setup guides can be found [here](/apps/).
+4. Try connecting to a different server, there may be an issue between your device and the server.
+5. If you are connecting from a location where you think your connection may be censored, try enabling obfsproxy from within the IVPN client. See [how to enable obfsproxy](/knowledgebase/troubleshooting/i-cant-connect-from-china-or-vietnam-or-iran-etc-how-do-i-enable-obfsproxy/). Instructions for Linux users are available [here](/knowledgebase/linux/linux-how-can-i-circumvent-vpn-censorship-by-masking-the-vpn-traffic/).
+6. Try connecting from another device to see if the issue is with the device. We support a large range of devices, see our [setup guides](/apps/).
+7. Restart your router device. Check if there are available updates to your router's firmware - they might contain various fixes and improve the general performance and quality of the connection after installing it.
+8. Try another internet connection as your connection may be unreliable, especially shared wireless connections (hotels, coffee shops), cellular (3G/4G/5G) etc.
+9. Advanced users may want to read about MTU and experiment with adjusting the maximum UDP packet sizes for OpenVPN (using the tun-mtu, fragment and mssfix directives). More information can be found in the [OpenVPN manual](https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage).
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/my-vpn-is-connected-but-i-cannot-browse-the-internet-why.md b/src/content/es/pages/knowledgebase/troubleshooting/my-vpn-is-connected-but-i-cannot-browse-the-internet-why.md
new file mode 100644
index 000000000..1e551ee41
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/my-vpn-is-connected-but-i-cannot-browse-the-internet-why.md
@@ -0,0 +1,27 @@
+---
+title: My VPN is connected but I cannot browse the Internet, why? - IVPN Help
+h1: My VPN is connected but I cannot browse the Internet, why?
+url: /knowledgebase/troubleshooting/my-vpn-is-connected-but-i-cannot-browse-the-internet-why/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 40
+---
+# My VPN is connected but I cannot browse the Internet, why?
+
+The most common reason you cannot browse the internet when connected to the VPN is a **DNS configuration issue**. Please perform the following steps to see if the issue is related to DNS:
+
+1. Ping an external IP such as **`1.1.1.1`** and **`8.8.8.8`** to verify that you have Internet connectivity. See [how to run the ping command](/knowledgebase/troubleshooting/how-do-i-use-the-ping-command/).
+2. If you see replies from the ping above this indicates your connection is working and your issue is likely DNS related, continue to the "resolving DNS issues" section below.
+3. If you do not get a reply (e.g. "Request timeout") this indicates something is blocking the VPN connection, see [I cannot connect to the VPN, what can I do?](/knowledgebase/troubleshooting/i-cannot-connect-to-the-vpn-what-can-i-do/)
+
+### Resolving DNS Issues
+
+1. The first step is to reset your DNS settings. Disconnect from the VPN and follow the steps in [How to reset your DNS settings](/knowledgebase/troubleshooting/how-can-i-reset-my-dns-settings/). Try connecting again and browsing.
+2. If the above does not resolve the issue then you can configure OpenDNS to resolve your DNS. Follow the relevant instructions on the [OpenDNS setup](https://support.opendns.com/forums/21618384) page. (Please note that by configuring OpenDNS servers your DNS requests will be sent to OpenDNS, which may be considered a leak).
+3. If you are using Linux please ensure that you are running commands as root using the `sudo` command or the DNS resolver may not be updated correctly.
+4. If you have configured a proxy, please ensure that it is disabled.  This usually needs to be done via your browser settings.
+5. If you have another browser installed (Firefox, Chrome, Safari, Opera, Brave, Edge) try browsing with that browser and see if you have the same issue. You should also attempt to start your browser in 'safe mode' with all addons/plugins disabled. In Chrome, you simply have to open an 'incognito' window. If any of these methods allow you to browse the Internet then the issue lies with your Internet browser configuration. 
+
+Still can't connect? Please see [how to submit VPN diagnostic logs to IVPN](/knowledgebase/troubleshooting/how-to-submit-vpn-diagnostic-logs-to-ivpn/) so we can help you diagnose the issue.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/my-vpn-is-slow-what-can-i-do-to-make-it-faster.md b/src/content/es/pages/knowledgebase/troubleshooting/my-vpn-is-slow-what-can-i-do-to-make-it-faster.md
new file mode 100644
index 000000000..67320a34e
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/my-vpn-is-slow-what-can-i-do-to-make-it-faster.md
@@ -0,0 +1,53 @@
+---
+title: My VPN is slow, what can I do to make it faster? - IVPN Help
+h1: My VPN is slow, what can I do to make it faster?
+url: /knowledgebase/troubleshooting/my-vpn-is-slow-what-can-i-do-to-make-it-faster/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 10
+---
+# My VPN is slow, what can I do to make it faster?
+
+The Internet is a large and dynamic network routing data packets between billions of devices. When the computers routing this data fail certain routes become unavailable and traffic has to be temporarily routed over an alternate path causing congestion on the new route (much like a road traffic system). Speed issues are therefore often temporary and will resolve themselves automatically as new routes are added, repaired and optimized.
+
+A VPN is dependent on the speed of your connection to the Internet. Whatever the speed of the connection is, the VPN cannot be faster. In fact, you should expect a small loss in speed when connecting to any VPN service due to the software having to encrypt every packet of data. This loss should be small, usually 10-20% when compared with your connection without a VPN.
+
+If you have a persistent speed issue consider the following troubleshooting steps:
+
+1.  ### Change servers
+    Selecting a server that is geographically close to you will normally result in increased performance (due to lower latency). In addition, changing to a server in another location may bypass any congestion issues depending on how close the congestion is to your location. See our [server status](/status/) page for a list of locations where we have servers.
+
+2.  ### Change VPN port/protocol
+    Your VPN software connects to our servers on a specific port number (e.g. 443) using a specific protocol (UDP or TCP). Some networks restrict the speed of certain ports or protocols.  Try changing the port/protocol until you identify the fastest combination. See [how to change ports and protocols](/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect/).
+
+3.  ### Use a wired connection
+    Your speed may be limited by your Wi-Fi connection. Wireless connections rely on a shared channel to transmit data between multiple devices which may result in increased latency and slower speeds. Wired connections normally support much higher speeds and are always preferable if you have access to one.
+
+4.  ### Switch devices
+    Certain devices are not capable of providing high speeds due to the heavy encryption overhead of a VPN tunnel.  These devices often include routers, NAS, older Android devices, and early generation iOS devices.  If you are using one of these devices then your only solution is to switch to a device with a more capable processor.
+
+5.  ### Restart your Modem/Router
+    Over time your modem or router may slow down due to memory leaks etc. Restarting your modem/router may increase the speed of your connection and thus the VPN.
+
+6.  ### Try WireGuard
+    OpenVPN connections may be restricted or throttled on some networks. Using WireGuard may result in a faster connection. WireGuard is available on our [native apps](/apps/) for macOS, iOS, Windows, Linux, and Android.
+
+7.  ### Temporarily disable local security software
+    Firewall or antivirus software can slow down VPN traffic by filtering or scanning outgoing packets. Try temporarily disabling your security software to determine if the security software is the cause of the performance issue.
+
+8.  ### Restart your Device
+    Over time many devices experience "fatigue" due to running out of free memory or resources. Restarting your device may help your connection speed.
+
+9.  ### Install the latest device updates
+    Check if your device has available firmware updates - they might contain various fixes and improve the general performance and quality of the connection after installing it.
+
+10. ### Connecting from another location
+    It may be that there is an issue with your connection to your ISP. You can easily check this by connecting to the Internet from another location e.g. coffee shop / neighbor etc.
+
+### Advanced options
+
+1. To locate the congestion or network hop which is delaying your traffic, run a traceroute. Try tracerouting to the host you are trying to reach both with and without the VPN active.
+2. Override the DNS with 3rd party DNS servers. We always advise customers to use our DNS servers to prevent DNS privacy leaks. However, you may wish to test whether our DNS servers are the cause of your performance issues.
+3. Adjust the MTU. You'll need to read up about how to determine the best MTU for your network. If you change the network you are connecting from in the future don't forget that you may need to change the MTU again.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/replay-window-backtrack-occurred-error.md b/src/content/es/pages/knowledgebase/troubleshooting/replay-window-backtrack-occurred-error.md
new file mode 100644
index 000000000..93cab7b35
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/replay-window-backtrack-occurred-error.md
@@ -0,0 +1,15 @@
+---
+title: '"Replay-window backtrack occurred" - error - IVPN Help'
+h1: '"Replay-window backtrack occurred" - error'
+url: /knowledgebase/troubleshooting/replay-window-backtrack-occurred-error/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 170
+---
+# "Replay-window backtrack occurred" - error
+
+This error is generally caused by network congestion and latency when using the UDP protocol. Essentially packets are being dropped or received by the server in the wrong order. This is often seen when connecting to Wi-Fi networks with a poor signal or 3G/4G networks.
+
+The best solution is to switch to using the TCP protocol. You can do this by selecting the TCP protocol option from within the IVPN app or editing the relevant OpenVPN configuration file.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/the-battery-on-my-phone-drains-too-fast-while-using-ivpn-why.md b/src/content/es/pages/knowledgebase/troubleshooting/the-battery-on-my-phone-drains-too-fast-while-using-ivpn-why.md
new file mode 100644
index 000000000..0460b8e95
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/the-battery-on-my-phone-drains-too-fast-while-using-ivpn-why.md
@@ -0,0 +1,26 @@
+---
+title: The battery on my phone drains too fast while using IVPN. Why? - IVPN Help
+h1: The battery on my phone drains too fast while using IVPN. Why?
+url: /knowledgebase/troubleshooting/the-battery-on-my-phone-drains-too-fast-while-using-ivpn-why/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 230
+---
+# The battery on my phone drains too fast while using IVPN. Why?
+
+Extensive battery usage with IVPN would not be particularly unusual for a combination of reasons, more specifically:
+
+1. The IVPN App offers VPN protocols with the highest level of encryption available, thus using more CPU power, which results in a higher battery consumption as a result.
+2. Mobile devices usually 'sleep' and shut down persistent network connections in favor of reduced bandwidth and energy, a solution called 'push'. However, a VPN tunnel requires constant connectivity to ensure security, and this does not utilize this power-saving method.
+
+On the most recent version of the IVPN App for iOS, disabling the 'Keep alive on sleep' option may reduce battery consumption.
+
+<div markdown="1" class="notice notice--warning">
+Disabling keep-alive will not result in any data leak outside of the VPN, as the on-demand rules will automatically re-establish the VPN tunnel before any network traffic starts on the device. Keep-alive, when on, makes sure that the VPN tunnel is active even when the device is in sleep mode. By disabling it, the VPN tunnel is reconnected only when the device needs to make network requests. Disabling keep-alive will improve battery consumption when the device is in sleep mode, but the drawback is you might experience occasional slowdowns due to wake-up reconnections.
+</div>
+
+If security is not your primary concern and to preserve the battery power, consider disconnecting from the VPN connection when not in use or when your device is sleeping.
+
+Alternatively, you may try the [WireGuard VPN protocol](/knowledgebase/general/wireguard-faq/), which was proven to provide higher performance while causing less stress to the battery.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/tls-error-unroutable-control-packet-received-how-to-fix.md b/src/content/es/pages/knowledgebase/troubleshooting/tls-error-unroutable-control-packet-received-how-to-fix.md
new file mode 100644
index 000000000..3742cc647
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/tls-error-unroutable-control-packet-received-how-to-fix.md
@@ -0,0 +1,49 @@
+---
+title: '"TLS Error: Unroutable control packet received" - How to fix - IVPN Help'
+h1: '"TLS Error: Unroutable control packet received" - How to fix'
+url: /knowledgebase/troubleshooting/tls-error-unroutable-control-packet-received-how-to-fix/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 90
+---
+# "TLS Error: Unroutable control packet received" - How to fix
+
+The OpenVPN protocol requires the client and server to have synchronized time. If the time on your local PC is incorrect you may see the error **TLS Error: Unroutable control packet received from** in your logs.
+
+### Windows
+
+1. Go to `Start` > `Settings` > `Time & language` > `Date & time`.
+2. Toggle `Set time automatically` to `On`.
+
+### macOS
+
+1. Open the `System Preferences`.
+2. Click the Date & Time icon and ensure that `Set date and time automatically` is selected.
+
+### Linux
+
+You need to install and configure an NTP client. Refer to the documentation for your distribution for further instructions.
+
+### DD-WRT
+
+Please refer to the section **Correct Time** on this page [http://www.dd-wrt.com/wiki/index.php/OpenVPN](http://www.dd-wrt.com/wiki/index.php/OpenVPN)
+
+To set the time manually, connect via telnet or ssh and run the following command at the prompt:
+
+```
+date YYYYMMDDhhmm
+```
+
+If you set the Date and Time manually, you will have to do that every time your router is rebooted.
+
+Instead, it is recommended to enable and connect your device to the NTP server to allow system Date and Time automatically sync with the current time. For help, see https://wiki.dd-wrt.com/wiki/index.php/Network_Time_Protocol
+
+### pfSense
+
+pfSense will attempt to keep the router device’s time synchronized with the ntp.org Network Time Protocol (NTP) server pool automatically. Check `Status` > `NTP` for details. If time is out of sync, there may be a DNS issue preventing the NTP hostname lookup. The pfSense system log will show details via `Status` > `System Logs` > `NTP`.
+
+### OpenWRT
+
+OpenWrt’s NTP client is enabled by default and will attempt to keep the router device’s system clock synchronized automatically. Configuration details and further information can be found here https://openwrt.org/docs/guide-user/advanced/ntp_configuration
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/tls-key-negotiation-failed-to-occur-how-to-fix.md b/src/content/es/pages/knowledgebase/troubleshooting/tls-key-negotiation-failed-to-occur-how-to-fix.md
new file mode 100644
index 000000000..317ad1c0e
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/tls-key-negotiation-failed-to-occur-how-to-fix.md
@@ -0,0 +1,13 @@
+---
+title: '"TLS key negotiation failed to occur" - How to fix - IVPN Help'
+h1: '"TLS key negotiation failed to occur" - How to fix'
+url: /knowledgebase/troubleshooting/tls-key-negotiation-failed-to-occur-how-to-fix/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 190
+---
+# "TLS key negotiation failed to occur" - How to fix
+
+This log entry indicates that the connection to our VPN server is being blocked. Please see [I cannot connect to the VPN, what can I do?](/knowledgebase/troubleshooting/i-cannot-connect-to-the-vpn-what-can-i-do/)
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers.md b/src/content/es/pages/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers.md
new file mode 100644
index 000000000..3f9f628c4
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers.md
@@ -0,0 +1,83 @@
+---
+title: What is the IP address of your DNS servers? - IVPN Help
+h1: What is the IP address of your DNS servers?
+url: /knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers/
+sections:
+    - troubleshooting
+sectionTitle: Troubleshooting
+layout: help-details
+weight: 150
+---
+# What is the IP address of your DNS servers?
+
+The IVPN DNS servers clients use when connected to our VPN servers are not publicly accessible from the Internet. They are internal and can be used only when connected to an IVPN server.  Three types of internal DNS servers are available on each VPN server:
+
+* Regular DNS with no blocking (OpenVPN + WireGuard + IPSec with IKEv2)
+* Normal [AntiTracker](/antitracker/) to block advertising and malware domains (OpenVPN + WireGuard)
+* Hardcore Mode AntiTracker to also block Google and Facebook domains (OpenVPN + WireGuard)
+
+
+### Regular DNS Servers
+
+For WireGuard connections, the regular DNS address is: `172.16.0.1`
+
+For OpenVPN connections, the regular DNS address is: `10.0.254.1`
+
+With an OpenVPN connection there is another regular DNS address available.  To work out the address, look at the IP assigned to you when you connect. The DNS servers are in the format `10.x.y.1`. For example, if the VPN address you receive is `10.16.4.66` then the DNS address will be `10.16.4.1`.
+
+
+### AntiTracker with Optional Hardcore Mode
+
+The original AntiTracker addresses remain unchanged (same as **OISD Big** below):
+
+Normal   `10.0.254.2` and 
+Hardcore `10.0.254.3`
+
+The [AntiTracker Plus](/knowledgebase/general/antitracker-plus-lists-explained/) options follow a similar IP address pattern for normal and hardcore modes:
+
+#### Basic
+Normal   `10.0.254.4` and 
+Hardcore `10.0.254.5`
+
+#### Comprehensive
+Normal   `10.0.254.6` and 
+Hardcore `10.0.254.7`
+
+#### Restrictive
+Normal   `10.0.254.18` and 
+Hardcore `10.0.254.19`
+
+#### EasyList + EasyPrivacy
+Normal   `10.0.254.14` and 
+Hardcore `10.0.254.15`
+
+#### OISD Big
+Normal   `10.0.254.2` and 
+Hardcore `10.0.254.3`
+
+#### Developer Dan Ads + Tracking
+Normal   `10.0.254.8` and 
+Hardcore `10.0.254.9`
+
+#### Steven Black Unified + Ads + Malware
+Normal   `10.0.254.20` and 
+Hardcore `10.0.254.21`
+
+#### 1Hosts Extra
+Normal   `10.0.254.16` and 
+Hardcore `10.0.254.17`
+
+#### Hagezi Pro
+Normal   `10.0.254.10` and 
+Hardcore `10.0.254.11`
+
+#### Hagezi Ultimate
+Normal   `10.0.254.12` and 
+Hardcore `10.0.254.13`
+
+
+### Public DNS Server
+
+We provide a public, validating, non-logging, recursive DNS server: `198.245.51.147`
+
+No IVPN connection -- or account -- required.
diff --git a/src/content/es/pages/knowledgebase/windows/_index.md b/src/content/es/pages/knowledgebase/windows/_index.md
new file mode 100644
index 000000000..94ca18612
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/windows/_index.md
@@ -0,0 +1,7 @@
+---
+title: Windows - IVPN Help
+url: /knowledgebase/windows/
+section: windows
+layout: help
+---
+## Windows
diff --git a/src/content/es/pages/knowledgebase/windows/windows-10-set-ivpn-dns-servers-manually.md b/src/content/es/pages/knowledgebase/windows/windows-10-set-ivpn-dns-servers-manually.md
new file mode 100644
index 000000000..452713985
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/windows/windows-10-set-ivpn-dns-servers-manually.md
@@ -0,0 +1,38 @@
+---
+title: Windows 10 - Set IVPN DNS servers manually - IVPN Help
+h1: Windows 10 - Set IVPN DNS servers manually
+url: /knowledgebase/windows/windows-10-set-ivpn-dns-servers-manually/
+sections:
+    - windows
+sectionTitle: Windows
+layout: help-details
+weight: 110
+---
+# Windows 10 - Set IVPN DNS servers manually
+
+In some cases, it may be beneficial to set DNS servers on your system manually. The IVPN App does this automatically, though this can he helpful with some manual VPN connection.
+
+1.  Open the `Control Panel` by clicking the Start menu icon and typing `control panel`
+
+2.  Click `Network and Internet` followed by `Network and Sharing Centre`
+
+3.  Click `Change Adapter settings`
+
+4.  Right-click the icon for the Ethernet or Wi-Fi network adapter and choose `Properties`
+
+5.  Click `Internet Protocol Version 4 (TCP/IPv4)` and click the `Properties` button
+
+    ![](/images-static/uploads/050-adapter-properties-window-ipv4.png)
+
+6.  Switch to `Use the following DNS server addresses` and enter the IVPN addresses. We offer different internal options plus one public DNS servers:
+
+    ```
+    10.0.254.1 = regular DNS with no blocking
+    10.0.254.2 = standard AntiTracker to block advertising and malware domains
+    10.0.254.3 = Hardcore Mode AntiTracker to also block Google and Facebook
+    198.245.51.147 = public, validating, non-logging, recursive DNS server
+    ```
+
+    ![](/images-static/uploads/060-manual-dns-addresses.png)
+
+7.  Click `OK` on the IPv4 properties window. Click `Close` on the network adapter properties window
diff --git a/src/content/es/pages/knowledgebase/windows/windows-all-tap-win32-adapters-in-use-error.md b/src/content/es/pages/knowledgebase/windows/windows-all-tap-win32-adapters-in-use-error.md
new file mode 100644
index 000000000..be9e80418
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/windows/windows-all-tap-win32-adapters-in-use-error.md
@@ -0,0 +1,29 @@
+---
+title: Windows - "All TAP-Win32 Adapters in Use" error - IVPN Help
+h1: Windows - "All TAP-Win32 Adapters in Use" error
+url: /knowledgebase/windows/windows-all-tap-win32-adapters-in-use-error/
+sections:
+    - windows
+    - troubleshooting
+sectionTitle: Windows
+layout: help-details
+weight: 30
+---
+# Windows - "All TAP-Win32 Adapters in Use" error
+
+This error indicates that the VPN was not cleanly disconnected from the previous session or another VPN connection is already established.
+
+1. Click the `Start Menu` button and then select the `Control Panel`.
+2. Click on `Network and Internet`.
+3. Click on `Network and Sharing Center`.
+4. Click on `Change adapter settings`.
+5. Find the connection which is your TAP Adapter, right-click the `TAP adapter` and select `Disable`.
+6. Right-click the `TAP adapter` and select `Enable`.
+
+If the above does not resolve the issue please close and restart all OpenVPN processes by following these steps
+
+1. Press `Ctrl+Alt+Del`.
+2. Open `Task Manager`.
+3. End all instances of any process containing the word **OpenVPN**.
+4. Restart OpenVPN.
+5. Retry connecting to IVPN.
diff --git a/src/content/es/pages/knowledgebase/windows/windows-defender-smartscreen-prevents-the-installation-of-ivpn-app-why.md b/src/content/es/pages/knowledgebase/windows/windows-defender-smartscreen-prevents-the-installation-of-ivpn-app-why.md
new file mode 100644
index 000000000..a39f301aa
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/windows/windows-defender-smartscreen-prevents-the-installation-of-ivpn-app-why.md
@@ -0,0 +1,27 @@
+---
+title: Windows Defender SmartScreen prevents the installation of IVPN app. Why? - IVPN Help
+h1: Windows Defender SmartScreen prevents the installation of IVPN app. Why?
+url: /knowledgebase/windows/windows-defender-smartscreen-prevents-the-installation-of-ivpn-app-why/
+sections:
+    - windows
+sectionTitle: Windows
+layout: help-details
+weight: 130
+---
+# Windows Defender SmartScreen prevents the installation of IVPN app. Why?
+
+Our development team has rewritten our desktop apps to be more efficient as well as signed them with the new certificate. It might take up to 2-3 weeks for a new certificate to build enough reputation, until that, Windows Defender Smartscreen can prevent the execution of the file, detecting it as an "unrecognized" app.
+
+This block by Windows Security is a false positive. Please make sure you have downloaded the installer directly from our [website](/apps-windows/) and not any 3rd party site to ensure that no malware has been injected.
+
+The [changelog](https://github.com/ivpn/desktop-app-ui/blob/master/CHANGELOG_windows.md) for our Windows app offers a SHA1 checksum, which you can use to verify the integrity of the download above to make sure no tampering has occurred during the download. Details on how to verify a checksum can be found [here](https://support.microsoft.com/en-us/help/889768/how-to-compute-the-md5-or-sha-1-cryptographic-hash-values-for-a-file).
+
+In the meantime, to proceed with the installation when you receive a Windows Defender Smartscreen warning message, click on `More info`:
+
+![](https://www.ivpn.net/img/screens/install/smartscreen_1.png)
+
+..and click on the `Run anyway` button.
+
+![](https://www.ivpn.net/img/screens/install/smartscreen_2.png)
+
+You may have to temporarily disable any other running security software running on your computer to allow the installation to proceed. Please be sure to re-enable it back immediately after installing our app. For extra security, you might consider temporarily disabling your network connection while the real-time protection is disabled.
diff --git a/src/content/es/pages/knowledgebase/windows/windows-dns-cannot-be-resolved.md b/src/content/es/pages/knowledgebase/windows/windows-dns-cannot-be-resolved.md
new file mode 100644
index 000000000..9f8df38b2
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/windows/windows-dns-cannot-be-resolved.md
@@ -0,0 +1,19 @@
+---
+title: Windows - "DNS Cannot be resolved" - IVPN Help
+h1: Windows - "DNS Cannot be resolved"
+url: /knowledgebase/windows/windows-dns-cannot-be-resolved/
+sections:
+    - windows
+sectionTitle: Windows
+layout: help-details
+weight: 70
+---
+# Windows - "DNS Cannot be resolved"
+
+What if your browser cannot load any web pages and it receives 'DNS cannot be resolved' error when connected to IVPN? Most of the time this is happening because of 3rd-party software altering the DNS server configuration on your computer. To work around this, check the following steps:
+
+1. Make sure IVPN Firewall is enabled (assuming you use our [official software](/apps-windows/))
+2. Open your Network Management (hit 'Windows' button - > Type 'ncpa.cpl' - > 'Enter') and find 'Tap-Windows' device - > Double click on it - > Properties - > Double click 'IPv4' - > Make sure you have 'Obtain DNS server address automatically' checked
+3. Reconnect to IVPN
+
+When you establish the VPN connection, IVPN pushes and applies our DNS IP-address to your system if the network adapter is configured to set the DNS automatically. In case the latter is not happening, the installed Antivirus/Firewall or various Network Filtering software can prevent that from happening and it is advised to have the IVPN client whitelisted there to avoid the aforementioned issue.
diff --git a/src/content/es/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-save-my-credentials.md b/src/content/es/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-save-my-credentials.md
new file mode 100644
index 000000000..ad3dfd499
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-save-my-credentials.md
@@ -0,0 +1,37 @@
+---
+title: Windows - How do I configure OpenVPN to save my credentials? - IVPN Help
+h1: Windows - How do I configure OpenVPN to save my credentials?
+url: /knowledgebase/windows/windows-how-do-i-configure-openvpn-to-save-my-credentials/
+sections:
+    - windows
+    - troubleshooting
+sectionTitle: Windows
+layout: help-details
+weight: 10
+---
+# Windows - How do I configure OpenVPN to save my credentials?
+
+To configure the OpenVPN GUI to save your credentials:
+
+1.  Using Windows Explorer, navigate to the `C:\Program Files\OpenVPN\config` folder (or `C:\Program Files (x86)\OpenVPN\config` on 64 bit systems).
+
+2.  Using WordPad or a similar text editor, open the config file relating to the server you wish to save your IVPN account ID for (the filename should indicate the server location).
+
+3.  Locate the line containing `auth-user-pass` and change it to:
+
+    ```
+    auth-user-pass pass.txt
+    ```
+
+4.  Create a new text file with the name `pass.txt` and insert your IVPN Account ID (either 'ivpnXXXXXXXX' or `i-XXXX-XXXX-XXXX`) on the first line and a non-blank second line, then save,  e.g.:
+
+    ```
+    ivpnxxxxxx
+    ivpn
+    ```
+
+    <div markdown="1" class="notice notice--warning">
+    You may not be able to save files directly to the c:\program files\openvpn\config directory due to Windows security controls. In this case, simply copy the file to your desktop first, edit it and then copy it back to the same location.
+    </div>
+
+5.  Repeat step 3 for other config files you wish to save the Account ID for.
diff --git a/src/content/es/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-start-automatically.md b/src/content/es/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-start-automatically.md
new file mode 100644
index 000000000..00301a5ce
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-start-automatically.md
@@ -0,0 +1,40 @@
+---
+title: Windows - How do I configure OpenVPN to start automatically? - IVPN Help
+h1: Windows - How do I configure OpenVPN to start automatically?
+url: /knowledgebase/windows/windows-how-do-i-configure-openvpn-to-start-automatically/
+sections:
+    - windows
+    - troubleshooting
+sectionTitle: Windows
+layout: help-details
+weight: 40
+---
+# Windows - How do I configure OpenVPN to start automatically?
+
+<div markdown="1" class="notice notice--info">
+We recommend using the official IVPN software client which already includes this functionality. See the <a href="/apps-windows/">Windows App</a> page to download IVPN for your platform.
+</div>
+
+For this solution to work, you need to configure OpenVPN to store your IVPN Account ID (if you have not done so already). To do this please follow [these instructions](/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-save-my-password/).
+
+1.  Click on the Windows start button and type `Task Scheduler` and click on it.
+
+2.  On the menu bar click `Action` | `Create task`.
+
+3.  Give the task a name e.g. "Auto-start VPN".
+
+4.  Select `Run only when user is logged on`.
+
+5.  Select `Run with the highest privileges`.
+
+6.  Click on the `Triggers` tab and click `New`. Select `At log on` and click `OK` - You can choose for all users or a specific user. If you have any issues you may need to set the `Delay task` option in the advanced settings to 30 seconds or thereabout to enable the network adapter to initialize first.
+
+7.  Click on the `Actions` tab and click `New`. Enter the program and argument as below according to your installation. The path must be correct and you must specify the name of the config file you wish to connect to.
+
+    ```
+    Program: "C:\Program Files\OpenVPN\bin\OpenVPN-Control-Centre.exe" Argument: --config_dir "C:\Program Files (x86)\OpenVPN\config" --connect "iVPN - Singlehop - Netherlands.ovpn"
+    ```
+
+8.  Click on the `Conditions` tab and clear any boxes which are checked.
+
+9.  Click `OK`. The task should now be created and will connect to the named VPN connection every time the system starts up.
diff --git a/src/content/es/pages/knowledgebase/windows/windows-my-ip-address-doesnandsharp039t-change-when-connected-why.md b/src/content/es/pages/knowledgebase/windows/windows-my-ip-address-doesnandsharp039t-change-when-connected-why.md
new file mode 100644
index 000000000..5d16f73b3
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/windows/windows-my-ip-address-doesnandsharp039t-change-when-connected-why.md
@@ -0,0 +1,25 @@
+---
+title: Windows - My IP address doesn't change when connected, why? - IVPN Help
+h1: Windows - My IP address doesn't change when connected, why?
+url: /knowledgebase/windows/windows-my-ip-address-doesnandsharp039t-change-when-connected-why/
+sections:
+    - windows
+sectionTitle: Windows
+layout: help-details
+weight: 20
+---
+# Windows - My IP address doesn't change when connected, why?
+
+If geolocation websites such as [dnsleaktest.com](https://www.dnsleaktest.com/) are showing your personal IP instead of the IP of the VPN server then you have a serious privacy leak. Fortunately this is not possible with the IVPN client as it has a firewall that protects against these types of leaks. However if you are using the community edition of OpenVPN then read on.
+
+It really helps to have a basic understanding of the issue to resolve it. Your computer maintains a 'routing table' that lists the routes to particular network destinations. Most personal computers simply forward all outbound traffic to the Internet Service Provider (ISP) so the routing table is very simple. When the VPN client software connects to the VPN server it needs to update the routing table to override the existing entry which routes all traffic to the ISP. If the VPN client software is unable to update the routing table then even although there is an active connection to the VPN server (green shield), traffic will NOT be routed through it and you will see your own IP on geolocation websites. On Windows computers this is almost always due to insufficient permissions to update the routing table. This is the reason why the VPN client prompts you for administrative permission when you start it.
+
+### How can I fix it?
+
+1.  Check that when you start the OpenVPN application it prompts you with the message "Do you want to allow the following program from an unknown publisher to make changes to your computer?". You must answer YES to this prompt. If you do not see this prompt then you may have disabled UAC. Right click on the desktop OpenVPN icon and select `Properties`. Click on the `Compatibility` tab and select `Run this program as an administrator`.
+
+2.  To confirm that the routing table has not been updated click on `Start` and type `cmd.exe` and click on the icon for the command prompt. Type `route print` and hit enter. Under the heading "IPv4 Route Table" the top two entries should both have a network destination of '0.0.0.0' with one of them having a netmask of '128.0.0.0'. If you only have a single entry with a destination of '0.0.0.0' then the routing table has not been updated.
+
+3.  If you are using Windows 8.x there is an obscure bug that may cause the routes to not be correctly installed. To workaround this open the Network Adapter Applet (Control Panel\Network and Internet\Network Connections) before you start the VPN connection. This has to be done once after each reboot.
+
+4.  Proxy settings might be interfering.  To reset Windows 10 proxy settings, click the Start button, type *proxy*, click to open the `Proxy settings` app, toggle the `Use a proxy server` to *off* under `Manual proxy setup`.  Reset web browser proxy settings in [Mozilla Firefox](https://support.mozilla.org/en-US/kb/connection-settings-firefox) by choosing `No Proxy` or `Use system proxy settings`. 
diff --git a/src/content/es/pages/knowledgebase/windows/windows-warning-route-gateway-is-not-reachable.md b/src/content/es/pages/knowledgebase/windows/windows-warning-route-gateway-is-not-reachable.md
new file mode 100644
index 000000000..3f4ec0fee
--- /dev/null
+++ b/src/content/es/pages/knowledgebase/windows/windows-warning-route-gateway-is-not-reachable.md
@@ -0,0 +1,41 @@
+---
+title: Windows - "Warning, route gateway is not reachable" - IVPN Help
+h1: Windows - "Warning, route gateway is not reachable"
+url: /knowledgebase/windows/windows-warning-route-gateway-is-not-reachable/
+sections:
+    - windows
+sectionTitle: Windows
+layout: help-details
+weight: 50
+---
+# Windows - "Warning, route gateway is not reachable"
+
+This error is likely to be caused by corruption in the TCP stack on your system. To resolve this try the following:
+
+1.  Open command console - press `'Windows'` button-> type `cmd` -> right-click & hit `Run as Administrator`
+
+2.  Execute the following commands:
+
+    ```
+    netsh dump netsh
+    netsh winsock reset
+    netsh int ip reset
+    ipconfig /flushdns
+    exit
+    ```
+
+3.  Reboot your PC and try to connect once again.
+
+If the problem persists try adding a few configuration changes to the IVPN client:
+
+1.  In the IVPN app navigate to `'Settings'` -> `'OpenVPN'` tab.
+
+2.  Add the following configuration:
+
+    ```
+    route-delay 5
+    route-method exe
+    ip-win32 netsh
+    ```
+
+3.  Apply the changes and reconnect.
diff --git a/src/content/es/pages/legal-process-guidelines.md b/src/content/es/pages/legal-process-guidelines.md
new file mode 100644
index 000000000..7c1f13633
--- /dev/null
+++ b/src/content/es/pages/legal-process-guidelines.md
@@ -0,0 +1,53 @@
+---
+title: Law Enforcement Legal Process Guidelines
+url: /legal-process-guidelines/
+---
+# Law Enforcement Legal Process Guidelines
+
+### Introduction
+
+These guidelines are provided for use by government and law enforcement agencies within Gibraltar when seeking information from IVPN Limited (“IVPN”) about users of the IVPN service (“IVPN users”).
+
+These guidelines do not apply to requests made by government and law enforcement agencies outside Gibraltar. IVPN does not respond to requests from governments or law enforcement agencies outside of Gibraltar, all requests must originate from a government agency with jurisdiction in Gibraltar.
+
+IVPN has a centralized process for receiving, tracking, processing, and responding to legitimate legal requests from government and law enforcement from when they are received until when a response is provided. Our legal department reviews and evaluates all requests received, and requests which IVPN determines to have no valid legal basis or considers to be unclear, inappropriate or over-broad are challenged or rejected.
+
+The information contained within these Guidelines is devised to provide information to government and law enforcement agencies within Gibraltar regarding the legal process that IVPN requires in order to disclose electronic information to government and law enforcement agencies within Gibraltar. These Guidelines are not intended to provide legal advice.
+
+Nothing within these Guidelines is meant to create any enforceable rights against IVPN and IVPN’s policies may be updated or changed in the future without further notice to government or law enforcement.
+
+### About IVPN
+
+IVPN provides a VPN service “IVPN” for consumers and small teams to improve their security and privacy whilst using the Internet. We develop the client software required to connect securely to our servers and manage a large network of servers through which IVPN users traffic is routed.
+
+User information is held by IVPN in accordance with the IVPN privacy policy and the applicable terms of service. IVPN is committed to maintaining the privacy of the IVPN users of the IVPN service. Accordingly, information about IVPN users will not be released without valid legal process.
+
+### Legal process
+
+IVPN accepts service of subpoenas, search warrants, and court orders by email from government and law enforcement agencies, provided these are transmitted from the official email address of the government or law enforcement agency concerned. Government and law enforcement personnel submitting a legal request to IVPN should transmit it directly from their official government or law enforcement email address to [legal@ivpn.net](mailto:legal@ivpn.net). This mailbox is intended solely for use by government and law enforcement personnel.
+
+When government or law enforcement has served legal process on IVPN by email, a duplicate hard copy must be personally served at the IVPN headquarters at:
+
+**IVPN Limited, 5 Secretary’s lane, GX11 1AA, Gibraltar.**
+
+Where possible, IVPN will notify IVPN users when their IVPN account information is being sought in response to legal process from government, law enforcement, or third parties, except where providing notice is explicitly prohibited by the legal process itself, by a court order IVPN receives.
+
+### Information available from IVPN
+
+#### Customer records
+
+IVPN has no need to collect or store personal personally identifiable information relating to our customers and therefor no personally identifiable information is requested, collected or stored when a customer signs up for our service. Each customer is assigned a randomly generated identifier which they use to authenticate themselves to our service.
+
+If a payment method is chosen that requires an external payment processor and that payment processor requires that IVPN store a link to the transaction in our system then that identifier together with the payment processor is stored with the randomly generated user account ID.
+
+### Information not available from IVPN
+
+#### Connection logs
+
+IVPN does not store any logs relating to the connections of IVPN users to the VPN network i.e. timestamped records of when a particular user connected and disconnected to any server in the IVPN network. If provided with a timestamp IVPN are therefor not able to determine who was connected to any server at that time.
+
+#### Activity logs
+
+IVPN do not store logs relating to the activity of IVPN users when connected to the IVPN service i.e. timestamped records of what Internet servers or websites the IVPN user was connected to. Therefor if provided with a timestamp IVPN are not able to retrieve any Internet activity relating to any time period or user account.
+
+If you have further questions, please contact [legal@ivpn.net](mailto:legal@ivpn.net).
diff --git a/src/content/es/pages/light.md b/src/content/es/pages/light.md
new file mode 100644
index 000000000..51d90fb0b
--- /dev/null
+++ b/src/content/es/pages/light.md
@@ -0,0 +1,6 @@
+---
+title: IVPN Light - Quick VPN Access paid with BTC Lightning
+description: Set up a VPN tunnel in 60 seconds with exit nodes in 35 countries. Priced in sats, paid with Lightning, account not required.
+url: /light/
+layout: application
+---
diff --git a/src/content/es/pages/manifesto.md b/src/content/es/pages/manifesto.md
new file mode 100644
index 000000000..b960aad23
--- /dev/null
+++ b/src/content/es/pages/manifesto.md
@@ -0,0 +1,38 @@
+---
+title: Manifesto
+url: /manifesto/
+---
+# Resist Online Surveillance
+
+The 21st century has been profoundly shaped by the silent infrastructure of the surveillance economy, which sweeps up every last crumb of data our daily lives leave behind. These data points are collected and pieced together to create individual profiles of us. Profiles that can be leased to advertisers hungry for our attention, shared with governments for investigative purposes, and sold on to shady data brokers.
+
+Our digital products and services have stopped working for us. Instead, we’re unwittingly working for them. We’re ranked, rated, profiled – programmed to act in ways we otherwise wouldn’t.
+
+Forget having nothing to hide. The internet activity of every human being has become a hot commodity. Our data is being churned into an industry that’s worth more than oil. And it’s being used against us. To capture our attention, our money, and our votes. To predict what we’ll do next, and to influence our behavior.
+
+If information is power, and we’ve lost control of our information, what are we left with?
+
+---
+
+The internet once seemed like an endless horizon of possibility. A place for connection, for serendipity, for experimentation. A space not beholden to profit.
+
+Today’s internet looks very different – having been captured by the market forces of the surveillance economy, whose fuel is every detail of our personal lives. Though companies claim the purpose of data collection is to improve their services, so we shrug it off as a compromise for convenience, and hope that the law will take care of it.
+
+Yet governments around the world have been slow to regulate. And many have implemented their own mass surveillance programs in the name of national security – listening in on communications, coercing companies to open their data troves, automating policing and court processes, implementing social credit systems, and rolling out facial recognition programs. In the process, they have turned law-abiding citizens into suspects without cause.
+
+The loss of control over our data has been a slippery slope of decline. Much of it has happened without our knowledge or consent – but it’s become our problem, both individually and collectively.
+
+What we’re losing is nothing less than our individual autonomy. Open democratic societies require vigorous debate and the free exchange of ideas. Constant monitoring robs us of the ability to selectively reveal ourselves to the world. It pushes us towards conformism instead of respecting individuality and difference. Knowing that our words and actions are being permanently recorded makes us less likely to think critically, speak up for what we believe in, experiment with new ideas and to flourish as human beings.
+
+Maybe we haven’t yet been personally targeted, hacked, or discriminated against. But in this volatile climate, where everything can change in the click of a refresh button, the rights we have today aren’t a given. And the more we take them for granted, the more it harms the billions of people around the world who are already vulnerable: Minorities and marginalised communities, journalists, activists, lawyers, dissenters, citizens of authoritarian regimes, democracy advocates.
+
+---
+
+We can’t choose to opt out of the global surveillance society we’ve become subject to. But it’s not going to fix itself either.
+
+What we can do is claim our agency. To equip ourselves with digital tools that allow us to regain a degree of control. To share strategies, spread the word, and take a stand. To let governments and tech companies know that privacy is not an inevitable sacrifice for progress. Not a trade-off for national security. Not a last-century value. And certainly not dead.
+
+Around the world, a growing movement of individuals and organizations is coming together to counter the status quo. To assert their rights, and to speak up for those who can’t. To resist the relentless data economy. To hold accountable those who abuse their power. And to keep fighting: For a human-centred internet, for the thriving of democracy, and for a future free from surveillance.
+
+<h4 class="eof">Join us</h4>
+<br>
diff --git a/src/content/es/pages/openvpn-configuration.md b/src/content/es/pages/openvpn-configuration.md
new file mode 100644
index 000000000..0e5d62b16
--- /dev/null
+++ b/src/content/es/pages/openvpn-configuration.md
@@ -0,0 +1,5 @@
+---
+title: OpenVPN Configuration
+url: /openvpn-config/
+layout: openvpn-config
+---
diff --git a/src/content/es/pages/pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard.md b/src/content/es/pages/pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard.md
new file mode 100644
index 000000000..d9cd9bbf6
--- /dev/null
+++ b/src/content/es/pages/pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard.md
@@ -0,0 +1,384 @@
+---
+title: PPTP vs IPSec IKEv2 vs OpenVPN vs WireGuard
+description: Compare PPTP, IPSec IKEv2, OpenVPN and WireGuard to determine which VPN protocol offers the best combination of security, speed and ease of use for your needs.
+url: /pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard/
+layout: full-width
+---
+# Comparison of VPN protocols
+
+{{< raw-html >}}
+<div class="content--hidden-mobile">
+{{< / raw-html >}}
+
+<div class="navbar" id="navbar">
+    <div id="sticky">
+        <h3>PPTP</h3>
+        <h3>IPSec IKEv2</h3>
+        <h3>OpenVPN</h3>
+        <h3>WireGuard</h3>
+    </div>
+</div>
+
+{{< raw-html >}}
+<table class="table--fixed">
+    <tr>
+        <th colspan="4">
+            <h3>Intro</h3>
+        </th>
+    </tr>
+    <tr>
+        <td>A very basic VPN protocol based on PPP. The PPTP specification does not actually describe encryption or authentication features and relies on the PPP protocol being tunneled to implement security functionality.</td>
+        <td>IKEv2 (Internet key exchange version 2) is part of the IPSec protocol suite. Standardized in <a href="https://tools.ietf.org/html/rfc7296">RFC 7296</a>. IPSec has become the defacto standard protocol for secure Internet communications, providing confidentiality, authentication and integrity.</td>
+        <td>Open-source VPN protocol developed by OpenVPN technologies. Very popular however not based on standards (RFC). Uses a custom security protocol and <a href="https://en.wikipedia.org/wiki/Transport_Layer_Security">SSL/TLS</a> for key exchange. Provides full confidentiality, authentication and integrity.</td>
+        <td><a href="https://www.wireguard.com/">WireGuard®</a> is an extremely fast VPN protocol with very little overhead and state-of-the-art cryptography. It has the potential to offer a simpler, more secure, more efficient, and easier to use VPN over existing technologies.</td>
+    </tr>
+</table>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<table class="table--fixed">
+    <tr>
+        <th colspan="4">
+            <h3>Encryption</h3>
+        </th>
+    </tr>
+    <tr>
+        <td>The PPP payload is encrypted using Microsoft's Point-to-Point Encryption protocol (<a href="http://en.wikipedia.org/wiki/Microsoft_Point-to-Point_Encryption">MPPE</a>). MPPE implements the RSA <a href="http://en.wikipedia.org/wiki/RC4">RC4</a> encryption algorithm with a maximum of 128 bit session keys.</td>
+        <td>IKEv2 implements a large number of <a href="https://wiki.strongswan.org/projects/strongswan/wiki/IKEv2CipherSuites">cryptographic algorithms</a> including 3DES, AES, Blowfish, Camellia. IVPN implements IKEv2 using AES with 256 bit keys.</td>
+        <td>OpenVPN uses the <a href="http://en.wikipedia.org/wiki/OpenSSL">OpenSSL</a> library to provide encryption. OpenSSL implements a large number of <a href="https://en.wikipedia.org/wiki/OpenSSL#Algorithms">cryptographic algorithms</a> such as 3DES, AES, RC5, Blowfish.<br> As with IKEv2, IVPN implements AES with 256 bit keys.</td>
+        <td>Built atop ChaCha20 for symmetric encryption (<a href="https://tools.ietf.org/html/rfc7539">RFC7539</a>), Curve25519 for Elliptic-curve Diffie–Hellman (ECDH) anonymous key agreement, BLAKE2s for hashing (<a href="https://tools.ietf.org/html/rfc7693">RFC7693</a>), SipHash24 for hashtable keys, and HKDF for key derivation (<a href="https://tools.ietf.org/html/rfc5869">RFC5869</a>). Makes use of a UDP-based handshake and the key exchange uses perfect forward secrecy while avoiding both key-compromise impersonation and replay attacks.</td>
+    </tr>
+</table>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<table class="table--fixed">
+    <tr>
+        <th colspan="4">
+            <h3>Security weaknesses</h3>
+        </th>
+    </tr>
+    <tr>
+        <td>The Microsoft implementation of PPTP has <a href="http://www.schneier.com/paper-pptpv2.html">serious security vulnerabilities</a>. MSCHAP-v2 is vulnerable to dictionary attack and the RC4 algorithm is subject to a bit-flipping attack. Microsoft strongly recommends upgrading to IPSec where confidentiality is a concern.</td>
+        <td>IPSec has no known major vulnerabilities and is generally considered secure when implemented using a secure encryption algorithm and certificates for authentication. However <a href="https://github.com/nsa-observer/documents/blob/master/files/pdf/media-35529.pdf">Leaked NSA presentations</a> indicate that IKE could be exploited in an unknown manner to decrypt IPSec traffic.</td>
+        <td>OpenVPN has no known major vulnerabilities and is generally considered secure when implemented using a secure encryption algorithm and certificates for authentication.</td>
+        <td>WireGuard® has no known major vulnerabilities. It is relatively new and has not seen the thorough vetting of OpenVPN, though the code-base is extremely small, so full audits are possible by individuals and not just large organizations. WireGuard® is in-tree with Linux Kernel 5.6 and has been reviewed by a 3rd party auditor.</td>
+    </tr>
+</table>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<table class="table--fixed">
+    <tr>
+        <th colspan="4">
+            <h3>Speed</h3>
+        </th>
+    </tr>
+    <tr>
+        <td>With RC4 and 128 bit keys, the encryption overhead is least of all protocols making PPTP the fastest.</td>
+        <td>IPSec with IKEv2 should in theory be the faster than OpenVPN due to user-mode encryption in OpenVPN however it depends on many variables specific to the connection. In most cases it is faster than OpenVPN.</td>
+        <td>When used in its default UDP mode on a reliable network OpenVPN performs similarly to IKEv2.</td>
+        <td>WireGuard® benefits from extremely high-speed cryptographic primitives and deep integration with underlying operating system kernel, so speeds are very high with low overhead. Most customers report higher speeds than OpenVPN.</td>
+    </tr>
+</table>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<table class="table--fixed">
+    <tr>
+        <th colspan="4">
+            <h3>Firewall ports</h3>
+        </th>
+    </tr>
+    <tr>
+        <td>PPTP uses TCP port 1723 and GRE (Protocol 47). PPTP can be easily blocked by restricting the GRE protocol.</td>
+        <td>IKEv2 uses UDP 500 for the initial key exchange, protocol 50 for the IPSEC encrypted data (ESP) and UDP 4500 for NAT traversal.<br> IKEv2 is easier to block than OpenVPN due to its reliance on fixed protocols and ports.</td>
+        <td>OpenVPN can be easily configured to run on any port using either UDP or TCP thereby easily bypassing restrictive firewalls.</td>
+        <td>WireGuard® uses the UDP protocol and can be configured to use any port. May succumb to traffic shaping more easily than OpenVPN due to lack of support for TCP.</td>
+    </tr>
+</table>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<table class="table--fixed">
+    <tr>
+        <th colspan="4">
+            <h3>Setup / Configuration</h3>
+        </th>
+    </tr>
+    <tr>
+        <td>All versions of Windows and most other operating systems (including mobile) have native support for PPTP. PPTP only requires a username, password and server address making it incredibly simple to setup and configure.</td>
+        <td>Windows 7+, macOS 10.11+ and most mobile operating systems have native support for IPSec with IKEv2.</td>
+        <td>OpenVPN is not included in any operating system release and requires the installation of client software. Installation typically takes less than 5 minutes.</td>
+        <td>WireGuard® is in-tree with Linux Kernel 5.6. Other non-linux operating systems require the installation of a WireGuard® client app. Installation typically takes less than 5 minutes.</td>
+    </tr>
+</table>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<table class="table--fixed">
+    <tr>
+        <th colspan="4">
+            <h3>Stability / Compatibility</h3>
+        </th>
+    </tr>
+    <tr>
+        <td>PPTP is not as reliable, nor does it recover as quickly as OpenVPN over unstable network connections. Minor compatibility issues with the GRE protocol and some routers.</td>
+        <td>IPSec is more complex than OpenVPN and can require additional configuration between devices behind NAT routers. However as long as both the server and client support NAT traversal there shouldn't be any issues.</td>
+        <td>Very stable and fast over wireless, cellular and other non reliable networks where packet loss and congestion is common. OpenVPN has a TCP mode for highly unreliable connections but this mode sacrifices significant performance due to the inefficiency of encapsulating TCP within TCP.</td>
+        <td>Extremely stable and robust. More stable than OpenVPN when roaming across networks. Uses an initial endpoint for connections and can switch servers while maintaining the connection. Client can also change networks without dropping the connection.</td>
+    </tr>
+</table>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<table class="table--fixed">
+    <tr>
+        <th colspan="4">
+            <h3>Supported platforms</h3>
+        </th>
+    </tr>
+    <tr>
+        <td>
+            <a href="/apps-windows/">Windows</a><br>
+            <a href="/apps-macos/">macOS</a><br>
+            <a href="/apps-linux/">Linux</a><br>
+            <a href="/apps-ios/">Apple iOS</a><br>
+            <a href="/apps-android/">Android</a><br>
+            <a href="/setup/router/">DD-WRT</a>
+        </td>
+        <td>
+            <a href="/apps-windows/">Windows</a><br>
+            <a href="/apps-macos/">macOS</a><br>
+            <a href="/apps-linux/">Linux</a><br>
+            <a href="/apps-ios/">Apple iOS</a><br>
+            <a href="/apps-android/">Android</a>
+        </td>
+        <td>
+            <a href="/apps-windows/">Windows</a><br>
+            <a href="/apps-macos/">macOS</a><br>
+            <a href="/apps-linux/">Linux</a><br>
+            <a href="/apps-ios/">Apple iOS</a><br>
+            <a href="/apps-android/">Android</a><br>
+            <a href="/setup/router/">DD-WRT (with the correct build)</a>
+        </td>
+        <td>
+            <a href="/apps-windows/">Windows</a><br>
+            <a href="/apps-macos/">macOS</a><br>
+            <a href="/apps-linux/">Linux</a><br>
+            <a href="/apps-ios/">Apple iOS</a><br>
+            <a href="/apps-android/">Android</a>
+        </td>
+    </tr>
+</table>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<table class="table--fixed">
+    <tr>
+        <th colspan="4">
+            <h3>Verdict</h3>
+        </th>
+    </tr>
+    <tr>
+        <td><img src="/images-static/uploads/icon-dislike.svg"></td>
+        <td><img src="/images-static/uploads/icon-like.svg"></td>
+        <td><img src="/images-static/uploads/icon-like.svg"></td>
+        <td><img src="/images-static/uploads/icon-like.svg"></td>
+    </tr>
+    <tr>
+        <td>Due to the major security flaws, there is no good reason to choose PPTP other than device compatibility. If you have a device on which only PPTP is supported then you should consider how to encrypt data at other layers e.g. HTTPS.</td>
+        <td>IKEv2 is an excellent choice, it is extremely fast, secure and reliable. In addition unlike OpenVPN it requires no additional software to be installed (in most cases) and is therefor the quickest to configure. If you have a threat model that includes sophisticated adversaries then you may want to consider OpenVPN due to the leaked NSA presentations discussed above.</td>
+        <td>OpenVPN is an excellent choice for all platforms. It is extremely fast, secure and reliable.</td>
+        <td>WireGuard® is an excellent choice and may be the best protocol for high speeds. WireGuard® promises better security and faster speeds compared to existing solutions. Since its merge into Linux Kernel (v5.6) and the release of v1.0, we consider WireGuard® to be ready for wide-scale use.</td>
+    </tr>
+</table>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+</div>
+{{< / raw-html >}}
+
+
+{{< raw-html >}}
+<div class="content--hidden-desktop">
+{{< / raw-html >}}
+
+## PPTP
+
+### Intro
+
+A very basic VPN protocol based on PPP. The PPTP specification does not actually describe encryption or authentication features and relies on the PPP protocol being tunneled to implement security functionality.
+
+### Encryption
+
+The PPP payload is encrypted using Microsoft's Point-to-Point Encryption protocol ([MPPE](http://en.wikipedia.org/wiki/Microsoft_Point-to-Point_Encryption)). MPPE implements the RSA <a href="http://en.wikipedia.org/wiki/RC4">RC4</a> encryption algorithm with a maximum of 128 bit session keys.
+
+### Security weaknesses
+
+The Microsoft implementation of PPTP has [serious security vulnerabilities](http://www.schneier.com/paper-pptpv2.html). MSCHAP-v2 is vulnerable to dictionary attack and the RC4 algorithm is subject to a bit-flipping attack. Microsoft strongly recommends upgrading to IPSec where confidentiality is a concern.
+
+### Speed
+
+With RC4 and 128 bit keys, the encryption overhead is least of all protocols making PPTP the fastest.
+
+### Firewall ports
+
+PPTP uses TCP port 1723 and GRE (Protocol 47). PPTP can be easily blocked by restricting the GRE protocol.
+
+### Setup / Configuration
+
+All versions of Windows and most other operating systems (including mobile) have native support for PPTP. PPTP only requires a username, password and server address making it incredibly simple to setup and configure.
+
+### Stability / Compatibility
+
+PPTP is not as realiable, nor does it recover as quickly as OpenVPN over unstable network connections. Minor compatibility issues with the GRE protocol and some routers.
+
+### Supported platforms
+
+[Windows](/apps-windows/)  
+[macOS](/apps-macos/)  
+[Linux](/apps-linux/)  
+[Apple iOS](/apps-ios/)  
+[Android](/apps-android/)  
+[DD-WRT](/setup/router/)  
+
+### Verdict ![](/images-static/uploads/icon-dislike.svg)
+
+Due to the major security flaws, there is no good reason to choose PPTP other than device compatibility. If you have a device on which only PPTP is supported then you should consider how to encrypt data at other layers e.g. HTTPS.
+
+
+## IPSec IKEv2
+
+### Intro
+
+IKEv2 (Internet key exchange version 2) is part of the IPSec protocol suite. Standardized in [RFC 7296](https://tools.ietf.org/html/rfc7296). IPSec has become the defacto standard protocol for secure Internet communications, providing confidentiality, authentication and integrity.
+
+### Encryption
+
+IKEv2 implements a large number of [cryptographic algorithms](https://wiki.strongswan.org/projects/strongswan/wiki/IKEv2CipherSuites) including 3DES, AES, Blowfish, Camellia. IVPN implements IKEv2 using AES with 256 bit keys.
+
+### Security weaknesses
+
+IPSec has no known major vulnerabilities and is generally considered secure when implemented using a secure encryption algorithm and certificates for authentication. However [Leaked NSA presentations](https://github.com/nsa-observer/documents/blob/master/files/pdf/media-35529.pdf) indicate that IKE could be exploited in an unknown manner to decrypt IPSec traffic.
+
+### Speed
+
+IPSec with IKEv2 should in theory be the faster than OpenVPN due to user-mode encryption in OpenVPN however it depends on many variables specific to the connection. In most cases it is faster than OpenVPN.
+
+### Firewall ports
+
+IKEv2 uses UDP 500 for the initial key exchange, protocol 50 for the IPSEC encrypted data (ESP) and UDP 4500 for NAT traversal.  
+IKEv2 is easier to block than OpenVPN due to its reliance on fixed protocols and ports.
+
+### Setup / Configuration
+
+Windows 7+, macOS 10.11+ and most mobile operating systems have native support for IPSec with IKEv2.
+
+### Stability / Compatibility
+
+IPSec is more complex than OpenVPN and can require additional configuration between devices behind NAT routers. However as long as both the server and client support NAT traversal there shouldn't be any issues.
+
+### Supported platforms
+
+[Windows](/apps-windows/)  
+[macOS](/apps-macos/)  
+[Linux](/apps-linux/)  
+[Apple iOS](/apps-ios/)  
+[Android](/apps-android/)  
+
+### Verdict ![](/images-static/uploads/icon-like.svg)
+
+IKEv2 is an excellent choice, it is extremely fast, secure and reliable. In addition unlike OpenVPN it requires no additional software to be installed (in most cases) and is therefor the quickest to configure. If you have a threat model that includes sophisticated adversaries then you may want to consider OpenVPN due to the leaked NSA presentations discussed above.
+
+
+## OpenVPN
+
+### Intro
+
+Open-source VPN protocol developed by OpenVPN technologies. Very popular however not based on standards (RFC). Uses a custom security protocol and [SSL/TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security) for key exchange. Provides full confidentiality, authentication and integrity.
+
+### Encryption
+
+OpenVPN uses the [OpenSSL](http://en.wikipedia.org/wiki/OpenSSL) library to provide encryption. OpenSSL implements a large number of [cryptographic algorithms](https://en.wikipedia.org/wiki/OpenSSL#Algorithms) such as 3DES, AES, RC5, Blowfish.  
+As with IKEv2, IVPN implements AES with 256 bit keys.
+
+### Security weaknesses
+
+OpenVPN has no known major vulnerabilities and is generally considered secure when implemented using a secure encryption algorithm and certificates for authentication.
+
+### Speed
+
+When used in its default UDP mode on a reliable network OpenVPN performs similarly to IKEv2.
+
+### Firewall ports
+
+OpenVPN can be easily configured to run on any port using either UDP or TCP thereby easily bypassing restrictive firewalls.
+
+### Setup / Configuration
+
+OpenVPN is not included in any operating system release and requires the installation of client software. Installation typically takes less than 5 minutes.
+
+### Stability / Compatibility
+
+Very stable and fast over wireless, cellular and other non reliable networks where packet loss and congestion is common. OpenVPN has a TCP mode for highly unreliable connections but this mode sacrifices significant performance due to the inefficiency of encapsulating TCP within TCP.
+
+### Supported platforms
+
+[Windows](/apps-windows/)  
+[macOS](/apps-macos/)  
+[Linux](/apps-linux/)  
+[Apple iOS](/apps-ios/)  
+[Android](/apps-android/)  
+[DD-WRT (with the correct build)](/setup/router/) 
+
+### Verdict ![](/images-static/uploads/icon-like.svg)
+
+OpenVPN is an excellent choice for all platforms. It is extremely fast, secure and reliable.
+
+
+## WireGuard
+
+### Intro
+
+[WireGuard®](https://www.wireguard.com/) is an extremely fast VPN protocol with very little overhead and state-of-the-art cryptography. It has the potential to offer a simpler, more secure, more efficient, and easier to use VPN over existing technologies.
+
+### Encryption
+
+Built atop ChaCha20 for symmetric encryption ([RFC7539](https://tools.ietf.org/html/rfc7539)), Curve25519 for Elliptic-curve Diffie–Hellman (ECDH) anonymous key agreement, BLAKE2s for hashing ([RFC7693](https://tools.ietf.org/html/rfc7693)), SipHash24 for hashtable keys, and HKDF for key derivation ([RFC5869](https://tools.ietf.org/html/rfc5869)). Makes use of a UDP-based handshake and the key exchange uses perfect forward secrecy while avoiding both key-compromise impersonation and replay attacks.
+
+### Security weaknesses
+
+WireGuard® has no known major vulnerabilities. It is relatively new and has not seen the thorough vetting of OpenVPN, though the code-base is extremely small, so full audits are possible by individuals and not just large organizations. WireGuard® is in-tree with Linux Kernel 5.6 and has been reviewed by a 3rd party auditor.
+
+### Speed
+
+WireGuard® benefits from extremely high-speed cryptographic primitives and deep integration with underlying operating system kernel, so speeds are very high with low overhead. Most customers report higher speeds than OpenVPN.
+
+### Firewall ports
+
+WireGuard® uses the UDP protocol and can be configured to use any port. May succumb to traffic shaping more easily than OpenVPN due to lack of support for TCP.
+
+### Setup / Configuration
+
+WireGuard® is in-tree with Linux Kernel 5.6. Other non-linux operating systems require the installation of a WireGuard® client app. Installation typically takes less than 5 minutes.
+
+### Stability / Compatibility
+
+Extremely stable and robust. More stable than OpenVPN when roaming across networks. Uses an initial endpoint for connections and can switch servers while maintaining the connection. Client can also change networks without dropping the connection.
+
+### Supported platforms
+
+[Windows](/apps-windows/)  
+[macOS](/apps-macos/)  
+[Linux](/apps-linux/)  
+[Apple iOS](/apps-ios/)  
+[Android](/apps-android/)  
+
+### Verdict ![](/images-static/uploads/icon-like.svg)
+
+WireGuard® is an excellent choice and may be the best protocol for high speeds. WireGuard® promises better security and faster speeds compared to existing solutions. Since its merge into Linux Kernel (v5.6) and the release of v1.0, we consider WireGuard® to be ready for wide-scale use.
+
+{{< raw-html >}}
+</div>
+{{< / raw-html >}}
diff --git a/src/content/es/pages/pricing-teams.md b/src/content/es/pages/pricing-teams.md
new file mode 100644
index 000000000..84be5b2d5
--- /dev/null
+++ b/src/content/es/pages/pricing-teams.md
@@ -0,0 +1,109 @@
+---
+title: IVPN business and nonprofit teams pricing
+description: We offer discounts for businesses and nonprofit organizations that need a trustworthy VPN for their teams.
+url: /pricing-teams/
+---
+# IVPN for teams
+
+IVPN is well suited for distributed team members to improve their privacy from unwanted data collection and data security on untrusted networks. We offer volume discounts, administrative tools and 2FA on demand. We cannot provide dedicated servers/IPs or facilitate access to corporate networks.
+
+IVPN Pro pricing for companies:
+
+<div class="price-box">
+<table>
+<thead>
+<tr>
+<th></th>
+<th>per user per month</th>
+<th>per user per year</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td>Up to 20 seats</td>
+<td>$9</td>
+<td>$90</td>
+</tr>
+<tr>
+<td>21 to 40 seats</td>
+<td>$8</td>
+<td>$80</td>
+</tr>
+<tr>
+<td>41 to 60 seats</td>
+<td>$7</td>
+<td>$70</td>
+</tr>
+<tr>
+<td>61 to 80 seats</td>
+<td>$6</td>
+<td>$60</td>
+</tr>
+<tr>
+<td>80 plus seats</td>
+<td>$5</td>
+<td>$50</td>
+</tr>
+</tbody>
+</table>
+</div>
+
+[Email us](mailto:team-support@ivpn.net) to purchase IVPN team accounts for your company.
+
+## IVPN for nonprofit organisations
+
+We offer steep discounts for nonprofit organizations that need a trustworthy VPN for their members.
+
+IVPN Pro Pricing for nonprofits:
+
+<div class="price-box">
+<table>
+<thead>
+<tr>
+<th></th>
+<th>per user per month</th>
+<th>per user per year</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td>5+ seats</td>
+<td>$3</td>
+<td>$30</td>
+</tr>
+</tbody>
+</table>
+</div>
+
+To qualify for this discount, your organisation must be a verified nonprofit.
+
+[Email us](mailto:team-support@ivpn.net) to purchase IVPN non-profit team accounts.
+
+## IVPN Pro team account benefits
+
+* Access on up to 7 devices per seat
+* Open-source applications for Android, iOS, macOS, Windows and Linux
+* Private DNS servers
+* Anti-tracker
+* Multi-hop
+* Killswitch/firewall and obfuscation methods where applicable
+
+## Payment options
+
+* Credit card
+* PayPal
+* Bitcoin
+* Monero
+* Wire transfer (50+ accounts)
+
+## Why trust IVPN?
+
+* Regularly audited no-logs VPN service
+* 10 year+ track record in serving customers
+* Clear privacy policy
+* Transparent ownership and team
+* Strong ethics: no trackers, no false promises, no surveillance ads
+
+Any questions remaining? [Contact us](mailto:team-support@ivpn.net).
+
+These offers are valid for businesses and organisations purchasing IVPN accounts for their team members. Reselling of IVPN accounts is prohibited as per our Terms of Service. 
diff --git a/src/content/es/pages/pricing.md b/src/content/es/pages/pricing.md
new file mode 100644
index 000000000..dd554a1eb
--- /dev/null
+++ b/src/content/es/pages/pricing.md
@@ -0,0 +1,6 @@
+---
+title: IVPN Pricing - VPN subscription with anonymous registration
+description: Generate an IVPN Standard or Pro account - no email address required. We accept credit cards, Paypal, Bitcoin or cash payments. 30-day money-back guarantee.
+url: /pricing/
+layout: application
+---
diff --git a/src/content/es/pages/privacy-guides/18-questions-to-ask-your-vpn-service-provider.md b/src/content/es/pages/privacy-guides/18-questions-to-ask-your-vpn-service-provider.md
new file mode 100644
index 000000000..dbe9d85b2
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/18-questions-to-ask-your-vpn-service-provider.md
@@ -0,0 +1,162 @@
+---
+title: 18 Questions to ask your VPN Service provider
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/18-questions-to-ask-your-vpn-service-provider/
+section: Basic
+weight: 10
+articles: [
+  {
+    title: "Will a VPN Protect Me? Defining Your Threat Model",
+    url: "/privacy-guides/will-a-vpn-protect-me/"
+  },
+  {
+    title: "An Introduction to Privacy & Anonymity",
+    url: "privacy-guides/an-introduction-to-privacy-anonymity/"
+  },
+]
+date: 2021-10-26T10:46:16+00:00
+layout: guides-details
+---
+### Introduction
+
+Choosing a VPN service can be a nerve–wracking ordeal. You've probably read about the Snowden leaks and NSA related revelations about mass surveillance. You probably don't trust your ISP to protect your privacy (and as the [FTC concluded in 2021](https://www.ftc.gov/system/files/documents/reports/look-what-isps-know-about-you-examining-privacy-practices-six-major-internet-service-providers/p195402_isp_6b_staff_report.pdf), you really shouldn't). Perhaps you don't trust your government. You may even distrust all governments and corporations.
+
+Indeed, you may not trust this guide, and think that it's just an advertorial. While that's an understandable concern, I invite you to read on, and judge for yourself. I also invite you to read this in the context of my other writings about VPNs, Tor and such, primarily on [Wilders Security Forums][1] and [Tor.StackExchange][2].
+
+If you're especially concerned about privacy, you may want to obscure your research about VPN providers. Although many people use VPN services, extensive research might flag you as someone with something important to hide. You can mitigate that risk by using a free VPN service at this step (such as [Calyx VPN](https://calyxinstitute.org/projects/digital-services/vpn)) and free webmail (such as [mailbox.org](https://mailbox.org) or [RiseUP](https://riseup.net)). For even better privacy, you can add the [Tor Browser Bundle][3] to tunnel Tor through CalyxVPN, and connect through the hidden service access when offered, like [Mailbox.org][29] or [RiseUP][5] do.
+
+Relatively little reliable and trustworthy information about VPN services is available online. It's generally best to ignore 'best VPN' and 'VPN review' sites. Most of them feature paid reviews, and some are protection rackets, featuring bad reviews for VPN services that refuse to buy favorable reviews. Even the honest ones are typically just popularity contests, dominated by clueless torrent users and wannabe 'hackers'. If you ever need to get information from a dedicated VPN review source look for those that don't use affiliate parameters on outgoing links (or even better, remove referer information).
+
+
+### TorrentFreak's Surveys
+
+TorrentFreak's VPN surveys are notable exceptions to the norm. In late 2011, it became clear that Luzlsec member 'Recursion' had been identified and arrested based on connection logs that the VPN service HideMyAss provided to the FBI. TorrentFreak responded by publishing ['Which VPN Service Providers Really Take Anonymity Seriously?'][5] (now rephrased as "Which VPN Providers Really Take Privacy Seriously?"). This Q&A has been updated yearly since the original version, now supplying unedited answers to 12 privacy-related questions.
+
+These are the following (as of [2023][6]):
+
+1. Do you keep (or share with third parties) ANY data that would allow you to match an IP-address and a timestamp to a current or former user of your service? If so, exactly what information do you hold/share and for how long?
+2. What is the name under which your company is incorporated (+ parent companies, if applicable) and under which jurisdiction does your company operate?
+3. What tools are used to monitor and mitigate abuse of your service, including limits on concurrent connections if these are enforced?
+4. Do you use any external email providers (e.g. Google Apps), analytics, or support tools ( e.g Live support, Zendesk) that hold information provided by users?
+5. In the event you receive a DMCA takedown notice or a non-US equivalent, how are these handled?
+6. What steps would be taken in the event a court orders your company to identify an active or former user of your service? How would your company respond to a court order that requires you to log activity for a user going forward? Have these scenarios ever played out in the past?
+7. Is BitTorrent and other file-sharing traffic allowed on all servers? If not, why? Do you provide port forwarding services? Are any ports blocked?
+8. Which payment systems/providers do you use? Do you take any measures to ensure that payment details can’t be linked to account usage or IP-assignments?
+9. What is the most secure VPN connection and encryption algorithm you would recommend to your users?
+10. Do you provide tools such as “kill switches” if a connection drops and DNS/IPv6 leak protection? Do you support Dual Stack IPv4/IPv6 functionality?
+11. Are any of your VPN servers hosted by third parties? If so, what measures do you take to prevent those partners from snooping on any inbound and/or outbound traffic? Do you use your own DNS servers?
+12. In which countries are your servers physically located? Do you offer virtual locations?
+
+Introducing their results, they note:
+
+> Choosing the right VPN can be a tricky endeavor. There are hundreds of VPN services out there, all promising to keep you private but some are more private than others. To help you pick the best one for your needs, we asked dozens of VPNs to detail their logging practices, how they handle torrent users, and what else they do to keep you as anonymous as possible.
+
+This is arguably a fairly comprehensive starting list. TorrentFreak staff seem dedicated and knowledgeable, and their earlier surveys attracted the attention of many providers that had been omitted. But there are two key limitations. First, more obscure and low-key privacy-friendly VPN services don't appear on the TorrentFreak lists (e.g. cryptostorm). Some providers don't cater to BitTorrent users and have no motivation to appear on this list. Second, TorrentFreak is, for the most part, merely summarizing VPN providers' responses, and has not verified any of their claims. Comments in both reviews are also worth reading, by the way, but can't always be taken seriously.
+
+Even so, revelations about three providers – EarthVPN.com, Proxy.sh and PureVPN – demonstrate the risk of relying on providers' privacy claims. In early 2013, an EarthVPN customer was reportedly arrested based on logs kept by its hosting provider in the Netherlands. EarthVPN denied responsibility, maintaining that they 'do not keep logs', and said that they no longer use that provider. Although the actual dialog between EarthVPN and its customer ([here](https://web.archive.org/web/20130626030500/http://lowendtalk.com/discussion/11348/problems-with-my-life-situation/) (in comments) and [here](https://web.archive.org/web/20130731123057/http://lowendtalk.com/discussion/11348/problems-with-my-life-situation/p2)), the pages aren't accessible anymore but they were archived by the [Wayback Machine](https://wayback.archive.org), there are quotes and discussion in the [AirVPN](https://airvpn.org/topic/9958-importance-of-partition-of-trust-for-critical-data-exchanges/) forums.  Also, keep in mind that ISPs can log as easily as hosting providers can.
+
+In TorrentFreak's 2011 and 2013 surveys, Proxy.sh responded: 'No information whatsoever is being recorded or held in our facilities. Our services are run from RAM and all our system services come with state-of-the-art configuration that ensures nothing is left after usage.' However, in late September 2013, they installed [Wireshark](https://www.wireshark.org) on one of their US servers, and retained packet captures for several hours. This was reportedly a voluntary response to complaints about hacking and harassment by one of their customers. For more specifics, see these TorrentFreak articles ([here](https://torrentfreak.com/proxy-sh-vpn-provider-monitored-traffic-to-catch-hacker-130930/) and [here](https://torrentfreak.com/vpns-is-it-ok-to-monitor-bad-users-on-ethical-grounds-131006/)). In TorrentFreak's 2014 survey, Proxy.sh answered as follows to the first question:
+
+> We do not keep any logs and we do not record any IP-address, headers or anything. In terms of time stamp, we only record those associated with support tickets creation and update (invoices and renewals are only recorded by date) for management purposes. The only personal information we do record is an email address and a payment type, that corresponds to either the word “Money” or “Bitcoin”. This is made clear in our privacy policy. Our system will also hold services credentials, namely the account password and network login/password pair. All this data can be permanently removed at any time on customer’s request. All other data and information involved in our operations (connections, traffic, etc.) is neither monitored nor recorded.
+
+A more recent example of VPN provider caught lying about keeping no logs came in 2017. As reported in [BleepingComputer](https://www.bleepingcomputer.com/news/security/cyberstalking-suspect-arrested-after-vpn-providers-shared-logs-with-the-fbi/) the FBI have arrested a cyberstalking suspect with the help of IP address logs obtained from PureVPN. PureVPN claimed (and still claims) they keep no logs about customer activities. 
+
+Conversely, these incidents also demonstrate that news spreads very quickly on the Internet. With all of that in mind, I recommend starting with VPN services that meet the following criteria:
+
+  1. It appears in TorrentFreak's survey (adding others to your shortlist that you think were improperly omitted).
+  2. It's not listed as logging in TorrentFreak's surveys.
+  3. It has been in business for at least three years.
+  4. An hour or so of Web searching reveals no evidence of privacy violations.
+
+Further positive signals you can look for:
+
+  5. Open source VPN applications.
+  6. Use of open source VPN protocols.
+  7. Publicly available audit results from independent, third-party auditors that investigate no-logs claims. Audits however, are constrained by their scope and provide only a temporary view, they are not persistent proofs about claims.
+
+Nowadays, all of the VPN services in TorrentFreak's survey deny keeping persistent logs. Assessing the plausibility of such claims in the context of pursuant data-retention requirements is a can of worms. Claims that there are no data-retention requirements in the US seem laughable in light of NSA documents released by Edward Snowden. The situation in Europe is complicated since the passing of [GDPR](https://en.wikipedia.org/wiki/General_Data_Protection_Regulation) and tensions between the 1995 Data Protection Directive and national legislations. The exact extent of NSA spying and EU collaboration with US operations is unknown and adds more uncertainty. For more about this issue generally, see [EFF's summary page][7].
+
+### Presales Questions
+
+In focusing your search, it's important to select VPN providers that support your specific privacy goals. I recommend carefully browsing providers' websites, and carefully reading their terms of service and privacy policy. Look for clear and unambiguous language, and be suspicious of legalese boilerplate.
+
+For example, if you plan to share copyrighted media via BitTorrent, it's obviously best to avoid providers that explicitly discourage such use. If the availability of numerous exit IP addresses is important, choose accordingly, but consider the tension between variety and security. It's arguably more likely that providers with numerous exits are using virtual private servers.
+
+In contacting providers with presales questions, start with basic questions, such as #1, #3, #5 and #7 from the TorrentFreak list. It's generally best to ask questions for which you have reliable and independent answers. However, at least initially, it's also best to ask without revealing what you've already learned.
+
+How prospective VPN providers answer your questions can be as informative as the answers they give. You want answers that are prompt, complete, clear and accurate. Vague or incorrect answers to technical questions imply dishonesty and/or incompetence. Delayed answers don't bode well for future customer support.
+
+Here are some additional questions that you might ask, followed by expected answers and explanations. For technical questions, the OpenVPN [manual][9] and [How-to][10], and WireGuard's [official page](https://www.wireguard.com) are useful resources.
+
+  1. [Is there a monthly bandwidth-usage limit?][11]
+  2. [Do you throttle connections that use excessive bandwidth?][12]
+  3. [How many concurrent connections are allowed per account?][13]
+  4. [How many hops are there in your VPN connections?][14]
+  5. [What type(s) of VPN encryption do you use? Why?][15]
+  6. [Do you support perfect forward secrecy? If so, how?][16]
+  7. [Do you provide users with Diffie Hellman key files?][17]
+  8. [How do you authenticate clients – certificates/keys, or usernames/passwords?][18]
+  9. [Do you employ HMAC-Based TLS Authentication? If so, why?][19]
+ 10. [Do you ever email usernames and passwords to customers?][20]
+ 11. [Does each customer have a unique client certificate and key?][21]
+ 12. [Are your VPN gateway servers hosted, co-located or in-house?][22]
+ 13. [Are any of your VPN gateway servers running on VPS or cloud servers?][23]
+ 14. [How are your VPN gateway servers protected?][24]
+ 15. [Where is user account information stored?][25]
+ 16. [How is communication between servers secured?][26]
+ 17. [Do you allow port forwarding by users?][27]
+ 18. [Are all client ports ever forwarded by default? If so, on which servers?][28]
+
+### Answers
+
+  1. {{< raw-html >}} {{< raw-html >}} <a name="q1"></a> {{< / raw-html >}}  {{< / raw-html >}} **Is there a monthly bandwidth-usage limit?** This restriction has become less common in recent years. Some providers use them for free tiers so prospective customers can sample their service before committing to a paid plan.  Usage limits for paid subscriptions are more common for VPN resellers, so it's probably best to avoid providers that impose them.
+  2. {{< raw-html >}} <a name="q2"></a> {{< / raw-html >}} **Do you throttle connections that use excessive bandwidth?** The best answer here depends on your goals. It's natural to want the fastest possible connections. However, if you have a very fast ISP link, you might be moving far more traffic than anyone else sharing your VPN exit. And that reduces your anonymity.
+  3. {{< raw-html >}} <a name="q3"></a> {{< / raw-html >}} **How many concurrent connections are allowed per account?** For VPN services with many exits, it's sometimes convenient to simultaneously work as multiple pseudonyms, each using its own exit. Also, you may want to simultaneously connect from multiple devices. However, this also facilitates account-sharing abuse, which may overload VPN servers and slow your connections.
+  4. {{< raw-html >}} <a name="q4"></a> {{< / raw-html >}} **How many hops are there in your VPN connections?** Most VPN services offer just one-hop connections. That is, you connect to a VPN gateway server, and your traffic exits to the Internet from the same server, or perhaps from another server on the same local network. With one-hop connections, it's easy for adversaries to log traffic entering and leaving the VPN server.
+  5. {{< raw-html >}} <a name="q5"></a> {{< / raw-html >}} **What type(s) of VPN encryption do you use? Why?** OpenVPN can operate in two distinct modes. One authenticates and encrypts using a shared static key. While that's very simple to set up, key compromise allows an adversary to decrypt all prior traffic. No reputable provider uses this. But if you receive just one key file from a provider, open it in a text editor, and look at the last line. If it includes 'CERTIFICATE', you're OK. But if it includes 'KEY', request a refund.The other OpenVPN mode uses SSL/TLS as a control channel, and encrypts the data channel with periodically changing static keys. If an adversary manages to compromise one of those data-channel keys, they can decrypt only that traffic, and not any past or future traffic. In other words, there is 'perfect forward secrecy'. By default, OpenVPN uses 1024-bit RSA for the certificates that authenticate SSL/TLS control-channel handshakes, and BF-CBC (128-bit) as the data-channel cipher. This is probably good enough in most cases, given perfect forward secrecy. However, it's arguable that providers using 2048-bit RSA and AES-256-CBC (256-bit) are generally more security conscious. 
+  Both BF-CBC and AES-256-CBC operate in Cipher Block Chaining (CBC) mode. If your provider uses something else (CFB, OFB, etc) they're either incompetent or have some very good reason. Ask them.\
+  New-kid-on-the-block VPN protocol WireGuard has seen a rapid adoption among VPN providers recently. The protocol was not designed with commercial VPN services and their privacy considerations in mind. Capable providers need to demonstrate they have solutions to the following problems: 1. Public IP address of peers are stored in memory (e.g. adding key management that deleted/reinstates configuration) 2. Tunnel IP address allocation/rotation (e.g. using backend calls generating new IP adresses that are distributed to all servers) 3. No perfect forward secrecy (e.g. use automatic key pair regeneration in regular time intervals).
+  6. {{< raw-html >}} <a name="q6"></a> {{< / raw-html >}} **Do you support perfect forward secrecy? If so, how?** Any provider using OpenVPN in SSL/TLS mode provides perfect forward secrecy. Additional hand waving beyond that should make you suspicious. As noted before, WireGuard implementation requires specific measures to support forward secrecy. 
+  7. {{< raw-html >}} <a name="q7"></a> {{< / raw-html >}} **Do you provide users with Diffie Hellman key files?** T his is a trick question. It's true that OpenVPN uses static Diffie Hellman key files in providing perfect forward secrecy. But that static Diffie Hellman key file ('dh1024.pem' or 'dh2048.pem') is needed only on the server. Any provider that supplies them to users is incompetent.
+  8. {{< raw-html >}} <a name="q8"></a> {{< / raw-html >}} **How do you authenticate clients – certificates/keys, or usernames/passwords?** In SSL/TLS mode, OpenVPN clients authenticate servers by checking whether a server has a certificate signed by the certificate authority certificate ('a.crt') that the provider has given them. OpenVPN supports two methods for servers to authenticate clients. One relies on certificates and keys (such as 'client.crt' and 'client.key'). The other relies on usernames and passwords (via auth-user-pass). Servers can use both, but that borders on overkill. For point-to-point connections, where full network access may be at stake, it's very important for servers to authenticate clients using certificates and keys. For VPN services, that's not an issue, because clients just get to see the Internet. Also, for VPN services, giving each client a unique certificate is a privacy risk.
+  9. {{< raw-html >}} <a name="q9"></a> {{< / raw-html >}} **Do you employ HMAC-Based TLS Authentication? If so, why?** With TLS authentication enabled (via tls-auth), servers ignore SSL/TLS handshake packets from clients that lack the correct HMAC signature. This feature protects VPN servers from DoS attacks, port scanning and other exploits. If implemented, providers may supply a key (typically 'ta.key') or one can be negotiated on the fly. This is partly a trick question. Any provider claiming that this is essential for perfect forward secrecy is either dishonest or incompetent.
+  10. {{< raw-html >}} <a name="q10"></a> {{< / raw-html >}} **Do you ever email usernames and passwords to customers?** This is a dangerous practice, but primarily for the provider. Adversaries that compromise usernames and passwords in transit can obtain free access, or even lock out paying users by changing passwords. There's also the risk that adversaries could implicate users in criminal activity.Even so, if you successfully change your password immediately after receipt, you're safe. If you can't login to change the password, complain and demand a new account. For providers that are otherwise attractive, I don't consider this a fatal error.
+  11. {{< raw-html >}} <a name="q11"></a> {{< / raw-html >}} **Does each customer have a unique client certificate and key?** This is another trick question. Privacy-friendly answers are using the same client certificate for all customers, or not providing one at all, and relying on username and password for authentication.It might seem like a good idea for each user to have their own certificate and key. And that's true in an enterprise context. But for VPN services it's very dangerous, because it potentially links user accounts to logged traffic. Some providers explain that they issue unique client certificates in order to facilitate nuking evil clients. However, it's just as easy to do that with usernames, and usernames are arguably more readily repudiated than certificates If this is a key issue for you, it's easy to test by purchasing two short-term subscriptions, paying with Bitcoins via Tor, and using temporary email addresses from [anonbox](https://anonbox.net/) etc.
+  12. {{< raw-html >}} <a name="q12"></a> {{< / raw-html >}} **Are your VPN gateway servers hosted, co-located, or in-house?** This is partially a trick question. I would be very suspicious of any VPN provider claiming that its servers are managed in-house. You could ask how they cover the cost of maintaining facilities with high-speed uplinks in multiple countries. The best plausible answer is that they build their own servers, and ship them to co-location facilities. Give extra points for server hardening. Typical physical hardening measures include embedding RAM in silicone rubber or thermal adhesive, and disabling USB ports.The most likely acceptable answer is that they use hosted dedicated servers. Give extra points for server hardening, such as using full-disk encryption, and keeping short-term logs in RAM (tempfs).
+  13. {{< raw-html >}} <a name="q13"></a> {{< / raw-html >}} **Are any of your VPN gateway servers running on VPS or cloud servers?** Providers should never deploy VPN gateway servers on virtual private servers (VPS) or cloud servers. Being virtual machines, they are fully controlled by the host operating system, and all activity and data is readily available through the host. Providers should always use dedicated servers that have been properly secured against unauthorized access.
+  14. {{< raw-html >}} <a name="q14"></a> {{< / raw-html >}} **How are your VPN gateway servers protected?** VPN services typically need servers playing three roles. There are gateway servers that establish VPN connections with clients, and also route client traffic to the Internet. For one-hop connections, one server may handle all of that. There are servers that host the service's website. And there are servers that manage user account information, and provide authentication services to gateway servers and web servers. All client traffic is routed through the gateway servers. Unless those servers are adequately secured, adversaries could compromise them, and so compromise users' privacy by logging their traffic. VPN gateway servers should be hardened according to industry standards such as the [CIS benchmarks][30] or the [NSA baseline guides][31].Most importantly, VPN gateway servers should not be running other network services, such as website hosting, or user accounting and authentication. Doing so substantially increases VPN gateway servers' attack service. You can verify what ports and services are accessible on a VPN gateway by using a port scanner such as nmap. However, keep in mind that many providers expose VPN servers on non-standard ports such as 80 (HTTP) and 443 (HTTPS) to evade firewall blocking.
+  15. {{< raw-html >}} <a name="q15"></a> {{< / raw-html >}} **Where is user account information stored?** Providers should ideally be storing this information on colocated or in-house servers that are suitably encrypted, hardened and protected against adversaries. Also, they should be segregating authentication data, which must be available to gateway servers, from accounting data, which may include users' private information, such as usage logs, email addresses and payment records.
+  16. {{< raw-html >}} <a name="q16"></a> {{< / raw-html >}} **How is communication between servers secured?** Well designed VPN services comprise networks of specialized servers with distinct roles that communicate securely with each other. For example, gateway servers must contact authentication servers to verify that users are authorized to connect. There are also backend provisioning systems that use rely on sales data from websites to create and update user accounts, and then update the authentication servers. Given the sensitivity of this data, and its value to adversaries, all communication among these servers must be securely encrypted. Most commonly, this relies on persistent OpenVPN or IPSec tunnels between servers.
+  17. {{< raw-html >}} <a name="q17"></a> {{< / raw-html >}} **Do you allow port forwarding by users?** When you are connected to a VPN service, the VPN gateway server protects your device from potentially hostile incoming connections in the same way that your LAN router or firewall does. However, allowing incoming connections on particular ports is essential for operating servers, or for participating in P2P networks where your node must be visible to other nodes. That process is called port forwarding. When port forwarding is enabled, your device is directly exposed to the Internet on the ports that have been forwarded, with no protection by the VPN service. An adversary may successfully exploit a vulnerability in a service that's listening on a forwarded port, and compromise your device. In addition to typical consequences such as botnet membership and data theft, an adversary may compromise your privacy and anonymity by 'phoning home' when when you're not using the VPN service.
+  18. {{< raw-html >}} <a name="q18"></a> {{< / raw-html >}} **Are all client ports ever forwarded by default? If so, on which servers?** Some VPN services forward all client ports by default. Some do so only on designated servers. For some services, it appears that port forwarding varies among servers with no pattern or documentation. Although it's possible to check for this using port scanning, it's complicated by the fact that many different clients using the same exit IP address may have the same ports forwarded.
+
+ [1]: https://www.wilderssecurity.com/
+ [2]: https://tor.stackexchange.com/
+ [3]: https://www.torproject.org/projects/torbrowser.html.en
+ [4]: http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/
+ [5]: https://torrentfreak.com/which-vpn-providers-really-take-anonymity-seriously-111007/
+ [6]: https://torrentfreak.com/best-vpn-anonymous-no-logging/
+ [7]: https://www.eff.org/issues/mandatory-data-retention/
+ [9]: https://openvpn.net/index.php/open-source/documentation/manuals/65-openvpn-20x-manpage.html
+ [10]: https://openvpn.net/index.php/open-source/documentation/howto.html
+ [11]: #q1
+ [12]: #q2
+ [13]: #q3
+ [14]: #q4
+ [15]: #q5
+ [16]: #q6
+ [17]: #q7
+ [18]: #q8
+ [19]: #q9
+ [20]: #q10
+ [21]: #q11
+ [22]: #q12
+ [23]: #q13
+ [24]: #q14
+ [25]: #q15
+ [26]: #q16
+ [27]: #q17
+ [28]: #q18
+ [29]: http://xy5d2mmnh6zjnroce4yk7njlkyafi7tkrameybxu43rgsg5ywhnelmad.onion
+ [30]: https://benchmarks.cisecurity.org/en-us/?route=downloads.browse.category.benchmarks.os.linux.redhat
+ [31]: https://nsacyber.github.io/publications.html
diff --git a/src/content/es/pages/privacy-guides/_index.md b/src/content/es/pages/privacy-guides/_index.md
new file mode 100644
index 000000000..07731a6e7
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/_index.md
@@ -0,0 +1,6 @@
+---
+title: IVPN Privacy Guides
+url: /privacy-guides/
+layout: guides
+---
+# IVPN Privacy Guides
diff --git a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-1.md b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-1.md
new file mode 100644
index 000000000..a4280ea2e
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-1.md
@@ -0,0 +1,217 @@
+---
+title: Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 1
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/advanced-privacy-and-anonymity-part-1/
+section: Advanced
+weight: 10
+articles: [
+  {
+    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 2",
+    url: "/privacy-guides/advanced-privacy-and-anonymity-part-2/"
+  },
+  {
+    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 3",
+    url: "/privacy-guides/advanced-privacy-and-anonymity-part-3/"
+  },
+  {
+    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 4",
+    url: "/privacy-guides/advanced-privacy-and-anonymity-part-4/"
+  }
+]
+date: 2013-10-23T12:33:33+00:00
+layout: guides-details
+---
+## Introduction
+
+If you're here, you may be using (or considering) a VPN service to provide online privacy and anonymity, and perhaps to circumvent Internet censorship. This series of guides goes far beyond that. It explains how to obtain vastly greater freedom, privacy and anonymity through [compartmentalization][1] (aka [compartmentation][2]) and [isolation][3], by using multiple virtual machines (VMs) with Internet access through nested chains of VPNs and Tor.
+
+These are advanced guides, and the full setup will require at least a few days of focused work. Before choosing which aspects to implement, it's best to consider your [threat model][4]. Start by reading [An Introduction to Privacy & Anonymity](/privacy-guides/an-introduction-to-privacy-anonymity/) and [Applying Risk Management to Privacy][5]. What are you protecting? Who are you protecting it from? What might happen if you were compromised?
+
+> **Note:** I wrote this series in 2013, well over six years ago. Although I've updated stuff a few times since, it's been a while. I'll be doing a total rewrite soon, but that will take some time.
+> 
+> So for now, I just have a few comments. First, pfSense has changed considerably since my last update. The basic approach still works, and I still use it. But much of Part 6 needs revised. Second, privacy in meatspace is basically dead, given increasingly pervasive surveillance. So there's a lot in Part 7 to be revised. Using giftcards, mailing cash, etc are far more risky. Also, Electrum is now the best Bitcoin wallet in Linux. And I have updated recommendations for Bitcoin mixers.
+
+The key threats, and corresponding defenses, are:
+
+{{< raw-html >}}
+<table class="table--data">
+  <tr>
+    <th>
+      Threat
+    </th>
+    <th>
+      Defense
+    </th>
+  </tr>
+  <tr>
+    <td>
+      Tracking and profiling
+    </td>
+    <td>
+      Compartmentalize and isolate activity using multiple pseudonyms, workspace VMs, VPN services and Tor. Block WebGL to prevent VM graphics fingerprinting. Diversify VMs, choosing OS with different video drivers.
+    </td>
+  </tr>
+  <tr>
+    <td>
+      Leaks and exploits that circumvent VPNs or Tor
+    </td>
+    <td>
+      Compartmentalize and isolate workspace and networking in separate VMs.
+    </td>
+  </tr>
+  <tr>
+    <td>
+      VPN compromise via traffic analysis or provider collusion
+    </td>
+    <td>
+      Compartmentalize Internet access and distribute trust using nested chains of VPNs and Tor.
+    </td>
+  </tr>
+  <tr>
+    <td>
+      Heightened surveillance of Tor users
+    </td>
+    <td>
+      Connect to Tor network through VPN(s).
+    </td>
+  </tr>
+  <tr>
+    <td>
+      Heightened surveillance of VPN users
+    </td>
+    <td>
+      Connect to VPN server(s) via secure, private proxies (not yet included in these guides).
+    </td>
+  </tr>
+  <tr>
+    <td>
+      Unauthorized local access
+    </td>
+    <td>
+      Use full disk encryption (FDE) on host machines (and VMs).
+    </td>
+  </tr>
+  <tr>
+    <td>
+      Forensic detection of encrypted data
+    </td>
+    <td>
+      Use hidden VeraCrypt volumes for plausible deniability (not included in these guides).
+    </td>
+  </tr>
+</table>
+{{< / raw-html >}}
+
+For example, if you just want to circumvent Internet censorship and data retention by your ISP, you don't need more than a good VPN service (unless consequences of getting caught are serious). If you just want to circumvent commercial tracking and behavioral marketing, you don't need the full setup described here. However, if you want better privacy and anonymity than browser extensions can provide, you might consider a basic setup (covered in Part 2) to compartmentalize your activities using VMs and VPN services.
+
+Conversely, if you're a political dissident who might suffer serious consequences if compromised, using the full setup (covered in Parts 3-8) would be prudent. The approaches described there would probably protect against non-targeted surveillance by national-scale government agencies. For such agencies with limited resources, they might even protect against targeted surveillance.
+
+Although it appears that global-scale intelligence agencies intercept virtually all Internet traffic, the approaches described here _might_ protect against routine non-targeted surveillance, given the need to correlate traffic through multiple VPN tunnels and Tor. While there's no way to be sure of that, it's clear that nothing less would suffice.
+
+However, it's unlikely that even the full setup described here would protect against directed surveillance by global-scale intelligence agencies. That would require far more resources and expertise than most nations (let alone individuals) possess.
+
+### Using Tor
+
+As I write this, the Tor network is under extreme stress. Since August 20, [the number of Tor clients][6] has increased from about 0.5 million to over 4.0 million (as of November 2021, 2.0 million per day on average). Based on reports from [Fox-IT][7] and [TrendLabs][8], it appears that the approximately 3.5 million new Tor clients are part of a Mevade botnet. So far, these Mevade bots are not sending much traffic, and are stressing Tor primarily by querying its directory servers. 
+
+At this point, this has probably not reduced the level of anonymity that Tor can provide. It's just made Tor slower and less reliable. However, if more than a few thousand of these bots were to become relays, there would be cause for concern, because they could collude to deanonymize other Tor users. A paper by Tor researchers, [Johnson et al (2013) Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries][11] analyzes the network's vulnerability to potential adversaries. I recommend periodically checking [the Tor Project blog][12] for status updates, and also checking [Tor metrics][6] of client and relay counts.
+
+### Summary
+
+{{< raw-html >}}
+<table class="table--data">
+  <tr>
+    <th>
+      <a title="Part 2 - Basic Setup Using VMs, VPNs and Tor" href="/privacy-guides/advanced-privacy-and-anonymity-part-2/" target="_blank" rel="noopener noreferrer">Part 2 - Basic Setup Using VMs, VPNs and Tor</a>
+    </th>
+  </tr>
+  <tr>
+    <td>
+      This guide covers a basic setup to protect online privacy and anonymity. There are multiple workspace VMs to compartmentalize and isolate activity. Each VM has its own Internet connectivity, and firewall rules to prevent leaks. It uses simple nested chains of VPNs and Tor to mitigate risks of tracking and profiling, and to distribute trust among multiple providers. But it does not protect against exploits that circumvent VPNs, Tor and/or firewall rules by isolating workspace and networking in separate VMs. Using diverse OS for workspace VMs, with different video drivers, is crucial to prevent association through WebGL fingerprinting.
+    </td>
+  </tr>
+  <tr>
+    <th>
+      <a title="Part 3 - Planning Advanced VM and VPN Setup" href="/privacy-guides/advanced-privacy-and-anonymity-part-3/" target="_blank" rel="noopener noreferrer">Part 3 - Planning Advanced VM and VPN Setup</a>
+    </th>
+  </tr>
+  <tr>
+    <td>
+      This guide presents relevant considerations for planning an advanced setup to protect online privacy and anonymity. As in the basic setup, there are multiple workspace VMs to compartmentalize and isolate activity, and each VM has its own Internet connectivity. The nested chains of VPNs and Tor are more complex, to better mitigate risks of tracking and profiling, and to distribute trust among more providers. The setup isolates workspace and networking in separate VMs to defeat exploits that circumvent VPNs, Tor and/or firewall rules.
+    </td>
+  </tr>
+  <tr>
+    <th>
+      <a title="Part 4 - Setting Up Secure Host Machines" href="/privacy-guides/advanced-privacy-and-anonymity-part-4/" target="_blank" rel="noopener noreferrer">Part 4 - Setting Up Secure Host Machines</a>
+    </th>
+  </tr>
+  <tr>
+    <td>
+      This guide explains how to set up Linux host machines for securely running numerous VMs. Linux distributions are open-source and free, so there's less risk of <a href="https://en.wikipedia.org/wiki/Backdoor_%28computing%29">backdoors</a>, and no money trail to one's <a href="https://en.wikipedia.org/wiki/True_Names">true name</a>. With clean installations, there's little (if any) risk from prior compromise. <a href="https://en.wikipedia.org/wiki/RAID">RAID arrays</a> provide faster disk I/O, greater capacity and better reliability. Using full disk encryption (FDE) prevents forensic analysis, unless the host is accessed while in use.
+    </td>
+  </tr>
+  <tr>
+    <th>
+      <a title="Part 5 - Installing VirtualBox and Creating Linux VMs" href="/privacy-guides/advanced-privacy-and-anonymity-part-5/" target="_blank" rel="noopener noreferrer">Part 5 - Installing VirtualBox and Creating Linux VMs</a>
+    </th>
+  </tr>
+  <tr>
+    <td>
+      This guide covers installing VirtualBox, and creating Linux workstation VMs and read-only LiveCD VMs. Using diverse OS for workspace VMs, with different video drivers, is crucial to prevent association through WebGL fingerprinting.
+    </td>
+  </tr>
+  <tr>
+    <th>
+      <a title="Part 6 - Creating pfSense VMs as VPN Clients" href="/privacy-guides/advanced-privacy-and-anonymity-part-6/" target="_blank" rel="noopener noreferrer">Part 6 - Creating pfSense VMs as VPN Clients</a>
+    </th>
+  </tr>
+  <tr>
+    <td>
+      This guide covers creating pfSense router/firewall VMs, and configuring them as secure VPN clients, with routing and firewall rules to prevent leaks. It also explains how to test for leaks using Wireshark.
+    </td>
+  </tr>
+  <tr>
+    <th>
+      <a title="Part 7 - Paying Anonymously with Cash and Bitcoins" href="/privacy-guides/advanced-privacy-and-anonymity-part-7/" target="_blank" rel="noopener noreferrer">Part 7 - Paying Anonymously with Cash and Bitcoins</a>
+    </th>
+  </tr>
+  <tr>
+    <td>
+      This guide explains how to anonymously buy VPN services using cash by mail and anonymized Bitcoins. It also covers how to buy Bitcoins, and how to anonymize them using Multibit clients and mixing services, with all connections via Tor.
+    </td>
+  </tr>
+  <tr>
+    <th>
+      <a title="Part 8 - Creating Nested Chains of VPNs and Tor" href="/privacy-guides/advanced-privacy-and-anonymity-part-8/" target="_blank" rel="noopener noreferrer">Part 8 - Creating Nested Chains of VPNs and Tor</a>
+    </th>
+  </tr>
+  <tr>
+    <td>
+      This tutorial explains how to create arbitrarily complex nested chains of VPNs and Tor through virtual networking, with pfSense VPN-client VMs and Tor-client VMs.
+    </td>
+  </tr>
+</table>
+{{< / raw-html >}}
+
+### Acknowledgement
+
+These guides reflect my participation at [Wilders Security Forums][13] for the past few years. I acknowledge the administrators and moderators for the venue, and for their care and guidance. But mostly I acknowledge the Wilders' user community (especially fellow privacy lovers) for great answers, tough questions, and lively discussions.
+
+I also acknowledge [IVPN][14] for invaluable support and encouragement.
+
+Finally, I acknowledge the global open source community, without which none of this would have been possible.
+
+ [1]: https://en.wikipedia.org/wiki/Compartmentalization_%28information_security%29
+ [2]: http://www.cl.cam.ac.uk/~rja14/Papers/SE-08.pdf
+ [3]: http://theinvisiblethings.blogspot.ru/2008/09/three-approaches-to-computer-security.html
+ [4]: https://en.wikipedia.org/wiki/Threat_model
+ [5]: /privacy-guides/applying-risk-management-to-privacy/
+ [6]: https://metrics.torproject.org
+ [7]: http://blog.fox-it.com/2013/09/05/large-botnet-cause-of-recent-tor-network-overload/
+ [8]: http://blog.trendmicro.com/trendlabs-security-intelligence/the-mysterious-mevade-malware/
+ [9]: https://blog.torproject.org/blog/how-to-handle-millions-new-tor-clients
+ [10]: https://metrics.torproject.org/network.html?graph=networksize&start=2013-01-01&end=2013-12-31#networksize
+ [11]: http://www.ohmygodel.com/publications/usersrouted-ccs13.pdf
+ [12]: https://blog.torproject.org/blog/
+ [13]: https://www.wilderssecurity.com/
+ [14]: /
diff --git a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-2.md b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-2.md
new file mode 100644
index 000000000..7efd9f59a
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-2.md
@@ -0,0 +1,183 @@
+---
+title: Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 2
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/advanced-privacy-and-anonymity-part-2/
+section: Advanced
+weight: 20
+articles: [
+  {
+    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 3",
+    url: "/privacy-guides/advanced-privacy-and-anonymity-part-3/"
+  },
+  {
+    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 4",
+    url: "/privacy-guides/advanced-privacy-and-anonymity-part-4/"
+  },
+  {
+    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 5",
+    url: "/privacy-guides/advanced-privacy-and-anonymity-part-5/"
+  }
+]
+date: 2022-02-04T00:00:00+00:00
+layout: guides-details
+---
+## Basic Setup Using VMs, VPNs and Tor
+
+### Introduction
+
+This guide covers a basic setup to protect online privacy and anonymity. It's appropriate for reliably circumventing Internet censorship and data retention by ISPs, and for reliably circumventing commercial tracking and behavioral marketing. It may be adequate for political dissidents in countries that respect human rights. However, it is _not_ adequate for political dissidents who might suffer serious consequences if compromised. For them, using the full setup (covered in Parts 3-8) would be prudent.
+
+In this setup, the host machine reaches the Internet through a VPN service, with firewall rules to prevent leaks. The host runs VirtualBox, and there are multiple Linux workspace VMs to compartmentalize and isolate activity. Each Linux workspace VM initially reaches the Internet through the host machine's VPN service. It then connects through a different VPN service, or through the Tor network, to reach Internet sites. There are firewall rules to prevent leaks. For Tor connectivity, the guide uses [Whonix][1], which comprises Tor gateway and workstation VMs that are based on Linux (Debian).
+
+VirtualBox by default isolates resources (storage, memory and processing) that each VM is using, both from itself and from other VMs. Although the Linux workspace VMs (and the Whonix gateway VM) all use the host machine's VPN connection through [network address translation (NAT)][2], VirtualBox doesn't permit VM-to-VM traffic in that arrangement. Linux workspace VMs (and the Whonix workstation VM) are also isolated from each other on the Internet, because they have different IP addresses and network latencies.
+
+Because Whonix isolates workspace and networking in separate VMs, it resists attacks that compromise or circumvent Tor and/or firewall rules. However, the VPN client running in each Linux workspace VM is vulnerable to such attacks. Even so, the VPN client running on the host is isolated, and so damage is limited. In the full setup (covered in Parts 3-8), all workspaces and networking (VPN and Tor clients) are isolated in separate VMs.
+
+### Setting Up VPN on Host Machine
+
+If you're already using a VPN service, you can skip to the next step. If you're not already using a VPN service, [choose one][3] and install the client following the provider's instructions. For Linux, you can use the instructions below, in `Setting Up VPN on Linux Workstation VM`.
+
+Unless you've already set up firewall rules to prevent leaks, it's prudent to do so. All traffic (including DNS queries) should go through the VPN tunnel, and there should be no Internet connectivity if the VPN connection fails. Also, just in case, DNS queries should use the VPN provider's DNS server(s), or reliable [third-party DNS servers][4], and **not** your ISP's DNS servers.
+
+There are instructions below (in `Installing and Checking VPN-Firewall on Linux Workstation`) for using adrelanos' firewall setup in Linux. For Windows, you can ask your provider, or use (for example) [Comodo][5]. For OS X, you can ask your provider, or use (for example) [PF][6].
+
+It's also prudent to test for leaks. There are instructions below (in `Installing and Checking VPN-Firewall on Linux Workstation`) for leak testing in Linux. The same approach applies in Windows or OS X, except for installing and configuring Wireshark. For Windows, see (for example) [HOW TO : Install Wireshark on Windows 7][7]. For OS X, see (for example) [WireShark Install on Mac OS X][8].
+
+### Installing VirtualBox
+
+This step is trivial. Download the version of VirtualBox for your host machine OS from <https://www.virtualbox.org/wiki/Downloads>. For Windows hosts, install by executing the downloaded file. For OS X hosts, double click the downloaded file, and drag the app to the Applications icon. For Ubuntu hosts, open the downloaded package with Ubuntu Software Center, and install. For Debian hosts, use dpkg in a terminal. After installing VirtualBox, download the Extension Pack, and open it with VirtualBox to install. That's it. With VirtualBox running, hitting F1 opens the user manual, which is excellent and comprehensive.
+
+### Creating Linux Workstation VM
+
+Creating VMs is very easy, and section 1.7 of the VirtualBox manual (hit F1) explains it well. It's a two-stage process. First, you configure the new VM in VirtualBox. Second, you start the VM, and install the OS, just as you would on a physical machine.
+
+Linux is the best choice for a secure and private workstation VM. It's open-source and free, so there's no money trail linking you to a product ID. [Ubuntu][9] is a good choice for new Linux users. It's best to use releases with long-term support (currently 12 .04). For those who dislike the Unity desktop, [Xubuntu][10] and [Mint][11] (both based on Ubuntu) are good alternatives. [Debian][12] is arguably more secure, but not as user-friendly.
+
+
+First download the 32-bit (aka i386) installer image file for the Linux distro that you've chosen. Then open VirtualBox, and click the `New` icon. Enter your desired VM name, and select the proper OS type (Linux) and version (Ubuntu for Ubuntu, Mint or Xubuntu) or Debian. Specify 1 GB memory to avoid disk swapping. If host RAM is limited, you can reduce it later. Use the defaults for virtual hard disk type (dynamically allocated VDI) and location, but specify at least 100-200 GB maximum size. The initial size of the virtual disk will be at most 5-6 GB. But with large maximum size, it's very easy to accommodate unplanned growth. After reviewing the final summary screen, hit `Create`.
+
+Next, tweak the new VM's settings. In the `General/Advanced` tab, leave `Shared Clipboard` and `Drag'n'Drop` set to `Disabled` (for security). Under `System/Motherboard`, change the boot order to `Hard Disk, CD/DVD`, and deselect `Enable absolute pointing device`. Under `System/Processor`, select `Enable PAE/NX` (if your host supports it). Under `Display/Video`, increase video memory to 128 MB (unless host RAM is limited). Under `USB` settings, deselect `Enable USB Controller` (for security).
+
+Now add the OS installer image. Under `Storage`, highlight the CD icon (named `Empty`) under `IDE Controller`. Then hit the CD icon to the far right of `CD/DVD Drive`, and select `Choose a virtual CD/DVD disk file`. Navigate to wherever you put your installer image, and select it. Then click `OK` to exit the settings screen.
+
+Then double click on the new VM, and go through the install process. It's OK to accept all defaults. But you can select the encrypted LVM option for disk partitioning , if you like. Although whole-disk encrypted VMs may leave plaintext on host machines, that's better than nothing if the host is compromised while running. As the VM is rebooting after installation completes, click `Devices` in the main menu, highlight `CD/DVD Devices`, and select `Remove disk from virtual drive`.
+
+To get better VM performance, you may want to install VirtualBox guest additions (customized kernel modules). Guest additions also provide better display and mouse integration, and enable mounting host folders (aka `shared folders`) in the VM. However, some of the kernel customizations may reduce guest-host isolation, and using shared folders definitely does. It's a typical convenience vs security trade-off.
+
+Ubuntu or Xubuntu will prompt you to install the guest-additions kernel-module package as `additional drivers`. If not, use the Settings menu. You can also install guest additions by clicking `Devices` in the VirtualBox menu, and then `Install Guest Additions`. But don't do both. Debian 7.10 automatically installs the guest-additions kernel-module package.
+
+Use Update Manager to download and install updates. Then reboot the system.
+
+Before using Firefox, it's prudent to disable WebGL, in order to prevent graphics fingerprinting (see last paragraph). First take VM offline. In VirtualBox Network settings, change `Adapter 1` to `Not attached`. Then start Firefox in the VM, open `about:config`, and toggle `webgl.disabled` to `true`. Now change `Adapter 1` back to `NAT`. As backup protection, you can install NoScript, and check `Forbid WebGL` in the `Embeddings` tab of Options.
+
+### Setting Up VPN on Linux Workstation VM
+
+These instructions are for OpenVPN-based services. For IPsec-based VPN services, follow your provider's instructions. Avoid PPTP-based VPN services, because that protocol is extremely insecure.
+
+Start by setting up Network Manager with OpenVPN. Open a Terminal window, and run these commands:
+
+    user@ubuntu:~$ sudo apt-get install network-manager-openvpn
+    user@ubuntu:~$ sudo restart network-manager
+
+Then review your VPN credentials – certificates (\*.crt) and keys (\*.key) – and configuration files (\*.conf or \*.ovpn). Some VPN services provide configuration files with embedded credentials, with each of the credentials bracketed by corresponding [name] and [/name] tags. In that case, copy each of the credentials, and save as an appropriately-named text file. There may be as many as four credentials:
+
+  * ca.crt
+  * client.crt
+  * client.key
+  * ta.key
+
+All of these files should be downloaded via HTTPS, and kept private. You might want to avoid providers that don't use HTTPS for this. Establishing a VPN connection may also require a username and password, which may differ from the account name and password for the VPN service's website. Some low-end services email connection username and password. In that case, immediately go to the provider's website, and change the password.
+
+Virtually all VPN services provide a ca.crt (certificate authority) certificate. These certificates enable clients to verify the authenticity of VPN servers before connecting. Most VPN services also provide a client.crt (client certificate) and client.key (for unlocking and using the client certificate). Client certificates allow VPN servers to verify the authenticity of clients before accepting connections. A few high-end VPN services also provide a ta.key to enable TLS authentication, which [increases connection security][13].
+
+You'll also need other information from the OpenVPN configuration file. First, you'll need to choose the VPN server that you'll be connecting to. Avoid the United States, United Kingdom and France. Germany and the Netherlands are OK. It's probably good to avoid Eastern Europe, Russia, China etc, which might attract attention. You'll need the IP address of the server, rather than the hostname, in order for VPN-Firewall (see below) to work properly. If you just have hostnames, you can get the IP address by running this command:
+
+    user@ubuntu:~$ host hostname.that.you.have
+
+Second, you'll need to know the server port number and connection type (UDP or TCP). It's generally best to use UDP (unless you're routing via Tor). You'll also need to know the cipher type (from the cipher ... line) and whether LZO compression should be enabled (if you see comp-lzo). If cipher type isn't specified, use the Network Manager default. For VPNs that provide ta.key, you'll need to know the key direction, which is the number at the end of the tls-auth line (typically 1).
+
+Start the setup by copying all of the VPN certificate and key files to /etc/openvpn. Open a Terminal window, and run these commands:
+
+    user@ubuntu:~$ cd /home/user/path-to-the-files
+    user@ubuntu:~$ sudo cp ca.crt client.crt client.key ta.key /etc/openvpn/
+
+Of course, edit the second command for the files that you actually have.
+
+Then open Network Manager, select the `VPN` tab, and click the `Add` button. Select OpenVPN as type, and click the `Create` button. Enter a short name for the connection, and the IP address of the server that you'll be accessing. The next steps depend on the configuration of the VPN service.
+
+There are three common VPN-configuration setups. Some VPN services (such as Private Internet Access) provide only ca.key, and require username and password for connection. For them, select `Password` as authentication type, enter your username and password, and click the `CA Certificate` button. In the `Places` window, click `File System`. Double click `etc`, and then double click `openvpn`. Finally, select `ca.crt` and click `Open`.
+
+Now click the `Advanced` button. In the `General` tab, check `Use custom gateway port` and enter the appropriate port number. If appropriate, check `Use LZO data compression` (typical) and `Use a TCP connection` (rarely appropriate unless you're routing via Tor). If you know the cipher type, click `Cipher` in the `Security` tab, select the appropriate one, and click `OK`. Now click `Save` in the VPN window, and close Network Manager.
+
+Some VPN services (such as AirVPN) provide ca.key, client.crt and client.key, but not ta.key, and don't require username and password for connection. For them, select `Certificates (TLS)` as authentication type, and then specify `User Certificate` (client.crt), `CA Certificate` (ca.crt) and `Private Key` (client.key) as described above. Then complete the same steps in the `Advanced` window as described above, save the VPN configuration, and close Network Manager.
+
+Some VPN services (such as IVPN) provide ca.key, client.crt, client.key and ta.key, and also require username and password for connection. For them, select `Password with Certificates (TLS)` as authentication type, and enter your username and password. Then specify `User Certificate` (client.crt), `CA Certificate` (ca.crt) and `Private Key` (client.key) as described above. Complete the same steps in the `Advanced` window as described above. In the `TLS Authentication` window, check `Use additional TLS authentication`, and specify `Key File` (ta.key) and `Key Direction` (typically 1). Then save the VPN configuration, and close Network Manager.
+
+Now use Network Manager to establish the new VPN connection. Once it connects, verify that it works by visiting <https://whatismyipaddress.com>. If it doesn't connect, or doesn't work, recheck the configuration.
+
+### Installing and Checking VPN-Firewall on Linux Workstation
+
+Install adrelanos' VPN-Firewall scripts as described at <https://github.com/adrelanos/VPN-Firewall>. You want the firewall (iptables rules) to load at bootup, so install both the firewall and init scripts. Reboot the VM, but don't reconnect the VPN via Network Manager. Check VPN-Firewall status by running the following in a Terminal window:
+
+    user@ubuntu:~$ sudo service vpnfirewall status
+
+It should reply. Then verify that the VM has no Internet connectivity by trying to visit <https://whatismyipaddress.com>. If it connects, there's something wrong with the VPN-Firewall setup.
+
+Now use Network Manager to establish your VPN connection, and verify that it works by visiting <https://whatismyipaddress.com>. If it doesn't connect, recheck the configuration. If it does connect, test VPN-Firewall by killing the openvpn process (run `sudo killall openvpn` in a Terminal window) and verifying that the VM has no Internet connectivity. Then use Network Manager to reestablish the VPN connection, and verify that it works by visiting <https://whatismyipaddress.com>.
+
+Check your DNS servers by running the standard DNS test at <https://www.grc.com/dns/>. It should report only the DNS servers that your VPN service is pushing. It should not report any DNS servers that are associated with your ISP, or are specified by your LAN router. If it does, there's something wrong with the VPN setup.
+
+You can also check for leaks using Wireshark. To install Wireshark, open a Terminal window in the VM, and run these commands:
+
+    user@ubuntu:~$ sudo apt-get update
+    user@ubuntu:~$ sudo apt-get install wireshark
+
+Then configure wireshark to allow a non-root user to sniff packets. As described [here][14], run these commands in a Terminal window:
+
+    user@ubuntu:~$ sudo dpkg-reconfigure wireshark-common
+    user@ubuntu:~$ sudo adduser $USER wireshark
+
+Reboot the VM, and establish your VPN connection. Then open Wireshark, and start capturing on eth0. Use Firefox to check <https://whatismyipaddress.com>, run the DNS test at <https://www.grc.com/dns/>, etc. Now stop the capture, and run Statistics/Endpoints. You should only see one [non-private][15] aka [public IP address][16], that of the VPN server that you're connected to.
+
+Now kill the openvpn process (run `sudo killall openvpn` in a Terminal window) and start a fresh capture on eth0. Verify that Firefox can't see anything. VPN-Firewall blocks pings, by the way. Stop the capture, and run Statistics/Endpoints. You should only see traffic with local private IP addresses, and reconnection attempts from the VPN server that you were connected to.
+
+Finally, reestablish the VPN connection in Network Manager, and verify that it's working. Then start Update Manager, download and install updates, and let the VM reboot.
+
+### Installing Whonix
+
+[Whonix][1] comprises a pair of Debian VMs: a gateway VM that connects to the Tor network, and a workstation VM that connects through the gateway VM. Installing Whonix is easy. Start by downloading Whonix-Gateway and Whonix-Workstation to your host machine, using your VPN service. It's best to verify the downloads as instructed using the OpenPGP signatures and the Whonix signing key. If you can't be bothered with that, at least download them using BitTorrent (which is more secure, as explained).
+
+Import the gateway and workstation VMs, using `File / Import Appliance` in VirtualBox (reinitializing MAC addresses). If you'll be using just one Whonix instance, just start the Whonix gateway, and then the workstation. Download and install updates as instructed. After rebooting both VMs, you're done. Enjoy!
+
+If you'll be using multiple Whonix instances, each gateway and workstation VM must have a unique name (which determines the name of its folder). After importing the first pair of gateway and workstation VMs, edit their names in the VirtualBox GUI, adding a unique suffix (or whatever) to distinguish them from others that you'll be importing (and to facilitate keeping track of them).
+
+Also, the gateway and workstation VMs of each Whonix instance must share a uniquely named internal network. First edit the settings for Adapter 2 of the gateway VM (under `Network`). Change `Whonix` to `Whonix-1` or whatever. Don't change the settings for Adapter 1. The default (`NAT`) will have it connect through your host's VPN service. Then edit the settings for Adapter 1 of the workstation VM, changing `Whonix` to whatever you just used for Adapter 2 of the gateway VM.
+
+Now start the first Whonix gateway, and then the workstation. Download and install updates as instructed. After rebooting both VMs, you're done. Enjoy!
+
+### OS Diversity is Crucial for Compartmentalization Safety
+
+WebGL fingerprinting is a serious risk when using VMs for compartmentalization. WebGL uses the GPU via the OS graphics driver. On a given host, all VMs that use a given graphics driver will have the same WebGL fingerprint, because they all use the same virtual GPU. So let's say that you have a Debian VM that connects through a nested VPN chain, and a Lubuntu VM that connects directly, or through a different one. Default Firefox in both VMs will have the same WebGL fingerprint! That could link the two VMs, and break compartmentalization.
+
+One can readily disable WebGL in browsers. But accidents happen. Maybe you'll install a new browser, and forget to disable WebGL. Any sites that you visit while WebGL is working can fingerprint the VM. And potentially that VM is linked by WebGL fingerprint to other VMs that use the same graphics driver.
+
+Given that, it's best to compartmentalize across VMs with different graphics drivers. Browsers on all distros that use the Debian graphics driver (Debian, Ubuntu, Lubuntu, Mint, Xubuntu, etc) apparently have the same WebGL fingerprint. But VMs using different graphics drivers (such as Arch, Fedora, PCBSD, Windows and Yosemite Zone) have different WebGL fingerprints.
+
+The host and VMs use different GPUs (real vs virtual) so there is no overlap in WebGL fingerprints. However, it does appear that systems using a given graphics driver will have the same WebGL fingerprint on given hardware, with a given GPU. And so reinstalling the OS, or using a related OS with the same graphics driver, may not change the WebGL fingerprint.
+
+ [1]: https://www.whonix.org/wiki/Main_Page
+ [2]: https://en.wikipedia.org/wiki/Network_address_translation
+ [3]: https://torrentfreak.com/best-vpn-anonymous-no-logging/
+ [4]: https://www.wikileaks.org/wiki/Alternative_DNS
+ [5]: https://forums.comodo.com/firewall-help-cis/configuring-to-block-all-nonvpn-traffic-t91413.15.html
+ [6]: https://web.archive.org/web/20120827084446/https://thenewtech.tv/it/openbsd-pf-on-mac-osx-lion
+ [7]: https://kudithipudi.org/2009/07/17/how-to-install-wireshark-on-window-7/
+ [8]: https://networkstatic.net/wireshark-install-on-mac-os-x/
+ [9]: https://www.ubuntu.com/download/desktop
+ [10]: https://xubuntu.org/getxubuntu/
+ [11]: https://www.linuxmint.com/download.php
+ [12]: https://www.debian.org/CD/netinst/
+ [13]: https://community.openvpn.net/openvpn/wiki/SecurityOverview
+ [14]: https://askubuntu.com/questions/74059/how-do-i-run-wireshark-with-root-privileges
+ [15]: https://en.wikipedia.org/wiki/Private_network
+ [16]: https://en.wikipedia.org/wiki/IP_address#Public_address
diff --git a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-3.md b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-3.md
new file mode 100644
index 000000000..bd76fd814
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-3.md
@@ -0,0 +1,199 @@
+---
+title: Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 3
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/advanced-privacy-and-anonymity-part-3/
+section: Advanced
+weight: 30
+articles: [
+  {
+    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 4",
+    url: "/privacy-guides/advanced-privacy-and-anonymity-part-4/"
+  },
+  {
+    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 5",
+    url: "/privacy-guides/advanced-privacy-and-anonymity-part-5/"
+  },
+  {
+    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 6",
+    url: "/privacy-guides/advanced-privacy-and-anonymity-part-6/"
+  }
+]
+date: 2013-10-23T12:36:02+00:00
+layout: guides-details
+---
+## Planning Advanced VM and VPN Setup
+
+### Introduction
+
+This guide introduces an advanced setup (implemented in Parts 4-8) which provides vastly greater privacy, anonymity and freedom than the basic setup presented in [Part 2. Basic Setup Using VMs, VPNs and Tor](/privacy-guides/advanced-privacy-and-anonymity-part-2/). It employs [compartmentalization][1] (aka [compartmentation][2]) and [isolation][3], by using multiple virtual machines (VMs) with Internet access through arbitrarily complex nested and branched chains of VPNs and Tor. The full setup will require at least a few days of focused work. Please review [Part 1. Introduction](/privacy-guides/advanced-privacy-and-anonymity-part-1/) and consider your [threat model][4] before choosing which aspects to implement.
+
+This advanced setup broadly resembles the basic setup presented in Part 2. The host machine reaches the Internet through a VPN service, with firewall rules to prevent leaks. There are multiple Linux workspace VMs to compartmentalize and isolate activity, and the various workspace VMs independently reach the Internet through VPN services or the Tor network. It's easy to deter profiling and tracking by using multiple pseudonyms in multiple workspace VMs, with different Internet IP addresses. Impacts of malware and hacking are limited, as long as the VMs networking services and VPN client are not compromised or circumvented.
+
+However, the advanced setup goes far beyond the basic setup in a few key ways. Rather than using an existing and potentially compromised system (typically Windows or OS X) as VM host, this setup uses a fresh Linux installation. Because Linux is open-source, there is also less risk of [backdoors][5]. Furthermore, because most Linux distributions are free, there is no money trail that might link you to a product key, or other unique information in the installation.
+
+In the basic setup, the Linux workspace VMs (except Whonix) contain both applications and networking services (routing, firewall, VPN client, etc). By exploiting vulnerabilities in applications and users, attacks may readily compromise or circumvent the VPN client, and then deanonymize users by contacting a monitoring server directly, rather than through the VPN tunnel. Attacks may also install malware that deanonymizes by `calling home` when the VPN is not connected. Indeed, any document that automatically loads remote resources, such as this logo, can do the same.
+
+![IVPN Logo](/images/logo.svg)
+
+In this advanced setup, all workspaces and networking services (VPN and Tor clients) are isolated in separate workspace and gateway VMs (pfSense VPN-client VMs and Tor-client VMs). Attacks that exploit vulnerabilities in applications and users can't reach networking services unless they can also compromise or circumvent VM-host barriers. And because workspace VMs can only reach the Internet through their gateway VMs, there's no access to remote resources when the gateway is down or broken, except through deliberate user error.
+
+Furthermore, in this setup, the arrangement of gateway VMs and VirtualBox internal networks transparently creates layers of encrypted routing instructions, which then direct packets through specified chains of VPN servers and Tor entry relays. That is, packet routing through the Internet reflects local routing of gateway VMs in VirtualBox. Using the VirtualBox GUI, it's trivial to create and modify arbitrarily complex nested and branched chains of VPN and Tor connections. It's also possible, using the VBoxManage command-line interface, to automate changes in routing topology (not included in these guides).
+
+Indeed, this is a simple (and static) implementation of [onion routing][6]:
+  
+> Onion routing is a technique for anonymous communication over a computer network. Messages are repeatedly encrypted and then sent through several network nodes called onion routers. Like someone peeling an onion, each onion router removes a layer of encryption to uncover routing instructions, and sends the message to the next router where this is repeated. This prevents these intermediary nodes from knowing the origin, destination, and contents of the message.
+
+### Initial Privacy Considerations
+
+If you're, for example, a political dissident who might suffer serious consequences if compromised, it would be prudent to read these guides, and download required software, using a secure VPN service. Otherwise, your ISP and other local observers can see what you're doing, and you might be flagged for increased scrutiny. Ideally, local observers should see only that you're using a VPN service, and nothing else. If you'll be chaining multiple VPNs, as described below, it's best to pick one now that you will connect to directly. Consistently using just one direct-connect VPN service arguably attracts less attention than using many VPN services and Tor.
+
+If you're currently using a VPN service, adopting it as your direct-connect VPN would be best, as long as it's privacy-friendly and its performance is adequate. Unbiased sources for information about VPN services include discussions at [Wilders Security Forums][7] (which uses a self-signed certificate) and annual reviews at [TorrentFreak][8]. Connecting indirectly to your current VPN service through a new direct-connect VPN would arguably be pointless, because there are potentially records associating your account there with your ISP-assigned IP address.
+
+If you're not currently using a VPN service, now is a good time to pick one that you'll be connecting to directly. For direct-connect VPNs, the key features are speed (high bandwidth and low latency), uncapped usage (throughput) and mainstream popularity (so you stand out less). You'll typically be using just one direct VPN connection, and so it's arguably better to reserve services that permit multiple simultaneous connections, and have exit servers in many countries, for use as indirect VPNs (which you will access through your direct-connect VPN).
+
+Unless you're already using a VPN service and/or Tor, install your chosen direct-connect VPN client on the machine that you're reading this on, following the provider's instructions. Also download all required software on this machine, so your ISP etc can't see what you're doing.
+
+At the cost of increased complexity, by choosing the high-privacy option in the next tutorial ([Part 4. Setting Up Secure Host Machines](/privacy-guides/advanced-privacy-and-anonymity-part-4/)), you can hide all evidence of your new setup from your ISP and other local observers. They'll just see downloading through your direct-connect VPN service.
+
+### Using Nested Chains of VPNs and Tor to Distribute Trust
+
+It's crucial to keep in mind that, by using VPN services, we are merely choosing to trust our VPN providers, instead of our ISPs and governments. We can choose VPN providers that use multiple hops, promise not to keep logs, carefully segregate our account data and their VPN servers, and even claim that they will move or shut down before compromising our privacy. But there is no reliable way to know whether our trust has been warranted, unless we discover that it hasn't.
+
+If privacy and pseudonymity really matter to us, therefore, it's not prudent to rely merely on a single VPN provider. Instead, we can distribute our trust by routing one VPN tunnel through another, from a different provider. More generally, we can create nested chains of VPN tunnels from multiple providers. In order to compromise our privacy, an adversary would need to compromise or subvert most (if not all) of the VPN services in our chain(s).
+
+This approach is vulnerable in at least two ways. First, there may be money trails to `inner` (in a topological sense) VPN services that we access indirectly through other VPN services. Using free VPN services is an option, but they typically cap bandwidth and throughput. The best option is paying with cash by anonymous snail mail. Another option is paying with Bitcoins that have been thoroughly anonymized using multiple anonymous accounts and mixing services.
+
+Second, some (or all) of the VPN services in our chain(s) may be vulnerable to compromise or subversion by broadly resourceful adversaries. To mitigate this risk, it's prudent to choose providers that operate from poorly-cooperating geopolitical [spheres of influence (SOIs)][9]. It's best to avoid providers in the SOI where you live. For your direct-connect VPN, it's arguably best to choose a provider in a relatively-neutral SOI, which doesn't attract too much attention, and yet is at least somewhat hard to subvert. For your terminal/innermost VPN, it's arguably best to choose a provider in an effectively non-cooperating SOI. If you're using three or more VPNs overall, it's arguably best to alternate between distinct poorly-cooperating SOIs for the middle VPNs.
+
+We can also rely on [Tor][10], a highly sophisticated implementation of [onion routing][6], where trust by design is distributed among numerous participants with disparate goals. It provides far greater anonymity than VPNs (even complex nested chains of VPNs) could ever manage. However, configuring applications to use Tor properly (with no leaks) is nontrivial, and it's best to use packaged setups.
+
+The [Tor Browser Bundle][11] comprises Tor and the Tor Project's version of Firefox, which is optimized for anonymity. Although it's very easy to install and use, it's vulnerable to [malware exploits][12] and leaks from applications misconfigured by users. [The Amnesic Incognito Live System (Tails)][13] is a LiveCD (read-only by default) which can also be run as a VM. It's preconfigured with many applications. But it's still vulnerable to malware exploits that circumvent Tor. Both [Whonix][14] and [Incognito][15] isolate workspace and networking services in separate gateway and workstation VMs. That protects against deanonymization through user error, misconfigured applications or malware exploits.
+
+It's best to incorporate Tor at or near the end of nested VPN chains. VPN services are popular for P2P file sharing, and using them arguably attracts less unwanted attention than using Tor, except where file sharing and dissent are both forbidden. Indeed, access to the Tor network is blocked in some places. One can circumvent blocks by connecting through [bridge relays][16]. However, as bridge relays are identified and blocked, users must switch to new ones. Given the trial and error process of using bridge relays, they do not reliably hide Tor use. It would be safest to use both VPNs and [obfuscated bridges][17], which obfuscate Tor traffic patterns.
+
+Some Internet sites don't accept connections from Tor exit relays. Some sites block all Tor exits, while others block only those that appear on various blacklists. A simple solution is routing a VPN service through Tor. Tor can carry only TCP traffic, so one must use TCP mode for the VPN connection. But the resulting VPN tunnel carries both TCP and UDP traffic, increasing application compatibility and reducing the chance of leaks.
+
+### Preventing VPN Leaks
+
+VPN connections are prone to (at least) two types of leaks. One type involves DNS servers. Normally, after a VPN client requests a connection, the server configures the tunnel, and pushes required information to the client. Included are changes in network routing, so all Internet traffic uses the VPN tunnel, and DNS servers to be queried for translating hostnames to IP addresses.
+
+But if something goes wrong, the client machine may instead query DNS servers provided by the user's ISP. And that may reveal the ISP's identity to those observing the VPN exit server. It may also reveal to the ISP what domains are being accessed. If the user's ISP can see both user traffic to the VPN entry server and queries to its DNS servers, timing analysis could readily reveal what domains the user is accessing. In other words, the VPN would be compromised for that user.
+
+Preventing such DNS leaks may be nontrivial. It may require temporarily hard coding the VPN's DNS servers in the client machine's network configuration, and undoing that after the VPN connection is closed. That's what the VPN client should be doing, by the way, but sometimes it doesn't work, especially with uncommon operating systems that the VPN configuration doesn't fully support.
+
+The other type of leak involves traffic bypassing the VPN tunnel to reach the Internet directly. The operating system may not properly implement changes in network routing pushed by the VPN server to direct all Internet traffic through the VPN tunnel. Or the VPN connection may fail in some way. For example, VPN servers may go offline, or VPN client software may hang or die, perhaps after intermittent network outages. Whatever the cause, it's crucial that there be no Internet connectivity except through the VPN tunnel, even if the VPN connection is improperly configured, or fails in any way.
+
+Unfortunately, OpenVPN was designed to provide secure connectivity to remote networks, but not Internet anonymity. Indeed, Internet traffic exits locally by default in OpenVPN, in order to conserve VPN bandwidth. While it's easy to configure VPN tunnels to carry all network traffic, it's difficult to prevent traffic from using the client machine's physical adapter after the VPN client software terminates. By default, all changes to network routing made during VPN connection are reversed when the VPN disconnects. That's generally a good thing, because users might otherwise be left without Internet access (even to reconnect the VPN).
+
+Some VPN providers use proprietary clients that reportedly fail closed. But generally, the only reliable protections are network routing and firewall rules that restrict network connectivity to the VPN tunnel. In Windows and OS X, you can use, respectively, [Comodo][18] and [PF][19]. In Linux, you can use [VPN-Firewall][20]. It's a bash script that creates iptables rules which block all Internet connections except through the designated OpenVPN server, and yet permit transparent VPN reconnection. It's part of the high-privacy option in the next tutorial, [Part 4. Setting Up Secure Host Machines](/privacy-guides/advanced-privacy-and-anonymity-part-4/). Whatever method you use, it's prudent to test for leaks. That's also covered in the next tutorial.
+
+### Using pfSense VMs as VPN Clients
+
+Advanced networking expertise is required to securely route one VPN tunnel through another, with no leaks, on an individual machine. However, doing that is trivial by networking virtual machines (VMs) that serve as gateway routers. Indeed, it's possible to create arbitrarily complex nested and branched chains of VPNs (and Tor).
+
+pfSense, a hardened router/firewall operating system based on FreeBSD and its stateful packet filter [PF][21], is an excellent choice for VPN-client VMs. pfSense VMs are small and resource-light. Creating VPN connections and preventing leaks is very easy in pfSense. The pfSense WebGUI is highly intuitive, and yet exposes virtually all pfSense capabilities. Using pfSense VMs as VPN clients is covered in [Part 6. Creating pfSense VMs as VPN Clients](/privacy-guides/advanced-privacy-and-anonymity-part-6/).
+
+### Visualizing Nested VPN Tunnels
+
+Chains of nested VPN tunnels provide better privacy and anonymity for accessing content servers, Tor entry relays, peers of P2P networks (such as BitTorrent, Freenet and I2P) and other remote servers. With no VPN, remote servers see your ISP-assigned IP address. Also, your ISP and other local observers see the IP addresses of remote servers. And unless connections are end-to-end encrypted, they can eavesdrop and carry out man-in-the-middle (MITM) attacks.
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/Connection-No-VPN-light.png"
+        srcset="/images-static/uploads/Connection-No-VPN-light.png 1x, /images-static/uploads/Connection-No-VPN-light@2x.png 2x"
+        alt="Connection Without VPN" />
+    <img class="features__image--dark" src="/images-static/uploads/Connection-No-VPN-dark.png"
+        srcset="/images-static/uploads/Connection-No-VPN-dark.png 1x, /images-static/uploads/Connection-No-VPN-dark@2x.png 2x"
+        alt="Connection Without VPN" />
+</figure>
+{{< / raw-html >}}
+
+With one VPN, remote content servers instead see the VPN's exit IP address. Your ISP and other local observers see the VPN's entry IP address, and the VPN tunnel is encrypted. However, the VPN provider knows both your ISP-assigned IP address and the IP addresses of remote servers.
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/Connection-One-VPN-light.png"
+        srcset="/images-static/uploads/Connection-One-VPN-light.png 1x, /images-static/uploads/Connection-One-VPN-light@2x.png 2x"
+        alt="Connection With VPN" />
+    <img class="features__image--dark" src="/images-static/uploads/Connection-One-VPN-dark.png"
+        srcset="/images-static/uploads/Connection-One-VPN-dark.png 1x, /images-static/uploads/Connection-One-VPN-dark@2x.png 2x"
+        alt="Connection With VPN" />
+</figure>
+{{< / raw-html >}}
+
+With two nested VPNs, remote content servers see the second (inner) VPN's exit IP address. Your ISP and other local observers see the first (outer) VPN's entry IP address. Both VPN tunnels are encrypted. Neither VPN provider knows both your ISP-assigned IP address and the IP addresses of remote servers. The first (outer) VPN provider knows your ISP-assigned IP address, and also the second (inner) VPN's entry IP address. The second (inner) VPN provider knows the IP addresses of remote content servers, and also the first (outer) VPN's exit IP address.
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/Connection-Two-VPNs-light.png"
+        srcset="/images-static/uploads/Connection-Two-VPNs-light.png 1x, /images-static/uploads/Connection-Two-VPNs-light@2x.png 2x"
+        alt="Connection with Two VPNs" />
+    <img class="features__image--dark" src="/images-static/uploads/Connection-Two-VPNs-dark.png"
+        srcset="/images-static/uploads/Connection-Two-VPNs-dark.png 1x, /images-static/uploads/Connection-Two-VPNs-dark@2x.png 2x"
+        alt="Connection with Two VPNs" />
+</figure>
+{{< / raw-html >}}
+
+With three or more nested VPNs, information about your Internet activity would be further fragmented, and harder to compromise. However, as VPN tunnels are nested more deeply, two factors limit usability. First, each VPN level adds 50-100 ms latency, and may also restrict bandwidth. Second, overall reliability (being the product of the individual VPN reliabilities) is lower.
+
+### Planning Initial Setup
+
+You might want to start by creating a setup such as this.
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/Chains-light.png"
+        srcset="/images-static/uploads/Chains-light.png 1x, /images-static/uploads/Chains-light@2x.png 2x"
+        alt="Cloud showing Chained VPNs and TOR" />
+    <img class="features__image--dark" src="/images-static/uploads/Chains-dark.png"
+        srcset="/images-static/uploads/Chains-dark.png 1x, /images-static/uploads/Chains-dark@2x.png 2x"
+        alt="Cloud showing Chained VPNs and TOR" />
+</figure>
+{{< / raw-html >}}
+
+Each star denotes a VPN exit, with an invariant IP address that's shared by all users. Two VPN services (VPN{{< sub >}}1{{< / sub >}} and VPN{{< sub >}}2{{< / sub >}}) form the backbone. A third VPN service, routed through VPN{{< sub >}}2{{< / sub >}}, provides multiple simultaneous exits (VPN{{< sub >}}3a{{< / sub >}} and VPN{{< sub >}}3b{{< / sub >}}). A Tor client, also routed through VPN{{< sub >}}2{{< / sub >}}, provides Internet access through a cloud of frequently changing exit IP addresses that are shared by many other users. Finally, a fourth VPN service (VPN{{< sub >}}4{{< / sub >}}) is routed through the Tor connection.
+
+Each VPN tunnel in a nested chain provides some degree of separation and anonymity. How much depends on such factors as the number of concurrent users, what the service logs, and the availability of any logs to adversaries. But generally, your risk of association is greatest with the VPN{{< sub >}}1{{< / sub >}} exit, less with the VPN{{< sub >}}2{{< / sub >}} exit, and even less with the VPN{{< sub >}}3a{{< / sub >}} and VPN{{< sub >}}3b{{< / sub >}} exits. Tor connections arguably provide far more separation and anonymity, so your risk of association through the Tor exit cloud is far less than through the VPN{{< sub >}}3{{< / sub >}} exits.
+
+Routing VPN{{< sub >}}4{{< / sub >}} through the Tor connection, however, weakens anonymity. That's obviously so if there are email or money trails from you to VPN{{< sub >}}4{{< / sub >}}. But even free VPN services, with no such linkages, weaken Tor anonymity. Tor clients plan and test numerous circuits, with diverse paths and exit relays. They normally use multiple concurrent circuits to isolate application data streams, and they change circuits frequently. But once a VPN tunnel is established using a particular circuit, the Tor client can't move it to a new circuit, until the VPN disconnects and reconnects. Even so, the VPN{{< sub >}}4{{< / sub >}} exit is still potentially far less associated with the VPN{{< sub >}}2{{< / sub >}} exit than the VPN{{< sub >}}2{{< / sub >}} exit is with you.
+
+Everyone using a given VPN exit server has the same IP address. That's good, because crowding increases anonymity. However, using a particular VPN exit for multiple pseudonyms is somewhat counterproductive, given the shared IP address. It's best, therefore, to use just one primary pseudonym with each pfSense VPN-client VM, and its corresponding VPN exit and position in the overall nested VPN chain.
+
+It's also best for each pseudonym to consistently use a particular VPN exit. Changes in IP address can trigger account-verification requirements by some providers, such as Facebook and Google, and may even lead to blacklisting. That's hard to avoid with Tor, because clients use multiple concurrent circuits (including exit relays) to isolate application data streams, and they change circuits frequently. VPNs can be routed through Tor, but that decreases anonymity.
+
+In creating and using these setups, it's crucial to keep in mind that associations among you and the various elements – exit IP addresses, and the pseudonyms and workstations that use them – can never be decreased, but only increased. For example, consider VPN{{< sub >}}4{{< / sub >}} that's been routed through Tor. If you use that connection with a pseudonym or workstation that's more closely associated with you, it's prudent to assume that the association persists. Or consider a pseudonym created using VPN{{< sub >}}4{{< / sub >}}. Using that pseudonym without Tor, even through nested VPNs, permanently associates it more closely with you.
+
+Multiple pseudonyms should never share a workstation VM, given the risk of cross-correlation through routine tracking, malware and active attacks. It's also prudent to compartmentalize information for a given pseudonym among multiple workstation VMs. One workstation VM might serve for routine online activity. Using a diskless LiveCD VM would provide some protection for visiting questionable websites or opening questionable files (but not as much as a diskless machine booting from a LiveCD). Another workstation VM might host a Bitcoin client, and hold other financial information. Highly sensitive information might be secured in one or more VMs that are routinely offline, and never share LANs with potentially compromised VMs.
+
+In particular, a workstation should not contain information about the VPN account that it's connecting through. The identity of the VPN service is obvious. Remote servers see VPN exit IP addresses, and may even reveal them in forum posts or email headers. However, account details such as email address and payment method may reveal true identity (or, at least, a weaker pseudonym). Although information about VPN service(s) purchased for extending the nested VPN chain is less sensitive, it's prudent to segregate it (with other financial information) from routine online activity.
+
+That's a problematic issue, because configuration and management of pfSense VMs require workstation VMs for accessing the pfSense webGUI. For VPN-client setup, workstation VMs must have VPN credentials, which may be linked to email address and payment method. To reduce the risk of compromise and cross-correlation, it's best to administer each pfSense VPN-client VM with a dedicated workstation VM, which contains no information about any pseudonyms that connect through that pfSense VM. Alternatively, you can use a diskless LiveCD VM for administering all of your pfSense VMs, and download VPN configuration files when needed.
+
+As discussed in [Part 2. Advanced Privacy and Anonymity Using VMs, VPN’s, Tor][22], WebGL fingerprinting is a serious risk when using VMs for compartmentalization. On a given host, all VMs that use a given graphics driver will have the same WebGL fingerprint, because they all use the same virtual GPU.
+
+It's best to compartmentalize across VMs with different graphics drivers. Use Debian or Lubuntu, perhaps, but not both (where it matters, anyway). For compartments where separation is crucial, use VMs with different graphics drivers. Possibilities include Arch, Fedora, PCBSD, Windows and Yosemite Zone.
+
+It's also prudent to disable WebGL in browsers before using them online. Take the VM offline, by changing `Adapter 1` to `Not attached` in VirtualBox Network settings. Then start Firefox in the VM, open `about:config`, and toggle `webgl.disabled` to `true`. Now change `Adapter 1` back to `NAT` (`Internal Network`, when you're using pfSense VPN-gateway VMs). You can also install NoScript, and check `Forbid WebGL` in the `Embeddings` tab of `Options`.
+
+ [1]: https://en.wikipedia.org/wiki/Compartmentalization_%28information_security%29
+ [2]: http://www.cl.cam.ac.uk/~rja14/Papers/SE-08.pdf
+ [3]: http://theinvisiblethings.blogspot.ru/2008/09/three-approaches-to-computer-security.html
+ [4]: /privacy-guides/will-a-vpn-protect-me/
+ [5]: https://en.wikipedia.org/wiki/Backdoor_%28computing%29
+ [6]: https://en.wikipedia.org/wiki/Onion_routing
+ [7]: https://www.wilderssecurity.com/
+ [8]: https://torrentfreak.com/vpn-services-that-take-your-anonymity-seriously-2013-edition-130302/
+ [9]: https://en.wikipedia.org/wiki/Sphere_of_influence
+ [10]: https://www.torproject.org/
+ [11]: https://www.torproject.org/projects/torbrowser.html.en
+ [12]: https://blog.torproject.org/tor-weekly-news-august-7th-2013/
+ [13]: https://tails.boum.org/
+ [14]: https://www.whonix.org/wiki/Main_Page
+ [15]: https://bitbucket.org/ra_/
+ [16]: https://support.torproject.org/#censorship-7
+ [17]: https://support.torproject.org/#operators-6
+ [18]: https://forums.comodo.com/firewall-help-cis/configuring-to-block-all-nonvpn-traffic-t91413.15.html
+ [19]: https://en.wikipedia.org/wiki/PF_%28firewall%29
+ [20]: https://github.com/adrelanos/VPN-Firewall
+ [21]: https://en.wikipedia.org/wiki/PF_%28firewall%29
+ [22]: /privacy-guides/advanced-privacy-and-anonymity-part-2/
\ No newline at end of file
diff --git a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-4.md b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-4.md
new file mode 100644
index 000000000..ef91f0115
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-4.md
@@ -0,0 +1,369 @@
+---
+title: Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 4
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/advanced-privacy-and-anonymity-part-4/
+section: Advanced
+weight: 40
+articles: [
+  {
+    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 5",
+    url: "/privacy-guides/advanced-privacy-and-anonymity-part-5/"
+  },
+  {
+    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 6",
+    url: "/privacy-guides/advanced-privacy-and-anonymity-part-6/"
+  },
+  {
+    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 7",
+    url: "/privacy-guides/advanced-privacy-and-anonymity-part-7/"
+  }
+]
+date: 2020-01-28T00:00:00+00:00
+layout: guides-details
+---
+## Setting Up Secure Host Machines
+
+### Introduction
+
+This guide explains how to set up full-disk encrypted host machines for securely running multiple VMs. Using hardened router/firewall VMs (such as pfSense) as VPN clients, it's easy to route one VPN tunnel through another. With multiple workstation VMs, we can maintain multiple pseudonyms that complicate profiling and tracking, and we can mitigate the impact of malware and hacking. We can easily route Tor through VPNs to avoid attracting unwanted attention. And we can easily route VPNs through Tor to evade Tor exit blocking, increase application compatibility, and reduce the chance of leaks.
+
+As discussed in [Part 3. Planning Advanced VM and VPN Setup](/privacy-guides/advanced-privacy-and-anonymity-part-3/), it's prudent to read these guides, and download required software, through a VPN service and/or TOR. That way, your ISP and other local observers can't see what you're doing. Furthermore, consistently using a particular VPN service arguably attracts less attention than switching among several. If you haven't yet chosen a direct-connect VPN service, now is a good time. Please see `Initial Privacy Considerations` in Part 3 for more on this recommendation.
+
+Depending on your risk model, it may also be prudent to restrict your new host machine's Internet traffic to the direct-connect VPN service, even while you're setting it up. Using this high-privacy option would prevent your ISP and other local observers from seeing software downloads and other Internet connections that occur during installation of the operating system.
+
+As an example, this guide includes a high-privacy option using Ubuntu as the host operating system. With this option, the new host machine would have no Internet connectivity during Ubuntu installation. Before providing Internet connectivity, you would install your direct-connect VPN service, and then configure iptables to block all non-VPN connections. After providing Internet connectivity, you would establish the VPN connection, and update the system.
+
+With this approach, your ISP and other local observers would see only downloading (albeit increased, perhaps) through your direct-connect VPN service. Because the iptables rules take effect before network configuration during bootup, the new host machine will only have direct non-VPN Internet connectivity if you disable the iptables rules. Unless you did that, your ISP and other local observers would see no specific evidence of the new host machine's existence.
+
+### Hardware
+
+Gaming-class machines or workstations are best for simultaneously running more than a few VMs. Servers are good too, but normally lack audio and high-resolution video. If you'll be maxing out RAM and hard disks, you may need to upgrade the power supply to at least 600 W.
+
+Midrange quad-core CPUs (such as Intel i5 Quad, Intel Core 2 Quad and AMD Athlon Quad) can simultaneously run at least ten VMs, each configured with one core. CPU cores are only a soft limit for VM capacity, and overloading the CPU(s) just slows everything down. The CPU(s) must support virtualization. It's typically disabled by default, and must be enabled in the BIOS.
+
+Memory, on the other hand, is a hard limit for VM capacity. VMs can crash without warning if host memory becomes over-committed. However, RAM is currently quite inexpensive, and it's best to install as much as you can. That's especially important if you plan to run Windows VMs, which require substantially more memory than Linux or BSD VMs. With a 64-bit host OS, by the way, there's no 4 GB memory limit.
+
+You also want fast storage, because multiple VMs will be competing for disk access. It's tempting to use solid state drives (SSDs), given their breathtaking speed, increasing capacity and declining cost. However, it may be problematic to secure SDDs, because their wear-leveling mechanisms may compromise full-disk encryption by leaving plaintext data in the clear after shutdown. While some SDDs may be securable, if you implement full-disk encryption at first use, thorough research and testing would be prudent.
+
+The safest option is still probably RAID with multiple SATA (or SAS, if your budget allows) hard disk drives (HDDs). If you have a SATA optical drive, you can remove it to free up a SATA port, and use an external USB optical drive when needed.
+
+It's best to avoid consumer HDDs because they do extended error recovery (which doesn't play well with RAID) and also because they're not designed to be hammered. Older RAID-ready enterprise 7.2 Krpm SATA HDDs (such as Western Digital RE3s and RE4s) don't cost much more than consumer HDDs, and they perform well.
+
+If you only have four free SATA ports, RAID10 with four HDDs is the best option. RAID10 with four 1 TB 7.2 Krpm WD RE3 HDDs provides 2 TB capacity. You'd see ~170 MBps disk bandwidth with seek time ~12 ms, and you could lose one disk (or perhaps two, if you're lucky) without data loss. The use of RAID5 is no longer recommended, by the way.
+
+If you have five free SATA ports, RAID6 with five 1 TB 7.2 Krpm WD RE3 HDDs provides 3 TB capacity. You'd see ~270 MBps disk bandwidth with seek time ~7 ms, and you could lose any two disks without immediate data loss. However, RAID6 arrays rebuild slowly after failed disks have been replaced, and read errors can hose rebuilds.
+
+Using five HDDs for RAID10 with one hot spare would provide less capacity (2 TB) and less speed (~170 MBps with seek time ~12 ms) but substantially better reliability. Although you could lose only one disk (or perhaps two, if you're lucky) without data loss, RAID10 arrays rebuild far faster than RAID6 arrays do. Once the array had finished rebuilding, you'd have RAID10 with no hot spares. At that point, you could lose another disk (or perhaps two, if you're lucky) without data loss.
+
+You may want to enable booting with degraded RAID. If you don't, and one of the disks fails, you might need to boot with a LiveCD and repair the damage before the machine will boot. If you just boot with degraded RAID, on the other hand, you may not realize that the RAID array is degraded until it entirely fails (which is too late). It's prudent to periodically check HDD SMART and RAID status in Disk Utility.
+
+Effective cooling is essential, especially for RAID with multiple HDDs. With consumer-grade hardware, adding a high-capacity rear case fan is wise. Some models provide little ventilation for drives, and are notorious for baking HDDs. It may be necessary to drill an array of small holes in the case, in front of the HDD cage, making sure not to leave metal fragments inside. You can also add a grill, if appearance matters.
+
+### Choosing an Operating System
+
+Linux is the best choice for a secure and private host OS. It's open-source and free, so there's no money trail linking you to a product ID. Its software RAID implementation is fast, efficient and reliable. The LUKS package provides native full-disk encryption, with everything encrypted except for the boot partition. And finally, VirtualBox runs very well under it.
+
+Unless carefully configured, all operating systems leave disk caches and logs behind. With Windows or OS X, which are closed-source, it's very difficult to even know what's being left behind. Knowledge of Windows shellbags, for example, was until recently largely restricted to the computer forensics community.
+
+Ubuntu is a good choice for new Linux users. The Ubuntu Software Center simplifies package management. And the alternate install ISO provides full access to Debian's disk partitioning tools, including LUKS full-disk encryption, and LVM for flexible partition management. It's best to use releases with long-term support (currently 20.04 LTS). For those who dislike the Unity desktop, Xubuntu (based on Ubuntu) is the best alternative. Mint (also based on Ubuntu) doesn't provide an alternate install ISO. Debian is probably the most secure option, and Debian 7.0 was just released. As noted above, there is no 4GB memory limit with a 64-bit OS, so use that if your hardware supports it.
+
+Although the high-privacy option (explained below) is written for Ubuntu 12.04.2, it should work for any Linux distribution, if suitably tweaked. In principle, an analogous approach should work for Windows and OS X, but avoiding compromise through required authentication would be problematic.
+
+### VM Security Issues
+
+To protect VM privacy, and limit access to log files and disk-cache residue, it's prudent to use dedicated host machines with full-disk encryption. However, encrypted disks are decrypted while in use, and keys are stored in memory, so it's prudent to shut down hosts when idle. Using full-disk encryption for individual VMs would limit access to idle VMs while other VMs are in use, but it won't prevent access to information that's been logged or cached on the host machine.
+
+Under most circumstances, it's safe to assume that VMs are isolated from each other, unless they have direct network connectivity or share disks (including USB and other removable drives) or clipboard. However, the possibility of malware breakout from VM to host can't be excluded. If that occurred, other VMs would be readily compromised. Other machines with direct network connectivity or shared disks would also be compromised. When isolation is crucial or malware risk is high, it's prudent to segregate VMs on different host machines, and to avoid direct network connectivity and disk sharing.
+
+### Plausible Deniability
+
+Although encrypted data appears random, files, partitions and disks containing random data may engender suspicion, especially when there's evidence that they're in use. Also, there may be header information that flags the data as encrypted. In particular, the Linux Unified Key Setup (LUKS) for dm-crypt writes headers that begin with `LUKS`, and that disclose such information as the type of encryption being used.
+
+Conversely, a well-known feature of TrueCrypt is the ability to write hidden partitions, and even to run hidden operating systems. If challenged, one can disclose the passphrase for the decoy partition. Adversaries can mount the decoy partition, and run a decoy OS that's installed on it, but they can't detect any hidden partition or OS that may exist. And so it's arguably plausible to deny that any hidden partition exists.
+
+However, merely having decoy partitions doesn't make them plausible, unless they contain plausible information, and are used daily. If an adversary knows that you were online yesterday, based on information from your ISP, but your hidden OS hasn't been used for a week, it seems odd. Also, even if you have disclosed the passphrase for a hidden TrueCrypt partition, or even if you use TrueCrypt without hidden partitions, an adversary may not believe you.
+
+This tutorial uses Linux with LUKS and dm-crypt full-disk encryption. That may be unworkable if your circumstances require plausible deniability. Future tutorials will cover strategies for plausible deniability.
+
+### Installing Ubuntu with RAID, LUKS Encryption and LVM
+
+First download the [Ubuntu 12.04.2 alternate (64-bit) installer image](http://www.ubuntu.com/download/alternative-downloads), using the BitTorrent link or the nearest mirror. Use another machine that's protected by a VPN service and/or Tor for all of these downloads. If you don't have them already, download the credentials for your direct-connect VPN service. Also download [adrelanos][12] `VPN-Firewall` scripts.
+
+If you'll be going with the high-privacy option, you'll also need the package files required for setting up Network Manager with OpenVPN. Get them through a VPN service and/or Tor. The installer would normally download them from the Ubuntu repository, but that won't be possible without Internet connectivity. There are seven files to get:
+
+  * [openvpn package][1]
+  * [network-manager-openvpn-gnome][2]
+  * [openconnect package][3]
+  * [libopenconnect1 package][4]
+  * [network-manager-openconnect package][5]
+  * [liblzo2-2 package][6]
+  * [libpkcs11-helper1 package][7]
+
+Those are the package files needed to set up Network Manager with OpenVPN in a fresh Ubuntu 12.04.2 64-bit installation. You could get them from a non-US archive, if you like. It's possible that this hack won't work with an updated Ubuntu bug-fix release (e.g., 12.04.3). In that case, error messages from the package installer (which you'll use near the end of this tutorial) will tell you what's wrong.
+
+Connect the machine to your LAN router. Otherwise, networking won't get set up properly. If you're going with the high-privacy option, just disable Internet connectivity to your LAN. After finishing the installation, you'll install VPN-Firewall and your direct-connect VPN client, restore Internet connectivity, and establish the VPN connection. Then you'll download and install updates, reboot and proceed to the next tutorial for VirtualBox setup.
+
+If you're not going with the high-privacy option, just proceed with normal Internet connectivity via LAN. And don't bother downloading the package files for Network Manager with OpenVPN.
+
+Installing Ubuntu (or Xubuntu or Debian) is quite easy, even using the old-school Debian wizard on the alternate install ISO. Create an install CD, and then boot your host machine with it. You can also use a USB flash drive, if your machine will boot from it.
+
+Just use defaults until you reach the hostname screen. Although hostname isn't visible beyond LAN, that will change with IPv6, so it may be prudent to go with the default `ubuntu` (or `xubuntu` or `debian`). Just hit enter after typing the hostname.
+
+The most anonymous username is probably `User`, and it's probably counterproductive to use something cute like `Anne O. Nymous`. A strong password is always prudent, but it matters less here because full-disk encryption is the primary defense. Don't encrypt your home directory, because that can conflict with full-disk encryption.
+
+On the clock screen, select `No` and set the time zone to UTC (the last choice). The host machine will generally be accessing the Internet directly, so there's no point in picking a non-local time zone. However, picking UTC is not uncommon, and it might prevent information leaks.
+
+On the disk partitioning screen, select `Manual` and hit enter. While the following may seem complicated, it's really not. Also, the installer remembers your preferences, so repeating steps on multiple partitions goes quickly. Read it through a few times, so you have a general idea of what you're doing, and are not just following the steps. Basically, you'll be creating two partitions on each disk: 1) a small one for the boot RAID array; and, 2) a large one for the RAID array that will be encrypted using dm-crypt with LUKS, and then split into logical volumes (swap, root and home) using the Logical Volume Manager (LVM).
+
+Start with the boot-array partitions. We put them at the beginning of each disk, furthest out where access is faster. Here are the steps for each of the physical disks:
+
+  1. highlight disk, hit enter, select `Yes` and hit enter to create partition table
+  2. highlight `FREE SPACE` line under disk and hit enter
+  3. highlight `Create a new partition` (default) and hit enter
+  4. you want 300 MB total boot space, so use these partition sizes: 
+      * 300MB for RAID1 with two disks
+      * 150MB for RAID10 with four disks
+      * 100MB for RAID5 with four disks
+      * 100MB for RAID6 with five disks
+  5. hit enter after typing desired partition size
+  6. select `Primary` as partition type (default) and hit enter
+  7. select `Beginning` as location (default) and hit enter
+  8. select `Use as` line, hit enter, select `physical volume for RAID` and hit enter
+  9. highlight `Bootable flag` and hit enter to set `on`
+ 10. highlight `Done setting up the partition` and hit enter
+
+Repeat the above steps for each of the other physical disks.
+
+Now create a second partition on each physical disk, using the remaining space. We will use them for a RAID array that will hold everything else except boot. Here are the steps for each disk:
+
+  1. highlight `FREE SPACE` line under disk and hit enter
+  2. highlight `Create a new partition` (default) and hit enter
+  3. accept default size (because you're using all remaining free space) and hit enter
+  4. select `Logical` as partition type (default) and hit enter
+  5. select `Use as` line, hit enter, select `physical volume for RAID` and hit enter
+  6. highlight `Done setting up the partition` and hit enter
+
+Repeat the above steps for each of the other physical disks.
+
+You should be back at the main disk partitioning screen. Configuring software RAID is next. Here are the steps for the boot RAID array:
+
+  1. select `Configure software RAID` and hit enter
+  2. select `Yes` to `Write changes to the storage devices and configure RAID` and hit enter
+  3. select `Create MD device` (default) and hit enter (this will be md0, by the way)
+  4. select desired RAID type and hit enter
+  5. enter number of active devices (total disks, less any hot spares that you decide to use) and hit enter
+  6. enter number of hot spares (typically zero unless you have five HDDs, and are going with RAID10) and hit enter
+  7. check (using space bar) which partitions to use (the small ones, sda1 etc)
+  8. hit enter to get back to the RAID configuration screen
+
+Now repeat that process to create md1 from the set of large partitions (sda5 etc). We will encrypt that using dm-crypt with LUKS, and then use it for LVM.
+
+Select `Finish` and hit enter to get back to the main disk partitioning screen.
+
+At this point, you should see two RAID devices on the main disk partitioning screen: "RAID... device #0" (aka md0) being the boot array, and "RAID... device #" (aka md1) being the array for encryption and LVM. Let's do RAID device md1 first.
+
+  1. select `#1` line below main "RAID... device #1" partition line, and hit enter
+  2. select `Use as` line, hit enter, choose use as `physical volume for encryption`, and hit enter
+  3. select `Done setting up the partition` and hit enter
+  4. you should be back at main disk partitioning screen
+  5. select `Configure encrypted volumes` and hit enter
+  6. select `Yes` to `Keep current partition layout and configure encrypted volumes` and hit enter
+  7. select `Create encrypted volumes` and hit enter
+  8. check `/dev/md1` (using space bar) and hit enter
+  9. select `Finish` and hit enter
+
+Now you'll be asked for your passphrase. Use a complex one, at least 25 characters long with lowercase and uppercase letters, numbers and other printable characters. Record it in a private and secure place, because there is truly no way to recover it if it's lost.
+
+You should be back at the main disk partitioning screen, and should now see the encrypted volume `md1_crypt` at the top of the list. Now we configure logical volumes in that partition, as follows:
+
+  1. select `#1` line below main `md1_crypt` partition line, and hit enter
+  2. select `Use as` line, hit enter, choose use as `physical volume for LVM`, and hit enter
+  3. select `Done setting up the partition` and hit enter
+  4. you should be back at main disk partitioning screen
+  5. select `Configure the Logical Volume Manager` and hit enter
+  6. select `Yes` to `Keep current partition layout and configure LVM`, and hit enter
+  7. select `Create volume group` and hit enter
+  8. name it (e.g., `cryptovg`) and hit enter
+  9. check `/dev/mapper/md1_crypt` (using space bar) and hit enter
+
+Now you create your logical volumes. Although you can get fancy, swap, root (“/”) and home are enough. We do swap first to put it at the beginning of the logical volume, further out on the disk where access is faster. The steps for swap are:
+
+  1. select `Create logical volume` and hit enter
+  2. hit enter to accept default volume group `cryptovg`
+  3. name it `swap` and hit enter
+  4. set size as twice your installed memory and hit enter
+
+The steps for root are:
+
+  1. select `Create logical volume` and hit enter
+  2. hit enter to accept default volume group `cryptovg`
+  3. name it `root` and hit enter
+  4. set size as 20 GB and hit enter
+
+The steps for home are:
+
+  1. select `Create logical volume` and hit enter
+  2. hit enter to accept default volume group `cryptovg`
+  3. name it `home` and hit enter
+  4. accept default size (remaining space) and hit enter
+  5. select `Finish` and hit enter
+  6. you should be back at main disk partitioning screen
+
+Now you finish configuring your home volume, as follows:
+
+  1. select `#1` line below main `home` partition line, and hit enter
+  2. select `Use as` line, hit enter, choose use as `Ext4 journaling file system`, and hit enter
+  3. select `Mount point` line, hit enter, choose `/home` and hit enter
+  4. select `Done setting up the partition` and hit enter
+
+Now you finish configuring your root (aka `/`) volume, as follows:
+
+  1. select `#1` line below main `root` partition line, and hit enter
+  2. select `Use as` line, hit enter, choose use as `Ext4 journaling file system`, and hit enter
+  3. select `Mount point` line, hit enter, choose `/` and hit enter
+  4. select `Done setting up the partition` and hit enter
+
+Now you finish configuring your swap volume, as follows:
+
+  1. select `#1` line below main `swap` partition line, and hit enter
+  2. select `Use as` line, hit enter, choose use as `swap area`, and hit enter
+  3. select `Done setting up the partition` and hit enter
+
+Then, page down the main disk partitioning screen to your boot RAID array ("RAID... device #0" aka `md0`), and finish configuring it:
+
+  1. select `#1` line below main "RAID... device #0" partition line, and hit enter
+  2. select `Use as` line, hit enter, choose use as `Ext4 journaling file system`, and hit enter
+  3. select `Mount point` line, hit enter, choose `/boot` and hit enter
+  4. select `Done setting up the partition`
+
+Finally, go to the bottom of the main disk partitioning screen, select `Finish partitioning and write changes to disk`, and hit enter. After rechecking the partition configuration, select `Yes` to write changes to the disks, and hit enter.
+
+The rest of the install process should complete with little input. If you need an HTTP proxy, you'll probably know what it is. You do want to install the GRUB bootloader, unless you're doing a dual-boot system (and know what you're doing). The system clock is set for UTC.
+
+Now remove the installation CD, and let the machine reboot.
+
+### Setting Up Network Manager with OpenVPN
+
+It's convenient to configure your direct-connect VPN on the host machine before installing drivers and updates, and setting up VirtualBox. If you've chosen the high-privacy option, doing that is essential, and it's somewhat more complicated. In that case, your new host machine (and its LAN) shouldn't have Internet connectivity now .
+
+First you'll need to set up Network Manager with OpenVPN. If you **have not** chosen the high-privacy option, just open a Terminal window, and run these commands:
+
+    user@ubuntu:~$ sudo apt-get install network-manager-openvpn
+    user@ubuntu:~$ sudo restart network-manager
+
+That's all.
+
+If you **have** chosen the high-privacy option, open a Terminal window, and run these commands:
+
+    user@ubuntu:~$ cd /home/user
+    user@ubuntu:~$ mkdir nmo
+
+Then copy the seven Network Manager and OpenVPN package files (which you've downloaded previously via a VPN service or Tor) to /home/user/nmo/ using your preferred method. Then run these commands in a Terminal window:
+
+    user@ubuntu:~$ sudo dpkg -R -i /home/user/nmo
+    user@ubuntu:~$ sudo apt-get install -f
+    user@ubuntu:~$ sudo restart network-manager
+
+The first command installs the packages, and the second command corrects errors caused by not installing them in the proper sequence. If the second and third commands complete without errors, you're good to go.
+
+If the second command fails, the errors should tell you what package files are missing. Just get them through a private channel, add them to /home/user/nmo/ and rerun the previous three commands.
+
+### Installing Direct-Connect VPN
+
+First review your VPN credentials – certificates (\*.crt) and keys (\*.key) – and configuration files (\*.conf or \*.ovpn). Some VPN services provide configuration files with embedded credentials, with each of the credentials bracketed by corresponding [name] and [/name] tags. In that case, copy each of the credentials, and save as an appropriately-named text file. There may be as many as four credentials:
+
+  * ca.crt
+  * client.crt
+  * client.key
+  * ta.key
+
+All of these files should be downloaded via HTTPS, and kept private. You might want to avoid providers that don't use HTTPS for this. Establishing a VPN connection may also require a username and password, which may differ from the account name and password for the VPN service's website. Some low-end services email connection username and password. In that case, immediately go to the provider's website, and change the password.
+
+Virtually all VPN services provide a ca.crt (certificate authority) certificate. These certificates enable clients to verify the authenticity of VPN servers before connecting. Most VPN services also provide a client.crt (client certificate) and client.key (for unlocking and using the client certificate). Client certificates allow VPN servers to verify the authenticity of clients before accepting connections. A few high-end VPN services also provide a ta.key to enable TLS authentication, which [increases connection security][8].
+
+You'll also need other information from the OpenVPN configuration file. First, you'll need to choose the VPN server that you'll be connecting to. Avoid the United States, United Kingdom and France. Germany and the Netherlands are OK. It's probably good to avoid Eastern Europe, Russia, China etc, which might attract attention. You'll need the IP address of the server, rather than the hostname, in order for VPN-Firewall (see below) to work properly. If you just have hostnames, you can get the IP address by running this command:
+
+    user@ubuntu:~$ host hostname.that.you.have
+
+Second, you'll need to know the server port number and connection type (UDP or TCP). It's generally best to use UDP (unless you're routing via Tor). You'll also need to know the cipher type (from the cipher ... line) and whether LZO compression should be enabled (if you see comp-lzo). If cipher type isn't specified, use the Network Manager default. For VPNs that provide ta.key, you'll need to know the key direction, which is the number at the end of the tls-auth line (typically 1).
+
+Start the setup by copying all of the VPN credential files to /etc/openvpn. Open a Terminal window, and run these commands:
+
+    user@ubuntu:~$ cd /home/user/path-to-the-files
+    user@ubuntu:~$ sudo cp ca.crt client.crt client.key ta.key /etc/openvpn/
+
+Of course, edit the second command for the files that you actually have.
+
+Then open Network Manager, select the `VPN` tab, and click the `Add` button. Select OpenVPN as type, and click the `Create` button. Enter a short name for the connection, and the IP address of the server that you'll be accessing. The next steps depend on the configuration of the VPN service.
+
+There are three common VPN-configuration setups. Some VPN services (such as Private Internet Access) provide only ca.key, and require username and password for connection. For them, select `Password` as authentication type, enter your username and password, and click the `CA Certificate` button. In the `Places` window, click `File System`. Double click `etc`, and then double click `openvpn`. Finally, select `ca.crt` and click `Open`.
+
+Now click the `Advanced` button`. In the `General` tab, check `Use custom gateway port` and enter the appropriate port number. If appropriate, check `Use LZO data compression` (typical) and `Use a TCP connection` (rarely appropriate unless you're routing via Tor). If you know the cipher type, click `Cipher` in the `Security` tab, select the appropriate one, and click `OK`. Now click `Save` in the VPN window, and close Network Manager.
+
+Some VPN services (such as AirVPN) provide ca.key, client.crt and client.key, but not ta.key, and don't require username and password for connection. For them, select `Certificates (TLS)` as authentication type, and then specify `User Certificate` (client.crt), `CA Certificate` (ca.crt) and `Private Key` (client.key) as described above. Then complete the same steps in the `Advanced` window as described above, save the VPN configuration, and close Network Manager.
+
+Some VPN services (such as IVPN) provide ca.key, client.crt, client.key and ta.key, and also require username and password for connection. For them, select `Password with Certificates (TLS)` as authentication type, and enter your username and password. Then specify `User Certificate` (client.crt), `CA Certificate` (ca.crt) and `Private Key` (client.key) as described above. Complete the same steps in the `Advanced` window as described above. In the `TLS Authentication` window, check `Use additional TLS authentication`, and specify `Key File` (ta.key) and `Key Direction` (typically 1). Then save the VPN configuration, and close Network Manager.
+
+### Installing and Checking VPN-Firewall
+
+Install adrelanos' VPN-Firewall scripts as described at [https://github.com/adrelanos/VPN-Firewall][12]. You want the firewall (iptables rules) to load at bootup, so install both the firewall and init scripts. Reboot the machine, and check VPN-Firewall status by running `sudo service vpnfirewall status` in a Terminal window. It should reply ``.
+
+If you've chosen the high-privacy option, now restore Internet connectivity to your new VM host. Then verify that your new machine has no Internet connectivity by trying to visit <https://duckduckgo.com/>. If it connects, there's something wrong with the VPN-Firewall setup.
+
+Now use Network Manager to establish your direct-connect VPN connection, and verify that it works by visiting [https://www.dnsleaktest.com/][10]. If it doesn't connect, recheck the configuration. If it does connect, test VPN-Firewall by killing the openvpn process (run `sudo killall openvpn` in a Terminal window) and verifying that the machine has no Internet connectivity. Then use Network Manager to reestablish the VPN connection, and verify that it works again by visiting [https://www.dnsleaktest.com/][10].
+
+Check your DNS servers by running the standard DNS leak test at [https://www.grc.com/dns/][11]. It should report only the DNS servers that your direct-connect VPN service specified. And it should not report any DNS servers associated with your ISP, or specified by your LAN router. If it does, there's something wrong with the VPN setup.
+
+You can also check for leaks using Wireshark. To install Wireshark, open a Terminal window, and run these commands:
+
+    user@ubuntu:~$ sudo apt-get update
+    user@ubuntu:~$ sudo apt-get install wireshark
+
+Then configure wireshark to allow a non-root user to sniff packets. As described [here][9], just run these commands in a Terminal window:
+
+    user@ubuntu:~$ sudo dpkg-reconfigure wireshark-common
+    user@ubuntu:~$ sudo adduser $USER wireshark
+
+Reboot the machine, and establish your direct-connect VPN connection. Then open Wireshark, and start capturing on eth0. Use Firefox to check [https://www.dnsleaktest.com/][10], run the DNS test at [https://www.grc.com/dns/][11], etc. Now stop the capture, and run Statistics/Endpoints. You should only see only local non-public IPs and the VPN server that you're connected to.
+
+Now kill the openvpn process (run `sudo killall openvpn` in a Terminal window) and start a fresh capture on eth0. Verify that Firefox can't see anything. The iptables setup blocks pings, by the way. Stop the capture after about 10 minutes, and run Statistics/Endpoints. You should only see traffic with local non-public IPs, and reconnection attempts from the VPN server that you were connected to.
+
+Finally, reestablish your direct-connect VPN connection, and verify that it's working again.
+
+### Viewing Network Manager OpenVPN Logs
+
+If there are problems with the OpenVPN connection, it may help to have debugging information from Network Manager. Getting that takes a little work, however. First, you must edit its configuration file to maximize logging. Run the following command in a terminal window:
+
+    user@ubuntu:~$ sudo nano /etc/NetworkManager/NetworkManager.conf
+
+Add these two lines at the end of the file, after a blank line:
+
+    [logging]
+    level=DEBUG
+
+Save the altered file by typing Ctrl-O, and exit nano by typing Ctrl-X. Then restart Network Manager by running the following command in a terminal window:
+
+    user@ubuntu:~$ sudo service network-manager restart
+
+Finally, connect the VPN using the Network Manager icon in the top panel bar. Wait until it either connects, or gives up. In order to see the openvpn connection log, run the following command in a terminal window:
+
+    user@ubuntu:~$ grep nm-openvpn /var/log/syslog
+
+### Completing the Installation
+
+You're almost done. If desired, activate proprietary drivers and reboot. Then start Update Manager, download and install updates, and let the machine reboot.
+
+Your VM host machine will have no Internet connectivity whenever it boots, given that VPN-Firewall is active and no VPN is running. That's arguably the best default, because you must actively choose how to proceed.
+
+ [1]: https://packages.ubuntu.com/search?keywords=openvpn&searchon=names&suite=all&section=all
+ [2]: https://packages.ubuntu.com/search?suite=all&section=all&arch=any&keywords=network-manager-openvpn-gnome&searchon=names
+ [3]: https://packages.ubuntu.com/search?suite=all&section=all&arch=any&keywords=openconnect&searchon=names
+ [4]: https://packages.ubuntu.com/search?suite=all&section=all&arch=any&keywords=libopenconnect5&searchon=names
+ [5]: https://packages.ubuntu.com/search?suite=all&section=all&arch=any&keywords=network-manager-openconnect&searchon=names
+ [6]: https://packages.ubuntu.com/search?suite=all&section=all&arch=any&keywords=liblzo2-2&searchon=names
+ [7]: https://packages.ubuntu.com/search?suite=all&section=all&arch=any&keywords=libpkcs11-helper1&searchon=names
+ [8]: https://community.openvpn.net/openvpn/wiki/SecurityOverview
+ [9]: http://askubuntu.com/questions/74059/how-do-i-run-wireshark-with-root-privileges
+ [10]: https://www.dnsleaktest.com/
+ [11]: https://www.grc.com/dns/
+ [12]: https://github.com/adrelanos/VPN-Firewall
diff --git a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-5.md b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-5.md
new file mode 100644
index 000000000..c47c68a1d
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-5.md
@@ -0,0 +1,105 @@
+---
+title: Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 5
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/advanced-privacy-and-anonymity-part-5/
+section: Advanced
+weight: 50
+articles: [
+  {
+    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 6",
+    url: "/privacy-guides/advanced-privacy-and-anonymity-part-6/"
+  },
+  {
+    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 7",
+    url: "/privacy-guides/advanced-privacy-and-anonymity-part-7/"
+  },
+  {
+    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 8",
+    url: "/privacy-guides/advanced-privacy-and-anonymity-part-8/"
+  }
+]
+date: 2013-10-23T12:38:21+00:00
+layout: guides-details
+---
+## Installing VirtualBox and Creating Linux VMs
+
+### Introduction
+
+This tutorial covers installing VirtualBox, and creating Linux (Ubuntu, Xubuntu or Debian) workstation and LiveCD VMs. Installing VirtualBox is trivial. Download the version of VirtualBox for your host machine OS from <https://www.virtualbox.org/wiki/Downloads>. Then open the downloaded package with the Ubuntu Software Center, and install. For Debian hosts, use dpkg in a terminal. Finally, download the Extension Pack, and open it with VirtualBox to install. That's it. With VirtualBox running, hitting F1 opens the user manual, which is excellent and comprehensive.
+
+### VirtualBox Networking Basics
+
+By default, VM network adapters are attached to `NAT`. That is, they use the host machine's active network gateway (wired, wireless, VPN, etc) with network address translation (NAT) and VirtualBox's built-in DHCP server. Multiple VMs using VirtualBox NAT are isolated from each other. VM network adapters can also be attached to VirtualBox internal networks, and multiple VMs can communicate through shared internal networks. But there is no network connectivity with the host machine for VMs that are attached to either NAT or internal networks.
+
+Router/firewall VMs (such as pfSense and OpenWRT) have at least two network adapters, WAN and LAN, and typically run a DHCP server on LAN. For example, you can attach the WAN adapter to the host via NAT, and the LAN adapter to an internal network. You can also use router/firewall VMs to establish connections with remote VPN servers or Tor through WAN, and route those connections to LAN. That's the basis of the setup that we're creating.
+
+VM network adapters can be attached to the host machine in two other ways. First, through selecting `Bridged Adapter`, they can be bridged to the host's physical network adapters. For example, VMs with WAN bridged to the host's LAN adapter behave just like other machines on the host's LAN, perhaps with IP addresses from the LAN router. Conversely, by bridging the LAN adapter of a router/firewall VM to another host network adapter, you can provide routed resources (such as a VPN or Tor tunnel) to other physical machines or networks.
+
+Second, through selecting `Host-only Adapter`, VM network adapters can be bridged to virtual network adapters on the host. The two bridging modes work well together. In particular, it's possible to route traffic from the host machine's LAN (with `Bridged Adapter`) to a VM (or even a network of VMs) and then back to the host (with `Host-only Adapter`) through a virtual network adapter. For example, you could have the host machine access the Internet through an intrusion prevention system (IPS) and/or a nested chain of VPNs and Tor. Although that's not part of this series of guides, it's discussed [here][1] in some detail.
+
+### Creating Linux Workstation VM
+
+Creating VMs is very easy, and section 1.7 of the VirtualBox manual (hit F1) explains it well. It's a two-stage process. First, you configure the new VM in VirtualBox. Second, you start the VM, and install the OS, just as you would on a physical machine.
+
+Linux is the best choice for a secure and private workstation VM. It's open-source and free, so there's no money trail linking you to a product ID. [Ubuntu][2] is a good choice for new Linux users. It's best to use releases with long-term support (currently 12.04). For those who dislike the Unity desktop, [Xubuntu][3] and [Mint][4] (both based on Ubuntu) are good alternatives. [Debian][5] is arguably more secure, but not as user-friendly.
+
+You can use the same 64-bit alternative installer image file (Ubuntu, Xubuntu or Debian) that you used for the host machine. Or you can download a 32-bit (aka i386) regular desktop installer image file for the Linux distro that you've chosen. In any case, you'll need the standard desktop installer image file for creating LiveCD VMs (explained below).
+
+As discussed in [Part 2. Advanced Privacy and Anonymity Using VMs, VPN’s, Tor][6], WebGL fingerprinting is a serious risk when using VMs for compartmentalization. On a given host, all VMs that use a given graphics driver will have the same WebGL fingerprint, because they all use the same virtual GPU.
+
+It's best to compartmentalize across VMs with different graphics drivers. Use Debian or Lubuntu, perhaps, but not both (where it matters, anyway). For compartments where separation is crucial, use VMs with different graphics drivers. Possibilities include Arch, Fedora, PCBSD, Windows and Yosemite Zone.
+
+First open VirtualBox, and click the `New` icon. Enter your desired VM name, and select the proper OS type (Linux) and version (Ubuntu for Ubuntu, Mint or Xubuntu) or Debian, choosing 32-bit or 64-bit as appropriate. Specify 1 GB memory to avoid disk swapping. If host RAM is limited, you can reduce it later. Use the defaults for virtual hard disk type (dynamically allocated VDI) and location, but specify at least 100-200 GB maximum size. The initial size of the virtual disk will be at most 5-6 GB. But with large maximum size, it's very easy to accommodate unplanned growth. After reviewing the final summary screen, hit `Create`.
+
+Next, tweak the new VM's settings. In the `General/Advanced` tab, leave `Shared Clipboard` and `Drag'n'Drop` set to `Disabled` (for security). Under `System/Motherboard`, change the boot order to `Hard Disk, CD/DVD`, and deselect `Enable absolute pointing device`. Under `System/Processor`, select `Enable PAE/NX` (if your host supports it). Under `Display/Video`, increase video memory to 128 MB (unless host RAM is limited). Under `USB` settings, deselect `Enable USB Controller` (for security).
+
+Now add the OS installer image. Under `Storage`, highlight the CD icon (named `Empty`) under `IDE Controller`. Then hit the CD icon to the far right of `CD/DVD Drive`, and select `Choose a virtual CD/DVD disk file`. Navigate to wherever you put your installer image, and select it. Then click `OK` to exit the settings screen.
+
+Then double click on the new VM, and go through the install process. It's OK to accept all defaults. But you can select the encrypted LVM option for disk partitioning , if you like. Although whole-disk encrypted VMs may leave plaintext on host machines, that's better than nothing if the host is compromised while running. As the VM is rebooting after installation completes, click `Devices` in the main menu, highlight `CD/DVD Devices`, and select `Remove disk from virtual drive`.
+
+To get better VM performance, you may want to install VirtualBox guest additions (customized kernel modules). Guest additions also provide better display and mouse integration, and enable mounting host folders (aka `shared folders`) in the VM. However, some of the kernel customizations may reduce guest-host isolation, and using shared folders definitely does. It's a typical convenience vs security trade-off.
+
+Ubuntu or Xubuntu will prompt you to install the guest-additions kernel-module package as `additional drivers`. If not, use the Settings menu. You can also install guest additions by clicking `Devices` in the VirtualBox menu, and then `Install Guest Additions`. But don't do both. Debian 7.10 automatically installs the guest-additions kernel-module package.
+
+It's prudent to disable WebGL in browsers before using them online. Take the VM offline, by changing `Adapter 1` to `Not attached` in VirtualBox Network settings. Then start Firefox in the VM, open `about:config`, and toggle `webgl.disabled` to `true`. Now change `Adapter 1` back to `NAT` (`Internal Network`, when you're using pfSense VPN-gateway VMs). You can also install NoScript, and check `Forbid WebGL` in the `Embeddings` tab of `Options`.
+
+Now reboot, use Update Manager to download and install updates, and let the system reboot again. You're done.
+
+### Creating Diskless Linux LiveCD VM
+
+Diskless LiveCD VMs are useful whenever isolation matters, because VM storage in ramdisk doesn't survive rebooting (although traces may remain in host memory cache). Using them may be prudent for some online work, and they're definitely useful for administering multiple pfSense VPN-client VMs. For example, you could download configuration files for a new VPN service through the appropriate nested VPN chain, and then configure and test the new pfSense VM. After rebooting the LiveCD VM, you could safely get configuration files for another new VPN service (even from a shared host folder) and then configure and test its new pfSense VM.
+
+Although you might want a few diskless LiveCD VMs for convenience, you'll still need less workstation VMs overall. Also, they don't require updating, and upgrading them to a new release is simple. The LiveCD image is read-only, and loads to ramdisks during boot, so at least two or three VMs can typically share an image.
+
+You must use a regular Ubuntu (or Xubuntu or Debian) desktop installer image, which works as a LiveCD. As described above, select the proper OS type and version, and specify 1 GB memory to avoid disk swapping. Then specify `Do not add a virtual hard drive`, and hit `Create`. Tweak the new VM's settings as described above, except for the `Storage` tab.
+
+Under `Storage`, delete the IDE controller and attached CD/DVD drive. Under the SATA controller, create two CD/DVD drives. For the SATA port 0 drive, add the installer image, and enable `Live CD/DVD`. For the SATA port 1 drive, add VBoxGuestAdditions.iso (located in /usr/share/virtualbox/). Then click `OK` to exit the settings screen.
+
+Start the new VM, and choose the option to try without installing. That's it.
+
+Installing VirtualBox guest additions will improve performance, and is necessary for using shared host folders. But you'll need to repeat the installation after each reboot, because the VM intentionally has no persistent storage. Once the VM has finished booting, open a terminal and run these commands:
+
+    ubuntu@ubuntu:~$ sudo mkdir /media/cdrom1
+    ubuntu@ubuntu:~$ sudo mount /dev/sr1 /media/cdrom1
+    ubuntu@ubuntu:~$ cd /media/cdrom1
+    ubuntu@ubuntu:~$ sudo ./VBoxLinuxAdditions.run
+
+The installer will complain about missing headers for the running kernel, but will succeed anyway. Installation worked if the mouse pointer is no longer captured.
+
+If you want a shared folder, start by creating a new folder on the host, for example `/home/user/LiveCD`. Then click `Devices` in the top menu bar, and select `Shared Folders`. Click the `+` icon (upper right) and navigate to the host folder that you just created. Note the folder name, here `LiveCD`, and `OK` out.
+
+Now open a terminal in the VM, and run these commands, replacing `LiveCD` with the name of your shared folder:
+
+    ubuntu@ubuntu:~$ sudo mkdir /home/ubuntu/host
+    ubuntu@ubuntu:~$ sudo mount -t vboxsf LiveCD /home/ubuntu/host
+
+The VM folder `/home/ubuntu/host` is now linked to the host folder `/home/user/LiveCD`. The link (and its configuration) will be gone after rebooting. To unmount before rebooting, open a terminal in the VM and run this command:
+
+    ubuntu@ubuntu:~$ sudo umount /home/ubuntu/host
+
+ [1]: https://www.wilderssecurity.com/showthread.php?t=339051&page=11
+ [2]: http://www.ubuntu.com/download/desktop
+ [3]: http://xubuntu.org/getxubuntu/
+ [4]: http://www.linuxmint.com/download.php
+ [5]: http://www.debian.org/CD/netinst/
+ [6]: /privacy-guides/advanced-privacy-and-anonymity-part-2/
diff --git a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-6.md b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-6.md
new file mode 100644
index 000000000..608e35c53
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-6.md
@@ -0,0 +1,456 @@
+---
+title: Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 6
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/advanced-privacy-and-anonymity-part-6/
+section: Advanced
+weight: 60
+articles: [
+  {
+    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 7",
+    url: "/privacy-guides/advanced-privacy-and-anonymity-part-7/"
+  },
+  {
+    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 8",
+    url: "/privacy-guides/advanced-privacy-and-anonymity-part-8/"
+  }
+]
+date: 2013-10-23T12:39:07+00:00
+layout: guides-details
+---
+## Creating pfSense® 2.2.6 VMs as VPN Clients
+
+### Introduction
+
+At this point, if you've followed [Setting Up Secure Host Machines](/privacy-guides/advanced-privacy-and-anonymity-part-4/), your new VM host machine can only access the Internet through your chosen direct-connect VPN service. If you've followed [Installing VirtualBox and Creating Linux VMs](/privacy-guides/advanced-privacy-and-anonymity-part-5/), you've created Linux workspace and LiveCD VMs. By default, their network adapters are NATed to the host machine, and they reach the Internet through your chosen direct-connect VPN service.
+
+This tutorial covers creating pfSense® 2.2.6 (hereinafter `pfSense`) router/firewall VMs, configuring them as VPN clients, and testing for leaks using Wireshark. Your Linux workspace and LiveCD VMs will access the Internet through nested chains of these VPN gateway VMs and Tor gateway VMs, as discussed in [Planning Advanced VM and VPN Setup](/privacy-guides/advanced-privacy-and-anonymity-part-3/). Using Tor gateway VMs is covered in [Paying Anonymously with Cash and Bitcoins](/privacy-guides/advanced-privacy-and-anonymity-part-7/) and [Creating Nested Chains of VPNs and Tor](/privacy-guides/advanced-privacy-and-anonymity-part-8/).
+
+> Note: I wrote this series in 2013, well over six years ago. Although I’ve updated stuff a few times since, it’s been a while. I’ll be doing a total rewrite soon, but that will take some time.
+> 
+> So anyway, pfSense has changed considerably since my last update. The basic approach still works, and I still use it. But much of this needs revised.
+
+If you want the host machine to routinely access the Internet directly, you can create a pfSense VM client for your chosen direct-connect VPN service. You can use that in your nested VPN chains, instead of the VPN client on the host machine, and connect via the VPN client on the host machine only when you want to hide software downloads or whatever. However, if you've chosen the high-privacy option, it's crucial to continue using the host machine client for your direct-connect VPN.
+
+### Create New VPN Account
+
+Your VM host machine is still using your direct-connect VPN service. The first pfSense VPN-client VM that you create can use either that VPN service, or another that will connect through it. It's best to use a second VPN service for your first pfSense VM, in order to avoid leaks during the host-client to VM-client transition.
+
+You'll need an account with another VPN provider. It's best to start with a free VPN service, because there's no money trail. There are bandwidth and usage limits, however. [Paying Anonymously with Cash and Bitcoins](/privacy-guides/advanced-privacy-and-anonymity-part-7/) covers methods for anonymously buying VPN services.
+
+Although [SecurityKISS](http://www.securitykiss.com/) has a good free option, it does require an email address. But you can use free webmail accounts. The fastest (and perhaps most anonymous) option is [AnonBox](https://anonbox.net/) from the Chaos Computer Club. But accounts last at most one day, and are deleted after messages have been read. For persistent accounts, [VFEmail](https://vfemail.net/) is a good choice, because it only asks for a name.
+
+It's OK to use the host machine (running the direct-connect VPN) for this. For better isolation, you could dedicate a Linux VM (possibly full-disk encrypted) for this and other sensitive work on the host machine. Once you have a client ID and password from SecurityKISS, download the OpenVPN configuration files for Linux.
+
+### Creating & Configuring pfSense VM
+
+Download `pfSense-LiveCD-2.1.5-RELEASE-amd64.iso.gz` from [pfSense's Coltex (Amsterdam, NL) mirror][1] to the host machine (using the direct-connect VPN) and extract the installer image.
+
+Create a pfSense VM, basically as described for Linux VMs in Installing VirtualBox and Creating Linux VMs.
+
+  1. Select BSD as the OS, and FreeBSD (64 bit) as the version.
+  2. Specify 512MB memory.
+  3. Create a new hard disk using the defaults (VDI, dynamically allocated, 2GB) and finish.
+  4. Then tweak the settings. Change the boot order to Hard Disk, CD/DVD and enable PAE/NX.
+  5. Add the installer image to the virtual CD/DVD drive.
+  6. Disable audio and USB support.
+  7. Leave the default network adapter «Adapter 1» attached to NAT (host) and don't change advanced settings. If this VM will connect through another pfSense VPN-gateway VM, however, attach this adapter to its internal network.
+  8. Add a second network adapter «Adapter 2» and attach it to an internal network named, for example, pfS-SK (but don't change advanced settings).
+  9. Start the pfSense VM. In the console window, hit `1` to boot, and then hit `i` to start the installer.
+ 10. On the `Configure Console` screen, select `Accept these Settings`.
+ 11. On the `Select Task` screen, select `Quick/Easy Install`.
+ 12. Under `Are you SURE?`, select `OK`. Wait a while.
+ 13. On the `Install Kernel(s)` screen, select `Standard kernel`.
+ 14. On the `Reboot` screen, select `Reboot`.
+ 15. While it's rebooting, using the `Devices | CD/DVD Devices` menu at the top, select `Remove disk from virtual drive`. To speed booting, you can hit `F1` and then `1` in the console. Then wait for pfSense to finish booting.
+
+Edit the settings for the LiveCD VM, attaching the network adapter «Adapter 1» to the same internal network as the new pfSense VM (for example, `pfS-SK`). Then start the LiveCD VM, and download your OpenVPN configuration files for Linux from SecurityKISS. Don't visit any other websites, to mitigate tracking risk. If necessary, you could also access your initial download (above) via shared folders, but that would require installing VirtualBox Guest Additions.
+
+Freshly installed, pfSense routes all outbound connections (from computers on its LAN) through its WAN. But it blocks all new inbound connections from WAN, allowing only those that were established from LAN. If the LiveCD VM can't see the Internet, recheck your host and the pfSense VM settings.
+
+#### Configuring pfSense and Creating VPN Client
+
+Now browse to the WebGUI at <https://192.168.1.1> and create a server certificate exception. Login as `admin` with password `pfsense`, and complete the setup wizard. Decline the Gold support option, unless you have an anonymous credit/debit card. The next screen asks for DNS servers that pfSense should use internally, and whether to `[a]llow DNS servers to be overridden by DHCP/PPP on WAN`. I prefer to hard code DNS servers. Using DNS servers pushed by WAN can also be OK, but there are two risks. First, it may not work for some VPN combinations in nested VPN chains. Second, there is the risk that pfSense will end up using your ISP's DNS servers (if they've been passed along to pfSense WAN). Even so, as long as you specify DNS servers in `Services: DHCP server`, the DNS servers that pfSense uses internally will not be pushed to DHCP clients (that is, your workspace VM, and other gateway VMs that connect through this one).
+
+I recommend specifying reliable third-party DNS servers, such as those listed by [WikiLeaks][2] or [JonDoNYM](https://anonymous-proxy-servers.net/wiki/index.php/Censorship-free_DNS_servers). If you've chosen the high-privacy option, you could specify DNS server(s) pushed by your direct-connect VPN service, or allow DNS servers to be overridden by DHCP on WAN. The key points are: 1) avoid using DNS servers pushed by your ISP; and 2) avoid using the same DNS servers at multiple levels of your VPN chain.
+
+Accept the default timeserver and timezone, and hit `Next`. On the WAN screen, accept defaults, except for unchecking `Block private networks` and `Block bogon networks`, and hit `Next`. Accept all defaults on the LAN screen, and hit `Next`. Set a strong password on the next screen, and let pfSense reload. Now you're at the pfSense WebGUI Dashboard. It's best to reboot pfSense before proceeding. In the pfSense VM console window, reboot by entering `5` and then `y` to confirm.
+
+Before creating an iVPN client, tweak pfSense settings. In `System: General Setup`, check “Do not use the DNS Forwarder as a DNS server for the firewall”, and save. That prevents propagation of DNS server specifications through pfSense. In the webGUI in `System: Advanced: Networking`, uncheck “Allow IPv6″ and check “Prefer to use IPv4 even if IPv6 is available”, and save. In `System: Advanced: Miscellaneous`, check `Skip rules when gateway is down`. That provides backup protection against leaks to WAN if the iVPN connection goes down. Now reboot pfSense again, from the console, by entering `5` and then `y` to confirm.
+
+Although I have never seen outbound traffic use the WAN interface when a VPN is down, pfSense documentation does say this: “By default, when a rule has a specific gateway set and this gateway is down, a rule is created and traffic is sent to the default gateway. This option overrides that behavior and the rule is not created when gateway is down, so instead of flowing via the default gateway, the traffic will continue to attempt to use the gateway that is in a down state, and it will most likely not proceed. This is useful if you have traffic that should only ever use one specific WAN and never flow over any other WAN, regardless of how the firewall’s routing table has for the default route.”
+
+For `normal` network setups, it's important to specify good DNS servers, and to minimize the need for hard coding. In such cases, it's best to allow system DNS servers to be overridden by DHCP/PPP on WAN, and to enable DNS forwarding. That allows DNS server specifications to transparently propagate through complex networks of pfSense routers. However, in nesting VPNs using pfSense VMs, it's crucial to use different DNS servers at each level. Using the same DNS servers across levels would be a serious information leak.
+
+Review the `Setting Up VPN on Linux Workstation VM` section of [Basic Setup Using VMs, VPNs and Tor](/privacy-guides/advanced-privacy-and-anonymity-part-2/). Then, in the pfSense WebGUI Dashboard, go to `System: Certificate Authority Manager`. Add `ca.crt` in the `CAs` tab. If you have `client.crt` and `client.key`, add them in the `Certificates` tab.
+
+Go to VPN: OpenVPN: Client and hit the `+` icon to create a client. The specifics depend on what the OpenVPN server supports, and what it expects from its clients. Use an OpenVPN configuration file (with extension .conf or .ovpn) from the service as a guide. In particular, note the server address and port, and the encryption algorithm. In chaining VPNs, it's simpler to use IP addresses, rather than hostnames, although reliability may be lower (because you've broken failover for the VPN service).
+
+For SecurityKISS, accept the defaults in `VPN: OpenVPN: Client` setup, except as noted:
+
+Server host or address: 46.165.197.1 or 46.165.221.230 or 62.75.181.139 (Germany)
+  
+Server port: 123
+  
+Server host name resolution: enable (check) `Infinitely resolve server`
+  
+TLS Authentication: disable (uncheck) `Enable authentication of TLS packets.`
+  
+Client Certificate: client
+  
+Encryption algorithm: BF-CBC (128-bit)
+  
+Compression: enable (check) `Compress tunnel packets using the LZO algorithm.`
+  
+Advanced: remote-cert-tls server;verb 5
+
+VPN services generally authenticate using either username and password, or `client.crt` and `client.key`. As noted above, SecurityKISS uses `client.crt` and `client.key`. But iVPN uses only username and password. A few VPN services use both. It's unlikely that they would use no authentication.
+
+If username and password are required, enter them under User Authentication Settings. For VPN services that use only username and password, such as iVPN, use `None (Username and Password required)` for `Client Certificate`. If there's no authentication, instead use `webConfigurator default`.
+
+Many services, such as IVPN, use TLS authentication with a shared key. Under `TLS Authentication`, leave `Enable authentication of TLS packets.` checked, but disable (uncheck) `Automatically generate a shared TLS authentication key`. Then paste `ta.key` in the text box.
+
+For iVPN, enter the following in the `Advanced` box:
+
+    persist-tun;persist-key;persist-remote-ip;tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-DSS-WITH-AES-256-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA;ns-cert-type server;verify-x509-name de name-prefix
+
+Save the client configuration, and check `Status: OpenVPN`. The status should be `up`. Then check `Status: System logs: OpenVPN`. You should see `Initialization Sequence Completed` near the bottom. A few lines above, you should see a line that starts (after the timestamp) with `PUSH: Received control message ...`. If you don't see `redirect-gateway def1` in that line, edit the `VPN: OpenVPN: Client` setup, and add `redirect-gateway def1;` to the `Advanced` text box. If the VPN isn't connecting, look for errors in `Status: System logs: OpenVPN`. You may need to tweak the `Advanced` string by adding other options from the service's configuration file. If you see it complain about cipher mismatch, use the one it wants in your client configuration.
+
+Once the VPN is connecting, check `Status: System logs: OpenVPN` again, find the `PUSH: Received control message ...` line, and look for `dhcp-option DNS server` followed by an IP address. Then go to `Services: DHCP server`, and specify that IP address as `DNS server`. That works for most VPN services. But if it doesn't, which you'll discover soon, you'll need to instead use third-party DNS servers, such as those from WikiLeaks or JonDoNYM. However, do not use any of the ones that you used above in the setup wizard (which appear in `System: General Setup`) because you don't want to `short-circuit` VPN anonymity by using the same DNS server(s) for both entry and exit traffic.
+
+At this point, pfSense is not routing anything through iVPN, and your LiveCD VM has no Internet connectivity. That's normal. Don't worry. Go to `Interfaces: Assign network ports`, and hit the `+` icon to add `OPT1`. Then go to `Interfaces: OPT1`, enable it, rename it as `SKISS` or whatever, save and apply changes. In `Firewall: NAT: Outbound`, select `Manual Outbound NAT rule generation`, save, and then apply changes. In the same tab, edit each of the four rules (two for localhost to WAN, and two for LAN to WAN). For each rule, click the `e` icon at the right, and use the toggle to change the `Interface` from `WAN` to SKISS (or whatever you've named it). Then hit the `Apply Changes` button.
+
+In `Firewall: Rules: LAN`, edit the existing rule `Default allow LAN to any rule`. Using the `Gateway` toggle in the lower `Advanced features` section, select SKISS as gateway. Rename the rule as `Allow LAN to any rule via SKISS` and save. In the rule list, it should look like `<code>* LAN net * * * SKISS_VPNV4 none</code>`. Also edit the existing rule for IPv6 traffic. At the top, toggle `Action` from `Pass` to `Block`, and rename it as `Block LAN IPv6 to any rule`. Then apply changes.
+
+Back in the pfSense VM console window, reboot by entering `5` and then `y` to confirm. After bootup, there should be an IP address after `ovpnc1`. If it shows `NONE`, hit enter once or twice. If it still shows `NONE`, recheck the pfSense configuration using the WebGUI. Start by looking for errors in `Status: System logs: OpenVPN`. It's also possible that the direct-connect VPN connection has gone MIA. Check for that, and reconnect if necessary.
+
+At this point, all outbound traffic from LAN will use the VPN gateway (SKISS or whatever) rather than the WAN gateway. Browse <http://whatismyipaddress.com> or another such site. The IP address should match the iVPN exit server for the route that you’re using. It may take a minute or two for the routing to stabilize.
+
+There are two straightforward tweaks that help prevent leaks. First, in `System: Routing: Gateways`, edit the VPN gateway. Check `Default Gateway` to set, save, and then apply changes. Second, in `System: General Setup`, set the gateway for all DNS servers listed there as WAN. This is necessary because the VPN is now the default gateway. You might think that this setup would prevent the VPN link from coming up, but it doesn't.
+
+By default in pfSense, all outbound traffic is allowed on WAN. However, it is more secure to specify the hosts that pfSense can connect to via WAN, and to block everything else. This is rather more complicated, because one must use aliases. Using aliases in restricting outbound traffic on WAN is necessary because there can be multiple values, and because hosts may be specified by hostname, rather than by IP address. If this is your first pfSense setup, it's best to verify that pfSense is working properly before attempting these steps.
+
+Aliases are needed for four types of outbound traffic: 1) the DNS server IPs specified in `System: General Setup`; 2) the pfSense NTP server hostname specified in `System: General Setup`; 3) the OpenVPN server hostname or IP specified in `OpenVPN: Client`; and 4) the pfSense servers needed for updating. In `Firewall: Aliases: IP`, create four aliases, using the `+` button to add the values:
+
+{{< raw-html >}}
+<table class="table--data">
+  <tr>
+    <th>
+      Name
+    </th>
+    <th>
+      Values
+    </th>
+    <th>
+      Description
+    </th>
+  </tr>
+  <tr>
+    <td>
+      dnssvr
+    </td>
+    <td>
+      1.2.3.4 5.6.7.8 ...
+    </td>
+    <td>
+      DNS server IP addresses
+    </td>
+  </tr>
+  <tr>
+    <td>
+      ntpsvr
+    </td>
+    <td>
+      0.pfsense.pool.ntp.org
+    </td>
+    <td>
+      default pfSense NTP server
+    </td>
+  </tr>
+  <tr>
+    <td>
+      vpnsvr
+    </td>
+    <td>
+      vpn.entry.server.net
+    </td>
+    <td>
+      OpenVPN server hostnames or IP addresses
+    </td>
+  </tr>
+  <tr>
+    <td>
+      update
+    </td>
+    <td>
+      www.pfsense.org updates.pfsense.org
+    </td>
+    <td>
+      pfSense update server
+    </td>
+  </tr>
+</table>
+{{< / raw-html >}}
+
+Using these aliases, you then add rules for the WAN interface to pass necessary outbound traffic, and then a final rule to block everything else. In `Firewall: Rules: WAN`, create these rules, specifying `Single host or address` for the pass rules:
+
+{{< raw-html >}}
+<table class="table--data">
+  <tr>
+    <th>
+      Action
+    </th>
+    <th>
+      TCP/IP Version
+    </th>
+    <th>
+      Protocol
+    </th>
+    <th>
+      Source
+    </th>
+    <th>
+      Port
+    </th>
+    <th>
+      Destination
+    </th>
+    <th>
+      Port
+    </th>
+    <th>
+      Gateway
+    </th>
+    <th>
+      Queue
+    </th>
+    <th>
+      Description
+    </th>
+  </tr>
+  <tr>
+    <td>
+      pass
+    </td>
+    <td>
+      IPv4
+    </td>
+    <td>
+      TCP/UDP
+    </td>
+    <td>
+      WAN address
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      dnssvr
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      none
+    </td>
+    <td>
+      Allow to DNS server(s)
+    </td>
+  </tr>
+  <tr>
+    <td>
+      pass
+    </td>
+    <td>
+      IPv4
+    </td>
+    <td>
+      UDP
+    </td>
+    <td>
+      WAN address
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      ntpsvr
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      none
+    </td>
+    <td>
+      Allow to NTP server
+    </td>
+  </tr>
+  <tr>
+    <td>
+      pass
+    </td>
+    <td>
+      IPv4
+    </td>
+    <td>
+      TCP/UDP
+    </td>
+    <td>
+      WAN address
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      vpnsvr
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      none
+    </td>
+    <td>
+      Allow to OpenVPN server
+    </td>
+  </tr>
+  <tr>
+    <td>
+      pass
+    </td>
+    <td>
+      IPv4
+    </td>
+    <td>
+      TCP/UDP
+    </td>
+    <td>
+      WAN address
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      update
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      none
+    </td>
+    <td>
+      Allow to pfSense update server
+    </td>
+  </tr>
+  <tr>
+    <td>
+      block
+    </td>
+    <td>
+      IPv4
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      WAN address
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      none
+    </td>
+    <td>
+      Block all other IPv4
+    </td>
+  </tr>
+  <tr>
+    <td>
+      block
+    </td>
+    <td>
+      IPv6
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      WAN address
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      *
+    </td>
+    <td>
+      none
+    </td>
+    <td>
+      Block all IPv6
+    </td>
+  </tr>
+</table>
+{{< / raw-html >}}
+
+Then reboot from the console window, by entering `5` and then `y` to confirm.
+
+Once the pfSense VPN-client VM is working properly, edit the settings for the workstation VM that will be using it. Attach its network adapter (`Adapter 1`) to the internal network that's attached to the pfSense VM's LAN adapter. Then start the workstation VM, and browse <http://whatismyipaddress.com>. The IP address should match the OpenVPN server that you're using.
+
+If the site doesn't load, open a terminal and run `ping 4.2.2.2`. If you get no responses, recheck the VPN connection using the pfSense WebGUI. If `Status: OpenVPN` shows that it's up, it's probably DNS resolution that's not working. Edit `Services: DHCP server` and specify reliable third-party DNS servers. But make sure not to use any of the DNS servers that you're already using for the host machine, the direct-connect VPN, or pfSense itself (as specified in `System: General Setup`).
+
+Next, check your DNS servers by running the standard DNS spoofability test at <https://www.grc.com/dns/> in the workstation VM. It should report only the DNS server(s) that you have specified in pfSense under `Services: DHCP server`. If it reports others, there's something wrong with the pfSense setup.
+
+### Leak Testing with Wireshark
+
+After reviewing the section on installing and using Wireshark at the end of [Basic Setup Using VMs, VPNs and Tor](/privacy-guides/advanced-privacy-and-anonymity-part-2/), install Wireshark and configure it on the workstation VM that you're using. Then reboot the workstation VM. Also start the LiveCD VM. Both should be attached to the internal network that's attached to the pfSense VM's LAN adapter.
+
+In testing for leaks, you'll be capturing on the WAN interface in pfSense (using the WebGUI via the LiveCD VM), and also on eth0 in both the host machine and the workstation VM. If everything is working properly, you should see only traffic with the direct-connect VPN server on host eth0, and only traffic with the indirect-connect VPN server on pfSense WAN. On workstation eth0, you should see traffic with whatever websites that you use while testing.
+
+In order to analyze the pfSense WAN capture with Wireshark, you'll need to copy the capture file from the LiveCD VM to the host. And, in order to do that, you'll need to (temporarily) install guest additions in the LiveCD VM, and create a temporary shared folder for the LiveCD VM, as explained in the `Creating Diskless Linux LiveCD VM` section of [Installing VirtualBox and Creating Linux VMs](/privacy-guides/advanced-privacy-and-anonymity-part-5/). Alternatively, you can (temporarily) install and configure Wireshark in the LiveCD VM.
+
+To begin the leak test, first go to `Diagnostics: Packet Capture` in the WebGUI for the pfSense VPN-client VM, which you're accessing on the LiveCD VM. Accept the defaults for capturing on WAN, but specify `` for `Count` (to set no limit). Then open Wireshark on both the host machine and workstation VM. You'll be capturing on eth0 in both. Now start all three captures.
+
+On the workstation VM, use Firefox to check <http://whatismyipaddress.com>, run the DNS test at <https://www.grc.com/dns/>, and browse for a while. After 10-20 minutes, stop all three captures, and save the pfSense capture on the LiveCD VM to the temporary shared folder on the host (unless you're also running Wireshark in the LiveCD VM).
+
+Run Statistics/Endpoints on all three captures, using Wireshark in the host (or LiveCD VM) for the pfSense capture. You should see only local IPs and the direct-connect VPN server on host eth0, only local IPs and the indirect-connect VPN server on pfSense WAN, and both local IPs and remote IPs used in testing on workstation eth0.
+
+Now go to `Diagnostics: Command prompt` in the pfSense WebGUI that you're accessing on the LiveCD VM. In the box under `Execute Shell command`, enter `killall openvpn` and hit `Execute`. Then start all three captures as explained above. Verify that Firefox on the workstation VM can't see anything, and that pinging the IP address of your VPN server etc fails. After 10-20 minutes, stop all three captures, and save the pfSense capture on the LiveCD VM to the shared folder as above.
+
+Run Statistics/Endpoints on all three captures. You should see only local IPs and the direct-connect VPN server on host eth0. On pfSense WAN, you should only see traffic with local IPs, and perhaps reconnection attempts **from** the indirect-connect VPN server that you were connected to. On workstation eth0, you should see only local IPs and connection attempts for whatever sites that you use while testing.
+
+Finally, go to the pfSense console window, and reboot by hitting `5` and `y`. On the workstation VM, check <http://whatismyipaddress.com> to verify that it's all working again.
+
+That's it.
+
+ [1]: http://files.nl.pfsense.org/mirror/downloads/
+ [2]: https://www.wikileaks.org/wiki/Alternative_DNS
diff --git a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-7.md b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-7.md
new file mode 100644
index 000000000..0b619f94f
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-7.md
@@ -0,0 +1,153 @@
+---
+title: Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 7
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/advanced-privacy-and-anonymity-part-7/
+section: Advanced
+weight: 70
+articles: [
+  {
+    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 8",
+    url: "/privacy-guides/advanced-privacy-and-anonymity-part-8/"
+  }
+]
+date: 2013-10-23T12:39:49+00:00
+layout: guides-details
+---
+## Paying Anonymously with Cash and Bitcoins
+
+### Introduction
+
+In using nested chains of VPN services and Tor for anonymity, the weakest links are arguably the money trails to VPN services that are routed through other VPN services. That's especially problematic for VPN services to be routed through Tor. Using free VPN services is an option, but they typically cap bandwidth and throughput. The best option for anonymously buying VPN services is sending cash by mail. Using Bitcoins that have been well anonymized through multiple accounts and mixing services is another option. This tutorial covers both.
+
+> Note: I wrote this series in 2013, well over six years ago. Although I’ve updated stuff a few times since, it’s been a while. I’ll be doing a total rewrite soon, but that will take some time.
+> 
+> So anyway, privacy in meatspace is basically dead, given increasingly pervasive surveillance. So there's a lot that needs revised. Using giftcards, mailing cash, etc are far more risky. Also, Electrum is now the best Bitcoin wallet in Linux. And I have updated recommendations for Bitcoin mixers.
+
+### Cash by Mail
+
+Several VPN providers accept cash payments by mail. Check their payment options, or email support. It's the most anonymous option, as long as you're not under active surveillance. However, there are two disadvantages: 1) time (especially for international surface mail); and 2) risk of loss or theft in transit.
+
+Take care to avoid attracting attention. Include a valid return address that's not associated with you in any way. Use a computer printer, rather than printing by hand. However, do not use a color laser printer, because the printer serial number and a timestamp may be [encoded in a pattern of faint yellow dots][1]. Add enough postage, but not way too much. Use large denominations (no coins) and wrap the cash in a sheet of paper, with your account username printed on it. Also, use cash given anonymously as change, rather than from an ATM or bank withdrawal.
+
+> Note: This is far riskier than it was six years ago.
+
+Use a public drop box located at least 200 Km away. Go in the evening, and avoid bright lighting. Before approaching, look for security cameras, and avoid looking directly at them. Look downward as much as possible, and wear something seasonably appropriate to conceal your face (such as a hooded shirt or jacket, or a wide-brimmed hat). If driving, park at a reasonable distance to avoid sharing your license tag, but not implausibly far.
+
+Use disposable gloves to avoid fingerprints. Although it's probably overkill, you can also take steps to confound DNA analysis. Accumulate dust from public places, containing the DNA of many people. Using toilet paper and wearing disposable gloves, lightly rub the dust into each component (cash, cover sheet and envelope).
+
+### Bitcoins
+
+Many VPN providers now accept Bitcoin payments. However, contrary to what you might have read, Bitcoins are not at all anonymous, unless you use them prudently. First, to comply with laws against money laundering, mainstream exchanges and purchasing channels now typically require documented identification. Second, the Bitcoin network by design records every transaction in a public accounting log, called the [blockchain][2].
+
+Another risk in using Bitcoins is price volatility. While that has been profitable for some speculators, it discourages routine use. For now, it's safest to limit Bitcoin holdings to current requirements.
+
+#### Buying Bitcoins
+
+In order to use Bitcoins, you'll need a wallet. Although convenient, online wallets are not very safe, because they're far too likely to disappear, get hacked, or be shut down. The [Blockchain wallet][4] is probably the safest online wallet. The Bitcoin Project now recommends the standalone [MultiBit client][5] for new users. The original Bitcoin client (Bitcoin-Qt) has become too resource intensive for casual use. It synchronizes the full [blockchain][6], which is currently over 9 GB, and growing at ~630 MB per month. That's especially problematic when running multiple clients via Tor for Bitcoin anonymization (as discussed below). Although MultiBit is a Java app, that's secure as long as the Java browser plug-in is not installed.
+
+There are [many ways][7] to buy Bitcoins. Although cash deposits are still possible in some places, transactions generally involve bank wires or commercial money-transfer services. Most services don't accept credit and debit cards, and those that do charge very large transaction fees to cover chargeback risk.
+
+{{< del >}}The most anonymous option is buying with cash from private sellers by mail. One reputable option is [Nanaimo Gold](https://www.nanaimogold.com/buy.php).{{< / del >}} Paying cash to private sellers in person is less anonymous. But it's easy to find sellers using [LocalBitcoins][8], and there's an escrow service to reduce the risk of fraud. Other (riskier) options for finding private sellers include [Bitcoin Forum /.../ Currency exchange][9] and [#bitcoin-otc][10].
+
+Before buying your Bitcoins, set up an initial wallet. The best place for it depends on how anonymously you're purchasing your Bitcoins. Anonymity levels should be comparable, so your Bitcoins don't compromise the location, and vice versa. If you must identify yourself to buy Bitcoins, it's OK to just use the Blockchain browser plug-in wallet, without any VPN. If you're paying with cash in person, but without identifying yourself, it's best to run a Multibit client through your direct-connect VPN, either on the host machine or on a workstation VM that's dedicated to that VPN exit. If you're paying with cash through the mail, it's best to use a Electrum client in [Whonix][11] (a pair of Linux VMs that connects via Tor) as your initial wallet. Using Whonix is explained below.
+
+> Note: See <https://electrum.org/#download> and use the Appimage.
+
+#### Anonymizing Bitcoins
+
+Once you have your Bitcoins, it's prudent to anonymize them appropriately before use. All Bitcoin transactions are recorded in the blockchain, and there's no way to prevent that (without totally breaking the system). However, there are several Bitcoin mixing services. Deposits go into a pool, and payments come randomly from the pool. You transfer Bitcoins through a chain of anonymous Bitcoin wallets, using different mixing services for successive transfers. If the wallets aren't otherwise associated, your Bitcoins become less and less associated with you as they move through the chain, and no meaningful association remains after a few mixing transfers.
+
+Using multiple anonymous MultiBit clients via Tor is the best option. Multibit clients are fast, because they don't download the Bitcoin blockchain. And they are secure, because they're not hosted by a third party. For better anonymity, each Multibit client should have a wallet with several several sending and receiving addresses, or even several wallets. For each transfer from one client to another through a mixing service, you randomly spread the Bitcoins among several address combinations. That increases the anonymity that each transfer provides, by reducing correlation based on quantities transferred.
+
+Using Electrum via Tor is easy using [Whonix][11]. Reputable mixing services include ...
+
+> Note: I tested and verified four mixing services in late Jan-2020.
+> 
+> **BitCloak** only has a Tor onion, at http://bitcloak43blmhmn.onion/. It requires five confirmations.
+> 
+> **Bitcoin Fog** only has a Tor onion, at http://foggeddriztrcar2.onion/. It had a clearnet site, at http://www.bitcoinfog.com/, but that's gone. **Do not** trust other URLs, as there are many scammers. If that one goes down, check https://twitter.com/bitcoinfog (but **not** @BitcoinfogG, which is a scammer). It's not a pass-through mixer, and requires an account. Deposits complete after six confirmations, and withdrawals should complete after ~2 minutes. Some have said that it's unreliable, but that may have reflected software glitches, or perhaps confusion with scammers.
+> 
+> **Blender** is at both https://blender.io/ and http://blenderiocpxfema.onion/. It requires three confirmations.
+> 
+> **CryptoMixer** is at both https://cryptomixer.io/ and http://cryptomixns23scr.onion/. It requires just 1 confirmation.
+
+After each mixing step, it's crucial to check the receiving address for taint from the sending address. On the [Blockchain explorer page][12], enter your receiving address in the `Search` field, and hit enter. Then click `Taint Analysis`, and search for your sending address in the results page. If it appears, you need to remix.
+
+A Bitcoin mixing setup might look like this:
+
+  * initial wallet 
+      * Blockchain wallet for Bitcoins purchased non-anonymously
+      * MultiBit client via direct-connect VPN for Bitcoins purchased in-person with cash
+      * MultiBit client in Whonix via Tor for Bitcoins purchased with cash by mail
+  * first Whonix/MultiBit mixing client: don't use for purchases
+  * second Whonix/MultiBit mixing client: use for first indirect-connect VPN (e.g., to replace SecurityKISS)
+  * third Whonix/MultiBit mixing client: use for second indirect-connect VPN
+  * fourth Whonix/MultiBit mixing client: don't use for purchases
+  * fifth Whonix/MultiBit mixing client: use for VPN to route through Tor
+
+You can spend Bitcoins from anywhere in the wallet chain. In doing so, it's important to match the anonymity levels of Bitcoins and purchases. Your Bitcoins embody a money trail back to you, which becomes increasingly tenuous along the wallet chain. However, your purchases may independently create associations. That's obvious for items that are shipped to you. But VPN services are also more or less associated with you, depending on their location in the nested chain. You don't want your Bitcoins to compromise the anonymity of your purchases. And you don't want your purchases to compromise the anonymity of your Bitcoin wallet, and in turn other purchases that you make from it.
+
+#### MultiBit Clients in Whonix
+
+[Whonix][11] comprises a pair of Debian VMs: a gateway VM that connects to the Tor network, and a workstation VM that connects through the gateway VM. Installing Whonix and setting up MultiBit wallets is easy. Start by downloading Whonix-Gateway and Whonix-Workstation to your host machine, via the direct-connect VPN service. It's best to verify the downloads as instructed using the OpenPGP signatures and the Whonix signing key. If you can't be bothered with that, at least download them using BitTorrent (which is more secure, as explained).
+
+Each Whonix gateway and workstation VM must have a unique name (which determines the name of its folder). Also, the gateway and workstation VMs of each Whonix instance must share a uniquely named internal network. For example, import the first Whonix pair, using `File / Import Appliance` in VirtualBox (reinitializing MAC addresses). Then edit the names of both VMs, adding a unique suffix to distinguish that pair from the rest that you'll be importing, and to facilitate keeping track of them.
+
+You want these Whonix instances to connect through your terminal indirect-connect VPN service. Initially, that's SecurityKISS. Change Adapter 1 of the gateway VM from `NAT` to, for example, the internal network `pfS-SK`. In both Adapter 2 of the gateway VM and Adapter 1 of the workstation VM, rename internal network `Whonix` to match the edited VM names.
+
+Start the first Whonix gateway, and then the workstation. Download and install updates as instructed. After rebooting both VMs, download and install MultiBit as described above, and start MultiBit. It should report being `Online` (at bottom left). There's no need for MultiBit clients to be running except when you're actively using them, because they synchronize very quickly.
+
+Then repeat the process – importing Whonix, renaming the VMs and their shared internal networks, and installing MultiBit – as needed for your mixing chain. However, start the first transfer (see below) before updating the rest of your Whonix instances and installing MultiBit. With the free option, SecurityKISS allows just 300 MB per day, and that's barely enough for downloading updates on two Whonix instances.
+
+#### Bitcoin Anonymization Specifics
+
+The best place for setting up the first transfer depends on the location of the initial Bitcoin wallet. For the Blockchain browser plug-in wallet, it's best use BitLaundry on a LiveCD VM connecting through your direct-connect VPN. That way, your ISP at least doesn't see that you're using BitLaundry, even though the wallet itself is funded non-anonymously and therefore always accessed without any VPN. Otherwise, and for subsequent transfers in the mixing chain, use the workstation VM (or Whonix instance) that's running the Multibit client which is sending the Bitcoins.
+
+As noted above, it's best to use multiple sending and receiving addresses (or even multiple wallets) for transfers via mixing services. For each transfer from one client to another through a mixing service, you randomly spread the Bitcoins among several address combinations. That increases the anonymity that each transfer provides, by reducing correlation based on quantities transferred.
+
+There's no need to create a wallet at BitLaundry. Create a separate mixing scheme for Bitcoins from each of the appropriate Send addresses in your wallet(s). For destination addresses, use the Request (receiving) addresses of the next wallet(s) in your mixing chain. Specify the desired number of days, and transactions per recipient per day. After reviewing and confirming the scheme, send your Bitcoins to the funding address provided by BitLaundry. Repeat for each sending address.
+
+[Bitcoin Fog][14] requires an account, but not an email address. [Blockchain][15] requires both. You send your Bitcoins from MultiBit to the deposit address for your mixing-service account. After (at least) several hours, send your Bitcoins to the Request (receiving) addresses for the next client in your mixing chain. With Bitcoin Fog, transfers are split over time (by at least six hours) and you can delay them. For increased anonymity, you can use multiple Bitcoin Fog accounts, one for each of your sending addresses.
+
+To avoid associating Bitcoin wallets with purchases, you can pay through BitLaundry or Blockchain, rather than directly from the wallet. However, a recipient might blacklist mixing services, so there's some risk of payments being lost. With BitLaundry, don't split transfers over time, because receiving addresses are sometimes deleted after receiving just one payment. And do not use Bitcoin Fog, because all transfers are split over time by at least six hours.
+
+As you extend your nested VPN chain, it's arguably best to reconfigure your Whonix instances to connect through the new terminal indirect-connect VPN service. However, if you're using 3-4 VPN services in your nested chain, especially if it's a branched chain, having your Whonix instances connect at different nodes would isolate them better from each other. But I don't recommend using Whonix with less than a two-VPN nested chain.
+
+In any case, there is a risk (albeit small) in moving Whonix instances to longer nested VPN chains. To help protect against attacks involving evil relays, Tor uses [persistent entry guards][16]. And so a client's entry-guard selection might serve as a fingerprint for correlating activity from multiple VPN-exit IP addresses.
+
+On the other hand, changing entry guards more frequently increases vulnerability to adversaries that run relays (in particular, entry guard relays). In light of a recent paper from the Tor research community, [Johnson et al (2013) Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries][17], there's been talk of rotating entry guards even **less** frequently.
+
+If you decide to force Tor to choose new entry guards, it's easily accomplished. Before switching one of your Whonix gateway VMs to a different VPN exit, run these commands:
+
+    sudo su
+    cd /var/lib/tor
+    cat state | more
+
+Note the names of the entry guards (typically three). Then run these commands:
+
+    service tor stop
+    rm *
+
+It's important to stop Tor before clearing /var/lib/tor. Otherwise, it may all get rebuilt during normal shutdown. After rebooting the gateway, give it a few minutes to connect to the Tor network and fix itself, and then run these commands:
+
+    sudo su
+    cd /var/lib/tor
+    cat state | more
+
+You should now see a different set of entry guards.
+
+ [1]: http://en.wikipedia.org/wiki/Printer_steganography
+ [2]: https://www.blockchain.com/explorer
+ [4]: https://www.blockchain.com/wallet
+ [5]: http://bitcoin.org/en/choose-your-wallet
+ [6]: https://www.blockchain.com/charts/blocks-size
+ [7]: https://en.bitcoin.it/wiki/Buying_bitcoins
+ [8]: https://localbitcoins.com/
+ [9]: https://bitcointalk.org/index.php?board=53.0
+ [10]: http://bitcoin-otc.com/
+ [11]: https://www.whonix.org/wiki/Main_Page
+ [12]: https://www.blockchain.com/explorer
+ [14]: http://fogcore5n3ov3tui.onion/
+ [15]: https://www.blockchain.com/wallet
+ [16]: https://support.torproject.org/about/entry-guards/
+ [17]: http://www.ohmygodel.com/publications/usersrouted-ccs13.pdf
diff --git a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-8.md b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-8.md
new file mode 100644
index 000000000..79f27972d
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-8.md
@@ -0,0 +1,215 @@
+---
+title: Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 8
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/advanced-privacy-and-anonymity-part-8/
+section: Advanced
+weight: 80
+date: 2022-01-14T00:00:00+00:00
+layout: guides-details
+---
+## Creating Nested Chains of VPNs and Tor
+
+### Introduction
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/Chains-light.png"
+        srcset="/images-static/uploads/Chains-light.png 1x, /images-static/uploads/Chains-light@2x.png 2x"
+        alt="Cloud showing Chained VPNs and TOR" />
+    <img class="features__image--dark" src="/images-static/uploads/Chains-dark.png"
+        srcset="/images-static/uploads/Chains-dark.png 1x, /images-static/uploads/Chains-dark@2x.png 2x"
+        alt="Cloud showing Chained VPNs and TOR" />
+</figure>
+{{< / raw-html >}}
+
+This tutorial covers using multiple pfSense VPN-client VMs and Tor-client VMs to create arbitrarily complex nested and branched chains of VPNs and Tor, such as the setup (reproduced above) suggested in the `Planning Initial Setup` section of [Planning Advanced VM and VPN Setup](/privacy-guides/advanced-privacy-and-anonymity-part-3/). Doing that is relatively easy, once you have planned your setup, [set up a secure host machine](/privacy-guides/advanced-privacy-and-anonymity-part-4/), and created [pfSense VMs](/privacy-guides/advanced-privacy-and-anonymity-part-6/) as clients for multiple [anonymously-purchased](/privacy-guides/advanced-privacy-and-anonymity-part-7/) VPN services, Tor-client VMs (more on that below) and [Linux workstation VMs](/privacy-guides/advanced-privacy-and-anonymity-part-5/) that access the Internet through them. The various VirtualBox VMs that you create are relatively-independent modules. Setting up nested and branched chains of nested VPN tunnels and Tor connections, and workstation VMs that use them, requires little more than changing how these VMs are networked in VirtualBox.
+
+### Basic Nested VPN Chains
+
+This section is written for the case where you're using your direct-connect VPN service in the first pfSense VPN-client VM, and no VPN service on the VM host machine. If you continue using your direct-connect VPN service on the VM host, and use another anonymously-purchased, indirect-connect VPN service in the first pfSense VPN-client VM, you will have a nested chain of two VPNs.
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/Connection-One-VPN-light.png"
+        srcset="/images-static/uploads/Connection-One-VPN-light.png 1x, /images-static/uploads/Connection-One-VPN-light@2x.png 2x"
+        alt="Connection With VPN" />
+    <img class="features__image--dark" src="/images-static/uploads/Connection-One-VPN-dark.png"
+        srcset="/images-static/uploads/Connection-One-VPN-dark.png 1x, /images-static/uploads/Connection-One-VPN-dark@2x.png 2x"
+        alt="Connection With VPN" />
+</figure>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/Connection-Two-VPNs-light.png"
+        srcset="/images-static/uploads/Connection-Two-VPNs-light.png 1x, /images-static/uploads/Connection-Two-VPNs-light@2x.png 2x"
+        alt="Connection with Two VPNs" />
+    <img class="features__image--dark" src="/images-static/uploads/Connection-Two-VPNs-dark.png"
+        srcset="/images-static/uploads/Connection-Two-VPNs-dark.png 1x, /images-static/uploads/Connection-Two-VPNs-dark@2x.png 2x"
+        alt="Connection with Two VPNs" />
+</figure>
+{{< / raw-html >}}
+
+In that case, you can just apply the above difference (one VPN vs two VPNs) to the other diagrams and discussion that follow.
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/VBox-One-VPN-light.png"
+        srcset="/images-static/uploads/VBox-One-VPN-light.png 1x, /images-static/uploads/VBox-One-VPN-light@2x.png 2x"
+        alt="Setup for one pfSense VPN-client VM and workstation VM" />
+    <img class="features__image--dark" src="/images-static/uploads/VBox-One-VPN-dark.png"
+        srcset="/images-static/uploads/VBox-One-VPN-dark.png 1x, /images-static/uploads/VBox-One-VPN-dark@2x.png 2x"
+        alt="Setup for one pfSense VPN-client VM and workstation VM" />
+</figure>
+{{< / raw-html >}}
+
+The first pfSense VPN-client VM typically has its WAN adapter NATed to the host via the VirtualBox router, and its LAN adapter attached to a VirtualBox internal network. The pfSense VM runs a DHCP server for that internal network, just as gateway routers typically do for physical LANs. When the OpenVPN client in pfSense establishes a VPN connection, it creates a virtual network adapter (aka `tun` for tunnel). There are routing and firewall rules that restrict all LAN (and attached VirtualBox internal network) traffic to this VPN tun adapter (instead of WAN) for Internet access, and also block incoming connections, just as gateway routers typically do for physical LANs.
+
+Anything running in workstation VMs attached to this VirtualBox internal network can only access the Internet through the pfSense VM and its VPN tunnel. Applications and VPN networking are isolated in separate VMs (workstation and pfSense VMs, respectively). Exploits that manage to compromise workstation VMs can't get at VPN networking unless they break out to the host or compromise pfSense. While either is possible, neither is arguably likely, unless you've attracted a highly-skilled adversary.
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/VBox-Two-VPNs-light.png"
+        srcset="/images-static/uploads/VBox-Two-VPNs-light.png 1x, /images-static/uploads/VBox-Two-VPNs-light@2x.png 2x"
+        alt="Setup for two pfSense VPN-client VMs and workstation VMs" />
+    <img class="features__image--dark" src="/images-static/uploads/VBox-Two-VPNs-dark.png"
+        srcset="/images-static/uploads/VBox-Two-VPNs-dark.png 1x, /images-static/uploads/VBox-Two-VPNs-dark@2x.png 2x"
+        alt="Setup for two pfSense VPN-client VMs and workstation VMs" />
+</figure>
+{{< / raw-html >}}
+
+To add another VPN tunnel (VPN2) to the nested chain, you just create another pfSense VPN-client VM, which connects to another anonymously-purchased VPN service. You attach its WAN adapter to the internal network attached to the LAN adapter of the first pfSense VPN-client VM (VPN1). The VPN tunnel from the second pfSense VPN-client VM (VPN2) reaches the Internet through the first pfSense VPN-client VM and its VPN tunnel (VPN1). You attach the LAN adapter of the second pfSense VPN-client VM (VPN2) to another VirtualBox internal network, for which it is the DHCP server. Its VPN tunnel (VPN2) is routed through its LAN adapter to its internal network (and firewalled). Workstation VMs attached to this second VirtualBox internal network access the Internet through the nested VPN chain, as shown above (VPN2 routed through VPN1).
+
+You can add additional VPN tunnels to your nested chain in the same way, either at the end, or further in to create branches. In choosing additional VPN services, there are two key and potentially-conflicting criteria. First, as discussed in the section `Using Nested Chains of VPNs and Tor to Distribute Trust` of [Part 3. Planning Advanced VM and VPN Setup](/privacy-guides/advanced-privacy-and-anonymity-part-3/), choosing providers in poorly-cooperating spheres of influence arguably mitigates the risk of joint compromise or subversion.
+
+Second, network latency increases as you add VPNs to the nested chain. As long as you have a broadband Internet connection, and are using VPN services that have fast Internet connections, network latency will be the limiting factor for overall throughput. Even with careful design, latency for nested chains with more than four VPNs will likely make them unusable. Conversely, terminal nodes in branched VPN chains don't compete very much with each other for bandwidth, unless you push it too far and saturate the shared proximal VPN tunnel.
+
+Also, in chaining multiple pfSense VPN-client VMs, it's crucial that adjacent pfSense VMs have different LAN IP address ranges. Otherwise, no traffic will flow, because pfSense is a NAT router, not a switch. The simplest approach is using 192.168.1.0/24 for the first pfSense VPN-client VM, 192.168.2.0/24 for the second, 192.168.3.0/24 for the third, and so on. It's true that routing local resources through VirtualBox internal networks with distinct IP ranges would be difficult, but that's less important than ensuring security through full isolation.
+
+First review the `Creating pfSense VM and Configuring VPN Client` section of [Part 6. Creating pfSense VMs as VPN Clients](/privacy-guides/advanced-privacy-and-anonymity-part-6/). As described, you start by creating the new pfSense VM, installing pfSense, and configuring `em0` as the WAN interface and `em1` as the LAN interface. However, after pfSense finishes rebooting, and before configuring and setting up a VPN client, you need to change pfSense's LAN IP address range.
+
+In the pfSense console window (not the webGUI), start by typing `2` in order to `Set interface(s) IP address` and hit enter. Then type `2` for `LAN`, and hit enter. Now type the new LAN IPv4 address (e.g., 192.168.2.1) and hit enter. Type `24` as the subnet bit count, and hit enter. Answer `y` for `Do you want to enable the DHCP server on LAN?`, and hit enter. Type the start address (e.g., 192.168.2.100) and hit enter. Then type the end address (e.g., 192.168.2.199) and hit enter. Answer `n` for `Do you want to revert to HTTP as the webConfigurator protocol?` and hit enter. Finally, reboot pfSense by typing `5`, hitting enter, typing `y`, and hitting enter. Finally, configure a LiveCD VM to access the new pfSense's webGUI, and use it to finish configuring the new pfSense VM with a client for your new VPN service, as described in Part 6.
+
+In bringing up a nested VPN chain, you must start with the direct-connect VPN client, because it provides Internet connectivity for the rest of the VPN clients. After the direct-connect VPN has connected, start the pfSense client for the VPN that connects through it, and wait for it to finish booting. For pfSense VPN clients, you'll see an IP address to the right of `ovpnc1` if the VPN connection has been established. If you don't see that, you can hit return once or twice to refresh the display. Once each pfSense VPN-client VM has connected, start the next one, and so on.
+
+Once all of the pfSense VPN-client VMs are up, you can start whatever workstation VMs that will connect through them. If any of the pfSense VPN-client VMs are not connecting properly, you can use your Linux LiveCD VM to login to its webGUI and figure out what's broken, as described in Part 6. Generally, you can leave all of the pfSense VMs running while you're working/playing, and even whatever associated workstation VMs you'll be using. However, it may be prudent (depending on your risk model) to shut down all VMs and the host machine when you're done (and thereby deny access by adversaries to unencrypted data).
+
+Nested VPN chains occasionally stop working, especially on weekends (when maintenance is typically scheduled). First try restarting each of the VPN clients in order, from direct to increasingly indirect. If you find that one of the VPNs isn't connecting, review its connection log for errors. There may be interactions among VPN connections. For example, if the DNS server used by a VPN client dies or gets overloaded, VPN(s) tunneled through that VPN won't connect if you've specified servers by hostname, rather than by IP address (because DNS lookups will fail ). You may need to switch servers and/or ports for one of your VPNs.
+
+### Tor Gateway VMs
+
+There are two easy ways to add Tor connections to nested chains. One is [ra's Tor gateway VM][1]. It's an OpenWRT-based router VM that provides Tor connections using transproxy, and it's very easy to network with pfSense VPN-client VMs. The other is [Whonix][2]. It's an integrated pair of Debian-based VMs, comprising a gateway and a workstation. The Whonix gateway VM isn't a router, however, so networking with pfSense VPN-client VMs is nontrivial. But it's easy to run VPN clients in the Whonix workstation. And by the way, in case you're wondering, it's probably unworkable to route Tor through a VPN that's routed through Tor.
+
+#### Whonix
+
+Using Whonix is covered in the `MultiBit Clients in Whonix` section of [Part 7. Paying Anonymously with Cash and Bitcoins](/privacy-guides/advanced-privacy-and-anonymity-part-7/). Start by downloading Whonix-Gateway and Whonix-Workstation to your host machine, via your current best VPN chain. It's best to verify the downloads as instructed using the OpenPGP signatures and the Whonix signing key. If you can't be bothered with that, at least download them using BitTorrent (which is more secure, as explained).
+
+Then import both of the Whonix VMs, using `File / Import Appliance` in VirtualBox (reinitializing MAC addresses). If you'll be using multiple Whonix instances, each Whonix gateway and workstation VM must have a unique name (which determines the name of its folder). It's good practice to edit the names of both Whonix VMs right after importing them, adding a unique suffix (or whatever) to distinguish them from others that you may import later.
+
+Before running a Whonix gateway VM, it's crucial to change its first (WAN) adapter from NAT to a VirtualBox internal network sourced by one of your pfSense VPN-gateway VMs, using the Network tab in the VirtualBox GUI. Otherwise, the Whonix gateway would reveal to your ISP that you're using Tor. It would also provide your ISP-assigned IP address to Tor's directory authorities, and as well to the entry guards that it chooses. Also, each Whonix gateway VM must have a uniquely-named internal network attached to its second (LAN) adapter. In order for the workstation VM to connect via the gateway VM, the workstation VM's network adapter and the gateway VM's second (LAN) adapter must share a uniquely named internal network. It's helpful to name the gateway VM, workstation VM and internal network for each Whonix instance in a logical and memorable way, to avoid confusion and mistakes.
+
+Adding Whonix instances to VPN chains is trivial. Using the VirtualBox GUI, edit the first (WAN) adapter in the Whonix gateway VM, and specify the internal network sourced by the desired pfSense VPN-gateway VM. In order to further isolate multiple Whonix instances from each other, you may want the gateway VMs to connect at different points in your nested VPN chain. That reduces the chance that adversaries controlling parts of the Tor network will associate the two Whonix instances.
+
+Installing VPN clients in Whonix workstation VMs is also trivial, as described in the `Setting Up VPN on Linux Workstation VM` section of [Part 2. Basic Setup Using VMs, VPNs and Tor](/privacy-guides/advanced-privacy-and-anonymity-part-2/). Whonix workstations are based on Debian, customized to securely use Tor. However, given that Tor only routes TCP traffic, the Network Manager settings are different. In the `General` tab of the `Advanced` window, check `Use a TCP connection` and `Use custom gateway port`, and specify the appropriate TCP port number from your VPN provider. It's crucial to use a VPN service that's not associated with you. See [Part 7. Paying Anonymously with Cash and Bitcoins](/privacy-guides/advanced-privacy-and-anonymity-part-7/).
+
+As everything else does, VPN connections will probably take longer to establish through Tor. Also, given that all applications in the Whonix workstation VM are configured to use Tor through the gateway VM, you'll need to modify their preferences in order to connect through the VPN tunnel. In Firefox, for example, you navigate `Edit / Properties / Advanced / Network / Connection..Settings`, and select `No proxy`. And you'll need to reverse the change if you later want to browse through Tor without the VPN connected.
+
+#### OpenWRT Tor gateway
+
+To use ra's OpenWRT Tor gateway VM, first download the latest version, currently [Tor gateway 0.6.3.ova][3]. Import it using `File / Import Appliance` in VirtualBox (reinitializing MAC addresses). As with the Whonix gateway VM, edit its first (WAN) adapter from NAT to a internal network sourced by one of your pfSense VPN-gateway VMs, and uniquely rename the internal network attached to its second (LAN) adapter. That's it.
+
+Because ra's Tor gateway VM is (like pfSense) a router running a DHCP server, you can attach any workstation VM to the internal network attached to its second (LAN) adapter, and so reach the Internet through Tor. As with the Whonix workstation, workstation VMs can only reach the Internet through the Tor gateway, so there's negligible risk that improperly configured applications will bypass Tor. However, given that Tor only routes TCP traffic, applications that depend on UDP traffic will not work properly. Also, browsing with stock Firefox is far less anonymous than with the Tor-optimized version in the Tor Browser Bundle, Tails and Whonix.
+
+You can also attach a pfSense VPN-gateway VM to the internal network attached to the Tor gateway's second (LAN) adapter. As with the OpenVPN client in the Whonix workstation VM, you'll need to configure the pfSense OpenVPN client with the proper server address and port number for connecting in TCP mode. See [Part 6. Creating pfSense VMs as VPN Clients](/privacy-guides/advanced-privacy-and-anonymity-part-6/). As with the OpenVPN client in the Whonix workstation VM, the OpenVPN client in pfSense will probably take longer to connect through Tor. As noted above, it's crucial to use a VPN service that's not associated with you.
+
+When routed through Tor, pfSense VMs can't resolve hostnames to IP addresses. That prevents pfSense from getting the correct time from <0.pfsense.pool.ntp.org>. However, given that the Tor exit IP address changes frequently, it is unwise to specify specific NTP servers by their IP addresses, because that would reduce anonymity.
+
+### Testing and Optimization
+
+The various VirtualBox VMs that you create – pfSense VPN-client, OpenWRT Tor gateway, Linux workstation and LiveCD, and Whonix VMs – are relatively-independent modules. Setting up arbitrarily complex nested and branched chains of nested VPN tunnels and Tor connections, and workspaces that access the Internet through them, requires little more than changing how they're networked in VirtualBox. However, creating setups that are usable and reliable requires testing and optimization. With complex setups, that can be quite challenging, because there are so many different ways to fail.
+
+It's best to start with a simple setup. Once it's usable and reliable, you'll have a reliable core that you can build on, and you will also have acquired requisite experience and skills. For the setup suggested in the section `Planning Initial Setup` of [Planning Advanced VM and VPN Setup](/privacy-guides/advanced-privacy-and-anonymity-part-3/), which is pictured at the top of this page, it's best to start with just two VPNs: VPN{{< sub >}}1{{< / sub >}} and VPN{{< sub >}}2{{< / sub >}}. If you're running the direct-connect VPN (VPN{{< sub >}}1{{< / sub >}}) in the host machine, start with just one pfSense VPN-client VM (VPN{{< sub >}}2{{< / sub >}}).
+
+To provide context for testing your nested VPN chain(s), periodically check the latency (ping) and speed of your native ISP connection at [Speedtest][4] and [Fast][6]. If at all possible, don't use your VM host machine for that. Also, avoid checking your ISP connection while actively testing nested VPN chain(s), because that would associate their IP addresses in Speedtest's logs. For the same reason, don't check multiple VPN-chain nodes simultaneously. Wait at least several minutes between tests from different IP addresses.
+
+If you're running the direct-connect VPN in the host machine, and have gotten this far, it's probably working well enough. If there are connection problems, review the Network Manager connection log, as described in the section `Viewing Network Manager OpenVPN Logs` of [Part 4. Setting Up Secure Host Machines](/privacy-guides/advanced-privacy-and-anonymity-part-4/). You'll need a Linux LiveCD VM for testing each VPN that you're running in a pfSense VM, which you attach to that pfSense VM's internal network. I recommend using multiple LiveCD VMs here for two reasons: 1) to avoid leaking VPN account information from pfSense to workspace VMs; and 2) to limit access to pfSense from potentially-compromised workspace VMs. If you have added `verb 5` in the `Advanced` box in OpenVPN client setup at `VPN: OpenVPN: Client`, a detailed connection log is available at `Status: System logs: OpenVPN`.
+
+To optimize your nested VPN chain, start with the direct-connect VPN, and work methodically through the rest of the VPNs. For each VPN connection in the chain, check latency (ping) and speed at Speedtest. If you can't connect, review the connection log at `Status: System logs: OpenVPN` in the pfSense webGUI (or Network Manager OpenVPN Logs, on the host machine) for errors. It's normal for latency (ping) to increase as you add more VPNs to the nested chain. That primarily reflects additional processing delay in networking hardware, and not simply longer path length. Although speed typically decreases as you add more VPNs, due to both increased latency and network throttling, you may occasionally see it increase. As noted, wait at least several minutes between tests from different IP addresses. Once you're satisfied with each VPN connection, repeat the process with the next one in the nested chain.
+
+If you have a typical broadband Internet connection, reasonable targets for VPN{{< sub >}}1{{< / sub >}}, VPN{{< sub >}}2{{< / sub >}} and VPN{{< sub >}}3{{< / sub >}} are as follows:
+
+{{< raw-html >}}
+<table class="table--data">
+  <tr>
+    <th>
+      VPN Level
+    </th>
+    <th>
+      Latency (msec)
+    </th>
+    <th>
+      Speed (Mbps)
+    </th>
+  </tr>
+  <tr>
+    <td>
+      VPN{{< sub >}}1{{< / sub >}}
+    </td>
+    <td>
+      150-200
+    </td>
+    <td>
+      5-10
+    </td>
+  </tr>
+  <tr>
+    <td>
+      VPN{{< sub >}}2{{< / sub >}}
+    </td>
+    <td>
+      200-250
+    </td>
+    <td>
+      2-5
+    </td>
+  </tr>
+  <tr>
+    <td>
+      VPN{{< sub >}}3{{< / sub >}}
+    </td>
+    <td>
+      250-350
+    </td>
+    <td>
+      1-3
+    </td>
+  </tr>
+</table>
+{{< / raw-html >}}
+
+If you're seeing lower speeds, especially for downloading, try using different VPN servers, different port numbers, TCP mode vs UDP mode, etc. Some ISPs throttle traffic on nonstandard ports. Also, in order to meet your design goals, as discussed in section `Using Nested Chains of VPNs and Tor to Distribute Trust` of [Part 3: Planning Advanced VM and VPN Setup](/privacy-guides/advanced-privacy-and-anonymity-part-3/), it may be necessary to accept slower connections.
+
+If nothing seems to help, get support as anonymously as possible. Anonymity is especially important for your indirect-connect VPNs. Seek support while connecting through the VPN that the problematic VPN connects through. It's best to use online forums that support HTTPS. Start with your provider's support forum. You can also post in the [privacy problems section of Wilders Security Forums][5]. If you must submit a support ticket to the VPN provider, be sure to use an anonymous email address. And keep in mind that support tickets typically generate unencrypted replies, which may quote the support request.
+
+#### Leak Testing with Wireshark
+
+The section `Installing and Checking VPN-Firewall` in [Part 4. Setting Up Secure Host Machines](/privacy-guides/advanced-privacy-and-anonymity-part-4/) explains how to test the host machine's VPN connection and firewall setup using Wireshark. The section `Leak Testing with Wireshark` in [Part 6. Creating pfSense VMs as VPN Clients](/privacy-guides/advanced-privacy-and-anonymity-part-6/) does the same for the first pfSense VPN-client VM (in that case, running an indirect-connect VPN). It's crucial to verify that no traffic bypasses the VPN tunnel, even after the VPN connection is killed.
+
+You can apply the same approach to each of the gateway VMs (pfSense VPN-client, Whonix Tor-gateway or OpenWRT Tor-gateway) in a nested chain. Using Wireshark instances, you capture traffic at three points:
+
+  1. eth0 adapter of a workstation VM that accesses the Internet through the gateway VM being tested
+  2. WAN adapter of the gateway VM being tested
+  3. LAN adapter of the gateway VM through which the gateway VM being tested connects
+
+The first capture shows you what Internet sites the workstation is accessing (or trying to access). The second and third captures show you what traffic is leaving the gateway VM for the Internet. They should be identical, and it's only necessary to use one of them, if the other is hard to get at (e.g., the WAN adapter on an OpenWRT Tor-gateway VM). When the gateway VM is working properly, the second and third captures should show only local IPs and the servers (OpenVPN or Tor) that the gateway is using, and they should not show any of the remote IPs seen in the first capture.
+
+When the gateway VM is broken, the second and third captures should show only local IPs and reconnection attempts from servers that the gateway was using. They should definitely not show any of the remote IPs seen in the first capture. If the second or third captures show any of the remote IPs seen in the first capture, whether the gateway VM is functional or not, there are leaks that must be fixed.
+
+There are instructions for killing the openvpn process in the sections of Part 4 (for the host machine) and Part 6 (for pfSense) cited above. Basically, you run `killall openvpn` at a command prompt. To re-establish the VPN, use Network Manager in the host machine, and just restart the pfSense VM. To kill the tor process in the OpenWRT Tor-gateway VM, you run `killall tor` at the command prompt. For the Whonix Tor-gateway VM, it's `sudo killall tor`. To restart Tor, it's best to just reboot the gateway VM.
+
+ [1]: https://bitbucket.org/ra_/tor-gateway
+ [2]: https://www.whonix.org/wiki/Main_Page
+ [3]: https://bitbucket.org/ra_/tor-gateway/downloads/Tor%20gateway%200.6.3.ova
+ [4]: https://www.speedtest.net/
+ [5]: https://www.wilderssecurity.com/forumdisplay.php?f=41
+ [6]: https://fast.com/
diff --git a/src/content/es/pages/privacy-guides/adversaries-and-anonymity-systems-the-basics.md b/src/content/es/pages/privacy-guides/adversaries-and-anonymity-systems-the-basics.md
new file mode 100644
index 000000000..a1ccb9a9b
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/adversaries-and-anonymity-systems-the-basics.md
@@ -0,0 +1,128 @@
+---
+title: 'Adversaries and Anonymity Systems: The Basics'
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/adversaries-and-anonymity-systems-the-basics/
+section: Basic
+weight: 20
+date: 2014-09-04T08:10:03+00:00
+layout: guides-details
+---
+There are three sorts of players in this game. First, there are **users** who communicate with other users and/or destinations. Second, there are **adversaries** (archetypic attackers) with goals such as observing communications, blocking communications, identifying users, associating users with other users and/or destinations, impersonating and/or compromising users and destinations, and so on.
+
+Third, there are services and systems that protect users' communications, providing some mix of anonymity, freedom, privacy and security. Given how anonymity reduces the risk of targeted attack, it's useful to consider these as primarily **anonymity systems**. In this discussion, we first summarize background information about available anonymity systems. We then explore how each is vulnerable to adversaries with various capabilities.
+
+It's crucial to keep in mind that none of these anonymity systems provide end-to-end encryption between users and Internet destinations. All traffic between users and system exit nodes is encrypted, of course. But traffic between exit nodes and destinations is not encrypted, unless users and destinations are employing end-to-end encryption (such as HTTPS for websites, TLS for email or SSH for remote login).
+
+For email messages, anonymity systems do obscure the user's ISP-assigned IP address, but they don't affect other metadata, such as user's and correspondent's email addresses, message subject, and time. Even with end-to-end encryption between users and their email servers, message content is not encrypted between users' email servers and their correspondents, unless users and their correspondents are employing end-to-end encryption, such as OpenPGP.
+
+## Anonymity Systems
+
+Three types of low-latency anonymity systems are available for general Internet access. There are numerous VPN services, mix networks ([definition](https://en.wikipedia.org/wiki/Mix_network)) and [onion-routing networks](https://en.wikipedia.org/wiki/Onion_routing) (Tor, Lokinet). All employ encryption to provide privacy and security between users and system exits. Even so, it's always prudent to use end-to-end encryption, because system exits (and adversaries observing them and/or destinations) can otherwise see unencrypted traffic.
+
+Each of these anonymity systems provides anonymity in a particular way, more or less effectively against various adversaries. Excluded from this discussion are various proxy services, such as SSH tunnels (which are harder to use), and web proxies and browser plug-ins (which are far easier to compromise). Also excluded are Freenet and I2P. Freenet is a P2P network designed for anonymous and takedown-resistant publishing, often among closed groups of trusted participants. I2P is a [garlic-routing network](https://en.wikipedia.org/wiki/Garlic_routing) that focuses primarily on content sharing between I2P users. Neither Freenet nor I2P focus on general Internet access, although I2P does have Internet gateways.
+
+### VPN Services
+
+VPN services are the simplest type of anonymity system. Once a user client and remote VPN server have negotiated an encrypted virtual network connection, the server acts as a proxy for all the client's Internet traffic. Those services employing properly configured IPSec, OpenVPN or WireGuard protocols (and not the obsolete PPTP protocol) provide strong security and privacy (when [perfect forward secrecy](https://en.wikipedia.org/wiki/Forward_secrecy) is used) between users and system exits.
+
+VPN services provide privacy by hiding Internet destinations from ISPs. And they provide anonymity by hiding user information (such as ISP, IP address and geolocation) from destinations. That is, both ends (and associated network observers) see only a VPN server's IP address. Network latency is far lower than with either mixnets or Tor, and speed (bandwidth) is less likely to be limited.
+
+Reputable VPN services use perfect forward secrecy. For OpenVPN, that relies on TLS with transient symmetric session keys. The keys are negotiated on-the-fly, after the server and client have authenticated themselves. They are unpredictable, and frequently changed (by default, hourly). On the other hand, the [WireGuard](https://www.wireguard.com/) VPN protocol has perfect forward secrecy built in its protocol, every few minutes the negotiated temporary symmetric keys used between the peers are rotated with newly generated ones. An adversary that compromises a particular session can decrypt only traffic from that session. Traffic from retained intercepts and traffic from future sessions remain secure, because they're encrypted with different session keys. If an adversary wanted to decrypt snooped traffic by using a brute force technique, in case of success it would only work for a particular session before keys are rotated, which make this technique expensive not viable, especially if the VPN uses a [post-quantum resistant](https://www.ivpn.net/knowledgebase/general/quantum-resistant-vpn-connections/) encryption algorithm.
+
+VPN services are very easy to set up and use, because providers handle the technical aspects. However, the privacy and anonymity that VPN services provide hinges entirely on the operator's integrity and discretion, on its technical competence, and on its ability to prevent adversaries from observing, manipulating and/or compromising its servers.
+
+VPN services provide strong protection against local adversaries, and good protection against censorship and routine mass surveillance, even at the national level. However, they provide limited protection against adversaries with international reach. Such adversaries may coerce providers and/or their hosting providers or ISPs, and so may observe, manipulate and/or compromise their servers. They also provide limited protection against determined and resourceful censors. We discuss that further below, under `Passive Adversaries with Limited Network Reach`.
+
+In some jurisdictions, VPN providers may be served with court orders that can not be disclosed without serious penalties. But there's a workaround: the warrant canary. As long as no such court order has been received, the provider may regularly publish a statement to that effect. If the warrant canary isn't renewed on schedule, users may safely infer that the provider has received such a court order. There is no need for the provider to take active steps that would violate the order. Canaries are often web pages, cryptographically signed and displaying the date of signature, so users can verify the authenticity of the canary, the signature prevents anyone from publishing a fake canary.
+
+Some VPN services provide multi-hop routing. Users' traffic is proxied, in turn, through multiple servers, it's best when those are located in different nations. Given that, users sharing a given entry node are typically using different exit nodes, and users sharing a given exit node are typically using different entry nodes. Other VPN services rotate users' traffic among multiple exit servers. Such approaches protect better against adversaries with limited international reach. Even so, all bets are off for those who are targeted by more resourceful state adversaries.
+
+### Tor
+
+[Tor](https://www.torproject.org/) is a second-generation onion-routing anonymity system, currently comprising about 8000 anonymizing relays (as of January 2024) ([Tor Servers Metrics](https://metrics.torproject.org/networksize.html)). It is an open system, with highly distributed trust, and no centralized ownership. It provides anonymity through dynamic, unpredictable and hard-to-trace routing through a large network of untrusted relays. Unlike VPN services, adversaries are free to participate by running relays. Even so, there is oversight by a core group of trusted developers and relay operators, and there is a vetting process for new relays.
+
+User clients connect through the Tor network, creating encrypted three-relay circuits at random, and changing them frequently. Circuit traffic is relayed in fixed-size (512-byte) cells. At each step, relays remove a layer of encryption. That prevents non-adjacent relays from identifying each other, and helps protect against malicious relays. Traffic between relays is TLS encrypted, on top of the onion-routing circuit encryption. That somewhat obscures the circuit's cell pattern (number and timing) from external adversaries. However, unlike mixnets, Tor relays do not explicitly mix traffic.
+
+Although the Tor network is large, many of its 8000 relays have limited uptime, limited usable bandwidth, and/or exit restrictions (e.g., blocking IRC). Such limitations reduce the network's effective size, and they also increase its vulnerability to adversaries who can introduce numerous attractive relays.
+
+### Mix networks
+
+A Mix network ([detailed explanations](https://blog.nymtech.net/a-simple-introduction-to-mixnets-6783a103d20e)), commonly called "mixnet", is a system that routes network traffic between peers but hides the metadata associated with the traffic, mostly by routing fake traffic and adding delay in the transmission to prevent traffic correlation if an adversary monitors multiple nodes. There are two implementations of mix networks in an early stage of adoption at the time of writing of this guide: [NymTech](https://nymtech.net/docs) and [Lokinet](https://lokinet.org/). In order to offer a high quality of service those networks make use of blockchain tokens, both to incentivize hosting highly available routers by rewarding operators, and to fully decentralize the network management. This also mean the network isn't free as you need to spend tokens to use them.
+
+A mix network should provide full anonymity as the network packets are mixed between different layers of routers, cover packets can be created to reach the desired [level of anonymity](https://blog.nymtech.net/an-empirical-study-of-privacy-scalability-and-latency-of-nym-mixnet-ff05320fb62d), fake bouncing packets create fake inbound traffic to reduce correlation possibility, and packets are delayed in each layer of routers, so the timing can't be analyzed by an observer to trace a packet from the destination to its origin. The only fact that could be known would be that a user is connected to the mix network. However, we still lack feedback about these networks in a real world usage as they are quite recent, compared to Tor which has been successfully running for decades.
+
+## Adversaries
+
+All low-latency anonymity systems are broken against adversaries that can observe, manipulate and/or compromise both ends of a connection. That is certainly so for VPN services, mixnets and Tor. Increasing the number of intervening system nodes doesn't prevent such compromise. Conversely, all three systems protect well against weak local adversaries. However, one can distinguish them by considering their vulnerability to three canonical classes of attackers, or adversaries, each resourceful in distinct ways.
+
+Passive adversaries simply intercept and analyze network traffic, seeking to correlate streams entering and exiting anonymity systems. Byzantine adversaries can mark or otherwise modify traffic, primarily to facilitate traffic correlation. Realistic passive adversaries are Byzantine, and so we lump them together. However, there is a key distinction: anonymity systems can't detect purely passive adversaries, except through consequent Byzantine activity, and so active defense against them is problematic.
+
+There are two sorts of active adversaries. [Sybil adversaries](https://en.wikipedia.org/wiki/Sybil_attack) focus on system-level vulnerabilities, and exploit them by running numerous malicious clients and/or network nodes. Sybil is the pseudonym of the patient in a well-known book about multiple-personality disorder. In this context, its use puns on the strategy of using numerous, apparently independent puppets in a collective attack.
+
+Coercive adversaries focus on security vulnerabilities of particular network nodes, and exploit them appropriately, seeking system compromise. They may also go after system operators, employing social engineering or phishing attacks, physical attacks, political or legal authority, and so on. They may also carry out such attacks against high-value users. These are highly complex topics, and not at all specific to anonymity systems, and so we don't discuss them further.
+
+These distinctions are clearly artificial, and some actual attackers (prototypically, the NSA) are obviously strong in all three areas. Even so, there are realistic examples for each canonical adversary. And in any case, they serve as a useful framework for analysis and discussion.
+
+### Passive Adversaries with Limited Network Reach
+
+For passive and Byzantine adversaries, key resources are network reach to obtain intercepts, data storage, and computing capacity for traffic correlation (and for Byzantine adversaries, modification). For governments, network reach typically depends on legal authority and/or political influence, supplemented through agreements with peers. Finally, the non-governmental passive adversaries, such as schools, businesses and ISPs at various levels, ownership and/or management authority typically limit network reach. And for those adversaries with requisite expertise and resources, stealth is always an option.
+
+All low-latency anonymity systems arguably protect against passive adversaries that can access just one end of a connection. That's typically the case for most non-governmental passive adversaries, except for Tier 1 ISPs. Most governments (excepting the NSA and collaborators, such as the Five Eyes) can only see one end of international connections. In such cases, the hardest part is typically penetrating a perimeter firewall. It might be an enterprise firewall, or the Great Firewall (GFW) of China. But without additional intercepts, traffic correlation and modification can't accomplish very much.
+
+While China is obviously a very formidable adversary, its international network reach has apparently remained quite limited. If that assessment is accurate, all low-latency anonymity systems that manage to connect through the GFW will arguably protect users in China for accessing destinations located outside China, with three exceptions. First, all of them are easily broken for destinations that are under Chinese control. Second, all are broken for destinations that are vulnerable to Chinese man-in-the-middle (MitM) attacks, perhaps relying on counterfeit SSL certificates or protocol vulnerabilities. Third, all are more-or-less vulnerable to Sybil attacks, as we discuss below.
+
+The GFW blocks anonymity systems in at least four ways. First, it blocks access to known entry servers. Second, it blocks traffic based on connection protocol, determined from characteristic headers and packet patterns. Third, it probes suspected entry servers, trying to detect anonymity systems by posing as a client. Fourth, as a last resort, it may simply throttle or block all encrypted traffic.
+
+Anonymity systems can evade the GFW (and other firewalls) by encapsulating their traffic in more generic connections routed via proxy servers. Some VPN services offer obfuscation proxy protocols such as [V2RAY](https://www.v2ray.com/en/) or [Obfsproxy](https://trac.torproject.org/projects/tor/wiki/doc/AChildsGardenOfPluggableTransports) (developed by the Tor project), SSH and/or TLS (stunnel) proxies, and a few use proprietary closed-source transport protocols.
+
+However, against resourceful adversaries, obfuscating the transport protocol is just a temporary fix. Once an adversary has identified a proxy server, it can simply block traffic to that IP address. More seriously, the adversary can also readily identify all users connecting to that proxy server. Furthermore, by investigating hosts that those users subsequently connect to, it can readily identify additional proxy servers.
+
+Distributing proxies is a hard problem. Adversaries can enumerate proxies by posing as users, and resourceful adversaries can field numerous malicious users. Tor bridges are distributed in several ways. Volunteers can create bridges, and share addresses on an ad hoc basis. There's a central BridgeDB but the bridges list isn't public information, but there are [different methods](https://tb-manual.torproject.org/bridges/) to obtain a bridge address in an automated way.
+
+The recently proposed [Raceboat](https://petsymposium.org/popets/2024/popets-2024-0027.pdf) framework, inspired by [CloudTransport bridge](https://www.petsymposium.org/2014/papers/Brubaker.pdf) design takes a different approach. Raceboat purpose is to offer a censorship resistant service helping end users to get access to bridges with a large choice of protocols, instead of having each software embedding their own [Pluggable Transport](https://www.pluggabletransports.info/).
+
+### Passive Adversaries with International Network Reach
+
+Tor is generally far less vulnerable than are most VPN services to passive adversaries with international network reach. It is far larger, and far less vulnerable to coercion. There are many more simultaneous users, and many more nodes (relays). Relays are distributed globally, in numerous data centers, among many nations, and with no central ownership or management. Furthermore, traffic paths change, frequently and unpredictably. Given that, it is arguably impractical for most adversaries to obtain enough intercepts.
+
+Global passive adversaries would, by definition, have enough intercepts. However, there are typically about [four million Tor users](https://metrics.torproject.org/userstats-relay-country.html), and on the order of several million concurrent circuits. Tracing a particular Tor circuit would entail correlating conversations in one intercept (presumably starting with an exit relay or entry guard) with several million conversations intercepted from at most a few thousand other relays. That would be trivial for a global adversary. However, cross correlating all the several million concurrent conversations from all Tor relays would involve on the order of 10{{< sup >}}13{{< / sup >}} comparisons, which is arguably not so trivial. In other words, all but the most resourceful global passive adversaries may be computationally bounded. And in any case, as discussed below, Sybil attacks against Tor are far easier.
+
+Against adversaries with enough network reach to observe a given fraction of the system's nodes, mixnets resist compromise better than Tor does. That is so because mixnets distort traffic patterns, whereas Tor relays do not. That distortion hinders correlation of traffic flows captured in different network segments.
+
+Against adversaries with limited international network reach, Tor resists compromise correctly. That is so for two reasons. First, as noted, observing all system nodes is hard for Tor. Second, cross correlating user conversations between entry and exit intercepts involves a lot of comparisons. Conversely, cross correlating all Tor conversations would require on the order of 10{{< sup >}}13{{< / sup >}} comparisons.
+
+Most VPN services are vulnerable against international reach adversaries. There are typically 10–100 servers, located in 5-20 data centers, in perhaps as many nations, with a hundred users per server. All servers are typically under common ownership and/or management. For providers offering only one-hop routes, an adversary only needs to correlate entry and exit conversations on one server. For all but the largest VPN services, cross correlating all entry and exit conversations would involve far less than a million comparisons.
+
+A few large VPN services have several thousands or more servers, with numerous IP addresses per server, located in perhaps more than 100 data centers. But even for the largest, cross correlating all entry and exit conversations would involve at most a few million comparisons. It all depends on where entry and exit nodes are located, where an adversary can observe traffic, and how many comparisons among concurrent conversations would be required. However, given common ownership and/or management of VPN services, social engineering, or legal and/or political coercion, would be more-likely approaches.
+
+Some VPN services offer multi-hop routes. For example, there might be three servers (A,B,C) in different countries, with six available two-hop routes (A-B,A-C,B-A,B-C,C-A,C-B). Multi-hop routes can offer better protection against passive adversaries with limited network reach, because all users' traffic transits two or more nations. Also, as the entry and exit servers connect using VPNs, adversaries can't intercept individual user connections between servers. But again, common ownership and/or management is the key vulnerability. Multi-hop providers are less vulnerable when the servers are not all in the reach of the adversary who would either know from the VPN entry point that a user is using a multi hop VPN, or from the VPN exit point that a request was done from a multi hop setup.
+
+### Sybil Adversaries
+
+For Sybil adversaries, key assets are large server clusters and fast uplinks. That allows them to run numerous malicious clients and/or attractive network nodes, to efficiently analyze collected data, and to exploit what they learn. They are strongest when they own both clients and network nodes of anonymity systems, because they can use them synergetically. There is no requirement for broad network reach, just bandwidth. We conservatively assume that Sybil adversaries are computationally unbounded.
+
+Even with limited organizational support, anyone with the financial resources and expertise to wield large cloud server clusters (such as public cloud cluster compute instances) can be a strong Sybil adversary, at least for limited periods of time. Given typical cloud pricing structures, enormous resources are very affordable on limited terms. China is undoubtedly a formidable Sybil adversary, given its immense technical (and human) resources. But other plausible examples range from skilled individuals to small academic research groups to non-government gangs to state-level intelligence agencies (such as the NSA).
+
+### Sybil Adversaries vs VPN Services
+
+Introducing malicious VPN servers is both difficult (because one entity owns and/or manages all the servers) and immediately fatal to anonymity (because there's usually just one server between users and destinations). Given that, Sybil attacks involving malicious VPN servers amount to coercion, which we do not discuss.
+
+Consider an adversary, with limited network reach, that seeks to deanonymize those using VPN services to access an Internet destination, such as a social networking site, a discussion forum or an IRC channel. While engaging targeted users there, it could carry out distributed denial of service (DDoS) attacks on various VPN servers, perhaps by initiating bogus TLS handshakes from numerous malicious clients. Unless those VPN servers were protected by intervening firewalls that limited the rate of new connections, this would tie up CPU capacity needed for handling traffic of already-connected clients, and might even crash them.
+
+An effective DDoS attack on a particular VPN server would interfere with its users' activity, and might even take them offline. Given enough testing, the Sybil adversary would know which VPN server each targeted user was connecting through. Knowing that, the adversary might try to directly compromise the server, or go after the operator and/or hosting provider. Depending on its resources, it might use such approaches as political or legal coercion, spearfishing and social engineering.
+
+For adversaries that can observe traffic at Internet exchange points between users and VPN servers, there may be no need to compromise VPN servers or their operators. Given an effective DDoS attack on the right VPN server, the adversary would see impacts on both a user's online activity and their connection to the server. State-level adversaries are canonically resourceful for such attacks against all low-latency anonymity systems, but especially against VPN services.
+
+### Sybil Adversaries vs Tor
+
+Although Tor is much larger than VPN services, it is an open system, where Sybil adversaries can readily wield both clients and relays. Given that, Tor is arguably more vulnerable to pure Sybil adversaries, which we consider to have very limited network reach and no coercive authority. Indeed, Sybil attacks by academic research groups have apparently compromised substantial percentages of Tor users over several months.
+
+Given that state level actors have orders of magnitude more resources, one might expect that Tor is entirely defenseless against them. However, even though Tor is an open system of untrusted relays, entry and behavior of relays are subject to oversight by a core group of trusted developers and relay operators. Also, there is a vetting process for new relays, which seeks to limit disruptive and malicious behavior.
+
+In other words, Sybil attacks on Tor aren't so much limited by an adversary's resources as they are by oversight. While that largely mitigates the resource advantage possessed by nation-state adversaries such as the NSA and China, it does so only for Sybil attacks. There is no such defense against passive network analysis by nation-state adversaries with adequate network reach, because it's not readily detectable.
+
+Consider a pure Sybil adversary, which can wield numerous malicious Tor clients and relays, but lacks other resources. It fields two groups of malicious relays, one targeted for use as entry guards, and the other targeted for use as exit relays. By comparing traffic through circuits handled by member of those groups, it can identify circuits where it provides both an entry guard and an exit relay. That compromises clients, because the adversary knows both their IP address and the Internet destinations that they are accessing.
+
+For malicious entry guards, the strategy involves avoiding the Exit flag by blocking connections to the Internet, and getting the Guard flag by being online continuously for at least eight days. In practice, malicious entry guards would remain online continuously during an attack, to maximize their usage. For malicious exit relays, the strategy involves getting the Exit flag by allowing connections to the Internet, and avoiding the Guard flag by being continuously online for periods of a week or less.
+
+An adversary can increase the speed and breadth of this Sybil attack by employing malicious clients in DDoS attacks against honest relays. By attacking honest entry guards, the adversary can gradually push user clients to its malicious entry guards. Similarly, by attacking honest exit relays, the adversary can push user clients to its malicious exit relays.
diff --git a/src/content/es/pages/privacy-guides/an-introduction-to-privacy-anonymity.md b/src/content/es/pages/privacy-guides/an-introduction-to-privacy-anonymity.md
new file mode 100644
index 000000000..9201186a7
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/an-introduction-to-privacy-anonymity.md
@@ -0,0 +1,53 @@
+---
+title: 'An Introduction to Privacy & Anonymity'
+author: Ed Holden
+url: /privacy-guides/an-introduction-to-privacy-anonymity/
+section: Basic
+weight: 30
+articles: [
+  {
+    title: "An Introduction to Tor vs I2P",
+    url: "/privacy-guides/an-introduction-to-tor-vs-i2p/"
+  },
+  {
+    title: "Applying Risk Management to Privacy",
+    url: "/privacy-guides/applying-risk-management-to-privacy/"
+  },
+]
+date: 2021-10-30T12:42:14+00:00
+layout: guides-details
+---
+## Introduction
+
+Living in today's interconnected world has brought with it significant advantages. Most apparently, the velocity of communication and information interchange has opened new avenues for the propagation of ideas and new businesses in ways that were in the domain of science fiction only a few generations ago. However, along with the benefits this new world provides, there are significant new challenges raised. The same technology that allows families to communicate in realtime across continents also enables widespread cataloguing of those conversations' contents. The same technology that allows online retailers to customize your shopping experiences in such a way as to give you exactly what you want from the comfort of your own home also allows data brokers a form a highly detailed profile of you. These are constructed not just by using information you have provided, but the massive amounts of consumer data they harvest and acquire from other partners. Data has been dubbed the new oil and the most important resource to harvest. Its availability, abundance and usefuleness is increasing, and business models built on exploiting these trends have generated trillions of dollars in market capitalisation for a handful of companies. 
+
+## Privacy vs Anonymity
+
+This complex system that we find ourselves in demands precision of thought and language to ensure that we are able to achieve our individual privacy goals. It is therefore important to analyze and differentiate between two different, though closely intertwined notions: privacy vs. anonymity.
+
+### Privacy
+
+Privacy lies at the intersection of two fundamental social notions: control and trust. That is, who has control over information about you, and do you trust him or her to keep that information secret? When students enter a university, they know that the university will be cataloging their performance in class. That catalogue of performance can function as a proxy for a student's intelligence, work ethic, or even just their interest (or lack thereof) in a given field of study. This is intimate data about an individual that a person rightfully would like to be kept private. Unfortunately for the students, they lack control of this data - it exists in their university's database. However, due to local laws and contractual obligations, the student is aware that the university would face substantial sanctions and liability were it to reveal their private data to others without their prior authorization.   
+
+### Trust
+
+Because of these safeguards, the student has 'trust' that their private information will be protected by the university; interests are aligned. The students then can say that their grades or marks at university are still 'private'. The fact of the matter is that we face situations like this every day. We often are coerced, either out of convenience, law, or some other force, into giving up some element of control over our private information. In the case the students above, their only way to receive some sort of certification in their field is to submit to the system of the university. Usually this is marked with some assurances that the information will only be used for agreed-upon purposes: we enter a trust relationship with the entity to whom we give control of our information. Unfortunately, many of these entities have shown themselves to be less than trustworthy. Whether it is governments [wiretapping its own citizens][1] without following necessary legal requirements, social media corporations playing [fast and loose][1] when interpreting privacy policies, or your ISP [selling your browsing history][2] to marketers and data brokers, we cannot trust those gain control of our private information through coercion.
+
+### Anonymity
+
+We are now faced with a predicament: how do we maintain our privacy when we are forced to give up control of our private information and we know that we cannot trust the entities to whom we give the information? Here is where the concept of anonymity comes into play. Consider a political dissident posting blog entries that are critical of the regime currently in control of their nation. In any nation, it can be assumed that there is at a subset of the population that does not support the current leadership. The difficulty comes into play when the dissident's ISP provides the government with logs tying the blog post to the their home internet connection. If they could somehow bifurcate their physical-world identity from their blog entries, then the fact that he cannot trust their ISP ceases to be relevant. This could be as simple as using open Wi-Fi access points from which to make their posts - this can be risky however, as one tries to avoid patterns of access that could give clues to one's identity. While the outcomes you might face from the loss of privacy are possibly different or less grave, this concept can be adapted to your specific situation.
+
+### Regaining control
+
+Essentially, we see that anonymity allows us to extract the need for control and trust from all of our private information and consolidate it into one very special piece of information: our identity. The dissident blogger does not care if his government knows that there are those who oppose them - as long as they do not know that he is one of them. Anonymity, then, can be thought of as a function applied to a given set of private data. It factors out the term of 'identity' from the set of data to which it is applied. However, just as a factored term can be multiplied back into a mathematical equation easily, so can the 'identity' that has been factored out from a set of data. Given that routing on the internet is a complicated process and there are no guarantees of trust along the way, it makes sense to drop the 'identity' term as quickly as possible from the equation in order to permanently bifurcate who you are from your information. 
+
+Achieving this separation and attaining 'anonimity' online is becoming harder with the increase in range and effectiveness of capabilities to identify you. To get started with basic steps you can consult EFF's [Surveillance Self-Defense documents][3]. As a next step we recommend reading the rest of our [Privacy Guides][4], working your way up to Advanced guides that discuss compartmentalization and isolation using virtual machines, nested VPN chains and Tor.
+
+As you choose technical safeguards to put in place to protect your privacy online, remember that there are significant economic and political entities who are trying to catalogue your every action online: everything from your latest email to your grandmother to the anonymous (or so you thought) report you made as a whistleblower to your nation's trade commission. Vigilance is advised. 
+
+
+
+[1]: https://www.ftc.gov/news-events/press-releases/2021/10/ftc-staff-report-finds-many-internet-service-providers-collect
+[2]: https://www.nationalreview.com/2017/05/nsa-illegal-surveillance-americans-obama-administration-abuse-fisa-court-response/
+[3]: https://ssd.eff.org
+[4]: https://www.ivpn.net/privacy-guides/
diff --git a/src/content/es/pages/privacy-guides/an-introduction-to-tor-vs-i2p.md b/src/content/es/pages/privacy-guides/an-introduction-to-tor-vs-i2p.md
new file mode 100644
index 000000000..3dac9c2ad
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/an-introduction-to-tor-vs-i2p.md
@@ -0,0 +1,48 @@
+---
+title: An Introduction to Tor vs I2P
+author: Ed Holden
+url: /privacy-guides/an-introduction-to-tor-vs-i2p/
+section: Basic
+weight: 40
+articles: [
+  {
+    title: "Applying Risk Management to Privacy",
+    url: "/privacy-guides/applying-risk-management-to-privacy/"
+  },
+  {
+    title: "Creating a VM within a hidden truecrypt partition",
+    url: "/privacy-guides/creating-a-vm-within-a-hidden-truecrypt-partition/"
+  },
+  {
+    title: "How to perform a VPN leak test",
+    url: "/privacy-guides/how-to-perform-a-vpn-leak-test/"
+  }
+]
+date: 2020-11-11T13:48:54+00:00
+layout: guides-details
+---
+Darknet. The word in and of itself brings to mind visions of the seedy underbelly of the internet; a virtual red-light district, back alley, and digital ghetto all rolled into one. Despite this threatening image that the media and many governments would like to imprint on the public consciousness, privacy-aware individuals know that in todays world of ISP data retention being measured in petabytes and massive supercomputing resources being thrown at traffic analysis by both governments and private industry alike, individuals must take it upon themselves to ensure the freedoms that come with anonymous information access and communication. Two of the most popular tools for doing so on the internet are Tor and I2P. Both will be compared and contrasted below.
+
+## Tor
+
+We will begin by examining the underlying technology of the [Tor network][1] with an eye towards how it works to protect your anonymity online. The Tor network is comprised of three different types of nodes: directory servers, exit points (also referred to as exit relays), and internal relays. When you connect to Tor, the first thing your client does is acquire a current list of relays from one of the trusted directory servers. The addresses of these servers are included with the basic configuration files shipped with the client (of course, as with any reputable privacy tool, you have the option to alter what directory servers you trust to provide you with valid relays).
+
+After retrieving a list of currently operational relays from the directory servers, your client then determines the optimal route for your traffic across the Tor network and finally terminating (from the Tor network perspective) at an exit node. This circuit created consists of your computer, the relay to which you are connecting and multiple internal relays before reaching an exit node. Note that this is substantially different that the traditional IP forwarding that occurs between routers on the internet. Traditional IP routers follow a best possible route on a per-packet basis, there are no 'stateful' circuits from an IP perspective (as a qualifier to this statement, it is necessary to grant that it is within the technical realm of possibility that every router between you and the computer you are connecting to could have single, static routes to one another, though in practice this is a near impossibility). In short, for the life of a circuit, all of your traffic will follow the same route within the Tor network and exit at the same point. Later, we will see how this is fundamentally different that the way the I2P network operates.
+
+During the circuit creation process, your client exchanges cryptographic keys with the first relay it connects to and begins encrypting traffic back and forth. Further each hop in transit between the various relays is encrypted using those relays' cryptographic keys. You can visualize this as layers of encryption being wrapped around your data: this is where the phrase 'onion routing' comes from when describing the type of network Tor establishes. Finally, your encrypted traffic is decrypted at the exit relay where it is then forwarded out onto the 'regular' internet. This is one of the ways that Tor helps maintain your privacy online - each exit node is aggregating traffic from many other Tor users and putting it out onto the internet all at once. Your traffic becomes a small stream in the giant swath of data coming from and entering back into any given exit node. It is also important to note that your exit node only knows which intermediate node to send receiving data back to (this is also true for each internal to internal leg of the circuit). What this means is that your identity and the content of your traffic are cryptographically bifurcated - your entry node knows who you are but not what you are doing and your exit node knows what you are doing but not who you are. All the relays in between only know to forward the encrypted payload to the next relay on the circuit. Assuming that the content of your traffic does not reveal your identity, this permits you to browse the internet completely anonymously.
+
+As a side note, Tor also allows you to run and access what are called ''hidden services'. These are servers that are accessible only from within the Tor network itself. While this is not the primary purpose for Tor, it does provide an opportunity for one to use dedicated in-network services in a cryptographically secure manner. Among the various hidden services are various blogs, email servers, and forums. We will see later how I2P provides a better framework for providing these hidden services, but if one's primary goal is to access 'regular' internet services in a anonymous fashion, Tor is a vital tool in one's arsenal.
+
+## I2P
+
+On the surface, [I2P](https://geti2p.net/) appears to provide many of the same benefits that Tor does. Both allow anonymous access to online content, both make use of a peer-to-peer-like routing structure, and both operate using layered encryption. However, I2P was designed from the ground up to provide a different set of benefits. As we saw above, the primary use case for Tor is enabling anonymous access of the public internet with hidden services as an ancillary benefit. I2P on the other hand, was designed from day one to be a true 'darknet'. Its primary function is to be a 'network within the internet', with traffic staying contained in its borders. Very few outbound relays exist in the I2P network, and the few that do exist are rarely usable.
+
+As mentioned above, I2P routes traffic differently than Tor. At its heart, I2P performs packet based routing as opposed to Tor's circuit based routing. This has the benefit of permitting I2P to dynamically route around congestion and service interruptions in a manner similar to the internet's IP routing. This provides a higher level of reliability and redundancy to the network itself. Additionally, I2P does not rely on a trusted directory service to get route information. Instead, network routes are formed and constantly updated dynamically, with each router constantly evaluating other routers and sharing what it finds. Finally, I2P establishes two independent simplex tunnels for traffic to traverse the network to and from each host as opposed to Tor's formation of a single duplex circuit. This provides the additional benefit of only disclosing half the traffic in the case of an in-network eavesdropper.
+
+From an application-level perspective there is a fundamental difference between the I2P and Tor networks as well. Tor functions by providing a proxy on your local machine that you must configure your applications to use (of download specially configured application bundles). In contrast, I2P is generally used by applications that are written specifically to run on the I2P network. These include, but are not limited to, instant message, file sharing, email, and distributed storage applications (yes, you can store encrypted data in the I2P `cloud,` similar to Freenet).
+
+## Conclusion
+
+We see that both Tor and I2P provide cryptographically sound methods to anonymously access information and communicate online. Tor provides one with better anonymous access to the open internet and I2P provides one with a more robust and reliable 'network within the network', a true darknet, if you will. Of course, when implementing either of these two tools, one must always be aware that one's ISP can see that he or she is using Tor or I2P (though they cannot determine the content of the traffic itself). In order to hide this knowledge from one's ISP, a trustworhty VPN service can act as an entry point to one's anonymous network of choice.
+
+ [1]: https://www.torproject.org/
diff --git a/src/content/es/pages/privacy-guides/applying-risk-management-to-privacy.md b/src/content/es/pages/privacy-guides/applying-risk-management-to-privacy.md
new file mode 100644
index 000000000..cf1aeaf42
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/applying-risk-management-to-privacy.md
@@ -0,0 +1,83 @@
+---
+title: Applying Risk Management to Privacy
+author: Ed Holden
+url: /privacy-guides/applying-risk-management-to-privacy/
+section: Basic
+weight: 50
+articles: [
+  {
+    title: "Creating a VM within a hidden truecrypt partition",
+    url: "/privacy-guides/creating-a-vm-within-a-hidden-truecrypt-partition/"
+  },
+  {
+    title: "How to perform a VPN leak test",
+    url: "/privacy-guides/how-to-perform-a-vpn-leak-test/"
+  },
+  {
+    title: "How to verify physical locations of Internet servers",
+    url: "/privacy-guides/how-to-verify-physical-locations-of-internet-servers/"
+  }
+]
+date: 2013-10-23T13:53:54+00:00
+layout: guides-details
+---
+Here is a startling fact: **there is no perfect privacy solution on the internet**. The truth is that every time you send bits down the wire, there is a chance that someone along the way is tying those bits back to your real-world identity. My guess is that now you are telling yourself, `Of course, I've always known that.` Good, because we are not going to spend the time to establish the validity of this claim - others have done that in more detail and with more direct evidence than I have access to (just ask former AT&T technician Mark Klein{{< sup >}}[1](#ref1){{< / sup >}}).
+
+## Why risk management
+
+Despite knowing that fact, we in the privacy-aware community often haphazardly apply whatever internet privacy safeguards we have access to, without regard for addressing specific threats. Sometimes this leads to missing certain essential safeguards, such as ensuring that we are connecting to our email servers using SSL/TLS, but then not thinking about the fact that our emails are then usually sent without encryption over the wire to the recipient's email server. More often than that, though, we end up throwing every tool at every problem, thus degrading the quality of our online experience unnecessarily. Imagine here the case of an individual with a trusted laptop accessing his email server through an untrusted local network. Knowing that the network is untrusted and believing that the network owner has an interest in reading the user's email, the user ensures he is using email encryption such as GPG and that he is connecting to his server over a SSL/TLS wrapped connection. Now, this is a solution that will in fact mitigate against the threat of eavesdropping by the network owner but it also carries with it a fairly high price in terms of convenience: the person you are sending the email to must also be a GPG user (and those of us who have tried to use GPG regularly know how big of an uphill battle it is to convince others to do the same). Essentially, the point is that all privacy and security assurances come with a cost in terms of convenience. Given that fact, it makes sense that we take the time to analyze what specific privacy risks we are trying to mitigate and apply the minimum necessary solution the address those risks. In short, we should apply risk management techniques to our online privacy concerns, lest we end up creating systems that are unnecessarily onerous that we, in all honesty, are unlikely to comply with in the long run due to the convenience factor.
+
+## Risk management steps
+
+We are going to take an example-driven simplified view at applying a well-known risk management framework to the question of securing one's privacy on the internet. We will be using the US National Institute of Standards and Technology Risk Management Framework, a system that serves as a model for many other proprietary risk management systems and is well known to many who operate in the information security world. This framework includes the following steps:
+
+  1. Categorize the information based on importance or impact
+  2. Select a baseline set of controls to protect that information from the known set of relevant threats
+  3. Implement those controls
+  4. Authorize the system based on the evidence that the residual (unmitigated) risk is acceptable
+  5. Monitor the implemented controls on a continuous basis to ensure that they are functioning to truly mitigate the targeted risks.
+
+### Categorize
+
+Consider the case of a political dissident in a nation with an oppressive regime. He holds a regular job, attends the expected social functions, but at night he posts to a non-domestically hosted blog about the injustices he witnesses in his home country. This is the only subversive action he takes. In this situation, the dissident would categorize only his identity in the blog posts as essential to be kept private - the government, at least putatively, has no interest in his regular emails and other internet-based activity. Further, he knows that there is collusion between the companies that provide internet access in his country and the government, and that this collusion entails tracking the source of blog posts that undermine the current regime.
+
+### Select
+
+Based on the facts our dissident is aware of listed above, he decides that the best way to protect his identity is to ensure that all of his blogging activity happens over an encrypted connection that terminates outside of his country. To accomplish this, he selects an international VPN service that allows him to choose an exit point in a different country{{< sup >}}[2](#ref2){{< / sup >}}. He now knows that the government, through its collusion with his ISP, can only see an encrypted stream of traffic from his computer to the VPN server: no data and no final destinations are available to them.
+
+### Implement
+
+This is where the user's technical expertise is put to the test. With every risk mitigation technique, there are key items that must be implemented correctly or the mitigation will fail. For the dissident, one of these key items is to ensure that his computer is in fact sending all internet-bound traffic over the VPN tunnel, including DNS requests. If his DNS requests are going to his home router instead, it is likely that this router gets its DNS info from the ISP's server, thus providing knowledge to his ISP that he is accessing anti-government web sites. This becomes the most dangerous type of situation - one where you believe a risk is adequately mitigated, but in fact, this belief is just an illusion. If this were the case for our dissident, he would carry on making his blog posts until his door was kicked in and he was `disappeared,` all the while, wondering what went wrong. The take-away point here is to make sure that you have the technical expertise to implement the risk mitigation technologies you choose.
+
+### Assess
+
+During this step, our political dissident would run tests to validate that his VPN service is actually encrypting and forwarding all of the traffic that could provide information leak. He might run tcpdump or Wireshark on his network interface to ensure that all internet-bound traffic was in fact tunneled through the encrypted VPN connection. He could also watch the handshake connection with the VPN server to ensure that a cypher of sufficient strength to prevent cracking was being used. In big-picture terms, this is where you verify that your protection scheme is working the way you intended it to.
+
+### Authorize
+
+Now, in a large organization or government, this is the step where a system would be evaluated by a supervisory person or group to ensure that the risk/payoff ratio was minimized to a sufficient degree given the goals of the organization. Of course our dissident has no such supervisor. Instead, on an individual user basis, this is where our dissident would step back and think again about what he is risking (threat of violence for speaking out about his government) and whether or not the mitigating technologies do in fact reduce that risk to an acceptable level. It is easy to want to gloss over this step and just run with the system as it has been configured. However, it is always prudent to take one last moment before taking the risk to step back and ask oneself again, `Have I articulated all the risks I can think of and do my mitigation strategies actually address all of those risks?`
+
+### Monitor
+
+This is the final and continuous step in the risk management process. For our dissident, this involves not just spot checking his VPN connection to ensure that it is working correctly, but also keeping aware and informed of new risks that may emerge. For instance, the encryption certificates for his VPN service could be compromised or there may be a flaw discovered in the cryptographic cipher being used. Maybe no new technological risk emerges but instead his government just decided to begin searching the homes of anyone who they detect connecting to a non-domestic VPN service. Either way, it is vital to understand that the risk landscape is constantly in flux and one must continue to be aware of those changes in order to maintain the level of privacy one has established.
+
+In conclusion, remember that this is a highly simplified example of how the risk management process is carried out. Each individual will likely identify many risks with varying levels of likelihood, each requiring different strategies to mitigate. Even if you choose not to follow this process in a formal manner, it is still useful to practice thinking of threats to one's privacy in these general terms - it will help guide your thinking towards finding optimal solutions that are both effective and easy enough to live with.
+
+{{< raw-html >}}
+<div class="footnotes">
+  <hr />
+  
+  <h2>
+    Footnotes
+  </h2>
+  
+  <ol>
+    <li id="ref1">
+      <a href="http://en.wikipedia.org/wiki/Mark_Klein" target="_blank">http://en.wikipedia.org/wiki/Mark_Klein</a>
+    </li>
+    <li id="ref2">
+      For the purposes of this article, we are assuming a simplified threat model; of course a real-world risk management process would involve more complex and varied risks including the possibility of a man-in-the-middle attack and local computer compromise, among others.
+    </li>
+  </ol>
+</div>
+{{< / raw-html >}}
\ No newline at end of file
diff --git a/src/content/es/pages/privacy-guides/comparing-dvpns-centralized-vpns-privacy-protection.md b/src/content/es/pages/privacy-guides/comparing-dvpns-centralized-vpns-privacy-protection.md
new file mode 100644
index 000000000..bd19e3476
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/comparing-dvpns-centralized-vpns-privacy-protection.md
@@ -0,0 +1,130 @@
+---
+title: "Comparing dVPNs and centralized VPNs for privacy protection"
+author: Viktor Vecsei
+url: /privacy-guides/comparing-dvpns-centralized-vpns-privacy-protection/
+section: Basic
+weight: 10
+articles: [
+  {
+    title: "18 Questions to ask your VPN Service provider",
+    url: "privacy-guides/18-questions-to-ask-your-vpn-service-provider/"
+  },
+  {
+    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 1",
+    url: "/privacy-guides/advanced-privacy-and-anonymity-part-1/"
+  },
+  {
+    title: "How to perform a VPN leak test",
+    url: "/privacy-guides/how-to-perform-a-vpn-leak-test/"
+  }
+]
+date: 2021-02-11T06:33:33+00:00
+layout: guides-details
+---
+
+This introductory guide compares two type of VPN services: a legacy model built by centralized businesses, and distributed VPNs that have come to the market recently with a goal of disrupting it.
+As we have covered in earlier [blog posts][1] and [guides][2] the most important reason to use a VPN service from a privacy perspective is to obscure your internet traffic and browsing history from your ISP. Internet service providers and mobile network operators are incentivized to log, analyze, reuse and [sell this information][3], and/or are bound by data retention [requirements from governments][4]. Routing your traffic through a VPN on untrusted networks and masking your IP when accessing websites and services can offer further privacy benefits.
+
+Most commercial, centralized VPNs are designed to fulfil these use cases, and they are fit for purpose if (and only if) you trust your VPN provider more than your ISP. A recent wave of blockchain based projects promise to improve on the centralized VPN model by offering better transparency, multi-hop functionality, distributed nodes to connect to and pay-per-use compensation models. In this post we take a deeper look at both approaches to evaluate their pros and cons. The aim of this writeup is to help you decide if going with a decentralized solution makes sense for you.
+
+### What is not addressed in this guide?
+Commercial VPN services and other tools that shift your IP location and encrypt your traffic have other use cases besides privacy protection and evading dragnet surveillance. Chief among these are enabling connection to websites and services that are blocked by censorship or a firewall. Another benefit is the ability to unlock streaming content restricted to one geographical area. In these scenarios a decentralized VPN might do well, or perform better than a centralized service. This post focuses on the privacy protection aspects of VPNs. 
+
+### Introduction to dVPNs
+dVPNs use blockchain technology to operate a network of distributed nodes to connect to, and aim to improve on VPN service design in [other ways][5]. Current solutions promise proven inability for centralized logging, distribution of trust without one entity making decisions, and more fair payment systems. They aim for these improvements and highlight them as selling points while [promising to deliver][6] the same benefits as a centralized VPN service.
+
+When evaluating dVPNs, we consider the follow criteria as a baseline implementation:
+1. Traffic encryption between end points using the latest, verifiable cryptographic standards and protocols
+2. Many (ideally thousands of) nodes available for connections, not controlled by the same/small number of entities
+3. After connecting, traffic goes through at least three nodes - entry, relay and exit peers acting in coordination for their VPN traffic routing. An ideal dVPN setup mirrors [Tor's implementation][7], where the entry server you connect to knows who you are (IP address), but not what you do, since your traffic is encrypted and passed on to the next peer. The relay server(s) have no information about data source and its content. The exit server receives the encrypted traffic, decrypts it and routes it to the destination, knowing what you do, but not who you are. Having this three node implementation as a baseline is important for future evaluations, as it's a necessary to deliver on the promise of 'no logging is possible due to decentralized network design'.
+
+For the sake of comparison, we assume solutions meeting the above criteria are available on the market. In the upcoming sections we will discuss whether this assertion is true. 
+
+As a starting point, we will discuss the characteristics of a good VPN service for privacy protection, taking the properties we recommend people to look at when picking a solution. These are, in rough order of importance:
+
+### 1. Trust
+
+When picking a centralized VPN a key consideration is whether you can trust those running the service. Do they operate transparently with declared ownership? Do they have a long track record of doing their job without any problems and slip-ups? Do they have clear policies and legal guidelines to protect customers from undue scrutiny? These questions are important, as the answers will decide the trustworthiness of the service. This trust is required as you won’t be able to monitor with total certainty what the company is doing with the data you are passing on to them. If you can’t trust the operators of centralised VPN service, you should not use their product.
+
+The lack of need to trust one entity is one of the selling points of dVPNS. While this idea has merits due to their infrastructure design with no centralized entity capable of logging, your data does pass through one or more nodes in the system that are operated by companies or individuals that might be untrustworthy. They can observe the source and content of your traffic, or both, depending on their position in the network. The issue is that while the design of the most popular dVPNs (Orchid, Sentinel, Mysterium) rely on the multi-hop model described earlier for distributed trust, current implementation of these services default to direct connection to one node. In this setup you rely on a single node; most services don’t even offer multi-hop functionality. 
+
+With a single node acting as an entry and exit node, you need to know and trust its operator to not log your activities. Exit nodes can use the decrypted data for observation, identification and correlation attacks in cooperation with other entities. The Tor network, where your connection is routed through four nodes, suffer from unknown actors running [hundreds of malicious relays][8]. These potential drawbacks are even more prominent if a distributed network has many nodes, but a low number of users connecting to them. Crowding effects due to VPN users sharing the same exit IP make identification [more difficult][9]. Some dVPNs attempt to solve the issue of malicious nodes by routing your traffic to a new node with each new initiated connection, or by connecting to multiple nodes for [different requests][10]. Another approach to improve node trust, used by Orchid, is to enable and curate lists of "trusted nodes", but in that case you either need to vet nodes yourself, or outsource the assessment to a [third party][11]. The latter is not dissimilar to the trust you have to put into a centralized provider ‘curating’ their own list of servers after vetting infrastructure partners. 
+
+Regarding trust, we can conclude the design of dVPN infrastructure can provide a setup where trust in a centralized entity is not required, which would make it a better choice than centralized VPNs. On the other hand, dVPN exit node operators have the ability to keep detailed logs of your activities, which makes current implementations of the concept sub-par. Specifically with one-node setups, your IP address and unencrypted data is available for observation. In contrast, server hosting providers for centralized VPNs (ideally) don’t have direct access to data stored on servers, and thus cannot simply start monitoring connection and user activity. However, if they have physical access to the servers, with sufficient motivation and resources they can get access to the data.
+
+Since all dVPN providers we have looked at (Orchid, Sentinel, Mysterium and Deeper) default to a one-hop connection as of February 2022, we can state dVPNs are currently not better choices from trust perspective. Some providers go as far as promising ["hiding your IP from everyone"][12], which is a misconception.
+
+
+### 2. Sound technical implementation
+
+No matter how much you trust the operators of a centralized service, if their competence does not meet the requirements to run a VPN your privacy will be at risk. Implementation and upgrade of proven VPN protocols and standards are important criteria to evaluate against. We consider the minimum to be OpenVPN with SHA-256 authentication, RSA-2048 handshakes or better, AES-256 ciphers, or implementation of WireGuard, along with added [perfect forward secrecy][13]. Certainty around backend and infrastructure design that ensures no activity logging is critical. Centralized VPNs often fall short in demonstrating whether this condition is met; open sourced applications, regular audits and pentest reports are positive signals. Audits, however, are just a snapshot in time, and there is no way to verify the running code of a centralized service. This is where step 1. comes into play: you need sufficient trust towards the service.
+
+For decentralized VPNs soundness of implementation can be verified by you or an analyst you trust. dVPNs default to transparency, come with open source code and [open infrastructure design][5]. You can check against the claims of no system-wide logging or backdoors existing in the network, which makes the node behavior the only remaining aspect of the service you can't verify. Analyzing specific services is beyond the scope of this guide, we assume that years after launching there are services that deliver on their promises without obvious security flaws. As always, do your own research before using a service.
+
+### 3. Stability and Speed
+
+For centralized providers, stability comes from proper infrastructure design and fast resolution of networking issues in tandem with hosting providers that house their servers. Availability and uptime depend on these factors. You can only rely on the past performance of the network to judge whether it provides you with the level of resilience you need.
+Speed is another an important consideration - centralized VPNs that don't oversell their services can achieve minimal drops in speed even on a gigabit connection for customers located close to one of the server locations. This is a high bar, and many providers onboard too many users, creating a supply problem for capacity. If you choose to go with centralized services, it is a good idea to test multiple VPN providers for stability and speed before long-term commitments.
+
+In a decentralized network if one or even a large number of nodes go down your traffic is routed through different ones. This means that a well-designed dVPN network cannot be taken down as long as there are available nodes. The stability of the service with a working-as-intended decentralized infrastructure with a high number of available nodes could only be compromised because of issues with the application you use to interface with the network.
+
+Using the three-hop, ideal setup as a starting point for assessing speed, a degradation of speed is inevitable due to packets having to travel in different physical locations. Tor suffers from a similar user experience problem and speed issues are often cited in [assessments of the network][14]. Further, most dVPNs utilise residential nodes, often end-users in their networks, to act as peers. Bandwidth for retail customers [is improving][15], but limited compared to what professional infrastructure providers can offer to centralized VPN nodes. This is one potential reason why dVPN providers currently default to one-hop setups in their apps to improve usability and speed, even though they undermine the distributed trust promise in the process. One provider mitigates the issue by admitting that '10mbps to 40mbps' is the realistically achievable [average speed][16], while others partner with VPN services to act as exit (or single) nodes to [improve on this aspect][17].
+We can conclude that for speed, a centralized VPN has a good chance to win out against dVPNs. Making a similar comparison between a multi-hop setup of a centralized VPN and a three-hop dVPN is less straightforward. We can also argue that a centralized, capable provider who controls the servers in hand-picked location can better optimize for speed; results will vary based on your location, infrastructure and network conditions. In terms of resilience, in theory, dVPNs should perform better with regards to downtime and network-wide failures.
+
+### 4. Price
+
+Most commercial VPN services use a monthly/yearly recurring payment model. Some have flat pricing, some use discounts, but most get users to pay an annual fee. Such an approach can put customers with intermittent use or short-term plans at a disadvantage, having to overpay for a service they don't utilize or don't wish to commit to long term. Recurring subscriptions can also result in renewal payments for unused services that are not noticed.
+
+Decentralized providers, to improve fairness use a "pay per use" method, which, for most services is  heavily subsidised to be free or cheap. While we can find examples of this model getting adopted in the ‘meatspace', such as with gas pumps and calling cards, we suggest that the actual usability for a VPN service is subpar and unlikely to be an improvement over recurring subscriptions. Most customers don't know how much traffic they need, and rather not spend time topping up regularly. Having said that, if providers can nail better usability for purchases, this approach can result in fair pricing for customers. 
+
+One potential improvement over the centralized VPN model is the lack of personal data required when subscribing to dVPNs - you just need some tokens to use them. This upside is limited by the fact that multiple centralized VPNs don’t even need an email address to sign up, while also [accepting cryptocurrencies and cash][24]. 
+
+
+|            dVPN network            |                          Hops (default)                          |                                                           Exit nodes                                                          |        Data costs        | Device required  |                           Logs                          |
+|:----------------------------------:|:-------------------------------------------------------------------------:|:-----------------------------------------------------------------------------------------------------------------------------:|:------------------------:|:-----------------:|:-------------------------------------------------------:|
+| Deeper Network                     | 1 (with 'Full routing') | Each node is an exit by default. Mandatory for mining and full routing.  | 1 TB = 1 DPN ≈ $0,13     | Yes               | Exit nodes keep logs [on device][23]  |
+| Sentinel VPN                     | 1 - No multi-hop                                                      | Dedicated, incentivised, open to anyone.                                                                                       | Free                     | No                | No centralized logging, nodes can keep logs             |
+| OrchidVPN                          | 1 - Optional multi-hop                                | Whitelisted partners (VPN and hosting companies)                                                                              | 1 GB ≈ 0,06$             | No                | No centralized logging, nodes can keep logs             |
+| Mysterium                          | 1 - No multi-hop option                                                     | Dedicated, incentivised, open to anyone                                                                                       | 1 GB ≈ 0,01 MYST ≈ 0,04$ | No                | No centralized logging, nodes can keep logs             |
+
+### Further considerations for dVPNs
+
+The following points do not apply to all services, but are important to mention when evaluating distributed VPNs.
+
+1. As discussed before, exit nodes are important participants in a distributed VPN network, responsible for the decryption and routing of data packets to their next destination. For this reason they are liable for any abuse happening on the network, as their IP address will be associated with any such activity exiting through them. Depending on network design and go-to-market strategy, dVPNs approach them in different ways:
+    1. They incentivise end-users to acts as exit nodes, earning money or credits (Sentinel, Mysterium). These providers distribute guides for participants on how to deal with the ['exit node problem'][18]. 
+    2. Use 'trusted partners' as exit nodes, for example VPN providers and hosting companies to provide exit nodes (Orchid). Orchid's choice points to an issue of residential nodes acting as exits: when the law enforcement comes knocking, a decentralized network won't take end-user liability or provide legal assistance. Activists running exit nodes for Tor have been battling with this issue since the [inception of the network][19]. We recommend assessing whether the system is sustainable if exit node operators are not protected from or don't understand the ramifications of potential abuse.
+2. Certain dVPNs prioritise other use cases over privacy and don’t mask your IP address by default. One example is Deeper Network, where only connection requests that the system deems qualifying pass through the nodes in the network ("smart route"). Masking of your IP and encrypted connection can be achieved only by switching to a "DPN full route" mode, which forces you to become an exit node, resulting in a [tricky tradeoff][20]. The "smart route" option might come handy for P2P downloading and geo shifting for streaming services, but their design choices show that Deeper Network is not a good choice for privacy.
+3. When you are evaluating centralized VPNs, it's important to keep in mind that in most cases if the service is free, your data is the product sold to someone else. While this warning might not apply to all dVPNs, they reward nodes with token distribution and customers with free access when they are starting out. As the service matures and supply and demand starts to grow organically, there is no need for incentivisation. However, if there is no money coming into a closed system it cannot sustain itself for long - subscription fees are an obvious solution for this. Don't pick a service just because it's free right now.
+4. Some dVPNs, like the Deeper network rely on [proprietary devices][21] that sit between your modem and your device/router. If you need a VPN solution on the road their solution might not be a good fit.
+
+### Comparison summary 
+
+With centralized VPNs you have to trust those running the service that the implementation of all parts of their system reflect their privacy-protecting promises. This trust is the key point of failure: you don't need to additionally consider details like traffic routing rules and potential malicious nodes. In case of dVPN, you don't need to trust a central entity, but you face challenges of achieving a practical multi-hop setup and vetting of nodes (or list of nodes).
+
+Decentralized VPNs offer a vision where trust in a single entity is not required, making them potentially better choices for evading ISP and dragnet surveillance. Current solutions in this segment, however, fall short of these promises because of implementation choices around one-hop routing, questions around exit node trust and liability and [low adoption rates][22]. For privacy protection, a centralized VPN service is a better choice if you are ready to trust a provider with handling your data. If that trust leap is too big for you, or you care deeply about decentralisation, going with a dVPN is a better idea - just consider the tradeoffs detailed in this guide.
+
+[1]:https://www.ivpn.net/blog/vpn-imperfect-necessary-privacy-enhancing-tools/
+[2]:https://www.ivpn.net/privacy-guides/will-a-vpn-protect-me/
+[3]:https://www.ftc.gov/news-events/press-releases/2021/10/ftc-staff-report-finds-many-internet-service-providers-collect
+[4]:https://privacyinternational.org/sites/default/files/2017-12/Data%20Retention_2017.pdf
+[5]:https://docs.sentinel.co/assets/files/whitepaper-513665f81a5d6c4b462e111926d26f57.pdf
+[6]:https://blog.orchid.com/everything-you-need-to-know-about-centralized-decentralized-and-opensource-vpns/
+[7]:https://www.eff.org/pages/what-tor-relay
+[8]:https://tech.slashdot.org/story/21/12/03/2237223/a-mysterious-threat-actor-is-running-hundreds-of-malicious-tor-relays
+[9]:https://www.ivpn.net/knowledgebase/general/do-you-offer-dedicated-or-static-ip-addresses/
+[10]:https://www.orchid.com/whitepaper/english.pdf
+[11]:https://blog.orchid.com/orchids-network-random-selection-stake-weighting/
+[12]:https://www.mysteriumvpn.com/post/unblocking-the-internet
+[13]:https://privacyguides.org/vpn/
+[14]:https://support.torproject.org/tbb/tbb-22/
+[15]:https://www.nngroup.com/articles/law-of-bandwidth/
+[16]:https://deeper-network.medium.com/a-101-on-dpns-bd5e2b7c9e25
+[17]:https://blog.orchid.com/orchid-partners-with-liquidvpn/
+[18]:https://dvpnalliance.org/exit-node/
+[19]:https://www.accessnow.org/a-torifying-tale-our-experiences-building-and-running-tor-servers/
+[20]:https://deepernetwork.cc/d/273-advice-on-settings-for-browsing-anonymity-and-security/10
+[21]:https://shop.deeper.network/buy
+[22]:https://stats.sentinel.co/stats
+[23]:https://deeper-network-inc.gitbook.io/deeper-connect-knowledge-base/atom-os-functions/device/device-log
+[24]:https://mullvad.net/en/blog/2017/1/13/clarifying-our-no-logging-policy/
diff --git a/src/content/es/pages/privacy-guides/creating-a-vm-within-a-hidden-truecrypt-partition.md b/src/content/es/pages/privacy-guides/creating-a-vm-within-a-hidden-truecrypt-partition.md
new file mode 100644
index 000000000..0ed1979aa
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/creating-a-vm-within-a-hidden-truecrypt-partition.md
@@ -0,0 +1,122 @@
+---
+title: Creating a VM within a hidden veracrypt partition
+author: Ed Holden
+url: /privacy-guides/creating-a-vm-within-a-hidden-veracrypt-partition/
+section: Misc
+weight: 10
+date: 2013-10-23T13:54:43+00:00
+layout: guides-details
+---
+In March of 2011, the US 9th Circuit Court of Appeals ruled that Border Patrol agents have the authority to seize, copy, and inspect the contents of any electronic storage device crossing into the United States. To make matters worse, you have no control over what happens to the copies of your data created when (or if) your device is returned to you. Perhaps your online banking password is stored on your hard drive. Or perhaps you have confidential business correspondence in your email client. Maybe all you have stored is a collection of family photos that you'd rather not see a bunch of strangers thumbing through. How do you protect your privacy while still complying with these (albiet onerous) requirements?
+
+The obvious solution to this problem is to encrypt the data. This, however, may not be enough to protect your privacy. Courts (at least in the US) have also ruled that a person can be forced to give up encryption keys to facilitate access to private data. Therefore, the key is not just to encrypt your data, but also to have plausible deniability that the data even exists in the first place. The solution? A hidden encrypted virtual machine.
+
+## Overview
+
+The big-picture view of the procedure to set up a hidden encrypted virtual machine are as follows:
+
+  1. Download and install the required software: 
+      * [VeraCrypt](https://veracrypt.fr/en/Downloads.html)
+      * [Oracle VirtualBox](https://www.virtualbox.org/)
+      * Your operating system of choice (this guide will demonstrate FreeBSD but most other operating systems will work, including Windows and Linux distros such as Ubuntu)
+  2. Create a VeraCrypt encrypted container and a hidden volume within the container.
+  3. Launch VirtualBox and install your private OS into the hidden volume in the VeraCrypt container.
+
+## Downloading and installing the software
+
+We are going to assume that you already know how to download and install software in your host operating system. Here are a few items to note as you install the software. As of this writing, the latest stable versions of the required software are VeraCrypt v. 1.25.4, VirtualBox v. 4.1.20, and FreeBSD 9.0. Be sure to use the latest versions of these applications to ensure that known bugs and security issues have been addressed. Also, since VeraCrypt will be the crux of your secure operating environment, be sure to validate the downloaded file with VeraCrypt's PGP signature to ensure that the application has not been tampered with (available from [https://veracrypt.fr/en/Downloads.html](https://veracrypt.fr/en/Downloads.html)).
+
+## Creating the Hidden Volume
+1. Launch the VeraCrypt application and select `Create Volume`<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-00.png)
+
+2. Select the option to create an encrypted file container. This will give you the ability to keep the entire system portable (you can keep it on your hard drive, place it on a USB stick, etc.) Optionally, you can choose instead to actually create an encrypted partition on one of your devices.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-01.png)
+
+3. At this screen, select the option to create a hidden VeraCrypt volume.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-02.png)
+
+4. Here you choose a filename for your container and a location to store it. Do not worry too much about hiding this file, its location is not a factor in protecting the plausible deniability of the existence of your virtual machine.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-03.png)
+
+5. Here, you are to select the encryption and hash functions. Unless you have compelling reasons otherwise, it is recommended to use the default settings.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-04.png)
+
+6. Select the size for your outer container. This should be large enough to accomodate both your decoy files and your hidden container that will hold your virtual machine.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-05.png)
+
+7. Now you are prompted to set the password for your outer container. It is important to heed the password recommendations provided by VeraCrypt on this screen. This password is the first layer in the `defense-in-depth` model provided by this system.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-06.png)
+
+8. Now it is time to generate some entropy to base the cryptographic keys upon. Keep your mouse moving for a bit, but do not get carried away and waste too much time here.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-07.png)
+
+9. You have now created the outer volume; follow VeraCrypt's recommendations about placing decoy files within the volume. After completing that step, continue on until you get to the hidden volume encryption options box.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-08.png)
+
+10. Again you are to select the encryption and hash functions, this time for the hidden volume. Unless you have compelling reasons otherwise, it is recommended to use the default settings.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-09.png)
+
+11. When selecting the size for the hidden volume, be sure to leave enough space outside of it for any additional decoy files you would like to place in the outer container.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-10.png)
+
+12. Now you are prompted to set the password for your hidden inner container. Make sure to set a password that is different from the outer volume password. Depending on which password you enter during usage, VeraCrypt will either mount the outer or hidden inner volume. This is the final layer of security before a person has access to your secret virtual machine: take that into consideration when creating you password.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-11.png)
+
+13. When choosing the filesystem to format your hidden container with, it is recommended to choose FAT for compatibility reasons (this may get changed during the installation of whatever OS you decide to install in the hidden partition).<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-12.png)
+
+14. Again, we need to create some entropy for the encryption keys of the hidden volume. The more the better, but again, do not get carried away and waste too much time - remember, you are just trying to add some `true` randomness to the pseudo-random number generator being used to create the keys.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-13.png)
+
+15. You are now done creating the outer encrypted volume (which will hold the decoy and your hidden volume) and the hidden volume itself. Click `Exit.` Now we move on to installing your virtual machine inside of the hidden volume.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-14.png)
+
+## Installing your OS of choice using VirtualBox and VeraCrypt
+
+1. Make sure that you have unmounted any VeraCrypt volumes. Launch the VeraCrypt application if it is not already loaded and select your encrypted container file to mount. After clicking `Mount`, you will be prompted to enter your password. Be sure to enter the password you selected for the hidden container, not the outer container, since this is where we will be storing your new virtual machine.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-15.png)
+
+2. The main VeraCrypt screen should show that the hidden volume is mounted.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-16.png)
+  
+3. Now launch VirtualBox and select `New` to create a new virtual machine.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-17.png)
+  
+4. Continue through the wizard and enter the name and type of OS you will be installing<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-18.png)
+  
+5. Select an appropriate amount of RAM to be allocated to your virtual machine; the more, the better, but remember not to choke out your host OS.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-19.png)
+  
+6. Here you will create the file that will represent your virtual machine disk. Feel free to use the default option unless you will need to be able to open the virtual machine using another VM manager (such as Parallels if you are on a Mac).<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-20.png)
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-21.png)
+  
+7. A dynamically allocated file will be fine - your space is already allocated during the VeraCrypt hidden volume creation process.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-22.png)
+  
+8. Now you will set the location of the file. Put it in the volume mounted by VeraCrypt (remember, this is automatically your hidden volume because you used the hidden volume password when you mounted the file in VeraCrypt). It is recommended that you set the max size to be slightly smaller than the amount of space that you reserved for your hidden volume in VeraCrypt.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-23.png)
+  
+9. The new virtual machine should be created and appear in the main VirtualBox screen. Select the new VM and power it on.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-24.png)
+  
+10. On the first launch of the new VM, you will be met with an installer wizard to help you get your new OS installed in the VM. Continue with the process for installing your OS of choice (either from a downloaded iso or CD/other install media).<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-25.png)
+  
+11. After getting your new system up and running, shut down the VM and right click on the VM in the main VirtualBox screen and click `Settings`. Select `Advanced` under the System heading and change the snapshots storage location to be the mounted hidden VeraCrypt volume. Additionally, you should move the VM's .vbox file from its normal location (usually in the `Virtual Box VMs` directory in your home directory) into the hidden VeraCrypt volume with the .vdi file that represents your virtual machine itself.<br></br>
+  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-26.png)
+
+## Usage
+
+To launch your new hidden VM, mount your VeraCrypt hidden volume by opening the container file in VeraCrypt, but supply your hidden volume password instead of your outer volume password. Then double click the .vbox file. This will launch VirtualBox and start up the secret VM.
+
+Be sure to unmount the hidden volume in VeraCrypt when you are done using your VM.
+
+The fact that you have a block of encrypted data on your hard drive will be apparent to anyone who inspects your computer. If you are forced to decrypt it, simply provide the outer container password instead of the inner container password and all that will be visible is the decoy files you placed there earlier. There is no way to tell that the remaining encrypted data is not just filler created when VeraCrypt generated the outer container. You now have plausible deniability that there is anything else, let alone a separate virtual machine, on your computer. To read more on why this works, visit <https://veracrypt.fr/en/Documentation.html>
+
+### Caveats
+
+  1. After you are done using your secret VM and have shut it down, be sure to right-click on it in the main VirtualBox screen and select Remove (but not delete all data). This will keep it from being listed if someone launches VirtualBox (though it would not boot anyway if your hidden volume is not mounted). Again, this helps to add to the plausible deniability of the hidden VM's existence.
+  2. Be sure not to create any shared directories or folders between the secret VM and your host OS. You want this VM to be completely segregated from the rest of your computer to eliminate the possibility of data leaking either way.
diff --git a/src/content/es/pages/privacy-guides/how-to-perform-a-vpn-leak-test.md b/src/content/es/pages/privacy-guides/how-to-perform-a-vpn-leak-test.md
new file mode 100644
index 000000000..6bbaf540a
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/how-to-perform-a-vpn-leak-test.md
@@ -0,0 +1,152 @@
+---
+title: How to perform a VPN leak test
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/how-to-perform-a-vpn-leak-test/
+section: Misc
+weight: 20
+date: 2021-12-14T00:00:00+00:00
+layout: guides-details
+---
+OK, so you've setup your VPN client. It runs, and there are no error messages. You can reach the Internet. But how can you ensure that all of your traffic is routed through the VPN tunnel? And even if everything seems OK now, what will happen if the machine sleeps, and then resumes? What if there's an interruption in network connectivity? Or what if you're using Wi-Fi, and switch to a new access point and network? Or if you connect to a network that's fully IPv6 capable? This guide demonstrates how you can conduct a comprehensive VPN leak test.
+
+First, verify that your computer has configured a VPN tunnel. In Windows, open a command prompt, and run `ipconfig /all`. You'll see an ethernet adapter section with the Description "WireGuard Tunnel" or "TAP-Windows Adapter V9". The IPv4 Address will be something like `172.x.y.z` or `10.x.y.z`. In macOS and Linux, open a terminal, and run `ifconfig`. The VPN tunnel adapter is `utun0` in macOS, and `wg0` or `tun0` in Linux.
+
+## Risks from Browser Fingerprinting and IPv6 Leaks
+
+The only way to know whether all traffic is using the VPN tunnel is through testing. But there is some risk in testing for VPN leaks. Browsers can be fingerprinted in various ways. And so sites that you use in testing may see the same browser fingerprints from both your ISP-assigned IP address and your VPN exit IP address. Any adversary that learned your browser's fingerprints could later identify you, even if you were connecting through a VPN and/or Tor, as long as you were using the same browser. A [recent W3C draft guidance][1] states: "elimination of the capability of browser fingerprinting by a determined adversary through solely technical means that are widely deployed is implausible".
+
+WebGL fingerprinting and IPv6 leaks are far worse. WebGL uses the GPU via the OS graphics driver. On a given system, it appears that all browsers with WebGL enabled will have the same WebGL fingerprint. When using VPN services, I recommend blocking WebGL. In Firefox, for example, open "about:config" and toggle "webgl.disabled" to "true". In NoScript options, check "Forbid WebGL" in the "Embeddings" tab.
+
+It appears that systems using a given graphics driver can have the same WebGL fingerprint on hardware with a given GPU. So reinstalling a given OS, or even switching to another OS that uses the same graphics driver, won't change the WebGL fingerprint. This is clearly the case for VirtualBox VMs using the default virtual GPU. For example, browsers on Debian and Lubuntu VMs have the same WebGL fingerprint. But browsers on other OS (unrelated Linux distros, FreeBSD, Windows and macOS) have different WebGL fingerprints. However, the host and VMs use different GPUs (real vs virtual) so there is no overlap in WebGL fingerprints.
+
+It's not uncommon for VPN clients to [leak IPv6 traffic][2]. That's serious, because IPv6 addresses are typically device-specific. And so it's prudent to disable IPv6 in both your OS and your LAN router. It's also prudent to use VPN clients that block IPv6 traffic, or block IPv6 in your firewall. And whenever you first connect through a new LAN or Wi-Fi network, [check IPv6 connectivity][3].
+
+By the way, WebGL fingerprinting is a crucial issue when compartmentalizing across multiple VMs. It's true that you can easily block WebGL fingerprinting in browsers. But it's also prudent to compartmentalize across VMs with different WebGL fingerprints. Whonix instances are another good option, because Tor browser has been hardened to fully block WebGL fingerprinting.
+
+## VPN Leak Test
+
+While doing your VPN leak test, you can use tcpdump to check for traffic that's not using the VPN tunnel. In Windows, you'll need [Wireshark][22] and [wintee][4]. Just put a copy in your user folder. Now list network interface numbers:
+
+Windows:
+
+    tshark -D
+
+macOS:
+
+    sudo tcpdump -D
+
+Linux:
+
+    sudo tcpdump -D
+
+You want the physical network interface. It's typically "1". So to start capturing:
+
+Windows: 
+
+    tshark -i 1 -n -T text -w "C:\tshark-capture.log" -f "not host a.b.c.d" 2>&1 | wtee tcpdump.log
+
+macOS: 
+
+    sudo tcpdump -n -i 1 not host a.b.c.d 2>&1 | tee tcpdump.log
+
+Linux: 
+
+    sudo tcpdump -n -i 1 not host a.b.c.d 2>&1 | tee tcpdump.log
+
+Host a.b.c.d is the VPN server that you're using. Keep the command/terminal window open while you do the following tests, and look for packets with addresses outside your local LAN and/or Wi-Fi networks.
+
+Start by checking your IP address. It's safest to use your VPN provider's website. If they don't report IP address, the next safest bet is arguably [check.torproject.org][5]. If you intend to test for VPN leaks using other sites, I recommend using Tor browser, because it's been hardened to block WebGL fingerprinting, and to otherwise report the same fingerprints for all users. But for now, it's OK to use your default browser. Anyway, you should see your VPN exit IP address.
+
+You also want an ongoing source of network traffic. In a second command/terminal window:
+
+Windows:
+
+    ping -t a.b.c.d 2>&1 | wtee ping.log
+
+macOS:
+
+    ping -n a.b.c.d 2>&1 | tee ping.log
+
+Linux: 
+
+    ping -n a.b.c.d 2>&1 | tee ping.log
+
+If you want pinging with timestamps in Windows or macOS, hacks (more or less ugly) are required:
+
+[Windows:][6]
+
+    ping -t a.b.c.d | cmd /q /v /c "(pause&pause)>nul & for /l %a in () do (set /p "data=" && echo(!time! !data!)&ping -n 2 localhost>nul" 2>&1 | wtee ping.log
+  
+[macOS:][7]
+  
+    ping -n a.b.c.d | while read pong; do echo "$(date): $pong"; done 2>&1 | tee ping.log
+    
+Linux:
+
+    ping -D -n a.b.c.d 2>&1 | tee ping.log
+      
+Custom clients of some VPN providers block pings to their servers through their VPN tunnels. If you see no output, hit Ctrl-C and try pinging a.b.c.1 instead. If that also doesn't work, try 38.229.82.25 (torproject.org). In the traffic capture window, you should see no packets with addresses outside your local LAN and/or Wi-Fi networks (i.e., no non-local traffic captures).
+      
+Now disconnect the machine from the network. That will prevent pings from completing. In Windows, you will see "Request timed out." In macOS and Linux, ping output will just stop. Then reconnect the machine to the network. If all goes well, ping replies should start appearing again. Refresh the IP-check site in your browser. You should still see your VPN exit address. In the traffic capture window, you should still see no non-local captures. In Windows, you may see lots of local traffic. To check more thoroughly, you can view tcpdump.log in a test editor.
+      
+## Failure Modes and Options
+      
+Failure shows up in a few main ways. Most blatantly, the openvpn process (not just the VPN connection) may die after loss of network connectivity. So after network connectivity is restored, the IP-check site will report your ISP-assigned IP address. And you will see numerous non-local traffic captures. Network Manager in Linux is prone to this failure mode, by the way, and should be avoided.
+
+Less blatantly, but more insidiously, the VPN client may reconnect after network connectivity is restored, and the IP-check site will still report your VPN exit IP address. You might not notice any interruption. But you will see non-local traffic captures, generated by pings that succeeded before the VPN tunnel came back up. Just one leaked packet is enough to reveal your ISP-assigned IP address.
+      
+Plain vanilla OpenVPN tends to fail in a way that's somewhat easier to manage, but still dangerous. If a network interruption lasts long enough to kill the VPN connection, OpenVPN can't reestablish the connection. As long as OpenVPN is running, all traffic is routed through the VPN gateway, which is dead. And so there's no network connectivity. Pings will fail, and you will see no traffic captures. Default routing isn't restored until the openvpn process is killed. So one could close apps accessing sensitive network resources, kill the openvpn process, and then reconnect the VPN. Or one could just reboot. But those are tedious hacks, and prone to error.
+      
+You can use the same approach to see how your VPN client responds to other perturbations. Sleep and resume. Change Wi-Fi access points. Use a network with full IPv6 connectivity. Whatever. Inspection of tcpdump.log and ping.log should reveal any leaks.
+      
+If you find that your VPN client leaks, one option is to try another VPN provider, and test their client. However, blocking leaks in Linux is easy with [adrelanos' vpn-firewall][8]. I recommend using it with the built-in openvpn service, not Network Manager. Basically, it allows all apps to use the VPN tunnel, and blocks everything on the physical interface except for connections to the VPN server. You can use the same firewall logic in Windows and macOS. In Windows, you can just use Windows Firewall. In macOS, you can use [IceFloor][9], which is a GUI front end for OpenBSD's PF firewall.
+      
+## Other Kinds of Leaks
+      
+Even if all traffic is being routed through your VPN, it's possible that [DNS requests][10] are going to a DNS server that's operated by, or associated with, your ISP. Even though your requests are coming from the VPN exit, an adversary observing both the DNS server and your ISP traffic could correlate activity. If the VPN server uses the same IP address for access and exit, correlation becomes trivial. Now the adversary knows what sites you are accessing.
+      
+The HTML5 Geolocation API enables a potentially serious leak. It caches and reports available location data. Perhaps you've provided your location, in order to get local weather information. If you use Wi-Fi, your location can be triangulated from accessible access points. If you're using a smartphone, the ID of the base station locates you approximately. And maybe you have GPS turned on. But there's no problem as long as only IP address information is available. The simplest option is to disable geolocation, as explained the [IVPN knowledge base][11].
+      
+WebRTC is another indiscreet HTML5 feature. If enabled in the browser, it reports local IP address. And if IPv6 is functional, it reports local IPv6 address, which is typically device-specific. So it's prudent to prevent WebRTC leaks by installing the "WebRTC Control" browser addon. Also, as noted above, it's prudent to disable IPv6 in the OS, and to block all IPv6 traffic in the firewall.
+      
+Sites that you visit can also estimate the number of intervening routers by inspecting received SYN packets. The default initial time to live (TTL) for SYN packets varies by OS. The browser User-Agent string identifies the OS. And the TTL value is decreased each time the packet passes through a router. The difference between expected and observed TTL provides an estimate for the number of intervening routers.
+      
+If you intend to test for leaks using other third-party sites, I recommend using Tor browser, because it's been hardened to block WebGL fingerprinting, and otherwise to report the same fingerprints for all users. But you obviously don't want to use Tor while testing your VPN. First, download [Tor browser][12] for your OS. Do that with your VPN connected, so your ISP doesn't see. After extracting, start Tor browser. You can probably accept all defaults. Go to advanced network settings, and select "No proxy". Browse about:config, and toggle both "extensions.torlauncher.start_tor" and "network.proxy.socks_remote_dns" to "false". Then browse [check.torproject.org][13]. You should see "Sorry. You are not using Tor." and your VPN exit IP address.
+      
+It's true that you can't investigate WebGL and other fingerprinting using Tor browser. If you choose to test using other browsers, you should be very careful. As noted above, all WebGL-capable browsers on a given system will have the same WebGL fingerprint. So you should avoid using the same system with and without a VPN connected. You should also avoid using different VPN services, unless you don't care that the system will be associated with both. Furthermore, if you use VMs, you should not use related operating systems with and without a VPN, or with different VPN services.
+      
+## Summary
+      
+Bottom line, here are the key tests, and the results that you should get:
+
+* [IPv6 address test][14]: No IPv6 address detected
+* [IP address test][15]: expected IP addresses with and without VPN connected
+* [Geolocation test][16]: browser doesn't support geolocation API
+* [Java test][17]: not found, or disabled
+* [WebGL test][18]: WebGL blocked by NoScript
+* [WebRTC test][19]: not enabled
+* [Panopticlick][20]: browser protects from fingerprinting
+* [DNS Leak Test (use extended test)][21]: different DNS server(s) with and without VPN connected
+
+ [1]: https://w3c.github.io/fingerprinting-guidance/
+ [2]: https://haddadi.github.io/papers/PETS2015VPN.pdf
+ [3]: https://test-ipv6.com/
+ [4]: https://code.google.com/archive/p/wintee/
+ [5]: https://check.torproject.org/
+ [6]: https://stackoverflow.com/questions/24906268/ping-with-timestamp
+ [7]: https://stackoverflow.com/questions/10679807/how-to-timestamp-every-ping-result
+ [8]: https://github.com/adrelanos/VPN-Firewall
+ [9]: https://www.hanynet.com/icefloor/
+ [10]: https://en.wikipedia.org/wiki/Domain_Name_System
+ [11]: https://www.ivpn.net/knowledgebase/troubleshooting/my-real-location-is-detected-when-connected-to-vpn-how-to-disable-geolocation/
+ [12]: https://www.torproject.org/download/download
+ [13]: https://check.torproject.org/
+ [14]: https://test-ipv6.com/
+ [15]: https://www.browserleaks.com/whois
+ [16]: https://www.browserleaks.com/geo
+ [17]: https://www.browserleaks.com/java
+ [18]: https://www.browserleaks.com/webgl
+ [19]: https://www.browserleaks.com/webrtc
+ [20]: https://panopticlick.eff.org/
+ [21]: https://dnsleaktest.com/
+ [22]: https://www.wireshark.org/
diff --git a/src/content/es/pages/privacy-guides/how-to-verify-physical-locations-of-internet-servers.md b/src/content/es/pages/privacy-guides/how-to-verify-physical-locations-of-internet-servers.md
new file mode 100644
index 000000000..0474e41cc
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/how-to-verify-physical-locations-of-internet-servers.md
@@ -0,0 +1,922 @@
+---
+title: How to verify physical locations of Internet servers
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/how-to-verify-physical-locations-of-internet-servers/
+section: Misc
+weight: 30
+date: 2018-04-18T09:10:09+00:00
+layout: guides-details
+---
+## Introduction
+
+VPN services compete in many ways. On speed, torrent-friendliness, privacy and no-logging, edginess, price, technical elegance, multi-hop routing, customer support, and so on. However, choice of server locations remains a major issue for many users. IVPN has 77 servers in 44 cities in 31 countries. AirVPN has appreciably more, with 216 servers in 35 cities in 19 countries. But HideMyAss (HMA) is mind-bogglingly huge, with over 700 servers in over 280 locations, in over 210 countries. That's basically every country on the planet. And it costs less than either IVPN or AirVPN.
+
+OK, but how do users know whether VPN servers are located where providers claim? People commonly use such sites as [whatismyipaddress.com][1], [ipinfo.io][2], [browserleaks.com][3] or [mycurrentlocation.net][4]. But they just provide information from various geolocation databases, such as [maxmind.com][5]. And if you're connected through a VPN server, you can search [google.com][6] for `my location` to see where Google considers it to be.
+
+Still, how can you verify that? Well, you can ping VPN servers, to get round-trip travel time (rtt). The speed of light in vacuum is 300 km/msec, and about 180 km/msec in fiber optic cable. And about 150 km/msec for electrons in copper wire. See [here][7]. However, rtt doesn't depend just on distance and transmission speed. It [also depends][8] on `the number of hops (routers and switches) between the` probe and target. There are delays from both processing and caching, and those delays are typically substantial, relative to transmission times. For example, the rtt to my LAN router is 0.3 msec, which implies a physical distance of 45 km (not 90 km, because ping is a round trip). That's much greater than the actual distance, which is ~15 m.
+
+Also, connections [don't][8] always take the shortest path, because paths depend on peering agreements between ISPs: `Two computers in the same city, but connected to the internet via different ISPs may route through a city hundreds of miles away.` Because those two ISPs don't peer directly with each other.
+
+Bottom line, given unknown routing and equipment latencies, it's generally not feasible to triangulate using multiple rtt measurements. Actually, [peering][9] isn't unknown. However, projecting actual routing and minimum rtt from Border Gateway Protocol (BGP) information is utterly nontrivial. 
+
+OK, so what _can_ you do? Well, I hadn't thought much about the issue, until seeing [this][10] by Restore Privacy. It turns out that there are services for pinging target servers from numerous probes, such as [ping.pe][11], [asm.ca.com][12] and [maplatency.com][13]. The probe with the smallest minimum rtt is typically closest to the target. Arguably, because confounding factors all increase rtt, and speed can not exceed that of light in a vacuum.
+
+In my experience, you can be especially confident when the smallest minimum rtt is a few msec. When the smallest minimum rtt is greater than that, and another minimum rtt is just a little greater, differences in routing and equipment latencies may account for the difference. So the probe with the smallest minimum rtt may not actually be closest to the server, and no firm conclusions about geolocation can be drawn. However, while geolocation can be ambiguous, one thing is clear. The speed of signal transmission _can not_ exceed the speed of light in a vacuum, and such speed violations indicate discrepancies in probe or server geolocation, or errors in minimum rtt measurements.
+
+I will show some results for AirVPN, HMA and IVPN servers, but only as examples. I collected data in mid-late 2017, and providers may have made changes since then. Generally, I found that AirVPN and IVPN servers are apparently located where providers claim. But many HMA servers are apparently located in a few data centers. I also found a few probes that are apparently mislocated. And a few interesting artifacts of peering and routing.
+
+## Methods
+
+It's crucial to identify VPN servers by IPv4 address, and not hostname. Because each hostname may point to multiple servers with different IPv4, and you may get confusing results. Also, providers may weak primary name servers to specify the least-loaded server for each hostname. So anyway, just test each IP address explicitly.
+
+Collect minimum rtt aka ping data from such services as [ping.pe][14], [asm.ca.com][12] and [maplatency.com][13]. In collecting ping data, I used Firefox with the iMacros plug-in forping.pe and asm.ca.com. I paid for maplatency.com access, and used their command-line tools, because that provides far better probe coverage, and more information about probes (including latitude and longitude). However, this was months ago, and subsequent changes in Firefox, iMacros and the ping websites may have complicated things. I see that asm.ca.com had added a CAPTCHA, but perhaps one can purchase access. I also see that ping.pe is often overloaded. Anyway, I'll not get into automation methods. It's not too tedious to check a few servers using ping.pe and asm.ca.com manually.
+
+Initially, I calculated probe-server distances using various sites that use Google Maps data. But that quickly became very tedious, because I had to get each city-city distance individually. And so I switched to calculating great-circle distances between servers and probes, from latitude and longitude, using the [spherical law of cosines][15]. With paid access, maplatency.com provides latitude and longitude for probes. For VPN server and other probes, I got latitude and longitude from [ipinfo.io][2]. If the VPN provider lists locations for its servers, use those initially. If it doesn't, get locations from [whatismyipaddress.com][1] or whatever. Now you have minimum rtt (msec) and distance (km) for each combination of server and probe.
+
+For analyzing data, I primarily used MySQL with MySQL Workbench, and then LibreOffice Calc for final analysis and charting. For humongous spreadsheets, I used Microsoft Excel. For massaging text files, I used mainly Linux gedit, grep and sed. For massaging humongous text files, I used UltraEdit in Windows.
+
+Some asm.ca.com probes are apparently mislocated. It's pretty clear that the probe `United Kingdom - Edinburgh (gbedi01)` is in London, UK. And that the probe `France - Lille (frlle02)` is in Paris, FR. So I've generally adjusted results accordingly. There are also some less clear mislocations. The probe `Ukraine - Kharkov (uahrk02)` is perhaps in Kiev, UA. And the probe `Panama - Panama City (papty02)` is perhaps somewhere in Florida, US. Also, maplatency.com doesn't report latitude and longitude for a few probes, and values for others are clearly wrong.
+
+## Analysis
+
+It's instructive to look at minimum rtt vs server-probe distance data for all VPN servers and all probes. Note that data for AirVPN and IVPN generally fall above a line corresponding to signal transmission at about half lightspeed. But there's data for HMA at ~0 msec for distances under 12000 km. That is, the HMA data implies substantial signal transmission that's implausibly fast (greater than 300 km/msec, the speed of light in a vacuum).
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/All-IVPN-All-Probes-rtt-under-500-msec-light.png"
+        srcset="/images-static/uploads/All-IVPN-All-Probes-rtt-under-500-msec-light.png 1x, /images-static/uploads/All-IVPN-All-Probes-rtt-under-500-msec-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/All-IVPN-All-Probes-rtt-under-500-msec-dark.png"
+        srcset="/images-static/uploads/All-IVPN-All-Probes-rtt-under-500-msec-dark.png 1x, /images-static/uploads/All-IVPN-All-Probes-rtt-under-500-msec-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/All-AirVPN-All-Probes-rtt-under-500-msec-light.png"
+        srcset="/images-static/uploads/All-AirVPN-All-Probes-rtt-under-500-msec-light.png 1x, /images-static/uploads/All-AirVPN-All-Probes-rtt-under-500-msec-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/All-AirVPN-All-Probes-rtt-under-500-msec-dark.png"
+        srcset="/images-static/uploads/All-AirVPN-All-Probes-rtt-under-500-msec-dark.png 1x, /images-static/uploads/All-AirVPN-All-Probes-rtt-under-500-msec-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/All-HMA-All-Probes-rtt-under-500-msec-light.png"
+        srcset="/images-static/uploads/All-HMA-All-Probes-rtt-under-500-msec-light.png 1x, /images-static/uploads/All-HMA-All-Probes-rtt-under-500-msec-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/All-HMA-All-Probes-rtt-under-500-msec-dark.png"
+        srcset="/images-static/uploads/All-HMA-All-Probes-rtt-under-500-msec-dark.png 1x, /images-static/uploads/All-HMA-All-Probes-rtt-under-500-msec-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+I calculated the maximum ping transmission speed (which is twice distance, divided by minimum rtt) observed for each server IPv4 address. Then I aggregated speed in suitable bins, and charted as histograms. For a given server-probe distance, server-probe combinations with the smallest rtt have the greatest ping transmission speed.
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/AirVPN-IVPN-PIA-speed-histograms-light.png"
+        srcset="/images-static/uploads/AirVPN-IVPN-PIA-speed-histograms-light.png 1x, /images-static/uploads/AirVPN-IVPN-PIA-speed-histograms-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/AirVPN-IVPN-PIA-speed-histograms-dark.png"
+        srcset="/images-static/uploads/AirVPN-IVPN-PIA-speed-histograms-dark.png 1x, /images-static/uploads/AirVPN-IVPN-PIA-speed-histograms-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+I found just three IVPN server IPv4, and five AirVPN server IPv4, with maximum ping transmission speeds apparently faster than light.
+
+{{< raw-html >}}
+<table class="table-container" cellspacing="3" style="max-width: 100%;">
+  <tr>
+    <td>
+      <b>VPN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</b>
+    </td>
+    <td>
+      <b>Server</b>
+    </td>
+    <td>
+      <b>IPv4&nbsp;Address</b>
+    </td>
+    <td>
+      <b>Server&nbsp;Location</b>
+    </td>
+    <td>
+      <b>Ping&nbsp;Service</b>
+    </td>
+    <td>
+      <b>Probe</b>
+    </td>
+    <td>
+      <b>Distance</b>
+    </td>
+    <td>
+      <b>Min&nbsp;rtt</b>
+    </td>
+    <td>
+      <b>Max&nbsp;Speed</b>
+    </td>
+  </tr>
+  <tr>
+    <td>
+      <b></b>
+    </td>
+    <td>
+      <b></b>
+    </td>
+    <td>
+      <b></b>
+    </td>
+    <td>
+      <b></b>
+    </td>
+    <td>
+      <b></b>
+    </td>
+    <td>
+      <b></b>
+    </td>
+    <td>
+      <b>(km)</b>
+    </td>
+    <td>
+      <b>(msec)</b>
+    </td>
+    <td>
+      <b>(km/msec)</b>
+    </td>
+  </tr>
+  <tr>
+    <td>
+      IVPN
+    </td>
+    <td>
+      gb3.gw.ivpn.net
+    </td>
+    <td>
+      88.202.186.42
+    </td>
+    <td>
+      London, UK
+    </td>
+    <td>
+      asm.ca.com
+    </td>
+    <td>
+      United_Kingdom_Edinburgh_gbedi01
+    </td>
+    <td>
+      534
+    </td>
+    <td>
+      1.9
+    </td>
+    <td>
+      563
+    </td>
+  </tr>
+  <tr>
+    <td>
+      IVPN
+    </td>
+    <td>
+      gb1.gw.ivpn.net
+    </td>
+    <td>
+      109.123.101.190
+    </td>
+    <td>
+      London, UK
+    </td>
+    <td>
+      asm.ca.com
+    </td>
+    <td>
+      United_Kingdom_Edinburgh_gbedi01
+    </td>
+    <td>
+      534
+    </td>
+    <td>
+      2.1
+    </td>
+    <td>
+      520
+    </td>
+  </tr>
+  <tr>
+    <td>
+      IVPN
+    </td>
+    <td>
+      gb2.gw.ivpn.net
+    </td>
+    <td>
+      46.28.49.140
+    </td>
+    <td>
+      London, UK
+    </td>
+    <td>
+      asm.ca.com
+    </td>
+    <td>
+      United_Kingdom_Edinburgh_gbedi01
+    </td>
+    <td>
+      534
+    </td>
+    <td>
+      2.1
+    </td>
+    <td>
+      512
+    </td>
+  </tr>
+  <tr>
+    <td>
+      AirVPN
+    </td>
+    <td>
+      eridanus.airvpn.org
+    </td>
+    <td>
+      185.183.106.2
+    </td>
+    <td>
+      Barcelona, ES
+    </td>
+    <td>
+      asm.ca.com
+    </td>
+    <td>
+      Spain_Madrid_esmad02
+    </td>
+    <td>
+      505
+    </td>
+    <td>
+      0.4
+    </td>
+    <td>
+      2525
+    </td>
+  </tr>
+  <tr>
+    <td>
+      AirVPN
+    </td>
+    <td>
+      alcor.airvpn.org
+    </td>
+    <td>
+      91.231.84.39
+    </td>
+    <td>
+      Kiev, UA
+    </td>
+    <td>
+      asm.ca.com
+    </td>
+    <td>
+      Ukraine_Kharkov_uahrk02
+    </td>
+    <td>
+      409
+    </td>
+    <td>
+      0.8
+    </td>
+    <td>
+      1023
+    </td>
+  </tr>
+  <tr>
+    <td>
+      AirVPN
+    </td>
+    <td>
+      asterion.airvpn.org
+    </td>
+    <td>
+      217.151.98.167
+    </td>
+    <td>
+      London, UK
+    </td>
+    <td>
+      asm.ca.com
+    </td>
+    <td>
+      United_Kingdom_Edinburgh_gbedi01
+    </td>
+    <td>
+      534
+    </td>
+    <td>
+      1.9
+    </td>
+    <td>
+      562
+    </td>
+  </tr>
+  <tr>
+    <td>
+      AirVPN
+    </td>
+    <td>
+      alshain.airvpn.org
+    </td>
+    <td>
+      217.151.98.162
+    </td>
+    <td>
+      London, UK
+    </td>
+    <td>
+      asm.ca.com
+    </td>
+    <td>
+      United_Kingdom_Edinburgh_gbedi01
+    </td>
+    <td>
+      534
+    </td>
+    <td>
+      2.0
+    </td>
+    <td>
+      534
+    </td>
+  </tr>
+  <tr>
+    <td>
+      AirVPN
+    </td>
+    <td>
+      algedi.airvpn.org
+    </td>
+    <td>
+      80.84.49.4
+    </td>
+    <td>
+      London, UK
+    </td>
+    <td>
+      asm.ca.com
+    </td>
+    <td>
+      United_Kingdom_Edinburgh_gbedi01
+    </td>
+    <td>
+      534
+    </td>
+    <td>
+      3.1
+    </td>
+    <td>
+      345
+    </td>
+  </tr>
+</table>
+{{< / raw-html >}}
+
+However, I found 381 HMA server IPv4 with maximum ping transmission speeds apparently faster than light in a vacuum. Although there are too many to list, it's interesting that many involve probes in Miami, FL, US; Seattle, WA, US; and Prague, CZ. That is, many of these 381 HMA servers, supposedly located all over the world, have minimum observed rtt for probes in a few cities. And impossibly huge maximum ping transmission speeds. This would be expected if those HMA servers were actually located in data centers in those cities. But more about that, later.
+
+All three IVPN server IPv4 with implausibly fast ping transmission speeds, and three of the five for AirVPN, involve the asm.ca.com probe `gbedi01`, reportedly located in Edinburgh, UK. However, that probe seems actually to be located in London, UK. 
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/AirVPN-IVPN-PIA-gbedi01-light.png"
+        srcset="/images-static/uploads/AirVPN-IVPN-PIA-gbedi01-light.png 1x, /images-static/uploads/AirVPN-IVPN-PIA-gbedi01-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/AirVPN-IVPN-PIA-gbedi01-dark.png"
+        srcset="/images-static/uploads/AirVPN-IVPN-PIA-gbedi01-dark.png 1x, /images-static/uploads/AirVPN-IVPN-PIA-gbedi01-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+Regarding the AirVPN server `eridanus.airvpn.org`, either of two adjustments resolves the speed violation: 1) assuming that the asm.ca.com probe `esmad02` is closer to Barcelona, ES than to Madrid, ES; or 2) assuming that the server is closer to Madrid, ES than to Barcelona, ES. However, locating the asm.ca.com probe `esmad02` in Barcelona, ES would create discrepancies for other servers reportedly in Madrid, ES: AirVPN server `mekbuda.airvpn.org`, IVPN server `es1.gw.ivpn.net`, and five IPVanish servers. 
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-light.png"
+        srcset="/images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-light.png 1x, /images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-dark.png"
+        srcset="/images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-dark.png 1x, /images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Server-light.png"
+        srcset="/images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Server-light.png 1x, /images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Server-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Server-dark.png"
+        srcset="/images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Server-dark.png 1x, /images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Server-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+Regarding the AirVPN server `alcor.airvpn.org`, either of two adjustments similarly resolves the speed violation: 1) assuming that the asm.ca.com probe `uahrk02` is in Kharkivska, Kiev, UA instead of Kharkov, UA; or 2) assuming that the server is closer to Kharkov, UA than to Kiev, UA. However, there are no other nearby VPN servers in my data.
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-light.png"
+        srcset="/images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-light.png 1x, /images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-dark.png"
+        srcset="/images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-dark.png 1x, /images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Server-light.png"
+        srcset="/images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Server-light.png 1x, /images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Server-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Server-dark.png"
+        srcset="/images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Server-dark.png 1x, /images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Server-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+There are far too many HMA server IPv4 to discuss individually, so I'll do four that are representative: `fun-tv.prcdn.net`, `ppg-as.prcdn.net`, `bue-ar.prcdn.net` and `cys-wy-us.prcdn.net`.
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/HMA-fun-tv.prcdn_.net-5.62.58.220-All-Probes-Tweak-Server-light.png"
+        srcset="/images-static/uploads/HMA-fun-tv.prcdn_.net-5.62.58.220-All-Probes-Tweak-Server-light.png 1x, /images-static/uploads/HMA-fun-tv.prcdn_.net-5.62.58.220-All-Probes-Tweak-Server-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/HMA-fun-tv.prcdn_.net-5.62.58.220-All-Probes-Tweak-Server-dark.png"
+        srcset="/images-static/uploads/HMA-fun-tv.prcdn_.net-5.62.58.220-All-Probes-Tweak-Server-dark.png 1x, /images-static/uploads/HMA-fun-tv.prcdn_.net-5.62.58.220-All-Probes-Tweak-Server-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/HMA-ppg-as.prcdn_.net-5.62.58.4-All-Probes-Tweak-Server-light.png"
+        srcset="/images-static/uploads/HMA-ppg-as.prcdn_.net-5.62.58.4-All-Probes-Tweak-Server-light.png 1x, /images-static/uploads/HMA-ppg-as.prcdn_.net-5.62.58.4-All-Probes-Tweak-Server-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/HMA-ppg-as.prcdn_.net-5.62.58.4-All-Probes-Tweak-Server-dark.png"
+        srcset="/images-static/uploads/HMA-ppg-as.prcdn_.net-5.62.58.4-All-Probes-Tweak-Server-dark.png 1x, /images-static/uploads/HMA-ppg-as.prcdn_.net-5.62.58.4-All-Probes-Tweak-Server-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/HMA-bue-ar.prcdn_.net-5.62.58.16-All-Probes-Tweak-Server-light.png"
+        srcset="/images-static/uploads/HMA-bue-ar.prcdn_.net-5.62.58.16-All-Probes-Tweak-Server-light.png 1x, /images-static/uploads/HMA-bue-ar.prcdn_.net-5.62.58.16-All-Probes-Tweak-Server-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/HMA-bue-ar.prcdn_.net-5.62.58.16-All-Probes-Tweak-Server-dark.png"
+        srcset="/images-static/uploads/HMA-bue-ar.prcdn_.net-5.62.58.16-All-Probes-Tweak-Server-dark.png 1x, /images-static/uploads/HMA-bue-ar.prcdn_.net-5.62.58.16-All-Probes-Tweak-Server-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/HMA-cys-wy-us.prcdn_.net-5.62.59.72-All-Probes-Tweak-Server-light.png"
+        srcset="/images-static/uploads/HMA-cys-wy-us.prcdn_.net-5.62.59.72-All-Probes-Tweak-Server-light.png 1x, /images-static/uploads/HMA-cys-wy-us.prcdn_.net-5.62.59.72-All-Probes-Tweak-Server-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/HMA-cys-wy-us.prcdn_.net-5.62.59.72-All-Probes-Tweak-Server-dark.png"
+        srcset="/images-static/uploads/HMA-cys-wy-us.prcdn_.net-5.62.59.72-All-Probes-Tweak-Server-dark.png 1x, /images-static/uploads/HMA-cys-wy-us.prcdn_.net-5.62.59.72-All-Probes-Tweak-Server-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+In all four cases, the rtt vs distance data have a roughly `V` shape. Minimum rtt tends to decrease with increasing distance, intercepts (or nearly so) the distance axis, and then tends to increase as distance increases further. Where the intercept distance is greater than about 10,000 km, the linear least-squares fit actually has a negative slope. In any case, the intercept probe is arguably closest to the server. Making that assumption, one can recalculate server-probe distances. In each case, doing so leads to a more-or-less linear distance-rtt relationship, with a least-squares fit having a better coefficient of determination (R&sup2;).
+
+For all four HMA examples, the lowest rtt probe is in Miami, FL, US. And generally for other HMA server IPv4, lowest rtt probes are commonly in Miami, FL, US; Seattle, WA, US; or Prague, CZ. So perhaps many HMA server IPv4 are actually located in a relatively small number of data centers, rather they're claimed to be. To test for that, one can look at a VPN's server IPv4 pinged from probes in a particular city, such as Vancouver, BC, CA. 
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/All-IVPN-Vancouver-Probes-light.png"
+        srcset="/images-static/uploads/All-IVPN-Vancouver-Probes-light.png 1x, /images-static/uploads/All-IVPN-Vancouver-Probes-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/All-IVPN-Vancouver-Probes-dark.png"
+        srcset="/images-static/uploads/All-IVPN-Vancouver-Probes-dark.png 1x, /images-static/uploads/All-IVPN-Vancouver-Probes-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/All-AirVPN-Vancouver-Probes-light.png"
+        srcset="/images-static/uploads/All-AirVPN-Vancouver-Probes-light.png 1x, /images-static/uploads/All-AirVPN-Vancouver-Probes-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/All-AirVPN-Vancouver-Probes-dark.png"
+        srcset="/images-static/uploads/All-AirVPN-Vancouver-Probes-dark.png 1x, /images-static/uploads/All-AirVPN-Vancouver-Probes-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/All-HMA-Vancouver-Probes-light.png"
+        srcset="/images-static/uploads/All-HMA-Vancouver-Probes-light.png 1x, /images-static/uploads/All-HMA-Vancouver-Probes-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/All-HMA-Vancouver-Probes-dark.png"
+        srcset="/images-static/uploads/All-HMA-Vancouver-Probes-dark.png 1x, /images-static/uploads/All-HMA-Vancouver-Probes-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+HMA server IPv4 clearly fall in several bands. Each band has similar minimum rtt, within about 1-2 msec, but distances that span about 8,000-10,000 km. But there's little of that in either the IVPN or AirVPN data. Doing the same analysis for probes in many cities, similar bands are evident, at various minimum rtt levels. But what's interesting is that bands from multiple probes include largely the same set of server IPv4.
+
+I've identified four such largely invariant bands. Based on the probes where each band has minimum rtt ~0 msec, those arguably represent data centers in London, UK; Miami, FL, US; Prague, CZ; and Seattle, WA, US. Some servers apparently have IPv4 in multiple data centers. If I assume that each server IPv4 is located in its apparent data center, rather than where it's asserted to be, I get the expected relationship between server-probe distance and minimum rtt. With no lightspeed violations.
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/HMA-London-Miami-Prague-Seattle-DCs-All-Probes-light.png"
+        srcset="/images-static/uploads/HMA-London-Miami-Prague-Seattle-DCs-All-Probes-light.png 1x, /images-static/uploads/HMA-London-Miami-Prague-Seattle-DCs-All-Probes-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/HMA-London-Miami-Prague-Seattle-DCs-All-Probes-dark.png"
+        srcset="/images-static/uploads/HMA-London-Miami-Prague-Seattle-DCs-All-Probes-dark.png 1x, /images-static/uploads/HMA-London-Miami-Prague-Seattle-DCs-All-Probes-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+There are six IVPN and AirVPN server IPv4 where the nearest probe doesn't have the smallest minimum rtt, although there are no lightspeed violations. 
+
+{{< raw-html >}}
+<table cellspacing="3">
+  <tr>
+    <td>
+      <b>VPN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</b>
+    </td>
+    <td>
+      <b>Server</b>
+    </td>
+    <td>
+      <b>IPv4&nbsp;Address</b>
+    </td>
+    <td>
+      <b>Server&nbsp;Location&nbsp;</b>
+    </td>
+    <td>
+      <b>Probe&nbsp;Location&nbsp;</b>
+    </td>
+    <td>
+      <b>Distance&nbsp;</b>
+    </td>
+    <td>
+      <b>Min&nbsp;rtt&nbsp;</b>
+    </td>
+    <td>
+      <b>Max&nbsp;Speed</b>
+    </td>
+  </tr>
+  <tr>
+    <td>
+      <b></b>
+    </td>
+    <td>
+      <b></b>
+    </td>
+    <td>
+      <b></b>
+    </td>
+    <td>
+      <b></b>
+    </td>
+    <td>
+      <b></b>
+    </td>
+    <td>
+      <b>(km)</b>
+    </td>
+    <td>
+      <b>(msec)</b>
+    </td>
+    <td>
+      <b>(km/msec)</b>
+    </td>
+  </tr>
+  <tr>
+    <td>
+      IVPN
+    </td>
+    <td>
+      is1.gw.ivpn.net
+    </td>
+    <td>
+      82.221.107.178
+    </td>
+    <td>
+      Reykjavik, IS
+    </td>
+    <td>
+      Amsterdam, NL
+    </td>
+    <td>
+      2011
+    </td>
+    <td>
+      36.0
+    </td>
+    <td>
+      112
+    </td>
+  </tr>
+  <tr>
+    <td>
+      IVPN
+    </td>
+    <td>
+      ch2.gw.ivpn.net
+    </td>
+    <td>
+      136.0.0.194
+    </td>
+    <td>
+      Zurich, CH
+    </td>
+    <td>
+      Geneva, CH
+    </td>
+    <td>
+      224
+    </td>
+    <td>
+      4.4
+    </td>
+    <td>
+      101
+    </td>
+  </tr>
+  <tr>
+    <td>
+      IVPN
+    </td>
+    <td>
+      ch3.gw.ivpn.net
+    </td>
+    <td>
+      141.255.166.194
+    </td>
+    <td>
+      Zurich, CH
+    </td>
+    <td>
+      Milan, IT
+    </td>
+    <td>
+      218
+    </td>
+    <td>
+      7.5
+    </td>
+    <td>
+      58
+    </td>
+  </tr>
+  <tr>
+    <td>
+      IVPN
+    </td>
+    <td>
+      ch1.gw.ivpn.net
+    </td>
+    <td>
+      141.255.164.66
+    </td>
+    <td>
+      Zurich, CH
+    </td>
+    <td>
+      Milan, IT
+    </td>
+    <td>
+      218
+    </td>
+    <td>
+      7.6
+    </td>
+    <td>
+      58
+    </td>
+  </tr>
+  <tr>
+    <td>
+      AirVPN
+    </td>
+    <td>
+      virginis.airvpn.org
+    </td>
+    <td>
+      46.19.137.114
+    </td>
+    <td>
+      Bern, CH
+    </td>
+    <td>
+      Milan, Italy
+    </td>
+    <td>
+      213
+    </td>
+    <td>
+      1.8
+    </td>
+    <td>
+      237
+    </td>
+  </tr>
+  <tr>
+    <td>
+      AirVPN
+    </td>
+    <td>
+      nunki.airvpn.org
+    </td>
+    <td>
+      78.129.153.40
+    </td>
+    <td>
+      Manchester, UK
+    </td>
+    <td>
+      London, UK
+    </td>
+    <td>
+      262
+    </td>
+    <td>
+      2.4
+    </td>
+    <td>
+      218
+    </td>
+  </tr>
+</table>
+{{< / raw-html >}}
+
+Most notably, the lowest-rtt probe for IVPN server `is1.gw.ivpn.net` is in Amsterdam, NL. The data is somewhat `V` shaped, with the lowest minimum rtt at ~2,000 km. And indeed, the distance between Reykjavik, IS and Amsterdam, NL is 2013 km. However, given my long-term working relationship with IVPN, one of their network engineers verified that this server is indeed in Reykjavik, IS. It's also unlikely that the maplatency.com probe `IS midlar ehf` is actually in Amsterdam, because that's an AS in [Iceland][16]. It's arguably most likely that the probe (in [Iceland AS60300][16]) and `is1.gw.ivpn.net` (in [Iceland AS44515][17]) just weren't peering directly, but instead through an AS near Amsterdam. 
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/IVPN-is1.gw_.ivpn_.net-All-Probes-under-4000-km-light.png"
+        srcset="/images-static/uploads/IVPN-is1.gw_.ivpn_.net-All-Probes-under-4000-km-light.png 1x, /images-static/uploads/IVPN-is1.gw_.ivpn_.net-All-Probes-under-4000-km-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/IVPN-is1.gw_.ivpn_.net-All-Probes-under-4000-km-dark.png"
+        srcset="/images-static/uploads/IVPN-is1.gw_.ivpn_.net-All-Probes-under-4000-km-dark.png 1x, /images-static/uploads/IVPN-is1.gw_.ivpn_.net-All-Probes-under-4000-km-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+Less dramatically, the lowest-rtt probes for four server IPv4 in Switzerland are at ~200 km. I've verified with IVPN that its Swiss servers are actually located in Zurich, CH. However, an engineer did find that minimum rtt for `ch1.gw.ivpn.net`-`ch2.gw.ivpn.net` and `ch3.gw.ivpn.net`-`ch2.gw.ivpn.net` are greater than that for `ch1.gw.ivpn.net`-`ch3.gw.ivpn.net`. Again, it appears that there are peering issues.
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/IVPN-ch1.gw_.ivpn_.net-All-Probes-under-4000-km-light.png"
+        srcset="/images-static/uploads/IVPN-ch1.gw_.ivpn_.net-All-Probes-under-4000-km-light.png 1x, /images-static/uploads/IVPN-ch1.gw_.ivpn_.net-All-Probes-under-4000-km-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/IVPN-ch1.gw_.ivpn_.net-All-Probes-under-4000-km-dark.png"
+        srcset="/images-static/uploads/IVPN-ch1.gw_.ivpn_.net-All-Probes-under-4000-km-dark.png 1x, /images-static/uploads/IVPN-ch1.gw_.ivpn_.net-All-Probes-under-4000-km-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/IVPN-ch2.gw_.ivpn_.net-All-Probes-under-4000-km-light.png"
+        srcset="/images-static/uploads/IVPN-ch2.gw_.ivpn_.net-All-Probes-under-4000-km-light.png 1x, /images-static/uploads/IVPN-ch2.gw_.ivpn_.net-All-Probes-under-4000-km-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/IVPN-ch2.gw_.ivpn_.net-All-Probes-under-4000-km-dark.png"
+        srcset="/images-static/uploads/IVPN-ch2.gw_.ivpn_.net-All-Probes-under-4000-km-dark.png 1x, /images-static/uploads/IVPN-ch2.gw_.ivpn_.net-All-Probes-under-4000-km-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/IVPN-ch3.gw_.ivpn_.net-All-Probes-under-4000-km-light.png"
+        srcset="/images-static/uploads/IVPN-ch3.gw_.ivpn_.net-All-Probes-under-4000-km-light.png 1x, /images-static/uploads/IVPN-ch3.gw_.ivpn_.net-All-Probes-under-4000-km-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/IVPN-ch3.gw_.ivpn_.net-All-Probes-under-4000-km-dark.png"
+        srcset="/images-static/uploads/IVPN-ch3.gw_.ivpn_.net-All-Probes-under-4000-km-dark.png 1x, /images-static/uploads/IVPN-ch3.gw_.ivpn_.net-All-Probes-under-4000-km-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/AirVPN-virginis.airvpn.org-All-Probes-under-4000-km-light.png"
+        srcset="/images-static/uploads/AirVPN-virginis.airvpn.org-All-Probes-under-4000-km-light.png 1x, /images-static/uploads/AirVPN-virginis.airvpn.org-All-Probes-under-4000-km-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/AirVPN-virginis.airvpn.org-All-Probes-under-4000-km-dark.png"
+        srcset="/images-static/uploads/AirVPN-virginis.airvpn.org-All-Probes-under-4000-km-dark.png 1x, /images-static/uploads/AirVPN-virginis.airvpn.org-All-Probes-under-4000-km-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+Also problematic are the AirVPN server `nunki.airvpn.org`, with the lowest-rtt probe at ~250 km, and the IVPN server `ut1.gw.ivpn.net`, with the lowest-rtt probe at ~600 km. I've verified with IVPN that its server is actually located in Salt Lake City. It's apparently peering again. That is, the server and probe ISPs don't peer directly, but only through a distant ISP. So the probe that's closest physically doesn't have the smallest rtt.
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/AirVPN-nunki.airvpn.org-All-Probes-under-4000-km-light.png"
+        srcset="/images-static/uploads/AirVPN-nunki.airvpn.org-All-Probes-under-4000-km-light.png 1x, /images-static/uploads/AirVPN-nunki.airvpn.org-All-Probes-under-4000-km-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/AirVPN-nunki.airvpn.org-All-Probes-under-4000-km-dark.png"
+        srcset="/images-static/uploads/AirVPN-nunki.airvpn.org-All-Probes-under-4000-km-dark.png 1x, /images-static/uploads/AirVPN-nunki.airvpn.org-All-Probes-under-4000-km-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/IVPN-ut1.gw_.ivpn_.net-All-Probes-under-4000-km-light.png"
+        srcset="/images-static/uploads/IVPN-ut1.gw_.ivpn_.net-All-Probes-under-4000-km-light.png 1x, /images-static/uploads/IVPN-ut1.gw_.ivpn_.net-All-Probes-under-4000-km-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/IVPN-ut1.gw_.ivpn_.net-All-Probes-under-4000-km-dark.png"
+        srcset="/images-static/uploads/IVPN-ut1.gw_.ivpn_.net-All-Probes-under-4000-km-dark.png 1x, /images-static/uploads/IVPN-ut1.gw_.ivpn_.net-All-Probes-under-4000-km-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+Peering issues can also impact multiple probes. One of the three AirVPN servers in London, UK (`algedi.airvpn.org`) shows a normal relationship between minimum rtt and distance. But for the other two (`alshain.airvpn.org` and `asterion.airvpn.org`) there are at least 13 probes with minimum rtt that's anomalously 80-100 msec too large (in Belgium, Bulgaria, Germany, Greece, Hungary, Italy, Netherlands, Sweden, Switzerland and Ukraine). For those probes, routing to `alshain.airvpn.org` and `asterion.airvpn.org` is apparently far less direct than routing to `algedi.airvpn.org`.
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/AirVPN-London-algedi-All-Probes-under-4000-km-light.png"
+        srcset="/images-static/uploads/AirVPN-London-algedi-All-Probes-under-4000-km-light.png 1x, /images-static/uploads/AirVPN-London-algedi-All-Probes-under-4000-km-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/AirVPN-London-algedi-All-Probes-under-4000-km-dark.png"
+        srcset="/images-static/uploads/AirVPN-London-algedi-All-Probes-under-4000-km-dark.png 1x, /images-static/uploads/AirVPN-London-algedi-All-Probes-under-4000-km-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/AirVPN-London-alshan-asterion-All-Probes-under-4000-km-light.png"
+        srcset="/images-static/uploads/AirVPN-London-alshan-asterion-All-Probes-under-4000-km-light.png 1x, /images-static/uploads/AirVPN-London-alshan-asterion-All-Probes-under-4000-km-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/AirVPN-London-alshan-asterion-All-Probes-under-4000-km-dark.png"
+        srcset="/images-static/uploads/AirVPN-London-alshan-asterion-All-Probes-under-4000-km-dark.png 1x, /images-static/uploads/AirVPN-London-alshan-asterion-All-Probes-under-4000-km-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+More dramatically, for AirVPN servers in Hong Kong, minimum rtt for all probes in mainland China are anomalously more than 300 msec too large. Minimum rtt for a probe in Bankok, TH is ~250 msec too large. Perhaps the probes in mainland China peer to Hong Kong through Bankok.
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/AirVPN-Hong-Kong-All-Probes-in-China-light.png"
+        srcset="/images-static/uploads/AirVPN-Hong-Kong-All-Probes-in-China-light.png 1x, /images-static/uploads/AirVPN-Hong-Kong-All-Probes-in-China-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/AirVPN-Hong-Kong-All-Probes-in-China-dark.png"
+        srcset="/images-static/uploads/AirVPN-Hong-Kong-All-Probes-in-China-dark.png 1x, /images-static/uploads/AirVPN-Hong-Kong-All-Probes-in-China-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/AirVPN-Hong-Kong-All-Probes-outside-China-light.png"
+        srcset="/images-static/uploads/AirVPN-Hong-Kong-All-Probes-outside-China-light.png 1x, /images-static/uploads/AirVPN-Hong-Kong-All-Probes-outside-China-light@2x.png 2x"
+        alt="Image" />
+    <img class="features__image--dark" src="/images-static/uploads/AirVPN-Hong-Kong-All-Probes-outside-China-dark.png"
+        srcset="/images-static/uploads/AirVPN-Hong-Kong-All-Probes-outside-China-dark.png 1x, /images-static/uploads/AirVPN-Hong-Kong-All-Probes-outside-China-dark@2x.png 2x"
+        alt="Image" />
+</figure>
+{{< / raw-html >}}
+
+## Discussion
+
+As you can see, based on this data, the probe with the smallest rtt is typically physically closest to the server. If you have data from enough probes, and find a minimum rtt under ~3 msec, you can often pin down server location within 100 km or less. And whenever the apparent speed of signal transmission exceeds the speed of light in a vacuum, there _must_ be a discrepancy in geolocation. Or an error in minimum rtt measurements or data manipulation, of course.
+
+However, there are pitfalls. Before concluding that a server is mislocated, you need to check whether it's actually a probe that's mislocated. As I found for `asm.ca.com` probe gbedi01. Although it's reportedly in Edinburgh, it's actually in London. And that mislocation made AirVPN's and IVPN's London servers seem to be in Edinburgh. But it's usually possible to identify mislocated probes. If you see apparent mislocation for servers from multiple providers, involving a particular probe, it's safe to conclude that it's the probe that's mislocated.
+
+There are other ambiguities. When the smallest minimum rtt is greater than a few msec, and another minimum rtt is just a little greater than that, differences in routing and equipment latencies may account for the difference. So the probe with the smallest minimum rtt may not actually be closest to the server, and no firm conclusions about geolocation can be drawn. As I found for IVPN server `is1.gw.ivpn.net` where a probe in Iceland had higher minimum rtt than probes in northern Europe. Apparently, the Icelandic ISPs for server and probe peer through Amsterdam.
+
+Finally, when many of a provider's server IPv4 are mislocated, it's likely that they're actually in a relatively small number of data centers. There are two approaches for identifying data centers. You can focus on server IPv4 with maximum ping transmission speeds apparently faster than light in a vacuum. For each, the probe with the smallest rtt is likely closest to the data center. Doing that, I found that `fun-tv.prcdn.net`, `ppg-as.prcdn.net`, `bue-ar.prcdn.net` and `cys-wy-us.prcdn.net` are likely in Miami. 
+
+Alternatively, you can consider data for all server IPv4 pinged from particular probes. For a given probe, you'll likely see a band of server IPv4 with minimum rtt near zero. So those server IPv4 are likely in a data center near that probe. If you look at data for enough probes, you can likely identify most of the data centers. And you can check results by looking at rtt vs distance for all probes, using apparent data center locations instead of purported server IPv4 locations.
+
+ [1]: https://whatismyipaddress.com/
+ [2]: https://ipinfo.io/
+ [3]: https://browserleaks.com/ip
+ [4]: https://mycurrentlocation.net/
+ [5]: https://www.maxmind.com
+ [6]: https://www.google.com/
+ [7]: https://physics.stackexchange.com/questions/80043/how-fast-does-light-travel-through-a-fibre-optic-cable
+ [8]: https://electronics.stackexchange.com/questions/68619/triangulate-with-ping
+ [9]: https://bgp.he.net/
+ [10]: https://restoreprivacy.com/vpn-server-locations/
+ [11]: http://ping.pe/
+ [12]: https://asm.ca.com/en/ping.php
+ [13]: https://maplatency.com/
+ [14]: https://ping.pe/
+ [15]: https://www.movable-type.co.uk/scripts/latlong.html
+ [16]: https://bgp.he.net/AS60300
+ [17]: https://bgp.he.net/AS44515
\ No newline at end of file
diff --git a/src/content/es/pages/privacy-guides/isp-netflow-surveillance-and-vpn.md b/src/content/es/pages/privacy-guides/isp-netflow-surveillance-and-vpn.md
new file mode 100644
index 000000000..88cccf5c7
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/isp-netflow-surveillance-and-vpn.md
@@ -0,0 +1,122 @@
+---
+title: Can ISPs NetFlow data be used to track traffic going through VPNs?
+author: Solène Rapenne
+url: /privacy-guides/isp-netflow-surveillance-and-vpn/
+section: Basic
+weight: 10
+date: 2024-01-08T00:00:00+00:00
+update: 2024-01-29T00:00:00+00:00
+layout: guides-details
+articles: [
+  {
+    title: "What is a VPN?",
+    url: "/privacy-guides/what-is-a-vpn/"
+  },
+  {
+    title: "Will a VPN Protect Me? Defining Your Threat Model",
+    url: "/privacy-guides/will-a-vpn-protect-me/"
+  },
+  {
+    title: "Tor vs I2P",
+    url: "/privacy-guides/an-introduction-to-tor-vs-i2p/"
+  }
+]
+---
+## Introduction
+
+This privacy guide will help you understand what information your [Internet Service Provider][isp] (ISP) can view regarding your network activity and the implications if you are using a [Virtual Private Network][what_is] (VPN). In fact, many ISPs utilize [NetFlow][netflow], a protocol developed by [Cisco][cisco], to store the data concerning the traffic they route throughout the day.
+
+NetFlow allows the storage and efficient processing of network information including:
+
+- Date and Time with millisecond resolution
+- Source [IP][ip] address
+- Destination [IP][ip] address
+- IP protocol number (most common protocols are [TCP][tcp] and [UDP][udp])
+- Source port
+- Destination port
+- IP field "[Type of Service][ToS]"
+
+A NetFlow dataset does not include any [packets capture][pcap] data, it simply presents a list of the routing information, including the source and destination's addresses and ports, and when the routing occurred.
+
+## Is a VPN vulnerable to NetFlow analysis?
+
+As you may be aware, a VPN creates an encapsulated connection between your VPN client and the VPN server. All the [network traffic][network] between these two machines travels over the Internet in encrypted form, and your ISP can't use classic techniques such as [Deep Packet Inspection][dpi] for snooping the VPN content.
+
+Nonetheless, it's crucial to note that, besides the encrypted data, your ISP obtains a lot of information about your VPN from the NetFlow data. As the VPN service providers IP ranges are well known, your ISP can easily figure you are using a VPN, in addition to knowing the time you connect, the amount of data you transfer over the VPN and the location of the remote VPN server.
+
+Although this information may seem insignificant, it can be exploited. For instance, it's easy to determine your computer time habits, and potentially the number of people in your house, and how people consume the Internet.
+
+Please note that it's impossible to hide your network activity from your ISP, as they are the ones who provide your connection to remote servers, but if you use a VPN, your ISP will only see a single encrypted connection.
+
+## Internet is a giant puzzle
+
+The Internet could be compared to a vast puzzle composed of many pieces, each representing an ISP. Every ISP has knowledge of its own part of the puzzle and the connections to other pieces.
+
+If your VPN service provider is located in a different part of the puzzle than your own ISP, this means that your actions through the VPN cannot be accurately determined by your ISP. Similarly, the ISP of the VPN server has no way of identifying you using only your IP address, they would need to collaborate with your ISP to identify you.
+
+![](/img/diagram-vpn-transit.png)
+
+## Worldwide NetFlow database
+
+Unfortunately, a 2022 [article from Vice][Augury] has reveled that a US-based private company has been collecting NetFlow exports from many ISPs worldwide in exchange for Threat Intelligence analysis. The number of involved ISPs suggests that, from the article, it may represent roughly ninety percent of the global Internet traffic. Information about [Team Cymru][cymru], the company that sells access to the consolidated NetFlows database, remains limited. It was found that their website contains a list of [facts and myths][cymru_facts] about their services, though their claims cannot be verified. Nevertheless, it is evident that they are working on NetFlow aggregation.
+
+Using the puzzle analogy again, Team Cymru has access to most of the puzzle pieces. While a single piece doesn't hold enough information in the context of using a VPN, having many of them could potentially expose your Internet usage **if they receive NetFlow exports from both your ISP and your VPN provider ISP**. For example, traffic correlation using the packets timing becomes a lot easier when you know the delay between the user and their VPN provider acting as a proxy.
+
+In 2024, the NSA [stated to a senator][senate] that they were buying NetFlow exports from ISPs as long as it involves traffic to or from the United States.
+
+### NetFlow and anonymization
+
+It is not possible to say which ISP shares their NetFlow data.
+
+For European based ISPs, the [GDPR][gdpr] compliance dictates that personal data should not be shared. It is not our place to discuss if NetFlow datasets qualify as are personal data, but GDPR compliance implies that ISPs must not permit any third party to associate a NetFlow export with personal information such as names, addresses or, phone numbers.
+
+Two possibilities exist regarding NetFlow exports:
+
+1. ISPs sharing anonymized NetFlow datasets.
+2. ISPs sharing customer information.
+
+In the first case, the network activity for a VPN user would appear as follows: [anonymous IP A] connected to [anonymous IP B] web server on [date] via a VPN of type [protocol] on [anonymous IP C].
+
+In the second case, the network activity would be much more specific: [identified person A] connected to [identified company B]'s web server on [date] through a VPN of type [protocol] on [identified company C].
+
+## Possible mitigation
+
+With someone able to view most of the global Internet traffic, as previously mentioned, a VPN alone would be insufficient to protect your privacy. Does it render VPNs useless? VPNs are effective at protecting against data snooping while using public networks, bypassing firewalls or preventing your ISP to know what you use Internet for, but its efficacy can be limited against a state-level actor.
+
+In the worst case scenario of a NetFlow analysis, the data passing through the VPN remains encrypted and unusable, but it may be possible to reveal to which servers you connected, the protocol you used (HTTPS, emails etc.) and maybe infer visited websites.
+
+However, using a VPN service offering multiple hops passing through different countries/ISPs can still protect your privacy, but only if the ISPs do not all share their NetFlow data. In order to increase the NetFlow analysis resistance, at the cost of both higher latency and reduced bandwidth, it's possible to chain multiple VPNs from different VPN providers, but at the condition that the VPN providers are trustworthy and that their servers aren't all part of the NetFlow exports.
+
+To protect your privacy efficiently, it's important that you [define your threat model][threat_model] and check if it suits your needs.
+
+An alternative mitigation would be to use the [I2P protocol][i2p_wiki], although its usage is a bit restrictive, [contrary to Tor][tor_vs_i2p]. I2P is intended to be used as a "network layer on top of the Internet", rather than a substitute for a VPN. For more information, visit the [official project website][i2p].
+
+A more realistic mitigation would be the use of a [mix network](https://www.ivpn.net/privacy-guides/adversaries-and-anonymity-systems-the-basics/#anonymity-systems), but as of the time of writing, they are complicated to use and require blockchain tokens to work, which is a challenge to buy anonymously. We also lack feedback about their efficiency in a real world usage.
+
+## Exercise: monitor your own network activity
+
+For our readers with some network skills, here is a simple experiment to understand what your ISP can observe from your VPN usage. You can assess your own VPN activity by monitoring the network traffic on your local VPN interface using software such as [Wireshark][wireshark] (a graphical tool), [ntopng][ntopng] (web-based, mostly used on routers) or [tcpdump][tcpdump] (a command line tool). These software are available on most operating systems (Windows, macOS, Linux, Android, dd-wrt, *BSD), however their usage is not within the scope of this guide.
+
+[isp]: https://en.wikipedia.org/wiki/Internet_service_provider
+[netflow]: https://en.wikipedia.org/wiki/NetFlow
+[network]: https://en.wikipedia.org/wiki/Network_traffic
+[dpi]: https://www.fortinet.com/resources/cyberglossary/dpi-deep-packet-inspection
+[wireshark]: https://www.wireshark.org/
+[tcpdump]: https://en.wikipedia.org/wiki/Tcpdump
+[ntopng]: https://www.ntop.org/products/traffic-analysis/ntop/
+[tcp]: https://en.wikipedia.org/wiki/Transmission_Control_Protocol
+[udp]: https://en.wikipedia.org/wiki/User_Datagram_Protocol
+[ip]: https://en.wikipedia.org/wiki/IP_address
+[ToS]: https://en.wikipedia.org/wiki/Type_of_service
+[Augury]: https://www.vice.com/en/article/y3pnkw/us-military-bought-mass-monitoring-augury-team-cymru-browsing-email-data
+[pcap]: https://en.wikipedia.org/wiki/Pcap
+[i2p_wiki]: https://en.wikipedia.org/wiki/I2P
+[i2p]: https://geti2p.net/en/about/intro
+[tor_vs_i2p]: https://www.ivpn.net/privacy-guides/an-introduction-to-tor-vs-i2p/
+[cisco]: https://www.cisco.com/
+[cymru]: https://www.team-cymru.com/
+[what_is]: https://www.ivpn.net/privacy-guides/what-is-a-vpn/
+[threat_model]: https://www.ivpn.net/privacy-guides/will-a-vpn-protect-me/
+[cymru_facts]: https://www.team-cymru.com/post/team-cymru-myth-vs-fact
+[gdpr]: https://en.wikipedia.org/wiki/General_Data_Protection_Regulation
+[senate]: https://www.wyden.senate.gov/news/press-releases/wyden-releases-documents-confirming-the-nsa-buys-americans-internet-browsing-records-calls-on-intelligence-community-to-stop-buying-us-data-obtained-unlawfully-from-data-brokers-violating-recent-ftc-order
diff --git a/src/content/es/pages/privacy-guides/mac-address.md b/src/content/es/pages/privacy-guides/mac-address.md
new file mode 100755
index 000000000..7f1c5da64
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/mac-address.md
@@ -0,0 +1,147 @@
+---
+title: Privacy issues related to MAC addresses
+author: Solène Rapenne
+url: /privacy-guides/mac-address-privacy/
+section: Misc
+weight: 10
+date: 2024-03-08T00:00:15+00:00
+layout: guides-details
+articles: [
+  {
+    title: "What is a VPN?",
+    url: "/privacy-guides/what-is-a-vpn/"
+  },
+  {
+    title: "Will a VPN Protect Me? Defining Your Threat Model",
+    url: "/privacy-guides/will-a-vpn-protect-me/"
+  },
+]
+---
+In this guide, you will learn what type of tracking is done using MAC addresses, and what steps you can take to protect your privacy against such threats.
+
+## Introduction to MAC addresses
+
+The MAC address is used within local networks, at the Ethernet level, to identify network devices when exchanging data.
+
+The MAC mechanism was developed during Ethernet protocol specification at Xerox in the late 70s. Read more [on Ethernet history](https://akapugs.blog/2020/02/12/676/).
+
+The acronym MAC stands for **M**edium **A**ccess **C**ontrol ([MAC](https://en.wikipedia.org/wiki/MAC_address)), the name "physical address" is also widely used in place of MAC address. It is composed of 6 hexadecimals (from 0 to F) two digits numbers. The numbers are not random as there are some rules for valid MAC addresses. In order to illustrate what a MAC address looks like, here is a valid random one: `9A:E6:14:71:B3:AE`, note that the colons are commonly used between each two hexadecimals digits to improves readability.
+
+All Ethernet, Wi-Fi and even Bluetooth devices have a unique address among the 180 trillions addresses possible due to the 48 bits size of MAC addresses. In comparison, there are only 4 billions (more exactly 2^32 or 4 294 967 296) IPv4 addresses, and only a subset is usable over the Internet.
+
+Network switches are relying on MAC address to figure which port to use when relaying a packet between two devices. Previously, the legacy network hubs were not aware of MAC addresses, and therefore were relaying packets on all its ports.
+
+There is [a giant database](https://regauth.standards.ieee.org/standards-ra-web/pub/view.html) containing the MAC addresses of every individual device sold on the market. However, you may prefer to use a service with a simpler interface, just search for "MAC address database browser" in a search engine. Please mind that this database does not contain any personal information about people buying the devices, it is only a registry of all produced devices, their manufacturer and their identifier.
+
+## MAC address applications
+
+The MAC address exists in the first place to allow network devices to exchange data between each other.
+
+However, as it identifies a machine on a local network, we have seen uses for wider purpose like tracking people in shopping centers, restrict networks to some machines or user identification in captive portals.
+
+### Quota and captive portals
+
+Certain mechanisms rely on a MAC address to identify devices on a network, but such applications have shortcomings. It is easy to change your system MAC to another, and also easy to spoof someone's device MAC.
+
+Let me illustrate MAC spoofing. Let's say you are in a hotel providing a Wi-Fi hotspot, but it has an Internet use quota. It is likely the system is relying on the clients MAC addresses to assign the quota when no credentials are asked, in such cases, you could change your MAC to a random one to reset your quota. Even further, if you are required to pay to connect to the Internet and the system uses MAC addresses as identifiers, it could be easy to spoof the MAC address of someone who paid. This might be straightforward, but also illegal in most jurisdictions and may not work well while the two devices are connected simultaneously.
+
+### Customer tracking
+
+A much more concerning use of MAC address is the tracking of customers in supermarkets / malls. Devices with Wi-Fi enabled, like smartphones, are regularly probing for access points by broadcasting their MAC address. This is holy grail for tracking customers, and was a popular technique during the 2010's.
+
+You can learn more about this practice in [this case study](https://www.martechsadvisor.com/news/ecommerce/euclid-analytics-redesigns-instore-wifi-experience-with-euclid-connect/) and in this [Harvard University assignment](https://d3.harvard.edu/platform-rctom/submission/we-know-you-looked-at-that-ugly-sweater-euclid-analytics-in-store-tracking-and-the-narrowing-of-the-online-offline-gap/).
+
+With a unique MAC per device, it is easy to figure out the following information:
+
+- date and time of visit (entering, leaving)
+- duration of each visit
+- how often do they visit
+- habits of visits (day of the week, favorite hour in the day)
+
+If the center is big enough, it is possible to locate users within the building to track their shopping journey.
+
+Fortunately, smartphone system providers have added mechanisms to mitigate this tracking, more details on this in a section later in this guide.
+
+### Physical tracking
+
+Edward Snowden reported that the [NSA used MAC addresses](https://www.wired.com/2014/08/edward-snowden/) to physically track people. If someone uses the same MAC address to connect to multiple public Wi-Fi within airports, train stations or any other open network that is at reach of a government agency, it becomes easy to know the time and location of a traveling device. This does not help to identify the person using the device though, the MAC address does not contain any personal information.
+
+There is no way to know if this is actively used in the wild, but MAC randomization protects against tracking.
+
+## Does the MAC address leak on the Internet?
+
+A MAC address is not shared beyond the local network because it is only used locally. If you connect to a website, the remote server will never know anything about MAC addresses from your local network.
+
+As shown in the diagram below, the MAC address is used to carry data over the OSI layer 2 (Ethernet, Wi-Fi), but is dropped at layer 3 (IP packets).
+
+![](/img/Tun-tap-osilayers-diagram.png)
+
+## Does a VPN protect your MAC address?
+
+All commercial VPN providers are only offering an OSI Layer 3 VPN, it relays IP packets so the MAC address is not carried through the VPN.
+
+It is possible to create a VPN relaying the OSI Layer 2 and passing through Ethernet frames instead of IP packets. While this sort of VPN use does not have a specific name, multiple technologies provide this feature like VPLS or Ethernet bridging. They can virtually extend a network to other locations, and all devices on the network will see each other as if they were on the same local network. In practice, it is only useful for a couple of use cases, the most common is gaming using the "local network" mode with friends, but over the Internet. On this VPN, your MAC address is carried over to the VPN remote network.
+
+## IPv6 derived from MAC addresses
+
+In the past, the IPv6 addresses the machines were assigning to themselves (in [SLAAC](https://www.networkacademy.io/ccna/ipv6/stateless-address-autoconfiguration-slaac) mode) were derived from the network interface MAC address. As IPv6 is used to communicate on the layer 3 this meant the MAC embedded in the IPv6 address itself were leaking to all remote servers.
+
+Fortunately, this problem was addressed [by adding extras IPv6 extensions](https://superuser.com/a/243713) to mitigate this issue using [temporary private addresses](https://blog.apnic.net/2020/05/20/getting-ipv6-private-addressing-right/). As of the writing of this article, most operating systems have implemented and enabled such a solution.
+
+## The case of Bluetooth tracking
+
+Each Bluetooth device also has its own unique MAC address, which is a concern when it comes to data collection and analysis.
+
+For example, if you wear Bluetooth headphones and a Bluetooth watch, both connected to your smartphone with Bluetooth, your paired devices MAC will not change ever except if the manufacturer implemented the [complicated mechanism](https://novelbits.io/bluetooth-address-privacy-ble/) of Bluetooth Low Energy (BLE) providing random / public MAC address depending on the situation.  While mobile operating systems implemented the specifications correctly, [this is not the case](https://www.mist.com/documentation/ble-mac-randomization/) for Bluetooth devices.
+
+On top of the MAC randomization issues, Bluetooth devices tend to broadcast about themselves, like their name (user defined or factory) and what kind of devices they are (headphones, headset, watch, wearable, etc.). This creates a good opportunity for companies that snoop Bluetooth data to track you. This technique can be used even if device addresses are randomized.
+
+In parallel, there is a business tied to Bluetooth beacons being polled by applications installed on smartphones. Certain apps integrate a feature pinging for Bluetooth beacons, as some beacon providers pay app developers to perform these actions. Retrieving information from an app is valuable as they can learn and log useful information about you. You can review a [New York Times](https://www.nytimes.com/interactive/2019/06/14/opinion/bluetooth-wireless-tracking-privacy.html) article about this business for more information.
+
+If you do not want to be tracked through your Bluetooth devices, turn them off outside or keep them at home. If you only have a smartphone, do not keep Bluetooth enabled if you do not need it.
+
+## Operating System MAC randomization support
+
+Here is a list of the state of Wi-Fi and Ethernet MAC address randomization for each popular operating system.
+
+### Android (mobile OS)
+
+Android enabled random MAC for scanning since Android 8, but all devices supported changing the MAC address at this time as it was not a hardware requirement for Android devices.
+
+Since Android 9, the MAC is always randomized for scanning.
+
+Starting with Android 10, it became possible to randomize the MAC when connecting per SSID, the random MAC would remain stable for each SSID, only a system factory reset could generate a new value.
+
+In Android 12, a new feature appeared that allows disposable random MAC addresses, but it only applies under specific circumstances as [explained in the documentation](https://source.android.com/docs/core/connect/wifi-mac-randomization-behavior).
+
+### iOS (Apple mobile OS)
+
+Apple implemented MAC randomization for scanning since the iPhone 5. However, [since iOS 14](https://support.apple.com/fr-fr/guide/security/secb9cb3140c/web) they added support for a stable random MAC per network. Each MAC is randomized every twenty-four hours. Keeping the same MAC for a day on a network allows to not break captive portals that may use your MAC for authentication, quota or payment.
+
+### macOS (Apple desktop OS)
+
+So far, macOS does not seem to support MAC address randomization.
+
+### Linux (desktop / mobile OS)
+
+On popular Linux distributions, the MAC address is only randomized when scanning for networks, but not when connecting to an access point. Out of all Linux distributions we have investigated, only Qubes OS and [Tails](https://tails.net/doc/first_steps/welcome_screen/mac_spoofing/index.en.html) enable randomization for scanning and connecting by default.
+
+Linux users do have options to remedy this problem. It is possible to configure NetworkManager (the service managing network) to enable random MAC for Wi-Fi by network. It offers two randomization strategies, either "stable", producing per network a new random MAC that will be reused later, or "random", that will generate a new MAC every time one connects to the network. A fully random MAC address for each connection is not advised for most users as it can exhaust the IP pool of the local DHCP server. This happens because each new MAC can be considered as a new device, if you reconnect too many times before old DHCP leases expire, the DHCP will be out of addresses to distribute.
+
+Among the most popular operating systems, Linux distributions are the only ones to provide MAC randomization for Ethernet network interfaces.
+
+You can learn more about NetworkManager MAC randomization through [this guide](https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/) by one of the NetworkManager developers.
+
+### Windows (desktop OS)
+
+By default, Windows enables random MAC for scanning. There [is a setting](https://support.microsoft.com/en-us/windows/how-to-use-random-hardware-addresses-in-windows-ac58de34-35fc-31ff-c650-823fc48eb1bc) to enable a stable random MAC address per Wi-Fi SSID, and also a setting to enable daily randomization.
+
+Finding complete information about this feature is not straightforward, [some Microsoft slides](https://datatracker.ietf.org/meeting/109/materials/slides-109-madinas-mac-address-randomization-in-windows-10-00) explain the MAC randomization mechanism which is not fully detailed in the official documentation.
+
+Windows does not have support for randomizing the MAC of Ethernet interfaces.
+
+## Conclusion
+
+MAC addresses is a necessary component of network protocols, it does not leak through VPNs but could be used to track people through their devices.
+
+Manufacturers have made significant steps to improve the privacy of devices owners with regard to Wi-Fi tracking. Unfortunately, the problem shifted to Bluetooth devices, creating a more challenging problem to resolve, since more manufacturers are involved compared to improving a couple of operating systems subsystems.
diff --git a/src/content/es/pages/privacy-guides/onion-ssh-hosts-for-login-chaining.md b/src/content/es/pages/privacy-guides/onion-ssh-hosts-for-login-chaining.md
new file mode 100644
index 000000000..05bc1c337
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/onion-ssh-hosts-for-login-chaining.md
@@ -0,0 +1,163 @@
+---
+title: Onion SSH Hosts for Login Chaining
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/onion-ssh-hosts-for-login-chaining/
+section: Misc
+weight: 40
+date: 2016-01-19T10:27:43+00:00
+layout: guides-details
+---
+In [Will a VPN Protect Me? Defining your threat model][1] and [Adversaries and Anonymity Systems: The Basics][2], I discussed threats to anonymity, freedom, privacy and/or security, and how to choose appropriate setups to counter them. The most elaborate setup that I've described involves [nested chains of VPN services and Tor][3]. And that setup relies primarily on Tor for anonymity.
+
+But perhaps that's insufficient. After all, the Tor Project does warn: `This is experimental software. Do not rely on it for strong anonymity.` It's well known that Tor is vulnerable to global adversaries. And there are occasional reports of Tor users and hidden service operators getting busted. However, as far as I know, no stronger anonymity system has yet been implemented at usable scale. So how could one get more stopping power?
+
+I'm reminded of the situation back in the early 90s. Being anonymous on the Internet was nontrivial. There were no VPN services. Tor was a decade away. For email, there were Cypherpunk and Mixmaster anonymous remailers. And one could use them for mail lists and Usenet. But options for anonymous, low-latency Internet activity were extremely limited.
+
+Remote login chaining was just about it. You needed to know several remote hosts, and have a valid username and password for each. The first step was dialup access to one of the remote hosts. If you had a portable computer or laptop, you could call from a payphone, using a modem with an acoustic coupler. Then you would [telnet][4] to another host. And then you would telnet to a third host. And so on. In order to identify you, adversaries would need to trace your path back through the chain.
+
+However, telnet login chaining wasn't such a great approach. Telnet is not secure. There is no host authentication, and no content encryption, so snooping and MitM attacks are trivial. If enough network traffic got logged, the whole telnet chain (all plaintext) could be reconstructed. Since the late 90s, telnet has been superseded by [SSH][5].
+
+That's what happened to [Kevin Mitnick][6], for example. It got him five years in the can. But the [session transcripts][7] are instructive. You can telnet to a series of ports, and relive Kevin's console experience. For example:
+
+    $ telnet kevin-on-demand.takedown.com 4009
+
+This guide takes the concept of remote login chaining, and implements it using anonymously leased VPS that are running onion SSH services. Perhaps one such SSH login could be pwned. But it would arguably be harder to pwn a chain of them. And in any case, it's a fun project.
+
+I recommend working in Whonix, [reaching Tor through a nested VPN chain][3]. You'll need at least two small Linux VPS, leased via Tor using well-anonymized Bitcoin. It's a simple setup, the same for each VPS.
+
+Create a 4096-bit RSA key in the Whonix workstation VM, with a strong passphrase. Then SCP the public key to your first VPS. Now SSH to the VPS. If necessary, add a user account. Set root and user passwords. Create /home/user/authorized_keys, and add the Whonix id_rsa.pub to it. Then edit /etc/ssh/sshd_config. Disable root login and password authentication. If you like, add one or more additional port lines, such as 5222, so that you can run multiple onion SSH services.
+
+Then restart the SSH service, and check that you can login as user from a new terminal window, using the local id_rsa passphrase. Now create a 4096-bit RSA key in the VPS, with a passphrase.
+
+Do apt-get update and dist-upgrade, and reboot. Then SSH to the VPS, and install iptables-persistent and fail2ban. Copy /etc/fail2ban/jail.conf to /etc/fail2ban/jail.local. Edit /etc/iptables/rules.v6, change defaults to `DROP`, and do ip6tables-restore. Restart fail2ban service, and test with `fail2ban-client ping`. The reply should be `pong`.
+
+Now install tor, and edit /etc/tor/torrc:
+
+    SocksPort 127.0.0.1:9050
+    SocksPolicy accept 127.0.0.1/32
+    SocksPolicy reject *
+    VirtualAddrNetwork 10.192.0.0/10
+    AutomapHostsOnResolve 1
+    Log notice file /var/log/tor/notices.log
+    RunAsDaemon 1
+    DataDirectory /var/lib/tor
+    HiddenServiceDir /var/lib/tor/ssh/
+    HiddenServicePort 22 127.0.0.1:22
+
+If you want to run multiple onion SSH services, do something like this:
+
+    ...
+    HiddenServiceDir /var/lib/tor/ssh0/
+    HiddenServicePort 22 127.0.0.1:22
+    HiddenServiceDir /var/lib/tor/ssh1/
+    HiddenServicePort 22 127.0.0.1:5222
+
+Then restart tor service, and check its status. If it's running, get the hidden service credentials:
+
+    $ cat /var/lib/tor/ssh/hostname
+    $ cat /var/lib/tor/ssh/private_key
+
+And for any additional onion SSH services that you've configured. Now SSH to user@hostname. If you get in, close first SSH login. If not, check your work. Once you get in via the onion SSH service, create /etc/iptables/tight-rules.v4:
+
+    *filter
+
+    :INPUT DROP [0:0]
+    :FORWARD DROP [0:0]
+    :OUTPUT ACCEPT [0:0]
+
+    -A INPUT -m state --state INVALID -j DROP
+    -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,ACK -j DROP
+    -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
+    -A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
+    -A INPUT -f -j DROP
+    -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j DROP
+    -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
+
+    -A INPUT -i lo -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT
+    -A INPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT
+    -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
+    -A INPUT -j DROP
+
+    COMMIT
+
+Those rules block all incoming connections, so only SSH via onion service will work. Do iptables-restore from those rules. You should still be connected. If not, rebooting from the hosting control panel will restore the open iptables rules. Once it's working, test:
+
+    $ wget http://ipchicken.com
+    $ cat index.html | less
+
+You should see the VPS IPv4 address. Also test Tor:
+
+    $ rm index.html
+    $ torsocks wget http://check.torproject.org
+    $ cat index.html | less
+
+You should see `Congratulations. This browser is configured to use Tor.`
+
+To prepare for use after reboot, just login via SSH onion, and load the tight iptables rules.
+
+So let's say that you have two of these VPS, host0 and host1, with onion SSH hostnames `host0rpx2zt8vwu1.onion` and `host1cwdrau3qhja.onion`. And let's say that you plan to first SSH to host0, and then from host0 to host1. You'll need to add host0's public RSA key to ~/authorized_keys in host1. First do:
+
+    $ scp user@host0rpx2zt8vwu1.onion:~/.ssh/id_rsa.pub ~/Downloads/host0_id_rsa.pub
+    $ scp ~/Downloads/host0_id_rsa.pub user@host1cwdrau3qhja.onion:~/.ssh/
+
+Then SSH to host1, add the host0 key to ~/authorized_keys, and exit.
+
+Now SSH to host0. Then SSH from host0 to host1. If you hit the Internet directly from host1, sites will see its IP address. You can also use torsocks to hit the Internet from host1 via Tor. You can add additional hops, by SSHing from host1 to host2, and so on. But latency becomes unworkable after about three chained hosts.
+
+OK, so it works. But does it actually increase anonymity? Routing Tor over Tor is generally [not recommended][8]: "Doing so produces undefined and potentially unsafe behavior. In theory, however, you can get six hops instead of three, but it is not guaranteed that you'll get three different hops - you could end up with the same hops, maybe in reverse or mixed order."
+
+The warning about relay overlap with Tor over Tor seems overstated. The [hidden service protocol][9] involves two three-hop circuits. The user's Tor client builds a three-relay circuit to a rendezvous point, and then sends a connection request to one of the hidden service's introduction points. The hidden service's Tor client builds a three-relay circuit to the specified rendezvous point, and the connection is established. There are seven Tor relays in this connection, four picked by the user's client, and three picked by the hidden service's client.
+
+I can't imagine that the user's client and the hidden service's client are sharing any information about circuit building. Given that, I don't get how the hidden service protocol can rigorously avoid relay overlap. And I don't see why routing Tor over Tor is more prone to relay duplication, as long as independent Tor clients are being used.
+
+More instructive is the Tor Project's recommendation against [changing the default three-relay circuit length][10]: "We don't want to encourage people to use paths longer than this — it increases load on the network without (as far as we can tell) providing any more security. Remember that [the best way to attack Tor is to attack the endpoints and ignore the middle of the path][11]".
+
+Tor developers are concerned that attackers can use long circuits to DoS the network. By DoSing honest relays, for example, attackers can direct clients to malicious relays. Relays restrict circuit length to eight relays. But routing Tor via Tor would circumvent that. Doing that is still possible in the current stable version (0.2.7.6). However, exit node to entry connections will apparently [not work][12] in the next release. However, there are no exit nodes involved in chaining onion SSH services, so the change shouldn't be problematic.
+
+But what about those attacks on endpoints? From Tor's [threat model][11]: "In low-latency anonymity systems that use layered encryption, the adversary's typical goal is to observe both the initiator and the responder. By observing both ends, passive attackers can confirm a suspicion that Alice is talking to Bob if the timing and volume patterns of the traffic on the connection are distinct enough; active attackers can induce timing signatures on the traffic to force distinct patterns. Rather than focusing on these traffic confirmation attacks, we aim to prevent traffic analysis attacks, where the adversary uses traffic patterns to learn which points in the network he should attack".
+
+Neither traffic confirmation attacks nor traffic analysis attacks necessarily depend on explicitly learning circuit paths. However, some of the classic deanonymization attacks on users and hidden services do involve their entry guards. Given all that, using hidden services is arguably less likely traceable than simply using websites via Tor, because there are two linked circuits to deanonymize. And chaining two hidden services is arguably even less likely traceable.
+
+Traffic confirmation attacks depend on matching traffic patterns at connection endpoints. And traffic patterns also play a role in traffic analysis to identify those endpoints. So maybe adding jitter to the connection would be useful. Using VPN services on the onion SSH hosts will accomplish that, because all Tor connections will go through the VPN server. Multi-hop VPN services will do a better job of that. VPN services also hide onion SSH hosts from their entry guards, which might end up controlled by adversaries.
+
+Anyway, get a VPN service subscription, and download Linux setup files. Don't use any of the VPN service accounts that you use locally. Purchase via Tor, and pay with thoroughly anonymized Bitcoin. Then SCP zipped linux setup files to host0. SSH to host0, and install openvpn. Edit /etc/default/openvpn and change AUTOSTART to `none`. Unzip and copy the setup files to /etc/openvpn/, and remove read rights for group and other. If you have an openvpn configuration with the extension `.ovpn`, change that to `.conf`. You may need to tweak your openvpn configuration file (let's say `vpnroute.conf`).
+
+However, you can't just start the openvpn service. That's because, once it connects, your SSH connection to this VPS will die. Normally, you could add a route command to the openvpn configuration for the IP address of your management device, to bypass the VPN tunnel. But that isn't workable when you're SSHing via tor, unless you want to specify a particular exit node. Also, the tor process will exit when openvpn starts, so using the SSH onion service won't help.
+
+The solution is to create a shell script that stops tor, waits, starts openvpn, waits, and then starts tor:
+
+    $ nano /etc/openvpn/start-vpn.sh
+      #!/bin/sh
+
+      systemctl stop tor.service
+      sleep 60
+      systemctl start openvpn@vpnroute.service
+      sleep 60
+      systemctl start tor.service
+    $ chmod +x /etc/openvpn/start-vpn.sh
+
+That's not quite enough, though, because your SSH login will die as soon as openvpn connects, and then the script will stop executing. To prevent that, you must have the script ignore the HUP (hangup) signal when the SSH login dies:
+
+    $ nohup /etc/openvpn/start-vpn.sh
+
+Your SSH login will still die when tor stops. But just wait a few minutes, giving openvpn and tor time to reconnect, and then connect to the SSH onion service. If it doesn't work, just reboot the VPS from the hosting control panel. The openvpn service won't restart, so you'll be able to SSH again.
+
+As with the tight iptables rules, you can only connect to the SSH onion service. But in this case, it's because everything is routed through the VPN service. The VPN exit has tight iptables rules, and it doesn't forward SSH back to your VPS.
+
+To setup the VPS for use after reboot, login via the SSH onion service, load tight iptables rules, and run `nohup start-vpn.sh`. Wait a few minutes, and then login via the SSH onion service.
+
+So hey, enjoy your hosts. But do recall that your VPS providers and intervening ISPs may be logging. Remember Kevin! Always use end-to-end encryption for sensitive content, and [be prudent about sites that you're connecting to][13].
+
+ [1]: /privacy-guides/will-a-vpn-protect-me/
+ [2]: /privacy-guides/adversaries-and-anonymity-systems-the-basics/
+ [3]: /privacy-guides/advanced-privacy-and-anonymity-part-8/
+ [4]: https://en.wikipedia.org/wiki/Telnet
+ [5]: https://en.wikipedia.org/wiki/Secure_Shell
+ [6]: https://en.wikipedia.org/wiki/Kevin_Mitnick
+ [7]: https://shinnok.com/rants/2009/01/27/kevin-mitnicks-hacking-telnet-session-transcripts/
+ [8]: https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO#ToroverTor
+ [9]: https://web.archive.org/web/20120505002508/https://www.torproject.org/docs/hidden-services.html.en
+ [10]: https://web.archive.org/web/20141225122111/https://www.torproject.org/docs/faq.html.en#ChoosePathLength
+ [11]: https://svn.torproject.org/svn/projects/design-paper/tor-design.html#subsec:threat-model
+ [12]: https://trac.torproject.org/projects/tor/ticket/2667
+ [13]: https://www.whonix.org/wiki/DoNot
diff --git a/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-1.md b/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-1.md
new file mode 100644
index 000000000..ad0cb46d5
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-1.md
@@ -0,0 +1,85 @@
+---
+title: 'Online Privacy Through OPSEC and Compartmentalization: Part 1'
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-1/
+section: Advanced
+weight: 90
+articles: [
+  {
+    title: "Online Privacy Through OPSEC and Compartmentalization: Part 2",
+    url: "/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-2/"
+  },
+  {
+    title: "Online Privacy Through OPSEC and Compartmentalization: Part 3",
+    url: "/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3/"
+  },
+  {
+    title: "Online Privacy Through OPSEC and Compartmentalization: Part 4",
+    url: "/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4/"
+  }
+]
+date: 2017-08-04T12:31:51+00:00
+layout: guides-details
+---
+![On the Internet, Nobody Knows You're a Dog](/images-static/uploads/nobodyknowsyouradog.jpg)
+
+Privacy and anonymity on the Internet are perennial clickbait topics. At least, that's been the case since some of the [Eternal September][1] crowd figured out that ['On the Internet, nobody knows you're a dog.'][2] might be an _unrealistic_ expectation. We've seen the warnings: ['You have zero privacy.'][3] [1999]; [Google's 'Broken Privacy Promise'][4] [2016]; ['confronting the end of privacy'][5] [2017]; ['privacy is dead'][6] [2017]; and ['technology can't fix it'][7] [2017]; ['Privacy as We Know It Is Dead'][8] [2017]. There was Eric Schmidt's classic rationalization, ['If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place.'][9] [2009]. And recently, there's been hand wringing about ['anonymous harassment'][10] [2015] and how ['anonymity makes people mean'][11] [2015]. For a more nuanced discussion of online ethics, see ['Social Networking and Ethics'][12] [2012/2015]. In any case, leaving aside argument about whether online anonymity is "good" or "bad", there's no doubt that it can be a [prudent and effective strategy][13] [2017]. And in any case, there's nothing new here. These were contentious issues [in the 1780s][14], during public debate on ratification of the US Constitution. But hey, articles in _The Economist_ are still published [anonymously][15]: 
+
+> The main reason for anonymity, however, is a belief that what is written is more important than who writes it.
+
+## Why Mass De-anonymization Is Far Likelier Than You Might Expect
+
+I've written a lot about online privacy and anonymity. Lately, however, I've focused primarily on matters of technical implementation. But a [recent article][16] about mass de-anonymization has moved me to write more about strategy and tactics. The article is based on a paper by [Jessica Su and coworkers][17] about de-anonymizing users by correlating their social media participation and browsing history. That's too perfect a teaching opportunity to pass up. Anyway, the abstract begins:
+
+> Can online trackers and network adversaries de-anonymize web browsing data readily available to them? We show—theoretically, via simulation, and through experiments on real user data—that de-identified web browsing histories can be linked to social media profiles using only publicly available data.
+
+Web browsing histories are collected by ISPs, the online advertising industry, at least some anti-malware firms, and various TLAs. So everyone online is vulnerable to multiple adversaries, who may collude, and leverage complementary data.
+
+> Our approach is based on a simple observation: each person has a distinctive social network, and thus the set of links appearing in one's feed is unique. Assuming users visit links in their feed with higher probability than a random user, browsing histories contain tell-tale marks of identity. We formalize this intuition by specifying a model of web browsing behavior and then deriving the maximum likelihood estimate of a user's social profile.
+
+OK, but this assumes that people are naive. Using one's real name online, with just one social network, is an obvious vulnerability. And it's one that's easily fixable, as I explain below. Basically, you just replace `user`/`person` with `persona`, use as many of them as you like, and make sure that they're not associated with each other.
+
+> We evaluate this strategy on simulated browsing histories, and show that given a history with 30 links originating from Twitter, we can deduce the corresponding Twitter profile more than 50% of the time.
+
+Impressive. So much for the dismissal that [browsing history isn't `sensitive information'][18] [2017]. But even so, each user could have several online identities aka personas. Each persona would have its own Twitter account, its own social network, its own set of interests, and so on. And each persona would access the Internet in a different way, using various VPN services, Tor, and combinations thereof. So each persona would have its own browsing history, potentially unrelated to the others.
+
+> To gauge the real-world effectiveness of this approach, we recruited nearly 400 people to donate their web browsing histories, and we were able to correctly identify more than 70% of them.
+
+Impressive, indeed. But again, these were naive subjects. I can't imagine that they were warned, and given the opportunity to be deceptive.
+
+> We further show that several online trackers are embedded on sufficiently many websites to carry out this attack with high accuracy. Our theoretical contribution applies to any type of transactional data and is robust to noisy observations, generalizing a wide range of previous de-anonymization attacks.
+
+That is problematic, for sure. ISPs also collect and sell browsing history. Some anti-malware firms may do so, as well. And then we have various TLAs, which likely collect whatever they can, however they can, and from wherever they can.
+
+In the paper's introduction, Su and coworkers note:
+
+> In this paper we show that browsing histories can be linked to social media profiles such as Twitter, Facebook, or Reddit accounts. We begin by observing that most users subscribe to a distinctive set of other users on a service. Since users are more likely to click on links posted by accounts that they follow, these distinctive patterns persist in their browsing history. An adversary can thus de-anonymize a given browsing history by finding the social media profile whose `feed` shares the history's idiosyncratic characteristics.
+
+That's arguably not very surprising. It's just what people do. Or at least, that's what naive people do. And then they point out:
+
+> Of course, not revealing one's real-world identity on social media profiles also makes it harder for the adversary to identify the user, even if the linking is successful. Nascent projects such as Contextual Identity containers for Firefox help users more easily manage their identity online [5]. None of these solutions is perfect; ultimately, protecting anonymity online requires vigilance and awareness of potential attacks.
+
+![Fight Club (Brad Pitt and Edward Norton)](/images-static/uploads/fight-club.jpg)
+
+![Compartmentalization: Isolation of Military Aircraft Using Blast Walls aka Revetments](/images-static/uploads/revetment.jpg)
+
+That's excellent advice, for sure. But pseudonymity alone is a fragile defense. Once one has been de-anonymized in any context, everything is de-anonymized, because it's all tied together. There is no forward security. Far more robust is to fragment and compartmentalize one's online activity across multiple unlinked personas. With effective compartmentalization, damage is isolated and limited. And overall, it's essential to implement and practice strong Operations Security (OPSEC). But first, before getting into specifics, it's instructive to consider some examples, showing how easily and spectacularly online anonymity can fail.
+
+ [1]: http://knowyourmeme.com/memes/eternal-september
+ [2]: http://knowyourmeme.com/memes/on-the-internet-nobody-knows-youre-a-dog
+ [3]: https://archive.wired.com/politics/law/news/1999/01/17538
+ [4]: https://psmag.com/googles-broken-privacy-promise-d3e2d8bec77e
+ [5]: https://www.wsj.com/articles/confronting-the-end-of-privacy-1485906859
+ [6]: http://tech.firstpost.com/news-analysis/privacy-is-dead-stop-whining-and-get-some-real-work-done-357090.html
+ [7]: https://www.theguardian.com/commentisfree/2017/jan/13/the-guardian-view-on-internet-privacy-technology-cant-fix-it
+ [8]: https://www.forbes.com/sites/robertvamosi/2017/05/02/dan-geer-privacy-as-we-know-it-is-dead
+ [9]: https://www.eff.org/deeplinks/2009/12/google-ceo-eric-schmidt-dismisses-privacy
+ [10]: http://www.chronicle.com/article/Women-s-Groups-Urge-Colleges/233864
+ [11]: https://www.wired.com/2015/04/secret-shuts-down/
+ [12]: https://plato.stanford.edu/entries/ethics-social-networking/
+ [13]: http://scholar.uwindsor.ca/cgi/viewcontent.cgi?article=1006&context=csspe
+ [14]: http://www.learnliberty.org/blog/anonymity-and-doxing-in-the-1787-ratification-debates/
+ [15]: https://medium.economist.com/why-are-the-economists-writers-anonymous-8f573745631d
+ [16]: https://www.theatlantic.com/technology/archive/2017/02/browsing-history-identity/515763/
+ [17]: http://randomwalker.info/publications/browsing-history-deanonymization.pdf
+ [18]: http://www.theverge.com/2017/3/20/14985328/internet-providers-web-browsing-history-fcc-privacy-rules
\ No newline at end of file
diff --git a/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-2.md b/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-2.md
new file mode 100644
index 000000000..e3a561ee1
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-2.md
@@ -0,0 +1,179 @@
+---
+title: 'Online Privacy Through OPSEC and Compartmentalization: Part 2'
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-2/
+section: Advanced
+weight: 100
+articles: [
+  {
+    title: "Online Privacy Through OPSEC and Compartmentalization: Part 3",
+    url: "/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3/"
+  },
+  {
+    title: "Online Privacy Through OPSEC and Compartmentalization: Part 4",
+    url: "/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4/"
+  }
+]
+date: 2017-09-05T11:59:19+00:00
+layout: guides-details
+---
+## Examples: How Easily and Spectacularly Online Anonymity Can Fail
+
+To illustrate how online anonymity can [fail][1], I have researched several examples. The mistakes made provide useful context for the discussion and recommendations that follow. The examples all involve criminal prosecutions, because that's what generally gets reported. Proceedings in many jurisdictions are largely public, and crime reporting is always popular. Anonymity failure _per se_ isn't newsworthy, and information may be suppressed. Even so, public data about criminal prosecutions may be misleading. Some evidence is typically under protective order. Also, investigators may have employed [parallel construction][2] to protect sources and methods that are sensitive or illegal. Such evidence is not even presented to courts, but merely exploited to obtain usable evidence. But what we have is what we have. Finally, hindsight is of course 20/20, and I intend no disrespect to anyone involved in these examples.
+
+### Example #1: Silk Road
+
+Consider how FBI investigators identified Ross Ulbricht as Silk Road's founder, later known as Dread Pirate Roberts. As explained in the [FBI complaint][3], he had promoted Silk Road on the [Shroomery Message Board][4] and [Bitcoin Forum][5] in January 2011, using the handle `altoid`. Silk Road had never before been mentioned on either site. The posts are still there, so you can follow the path yourself. In [Google Advanced Search][6], specify the exact phrase `silk road` and the site `bitcointalk.org`. Execute the search. Then click `Tools`, and look at custom date ranges around 2011, when Silk Road opened for business. For the range 7/1/2010-12/31/2010, the first result is [`A Heroin Store - Bitcointalk.org`][5]. Search the page for `silk road`, and you see [this post][7] from ShadowOfHarbringer, quoting altoid:
+
+> Has anyone seen Silk Road yet? It's kind of like an anonymous amazon.com. I don't think they have heroin on there, but they are selling other stuff. They basically use bitcoin and tor to broker anonymous transactions. It's at http://tydgccykixpbu6uz.onion. Those not familiar with Tor can go to silkroad420.wordpress.com for instructions on how to access the .onion site.
+
+Someone (presumably altoid) has deleted the actual post. Just quotes by ShadowOfHarbringer, sirius and FatherMcGruder remain. I'll say more about that, later. Here's a diagrammatic representation of the search process:
+
+![Venn diagram about finding altoid](/images-static/uploads/Venn-bitcointalk.org-Silk-Road.png)
+
+That alone wasn't a fatal error. I mean, who is altoid? But now look at [what else][8] altoid posted on Bitcoin Forum. In particular, look at his [last post][9], dated 11 October 2011: "I'm looking for the best and brightest IT pro in the bitcoin community to be the lead developer in a venture backed bitcoin startup company. ... If interested, please send your answers to the following questions to rossulbricht at gmail dot com". Whoops. Now the FBI had a link from Silk Road to Ross Ulbricht.
+
+![posts by altoid to bitcointalk.org](/images-static/uploads/altoid-posts.png)
+
+So how does someone accidentally link their meatspace email address to the development of Silk Road, a `Heroin Store`? I have no clue. Perhaps relevant is the fact that he registered the new account [`silkroad`][10] on 28 February 2011. He subsequently used the `silkroad` account for [Silk Road][11] matters, and the `altoid` account for general Bitcoin ones. I'm guessing that it was sometime in Spring 2011 that he deleted his post about Silk Road in the `altoid` account. But somehow, he didn't notice that others had quoted it. The `silkroad` account was last active on 25 August 2011, about six weeks before the fateful `IT pro` post by the `altoid` account. Maybe he just forgot which account had posted what.
+
+The timeline of the FBI investigation isn't clear from the [complaint][3], but another key win was finding the server. That was far too easy. Agents testified that the server [leaked it's actual IP address][12], bypassing Tor. It seems that they read about the leak on [reddit][13]. They don't say exactly how they forced the leak, but I suspect that it involved a web server misconfiguration like [this][14]. At the FBI's request, Reykjavik police provided access to the server. And the FBI imaged the disk.
+
+That was a seriously boneheaded mistake. I mean, it was clear by 2012 that Tor onion servers should not have public IP addresses. I recall seeing a guide about that in 2010-2011, either on The Hidden Wiki or Freedom Hosting. But anyway, bad as it was for the FBI to have that data, how did they figure out that Dread Pirate Roberts was Ross Ulbricht? Other than the altoid screwup, I mean. Well, the [complaint][3] alleges that the server's ~/.ssh/authorized_keys file contained a public SSH key with user `frosty@frosty`. So apparently, the FBI googled for stuff like `frosty tor`. And bam, they found [this 2013-03-16 post by frosty on Stack Overflow][15]. That's still on the first results page. Also, the PHP code in that question is reportedly similar to what FBI investigators found on the server. And being the FBI, it wasn't hard for them to learn that Ross Ulbricht owned the account (with email `frosty@frosty.com`). Now they had <u>two independent links</u> from Silk Road to Ross Ulbricht.
+
+And there was a third link. Ross had apparently ordered fake IDs from Silk Road. But DHS opened the package, and dropped by to [question him][16]. He denied responsibility, and noted that anyone could have bought the fake IDs on Silk Road, and had them sent to him. That seems reasonable, no? I mean, a Ukrainian hacker did have heroin sent to [Brian Krebs][17], and then had him swatted. But whatever. `Silk Road` went into the DHS agent's report, and that eventually came back to bite Ross.
+
+OK, so promoting your illegal darkweb site online is fine. And asking questions online about that site is also fine. But you want to be as anonymous as possible when you're doing that stuff. And posting your meatspace Gmail address, or using a forum account registered with that address, is <u>not</u> anonymous. Ross was also [careless][18] in other ways about linking Silk Road to himself. If he had <u>always</u> worked through Tor (or better, hit Tor through a [nested VPN chain][19]) and had used pseudonyms to register with Stack Overflow and Bitcoin Forum, he might be a free man today. If you want to read more about Ross Ulbricht, [the grugq][20] has published a comprehensive (albeit dated) analysis. There are also decent articles in [Wired][13] and [Motherboard][21], and [Gwern's analysis][22].
+
+But wait. There's another level of pwnage to explore. Maybe it's simplistic to say that Ross Ulbricht **is** Dread Pirate Roberts (DPR). His attorneys argued that he was [just a pawn][23], and that the real Dread Pirate Roberts was his mentor [Variety Jones aka Cimon][24]. For example, they presented evidence that [someone was accessing][25] the DPR account on the Silk Road forum for six weeks after Ross Ulbricht had been taken into custody. Plus voluminous chat logs between Ross Ulbricht, Variety Jones and others. It's an interesting story, full of [intrigue and drama][26], involving rogue FBI agents and so on. But here's the relevant lesson: according to the complaint, Roger Thomas Clark was [identified][27] as Variety Jones "through an image of his passport stored on Ulbricht's computer". That is, "the Silk Road administrator insisted on his employees revealing their identities to him, though he promised to keep the copies of their identifying documents encrypted on his hard drive." So maybe Variety Jones wasn't a perfect mentor, notwithstanding his vision of a private digital economy. Still, he's for sure [no pushover][28].
+
+If you're interested in reading Variety Jones' stuff from Silk Road Forums, the archives are [here][29], and in more usable form, [here][30]. I gather that there's also a lot in the chat logs that Ross Ulbricht retained. But I haven't found a coherent standalone collection. For background, see Andrew Goldman's [`The Common Economic Protocols`][31] and [`Toward A Private Digital Economy`][32].
+
+### Example #2: KickassTorrents
+
+Consider [KickassTorrents][33]. Artem Vaulin registered one of the associated domains (kickasstorrents.biz) <u>using his real name</u>. That's basically the same error that Ross Ulbricht made with Stack Overflow, but it's far more egregious here, because of the direct association. Also, logs from Apple and Facebook linked his personal Apple email address to the site's Facebook page. That was another failure to compartmentalize his real identity from his illegal enterprise. But for those mistakes, KickassTorrents would likely be serving its users, and we would have likely never heard of Artem Vaulin.
+
+### Example #3: The Love Zone
+
+Failure to compartmentalize also brought down [The Love Zone][34] and many of its users. Admin Shannon McCoole (skee) reportedly began his posts with the unusual greeting `Hiyas` (perhaps from Tagalog). That's strange, but so what? Well, it seems that investigators unoriginally googled for `skee hiyas`, and found posts on various online forums by similarly named users, who used the same unusual greeting. On one of those forums, such a user had sought information about 4WD lift kits. So investigators then restricted their searches with suggested SKUs. And that led them to his Facebook page, where he had bragged about his vehicle. There, they also learned that he worked as a nanny. Busted.
+
+OK, so it's outstanding that they tracked him down. But even better, his mistakes are instructive. It's much like the compartmentalization failure that pwned Ross Ulbricht. That is, Shannon McCoole linked his pedophile and meatspace personas through two factors: 1) similar usernames; and 2) unusual greeting. However, he apparently did successfully obscure his site's IP address. So arguably, if he had used a distinct username and style (at least, a different greeting) on each online forum, he could have avoided arrest.
+
+### Example #4: Sabu de LulzSec
+
+Sabu's downfall clearly illustrates the roles of intentionality, trust and time. Sabu (Hector Xavier Monsegur) was born in 1983, and started hacking in his [early teens][35]. He reportedly hung out on EFnet IRC chat servers. Like most n00bs, was careless. At least once, he apparently [made the mistake][36] of logging in without obscuring his ISP-assigned IP address. And someone, perhaps the admin, was [retaining chat logs][37]. That's to be expected. But based on those logs, they could link his various IRC nicknames, over time.
+
+Years later, Sabu became famous through LulzSec. I gather that he was playing elite hacker to a crowd of script kiddies. That apparently offended some of his old [EFnet associates][38]. Plus the fact that LulzSec was causing trouble for them, professionally. And so they considered him a jerk, and eventually doxxed him.
+
+Before researching this, based on casual reading, I had assumed that Hector had just been careless about OPSEC. But no, it's not that Hector the LulzSec star was careless. It's that Hector had been careless, many years before, when he was just a kid, playing at being a hacker. And that mattered, years later, because old associates could link his past personas back to the present. Still, he could have been more mindful of that risk, and so compartmentalized his personas more carefully across time. I mean, this guy had been hacking stuff for well over a decade!
+
+![Aval0n logs about Sabu](/images-static/uploads/Aval0n-Logs.png)
+
+### Example #5: Sheep Marketplace
+
+It's arguable whether Tomáš Jiříkovský operated Sheep Marketplace, or merely provided hosting for the VPS that it ran on. But it's pretty clear that he stole 96000 BTC from it, and then [pwned himself][39] when he cashed out. The story is instructive, and it illustrates how pride and greed can lead to stupidity and pwnage. [Sheep Marketplace][40] was created in March 2013. It grew modestly after Silk Road was pwned in October 2013. But before long, Tomáš had been [doxxed][41] as the alleged owner. [Gwern Branwen][42] [bet][43] that Sheep Marketplace would be dead within the year. In a later paste, Gwern [alleged][44] that someone had alerted the FBI that Tomáš had complained on sheepmarketplace.com in 2013 `about the problems of running a Bitcoin-using hidden service`. ~~Also see [this paste][45], perhaps from Gwern's source.~~ Anyway, Sheep Marketplace had started as a clearnet site, and then migrated quite obviously to Tor. And it was dead in far less than a year. Sheep Marketplace [shut down][46] less than two months later, on 03 December 2013, after claims of hacking and Bitcoin theft. But it's more than a little suspicious that the Bitcoin price jumped from $200 to $1000 during November 2013. If one had been planning to take the money and run, that was arguably a good time.
+
+In a vain attempt to recover lost Bitcoins, or at least to identify the thief, some redditors [tracked suspicious Bitcoin][47] through the [blockchain][48]. Although the thief apparently [used Bitcoin Fog][49] for obfuscation, 96000 Bitcoin predictably overwhelmed the mixer. So the stolen Bitcoin was traced to a wallet owned by BTC-e, a digital currency exchange. But there, the trail went dead. The BTC-e wallet identified by redditors was used generally in BTC-e operations. So it seemed likely that the thief had already cashed out. However, in contrast to the Bitcoin blockchain, BTC-e's financial operations are [anything but public][50]. And now, the US has [taken it down, and arrested one Alexander Vinnik][51]. Allegations include money laundering and facilitation of criminal activity, such as ransomware and theft from Mt Gox. But maybe BTC-e [isn't yet entirely dead][52].
+
+Anyway, in an [08 December interview][53] in the Czech Republic's major newspaper, Tomáš disavowed any role in Sheep Marketplace. However, by January 2014, Tomáš had been [arrested][39]:
+
+> Last year in January, a new bank account of 26-years old Eva Bartošová had a payment, that made Air Bank (Czech Bank) safety controls flash (an idiom). Almost 900 thousand Crowns from a foreign company that exchanges virtual bitcoins into real money.
+
+> The young woman could not credibly explain to the bank officers the source of the money. Only additional investigation revealed that millions already went using this road. And that behind it was a certain Tomáš Jiřikovský, that was connected by amateur internet investigators with stealing money from web marketplace Sheep Marketplace, where people traded in large numbers with the bitcoin currecy. The damage was described by the operators of the marketplace as more than 100 million.
+
+> ...
+
+> The officers of Ministry of Finance's Financial Analytical Office, that are detecting suspicious transactions, mapped how the Jiřikovský's money travelled. They first left from the abroad company Bitstamp Limited, that is selling and buying bitcoins. The millions then arrived with several transactions either on the account of Jiřikovský and Bartošová, or on the account of the real estate company and the lawyer that worked on the house sale. Part of the money went to the original owner of the house, another part of the money went on her bank as one-time payment of a mortgage.
+
+I'm guessing that Tomáš must have somehow transferred the money from BTC-e to Bitstamp. It didn't help, however. Overall, this was a mind-boggling fail.
+
+### Example #6: Operation Onymous
+
+In November 2014, hundreds of onion sites went down in [Operation Onymous][54], an international effort involving the FBI and Europol. One of them was [Silk Road 2.0][55] aka SR2. The scale of the operation was astounding. Nik Cubrilovic [speculated][56] that investigators had 'simply vacuumed up a large number of onion websites by targeting specific hosting companies.' But those who followed Tor carefully suspected a different sort of vacuuming. In July 2014, CMU researchers had canceled a [Black Hat talk][57] about 'how hundreds of thousands of Tor clients, along with thousands of hidden services, could be de-anonymised within a couple of months.'. And a few days later, Roger Dingledine had [posted][58] about a 'relay early' traffic confirmation attack which had occurred in recent months: 'So in summary, when Tor clients contacted an attacking relay in its role as a Hidden Service Directory to publish or retrieve a hidden service descriptor (steps 2 and 3 on the hidden service protocol diagrams), that relay would send the hidden service name (encoded as a pattern of relay and relay-early cells) back down the circuit. Other attacking relays, when they get chosen for the first hop of a circuit, would look for inbound relay-early cells (since nobody else sends them) and would thus learn which clients requested information about a hidden service.' Yes, vacuuming.
+
+Those suspicions were confirmed in January 2015, after SR2 admin Brian Farrell was [arrested][59]. The [affidavit][60] stated: 'From January 2014 to July 2014, a FBI NY Source of Information (SOI) provided reliable IP addresses for TOR and hidden services such as SR2...'. And a year later, CMU's role was [confirmed][61]: "The record demonstrates that the defendant's IP address was identified by the Software Engineering Institute ('SEI') of Carnegie Mellon University (CMU) [_sic_] when SEI was conducting research on the Tor network which was funded by the Department of Defense ('DOD')." So how did the FBI know about results of DoD-funded research by CMU? The FBI says: "For that specific question, I would ask them [Carnegie Mellon University]. If that information will be released at all, it will probably be released from them." Perhaps this was a failed attempt at [parallel construction][2].
+
+### Example #7: AlphaBay
+
+This is an especially sad example. AlphaBay became one of the largest third-generation dark markets after Silk Road got pwned. For about two years. Until the US took it down in July 2017, and arrested suspected co-founder Alexandre Cazes. As with my other examples, he had allegedly made a [stupid mistake][62]. He allegedly "included his personal email address in one of the site's welcome messages". I'm not sure which is more surprising, that he did that, or that it took investigators that long to find the clue. But the saddest part is that he reportedly [killed himself][63] after being arrested.
+
+### Example #8: Brian Krebs' Blog
+
+No, [Brian Krebs][64] has **not** been pwned for something delicious. But doxxing 'cybercriminals' **is** one of his perennially popular topics. And you will find [many examples][65] of compartmentalization failure. Such as these:
+
+  * [Who Is the Antidetect Author?][66]
+  * [Who Hacked Ashley Madison?][67]
+  * [Who is Anna-Senpai, the Mirai Worm Author?][68]
+  * [Who Ran Leakedsource.com?][69]
+  * [Four Men Charged With Hacking 500M Yahoo Accounts][70]
+
+ [1]: https://www.schneier.com/tag/de-anonymization/
+ [2]: https://www.reuters.com/article/us-dea-sod-idUSBRE97409R20130805
+ [3]: https://www.documentcloud.org/documents/801103-172770276-ulbricht-criminal-complaint.html
+ [4]: https://www.shroomery.org/forums/showflat.php/Number/13860995
+ [5]: https://bitcointalk.org/index.php?topic=175.70
+ [6]: https://www.google.com/advanced_search
+ [7]: https://bitcointalk.org/index.php?topic=175.msg42670#msg42670
+ [8]: https://bitcointalk.org/index.php?action=profile;u=3905;sa=showPosts;start=0
+ [9]: https://bitcointalk.org/index.php?topic=47811.msg568744#msg568744
+ [10]: https://bitcointalk.org/index.php?action=profile;u=5341
+ [11]: https://bitcointalk.org/index.php?action=profile;u=5341;sa=showPosts
+ [12]: https://www.wired.com/2014/09/the-fbi-finally-says-how-it-legally-pinpointed-silk-roads-server/
+ [13]: https://www.wired.com/2015/05/silk-road-untold-story/
+ [14]: https://thehackernews.com/2016/02/apache-tor-service-unmask.html
+ [15]: https://stackoverflow.com/questions/15445285/how-can-i-connect-to-a-tor-hidden-service-using-curl-in-php
+ [16]: https://arstechnica.com/tech-policy/2013/10/how-the-feds-took-down-the-dread-pirate-roberts/
+ [17]: https://www.vice.com/en_us/article/i-interviewed-the-fraudster-who-frames-people-for-heroin-possession
+ [18]: https://www.theguardian.com/technology/2013/oct/03/five-stupid-things-dread-pirate-roberts-did-to-get-arrested
+ [19]: /privacy-guides/advanced-privacy-and-anonymity-part-1/
+ [20]: https://grugq.github.io/blog/2013/10/09/it-was-dpr/
+ [21]: https://motherboard.vice.com/en_us/article/the-five-hidden-service-commandments
+ [22]: https://www.gwern.net/Silk%20Road
+ [23]: https://www.wired.com/2015/02/ross-ulbricht-didnt-create-silk-roads-dread-pirate-roberts-guy/
+ [24]: https://motherboard.vice.com/en_us/article/these-are-the-two-forgotten-architects-of-the-silk-road
+ [25]: https://motherboard.vice.com/en_us/article/someone-accessed-dread-pirate-roberts-silk-road-operators-account-while-ross-ulbricht-was-in-jail
+ [26]: https://motherboard.vice.com/en_us/article/variety-jones-a-corrupt-fbi-agent-is-hunting-me-so-im-turning-myself-in
+ [27]: https://www.wired.com/2015/12/variety-jones-alleged-silk-road-mentor-arrested-in-thailand/
+ [28]: https://arstechnica.com/tech-policy/2016/09/exclusive-our-thai-prison-interview-with-an-alleged-top-advisor-to-silk-road/
+ [29]: https://archive.org/download/dnmarchives
+ [30]: https://antilop.cc/sr/
+ [31]: https://www.anarplex.net/hosted/files/TheCommonEconomicProtocols.pdf
+ [32]: https://www.anarplex.net/hosted/files/Toward_A_Private_Digital_Economy/
+ [33]: https://www.engadget.com/2016/07/21/kickasstorrents-apple-facebook-homeland-security/
+ [34]: https://www.theguardian.com/society/2016/jul/13/shining-a-light-on-the-dark-web-how-the-police-ended-up-running-a-paedophile-site
+ [35]: https://web.archive.org/web/20201114055349/https://kernelmag.dailydot.com/issue-sections/headline-story/13945/sabu-hector-monsegur-interview/
+ [36]: https://www.theregister.co.uk/2012/03/07/lulzsec_takedown_analysis/
+ [37]: https://sites.google.com/site/avalonlogsefnet/
+ [38]: https://arstechnica.com/tech-policy/2012/03/doxed-how-sabu-was-outed-by-former-anons-long-before-his-arrest/
+ [39]: https://web.archive.org/web/20170621171706/https://www.deepdotweb.com/2015/03/27/breaking-sheep-marketplace-owner-arrested/
+ [40]: https://en.wikipedia.org/wiki/Sheep_Marketplace
+ [41]: https://www.reddit.com/r/SheepMarketplace/comments/1nsmzx/a_friendly_warning_sheepmarketplacecoms_owner/
+ [42]: https://www.gwern.net/index
+ [43]: https://www.reddit.com/r/SilkRoad/comments/1pko9y/the_bet_bmr_and_sheep_to_die_in_a_year/
+ [44]: https://web.archive.org/web/20161020000638/http://pastebin.com/raw/9spTATw6
+ [45]: http://pastebin.com/raw/ZFS1Jdmn
+ [46]: https://www.theguardian.com/technology/2013/dec/03/online-drugs-marketplace-shut-down-bitcoin-hack-sheep
+ [47]: https://www.theguardian.com/technology/2013/dec/09/recovering-stolen-bitcoin-sheep-marketplace-trading-digital-currency-money
+ [48]: https://www.reddit.com/r/SheepMarketplace/comments/1t0ueq/sheep_marketplace_scam_scheme_figured_out_scammer/
+ [49]: https://www.reddit.com/r/SheepMarketplace/comments/1rvlft/i_just_chased_him_through_a_bitcoin_tumbler_and/
+ [50]: https://web.archive.org/web/20180925093132/http://invezz.com/analysis/forex/147-btc-e-anonymity-reigns-at-worlds-second-largest-bitcoin-exchange
+ [51]: https://www.theverge.com/2017/7/29/16060344/btce-bitcoin-exchange-takedown-mt-gox-theft-law-enforcement
+ [52]: https://www.coindesk.com/troubled-btc-e-exchange-claims-control-of-databases-and-bitcoin-wallets/
+ [53]: http://byznys.lidovky.cz/obral-drogove-dealery-o-miliony-cech-jsem-nevinny-brani-se-programator-1md-/firmy-trhy.aspx?c=A131206_112108_firmy-trhy_mev
+ [54]: https://motherboard.vice.com/en_us/article/the-fbis-deep-web-raid-seized-a-bunch-of-fake-sites
+ [55]: https://motherboard.vice.com/en_us/article/silk-road-2-has-been-seized-by-the-fbi
+ [56]: https://web.archive.org/web/20150330194839/https://www.nikcub.com/posts/onymous-part1/
+ [57]: https://www.theregister.co.uk/2014/07/22/legal_wrecking_balls_break_budget_tor_popping_talk/
+ [58]: https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack
+ [59]: https://arstechnica.com/tech-policy/2015/01/alleged-right-hand-man-to-silk-road-2-0-leader-arrested-in-seattle/
+ [60]: https://arstechnica.com/tech-policy/2015/01/did-feds-mount-a-sustained-attack-on-tor-to-decloak-crime-suspects/
+ [61]: https://motherboard.vice.com/en_us/article/carnegie-mellon-university-attacked-tor-was-subpoenaed-by-feds
+ [62]: https://motherboard.vice.com/en_us/article/8xa7mz/europol-head-tells-us-about-its-dark-web-market-sting
+ [63]: http://www.brisbanetimes.com.au/world/alphabay-suspected-cofounder-alexandre-cazes-found-dead-in-thai-jail-20170715-gxburv.html
+ [64]: https://krebsonsecurity.com/
+ [65]: https://krebsonsecurity.com/category/breadcrumbs/
+ [66]: https://krebsonsecurity.com/2015/03/who-is-the-antidetect-author/
+ [67]: https://krebsonsecurity.com/2015/08/who-hacked-ashley-madison/
+ [68]: https://krebsonsecurity.com/2017/01/who-is-anna-senpai-the-mirai-worm-author/
+ [69]: https://krebsonsecurity.com/2017/02/who-ran-leakedsource-com/
+ [70]: https://krebsonsecurity.com/2017/03/four-men-charged-with-hacking-500m-yahoo-accounts/
diff --git a/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3.md b/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3.md
new file mode 100644
index 000000000..5018d60c9
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3.md
@@ -0,0 +1,199 @@
+---
+title: 'Online Privacy Through OPSEC and Compartmentalization: Part 3'
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3/
+section: Advanced
+weight: 110
+articles: [
+  {
+    title: "Online Privacy Through OPSEC and Compartmentalization: Part 4",
+    url: "/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4/"
+  }
+]
+date: 2017-09-05T11:59:24+00:00
+layout: guides-details
+---
+## Online Privacy Through OPSEC with Compartmentalization Among Multiple Personas
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/OPSEC-Cycle05_01-light.png"
+        srcset="/images-static/uploads/OPSEC-Cycle05_01-light.png 1x, /images-static/uploads/OPSEC-Cycle05_01-light@2x.png 2x"
+        alt="The OPSEC Cycle" />
+    <img class="features__image--dark" src="/images-static/uploads/OPSEC-Cycle05_01-dark.png"
+        srcset="/images-static/uploads/OPSEC-Cycle05_01-dark.png 1x, /images-static/uploads/OPSEC-Cycle05_01-dark@2x.png 2x"
+        alt="The OPSEC Cycle" />
+</figure>
+{{< / raw-html >}}
+
+Common themes in these examples are poor planning, wishful thinking, and carelessness. Given the advantage of hindsight, it's clear that these people were not paying enough attention. They weren't planning ahead, and thinking things through. That is, their Operations Security (OPSEC) was horrible. Basically, OPSEC is just common sense. But it's common sense that's organized into a structured process. An authoritative source is arguably the [DoD Operations Security (OPSEC) Program Manual][1]. OPSEC Professionals also has a [slide deck][2], which is comprehensive and well-presented, but somewhat campy. It points out that the OPSEC "5-Step Process" is more accurately described as a continuous cycle of identification [of information that must be secured], analysis [of threats, vulnerabilities and risks] and remediation. That is, OPSEC is a way of being. For a hacker perspective, I recommend the grugq's classic [OPSEC for hackers][3]. Also great are follow-on interviews in [Blogs of War][4] and [Privacy PC][5].
+
+Another great source is [73 Rules of Spycraft][6] by Allen Dulles. Also see the original article about them by James Srodes, from the [Intelligencer][8]. Allen Dulles played a key intelligence role against Germany during WWII, and then in the Cold War, as the first civilian Director of Central Intelligence. He's rather controversial, especially regarding his role in the Bay of Pigs fiasco, and perhaps the JFK assassination. David Talbot wrote a biography, *The Devil's Chessboard*. And later [opined][10]: "I think that you can make a case, although I didn't explicitly say this in the book, for Allen Dulles being a psychopath." The CIA [predictably disagreed][11], albeit rather politely. But noted progressive Joseph Palermo [fundamentally agreed][12] with Talbot's assessment: "The Devil's Chessboard is quite simply the best single volume I've come across that details the morally bankrupt and cynical rise of an activist intelligence apparatus in this country that was not only capable of intervening clandestinely in the internal affairs of other nations but domestically too." Be that as it may, Allen Dulles had some excellent insights about OPSEC. At least, if you ignore the parts about managing human "assets".
+
+### Identification of Critical Information, Analysis of Threats, and Identification of Vulnerabilities
+
+The first step is the identification of information that must be secured. See the [DoD OPSEC manual][1] at p. 12. For our purposes, critical information fundamentally comprises one's meatspace identity and location. Also critical are public indicators associated with them. For example, consider Ross Ulbricht. FBI investigators pieced together his posts as altoid on Bitcoin Forum to associate Silk Road with <rossulbricht@gmail.com>. They also pieced together frosty@frosty's SSH key on the Silk Road server with the frosty <frosty@frosty.com> account on Stack Overflow, which he had initially registered as Ross Ulbricht. That is, the indicators were `altoid` and `frosty`. Or consider Shannon McCoole. Investigators pieced together posts on The Love Zone and 4WD forums, using his username (~skee) and his characteristic greeting (hiyas). Then they found his personal Facebook page, by searching for SKUs of particular 4WD lift kits that he had posted about. So for him, the indicators were `skee`, `hiyas`, and the SKUs. For Sabu, an IRC admin pieced together his various nicknames, over time, to link his current nickname/persona with his meatspace identity, which had been revealed years before.
+
+The next steps are analysis of threats, and identification of vulnerabilities. From the [DoD OPSEC manual][1] at p. 13:
+
+> The threat analysis includes identifying potential adversaries and their associated capabilities and intentions to collect, analyze, and exploit critical information and indicators.
+
+Wherever adversaries can collect and effectively exploit critical information and/or indicators, there are vulnerabilities. So who are your adversaries? And what are their capabilities? Anyone interested in you, with goals that you reject and fear, is an adversary. You probably have some sense of who they are, what they want, and what they can do. But what matters? In an [interview][13] with Micah Lee, Edward Snowden observed:
+
+> Almost every principle of operating security is to think about vulnerability. Think about what the risks of compromise are and how to mitigate them. In every step, in every action, in every point involved, in every point of decision, you have to stop and reflect and think, "What would be the impact if my adversary were aware of my activities?" If that impact is something that's not survivable, either you have to change or refrain from that activity, you have to mitigate that through some kind of tools or system to protect the information and reduce the risk of compromise, or ultimately, you have to accept the risk of discovery and have a plan to mitigate the response. Because sometimes you can't always keep something secret, but you can plan your response.
+
+Anyway, none of that is possible without plans. Or at least, it's impossible without some sense of what one's plans will be. As Allen Dulles [noted][6]:
+
+> 52. Never set a thing really going, whether it be big or small, before you see it in its details. Do not count on luck. Or only on bad luck.
+
+This is arguably a central theme in all of my pwnage examples. When one is just playing around, with no real plans, or not even a clear sense of what one might plan, one may not worry enough about protecting one's identity. And after one gets serious, and the stakes get higher, one may forget about just how lax one's OPSEC was. So do plan ahead, and think things through.
+
+The final steps are risk assessment, and identification of countermeasures. From the [DoD OPSEC manual][1] at p. 13:
+
+> The risk assessment is the process of evaluating the risks to information based on susceptibility to intelligence collection and the anticipated severity of loss. It involves assessing the adversary's ability to exploit vulnerabilities that would lead to the exposure of critical information and the potential impact it would have on the mission. Determining the level of risk is a key element of the OPSEC process and provides justification for the use of countermeasures. Once the amount of risk is determined, consider cost, time, and effort of implementing OPSEC countermeasures to mitigate risk.
+
+![impact vs likelihood example](/images-static/uploads/Probability_and_Impact_Matrix.png)
+
+That is, risks are characterized by their likelihood aka probability, and their potential impact. To help prioritize risks and identify countermeasures, it's common to visualize them, plotting probability vs impact. From [Mind Tools][14]:
+
+> The corners of the chart have these characteristics:
+> 
+>   * **Low impact/low probability** – Risks in the bottom left corner are low level, and you can often ignore them.
+>   * **Low impact/high probability** – Risks in the top left corner are of moderate importance – if these things happen, you can cope with them and move on. However, you should try to reduce the likelihood that they'll occur.
+>   * **High impact/low probability** – Risks in the bottom right corner are of high importance if they do occur, but they're very unlikely to happen. For these, however, you should do what you can to reduce the impact they'll have if they do occur, and you should have contingency plans in place just in case they do.
+>   * **High impact/high probability** – Risks towards the top right corner are of critical importance. These are your top priorities, and are risks that you must pay close attention to.
+
+High-impact/low-probability risks are [highly problematic][15]:
+
+> [I]t may often be easier to characterise the impact of an event than its likelihood, such as the impact of your wallet being stolen against working out the numerical likelihood of it happening. ... People are often unwilling to give credence to improbable notions specifically because their professional or social community consider them too improbable. ... In addition, if a problem is thought too complex, there is the danger that organizations will simply ignore it. ... More generally, there is often a <u>lack of imagination</u> when considering high impact low probability risks. [emphasis added]
+
+The US National Security Agency (NSA) arguably poses an existentially high-impact/low-probability risk for virtually everyone. That may seem too improbable, but it's certainly existential, and so worth discussion. But do keep in mind Allen Dulles' [rule 72][6]:
+
+> If anything, overestimate the opposition. Certainly never underestimate it. But do not let that lead to nervousness or lack of confidence. Don't get rattled, and know that with hard work, calmness, and by never irrevocably compromising yourself, you can always, always best them.
+
+### Is the NSA Your Adversary? Consider the Risks of Data Sharing and Parallel Construction
+
+The NSA is responsible for military signals intelligence (SIGINT). Initially, it was known (at least jokingly) as ['No Such Agency'][16], the stuff of conspiracy theories. For obvious reasons, its capabilities and activities are largely classified. We know about them primarily from [James Bamford's books][17], from such [whistleblowers][18] as Bill Binney, Kirk Wiebe and Thomas Drake, and from materials leaked by [Edward Snowden][19] and [The Shadow Brokers][20]. So our understanding is limited. But even so, the NSA's capabilities are [mind-boggling][21]. More links about NSA are [here][22].
+
+The NSA is a global active adversary. That is, it can (in principle, anyway) intercept, modify and trace all Internet traffic. It has a global grid of computers that intercept data from the Internet, store it, process it, and make it available to analysts. Using intercepts from network edges, it can employ traffic analysis to de-anonymize any persistent low-latency connection, no matter how much it's been rerouted. And it can arguably compromise any networked device, and exploit it to get additional information. Also, it actively targets [system administrators][23], in order to access to networks that they administer.
+
+However, while the NSA arguably intercepts everyone's online activity, it can't collect it all in a single location, because that would require implausibly fat pipes and humongous storage. And it can't de-anonymize all low-latency connections, because that would require implausible processing power. But analysts can operate in parallel on all grid components, and receive results for local analysis. Data of interest gets moved to centralized long-term storage. But even the NSA can't store all intercept data indefinitely. So its systems prioritize, and then triage. Data that seems more important is retained longer. But all metadata (time, IP addresses, headers, and so on) are retained indefinitely. And so are data that seem most important. That reportedly includes all encrypted data (but not all HTTPS, I suspect) that could not be decrypted (plus associated unencrypted metadata).
+
+The good news is that the NSA's charge is national security, and that you are most likely far too insignificant to warrant its attention. However, it's important to note that the NSA does retain and search data on [American residents][24]. Also see [this excellent article][25], and the declassified [Memorandum Opinion and Order][26] from the FISA Court. This is supposedly accidental, or incidental, or unavoidable, or something like that. And the FISA Court says to stop. Not that it matters much to the rest of us.
+
+But anyway, who else has access to all this data? Well, we know that the NSA shares with intelligence agencies of [US allies][27]. And also gets data collected by them. There are at least three groups of such allies:
+
+  * Five Eyes (Australia, Canada, New Zealand, the United Kingdom and the United States)
+  * Nine Eyes (Five Eyes plus Denmark, France, the Netherlands, and Norway)
+  * Fourteen Eyes (Nine Eyes plus Germany, Belgium, Italy, Spain, and Sweden)
+
+![The rules of SOD](/images-static/uploads/sod.jpeg)
+
+We also know that the NSA shares data with numerous US [law-enforcement agencies][28] [2013], including the DEA, DHS, FBI and IRS:
+
+> A secretive U.S. Drug Enforcement Administration unit is funneling information from intelligence intercepts, wiretaps, informants and a massive database of telephone records to authorities across the nation to help them launch criminal investigations of Americans.
+
+> Although these cases rarely involve national security issues, documents reviewed by Reuters show that law enforcement agents have been directed to conceal how such investigations truly begin - not only from defense lawyers but also sometimes from prosecutors and judges.
+
+> The undated documents show that federal agents are trained to "recreate" the investigative trail to effectively cover up where the information originated, a practice that some experts say violates a defendant's Constitutional right to a fair trial. If defendants don't know how an investigation began, they cannot know to ask to review potential sources of exculpatory evidence - information that could reveal entrapment, mistakes or biased witnesses.
+
+> ...
+
+> The unit of the DEA that distributes the information is called the Special Operations Division, or SOD. Two dozen partner agencies comprise the unit, including the FBI, CIA, NSA, Internal Revenue Service and the Department of Homeland Security. It was created in 1994 to combat Latin American drug cartels and has grown from several dozen employees to several hundred.
+
+> Today, much of the SOD's work is classified, and officials asked that its precise location in Virginia not be revealed. The documents reviewed by Reuters are marked "Law Enforcement Sensitive", a government categorization that is meant to keep them confidential.
+
+> "Remember that the utilization of SOD cannot be revealed or discussed in any investigative function", a document presented to agents reads. The document specifically directs agents to omit the SOD's involvement from investigative reports, affidavits, discussions with prosecutors and courtroom testimony. Agents are instructed to then use "normal investigative techniques to recreate the information provided by SOD". [emphasis added]
+
+This is termed `parallel construction`. Reportedly, it's long been a standard approach for protecting sources and investigative methods. Such as [confidential informants][29]. But the scale here is vastly larger. And the practice is arguably [unconstitutional][30] (not to mention, that it entails criminal conspiracy to suborn perjury).
+
+But these are just nonspecific allegations, based on leaked documents and whistleblowers. Is there actually any unambiguous evidence that criminal prosecutions have secretly relied on NSA intercepts? I find **nothing** online. However, there is an excellent panel discussion from August 2015 at the DEA Museum website, involving former SOD directors and staff, about [SOD history][31]. John Wallace was very candid about the motivation to circumvent post-Watergate policies, which had been implemented to prevent warrantless `electronic surveillance and eavesdropping on American citizens`:
+
+> 00:18:20 Well, we - we got to step back, and I got to give you some historical context. Remember, when we're talking now, the early ‘90s. This is at least 10 years before 9/11, uh, and, so, we had two problems. ...
+
+> 00:18:50 The other dynamic that Bobby mentioned was we had, uh, the - the cases in New York, uh, principally en - engaged against the - the Cali Cartel that were simply dying on the vine in New York. Um, on the other hand, we had elements of the intelligence community who said they had all of this great information, but nothing ever came of it. Um, and, again, 10 years before 9/11, the wall is up, it is absolutely prohibited for, uh, anybody on the Intelligence side of the house, uh, to talk to somebody with a criminal investigative, uh, responsibility.
+
+![Enemy of the State (1998)](/images-static/uploads/enemy-of-the-state.jpg)
+
+> 00:20:00 I was fortunate to be in a group of about four or five people, including the Attorney General, Bob Mueller was the Chief of the Criminal Division. Um, uh, uh, a true heroine in all of this was Mary Lee Warren who, at that time, uh, had the narcotics section. Uh, and, so, after meeting with Bobby's small group, <u>we got together with the senior leadership of CIA, the senior leadership of NSA, and the senior leadership of the Department, uh, of Justice, and began to work these two problems.</u> [emphasis added]
+
+> 00:20:35 The first problem being: How do we engage with the Intelligence community without compromising their sensitive sources and methods, their equities, without violating this - this wall arrangement; at the same time, breed [_sic_] life into Bill Mockler's investigations in New York, and get the U.S. Attorneys all on the same sheet of music with regard to prosecuting these national level investigations that - that Bobby was trying to put together.
+
+> 00:22:13 We don't want to have to turn this stuff over in the course of discovery. On the same, uh, token though, the - we've got to make sure that the defendants' rights to full and free discovery are completely observed. [huh?] We don't want, uh, for example, CIA officers on the witness stand. Um, and - and those were some of the issues that we had to come up with creative solutions. Uh, and - and on occasion, uh, it, uh, it meant we're - the solution we come at is going to be less than perfect, you know, because we want to, uh, to stay away from some of these electrified third rails on the legal side of the house.
+
+And from Michael Horn:
+
+> 00:47:31 Well, first, we - when we discussed this coordination between the Intelligence and the Operations Divisions, um, Joe referred to this - it - _it was really the mantra at SOD, SOD takes no credit_. We - we wanted to make sure the SACs were comfortable with - with our role in - in their investigations, and sometimes they were not. Uh, but by - by stepping back when - _when these cases went down and - and assuring that any credit, any publicity, any photo ops, uh, were taken by the field, and SOD just stayed in the background_, that went a long way to assuaging some of the - the SAC's concerns. [emphasis added]
+
+SOD has apparently been part of numerous drug cases, including major operations against cartels, but only two are named. Joseph Keefe mentioned Mountain Express:
+
+> 00:51:06 A - a tremendous amount of cases. Every section that I had was fortunate they were all very productive. One that comes to mind ‘cause it involved DEA as a whole was Mount - a thing called Mountain Express. Mountain Express was back - well, Jack Riley was the ASAC.
+
+And Michael Horn mentioned two Zorro cases:
+
+> 00:53:56 Well, I guess the two Zorro cases were - which were two of the first national level cases, uh, come to mind. And, um, it - it was - again, as Joe mentioned, an incredible coordination a - among a lot of field offices. And, of course, the goal was to protect the wires that were going on. At this time, I think there were some wires going on in Los Angeles, and they were following loads to - across the country to New York. ...
+
+Even though SOD has allegedly played a major role in a `tremendous` number of cases since the early 90s, I find nothing online about the use of intelligence data, before the [Reuters exposé][28] in late 2013. Although some of the old drug cases are [featured][32] on the DOJ website, the use of parallel construction to hide use of intelligence data isn't mentioned. For obvious reasons. Less than a year before the Reuters exposé, there was no mention of SOD in Senate [debate][33] on extending the FISA Amendments Act of 2008 for five years. Without doubt, at least Senator Feinstein was aware of SOD. But again, the reasons for silence are obvious.
+
+Even since the Reuters exposé, I find nothing online about specific cases where investigators allegedly relied secretly on NSA intercepts, and engaged in parallel construction. No defense challenges. No court opinions. Not even anonymous allegations. There was a [federal ruling][34] in 2016, suppressing Stingray evidence that was obtained without a search warrant:
+
+> U.S. District Judge William Pauley in Manhattan on Tuesday ruled that defendant Raymond Lambis' rights were violated when the U.S. Drug Enforcement Administration used such a device without a warrant to find his Washington Heights apartment.
+
+> The DEA had used a stingray to identify Lambis' apartment as the most likely location of a cell phone identified during a drug-trafficking probe. Pauley said doing so constituted an unreasonable search.
+
+> "Absent a search warrant, the government may not turn a citizen's cell phone into a tracking device" Pauley wrote.
+
+And yet there's nothing online about the use of intelligence data in criminal cases. That's surprising, given likely concerns about constitutionality, and participation in criminal conspiracy to suborn perjury. You'd think that at least one investigator would have turned whistleblower. But then, the NSA has been _very_ careful about protecting sources and methods. I mean, consider 9/11. The NSA and CIA had allegedly [monitored][35] some of the plotters, but didn't manage to convince Secretary of State Condoleezza Rice to act. Whistleblowers [claim][36] that key results were "not disseminated outside of NSA". Basically, I gather that the NSA had compromised parts of al Qaeda's telephone network, and considered the intercepts too valuable to risk.
+
+According to New America's [Open Technology Institute][37]: "The NSA uses [Section 702] authority to surveil communications that go well beyond the national security purpose of the law." In recent years, it appears that the FBI has further [relaxed its rules][38] for accessing NSA data. And finally, one of President Obama's last acts was basically to [normalize and expand SOD][39], allowing cooperating federal agencies to directly search NSA data. Perhaps he wanted to facilitate investigation of [collusion of Russia and the Trump campaign][40].
+
+Bottom line, it's prudent to assume:
+
+  * The NSA intercepts all Internet data.
+  * All SOD partners (such as CIA, DEA, DHS, FBI and IRS) can access that data directly.
+  * The NSA shares data with US allies.
+  * Many (if not all) investigators in those countries can access NSA data.
+
+With that in mind, how might NSA data been used in my pwnage examples? There's been [speculation][41] that two aspects of the Silk Road investigation are implausible: 1) using Google to find altoid's posts on the Bitcoin Forum; and 2) discovery by DHS of fake IDs sent to Ross Ulbricht. The first claim is weak, given that one can easily replicate the search. But the second seems reasonable, given that relatively few Silk Road packages were intercepted. And given that DHS and FBI are SOD partners, FBI investigators searching for `Silk Road` would have seen Ross Ulbricht among the hits. It's also possible that the NSA tipped off the FBI about the Silk Road server, and how to find its IP address.
+
+OK, what else? Well, consider Operation Onymous. Perhaps the FBI might have known, from public sources, that DOD had funded research at CMU on Tor vulnerabilities. But how would the FBI have known that CMU researchers had identified numerous illegal Tor onion services, such as Silk Road 2.0? Perhaps they saw the announced Black Hat talk, subpoenaed the results, and imposed a protective order. But in that case, why did the FBI enigmatically refer questions about Silk Road 2.0 to CMU? Evasiveness creates suspicion. Especially because this was a drug case, and the role of SOD is always hidden through [parallel construction][28].
+
+ [1]: https://web.archive.org/web/20171009123733/https://www.OPSECprofessionals.org/official/081103_DOD_OPSEC_Manual.pdf
+ [2]: https://web.archive.org/web/20160327105648/http://www.opsecprofessionals.org/training/OPSEC_Training.pdf
+ [3]: https://www.slideshare.net/grugq/OPSEC-for-hackers
+ [4]: http://blogsofwar.com/hacker-OPSEC-with-the-grugq/
+ [5]: http://privacy-pc.com/articles/hackers-guide-to-stay-out-of-jail-opsec-for-freedom-fighters.html
+ [6]: https://blog.cyberwar.nl/2016/02/some-elements-of-intelligence-work-73-rules-of-spycraft-allen-dulles-1960s/
+ [8]: http://www.afio.com/22_intelligencer.htm
+ [10]: http://www.motherjones.com/media/2015/10/book-review-devils-chessboard-david-talbot
+ [11]: https://web.archive.org/web/20200717231747/https://www.cia.gov/library/center-for-the-study-of-intelligence/csi-publications/csi-studies/studies/vol-60-no-3/seeger-the-devils-chessboard.html
+ [12]: http://www.huffingtonpost.com/joseph-a-palermo/the-devils-chessboard-all_b_8959302.html
+ [13]: https://theintercept.com/2015/11/12/edward-snowden-explains-how-to-reclaim-your-privacy/
+ [14]: https://www.mindtools.com/pages/article/newPPM_78.htm
+ [15]: http://www.bristol.ac.uk/media-library/sites/eng-systems-centre/migrated/documents/blackett-review.pdf
+ [16]: http://www.saturdayeveningpost.com/2014/04/17/culture/politics/a-brief-history-of-the-nsa.html
+ [17]: https://en.wikipedia.org/wiki/James_Bamford
+ [18]: https://standupfortruth.org/whistleblower-and-supporter-bios
+ [19]: https://en.wikipedia.org/wiki/Edward_Snowden
+ [20]: https://en.wikipedia.org/wiki/The_Shadow_Brokers
+ [21]: https://www.lightbluetouchpaper.org/2015/05/02/meeting-snowden-in-princeton/
+ [22]: http://www.tedgioia.com/nsa_facts.html
+ [23]: https://arstechnica.com/security/2014/03/nsa-hacker-in-residence-dishes-on-how-to-hunt-system-admins/
+ [24]: http://circa.com/politics/barack-obamas-team-secretly-disclosed-years-of-illegal-nsa-searches-spying-on-americans
+ [25]: http://www.nationalreview.com/article/447973/nsa-illegal-surveillance-americans-obama-administration-abuse-fisa-court-response
+ [26]: https://www.scribd.com/document/349261099/2016-Cert-FISC-Memo-Opin-Order-Apr-2017-4
+ [27]: https://en.wikipedia.org/wiki/UKUSA_Agreement
+ [28]: http://www.reuters.com/article/us-dea-sod-idUSBRE97409R20130805
+ [29]: https://en.wikipedia.org/wiki/Whitey_Bulger
+ [30]: https://consortiumnews.com/2014/06/12/how-nsa-can-secretly-aid-criminal-cases/
+ [31]: https://www.deamuseum.org/wp-content/uploads/2015/08/042215-DEAMuseum-LectureSeries-MLS-SOD-transcript.pdf
+ [32]: https://www.justice.gov/criminal/ndds
+ [33]: https://fas.org/irp/congress/2012_cr/faa-amend.html
+ [34]: https://www.techdirt.com/articles/20160713/08005834960/first-time-federal-judge-has-suppressed-evidence-obtained-with-stingray-device.shtml
+ [35]: http://www.washingtonpost.com/wp-dyn/content/article/2006/09/30/AR2006093000282.html
+ [36]: https://consortiumnews.com/2014/01/07/nsa-insiders-reveal-what-went-wrong/
+ [37]: https://na-production.s3.amazonaws.com/documents/Section702_Scope.pdf
+ [38]: https://www.theguardian.com/us-news/2016/mar/08/fbi-changes-privacy-rules-accessing-nsa-prism-data
+ [39]: https://www.wired.com/2017/01/just-time-trump-nsa-loosens-privacy-rules/
+ [40]: https://www.independent.co.uk/news/world/americas/us-politics/donald-trump-presidency-finished-russia-investigations-fbi-vladimir-putin-nsa-analyst-john-schindler-a7649371.html
+ [41]: http://www.forbes.com/sites/kashmirhill/2013/10/08/did-the-nsa-help-with-the-silk-road-investigation/
diff --git a/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4.md b/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4.md
new file mode 100644
index 000000000..9d46a80f9
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4.md
@@ -0,0 +1,291 @@
+---
+title: 'Online Privacy Through OPSEC and Compartmentalization: Part 4'
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4/
+section: Advanced
+weight: 120
+date: 2021-12-16T00:00:00+00:00
+layout: guides-details
+---
+## OPSEC Countermeasures
+
+Once risks have been identified and ranked, one must identify countermeasures. One must then assess their effectiveness and cost, relative to potential impacts. And one must assess the "possibility that the countermeasure could create an OPSEC indicator" ([DoD OPSEC manual][1] at p. 14). Where warranted by risk and worth the cost, one applies countermeasures. And finally, one assesses the effectiveness of countermeasures in practice. I focus here on four groups of countermeasures: (1) common sense and security mindedness; (2) awareness of egocentrism, pride, vanity and greed; (3) compartmentalization with multiple personas; and 4) technical implementation.
+
+### Common Sense and Security Mindedness
+
+![Loose Lips Might Sink Ships](/images-static/uploads/loose-lips-might-sink-ships.jpg)
+
+Allen Dulles' [73 Rules of Spycraft][2] begins with common sense:
+
+> The greatest weapon a man or woman can bring to this type of work in which we are engaged is his or her hard common sense. The following notes aim at being a little common sense and applied form. Simple common sense crystallized by a certain amount of experience into a number of rules and suggestions.
+
+He goes on to emphasize the importance of security mindedness:
+
+> #2. Security consists not only in avoiding big risks. It consists in carrying out daily tasks with painstaking remembrance of the tiny things that security demands. The little things are in many ways more important than the big ones. It is they which oftenest give the game away. It is consistent care in them, which form the habit and characteristic of security mindedness.
+
+> #3. In any case, the man or woman who does not indulge in the daily security routine, boring and useless though it may sometimes appear, will be found lacking in the proper instinctive reaction when dealing with the bigger stuff.
+
+He also warns against carelessness:
+
+> #9. The greatest vice in the game is that of carelessness. Mistakes made generally cannot be rectified.
+
+> #8. Never leave things lying about unattended or lay them down where you are liable to forget them. Learn to write lightly; the `blank` page underneath has often been read. Be wary of your piece of blotting paper. If you have to destroy a document, do so thoroughly. Carry as little written matter as possible, and for the shortest possible time. Never carry names or addresses en clair. If you cannot carry them for the time being in your head, put them in a species of personal code, which only you understand. Small papers and envelopes or cards and photographs, ought to be clipped on to the latter, otherwise they are liable to get lost. But when you have conducted an interview or made arrangements for a meeting, write it all down and put it safely away for reference. Your memory can play tricks.
+
+> #17. The greatest material curse to the profession, despite all its advantages, is undoubtedly the telephone. It is a constant source of temptation to slackness. And even if you do not use it carelessly yourself, the other fellow, very often will, so in any case, warn him. Always act on the principle that every conversation is listened to, that a call may always give the enemy a line. Naturally, always unplug during confidential conversations. Even better is it to have no phone in your room, or else have it in a box or cupboard.
+
+Much of this may seem pointlessly old-school. But for those who work with computers and the Internet, there are now far more opportunities to be careless and leave traces for adversaries to find. Traces on our computers. Traces of online connectivity. Traces from browsing, email and messaging. Strong encryption is widely available now, at least. But there's still the risk from metadata (URLs, email addresses, IP addresses, etc). Smartphones are ubiquitous, and are vulnerable to surveillance and tracking. And people still write on paper, sometimes. There are just so many ways to fail.
+
+Anyway, security mindedness is indeed essential. And for that, it's crucial to pay attention, to [be present][3] to your life:
+
+> We train ourselves to see reality exactly as it is, and we call this special mode of perception 'mindfulness.' This process of mindfulness is really quite different from what we usually do. We usually do not look into what is really there in front of us. We see life through a screen of thoughts and concepts, and we mistake those mental objects for the reality.
+
+Seeing "reality exactly as it is", rather than our thoughts and feelings about it, is the basis for `security mindedness`. Also crucial is seeing ourselves objectively. And thinking through the consequences of every action. Globally, and from an [adversary's perspective][4]:
+
+> In addition to being a process, OPSEC is also a mindset.
+  
+> It means being able to consider your organization or environment from the point of view of your adversary.
+  
+> This allows you to consider your vulnerabilities from the perspective of the threat based on their capabilities and actions.
+
+It's rather like activating [God mode][5] in first-person shooter (FPS) video games. That's the default mode in chess and Go, of course.
+
+Anyway, it was traces—carelessly left and/or carelessly forgotten—that pwned the principals in most of my examples:
+
+  * Ross Ulbricht used his Gmail address on Bitcoin Forum, looking for a coder. He kept everything (including email and chat logs, a [diary][6], and true-name data for all staff) on one encrypted laptop. And he routinely carried and used that laptop in public, providing opportunities for the FBI to seize it.
+  * Roger Thomas Clark provided an image of his passport to Ross Ulbricht. So he (and other Silk Road staff) were pwned when Ross was.
+  * Artem Vaulin registered kickasstorrents.biz using his real name.
+  * Shannon McCoole used the same unusual greeting, and similar usernames, in multiple online accounts. And in one of them, he researched 4WD lift kits, and then bragged about them on his personal Facebook page.
+  * Hector Monsegur had linked personas going back well over a decade. Early personas were linked to his meatspace identity. And someone had retained IRC logs, including all of that information.
+  * Tomáš Jiříkovský created sheepmarketplace.com before the Sheep Marketplace onion site, and complained there "about the problems of running a Bitcoin-using hidden service". And **after** being doxxed as the owner, he cashed out implausibly huge amounts of Bitcoin that he had stolen.
+
+As Allen Dulles notes, it's the `little things`. Rigorous anonymity may not seem important, when you're a clueless n00b, when you're just playing around. Say, when you prototype this cool anonymous online market, like Silk Road or Sheep Marketplace. And then, after it takes off and becomes internationally infamous, you're just too stressed out to remember such little things. Or say, when you're starting out with your Pirate Bay clone. Or when you're 12 years old and learning to hack, and start hanging out on IRC.
+
+### Awareness of Egocentrism, Pride, Vanity, Greed and Lust
+
+![The Seven Deadly Sins (Hieronymus Bosch)](/images-static/uploads/Boschsevendeadlysins.jpg)
+
+[Allen Dulles][2] observes:
+
+> #10. The next greatest vice [after carelessness] is that of vanity. Its offshoots are multiple and malignant.
+
+> #11. Besides, the man with a swelled head never learns. And there is always a great deal to be learned.
+
+However, according to Jane Austen, in [_Pride and Prejudice_][7]:
+
+> Vanity and pride are different things, though the words are often used synonymously. A person may be proud without being vain. Pride relates more to our opinion of ourselves, vanity to what we would have others think of us.
+
+So actually, I think that Dulles is talking more about pride (`swelled head`) than about vanity. But typically they go together, and both are dangerous. Pride leads to overconfidence, and vanity to bragging. Nick Romeo recently blogged some relevant [tl;dr][8] from Plato:
+
+> ... In the Apology, Socrates claims to be wiser than other men only because he knows that which he does not know. When Kahneman writes that we are 'blind to our blindness', he is reviving the Socratic idea that wisdom consists in seeing one's blindness: knowing what you do not know.
+
+> Intellectual humility and overconfidence can stem from purely cognitive processes, but they are also correctly understood as moral achievements or failings. Someone who always thinks that he is right about everything, however little he knows, is making a moral as well as a mental mistake. Similarly, the cultivation of intellectual humility is, in part, the cultivation of an ethical virtue.
+
+> ...
+
+> ... This is only a preliminary step in Plato's dialogues – a (good-natured) reaching after fact and reason should and does occur – but an initial tolerance of uncertainty is a capacity without which individuals and societies cannot adequately self-correct and improve. People who are pained and irritated by not knowing something reach prematurely for whatever apparent reasons are most accessible.
+
+Ironically enough, [Jonah Lehrer][9] has written quite eloquently about how smart people make [stupid mistakes][10]. The fundamental problem seems to be egocentrism. That is, it's relatively easy to rationally and objectively evaluate other people's behavior. But it's hard to be rational and objective about ourselves. It's hard to face the facts, and consider what to do about them. We're often just too attached. Introspection typically opens up a morass of feelings, excuses, rationalization, wishful thinking, blame, and denial. There are also the illusions of being immortal, and smarter than others. Basically, we're [biased][11]. What's needed are mindfulness and humility.
+
+Consider Hector Monsegur's comment in an [interview][12] after his brief imprisonment: `I've been hacking since '95, ... There's only so much you can do before you get caught.` OK, so I can imagine how many `criminals` would say something like that, especially after being caught. But it's rationalization. His sins were carelessness and bragging. Plus pushing children into crime, and then snitching on them, [according to][13] Ryan Ackroyd (LulzSec's Kayla). What happens, I think, is that we know (at some level) that we've screwed up. But the mechanisms driving our behavior are largely unconscious. Our conscious ego is happy to take credit for success, but it tends to suppress evidence of error. There's a strong need to be right. And when evidence of error becomes undeniable, the ego may flip to fatalism. And making excuses.
+
+Another trap is greed. Consider [Tomáš Jiříkovský][14]. I mean, what else could explain how he cashed out a fortune in stolen Bitcoin, from a darknet drug marketplace, less than a month after being interviewed about alleged connections to said darknet drug marketplace in his country's major newspaper? But hey, $100 million is undeniably tempting. It's likely that greed also dissuaded Ross Ulbricht from giving up Silk Road.
+
+[Dulles][2] also warns about sex and alcohol:
+
+> #12. Booze is naturally dangerous. So also is an undisciplined attraction for the other sex. The first loosens the tongue. The second does likewise. It also distorts vision and promotes indolence. They both provide grand weapons to an enemy.
+
+> #13. It has been proved time and again, in particular, that sex and business do not mix.
+
+OK, so Ross Ulbricht did tell his off-and-on girlfriend Julia Tourianski about Silk Road, and she apparently told one of her friends, who then [posted][15] about it on his Facebook wall:
+
+> I'm sure the authorities would be interested in your drug-running site.
+
+But hey, she later became a staunch [defender][16]. Albeit after being forced to testify at his trial.
+
+### Compartmentalization with Multiple Personas
+
+![firewalls between electrical gear](/images-static/uploads/menu_bar_wall.jpg)
+
+It's clear from my examples that pseudonymity alone is a fragile defense. Once pwned in any context, everything is pwned, because it's all tied together. As I've noted, it's far more robust to fragment and compartmentalize one's online activity across multiple unlinked personas. Ross Ulbricht and Hector Xavier Monsegur both lacked adequate compartmentalization, over time. That is, even if their current OPSEC was good, which it actually wasn't, there were links to past activity with pitiful OPSEC. Shannon McCoole basically didn't compartmentalize. He was `skee who says hiyas` on The Love Zone, and basically the same everywhere else online.
+
+Compartmentalization (aka compartmentation) entails the isolation of stuff in compartments. That may involve walls, physical or figurative, or just the absence of connections. The goal is preventing bad things from spreading. Limiting access and damage. For example, military aircraft (containing fuel and munitions) are prudently isolated in combat environments by [blast walls aka revetments][17]. Explosives are often stored in isolated bunkers, separated by blast walls. [Firewalls][18] are used between townhouse units, between electrical components at substations, between engine and passenger compartments of vehicles, and so on. Compartmentalization plays diverse roles in [biological organisms][19].
+
+And yes, compartmentalization is a crucial component of [Information Security (INFOSEC)][20] and [Operations Security (OPSEC)][21]:
+
+> Operations Security sounds like something that would only concern spies and special operations soldiers. The reality is that since your government is likely spying on you, even if you `have nothing to hide`, OpSec concerns you. It's a concept you need to become familiar with and begin to apply in your daily life. Maintaining Operational Security is simply the practice of taking small steps to secure the information you don't want disclosed.
+
+> ...
+
+> Failing to compartmentalize: It's important enough to repeat. If someone doesn't have a need to know, don't tell them. This isn't a sign of distrust, it's a sign you are trustworthy. Remember that when you disclose unnecessary information about yourself, you are probably disclosing it about others.
+
+From [Allen Dulles][2]:
+
+> #51. If you have several groups, keep them separate unless the moment comes for concerted action. Keep your lines separate; and within the bounds of reason and security, try to multiply them. Each separation and each multiplication minimizes the danger of total loss. Multiplication of lines also gives the possibility of resting each line, which is often a very desirable thing.
+
+> #64. Away from the job, among your other contacts, never know too much. Often you will have to bite down on your vanity, which would like to show what you know. This is especially hard when you hear a wrong assertion being made or a misstatement of events.
+
+> #65. Not knowing too much does not mean not knowing anything. Unless there is a special reason for it, it is not good either to appear a nitwit or a person lacking in discretion. This does not invite the placing of confidence in you.
+
+> #66. Show your intelligence, but be quiet on anything along the line you are working. Make others do the speaking. A good thing sometimes is to be personally interested as `a good patriot and anxious to pass along anything useful to official channels in the hope that it may eventually get to the right quarter.`
+
+And from [the grugq][22]:
+
+> The cornerstone of any solid counterintelligence program is compartmentation. Compartmentation is the separation of information, including people and activities, into discreet cells. These cells must have no interaction, access, or knowledge of each other. Enforcing ignorance between different cells prevents any one compartment from containing too much sensitive information. If any single cell is compromised, such as by an informant, the limitats _sic_ of the damage will be at the boundaries of the cell.
+
+> Now, compartmenting an entire organization is a difficult feat, and can seriously impede the ability of the organization to learn and adapt to changing circumstance. However, these are are not concerns that we need to address for an individual who is compartmenting their personal life from their illicit activity.
+
+> Spooks, such as CIA case officiers [_sic_], or KGB illegals, compartment their illicit activity (spying) from their `regular` lives. The first part of this is, of course, keeping their mouths shut about their illicit activities! There are many other important parts of tradecraft which are beyond the scope of this post. But remember, when you are compartmenting your life, the first rule is to never discuss your illicit activities with anyone outside of that compartment.
+
+{{< raw-html >}}
+<figure>
+    <img src="/images-static/uploads/bedohave.png"
+        srcset="/images-static/uploads/bedohave.png 1x, /images-static/uploads/bedohave@2x.png 2x"
+        alt="Be->Do->Have cycle" />
+</figure>
+{{< / raw-html >}}
+
+OK, so how does one go about compartmentalizing with multiple personas? First, consider the standard advice for personal development. That is, after considering your principles and values, you formulate some goals. Then you consider how you would achieve those goals, what actions you would need to take. And finally, you consider who you would need to become to effectively take those actions. When it comes to implementation, however, the first step is being. Because actions grow out of being. It's the classic [Be->Do->Have cycle][23].
+
+But of course, life isn't that simple. We all live in multiple realms. Family. Social life. Spirituality. Work. Play. And these realms call forth [distinct ways of being][24]. In order to play safe online, you must distinguish subrealms, with particular interests and goals. Then you create one or more personas for each distinct subrealm. With adequate compartmentalization, adversaries don't see you as a person, but only as unrelated personas.
+
+Requisite skills come from fields of fiction writing, acting, role-playing games, and cosplay. Character design is a core component of [writing a novel][25]. Few personas need elaborate storylines, but language is essential, and location is often necessary. It also helps to think through each persona's history and interests. There's the [tension][26] between being what you know, and revealing too much about yourself. It's also common to [base characters on composites of real people][27]. Indeed, it's arguable that real people are [composites of real people][28] who raised and influenced them. But do avoid [pwning yourself or your friends][29]. Creative lying also helps. You may also enjoy some spiritual inspiration, such as [traditional budō][30] or [something more fanciful][31].
+
+OK, so names used for personas are key indicators. With good compartmentalization, each persona will only associate its own stuff, and won't implicate other personas. But still, when developing a new persona, one of my first steps is to google the name and username. For example, I picked `mirimir` based on the idiomatic Russian toast `мир и мир` (world peace). But there was already the artist [Miriam Laina][32], [Mirimir Alvarez][33] and [میریم سفر [Go travel]][34]. So hey.
+
+Other key indicators are language usage and style. For example, Mirimir uses English, with traces of British and southern US vernacular. I've drawn some of that from experience, and some from people I've known and worked with. But I've also drawn from literature and films. For example, when using this persona, I get present to memories and associations that are based on William S. Burroughs' `escape child` [Kim Carsons][35].
+
+I base other personas in the same way, on experience, people and fictional characters. There's typically some fictional character, and a setting where it operates, which presence me to the persona, and help me to get in character. Some personas also use English, but with perfect grammar and extremely generic style. Other personas use various other languages, more or less properly, depending on my expertise in them. Sometimes I use offline translation apps, with local dictionaries. Online translation is rather too obvious.
+
+Then there are the obvious indicators: address, email, and landline and cell numbers. Email is easy. Just signup via some mix of VPNs and Tor (depending on usage) and you're good to go. It's best to use services that only require email. But even for services that require address and telephone numbers, they only check for validity before account activation, if at all. I typically use hostels. Some services may require telephone confirmation, but you can just let them go. If it's something you need, you can use online services that interface cellular SIM cards for texting. Or burner phones, but those are geolocation risks. At worst, using fake information, you'll lose the account if they check. So plan accordingly.
+
+The main goal is to avoid any association with your meatspace identity. Not by name. Not by contact information. Not by language usage and style. Not by interests. Not even by literature that you base personas on. You don't draw on stuff that you've recently purchased in meatspace, or stuff that you discuss using your meatspace persona, especially online. And obviously, you must use some mix of VPNs and Tor (depending on usage) to avoid any association with your meatspace identity by IP address.
+
+For strong compartmentalization, it's also important to avoid associations among personas. So you use different addresses etc, and different network paths, using nested VPN chains with different final VPNs, and/or different Whonix instances. However, in some cases it's OK to have some associations between a persona and one or more sub-personas, which are posing as that persona's personas. Sometimes, I do that to be playful, and sometimes for purely practical reasons.
+
+Takeaways from an [interview][36] with Lindsay Moran, an ex-CIA operative, offer useful insight:
+
+  * When trying to compartmentalize, make sure your motivators of money, ideology, coercion, and ego, and fulfilled internally. Do not rely on an external resource for this.
+  * A confidentiality and anonymity (or un-attributability) win over merely confidentiality in the face of electronic surveillance.
+  * Identify the natural tendencies to shut down, or tunnel yourself into a single identity, and compensate by building personal, trusted relationships in your other identities.
+
+But even so, as [the grugq][37] notes, compartmentalization is stressful:
+
+> If the operative isn’t living a completely isolated clandestine lifestyle in their Unabomber cabin, they will have to isolate parts of their individual selves to compartment the different aspects of their lives. There will be their normal public life, the one face they show to the world, and also a sharded ego with their clandestine life. Maintaining strict compartmentation of the mind is stressful, the sharded individual will be a sum less than the total of the parts.
+
+> As if that wasn’t enough, there is the constant fear of discovery, that the clandestine cover will be stripped away by the adversary. This leaves the operative constantly fretting about the small details of each clandestine operational activity. Coupled with the compartmentalization of the self, the operative also has to stress about each non-operational activity, will this seemingly innocent action be the trigger that brings it all crashing down?
+
+![Dover Castle](/images-static/uploads/dover.jpg)
+
+That's true. But using multiple layers of personas helps protect against catastrophic failure, as noted in a [guide][38] for making anonymous online purchases:
+
+> Depending on the kind of operation, the fake identity that will be used, has to be as authentic as possible. A layered approach is used, meaning that one would create a fake online identity and completely compartmentise this identity from its real identity. This fake identity would then be used to create other fake identities. It ensures that if one fake identify gets compromised, it would not lead to de-anonymization of the person's real identity, but instead just one 'layer' or ‘compartment' of the identity protection would have been 'peeled off'. In practice this means that created email addresses point consequently only to the email address of its previous ‘layer' and not layers beneath its previous 'layer'. As in other OPSEC practices, avoiding contamination and profiling between the 'wrapped' identities is vital.
+
+[Allen Dulles][2] suggests an analogous approach:
+
+> #39. When you have made a contact, till you are absolutely sure of your man — and perhaps even then — be a small but eager intermediary. Have a `They` in the background for whom you act and to whom you are responsible. If `They` are harsh, if `They` decide to break it off, it is never any fault of yours, and indeed you can pretend to have a personal grievance about it. `They` are always great gluttons for results and very stingy with cash until `They` get them. When the results come along, `They` always send messages of congratulation and encouragement.
+
+Using multiple online personas is useful for more than privacy and anonymity. It can be an expression of playfulness. And it can help you be [more creative][39]:
+
+> Pretending to be someone else: When you're stuck in a creative process, unfocus may also come to the rescue when you embody and live out an entirely different personality. In 2016, educational psychologists, Denis Dumas and Kevin Dunbar found that people who try to solve creative problems are more successful if they behave like an eccentric poet than a rigid librarian. Given a test in which they have to come up with as many uses as possible for any object (e.g. a brick) those who behave like eccentric poets have superior creative performance. This finding holds even if the same person takes on a different identity.
+
+### Technical Implementation
+
+My focus here has been on strategy and tactics. I won't be getting into details of technical implementation. Lately, however, I've written primarily about that. Available options for general Internet access are VPNs, JonDonym, and Tor. One can also use I2P, with network outproxies, but the latency is even higher than with Tor. Each has its strengths and its weaknesses. And there's great uncertainty. Anyway, for more on those issues, see [`Will a VPN Service Protect Me? Defining your Threat Model`][40] and [`Adversaries and Anonymity Systems: The Basics`][41].
+
+The best bet is using personas, with data compartmentalized in some mix of hardware and virtual machines (VMs), and network connectivity correspondingly compartmentalized with nested proxy chains. See [`Advanced Privacy and Anonymity Using VMs, VPN's & Tor`][42] and [`How to perform a VPN leak test`][43].
+
+An issue that deserves more attention is the compartmentalization of encrypted information. Consider how Ross Ulbricht kept everything about Silk Road on his LUKS encrypted laptop. If the FBI had swatted him at home, he would arguably have had time to shut it down. Unless agents were prepared to extract the key from RAM. But they were smarter than that. They busted him in public, and managed to acquire his laptop with LUKS unlocked. So they had everything: his diary, email, chat logs, accounting spreadsheets, personnel files, and so on. Oops.
+
+It would have been safer to compartmentalize data in multiple encrypted containers. Enigmail (using GnuPG public-key encryption) typically works that way. All encrypted messages, including draft unsent messages, are encrypted in storage, and decrypted as needed. One can also use GnuPG for encrypting individual files, or archived folders. But that can get tedious. For general storage, one can create file-based encrypted containers with [VeraCrypt][44] or [Tomb][45]. Tomb uses cryptsetup to create LUKS volumes on loop devices, which are just files. With any file-based approach, it's prudent to deactivate all swap devices (swapoff -a) to avoid leaving traces on disk.
+
+Alternatively, one can have multiple LUKS partitions, with only the main one decrypted and mounted at boot. It's easy to decrypt and mount LUKS partitions with the disk utility. Backup and recovery of LUKS partitions is more error-prone than simple file management, however. For those who compartmentalize in VMs, another option is using multiple LUKS-encrypted virtual disks. In VMs, they behave just like LUKS partitions. But in the host, they're just encrypted files.
+
+![xkcd: $5 Wrench](/images-static/uploads/securitycomic.png)
+
+OK, so let's say that an adversary has both you and your encrypted stuff. The encryption is unbreakable. And the adversary believes that you know the password(s). But you refuse to decrypt. Under some circumstances, you'll be tortured. Elsewhere, you may be [jailed][46], perhaps [indefinitely][47]. Even if you have truly forgotten your passwords. At borders, non-residents may be [denied entry][48]. If there's other reason for suspicion, authorities may [escalate][49].
+
+If such risks concern you, you can mitigate them by physically compartmentalizing yourself from your encrypted stuff. That is, you store your encrypted stuff anonymously online. To reduce the risk and impact of loss, you can have multiple compartments, and store multiple copies of each, in different places. So you possess the minimum required for whatever you're currently working on. However, few could remember that much information about locations, passwords, etc. But if you encrypt and store it locally, you're faced with the same issue about refusing to decrypt stuff.
+
+There's an obvious solution. Encrypt the information, and anonymously store multiple copies online. But you still need to remember a few online locations, and some usernames and passwords. Some can remember that much, I'm sure. But for those that want some backup, there's [Shamir's Secret Sharing Scheme][50]:
+
+> In this paper we show how to divide data D into n pieces in such a way that D is easily reconstructable from any k pieces, but even complete knowledge of k-1 pieces reveals absolutely no information about D. This technique enables the construction of robust key management schemes for cryptographic systems that can function securely and reliably even when misfortunes destroy half the pieces [_sic_, actually n-k] and security breaches expose all but one of the remaining pieces [k-1].
+
+This is, by the way, from [Adi Shamir][51], the co-inventor of RSA. There's the Debian package [ssss][52] by Bertram Poettering. And, just to be clear, he notes that the scheme is provably (aka unconditionally) secure:
+
+> Note that Shamir's scheme is provable secure, that means: in a (t,n) scheme one can prove that it makes no difference whether an attacker has t-1 valid shares at his disposal or none at all; as long as he has less than t shares, there is no better option than guessing to find out the secret.
+
+However, with ssss you're limited to 128 ASCII characters (bytes, which is 1024 bits). That's enough for four 32-character blocks, each comprising:
+
+  * 11-15 characters for an IPv4 address or URL hint
+  * five characters for a username
+  * 12-16 characters for a password
+
+Say that you use n=10 and k=3. So now you have ten strings to hide somewhere. Each string comprises a sequence number (`01-` to `10-`) and 256 ASCII characters. For example:
+
+> 01-3a33b47a4d887260...0b2950346ca889f6
+  
+> 02-08ec7fe42b44d5fb...a533b5add1d26016
+  
+> ...
+  
+> 10-a1570c913ed06cd3...48868f06b813b08c
+
+Only three of the strings are needed to recover the original data, and two of those can be known by the adversary. To obscure the sequence numbers, you could replace `01-` with `a`, and so on. So that gives you ten 257-character strings to hide. You might [post][53] them to discussion forums. Or tweet them. Or use [Deep Sound][54] to hide them in audio tracks, using [steganography][55]. Or print them, embed in plastic, and [geocache][56] them (using a passive ‎GPS receiver‎, to avoid pwnage). Whatever you like.
+
+ [1]: https://www.hsdl.org/?view&did=233829
+ [2]: https://blog.cyberwar.nl/2016/02/some-elements-of-intelligence-work-73-rules-of-spycraft-allen-dulles-1960s/
+ [3]: https://www.vipassana.com/meditation/mindfulness_in_plain_english_5.html
+ [4]: https://security.pae.com/Documents/OPSEC/OPSEC_Training.pdf
+ [5]: https://www.quora.com/Which-video-games-feature-God-mode
+ [6]: https://www.wired.com/2015/01/heres-secret-silk-road-journal-laptop-ross-ulbricht/
+ [7]: https://www.goodreads.com/quotes/21824-vanity-and-pride-are-different-things-though-the-words-are
+ [8]: https://aeon.co/essays/what-plato-knew-about-behavioural-economics-a-lot
+ [9]: https://en.wikipedia.org/wiki/Jonah_Lehrer
+ [10]: http://www.newyorker.com/tech/frontal-cortex/why-smart-people-are-stupid
+ [11]: https://en.wikipedia.org/wiki/List_of_cognitive_biases
+ [12]: https://web.archive.org/web/20201114055349/https://kernelmag.dailydot.com/issue-sections/headline-story/13945/sabu-hector-monsegur-interview/
+ [13]: http://pastebin.com/raw/fSdTyJSw
+ [14]: https://www.deepdotweb.com/wp-content/uploads/2015/03/2.png
+ [15]: https://motherboard.vice.com/en_us/article/friend-testifies-in-silk-road-trial-richard-bates
+ [16]: https://dollarvigilante.com/blog/2015/01/14/julia-tourianski-on-the-most-important-trial-of-our-generati/
+ [17]: http://www.globalsecurity.org/military/intro/images/revetment-dfst9209119.jpg
+ [18]: https://en.wikipedia.org/wiki/Firewall_%28construction%29
+ [19]: http://profwelday.weebly.com/uploads/2/3/0/0/23005790/_ch_03_lecture_presentation.pdf
+ [20]: https://en.wikipedia.org/wiki/Compartmentalization_%28information_security%29
+ [21]: https://web.archive.org/web/20200523214818/https://thefifthcolumnnews.com/2017/03/tradecraft-introduction-to-opsec/
+ [22]: https://grugq.github.io/blog/2013/06/13/ignorance-is-strength/
+ [23]: https://3.bp.blogspot.com/_4X_vI_fIqHg/TTnNVC47g-I/AAAAAAAAB8E/L5LEmS0vcBI/s1600/Be%2BDo%2BHave.jpg
+ [24]: http://static.boredpanda.com/blog/wp-content/uploads/2014/11/the-soldier-art-project-military-photography-devin-mitchell-47.jpg
+ [25]: http://www.advancedfictionwriting.com/articles/snowflake-method/
+ [26]: https://writers.stackexchange.com/questions/26748/how-to-make-sure-that-you-dont-end-up-writing-a-self-insert
+ [27]: https://www.reddit.com/r/writing/comments/3mi6en/is_it_a_common_practice_to_base_characters_on/
+ [28]: https://archive.org/details/iamstrangeloop00hofs
+ [29]: http://tvtropes.org/pmwiki/pmwiki.php/Main/ConvenientlyUnverifiableCoverStory
+ [30]: https://en.wikipedia.org/wiki/Bud%C5%8D
+ [31]: http://aeternalae.wikia.com/wiki/Aeternal_Pledged
+ [32]: http://mirimir.deviantart.com/
+ [33]: https://www.facebook.com/mirimirimir
+ [34]: http://mirim.ir/
+ [35]: https://www.youtube.com/watch?v=XfAvB2BWdLs
+ [36]: https://web.archive.org/web/20180413140653/http://www.b3rn3d.com/blog/2014/03/09/cia-spycraft-psychology/
+ [37]: http://blogsofwar.com/hacker-OPSEC-with-the-grugq/
+ [38]: https://arxiv.org/pdf/1505.07370.pdf
+ [39]: https://hbr.org/2017/05/your-brain-can-only-take-so-much-focus
+ [40]: /privacy-guides/will-a-vpn-protect-me/
+ [41]: /privacy-guides/adversaries-and-anonymity-systems-the-basics/
+ [42]: /privacy-guides/advanced-privacy-and-anonymity-part-1/
+ [43]: /privacy-guides/how-to-perform-a-vpn-leak-test/
+ [44]: https://www.veracrypt.fr/en/
+ [45]: https://www.dyne.org/software/tomb/
+ [46]: http://www.legislation.gov.uk/ukpga/2000/23/part/III
+ [47]: https://arstechnica.com/tech-policy/2017/03/man-jailed-indefinitely-for-refusing-to-decrypt-hard-drives-loses-appeal/
+ [48]: https://www.eff.org/wp/digital-privacy-us-border-2017
+ [49]: http://www.madirish.net/366
+ [50]: https://apps.dtic.mil/sti/pdfs/ADA069397.pdf
+ [51]: http://amturing.acm.org/award_winners/shamir_2327856.cfm
+ [52]: http://point-at-infinity.org/ssss/
+ [53]: https://www.wilderssecurity.com/threads/test.394408/
+ [54]: https://null-byte.wonderhowto.com/how-to/hacks-mr-robot-hide-data-audio-files-0164136/
+ [55]: https://tag.wonderhowto.com/steganography/
+ [56]: https://en.wikipedia.org/wiki/Geocaching
+
diff --git a/src/content/es/pages/privacy-guides/raspberry-pi-2-ivpn-gateway.md b/src/content/es/pages/privacy-guides/raspberry-pi-2-ivpn-gateway.md
new file mode 100644
index 000000000..32295bb56
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/raspberry-pi-2-ivpn-gateway.md
@@ -0,0 +1,544 @@
+---
+title: Raspberry Pi 2 IVPN Gateway
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/raspberry-pi-2-ivpn-gateway/
+section: Misc
+weight: 50
+date: 2015-11-30T18:35:03+00:00
+layout: guides-details
+---
+This how-to explains how to setup a Raspberry Pi 2 Model B v1.1 microcomputer as an IVPN gateway firewall/router, using Raspbian (Debian Wheezy). In addition to the Pi, you need an 8GB microSDHC card (preferably class 10) and a USB-to-ethernet adapter, which provides a second ethernet port (eth1). You connect the Pi's WAN interface (eth0) to a LAN with Internet connectivity. An OpenVPN client establishes a VPN tunnel (tun0) to an IVPN server. The Pi forwards all traffic from devices attached to its LAN interface (eth1) through the VPN tunnel (tun0). Firewall rules allow outgoing connections on WAN (eth0) only to IVPN servers, Raspbian wheezy repository servers (for package updates) and NTP timeservers. No DNS servers are reachable via WAN (eth0) and so the IP addresses of these servers must be specified or resolved locally.
+
+The gateway boots with no IVPN route connected, and allows no traffic to the Internet. After connecting with SSH from a local machine, you create a user-password file in /tmp, which is stored in RAM. Then you can start, stop and restart IVPN connections, with no need to reenter your username and password (until the gateway is rebooted).
+
+Setup your Pi with a DVI monitor (perhaps via an HDMI-DVI adapter) or an HDMI TV, and a USB keyboard. It's important to use an adequate power supply. The Pi 2 uses 600-2000mA at 5V. And some USB keyboards are power hogs. Inadequate voltage at load may lead to instability and errors. Overvoltage supplied via the micro-USB power cable will temporarily trip the polyfuse, but probably won't cause permanent damage. However, the USB data ports bypass the polyfuse, and so voltage surges on powered USB hubs can fry the Pi. See <http://www.raspberrypi.org/help/faqs/#powerReqs>.
+
+Download the Raspbian (Debian Wheezy) image archive from <http://www.raspberrypi.org/downloads/> and extract the image. Put the 8GB microSDHC card in a slot or USB adapter, and write the Raspbian wheezy image to it. Then put the card in your Pi, and attach the micro-USB power cable. At first boot, you get the raspi-config screen. Select `Expand Filesystem` to expand the image to fill your SD card. Then select `Change User Password` (default being `raspberry`). Select `Internationalisation Options` to configure language, timezone and keyboard layout. Using `Advanced Options`, change the hostname (perhaps to `ivpngw`) and enable SSH server. Also `Enable Boot to Desktop`, because that will facilitate setup. You can later switch back to text console, if you like. Finally, tab to `Finish` and let the Pi reboot. Login as as user `pi` with your new password.
+
+First update the firmware, and let the Pi reboot.
+
+    $ sudo rpi-update
+
+## Initial Setup
+
+Configure the network interfaces. These instructions assume that the Pi WAN interface is connected to LAN <192.168.1.0/24>, and that a DHCP server at <192.168.1.1> is pushing valid DNS server(s). If your LAN IP range is different, adjust the LAN IPs in the iptables rules below accordingly. And by the way, WAN (eth0) and LAN (eth1) can't be in the same IP range. We'll make the Pi WAN interface static after configuring OpenVPN, and finally configure a DHCP server on the Pi LAN interface.
+
+    $ sudo nano /etc/network/interfaces
+    ........................
+    auto lo
+    iface lo inet loopback
+        
+    auto eth0
+    iface eth0 inet dhcp
+      
+    auto eth1
+    iface eth1 inet static
+    address 192.168.2.1
+    netmask 255.255.255.0
+    ........................
+        
+    $ sudo ifdown eth0
+    $ sudo ifup eth0
+
+Now open Epiphany, browse to this how-to guide, and bookmark it. Then open LXTerminal. Now you can copy text from the guide, and paste it into the terminal, using `Shift-Ctrl-V`.
+
+Now update and install required packages. OK saving the default iptables rules.
+
+    $ sudo apt-get update
+    $ sudo apt-get dist-upgrade
+    $ sudo apt-get install host openvpn iptables-persistent
+
+You must enable forwarding.
+
+    $ sudo cp /etc/sysctl.conf /etc/sysctl.conf.defaults
+    $ sudo nano /etc/sysctl.conf
+    ......................................
+    kernel.printk = 3 4 1 3
+    net.ipv4.ip_forward=1
+    net.ipv4.conf.all.accept_redirects = 0
+    vm.swappiness=1
+    vm.min_free_kbytes = 8192
+    ......................................
+
+Reboot the gateway Pi
+
+    $ sudo reboot
+
+## OpenVPN Setup
+
+Download the latest [OpenVPN configuration files](/openvpn-config) and extract the archive to `/home/pi`.
+
+
+    $ unzip /mnt/ivpn-openvpn-config.zip -d /home/pi/
+
+Reconfigure openvpn so it doesn't start all valid VPNs at boot. That's necessary because IVPN requires entering username and password to connect, and the openvpn daemon doesn't have a mechanism for prompting for entering them.
+
+    $ sudo nano /etc/default/openvpn
+    ................
+    ...
+    AUTOSTART="none"
+    ...
+    ................
+
+However, there's a workaround. At boot, create a temporary user-pass file in the `/tmp` tmpfs. It will be stored in RAM, and not saved to the SD card. Until you reboot the Pi, however, the credentials will remain available. Simply saving the user-pass file to the SD card is far less secure. If you like, you can encrypt the SD card using dm-crypt/LUKS with LVM2 for easy swap encryption. See <http://www.raspberrypi.org/forums/viewtopic.php?f=29&t=102103&p=709645>.
+
+    $ sudo nano /tmp/user-pass
+    ........
+    username
+    password
+    ........
+
+We will configure iptables to block all non-VPN Internet access, except to three groups of servers: 1) IVPN servers that we want to use; 2) Raspbian wheezy repository servers, for package updates; and 3) NTP timeservers, to insure that the Pi knows the correct time. No DNS servers are reachable via WAN (eth0) and so IVPN servers must be specified by IP addresses, or resolved locally. For IVPN servers, it's most straightforward to specify IP addresses in the config files. Choose the IVPN routes that you'll be using, and edit their config files. Also point to `/tmp/user-pass`, and change `verb 3` to `verb 5`.
+
+In this example, I'll do `IVPN-Singlehop-Netherlands` and `IVPN-Singlehop-Germany`. In one LXTerminal:
+
+    $ mkdir /home/pi/IVPN-config/edited
+    $ cp /home/pi/IVPN-config/IVPN-Singlehop-Netherlands.conf /home/pi/IVPN-config/edited/
+    $ cat /home/pi/IVPN-config/edited/IVPN-Singlehop-Netherlands.conf
+    ...........................
+    ...
+    remote gw1.nl.ivpn.net 2049
+    auth-user-pass
+    ...
+    verb 3
+    ...........................
+
+In a second LXTerminal:
+
+    $ sudo host gw1.nl.ivpn.net
+     => gw1.nl.ivpn.net has address 85.12.8.104
+
+Back in the first LXTerminal, edit the config file, and save.
+
+    $ nano /home/pi/IVPN-config/edited/IVPN-Singlehop-Netherlands.conf
+    .............................
+    ...
+    remote 85.12.8.104 2049
+    auth-user-pass /tmp/user-pass
+    ...
+    verb 5
+    .............................
+
+Repeat for the route `IVPN-Singlehop-Germany`, and you should get:
+
+    $ nano /home/pi/IVPN-config/edited/IVPN-Singlehop-Germany.conf
+    .............................
+    ...
+    remote 178.162.193.154 2049
+    auth-user-pass /tmp/user-pass
+    ...
+    verb 5
+    .............................
+
+Copy VPN credentials and selected route configs to `/etc/openvpn`.
+
+    $ cd /home/pi/IVPN-config
+    $ sudo cp ca.crt client1.crt client1.key ta.key /etc/openvpn/
+    $ cd edited
+    $ sudo cp *.conf /etc/openvpn/
+
+Remove read rights on credentials for group and other.
+
+    $ cd /etc/openvpn
+    $ sudo chmod go-r ca.crt client1.crt client1.key ta.key
+
+Start `IVPN-Singlehop-Netherlands`.
+
+    $ sudo service openvpn start IVPN-Singlehop-Netherlands
+    [ ok ] Starting virtual private network daemon: IVPN-Singlehop-Netherlands.
+
+And check status.
+
+    $ sudo service openvpn status
+     [warn] No VPN autostarted ... (warning).
+     [FAIL] VPN 'IVPN-Singlehop-Germany' (non autostarted) is not running ... failed!
+     [ ok ] VPN 'IVPN-Singlehop-Netherlands' (non autostarted) is running.
+       
+     $ sudo ifconfig
+     ..................................................
+     eth0 ... inet addr:192.168.1.104 ...
+     eth1 ... inet addr:192.168.2.1 ...
+     lo ... inet addr:127.0.0.1 ...
+     tun0 ... inet addr:10.9.0.6  P-t-P:10.9.0.5 ...
+     .................................................
+
+In Epiphany, browse <https://whatismyipaddress.com/>
+  
+=> 85.12.8.104 [Base IP B.V.]
+
+Stop it and start `IVPN-Singlehop-Germany`.
+
+    $ sudo service openvpn stop
+    [ ok ] Stopping virtual private network daemon: IVPN-Singlehop-Netherlands.
+       
+    $ sudo service openvpn start IVPN-Singlehop-Germany
+    [ ok ] Starting virtual private network daemon: IVPN-Singlehop-Germany.
+       
+    $ sudo service openvpn status
+    [warn] No VPN autostarted ... (warning).
+    [ ok ] VPN 'IVPN-Singlehop-Germany' (non autostarted) is running.
+    [FAIL] VPN 'IVPN-Singlehop-Netherlands' (non autostarted) is not running ... failed!
+        
+    $ sudo ifconfig
+    eth0 ... inet addr:192.168.1.104 ...
+    eth1 ... inet addr:192.168.2.1 ...
+    lo ... inet addr:127.0.0.1 ...
+    tun0 ... inet addr:10.20.0.30  P-t-P:10.20.0.29 ...
+
+In Epiphany, browse <https://whatismyipaddress.com/>
+  
+=> 178.162.210.2 [Leaseweb Germany GmbH]
+
+## Configure /etc/hosts
+
+The above approach doesn't work for Raspbian wheezy repositories and NTP (time) servers, and so we use `/etc/hosts`. Update package lists, get the hostnames being hit, and use host to get the IP addresses.
+
+    $ sudo apt-get update
+    => hits mirrordirector.raspbian.org, archive.raspberrypi.org and raspberrypi.collabora.com
+        
+    $ sudo apt-get install ntpdate 
+    => also hits mirror.nl.leaseweb.net
+       
+    $ sudo host mirrordirector.raspbian.org
+    => 5.153.225.207
+    $ sudo host mirror.nl.leaseweb.net
+    => 94.75.223.121
+    $ sudo host archive.raspberrypi.org
+    => 93.93.128.211, 93.93.128.230, 93.93.130.39 and 93.93.130.214 
+    $ sudo host raspberrypi.collabora.com
+    => 93.93.128.223
+
+Now see what NTP servers are being hit, and use host to get the IP addresses.
+
+    $ sudo nano /etc/ntp.conf
+    => hits 0.debian.pool.ntp.org, 1.debian.pool.ntp.org, 2.debian.pool.ntp.org, and 3.debian.pool.ntp.org
+       
+    $ sudo host 0.debian.pool.ntp.org
+    => 67.198.37.16, 82.141.152.3, 87.195.109.207 and 95.213.132.250
+    $ sudo host 1.debian.pool.ntp.org
+    => 87.230.85.6, 92.63.212.161, 131.234.137.24 and 188.126.88.9
+    $ sudo host 2.debian.pool.ntp.org
+    => 77.245.18.26, 83.137.98.96, 85.214.108.169 and 193.224.65.146
+    $ sudo host 3.debian.pool.ntp.org
+    => 157.7.154.29, 176.74.25.228, 173.230.144.109 and 193.219.61.110
+
+Configure host and populate `/etc/hosts` with the above information.
+
+    $ sudo nano /etc/host.conf
+    ....................
+    multi on
+    order hosts bind nis
+    ....................
+    $ sudo nano /etc/hosts
+    ............................................
+    127.0.0.1        localhost
+    127.0.0.1        vpngateway
+    5.153.225.207    mirrordirector.raspbian.org
+    93.93.128.211    archive.raspberrypi.org
+    93.93.128.230    archive.raspberrypi.org
+    93.93.130.39     archive.raspberrypi.org
+    93.93.130.214    archive.raspberrypi.org
+    93.93.128.223    raspberrypi.collabora.com
+    94.75.223.121    mirror.nl.leaseweb.net
+    67.198.37.16     0.debian.pool.ntp.org
+    82.141.152.3     0.debian.pool.ntp.org
+    87.195.109.207   0.debian.pool.ntp.org
+    95.213.132.250   0.debian.pool.ntp.org
+    87.230.85.6      1.debian.pool.ntp.org
+    92.63.212.161    1.debian.pool.ntp.org
+    131.234.137.24   1.debian.pool.ntp.org
+    188.126.88.9     1.debian.pool.ntp.org
+    77.245.18.26     2.debian.pool.ntp.org
+    83.137.98.96     2.debian.pool.ntp.org
+    85.214.108.169   2.debian.pool.ntp.org
+    193.224.65.146   2.debian.pool.ntp.org
+    157.7.154.29     3.debian.pool.ntp.org
+    176.74.25.228    3.debian.pool.ntp.org
+    173.230.144.109  3.debian.pool.ntp.org
+    193.219.61.110   3.debian.pool.ntp.org
+    ............................................
+
+## Configure iptables
+
+Now that OpenVPN is working, configure iptables. But first make sure that the default iptables ruleset allows everything. That way, if you manage to lock yourself out, rebooting will restore access.
+
+    $ sudo nano /etc/iptables/rules.v4
+    .....................
+    *filter
+      
+    :INPUT ACCEPT [0:0]
+    :FORWARD ACCEPT [0:0]
+    :OUTPUT ACCEPT [0:0]
+      
+    COMMIT
+    .....................
+
+You want an iptables ruleset that blocks all non-VPN connections to the Internet. It drops all input, forward and output by default, so all desired traffic must be explicitly allowed. Further, various sorts of malformed packets are dropped early, as in adrelanos' VPN-Firewall.
+
+In the following ruleset, there are two placeholders: `IP-of-VPN-server` and `port-of-VPN-server`. They come from the OpenVPN configuration file. For `IVPN-Singlehop-Netherlands`, as we saw above, they are `85.12.8.104` and `2049`. For `IVPN-Singlehop-Germany`, they are `178.162.193.154` and `2049`. You will need a line for each IVPN server that you'll want to use.
+
+    $ sudo nano /etc/iptables/vpn-rules.v4
+    ...........................................................................................
+    *nat
+    
+    :PREROUTING ACCEPT [0:0]
+    :INPUT ACCEPT [0:0]
+    :OUTPUT ACCEPT [0:0]
+    :POSTROUTING ACCEPT [0:0]
+    
+    -A OUTPUT -o lo -j RETURN
+    -A POSTROUTING -o tun0 -j MASQUERADE
+    
+    COMMIT
+    
+    *filter
+    
+    :INPUT DROP [0:0]
+    :FORWARD DROP [0:0]
+    :OUTPUT DROP [0:0]
+    
+    -A INPUT -m state --state INVALID -j DROP
+    -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,ACK -j DROP
+    -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
+    -A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
+    -A INPUT -f -j DROP
+    -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j DROP
+    -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
+    
+    -A INPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -i lo -j ACCEPT
+    -A INPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT
+    -A INPUT -i eth0 -p tcp -m tcp -s 192.168.1.0/24 --dport 22 -j ACCEPT
+    -A INPUT -i eth1 -s 192.168.2.0/24 -j ACCEPT
+    -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
+    -A INPUT -j LOG --log-prefix "vpn-gw blocked input: "
+    -A INPUT -j DROP
+    
+    -A FORWARD -i eth1 -o tun0 -j ACCEPT
+    -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
+    -A FORWARD -j LOG --log-prefix "vpn-gw blocked forward: "
+    -A FORWARD -j REJECT --reject-with icmp-admin-prohibited
+    
+    -A OUTPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -o lo -j ACCEPT
+    -A OUTPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT
+    
+    -A OUTPUT -o eth0 -p tcp -m tcp -d 5.153.225.207/32 --dport 80 -j ACCEPT
+    -A OUTPUT -o eth0 -p tcp -m tcp -d 93.93.128.211/32 --dport 80 -j ACCEPT
+    -A OUTPUT -o eth0 -p tcp -m tcp -d 93.93.128.223/32 --dport 80 -j ACCEPT
+    -A OUTPUT -o eth0 -p tcp -m tcp -d 93.93.128.230/32 --dport 80 -j ACCEPT
+    -A OUTPUT -o eth0 -p tcp -m tcp -d 93.93.130.39/32 --dport 80 -j ACCEPT
+    -A OUTPUT -o eth0 -p tcp -m tcp -d 93.93.130.214/32 --dport 80 -j ACCEPT
+    
+    -A OUTPUT -o eth0 -p udp -m udp -d 67.198.37.16 --dport 123 -j ACCEPT
+    -A OUTPUT -o eth0 -p udp -m udp -d 77.245.18.26 --dport 123 -j ACCEPT
+    -A OUTPUT -o eth0 -p udp -m udp -d 82.141.152.3 --dport 123 -j ACCEPT
+    -A OUTPUT -o eth0 -p udp -m udp -d 83.137.98.96 --dport 123 -j ACCEPT
+    -A OUTPUT -o eth0 -p udp -m udp -d 85.214.108.169 --dport 123 -j ACCEPT
+    -A OUTPUT -o eth0 -p udp -m udp -d 87.195.109.207 --dport 123 -j ACCEPT
+    -A OUTPUT -o eth0 -p udp -m udp -d 87.230.85.6 --dport 123 -j ACCEPT
+    -A OUTPUT -o eth0 -p udp -m udp -d 92.63.212.161 --dport 123 -j ACCEPT
+    -A OUTPUT -o eth0 -p udp -m udp -d 95.213.132.250 --dport 123 -j ACCEPT
+    -A OUTPUT -o eth0 -p udp -m udp -d 131.234.137.24 --dport 123 -j ACCEPT
+    -A OUTPUT -o eth0 -p udp -m udp -d 157.7.154.29 --dport 123 -j ACCEPT
+    -A OUTPUT -o eth0 -p udp -m udp -d 173.230.144.109 --dport 123 -j ACCEPT
+    -A OUTPUT -o eth0 -p udp -m udp -d 176.74.25.228 --dport 123 -j ACCEPT
+    -A OUTPUT -o eth0 -p udp -m udp -d 188.126.88.9 --dport 123 -j ACCEPT
+    -A OUTPUT -o eth0 -p udp -m udp -d 193.219.61.110 --dport 123 -j ACCEPT
+    -A OUTPUT -o eth0 -p udp -m udp -d 193.224.65.146 --dport 123 -j ACCEPT
+    
+    \#  -A OUTPUT -o eth0 -p udp -m udp -d IP-of-VPN-server/32 --dport port-of-VPN-server -j ACCEPT
+    -A OUTPUT -o eth0 -p udp -m udp -d 85.12.8.104/32 --dport 2049 -j ACCEPT
+    -A OUTPUT -o eth0 -p udp -m udp -d 178.162.193.154/32 --dport 2049 -j ACCEPT
+    
+    -A OUTPUT -o tun0 -j ACCEPT
+    -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
+    -A OUTPUT -j LOG --log-prefix "vpn-gw blocked output: "
+    -A OUTPUT -j REJECT --reject-with icmp-admin-prohibited
+    
+    COMMIT
+    ...........................................................................................
+    
+    $ sudo iptables-restore < /etc/iptables/vpn-rules.v4
+
+Verify that you can still hit repository and NTP servers.
+
+    $ sudo apt-get update
+    => should see no errors
+    
+    $ sudo ntpdate
+    => should see no DNS errors, and "the NTP socket is in use, exiting"
+
+Now test IVPN-Singlehop-Netherlands and IVPN-Singlehop-Germany.
+
+    $ sudo service openvpn start IVPN-Singlehop-Netherlands
+       [ ok ] Starting virtual private network daemon: IVPN-Singlehop-Netherlands.
+      
+    $ sudo service openvpn status
+       [warn] No VPN autostarted ... (warning).
+       [FAIL] VPN 'IVPN-Singlehop-Germany' (non autostarted) is not running ... failed!
+       [ ok ] VPN 'IVPN-Singlehop-Netherlands' (non autostarted) is running.
+        
+    $ sudo ifconfig
+       eth0 ... inet addr:192.168.1.100 ...
+       eth1 ... inet addr:192.168.2.1 ...
+       lo ... inet addr:127.0.0.1 ...
+       tun0 ... inet addr:10.9.0.230  P-t-P:10.9.0.229 ...
+
+In Epiphany, browse <https://whatismyipaddress.com/>.
+  
+=> 85.12.8.106 [Base IP B.V.]
+
+Browse <https://www.grc.com/dns/dns.htm> and run standard test.
+  
+=> 85.12.5.11 is only reachable DNS server
+
+    $ sudo service openvpn stop
+       [ ok ] Stopping virtual private network daemon: IVPN-Singlehop-Netherlands.
+      
+    $ sudo service openvpn start IVPN-Singlehop-Germany
+       [ ok ] Starting virtual private network daemon: IVPN-Singlehop-Germany.
+        
+    $ sudo service openvpn status
+       [warn] No VPN autostarted ... (warning).
+       [ ok ] VPN 'IVPN-Singlehop-Germany' (non autostarted) is running.
+       [FAIL] VPN 'IVPN-Singlehop-Netherlands' (non autostarted) is not running ... failed!
+        
+    $ sudo ifconfig
+       eth0 ... inet addr:192.168.1.100 ...
+       eth1 ... inet addr:192.168.2.1 ...
+       lo ... inet addr:127.0.0.1 ...
+       tun0 ... inet addr:10.20.0.46  P-t-P:10.20.0.45 ...
+
+In Epiphany, browse <https://whatismyipaddress.com/>
+  
+=> 178.162.210.2 [Leaseweb Germany GmbH]
+
+Browse <https://www.grc.com/dns/dns.htm> and run standard test.
+  
+=> 178.162.193.154 is only DNS server
+
+Repeating the above, you will get different `inet addr` and `P-t-P` values, but they will always be in `10.9.0.0/16` for `IVPN-Singlehop-Netherlands`, and in `10.20.0.0/16` for `IVPN-Singlehop-Germany`. The DNS server for `IVPN-Singlehop-Netherlands` is `10.9.0.1`, and for `IVPN-Singlehop-Germany` it's `10.20.0.1`.
+
+Now it's time to reconfigure eth0 statically, because you no longer want the DNS server(s) that `192.168.1.1` pushes.
+
+    $ sudo nano /etc/network/interfaces
+    ........................
+    auto lo
+    iface lo inet loopback
+        
+    auto eth0
+    iface eth0 inet static
+       address 192.168.1.100
+       netmask 255.255.255.0
+       gateway 192.168.1.1
+        
+    auto eth1
+    iface eth1 inet static
+       address 192.168.2.1
+       netmask 255.255.255.0
+    ........................
+        
+    $ sudo ifdown eth0
+    $ sudo ifup eth0
+
+And now you can configure `/etc/resolv.conf` because DHCP won't be changing it.
+
+    $ sudo nano /etc/resolv.conf
+    ....................
+    domain localdomain
+    search localdomain
+    nameserver 10.9.0.1   
+    nameserver 10.20.0.1
+    ....................
+
+You'll need a `nameserver` line for each of the IVPN routes that you'll be using.
+
+Now that your iptables ruleset is working, you can rename it so it loads at bootup.
+
+    $ sudo mv /etc/iptables/rules.v4 /etc/iptables/open-rules.v4
+    $ sudo mv /etc/iptables/vpn-rules.v4 /etc/iptables/rules.v4
+    $ sudo iptables-restore < /etc/iptables/rules.v4
+
+## Add DHCP Server
+
+Now install and configure DHCP server on eth1.
+
+    $ sudo apt-get update
+    $ sudo apt-get install isc-dhcp-server
+    $ sudo cp /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.default
+    $ sudo nano /etc/dhcp/dhcpd.conf
+    ..........................................
+    ddns-update-style none;
+    default-lease-time 600;
+    max-lease-time 7200;
+    authoritative;
+    subnet 192.168.2.0 netmask 255.255.255.0 {
+       option subnet-mask 255.255.255.0;
+       option routers 192.168.2.1;
+       range 192.168.2.10 192.168.2.20;
+    }
+    ..........................................
+       
+    $ sudo cp /etc/default/isc-dhcp-server /etc/default/isc-dhcp-server.default
+    $ sudo nano /etc/default/isc-dhcp-server
+    .................
+    INTERFACES="eth1"
+    .................
+        
+    $ sudo service isc-dhcp-server start
+    [ ok ] Starting ISC DHCP server: dhcpd.
+
+## Test with Workspace Client
+
+Attach a computer to IVPN gateway Pi eth1, and test.
+
+    $ sudo ifconfig
+       => 192.168.2.10
+
+Browse <https://whatismyipaddress.com/>
+  
+=> 85.12.8.105 [Base IP B.V.]
+
+Browse <https://www.grc.com/dns/dns.htm> and run standard test.
+  
+=> 85.12.5.11 is only reachable DNS server
+
+## Lock Down SSH Server in Gateway
+
+Generate RSA key pair in workspace client.
+
+    $ ssh-keygen
+
+SCP public key to IVPN gateway Pi.
+
+    $ scp /home/pi/.ssh/id_rsa.pub pi@192.168.2.1:/home/pi/
+
+SSH to the IVPN gateway Pi.
+
+     $ ssh pi@192.168.2.1
+
+Working now on IVPN gateway Pi.
+
+    $ mkdir .ssh
+    $ nano /home/pi/.ssh/authorized_keys
+
+Hit Ctrl-R and read in /home/pi/id_rsa.pub, and save and exit.
+
+Now lock down sshd_config.
+
+    $ sudo nano /etc/ssh/sshd_config
+    ....................................................
+    ...
+    PermitRootLogin no
+    ...
+    AuthorizedKeysFile	/home/pi/.ssh/authorized_keys
+    ...
+    PasswordAuthentication no
+    ...
+    ....................................................
+    
+    $ sudo service ssh restart
+
+Open another LXTerminal in the workspace client to test SSH. It doesn't matter here, because the gateway Pi is accessible, but getting locked out of a remote server can be a hassle.
+
+    $ ssh pi@192.168.2.1
+    Enter passphrase for key '/home/pi/.ssh/id_rsa': xxxxxxxxxxxxxx
diff --git a/src/content/es/pages/privacy-guides/vpn-latency-explained.md b/src/content/es/pages/privacy-guides/vpn-latency-explained.md
new file mode 100644
index 000000000..95f416b34
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/vpn-latency-explained.md
@@ -0,0 +1,180 @@
+---
+title: 'Why and how a VPN affects your connection speed'
+author: Solène Rapenne
+url: /privacy-guides/why-and-how-a-vpn-affects-your-connection-speed/
+section: Basic
+weight: 25
+date: 2024-01-29T10:21:35+00:00
+layout: guides-details
+---
+# Introduction
+
+You may have heard or noticed that using [a VPN](https://www.ivpn.net/privacy-guides/what-is-a-vpn/) slows down your connection speed. This is expected behaviour, and inherent to how computer networks work.
+
+Network speed is measured with multiple parameters: **bandwidth**, **throughput** and **latency**. In this guide, you will learn about these three notions and how a VPN affects each.
+
+# Network speed explained
+
+Before diving into the explanations about speed performance impact of a VPN, it is important to understand what lies under network performance, more commonly called "Internet speed".
+
+## Latency
+
+Latency is the time required for a network packet to make a round trip from a host to another.
+
+It characterizes how a user feels the responsiveness when doing something over the network: a low latency, less than 50 milliseconds, is critical for audio and video calls and most online video games. An increased latency can be acceptable up to 150–300 milliseconds when browsing the Internet or reading emails, because these activities are not highly interactive.
+
+Why is there any latency in the first place? Computers are fast and get faster every year after all. Most of the latency occurring is due to the distance [a network packet](https://www.techtarget.com/searchnetworking/definition/packet) has to travel.
+
+In fact, our fastest communication transport medium is the optical fiber. It can only carry data at two third of light speed, as the light beam inside the fiber is bouncing with a specific angle instead of going in a straight line. Light travels at approximately 300 000 kilometers per second, this is fast, but not enough to avoid latency.
+
+With these numbers in mind and some math, we can conclude networks can transport data at best at 200 000 kilometers / 124274 miles per second. Using a better time unit for latency, like milliseconds, the previous speed can be converted to 200 kilometers or 124 miles per millisecond.
+
+It is important to remember that for latency, the travel time must be accounted twice: a first time to reach the remote host and a second time for the response. The best real world achievable latency at the moment of writing is approximately 1 ms for every 100 km / 62 miles of distance between two hosts, assuming there are no other equipment adding latency (like routers, commuters, amplifier), and that the optical fiber between the hosts does not make a detour.
+
+![](/img/latency-explained.png)
+
+Here is the average network latency of different technologies, measured between a home router and its ISP gateway.
+
+These numbers can help to weight the latency introduced by distance compared to the latency of the network access itself:
+
+- Server in a datacenter using Ethernet: 0.1 ms
+- Optical fiber: 1-5 ms
+- 5G: 2-20 ms
+- Coaxial: 3-25 ms
+- DSL: 25-70 ms
+- 4G: 30-70 ms
+- Low-orbit satellite: 40-70 ms
+- 3G: 100-500 ms
+- Dial-up: 150 ms
+- 2G: 300-1000 ms
+- Geostationary satellite: 700 ms
+
+Note that these values represents the time to reach the first hop within the ISP. The latency when connecting to a server over the Internet requires adding the latency between the ISP and the remote server to values above.
+
+In practice, the latency is slightly increased by each equipment on the network route between two peers because network packets must be handled and sent from one router to the other.
+
+## Bandwidth
+
+Another important speed metric for a network is its **bandwidth**, which is the maximum speed a network can sustain for a given period of time. Bandwidth is usually expressed in megabits per second (Mbps), but as optical fiber and 5G are getting more widespread, it is getting common to express it in gigabits per second (Gbps).
+
+Network bandwidth is not always symmetric, most of the time there is a larger bandwidth for receiving data than for sending data. As most users download more data than they upload, it made sense to allocate bandwidth this way.
+
+The bandwidth of a single connection with a remote host will always be limited and reduced down to the intermediary with the smallest bandwidth in the path.
+
+The bandwidth is what your ISP advertises as "speed", but in practice, it is the maximum theoretical speed achievable. It is hard to measure the bandwidth as you are likely to end up measuring throughput.
+
+## Throughput
+
+Finally, the last metric measuring and quantifying a network speed is the **throughput**. It is the actual amount of data going through the network for a given period of time. The throughput is usually measured in kilobytes per second (kB/s) or megabytes per second (MB/s).
+
+As a reminder, megabits are noted Mb while megabytes are noted MB. As 1 byte = 8 bits, there is a difference of a factor of 8 between the two.
+
+When watching a download progress bar, the associated speed displayed is the instant throughput.
+
+There are online services to measure your connection throughput. If you do so, make sure the service is able to deliver more data than your bandwidth, otherwise you would measure the throughput of the service itself. It would be like doing arm wrestling with someone weaker: you would end up measuring their force and not yours.
+
+# Network speed and peering
+
+There is a part of the *speed* that does not depend on your connection itself. When connecting to a remote server, the network traffic will be passed from a network operator to another, multiple times.
+
+Connections between network operators are called [peering](https://en.wikipedia.org/wiki/Peering).
+
+It is not uncommon to have peering issues on the Internet. They are usually short and remain unnoticed by most end users in that they only impact the servers behind a given network operator. Whereas a network issue at your ISP would impact all your network traffic and will be noticed very quickly.
+
+Exceptionally, there are known cases like the French ISP **Free** who was known for its poor peering ([source in French](https://www.ariase.com/box/actualite/lenteur-bridage-youtube-free-ufc-que-choisir)) with the network operator who serves YouTube since they could not find a trade agreement for years.  This ISP was also affected for almost two years by another major peering issue that cut it from most of IPv6 traffic ([source in French](https://www.mail-archive.com/frnog@frnog.org/msg59066.html)).
+
+# The impact of a VPN on Internet speed
+
+As you now are acquainted with the multiple facets of network speed, let's discuss how a VPN affects your Internet speed.
+
+## Latency
+
+### Single hop VPN
+
+When using a VPN with a single hop, the most common setup, latency is calculated by doing the sum of the latency to reach the VPN server and the latency between the VPN server and the destination.
+
+![](/img/latency-vpn-single-hop.png)
+
+In the figure above, illustrating a timing example with a single hop VPN, the latency with the website is measured at 20 ms from the client. However, it increases to 60 ms when using the VPN because the latency is the sum of the latency with the VPN and the latency between the VPN and the website.
+
+### Multi-hop VPN
+
+![](/img/latency-multi-hop.png)
+
+In the figure above, illustrating a timing example with a 2 hops VPN, the latency with the website is 20 ms from the client. The latency increases to 150 ms when using the VPN. A multi-hop VPN will always have a higher latency than a single hop tunnel. Keep in mind that a multi-hop VPN will a lot higher latency when the two hops are on different continents as it involves a higher distance.
+
+### Greater distance = Greater latency
+
+**When using a VPN, a large part of the latency is due to the distance.**
+
+While the latency between you and a close remote server can be low, using a VPN located in another country will drastically increase the latency, due to the distance.
+
+The latency magnitude of order should not change when using a VPN, as long as you avoid having your network traffic doing a round-trip around the planet for each data packet.
+
+For instance, for a user located in New York connecting to their email provider server in Switzerland, choosing a VPN exit node in France would not add much latency since it's almost on the path between the user and the remote server. If the user chooses a VPN exit node in Asia, the latency will be a lot higher as each network packet would have to travel from New York to Asia, Asia to Switzerland, and finally travel back the other way around.
+
+Another example, the user is still in New York, but connects to a server in the same city. In this case the latency without a VPN would be very low. However, as soon as they choose a VPN exit node outside the country, the latency will be much higher.
+
+### Bandwidth and VPN overhead
+
+Once tunneled through a VPN, your connection bandwidth becomes limited to the VPN bandwidth if the VPN exit node bandwidth is smaller than yours.
+
+In addition, a VPN adds a data overhead in that the actual data going through the encrypted tunnel is carried over [clearnet](https://www.urbandictionary.com/define.php?term=clearnet) network packets. When using a VPN, the actual [data payload](https://networkengineering.stackexchange.com/a/35021) is reduced by overhead of the VPN protocol.
+
+What happens here is similar as sending a package to someone by post, but that package is sealed within another package: the real payload of the inner package is smaller than the payload of the outer package.
+
+When chaining multiple VPNs, the available network payload is reduced proportionally to the number of VPN used.
+
+The network overhead is specific to the protocol: OpenVPN adds an overhead of 41 bytes per packet, whereas [WireGuard overhead](https://en.wikipedia.org/wiki/WireGuard#MTU_overhead) is 32 bytes per packet.
+
+When using OpenVPN or WireGuard over [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol), there is an extra 28 bytes for the UDP headers over the clearnet. But when using OpenVPN over [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol), 40 bytes are necessary. WireGuard is not available over TCP.
+
+When an obfuscation protocol is used to circumvent censorship, like [obsfproxy](https://2019.www.torproject.org/docs/pluggable-transports) or [V2Ray](https://www.v2ray.com/en/), the overhead generated is important since the network packets are modified to prevent [Deep Packet Inspection](https://www.fortinet.com/resources/cyberglossary/dpi-deep-packet-inspection) to detect a VPN traffic. For instance, V2Ray can be configured to make the VPN traffic **appear** as a plain text HTTP traffic, or as an encrypted [WebRTC video call](https://webrtc.org/), which is the common protocol used by all conferencing services.
+
+### MTU
+
+It is not possible to talk about VPN performance without mentioning [MTU (Maximum Transmission Unit)](https://www.cloudflare.com/fr-fr/learning/network-layer/what-is-mtu/), since it is often related to VPN speed issues.
+
+The MTU represents the maximum data size a network packet can carry, it's usually 1500 bytes for [IPv4](https://en.wikipedia.org/wiki/Internet_Protocol_version_4).
+
+When doing an action over the network, a packet is sent to a remote server. In addition to the data transmitted there are metadata such as "source address", "destination address", "date and time" and "port". Metadata use 20 bytes for IP packets, 20 extra bytes for TCP packets or 8 extra bytes for UDP packets.
+
+When a network packet is carried over TCP/IP, the useful data contained in a packet is 1500-20-20 = 1460 bytes. In the context of TCP over IP, the payload is named [MSS (Maximum Segment Size)](https://en.wikipedia.org/wiki/Maximum_segment_size), it represents the actual size of useful data that can be carried over a single packet.
+
+VPN performance is impacted when the VPN network packets do not fit in the clearnet MTU, this produces [IP fragmentation](https://en.wikipedia.org/wiki/IP_fragmentation). As the payload (the VPN packet) is too large to fit in the network packet, that packet gets split in two smaller parts. In the end, there are twice the number of network packets for almost no payload increase. This produces an important overhead, which usually reduce the bandwidth by two digits percent.
+
+In a correct setup, the VPN MTU fits in the payload of the network layer above it.
+
+## Throughput
+
+Lastly, the most representative speed metric over a VPN is the throughput when loading remote content.
+
+As explained earlier, the throughput is already be limited to the smallest **bandwidth** in the path between you and the remote host.
+
+In addition, the VPN server's bandwidth should be large enough to sustain the traffic of all users. If a VPN provider has too many users per server, those servers' throughput will be affected negatively which translates into a slow throughput for each user.
+
+The chosen VPN protocol also affects the throughput. OpenVPN is often measured as a dozen percent slower than WireGuard, and thus provides a lower speed. While it is difficult to find objective and reliable performance test of both protocols, here are two tests that appear to be neutral and honest: [WireGuard - review & benchmark](https://r4ven.fr/en/blog/wireguard-benchmark-presentation-tuto/#d---benchmark--openvpn-vs-wireguard) and [Is WireGuard faster than OpenVPN?](https://vladtalks.tech/vpn/is-wireguard-faster-than-openvpn).
+
+# Can a VPN make my connection faster?
+
+Some VPN providers claim that their VPN can improve customers latency and speed. As explained above, a VPN only adds overhead and latency, so their claims are likely to be false in most cases.
+
+However, there are some special cases where a VPN could indeed improve speed and/or latency:
+
+- In some enterprise networks or large public Wi-Fi, it is common to define a [quality of service](https://en.wikipedia.org/wiki/Quality_of_service) policy limiting the bandwidth of each user in order to offer a fair share for everyone. In some countries, [ISPs may practice bandwidth throttling](https://en.wikipedia.org/wiki/Bandwidth_throttling#Comcast_Corp._v._FCC) as well. **In such situations, if the VPN traffic is not throttled**, one can say the VPN improves connection speed.
+
+- In case of a peering issue in the path between the user and a remote server. By using a VPN, the network traffic is likely to use a different network path without the peering issue.
+
+If you are not concerned or impacted by these cases, a VPN will not improve your connection speed.
+
+# Conclusion
+
+You learned about **latency**, **bandwidth** and **throughput**. A VPN negatively affects all of them to some degree.
+
+The higher your bandwidth is, the higher the chance it will be limited by a VPN. In fact, many people got access to gigabit (1 Gbps) internet access [over the last years](https://gigabitmonitor.com/), while the network bandwidth available in datacenters did not increase proportionally. The servers used by VPN operators are often bandwidth limited by their network provider, and 10 Gbps networks accesses are still not widespread in hosting companies.
+
+When it comes to latency, since it's related to the travelled distance of network packets when using a VPN, you may want an exit node closer or farther from your location. Deciding which exit node to use comes down to a balance between speed penalty and privacy:
+
+- You can choose an exit node close to you, this will reduce the latency overhead.
+- You can choose an exit node close to your destination. In practice, this is hard to achieve, unless you know where a server is located. This will also negatively affect the latency to other destinations.
+- You can choose an exit node far away in another country or use a multi-hop setup. This will increase the latency, but it's more likely to improve your privacy by [avoiding NetFlow surveillance](https://www.ivpn.net/privacy-guides/isp-netflow-surveillance-and-vpn/), as the ISP of the exit node has less chance to be acquainted with your ISP or your country's government.
diff --git a/src/content/es/pages/privacy-guides/vpn-vs-tor.md b/src/content/es/pages/privacy-guides/vpn-vs-tor.md
new file mode 100644
index 000000000..02cabac48
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/vpn-vs-tor.md
@@ -0,0 +1,213 @@
+---
+title: VPN vs Tor
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/vpn-vs-tor/
+section: Basic
+weight: 60
+articles: [
+  {
+    title: "What is a VPN?",
+    url: "/privacy-guides/what-is-a-vpn/"
+  },
+  {
+    title: "Why use Tor with a VPN service?",
+    url: "/privacy-guides/why-use-tor-with-a-vpn-service/"
+  },
+  {
+    title: "Will a VPN Protect Me? Defining Your Threat Model",
+    url: "/privacy-guides/will-a-vpn-protect-me/"
+  }
+]
+date: 2015-09-30T07:56:13+00:00
+layout: guides-details
+---
+{{< raw-html >}}
+<table class="table--data vpnprotocols">
+  <tr>
+    <th style="padding: 5px 5px 5px 5px;" width="20%">
+    </th>
+    <th style="padding: 5px 5px 5px 25px;" width="40%">
+      <b>VPN Services</b>
+    </th>
+    <th style="padding: 5px 5px 5px 25px;" width="40%">
+      <b>Tor</b>
+    </th>
+  </tr>
+  <tr>
+    <td>
+      <strong>Design</strong>
+    </td>
+    <td>
+      VPN protocols were developed in the 80s-90s for securing government and commercial networks. The first VPN services appeared in the mid 90s. They provide secure, private wormhole tunnels through the public Internet from client apps to VPN servers.
+    </td>
+    <td>
+      Tor is a second-generation onion-routing anonymity system. It was developed at the U.S. Naval Research Laboratory in the early 00s, and then released into the public domain. It's now managed by an NGO, the Tor Project.
+    </td>
+  </tr>
+  <tr>
+    <td>
+      <strong>Source(s) of Funding</strong>
+    </td>
+    <td>
+      VPN services are generally private firms or NGOs.
+    </td>
+    <td>
+      The Tor Project has been <a href="https://www.torproject.org/about/sponsors.html.en">funded</a> primarily by U.S. government programs.
+    </td>
+  </tr>
+  <tr>
+    <td>
+      <strong>Number of Hops to Exit</strong>
+    </td>
+    <td>
+      Most are one-hop. A few are two- or three-hop.
+    </td>
+    <td>
+      Normally, there are three hops. For onion (aka `hidden`) services, clients and servers each use three-hop circuits to reach rendezvous nodes.
+    </td>
+  </tr>
+  <tr>
+    <td>
+      <strong>Number of Independent Hops</strong>
+    </td>
+    <td>
+      One, because one provider runs them all.
+    </td>
+    <td>
+      Three by design, but collusion is possible.
+    </td>
+  </tr>
+  <tr>
+    <td>
+      <strong>Number of Servers</strong>
+    </td>
+    <td>
+      There are typically 10-100, but some services claim as many as a few hundred.
+    </td>
+    <td>
+      There are <a href="https://metrics.torproject.org/relayflags.html">over 6000</a>.
+    </td>
+  </tr>
+  <tr>
+    <td>
+      <strong>Number of Possible Routes through System</strong>
+    </td>
+    <td>
+      For even the largest VPN services, there are at most a few hundred distinct routes.
+    </td>
+    <td>
+      That depends on <a href="https://metrics.torproject.org/relayflags.html">relay availability</a>. With ~1700 entry guards, ~1000 exit relays and ~2300 non-entry/non-exit relays, about four billion distinct circuits are possible.
+    </td>
+  </tr>
+  <tr>
+    <td>
+      <strong>Frequency of Route Change</strong>
+    </td>
+    <td>
+      That depends on the provider. For most providers, it's done manually, either in custom clients or by users. A few VPN providers offer custom clients that change routes automatically.
+    </td>
+    <td>
+      Each connection by an app uses a new, dedicated circuit. And circuits are replaced at ten minute intervals, unless they've been pinned open by active connections.
+    </td>
+  </tr>
+  <tr>
+    <td>
+      <strong>Chance of Getting Recently-Used Routes</strong>
+    </td>
+    <td>
+      There are few possible routes, so reuse is likely on a scale of days (or at most weeks, for the largest providers).
+    </td>
+    <td>
+      With billions of possible routes, reuse is unlikely on a scale of months, or even years.
+    </td>
+  </tr>
+  <tr>
+    <td>
+      <strong>What does your ISP know?</strong>
+    </td>
+    <td>
+      It knows only that you're using a VPN service.
+    </td>
+    <td>
+      It knows only that you're using Tor.
+    </td>
+  </tr>
+  <tr>
+    <td>
+      <strong>Anonymity: Who knows what about you?</strong>
+    </td>
+    <td>
+      VPN providers: 1) know that you have an account; 2) know your IP address when you connect; and 3) know what Internet sites you visit. And they can see all content that's not end-to end encrypted with Internet sites. However, reputable (and prudent) providers don't look at traffic, keep logs, or associate entry and exit activity.
+    </td>
+    <td>
+      There are normally three relays in a circuit. All traffic is encrypted between users and exit relays. So like VPN providers, exit relay operators can see all content that's not end-to end encrypted with Internet sites. However, only entry relays (aka entry guards) know your IP address, and they don't see your Internet destinations, other metadata, or content. Middle relays isolate entry guards and exit relays. Their operators don't know your IP address. And they also don't see your Internet destinations, other metadata, or content.
+    </td>
+  </tr>
+  <tr>
+    <td>
+      <strong>Distribution of Trust</strong>
+    </td>
+    <td>
+      You must trust the VPN provider.
+    </td>
+    <td>
+      Although the code is freely available for review, virtually all users must trust the system design, and some mix of those who implemented it and those who reviewed it. By design, there's no need to trust any particular resource contributor. But collectively, you must trust the group that manages core directory servers for relays and onion servers. And you must trust that enough relay operators are honest, and not colluding with each other to deanonymize you. And finally, you must trust that system attacks will be detected and mitigated.
+    </td>
+  </tr>
+  <tr>
+    <td>
+      <strong>Security and Privacy:</strong> Who can see and mess with your data?
+    </td>
+    <td>
+      As long as the service uses the <a href="https://www.ivpn.net/pptp-vs-l2tp-vs-openvpn">secure IPSec or OpenVPN protocols</a>, adversaries between you and the VPN server can't see or alter your traffic. They can block it, of course. But the connection is encrypted with <a href="https://en.wikipedia.org/wiki/Forward_secrecy">perfect forward secrecy</a>. Even if an adversary somehow manages to decrypt some of the VPN traffic, that won't allow them to easily decrypt past or future traffic. The VPN provider, of course, can see traffic that it's handling. And your traffic is exposed after it leaves the VPN exit. So it's important to employ end-to-end encryption with Internet destinations (e.g., HTTPS for websites, and TLS for email).
+    </td>
+    <td>
+      Tor connections are multiply encrypted, all with <a href="https://en.wikipedia.org/wiki/Forward_secrecy">perfect forward secrecy</a>. Your connection to the exit relay is encrypted. So is your connection to the middle relay, which is relaying traffic to the exit relay. And so is your connection to the entry guard, which is relaying traffic to the middle relay, and so on. Given that, only the exit relay operator can see and mess with your data. And as with VPN services, your traffic is exposed after it leaves the exit. So it's important to employ end-to-end encryption with Internet destinations (e.g., HTTPS for websites, and TLS for email).
+    </td>
+  </tr>
+  <tr>
+    <td>
+      <strong>Ease of Use</strong>
+    </td>
+    <td>
+      VPN services are the simplest type of anonymity system that's secure and reliable. VPN servers automatically proxy all of the client's Internet traffic. There's no need to configure apps. They're usually very easy to setup, with client software (or perhaps just configuration files) from providers.
+    </td>
+    <td>
+      <a href="https://www.torproject.org/projects/torbrowser.html.en">Tor browser</a> is very easy to install, but only browser traffic uses Tor. It's not designed to easily route other apps via Tor. And using the plain Tor client is complicated, and not well documented for new users. Other options include the <a href="https://tails.boum.org/">Tails LiveDVD</a>, and <a href="https://www.whonix.org/">Whonix</a>, which is a pair of VirtualBox VMs. Both include numerous apps. Using Whonix, even misconfigured apps cannot bypass Tor.
+    </td>
+  </tr>
+  <tr>
+    <td>
+      <strong>Speed and Latency</strong>
+    </td>
+    <td>
+      VPN services are typically very fast, only slightly worse than plain ISP uplinks. Latency (time delay) depends on the distance to the VPN server, and network conditions. But it's generally less than 0.1 second, which is not very noticeable (except for some gameplay).
+    </td>
+    <td>
+      Speed varies greatly, depending on the capabilities of intervening relays, and how much traffic they're handling. Also, for better security, each client now chooses just one entry guard at first run, and it sticks with that choice for about six months. Although the system excludes slow relays as entry guards, entry guards can become overloaded. It may be necessary to delete the Tor configuration, in order to force the selection of a new entry guard. Latency (time delay) is much greater than with VPNs, sometimes as great as 0.5 second (or even 1 second). That is especially problematic for websites that do a lot of back-and-forth with browsers. Blocking ads and Javascript typically helps.
+    </td>
+  </tr>
+  <tr>
+    <td>
+      <strong>Potential Pitfalls, and Mitigation</strong>
+    </td>
+    <td>
+      VPN connection may drop, and while it's reconnecting, traffic may reach Internet sites directly - some VPN client apps prevent that - and one can also block bypass using firewall rules - also potential for DNS leaks - VPN server tells your client app what DNS servers to use - but your computer also knows about DNS servers from your ISP - so when the VPN is connected, it may access ISP-associated DNS servers - and that may reveal your VPN exit IP address to your ISP - some VPN client apps also prevent that - and one can also block DNS bypass using firewall rules
+    </td>
+    <td>
+      If your apps and/or Tor are misconfigured, you'll be accessing the Internet directly, at least in part. And it's all too easy to get caught, by not knowing what to worry about. A classic example is using BitTorrent via Tor. It's very hard to force all BitTorrent connections to use Tor. That's because BitTorrent apps are designed for speed, and not for security. Given the risks in using the <a href="https://www.torproject.org/projects/torbrowser.html.en">Tor browser</a>, it's best to use either the <a href="https://tails.boum.org/">Tails LiveDVD</a> or <a href="https://www.whonix.org/">Whonix</a>. Also see <a href="https://www.torproject.org/download/download-easy.html.en#warning">Want Tor to really work?</a>
+    </td>
+  </tr>
+  <tr>
+    <td>
+      <strong>Conclusion</strong>
+    </td>
+    <td>
+      VPN services are an excellent choice where speed, and privacy from local adversaries, are most important. They also provide limited anonymity on the Internet, but that's vulnerable to adversaries who can coerce providers, or snoop on their servers. See <a href="/privacy-guides/will-a-vpn-protect-me/">Will a VPN Protect Me?</a> and <a href="/privacy-guides/adversaries-and-anonymity-systems-the-basics/">Adversaries and Anonymity Systems</a>. They're easy to install and use. Once setup properly, they reliably handle all Internet traffic.
+    </td>
+    <td>
+      When the Tor client starts, it displays a warning: `This is experimental software. Do not rely on it for strong anonymity.` But there's arguably no better alternative. See <a href="/privacy-guides/adversaries-and-anonymity-systems-the-basics/">Adversaries and Anonymity Systems</a>. And so Tor is the best choice when anonymity is most important. But Tor is much slower than VPN services. And you must <a href="https://www.torproject.org/download/download-easy.html.en#warning">use it properly</a>.
+    </td>
+  </tr>
+</table>
+{{< / raw-html >}}
\ No newline at end of file
diff --git a/src/content/es/pages/privacy-guides/what-is-a-vpn.md b/src/content/es/pages/privacy-guides/what-is-a-vpn.md
new file mode 100644
index 000000000..5b40953f0
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/what-is-a-vpn.md
@@ -0,0 +1,195 @@
+---
+title: What is a VPN?
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/what-is-a-vpn/
+section: Basic
+weight: 70
+articles: [
+  {
+    title: "Why use Tor with a VPN service?",
+    url: "/privacy-guides/why-use-tor-with-a-vpn-service/"
+  },
+  {
+    title: "Will a VPN Protect Me? Defining Your Threat Model",
+    url: "/privacy-guides/will-a-vpn-protect-me/"
+  }
+]
+date: 2015-09-30T07:41:31+00:00
+layout: guides-details
+---
+## Introduction
+
+The Internet is an incredible thing. Computers around the planet can communicate with each other through it. However, the Internet is public space. And in public spaces, bad things can sometimes happen. That's why we have private space, which we can secure and trust. But how can private space be created among widely separated computers, which can only reach each other through the Internet?
+
+Virtual private network (VPN) connections make that possible. Superficially, they serve as private wormhole tunnels through the Internet. We'll unpack that description shortly. In any case, whatever VPNs actually are, they are used primarily in two ways. First, organizations and groups use VPNs to securely interconnect widespread locations. Second, they use VPNs to enable secure access by remote staff and customers.
+
+This article focuses on **VPN services**, which provide enhanced security and privacy to their users. By default, users reach the Internet directly through [Internet Service Provider (ISP)][1] gateways, which they typically reach through dialup, DSL, cable, fiber, LTE or Wi-Fi:
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/Connection-No-VPN-light.png"
+        srcset="/images-static/uploads/Connection-No-VPN-light.png 1x, /images-static/uploads/Connection-No-VPN-light@2x.png 2x"
+        alt="Connection Without VPN" />
+    <img class="features__image--dark" src="/images-static/uploads/Connection-No-VPN-dark.png"
+        srcset="/images-static/uploads/Connection-No-VPN-dark.png 1x, /images-static/uploads/Connection-No-VPN-dark@2x.png 2x"
+        alt="Connection Without VPN" />
+</figure>
+{{< / raw-html >}}
+
+ISPs know what sites users are accessing. They can see and modify all content that's not end-to-end encrypted. For example, they can add [tracking supercookies][3]. They can also block or throttle traffic, based on destination, traffic type, aggregate bandwidth usage, or whatever.
+
+Those concerns are not problematic, as long as ISPs are serving their users' interests, respecting their privacy, and adequately securing their networks. But they do become problematic when ISPs act against users' interests. For example, governments may pressure ISPs to block access to certain sites. They may require ISPs to log and report online activity. ISPs may even provide [full-traffic intercept capability][4].
+
+VPN services route their users' Internet traffic through private tunnels to remote exit servers:
+
+{{< raw-html >}}
+<figure>
+    <img class="features__image--light" src="/images-static/uploads/Connection-One-VPN-light.png"
+        srcset="/images-static/uploads/Connection-One-VPN-light.png 1x, /images-static/uploads/Connection-One-VPN-light@2x.png 2x"
+        alt="Connection With VPN" />
+    <img class="features__image--dark" src="/images-static/uploads/Connection-One-VPN-dark.png"
+        srcset="/images-static/uploads/Connection-One-VPN-dark.png 1x, /images-static/uploads/Connection-One-VPN-dark@2x.png 2x"
+        alt="Connection With VPN" />
+</figure>
+{{< / raw-html >}}
+
+There's nothing private beyond the exit server, just the Internet. Still, VPN services protect their users in three main ways. First, they protect users from voyeurs, trackers, hackers, censors and other adversaries who can access networks between the user and the VPN service. Such adversaries can detect the VPN tunnel, and they can measure traffic volume. They can block the tunnel, but it's all or none. And they can't see, modify or specifically block any traffic inside the tunnel, whether it's end-to-end encrypted or not.
+
+Second, VPN services may allow users to bypass geographic access restrictions imposed by some websites. Websites normally see traffic coming from a user's [Internet Protocol (IP) address][6], which is assigned by their ISP. And they can get the geographical location of that IP address from services such as [MaxMind][7].{{< raw-html >}}<sup><a href="#note-1"><b>1</b></a></sup>{{< / raw-html >}} You can see your current IP address using [What Is My IP Address][8]. While you're using a VPN service, websites instead see the VPN service's IP address. And so you just pick a VPN exit server with an IP address that's acceptable to the website that you want to access.
+
+Third, VPN services allow users to be more anonymous. That's because users are typically sharing a particular VPN exit server with many other users. And they can easily switch to a different VPN exit server. However, websites can identify and track users in many ways.{{< raw-html >}}<sup><a href="#note-2"><b>2</b></a></sup>{{< / raw-html >}} The Wall Street Journal published an excellent [series on tracking][9] in 2010-2012. You may have seen a [No Not Track][10] option in your browser. However, [`by and large, the advertising industry ignores them`][11]. The W3C Technical Architecture Group (TAG) has published its opinion that [`unsanctioned tracking`][12] is harmful to the Web.
+
+Of course, users are vulnerable to VPN services in the same ways that they're vulnerable to ISPs. But there's a crucial distinction: People have far more freedom and discretion in choosing VPN services. Let's say that your government censors and/or monitors Internet access. And let's say that it has compromised all available ISPs. Even if that's so, you can choose a VPN service in another jurisdiction. And you can choose one where it's much harder for your government to compromise things and obtain information.
+
+## What Are VPNs?
+
+OK, so what <u>is</u> a virtual private network? As you probably discovered before finding this page, there's a lot out there about VPNs. Unfortunately, most of it is either highly technical, or highly simplistic. Worse, much of the technical material is dated and/or misguided, and much of the simplistic material merely promotes a particular VPN service. This article takes a middle course. It does mention various technical issues, but for the most part leaves that to linked resources.
+
+First, what is a <u>network</u>? In this context, a network is a system of computers and other devices that are interconnected by communications links. Those links may be wires, coaxial cables, optical fibers, microwave beams, and so on. Most simply, one may consider networks to include just the communications links and terminating gateways. The gateways mediate and regulate connections by other devices.
+
+The first computer networks were all <u>private</u>, comprising devices located in private space, such as a building or an institutional campus. For such [Local Area Networks (LANs)][13] in private spaces, physical access control may provide sufficient security. But private LANs are nontrivial for geographically widespread devices. Dedicated connections are expensive, and they [don't scale well][14]. And so it's generally necessary to share long-distance communications links. Today, that pretty much means connecting through the Internet.
+
+If you need secure and private connections, that's a serious problem. In [devising network communication protocols][15], engineers at first assumed that connected devices (and their users) could trust each other, and could also trust the network itself. That was an acceptable assumption for private LANs, operated by the military. But it becomes iffy for shared networks. And it fails utterly for the Internet. The Internet is an utterly public network, and it cannot prudently be trusted.{{< raw-html >}}<sup><a href="#note-3"><b>3</b></a></sup>{{< / raw-html >}}
+
+The solution was [virtual][16] private network (VPN) connections through the untrusted Internet. Efforts in the 80s to secure government and commercial networks culminated in the [Internet Protocol Security suite (IPsec)][17]. It was the first secure VPN technology. IPSec and other VPNs rely on [encapsulation][18].
+
+In the early 90s, Netscape spearheaded development of the Secure Sockets Layer (SSL) protocol for secure (authenticated and encrypted) web browsing. It's been largely replaced by the more-secure [Transport Layer Security (TLS) protocol][19]. Three notable open-source VPN packages now implement network tunneling with SSL/TLS for security: [OpenVPN][20], [OpenConnect][21] and [SoftEther][22]. Many VPN services provide IPsec combined with a tunneling protocol (L2TP) that simplifies setup. L2TP/IPsec works best on iOS and Android. However, it's apparently more vulnerable than OpenVPN to [exploitation by the NSA and friends][23]. Microsoft introduced its Point-to-Point Tunneling Protocol (PPTP) in Windows NT and Windows 95. It is [not very secure][24]. Please see this [comparison of PPTP, L2TP/IPSec and OpenVPN][25] .
+
+To reiterate, encrypted traffic between a VPN server and a client creates a virtual armored cable between them. Intermediaries (and adversaries with access) can see the virtual cable, but they can't see the data that it carries. VPNs are actually more like very tough yet elastic hoses, which change `diameter` depending on how much data is flowing through them. That provides adversaries with some information about online activity, but not actual traffic data.
+
+## Why Do We Need VPNs When We Have HTTPS? {#toc_2}
+
+The [TLS protocol][19] in [Secure HTTP (HTTPS)][26] provides solid transport security. That is, it protects ongoing connections from adversaries. But otherwise, HTTPS is fatally flawed. It's fatally flawed because server authentication depends on hierarchical systems of certificate authorities, starting with trusted root certificates bundled in browsers. That's a problem. Consider the Superfish adware that Lenovo [included on consumer notebooks][27]. By adding its own root certificate to browsers, Superfish could intercept HTTPS connections, and replace websites' ads with its own ones. In other words, it carried out [man-in-the-middle (MitM) attacks][28] on Lenovo customers.
+
+But it's far from the worst problem. Let's say that you visit <https://search.disconnect.me/>. How does your browser know that it's connected directly to that site, and that the connection hasn't been intercepted in a MitM attack? Supposedly, the browser knows because it can follow a chain of trust from the site's certificate through various intermediate certificate authorities, back to one of the root certificates that it trusts. But trust chains are typically very long and complex. And if one of those intermediate certificate authorities has [done something foolish][29] or [been compromised][30], websites can be spoofed or MitM'ed.
+
+Using a VPN service, you get certificates from the provider. Once you've securely obtained them, there is no ambiguity when client apps authenticate the provider's VPN servers. A client won't connect unless a server proves that it has the requisite [certificate authority (CA) certificate][31]. There are no intermediate certificate authorities that must be trusted. And so MitM attacks are [much harder][32]. Even so, VPNs only protect against adversaries between a user and a VPN server.
+
+## There Are Bigger Problems
+
+Even after decades of security hardening, the Internet remains vulnerable in fundamental ways through unwarranted trust. There are two key vulnerabilities. First, let's say that you want to use [Google][33]. In order to load the page, your browser must translate _www.google.com_ into a suitable IP address. Google has many server clusters, in data centers around the world. The name servers specified in Google's domain registration are the best source for the IP address of a nearby Google server that's not too busy. But if everyone hit Google's primary name servers directly, they would crash and burn. And so there is a hierarchical global network of name servers, known as the [Domain Name System (DNS)][34], which forward and temporarily cache that information.
+
+The process begins with name servers that your computer knows about. By default, those typically belong to your ISP. Google being so popular, those name servers will likely have the answer. But if they didn't, they would ask their ISP's name servers. And so on up the hierarchy to Google's primary name servers. Although the system works well for the most part, it is [vulnerable to spoofing and denial of service (DOS) attacks][35] by adversaries.
+
+For example, let's say that your government doesn't want you to use Google. And so it requires all domestic ISPs to point _www.google.com_ at some non-Google IP address. That's called [DNS spoofing (or cache poisoning)][36]. And it's a common practice.{{< raw-html >}}<sup><a href="#note-4"><b>4</b></a></sup>{{< / raw-html >}} There is an easy workaround: just configure your computer to use [third party DNS servers][37].{{< raw-html >}}<sup><a href="#note-5"><b>5</b></a></sup>{{< / raw-html >}} However, that isn't always sufficient, because traffic to those DNS servers can also be blocked or misdirected.
+
+Second, there is a [fundamental vulnerability][38] in the Internet [Border Gateway Protocol (BGP)][39]. Once your browser knows a website's IP address, BGP enables your ISP (and other intervening ISPs) to properly route your traffic to that destination. What's problematic is that BGP foolishly assumes that Internet routers can [trust each other][40]. But that [doesn't always work out][41].
+
+Sometimes it's just mistakes. In June-2015, [Telekom Malaysia][42] announced routes to much of southeast Asia and Australia, and then it promptly choked on the massive traffic that ensued. That is, Telekom Malaysia's mistake prevented people in London (for example) from accessing sites in Singapore, Hong Kong, Sydney and so on. But sometimes one wonders. In 2010, China Telecom [`hijacked` a large chunk of the Internet][43]. Although there's no proof, the Chinese might have monitored and logged on a massive scale. Or instead, they could have just [null routed][44] everything.
+
+VPN services can mitigate at least some DNS vulnerabilities, by tunneling beyond area controlled by an adversary. Most countries use DNS spoofing (cache poisoning) to deny access to forbidden websites. But most countries can't poison the entire DNS hierarchy. For example, in 2014 [the Turkish government banned Twitter and YouTube through DNS poisoning][45]. And then, as users started using Google's DNS servers to get around the ban, it blocked access to them as well. However, all of those blocks were implemented through Turkish ISPs. So VPN users could reach routes and DNS servers that were not under Turkish control.
+
+## But VPNs Aren't Perfect {#toc_4}
+
+ISPs can also block VPN connections. Iran and China notoriously do. It's not hard to detect VPNs. The [OpenVPN][46] and [IPSec][47] protocols are both distinctive. ISPs can just look at packet types, sequences and patterns. That's known as [deep packet inspection][48]. Also, their systems test suspected VPN servers for VPN-specific response patterns.
+
+One can hide ([encapsulate][49]) VPN traffic in other tunnels. There are good introductions [here][50] and [here][51]. Open-source tools include [SSH][52], [SSL][53] (_e.g._, [stunnel][54]) and [obfsproxy][55] (developed by the Tor Project). There is also a [patch for OpenVPN][56]. And some VPN services use various methods that are proprietary and closed-source. However, the shape of the initial connection dialog between client and server is [distinctive][57]. And that's hard to obfuscate without [padding][58]. But padding wastes bandwidth, so there's a trade-off.{{< raw-html >}}<sup><a href="#note-6"><b>6</b></a></sup>{{< / raw-html >}}
+
+If your ISP is hijacking BGP, you can bypass using VPNs. As long as they're not blocked, anyway. More generally, that's the case whenever you're inside of some controlled space (_e.g._, corporate and university networks) or subject to a national firewall. As long as the VPN exit is outside the controlled space, it doesn't see the BGP hijacking.
+
+Otherwise, it's hard to get around BGP hijacking. Consider [Telekom Malaysia's mistake][42]. Let's say that there's a VPN provider with servers in London and Singapore. If another route existed from London to Singapore that didn't pass through Telekom Malaysia, that VPN provider could hard-code it into their servers. Even though Telekom Malaysia was hijacking BGP to Singapore, traffic through the London-Singapore VPN tunnel would ignore it. However, unless such problems persisted, it's unlikely that VPN providers would route around them manually. But corporate, academic and government VPNs might.
+
+{{< raw-html >}}
+<div class="footnotes">
+<h2>Footnotes</h2>
+
+<ol>
+<li id="note-1">
+  Geolocation based on IP address isn't perfect. That's because services like MaxMind typically report central addresses of ISPs, rather than the actual addresses of ISP customers. But they get the country right, and that's enough to enforce geographic access restrictions.
+</li>
+<li id="note-2">
+  Smartphones are especially vulnerable to tracking. Users have far less control over app behavior on smartphones. And there are multiple data sources for accurate geolocation, including GPS, cell towers and Wi-Fi hotspots.
+</li>
+<li id="note-3">
+  Indeed, not even fundamental Internet links can be reliably secured over long distances. Cables are cut <a href="http://time.com/tag/internet-cable-cuts/">on land</a> and <a href="http://subtelforum.com/articles/category/cable-faults/">under oceans</a>. And they are <a href="http://www.theatlantic.com/international/archive/2013/07/the-creepy-long-standing-practice-of-undersea-cable-tapping/277855/">tapped</a>.
+</li>
+<li id="note-4">
+  The US FBI uses DNS poisoning for so-called <a href="https://www.indolering.com/chilling-effects-domain-names">domain name seizures</a>, and the Motion Picture Association of America (MPAA) wants to <a href="https://www.bvsystems.com/WordPress/?tag=dns-takedown">take down sites hosting pirated content</a>. Various countries use DNS poisoning to <a href="http://www.smh.com.au/digital-life/digital-life-news/8888-the-four-digits-that-could-thwart-australias-antipiracy-websiteblocking-regime-20150624-ghw7kc.html">ban Interpol's `worst of the worst` list</a>. The Cyberspace Administration of China (CAC) does one better: it <a href="http://blog.crowdstrike.com/cyber-kung-fu-great-firewall-art-dns-poisoning/">redirects users</a> from banned sites to other sites that it wants to attack.
+</li>
+<li id="note-5">
+  Some malware also does that for <a href="https://www.fbi.gov/news/stories/2011/november/malware_110911">ad injection</a> or <a href="http://www.securityweek.com/cybercriminals-use-dns-poisoning-brazilian-boleto-fraud-scheme">fraud</a>.
+</li>
+<li id="note-6">
+  See Chapter 5 of <a href="http://www.cs.columbia.edu/~angelos/Papers/theses/sambuddho_thesis.pdf">Sambuddho Chakravarty's thesis</a>.
+</li>
+</ol></div>
+{{< / raw-html >}}
+
+ [1]: https://en.wikipedia.org/wiki/Internet_service_provider
+ [2]: /images-static/uploads/Connection-No-VPN.png
+ [3]: http://motherboard.vice.com/read/here-are-the-mobile-companies-still-tracking-you-across-the-web
+ [4]: http://www.nytimes.com/2015/08/16/us/politics/att-helped-nsa-spy-on-an-array-of-internet-traffic.html
+ [5]: /images-static/uploads/Connection-One-VPN.png
+ [6]: https://en.wikipedia.org/wiki/IP_address
+ [7]: https://www.maxmind.com/en/home
+ [8]: https://whatismyipaddress.com/
+ [9]: http://www.wsj.com/public/page/what-they-know-digital-privacy.html
+ [10]: https://www.eff.org/issues/do-not-track
+ [11]: http://www.theregister.co.uk/2015/07/29/dnt_dead_in_the_water/
+ [12]: http://www.w3.org/2001/tag/doc/unsanctioned-tracking/
+ [13]: https://en.wikipedia.org/wiki/Local_area_network
+ [14]: http://www.uh.edu/engines/nycandwires.jpg
+ [15]: http://arstechnica.com/tech-policy/2011/03/the-essence-of-the-net/
+ [16]: http://www.merriam-webster.com/dictionary/virtual
+ [17]: https://en.wikipedia.org/wiki/IPsec
+ [18]: https://en.wikipedia.org/wiki/Encapsulation_%28networking%29
+ [19]: https://en.wikipedia.org/wiki/Transport_Layer_Security
+ [20]: https://openvpn.net/index.php/open-source/333-what-is-openvpn.html
+ [21]: https://www.infradead.org/openconnect/
+ [22]: https://www.softether.org/
+ [23]: http://www.spiegel.de/media/media-35529.pdf
+ [24]: http://www.schneier.com/paper-pptpv2.html
+ [25]: /pptp-vs-l2tp-vs-openvpn
+ [26]: https://en.wikipedia.org/wiki/HTTPS
+ [27]: http://arstechnica.com/security/2015/02/lenovo-pcs-ship-with-man-in-the-middle-adware-that-breaks-https-connections/
+ [28]: https://en.wikipedia.org/wiki/Man-in-the-middle_attack
+ [29]: http://googleonlinesecurity.blogspot.co.nz/2015/03/maintaining-digital-certificate-security.html?m=1
+ [30]: http://csrc.nist.gov/groups/SMA/forum/documents/october-2012_fcsm_pturner.pdf
+ [31]: https://openvpn.net/index.php/open-source/documentation/howto.html#pki
+ [32]: http://security.stackexchange.com/questions/73469/tls-authentication-openvpn-mitm-attacks-on-public-wifi
+ [33]: https://www.google.com/
+ [34]: https://en.wikipedia.org/wiki/Domain_Name_System
+ [35]: https://developers.google.com/speed/public-dns/docs/security?hl=en
+ [36]: https://en.wikipedia.org/wiki/DNS_spoofing
+ [37]: https://www.wikileaks.org/wiki/Alternative_DNS
+ [38]: https://www.blackhat.com/docs/us-15/materials/us-15-Remes-Internet-Plumbing-For-Security-Professionals-The-State-Of-BGP-Security-wp.pdf
+ [39]: https://en.wikipedia.org/wiki/Border_Gateway_Protocol
+ [40]: https://blog.opendns.com/2015/06/18/bgp-and-the-system-of-trust-that-runs-the-internet-pt-1/
+ [41]: https://www.bgpmon.net/blog/
+ [42]: https://www.bgpmon.net/massive-route-leak-cause-internet-slowdown/
+ [43]: http://www.bgpmon.net/chinese-isp-hijacked-10-of-the-internet/
+ [44]: https://en.wikipedia.org/wiki/Null_route
+ [45]: http://googleonlinesecurity.blogspot.com/2014/03/googles-public-dns-intercepted-in-turkey.html
+ [46]: https://wiki.wireshark.org/OpenVPN
+ [47]: https://blog.barracuda.com/2015/03/24/understanding-internet-protocol-security-ipsec/
+ [48]: https://en.wikipedia.org/wiki/Deep_packet_inspection
+ [49]: http://www.tcpipguide.com/free/t_IPDatagramEncapsulation.htm
+ [50]: http://www.ab9il.net/crypto/openvpn-cloaking.html
+ [51]: https://www.bestvpn.com/blog/5919/how-to-hide-openvpn-traffic-an-introduction/
+ [52]: http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/slogin.1?query=ssh&sec=1
+ [53]: https://www.openssl.org/docs/manmaster/apps/openssl.html
+ [54]: https://www.stunnel.org/index.html
+ [55]: https://www.torproject.org/projects/obfsproxy.html.en
+ [56]: https://forums.openvpn.net/topic12605.html
+ [57]: https://www.wilderssecurity.com/threads/ways-to-obfuscate-vpn-connections.363059/
+ [58]: https://en.wikipedia.org/wiki/Padding_%28cryptography%29
diff --git a/src/content/es/pages/privacy-guides/why-use-tor-with-a-vpn-service.md b/src/content/es/pages/privacy-guides/why-use-tor-with-a-vpn-service.md
new file mode 100644
index 000000000..ff3d428dd
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/why-use-tor-with-a-vpn-service.md
@@ -0,0 +1,46 @@
+---
+title: Why use Tor with a VPN service?
+author: Ed Holden
+url: /privacy-guides/why-use-tor-with-a-vpn-service/
+section: Basic
+weight: 80
+articles: [
+  {
+    title: "Will a VPN Protect Me? Defining Your Threat Model",
+    url: "/privacy-guides/will-a-vpn-protect-me/"
+  },
+  {
+    title: "An Introduction to Privacy & Anonymity",
+    url: "privacy-guides/an-introduction-to-privacy-anonymity/"
+  },
+]
+date: 2018-10-25T13:55:43+00:00
+layout: guides-details
+---
+## Introduction
+
+The [Tor network][1] has been a useful tool for the privacy-aware internet users since 2002. While it has shown itself to be an invaluable tool in protecting one's privacy through anonymity, it is anything but a panacea. Today we are going to examine two of the known vulnerabilities in the Tor system and then see how using a trustworthy VPN service in conjunction with Tor can mitigate many of those vulnerabilities thus substantially reducing your privacy risk surface.
+
+> Note: While Tor is decentralized and designed in a way that you don't have to trust a single entity, most VPN services are run by centralized organizations. This article assumes you have picked a VPN service after carefully vetting them and you trust its operators to honor no-logs promises. 
+> See our guide on vetting VPN providers [here](https://www.ivpn.net/privacy-guides/18-questions-to-ask-your-vpn-service-provider/).  
+> For an in-depth guide on using Tor with a VPN see [Advanced Privacy and Anonymity - Part 3](https://www.ivpn.net/privacy-guides/advanced-privacy-and-anonymity-part-3/). 
+
+
+The first vulnerability we are going to examine is the scenario where the attacker is passively monitoring the connection of both the sender and recipient. For simplicity's sake, we will be using the common cryptographic archetypes of Alice and Bob et. al. If you are not familiar with these characters see the [wikipedia entry][2]. Additionally, we will be assuming that you have basic knowledge of how the Tor network functions.
+
+## Scenario A 
+
+In this first scenario, Alice is connecting to Bob's server over the Tor network. Additionally, Eve is positioned to passively monitor traffic coming both from Alice and to Bob. This is a scenario we know already exists at both the individual ISP level and at the level of major backbone interconnects through government access. It has been demonstrated since 2002 that Eve can [correlate traffic](https://www.onion-router.net/Publications/locating-hidden-servers.pdf) between Alice and Bob with a degree of accuracy that completely eliminates false positives. Further, this attack does not necessitate physical-level access to both Alice and Bob's individual networks. Because the Tor network allows anyone to run an end node, Mallory could simply have physical access to Alice's network and then run an end node herself. On the occasions when Alice's traffic is exiting the tor network from Mallory's end node (without regard to the locations and number of intermediate hops), there would be a functional replacement for the need to have physical access to Bob's network, as all traffic from Alice to Bob would pass through Mallory's node with all the intermediate encryption stripped off (assuming that Bob's server did not support end-to-end encryption, of course).
+
+By using a VPN service that has a high enough Tor traffic volume, the ability of Eve or Mallory to correlate Alice and Bob's traffic is severely hindered. This ability could be further reduced if Alice were to concurrently generate traffic over the VPN connection to multiple Tor sites along with non-Tor traffic. Essentially what this accomplishes is padding Alice's connection to the VPN server with sufficient extra data that correlation becomes even more difficult.
+
+## Scenario B
+
+The second vulnerability to examine is referred to as the ['bad apple'](https://arxiv.org/abs/1103.1518) attack. Here, we will assume that Alice and Bob are communicating via bittorrent. Mallory injects traffic that triggers Alice to make a UDP connection to Mallory's server. By taking advantage of the fact that Tor only provides a secure TCP connection, Alice is then tricked into revealing her actual identity. By properly configuring one's VPN connection to tunnel all traffic and by applying the other padding strategies above, Alice is no longer vulnerable to this attack.
+
+One of the most important features one should look for when shopping for VPN services is variable multi-hop capabilities. Here, one has the opportunity to bounce his encrypted traffic across multiple networks and jurisdictions, further reducing the possibility that traffic-analysis based attacks would be successful. Additionally, when needed, one can quickly choose a different multi-hop path for his traffic. Remember that in analysis attacks, padding is your friend and each individual encryption wrapper provides additional padding that can confound Mallory's attempts to correlate traffic.
+
+
+
+ [1]: https://www.torproject.org/
+ [2]: http://en.wikipedia.org/wiki/Alice_and_Bob
diff --git a/src/content/es/pages/privacy-guides/will-a-vpn-protect-me.md b/src/content/es/pages/privacy-guides/will-a-vpn-protect-me.md
new file mode 100644
index 000000000..c0e47a0e8
--- /dev/null
+++ b/src/content/es/pages/privacy-guides/will-a-vpn-protect-me.md
@@ -0,0 +1,114 @@
+---
+title: Will a VPN Protect Me? Defining Your Threat Model
+author: mirimir (gpg key 0x17C2E43E)
+url: /privacy-guides/will-a-vpn-protect-me/
+section: Basic
+weight: 90
+date: 2014-09-04T08:37:22+00:00
+layout: guides-details
+---
+The Internet was originally designed for communication among trusted partners. It was designed to be highly resilient against nuclear attacks, and other such external threats. But there were no protections against insider threats, from malicious network peers or users. Neither content nor information about content (which is called metadata) such as user identity, date and subject for email messages, were kept private, or secured against modification or spoofing.
+
+As the Internet has grown and developed, various insider threats have been recognized, and various components have been updated to mitigate them. For the most part, however, efforts have focused on small-scale adversaries, such as individuals and criminal organizations. Email, one of the core components, remains notoriously broken against powerful adversaries. The HTTPS protocol was designed to authenticate websites, and to protect users against eavesdropping and `Man in the Middle` (MitM) attacks. However, its security entirely depends on hierarchic systems of trusted certificate authorities, and they remain vulnerable to clever and/or powerful adversaries.
+
+Indeed, the Internet has become a panopticon with numerous observers. Commercialization has culminated in an advertising-funded economic model that rewards players who can most effectively target users by compromising their privacy. Worse, the Internet is also heavily militarized, with the US (NSA) and China (various MSS and PLA agencies) as major players. Efforts involve both mass surveillance and targeted attack. Furthermore, intercepted information is commonly (albeit secretly) used for such non-military goals as business development and law enforcement, through parallel construction.
+
+Censorship is also pervasive. Nations such as China, India, the UK, Iran, Saudi Arabia and Pakistan restrict access by their citizens for various economic, social, ideological and/or religious reasons. Furthermore, the US censors the entire Internet, primarily (as far as we know) in defense of intellectual property rights. Leveraging its jurisdiction over the .com, .net and .org domain registrars, it has seized thousands of websites, often based on mere allegations of infringing activity. All such domains (including, for example, most VPN services) are vulnerable.
+
+But you already knew that, right? That's why you're reading this article. You're probably wondering whether iVPN (or any VPN service) can provide the anonymity, freedom, privacy and/or security that you seek. For better or worse, the answer is `it depends`. VPN services effectively guard against some threats, and are inadequate against others. It all depends on your threat model(s).
+
+In formulating a threat model, first consider what you are protecting, what potential adversaries (archetypic attackers) you are protecting against, and what consequences you might face if compromised. Consider your potential adversaries, how capable and resourceful they are, and what methods they might employ against you. Also consider your skills, how hard you are willing to work, and how much usability and convenience you are willing to give up. Finally, keep in mind that you may have multiple context-dependent threat models, and that you may want to combine various defenses in ways that are appropriate for each of them.
+
+## Example Threat Models
+
+We begin by considering threat models that are typical among prospective users of VPN services, ranging from trivial to grandiose. In each example, there are four bullets: a) summary of the threat; b) recommended mitigation; c) how it works; and d) issues and limitations. Please see [Adversaries and Anonymity Systems: The Basics][1] for background information and details about adversaries and anonymity systems. For any of these threat models, except perhaps the first, it's important to prevent leaks if the VPN connection is interrupted. You can use a [VPN client that prevents leaks][2], or roll your own firewall setup. Linux iptables rules are [here][3]. And whatever you do, it's prudent to [test for leaks][4].
+
+### 1. Protecting Against Hackers on Public Wi-Fi Hotspots
+
+1. Consider someone who uses public Wi-Fi hotspots. They are concerned that hackers (ranging from other users to network administrators) might intercept their communications, and might steal sensitive information about their credit cards, bank and investment accounts, and so on. That is, they want security and privacy. But they're not trying to hide their online activity, or to be anonymous.
+2. Any reputable VPN service would suffice for such users.
+3. When users are connected to VPN servers, all traffic between their devices and VPN servers is encrypted, typically with a 256-bit AES key. Eavesdroppers on the public Wi-Fi network, or on other intervening networks, would see only encrypted data.
+4. VPN services do not encrypt traffic between their exit servers and Internet destinations. Neither do other anonymity systems. For that, users must connect to destinations using end-to-end encryption, such as HTTPS for websites. See the section `VPN Services` in [Adversaries and Anonymity Systems: The Basics](/privacy-guides/adversaries-and-anonymity-systems-the-basics/) for more about VPN services.
+
+### 2. Protecting Against Monitoring and Logging by ISPs
+
+1. Consider someone who is concerned that their ISP may be monitoring and logging their online activity. They want privacy, and they also want anonymity, in the sense of remaining unassociated with their online activity. But they're not concerned about hackers, or other real-time adversaries. They're just concerned that their ISP might, at some point, share logs of their online activity with other potential adversaries.
+2. Using a reputable VPN service that retains no logs, and that implements perfect forward secrecy, is the least invasive approach for mitigating this threat.
+3. When a user is connected to a VPN server, their ISP sees only encrypted traffic. Websites and other Internet destinations see the VPN service's exit IP address, rather than the user's ISP-assigned IP address. With perfect forward secrecy, an adversary that manages to compromise a particular VPN session can only decrypt data from that session (and not past or future data). Any encrypted traffic logged by the user's ISP remains secure.
+4. For this approach to make sense, the user must trust the VPN service more than they trust their ISP. That's often a straightforward choice (for example, where ISPs are tightly regulated and monitored). If the stakes are high, it may be prudent to distribute trust, so that compromise would require collusion. Using the Tor browser would be the simplest approach. However, given the risk of malicious exit nodes, using end-to-end encryption would be prudent. If hiding Tor use is important, the user could access the Tor network through a VPN service, or perhaps through a nested chain of VPN services.
+
+### 3. Hiding Location and Identity from Websites
+
+1. Consider someone who wishes to hide their location and identity from websites that they access. They don't want websites to know their ISP-assigned IP address, which is linked to their location. They also don't want websites to know their true name, either through their IP address, or through association with prior usage. However, they're not concerned about threats from other potential adversaries, such as their ISP or government.
+2. Any reputable VPN service would hide the user's ISP-assigned IP address from websites. In order to prevent association with prior activity under their true name, the user should work in a fresh device (or virtual machine) with no such prior usage on any website.
+3. When a user is connecting through a VPN service, websites see the IP address of the exit server, rather than the user's ISP-assigned IP address. Working in a fresh device or virtual machine, there are no cookies or other tracking objects that might be associated with the user's true name, or other aspects of their prior activity.
+4. It's not prudent to rely on browser settings (such as private browsing mode) or plugins to prevent tracking, because that protects only against known tracking methods. Even the Tor browser is vulnerable to new (aka zero-day) tracking exploits. Relying on isolation between different browsers is also risky. While virtual machines can also be compromised, there is little risk, except for high-value targets. Where the stakes are high, using dedicated devices would be most prudent.
+
+### 4. Hiding True Name from a Correspondent
+
+1. Consider someone who wishes to be anonymous to a particular correspondent. They don't want the correspondent to know their ISP-assigned IP address, which is linked to their true name. However, they're not concerned about threats from other potential adversaries, such as their ISP or government.
+2. Unless the correspondent is (or has help from) a resourceful adversary, any reputable VPN service would suffice.
+3. When a user is connecting through a VPN service, the initial `Received: from` header in messages sent by the user will show the IP address of the VPN exit server, and not the user's ISP-assigned IP address. That's the case with both webmail and stand-alone email clients.
+4. The email account must not be associated with the user, in any way. There must be no money trails. The user must never access the account without reliably obscuring their IP address. They must never use the email address with friends, or in any identifying context. Even so, adversaries know the VPN service by its IP address, and they could ask (perhaps very hard) about the user. Against resourceful adversaries, especially if the stakes are high, it may be prudent to use nested VPN chains, or perhaps Tor. In extreme cases, it may be prudent to tunnel traffic through multiple anonymity systems. However, configuring stand-alone email clients to properly use Tor (without leaks) is nontrivial. Also, they don't work with VPN services that block SMTP traffic to prevent spamming.
+
+### 5. Being Anonymous Online and Hiding Online Activity from Ones National Government
+
+1. Consider someone who wishes to obscure their online activity (content and metadata) from their ISP and national government. They also wish to hide their location and identity from websites that they access, and from their correspondents. That is, they want both privacy and anonymity. They want anonymity in the sense of remaining unassociated with their online activity, and they want that anonymity to survive efforts by their national government to associate them and it. However, they are not subject to overt censorship, and the use of strong encryption is not regulated. Also, they have not (they assume) been specifically targeted for investigation. They are somewhat concerned about the consequences of discovery. But they are not concerned about threats from other potential adversaries.
+2. It would be prudent for such users to tunnel traffic through multiple anonymity systems, perhaps initially through a nested chain of two or three VPN services, and then through [JonDonym](https://anonymous-proxy-servers.net/) and/or [Tor](https://www.torproject.org). It might be sufficient to start with a popular VPN service, connecting through a typical ISP uplink. However, it would be safer, albeit far less convenient, to connect anonymously through public Wi-Fi hotspots.
+3. Using VPN services obscures online activity from local observers, and it also obscures location and identity from remote observers on the Internet. However, users are entirely vulnerable to betrayal by the VPN provider. With a second VPN service tunneled through the first, trust has been distributed, in that compromise would require collusion between the two providers. With Tor in the nested chain, forcing collusion among providers becomes unworkable, and adversaries must rely on other attacks: traffic analysis, Sybil attacks and exploiting vulnerabilities in particular system nodes and their operators.
+4. This threat model is prudent _only_ when the use of strong encryption is unregulated, when users are not specifically targeted for investigation, and when the consequences of discovery would be relatively minor. When there is appreciable uncertainty about any of those assumptions, the threat model `Being Anonymous Online, Evading Censorship, and Hiding Online Activity from Ones National Government` is more appropriate.
+
+    Although users are subject to surveillance both locally and remotely, the Internet uplink is their key vulnerability. For those who connect through ISPs, the strategy has two aspects: 1) blend in locally, by using popular VPN services, and by otherwise being unworthy of special attention; and 2) go for overkill in resisting efforts by their national government to associate them and their online activity. All non-free/premium VPN-service and JonDonym accounts, except for any service accessed directly through an ISP, should of course be purchased anonymously. 
+
+    But even with such overkill, connecting through an ISP is risky. For example, the government might fingerprint connections to a popular dissident forum, by using a DDoS attack to intermittently force the website offline, in some pattern. It could then identify users by searching intercepts, provided by ISPs, for that fingerprint. And in any case, there is no deniability if their government does manage to associate a user's online activity with their ISP-assigned IP address.
+
+    Connecting anonymously through public Wi-Fi hotspots would be safer, but far less convenient. Even if the user's government does associate their online activity with the hotspot's IP address, the user is still somewhat anonymous. We discuss the use of public Wi-Fi hotspots further in the threat model `Being Anonymous Online, Evading Censorship, and Hiding Online Activity from Ones National Government`.
+      
+
+### 6. Evading Censorship by Ones National Government
+
+1. Consider someone who wishes to evade censorship imposed by their national government. Although they don't want to attract undue attention, they are not seeking strong anonymity from observers on the Internet. They are confident that the consequences of discovery would be minor. And they are not concerned about threats from other potential adversaries.
+2. Any reputable VPN service might suffice. However, against more resourceful censors, it might be necessary to use VPN services that connect through obfuscated proxies. Against powerful censors, it might be necessary to use Tor via obfuscated bridges.
+3. When a user is connecting through a VPN service, the user's ISP and government see only encrypted traffic to the VPN server. Unless the user's government can observe the VPN server's local traffic, it can't determine what websites the user is accessing. And without knowing that, it can't censor, except by blocking or throttling all traffic to that VPN server. If the user is connecting to the VPN service through an obfuscated proxy, the censor might need to block or throttle all encrypted traffic.
+4. This threat model is prudent _only_ when the consequences of discovery would be minor, and _only_ when strong anonymity from observers on the Internet is correspondingly unnecessary. When there is appreciable uncertainty about either assumption, the following threat model is more appropriate. 
+
+    Even with obfuscation, highly resourceful censors might identify and block all of the VPN service's proxy servers. Against such adversaries, it might be necessary to use Tor with obfuscated bridges. Although both Tor and VPN services can use the same methods for obfuscation, Tor is far more resilient to censorship. That's because VPN services typically use at most a few obfuscated proxies, while there are thousands of Tor obfuscated bridges.
+
+    However, new approaches might level the field. For example, the CloudTransport design features cloud-hosted proxies with fast-flux IP addresses, which can't readily be blocked without interfering with other cloud services. See the last paragraph of the section `Passive Adversaries with Limited Network Reach` in [Adversaries and Anonymity Systems: The Basics](/privacy-guides/adversaries-and-anonymity-systems-the-basics/) for more about that.
+    
+### 7. Being Anonymous Online, Evading Censorship, and Hiding Online Activity from Ones National Government
+    
+1. Consider someone who wishes to evade censorship imposed by their national government. They also wish to obscure their online activity (content and metadata) from their ISP and national government. And they wish to hide their location and identity from websites that they access, and from their correspondents. That is, they want both privacy and anonymity. They want anonymity in the sense of remaining unassociated with their online activity, and they want that anonymity to survive efforts by their national government to associate them and it. Furthermore, they are subject to overt censorship, and the use of strong encryption is regulated, so they must also avoid association with illicit communications. However, they have not (they assume) been specifically targeted for investigation. They are concerned that the consequences of discovery might be severe. And they are also concerned about threats from other adversaries, including governments, that might share information with their national government. But they are not concerned about threats from other neutral or non-cooperating adversaries.
+2. It would be prudent for such users to tunnel traffic through multiple anonymity systems. It would arguably be best to start with Tor, using the strongest obfsproxy plugin available, and connecting anonymously through public Wi-Fi hotspots. Users could then, for example, tunnel JonDonym through Tor, and then tunnel a VPN service through JonDonym. Full-disk encryption with an instant-wipe hotkey would provide a final backup.
+3. As discussed in previous examples, traffic obfuscation hinders government censorship. The nested anonymity systems further obscure online activity from local observers, and they also obscure location and identity from remote observers on the Internet. With Tor in the nested chain, forcing collusion among providers becomes unworkable, and adversaries must rely on other attacks: traffic analysis, Sybil attacks and exploiting vulnerabilities in particular system nodes and their operators.
+
+    Starting with Tor is arguably best, because with thousands of obfuscated bridges, it's most resilient to censorship. However, given uncertainty about the long-term effectiveness of traffic obfuscation, and the risk of deanonymization through malicious-relay (Sybil) attacks, it would be prudent to reach the Tor network anonymously through public Wi-Fi hotspots. That's especially so, given potentially severe consequences of discovery. Tunneling JonDonym through Tor, and then a VPN service through JonDonym, further disassociates online activity from a hotspot's public IP address.
+4. Although users are subject to surveillance both locally and remotely, the Internet uplink is their key vulnerability. Connecting anonymously through public Wi-Fi hotspots protects users in two ways. First, even if government censors identify and block a user's obfuscated bridges, the user remains anonymous, and can easily recover by obtaining fresh bridges. Second, even if the government manages to associate a user's online activity with a hotspot's public IP address, the user remains at least somewhat anonymous.
+
+    Regarding the first issue, there are thousands of Tor obfuscated bridges, and users can obtain fresh bridges in various ways from the central BridgeDB, and also informally from other users. Numerous alternatives for distributing bridges are under investigation. For example, there are reputation-based systems that partition out malicious users, which are fielded by adversaries seeking to enumerate and block bridges. More revolutionary is the CloudTransport design. It features cloud-hosted bridges, which have fast-flux IP addresses that can't readily be blocked, without interfering with other cloud services. See the last paragraph of the section `Passive Adversaries with Limited Network Reach` in [Adversaries and Anonymity Systems: The Basics](/privacy-guides/adversaries-and-anonymity-systems-the-basics/) for more about that.
+    Also, it can be nontrivial to use public Wi-Fi hotspots anonymously. Range is often limited, and usability requires line-of-sight, because radio signals are strongly attenuated by buildings and dense vegetation. Also, working outdoors may be impractical during inclement weather. Such constraints put users at increased risk of surveillance. While directional antennas can dramatically increase range, there's a size vs gain trade-off, and even the smallest would likely attract attention.
+
+    Wi-Fi hotspots typically log the MAC addresses of Wi-Fi adapters that connect to them. Even if a user's traffic were fully encrypted, the hotspot could record their usage history, including their MAC address and what IP addresses they had connected to (here, Tor obfuscated bridges). Users can mitigate that threat in two complementary ways. First, the user could have several USB Wi-Fi adapter dongles, and use a different one for each Wi-Fi hotspot. They would only carry one of them at any given time. Also, they would (of course) disable their device's built-in Wi-Fi network adapter (which they might use only on trusted Wi-Fi networks). Second, they would also employ MAC spoofing software, in order to hinder profile building by Wi-Fi hotspots. Even if a Wi-Fi hotspot managed to compromise the MAC spoofing software, it would only get the MAC address of a USB Wi-Fi dongle (which could then, if appropriate, be destroyed).
+
+    Regarding the second issue, there is much less risk of local-online association when tunneling JonDonym (purchased with thoroughly anonymized Bitcoins) through Tor. In that case, a Sybil attack could at best deanonymize circuits with one of its malicious relays as an entry guard, and another as an exit relay connecting to a JonDonym cascade. Given that Tor is one of the default SOCKS5 proxies for JonDonym, users of interest would arguably own a minority of such circuits. And in any case, the adversary would still need to compromise a JonDonym cascade, which would require different skills and resources. Furthermore, with a popular VPN service (also purchased anonymously) tunneled through JonDonym, the adversary wouldn't even know to focus on Tor circuits ending at JonDonym. See the relevant sections in [Adversaries and Anonymity Systems: The Basics](/privacy-guides/adversaries-and-anonymity-systems-the-basics/) for background.
+
+    If public Wi-Fi hotspots were unavailable, or were not usable anonymously, users would have two options. They could connect through an ISP uplink, or they could create (or join) an anonymous P2P Wi-Fi meshnet. The first option would be very risky, given uncertain traffic obfuscation, and the potentially severe consequences of discovery. The second option would be safer, but still riskier than anonymously using public Wi-Fi hotspots. Also, it would involve considerable effort, and would involve working with trusted partners. Basically, anonymous P2P Wi-Fi meshnets are just relatively local anonymity systems, and their key vulnerability is (of course) the Internet uplink. However, it's beyond the scope of this discussion, and deserves its own.
+
+    As final backup, in case of physical discovery, the user's device must be protected by full-disk encryption that leaves no plaintext on storage media under any circumstances. And of course, it must be setup for instant shutdown, perhaps with a hot key. Where the stakes are especially high, it would be best for the hot key to render the disk undecryptable. Deleting and overwriting data is far too slow. But overwriting the header(s) of the encrypted volume and the device's boot partition with random data takes but a few seconds. Once that's been done, forensic analysis will confirm that the data is not recoverable. The users could, of course have the requisite header(s) and boot partition backed up somewhere on the cloud, or wherever.
+          
+### 8. Being Anonymous Online Against All Adversaries (But Not Targeted)
+          
+1. Consider someone who wishes to remain anonymous against all adversaries, including `The Man` (the prototypic global adversary aka the NSA). They are subject to government censorship, and the use of strong encryption is regulated. As in the previous example, they must: 1) evade government censorship; 2) obscure their online activity from local observers; and 3) avoid association with their illicit communications. And (of course) they must hide their location and identity from all remote observers on the Internet. They have not (they assume) been specifically targeted for investigation, and they want to keep it that way. They are concerned that the consequences of discovery might be severe. Perhaps they're discreetly leaking documents obtained from the NSA. Or perhaps they're managing a high-profile Tor hidden service, on the order of the late Silk Road, or Freedom Hosting.
+2. As in the previous example, it would be prudent for such users to tunnel traffic through multiple anonymity systems. It would arguably be best to start with Tor, using the strongest obfsproxy plugin available, and connecting anonymously through numerous public Wi-Fi hotspots. Users would then tunnel JonDonym through Tor, and then tunnel a VPN service through JonDonym. Full-disk encryption with an instant-wipe hotkey would provide a final backup.
+3. As discussed in previous example, starting with Tor provides the best protection against censorship and discovery. Tunneling JonDonym through Tor, and then a VPN service through JonDonym, disassociates online activity from Tor circuits, and prevents targeting them for compromise through malicious-relay (Sybil) attacks. And compromising a JonDonym cascade would require different skills and resources. Using public Wi-Fi hotspots provides backup anonymity, in case obfuscation fails, or even if online activity becomes associated with one of the hotspots.
+4. Considerable knowledge, experience and resources would be required in order to reliably mitigate such threats from powerful adversaries. The key aspect is to avoid being specifically targeted for investigation. The user must blend in with the crowd, remaining effectively invisible by giving observers (including others in the crowd) no reason to look specifically at them. In particular, the user must not attract attention in the process of hiding and being anonymous. Handling the physical uplink properly, being secure while not attracting undue attention, is crucial. Other than that, they would employ approaches discussed in the previous example.
+
+### 9. Being Anonymous Online Against All Adversaries While Targeted for Specific Observation
+
+1. Consider someone who (they assume) been specifically targeted for investigation by `The Man`.
+2. The key mitigation would be finding a safe physical location, either hiding (perhaps as a homeless drifter) or seeking refuge somewhere (as Edward Snowden has, in Russia). Given that, they would employ approaches discussed in the previous two examples.
+
+ [1]: /privacy-guides/adversaries-and-anonymity-systems-the-basics/
+ [2]: https://vpntesting.info/
+ [3]: /knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables/
+ [4]: /privacy-guides/how-to-perform-a-vpn-leak-test/
diff --git a/src/content/es/pages/privacy-policy.md b/src/content/es/pages/privacy-policy.md
new file mode 100644
index 000000000..81205ffc6
--- /dev/null
+++ b/src/content/es/pages/privacy-policy.md
@@ -0,0 +1,224 @@
+---
+title: IVPN Privacy Policy
+description: Its important our customers fully understand what private information we collect, store and process. Read our clear and simple policy to get the facts you need.
+url: /privacy/
+layout:
+canonical:
+---
+# Privacy Policy
+
+We're built for privacy. Internally, we know what exactly that means; we use privacy as a filter for decision-making. If a choice needs to be made between one practice that deepens a user's privacy, and another that would diminish it but accelerate our growth, we'll always take the slower, more private option. If you'd like to know more about our principles and beliefs that drive our choices, please see our [team](/team/) and [ethics](/ethics/) pages.
+
+We realize how important it is that our customers fully understand what we
+mean by privacy. This policy gives you an overview of;
+
+* What we mean by "logless"
+
+* What information we collect, how it's stored, and how it's used
+
+* What happens in the case we are subpoenaed, receive a court order or DMCA copyright infringement notice
+
+* What we do with information relating to cancelled or dormant accounts
+
+* How we handle subject access requests
+
+We've tried our best to make this policy human-readable so you can get the facts you need quickly.
+
+### Zero user information is our goal
+
+As a privacy service we believe it's crucially important to collect the minimum information required to operate our service. Many companies require at least an email address so they can push subscription renewals and enable other customer growth strategies.  When you sign up for IVPN, you will not be asked for any personal information e.g. email address, name etc. We will also not log any personally identifiable information e.g. IP address. 
+
+This also means that we have no way to contact you in the event of any account issues, network downtime etc. If you wish to provide us with an email address so we can contact you about future issues, you can optionally add one in the client area after sign-up.
+
+### What data don't you log?
+
+We do not log any data relating to a user's VPN activity (while connected or connecting to the VPN).
+
+* No traffic logging
+
+* No connection timestamp or connection duration
+
+* No DNS request logging
+
+* No logging of user bandwidth
+
+* No logging of customer IP addresses
+
+* No logging of any account activity except active total simultaneous connections (explained below) 
+
+### What data do you log on sign-up?
+
+When a new account is created, we store the following data: (please note that we are using simplified field names and formatting below to highlight the relevant information)
+
+<div class="table-container-mobile">
+
+| ID | Created at | Product | Max devices |
+|---|---|---|---|
+| i-XXXX-XXXX-XXXX | 2020-09-21 05:03:13 | IVPN Pro | 7 |
+
+</div>
+
+### What information is logged when making a payment using a credit card, PayPal, Cash, cryptocurrency or voucher code?
+
+When you add time to your account, the following information is stored:
+
+<div class="table-container-mobile">
+
+| Payment ID | Account ID | Amount | Currency | Timestamp | Transaction ID |
+|---|---|---|---|---|---|
+| xxx | xxx | 100 | USD | 2020-10-2 14:01:11 | xxx |
+
+</div>
+
+Some payment information may be related to your account, for example, if PayPal is used a PayPal transaction ID will be associated with your account, as well as a subscription ID to set up a PayPal subscription. If payment is made using our BTCPay server, then the BTCPay transaction ID will be associated with your account (note that we operate our own BTCPay server). If you add time with voucher code, it is stored in our system and associated with your account ID for 30 days after redemption, then deleted. 
+
+For credit card payments, we use Braintree as our payment processor, and store a Braintree transaction ID against your account. If you elect to enable auto-renew for card payments, a subscription ID will also be stored.
+
+This is the data we store for a credit card payment:
+
+<div class="table-container-mobile">
+
+| Payment ID | Account ID | Amount | Currency | Timestamp |
+|---|---|---|---|---|---|
+| xxx | xxx | 100 | USD | 2018-10-2 14:01:11 |
+
+</div>
+
+In order to process your payment, Braintree and PayPal will request additional information. Braintree requires collection of your card details to process your payment, and PayPal will require name, email and address information to create a new PayPal account as well as agreement to their terms of service. These additional data points are not stored by IVPN, though Braintree and PayPal are required to retain them for many years. No third-party payment provider has access to your IVPN account ID.
+
+In short, where we can offer anonymous payment methods we will, and we collect as little information as possible to process them. However, centralised or third-party payment systems and their data processing and storage are out of our control.
+
+Please select cash or cryptocurrency payments should this be of concern.
+
+### Why do you store transaction_id and subscription_id?
+
+To be able to process refunds for our 30-day money-back guarantee and resolve other payment issues, as well as to enable auto-renewal of subscription.
+
+### What information is logged when I visit the IVPN website?
+
+IVPN have selected [Matomo](https://matomo.org) as their web analytics platform. Web analytics allow us to understand our users engagement with our site to understand where it delivers value, and where it can be improved in terms of usability, simplicity and speed. It also helps us to understand where our site visitors originate, and audit those referring sites to ensure they aren't making unfounded or exaggerated claims.
+
+Matomo is open source software that is hosted on our own server infrastructure to ensure your privacy (unlike platforms such as Google Analytics). For example, the Center for Data Privacy Protection in France (CNIL) recommended Matomo as the only tool that can easily ensure full compliance with privacy regulations. Matomo is used to analyse in aggregate information about our website visitors.
+
+When your web browser loads a page on our site, a small snippet of JavaScript code is executed within your browser which submits information such as;
+
+* your browser user-agent,
+
+* language,
+
+* screen resolution,
+
+* referring website,
+
+* IP address.
+
+To ensure your privacy, IVPN discards the last two octets of the IP address. Matomo may also set a web cookie to facilitate the identification of users who revisit the site.
+
+### Where is my data stored and who has access to it?
+
+IVPN is subject to EU law and is in compliance with the EU Data Protection Directive (Directive 95/46/EC), which prohibits companies transferring data to overseas jurisdictions with weaker privacy laws. IVPN will not locate servers in countries where it's forced to break this compliance. Due to the nature of our logging practices, VPN servers do not contain any personally identifiable information and thus, if seized, could not be used to identify users.
+
+No third-parties have access to any of your data. We always use first or third-party tools we can host on our own servers in a protected and secure environment.
+
+### How do you limit the number of connected devices?
+
+IVPN plans limit the use of service to a set number of devices. The authentication server holds a temporary record of all account IDs that have at least one device logged in to an IVPN app. 
+When a customer logs into the IVPN app, an entry is added to the device session database containing the following:
+
+* a unique token, which is a 16 character alphanumeric string used to distinguish entries in the database
+
+* the corresponding account ID 
+
+When a customer attempts to log in to an IVPN app, a request is sent to our authentication servers to verify that the specified account ID is valid and has an active plan associated with it. As a next step, we check whether the number of tokens associated with customer’s account ID exceeds the permitted number of devices as per their purchased plan. If the number of tokens equal the number permitted by their plan, the authentication attempt is denied.
+
+We do not store timestamps, or any device related information that could be used to identify a device, such as product make, model, IMEI number, MAC address, etc. Entries from the device sessions database are permanently deleted when the customer logs out of the IVPN app, or when their account is terminated or deleted. If an adversary was able to gain access to this data, they could only determine which account IDs had been used to sign into at least one device at that time, and the number of devices logged in. This data does not, however, provide any useful information on past or present VPN connections initiated by the user of the account. 
+
+
+### How do you limit simultaneous connections?
+
+To authenticate customers, our VPN servers send a request to a central authentication server, containing the customers account ID. The authentication server holds a temporary record of all connected customer ID's. When a customer connects to a VPN gateway, the authentication server checks how many active authentication records are already in the table for the account ID, if it exceeds the allowed number of simultaneous connections, then authentication is denied. When a user disconnects, the relevant record is permanently deleted. If an adversary was able to gain access to this data, they could only determine which account ID's were logged into the VPN network at that exact moment in time.
+
+As this data is only stored for the duration of the VPN session, if you or anyone requests to know how many connections you had at a specific time in the past, we couldn't tell you because we don't store it.
+
+### What information is stored for device management? 
+
+Device management is an opt-in (disabled by default) feature that helps customers review and remove devices that are authenticated to use the IVPN service.
+
+When device management is activated, an extra field for the device name is added to the temporary record table which helps limit the number of connected devices.
+IVPN assigns device names in a specific sequence (A-B-C-D-E-F-G) from a predefined list of seven names. If a device is logged out, its name becomes available as a next option for future assignment. For instance, if a customer with seven devices authenticated removes device F, D and then C, the new sequence becomes A-B-E-G-F-D-C, making the last three names available for new devices.
+
+This naming convention ensures device names cannot be used to identify your account in case an adversary was able to gain access to this specific data. 
+
+
+### What information is retained when I stop using your service?
+When a VPN account is terminated on our network due to the subscription ending, non-payment or for any other reason, all data associated with that VPN account including the account itself (with the exception of the accounting data below) is automatically deleted after 90 days. After the account is deleted, the remaining accounting data below has no link to any past account ID. If you want to delete your data immediately, simply click on the 'delete account' button within the client area.
+
+<div class="table-container-mobile">
+
+| Date of payment | Amount | Payment method | Transaction ID | Subscription ID |
+|---|---|---|---|---|
+| 2020-01-24 | $100 | Paypal | XXX | XXX |
+
+</div>
+
+### How can I get access to the data you store on my behalf via a subject access request?
+
+In accordance with GDPR legislation, reasonable requests for release of a specific user's data will be honoured within 28 days of an acceptable request from a user or person with a provable legal relationship with that user.
+
+We reserve the right to refuse or charge for requests that are manifestly unfounded or excessive. Any refused subject access requests will be responded to without undue delay including the refusal reason as well as recourse to refer to the supervisory authority.
+
+Subject access requests should be made in writing to sar@ivpn.net
+
+### Where is the regulatory authority that oversees the jurisdiction in which IVPN operates under GDPR?
+
+IVPN is registered in Gibraltar, and as such the GDPR regulatory body is the [Gibraltar Regulatory Authority](http://www.gra.gi/).
+
+### What happens if you receive a legal notice such as a DMCA for copyright material that I have downloaded?
+
+Since our customers are using an IVPN issued IP address when using our service, such notices are directed to IVPN and our legal department will issue an appropriate response. Since we store no connection logs, we couldn't associate a request with a customer identity even if legally compelled to do so.
+
+### How do you react when requested by an authority for information relating to a customer?
+
+The company is incorporated in Gibraltar. If a court order is received from a recognised legal authority with jurisdiction over IVPN, then the company will comply with that order. However, the company cannot be compelled to hand over information which it does not have. When a customer signs up, we request no personal information. If it ever becomes required by law for us to keep a persistent log of our customers connections or any personal data relating to their network activity, we will immediately notify our customers and do everything in our power to move jurisdictions or close the service to protect those who entrust their privacy to us.
+
+### What happens if laws change?
+
+IVPN is committed to keeping its customers informed of any serious legislative threats to our service. If the laws in our jurisdiction change in way that prevents us from upholding our privacy policy, we will always inform our customers before those laws are enacted. We will also allow customers to cancel their subscription and will refund any fees that cover the remainder of their subscription period.
+
+### Crash Logs
+
+By default, if one of our mobile apps crashes while you're using it, anonymized data about the crash will be collected on the device to help us identify the cause of the crash and hopefully fix it in a future update. These "crash logs" contain information such as the state of the app, operating system, and device at the time of the crash, but no personally identifiable information.
+
+Crash logs for our desktop apps are only sent when the user manually confirms the action. For our mobile apps, you can opt-out of crash log reporting by disabling it in user preferences. 
+
+Crash logs are sent to a server hosted and managed by IVPN and no third-party vendors or cloud services.
+
+### Device permissions for Personal Data access
+
+IVPN Android and iOS apps may request certain permissions that allow it to access the user's device data as described below.
+
+These permissions must be granted by the user before the respective information can be accessed. Once the permission has been given, it can be revoked by the user at any time in device settings.
+
+Please note that revoking of such permissions might impact the proper functioning of the app.
+
+#### Android App
+
+Background location permission (continuous):  
+Required to access the current Wi-Fi SSID, when the Network Protection feature is enabled.
+
+Camera permission:  
+Used to scan QR code with an account ID.
+
+#### iOS App
+
+Permission to save VPN profile:  
+Required to access the current Wi-Fi SSID, when the Network Protection feature is enabled.
+
+Camera permission:  
+Used to scan QR code with an account ID.
+
+### Changes to policy
+
+IVPN reserves the right to change this privacy policy at any time. In such cases, we will take every reasonable step to ensure that these changes are brought to your attention by posting all changes prominently on the IVPN website for a reasonable period of time, before the new policy becomes effective as well as emailing our existing customers.
+
+If you have any questions or comments regarding this policy, please do not hesitate to contact us.
diff --git a/src/content/es/pages/refunds.md b/src/content/es/pages/refunds.md
new file mode 100644
index 000000000..a307650ca
--- /dev/null
+++ b/src/content/es/pages/refunds.md
@@ -0,0 +1,49 @@
+---
+title: IVPN Refund Policy and Process
+url: /refunds/
+---
+# Refunds
+
+IVPN strives to meet the expectations of all users and offers unlimited support to help users with any problems they may face. 
+
+If you are unsatisfied for any reason, you can request **a full refund within 30 days** of your payment. This full refund offer is available **once per account and per customer**. 
+
+Below is the information you need to <a href="mailto:support@ivpn.net">email</a>, or submit via live chat to us for each payment method:
+
+<h2>Credit Card</h2>
+
+- Your IVPN Account safe reference (XXXXXXXX) or the IVPN Account ID (i-XXXX-XXXX-XXXX / ivpnXXXXXXXX).
+
+If you do not remember your account details, provide us with the first 6 digits of the card number, the last 4 digits of the card number, the date of the payment, and the amount paid.
+
+<h2>PayPal</h2>
+
+- Your IVPN Account safe reference (XXXXXXXX) or the IVPN Account ID (i-XXXX-XXXX-XXXX / ivpnXXXXXXXX).
+
+If you do not remember your account details, provide us with your PayPal account email address and the transaction ID associated with the purchase.
+
+<h2>Bitcoin and Monero</h2>
+
+- Your IVPN Account safe reference (XXXXXXXX) or the IVPN Account ID (i-XXXX-XXXX-XXXX / ivpnXXXXXXXX).
+
+- Your Bitcoin / Monero wallet address to receive the refund.
+
+If you do not remember your account details, provide us with the transaction ID for your Bitcoin or Monero payment, the payment date, and the amount paid.
+
+Please note: IVPN Light purchases are non-refundable. 
+
+<h2>Android In-App Purchase</h2>
+
+- Your IVPN Account safe reference (XXXXXXXX) or the IVPN Account ID (i-XXXX-XXXX-XXXX / ivpnXXXXXXXX).
+
+- Google Play Store <a href="https://support.google.com/googleplay/answer/2850369?hl=en" target='_blank'>transaction ID</a> that starts with `GPA.`. 
+
+<h2>iOS In-App Purchase</h2>
+
+App Store purchases are refunded by Apple. Details on how to submit the refund claim to Apple can be found <a href="https://support.apple.com/en-gb/HT204084" target="_blank">here</a>.
+
+<h2>Cash and Vouchers</h2>
+
+Cash and Voucher payments are non-refundable.
+
+**Please note**: We do not offer prorated refunds.
diff --git a/src/content/es/pages/report-vulnerability.md b/src/content/es/pages/report-vulnerability.md
new file mode 100644
index 000000000..20d470853
--- /dev/null
+++ b/src/content/es/pages/report-vulnerability.md
@@ -0,0 +1,17 @@
+---
+title: IVPN Vulnerability Reporting
+url: /vulnerability-reporting/
+---
+# Security & Vulnerability Reporting
+
+### Reporting a security vulnerability to IVPN
+
+If you believe you have found a security vulnerability please email our security@ mailbox. We treat all reports with the highest priority and confidentiality.
+
+### PGP Key
+
+```
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+mQINBFj4c/QBEAC+A64P+Cn4HPoA4HKQaxIYRXCzgw8fZ2cp4WXK4jIhe0aePExmaPs3rD9aUJrJkFumbHgSGICIqu2xygsfp4OCkwSQXIJWU18+eRFXUqFQd9M2LOusd8x+Xopg6jECg2rlPuYPRIUm7/APRNErq9nTRzj+MMBny+/PmLTVMFA7eUQC+mMrjLCxR8dlT8dwATBXTpi64nFKJ+On0DO2unr1i5cPONzK8IMQ09kez92F+RaFlnzlm7U7Fw5tKaNGg713Ibjk/JWEejr+fKcEjuPONEOu6wlWg4u+3CfcrrVEu8laZOsbV74S2550qkUMEfUOvjC71pdxkytbMO9YtxVUYaSkA3mVvjB9gCSjg0/6QqrIG9igL5rDu4RvakuZXEv+q/fIHIKtMinbXKDeXcRxw42JeTtcejlEuPgfMEJlyyYEhxdNhwdaXHcIs72l10Dxkc5aITW5s82IUtUMTjJJlGOIYxMRhxbSrBjCNWnk7CQGOdxO1hcA7m7Rb4quKfGEJ9wOz8kdMsfOa8Oqcncq60SoHvs0pRbxIakqCJsp2GLyv3NEbiPxS6YczxYhbJz7jtO3Cfmoa1TUdWNQotenIob9d7d2oEE3Ia5fx8lzWK6CTABxC0500LrZiYRM2cLisivdf5RGQVEtB+CpRnu64RoleQWL+iGBopHCiZunBwARAQABtCZJVlBOIHNlY3VyaXR5IHRlYW0gPHNlY3VyaXR5QGl2cG4ubmV0PokCVAQTAQoAPgIbAwULCQgHAwUVCgkICwUWAgMBAAIeAQIXgBYhBNKQ55Q5HQFsdLW7r2QhVAOIdW4EBQJbmQfABQkLSL1MAAoJEGQhVAOIdW4EPkQQAIMpP4y402oFh7v98aLvLuU06T1iNcg7iuDrdsFUGuBKjEtswOaEkStgpQZZ21/NIBjT+uPfz1mkAZzNtyodgiuKSrgrqpNuhNhTnrnIctk7/Bp75A/ocZfuC24kPKlpJD++2KPLP8ZFaOHw9NzzadghfQCpDnmCGbA7ovc6EA18n8A53b5uMpkmMuFnxGsiD1YCPocnUs3txgHQ+I0/gY856agKHGazC5b8yEwYxBQx8VMiAdxyAiGKpiWf0clQlr9ZY9Vaw1vhb0BcMLwPYX3BujfetmWjrLo3d7IHvnmUNyvryfmkcAm+X2H7qOFtmdCSy4xu5qJIoruZp+RIxqgtI0RTSpaVHWh4TygrqZVB1wHauMe03yPW2TjjVDQ1uC361CLM4xPBTdR9rJSyjlV7p44NKcvMp+4qrCgwmyRBssCpnnxzgky6+HLAbGtSyNd7dfPHOA0fCZb26xcx7sHcge2f+YtNX+KDSG6NkJCQmGWSmmDE+8RsuLhdHqrxTZg2fTBLINQ+dNMvzd1GS45tLiY2oS3AuZk10IK+S6pVhO6W5J/EImAbNxDP38c7iQG9ojeMAl3HzC6D7OAoomJngpJNJoMk5UizyXKHdhAg16Jp+oTV7UFp7AzE+GvmdhpoSrJ80VT8h7hKayGmgB4CR7qMaZYntXGh35oTV6HduQINBFj4c/QBEADeHKNnH5jr3L6zALvAdSbSjxKQOzSNlPPdnsn2eO5WMZ7hKeXx3XXII0IS60KDmvlL8fkG1LQ3lCCWpf5xcmhgPDh+CuTcdXIqbajxfMIy6HD3oeogv5JdpRM0HhGZOj5cAYetJDumz/AESVmjAS5ke0HQF4S7gSwDtFwbt8qp2vY3fZVDPhjImAV/u+6tIgy/LoS7++jsdQNhhGfMs2YBdfqTvCRSA+e9zUAMWHw2iSPXr2FMzVFKDhRW6tW50qTW7iYiwjPjBG9qeiXpPrtV/TzGAWCNyfsPPyWta21SzdclPVhC2RvRaGsdXcjLGV5igMPCfkVzLnNa3Dz06UdQspKlhBKz1jV2qkuolwlN6kUHX2MwjDREt/Q2nshqkacMwMuu/uakyYhLVWJ1zK7BfopOZPDrblsgCla9K6tCwOklvenrBCBWjOaPy7+an9Fksn1ipqu67W3N3qBlApQtt0sYUXjBg4fz0cXck8zhQDydR6D3VRa976XWU0Vax6/7loKxFS13o87VRu+OtCWpqxHKBwsaBPFMqi/FDhDcmvZF27dhxvj0l4LHg5cHW0+0NuEaVEiNozygU7ZZDFPJBBbqp6S0JiZUL3Rn2otXaW76ESLwAkHKn7xKZM80YoMBvFOXsS0K2K6PnPX8PmcsnLp0taoFcnjfgx5TJe7MSQARAQABiQI8BBgBCgAmAhsMFiEE0pDnlDkdAWx0tbuvZCFUA4h1bgQFAluZCCUFCQtIvbEACgkQZCFUA4h1bgTnNA/+MgKb6YBy9iSmBqZAjidJtGHKVq1//zatExd7ASQ/pvRlmc4/LrqesWsF8i10rJy2U//o96OtvORv7bl3URqjDWzqC4r9yJkTXNWxW8k1ZKgCMvxI440uu76ouwHPwpY+iRUH0xPWRsl9tPxsgLKcEyYGFCd42ecpkLCxi5c9v8A5sVt+Wl2cSvBOLViDzbHMmxxs0KQQ/6in+HM8NDUOP9CP8G+W3kJgT2tL0VRmGiIhxJYh3GIMWQgxcjdqMYM3BDY8cnNLNVL90pE+8hiq84Q9d3UpkUXlJqjr2TOk5+KfLaNS7CSsOCpSQagMFpWJEQO7FisedWhVTe9RZLdcI+MK8nrqW72n0kt7A/Yafv2teWQbq3jCjamMryR/n7X8WW/bTMvdfw0vw5vWVvCDLCQx+sLeNNwWl8291JZNPaSjhuUkK7npNRHV8M3AC5UhhJjwS5K98YeZUeE/4SLN+pk3eKg8Jt9tPBGn0okULWU5IkgmEfTMBRy8ZpQp7B2wIvNdpPPmq9bK9p/uYODTetwfajkE8RlOT7Vor9NUBZb2g6gu2CwiPAhOS5TY/Oqgh3rvBcDS8X9pgOYXpnTrRLJNhZEjNawRvsqbjJV7vpzLx6/Qj0RvfminJWZZz54gHHuh/98PpmByzXLdpQ8GH+PiUd8n5AyA9FxW81kSLTE==o/fv
+-----END PGP PUBLIC KEY BLOCK----- 
+```
diff --git a/src/content/es/pages/servers.md b/src/content/es/pages/servers.md
new file mode 100644
index 000000000..cd0f849c7
--- /dev/null
+++ b/src/content/es/pages/servers.md
@@ -0,0 +1,5 @@
+---
+title: IVPN Server Status
+url: /status/
+layout: servers
+---
diff --git a/src/content/es/pages/setup/android-ipsec-with-ikev2.md b/src/content/es/pages/setup/android-ipsec-with-ikev2.md
new file mode 100644
index 000000000..d528a88f0
--- /dev/null
+++ b/src/content/es/pages/setup/android-ipsec-with-ikev2.md
@@ -0,0 +1,26 @@
+---
+title: Android IPSec with IKEv2 Setup Guide
+url: /setup/android-ipsec-with-ikev2/
+layout: setup
+platform: android
+---
+# IPSec with IKEv2 setup guide
+
+1.  On your Android device, go to `Google Play`, search and install `strongSwan VPN Client` app.
+
+2.  Launch the app, click on the `Add VPN Profile` button and fill in the following configuration:
+
+    **Server** - choose any from the [server list](/status/) (i.e. **gb.gw.ivpn.net**)  
+    **VPN Type** – IKEv2 EAP (Username/Password).  
+    **Username** – your IVPN account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' (case-sensitive).  
+    **Password** – `ivpn`.  
+    **CA certificate** – check `Select automatically`.  
+    **Profile name** – give it any name you prefer.  
+    **Server identity** (check Show advanced settings) – same as the `Server` field.  
+    Hit `Save`.  
+
+    ![](/images-static/uploads/android-ipsec-with-ikev2-002.jpg)
+
+3.  You have successfully created a new VPN profile. Tap on it to connect or disconnect.
+
+    ![](/images-static/uploads/android-ipsec-with-ikev2-003.jpg)
diff --git a/src/content/es/pages/setup/android-openvpn-for-android.md b/src/content/es/pages/setup/android-openvpn-for-android.md
new file mode 100644
index 000000000..abf6de897
--- /dev/null
+++ b/src/content/es/pages/setup/android-openvpn-for-android.md
@@ -0,0 +1,53 @@
+---
+title: OpenVPN for Android v4.0+ Setup Guide
+url: /setup/android-openvpn-for-android/
+layout: setup
+platform: android
+---
+# OpenVPN for Android setup guide
+
+[OpenVPN for Android](https://play.google.com/store/apps/details?id=de.blinkt.openvpn&hl=en) is an open source client compatible with all versions of Android 4.x (Ice Cream Sandwich) and later. Most devices released since 2012 are running Android 4.x or later.
+
+1.  Download the [OpenVPN config files](/openvpn-config) either directly to your android device or to a seperate PC and unzip the file. If using a PC, transfer the contents to your Android device via USB/SD-card/Dropbox.
+
+2.  Open the Google Play Store and install `openvpn for android` by Arne Schwabe. When the installation is complete tap `Open`.
+
+3.  Tap on the `+` icon.
+
+    ![](/images-static/uploads/install-openvpn-for-android-010-281x500.png)
+
+4.  Tap on the `import` button.
+
+    ![](/images-static/uploads/install-openvpn-for-android-020-281x500.png)
+
+5.  Navigate to the folder location where you copied the files in step 1 and tap on the name of the server that you wish to connect to (the server config files end with .ovpn).
+
+    ![](/images-static/uploads/install-openvpn-for-android-030-281x500.png)
+
+6.  You will see confirmation that the config file has been imported. Tap the `save to disk` icon in the bottom right area.
+
+    ![](/images-static/uploads/install-openvpn-for-android-040-281x500.png)
+
+7.  You will see the server is now available in the profiles tab. Tap the server name to connect.
+
+    ![](/images-static/uploads/install-openvpn-for-android-050-281x500.png)
+
+8.  Grant the application permission by clicking `I trust this application` and `OK`.
+
+    ![](/images-static/uploads/install-openvpn-for-android-060-281x500.png)
+
+9.  Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' and any password.
+
+    <div markdown="1" class="notice notice--info">
+    Only your account ID is used for authentication and is case-sensitive. The password field can be left empty or set to anything if your client software requires a non-blank password.
+    </div>
+
+    Tap the `Save Password` box if you do not wish to enter credentials everytime you connect. Tap the `OK` button.
+
+    ![](/images-static/uploads/install-openvpn-for-android-070-281x500.png)
+
+10. Once successfully connected you should see a lock icon in the notification area at the top. If you pull down your notification bar you should see the 'OpenVPN for Android' app listed showing that you are connected. If you tap on this button you should see statistics about the connection incl option to disconnect.
+
+    ![](/images-static/uploads/install-openvpn-for-android-080-281x500.png)
+
+11. Repeat steps 3-6 if you need to create any additional VPN server connections.
diff --git a/src/content/es/pages/setup/android-wireguard.md b/src/content/es/pages/setup/android-wireguard.md
new file mode 100644
index 000000000..2af51ba8c
--- /dev/null
+++ b/src/content/es/pages/setup/android-wireguard.md
@@ -0,0 +1,26 @@
+---
+title: WireGuard setup guide for Android
+url: /setup/android-wireguard/
+layout: setup
+platform: android
+---
+# WireGuard setup guide
+
+<div markdown="1" class="notice notice--warning">
+To use WireGuard on Android, we recommend downloading IVPN's <a href="/apps-android/">Android client</a>, which supports the protocol. Please follow the steps below if you would prefer to use the official WireGuard app for Android instead:
+</div>
+
+1.  Download and install the latest version of WireGuard from the [Play Store](https://play.google.com/store/apps/details?id=com.wireguard.android&hl=en_GB&gl=US).
+
+2.  Navigate to our [config file generator](/account/wireguard-config)
+
+3.  Choose `Generate key` or `Add key` manually
+
+4.  Select the required `Single` or `Multi-hop` server configuration, `Port`, `Internet protocol` and hit `Generate QR code`
+
+5.  Launch the WireGuard app, tap on the `+` button in the bottom right > `Scan QR-code`. Give it any name and tap on the `Create Tunnel`. 
+
+6.  Toggle the connect switch on and check your connection status on our website:<br></br>
+![](/images-static/uploads/connection-status-tool.png)
+
+
diff --git a/src/content/es/pages/setup/ios-ipsec-ikev2.md b/src/content/es/pages/setup/ios-ipsec-ikev2.md
new file mode 100644
index 000000000..cdd4139b9
--- /dev/null
+++ b/src/content/es/pages/setup/ios-ipsec-ikev2.md
@@ -0,0 +1,29 @@
+---
+title: IPSec IKEv2 for iOS Setup Guide
+url: /setup/ios-ipsec-ikev2/
+layout: setup
+platform: ios
+---
+# IPSec with IKEv2 setup guide
+
+This guide will help you set up an IPSec connection using IKEv2.
+
+1.  On your iOS device, navigate to `Settings` -> `VPN` and click on the `Add VPN Configuration` button.
+
+2.  Enter the following configuration:
+
+    - **Type** = IKEv2  
+    - **Description** = Any description to identify VPN server  
+    - **Server** = Choose a server from the <a href="/status/" target="_blank">Server Status</a> page. It must be a server with 'gw' in the name. (e.g. pl1.gw.ivpn.net for Warsaw, Poland).
+    - **Remote ID** = Same value as the **Server** field above
+    - **Local ID** = Empty  
+    - **User Authentication type** = Username  
+    - **Username** = Your IVPN account ID that begins like 'i-XXXX-XXXX-XXXX' or 'ivpnXXXXXXXX' (case-sensitive).
+    - **Password** = ivpn
+    - **Proxy settings** = Off  
+
+3.  Tap `Done` to finalize the setup.
+
+4.  Your newly created VPN configuration is now available. Tap on the switch button to connect or disconnect.
+
+    ![](/images-static/uploads/ios-ipsec-with-ikev2-02.jpg)
diff --git a/src/content/es/pages/setup/ios-openvpn-connect.md b/src/content/es/pages/setup/ios-openvpn-connect.md
new file mode 100644
index 000000000..78fc272eb
--- /dev/null
+++ b/src/content/es/pages/setup/ios-openvpn-connect.md
@@ -0,0 +1,43 @@
+---
+title: OpenVPN for iOS Setup Guide
+url: /setup/ios-openvpn-connect/
+layout: setup
+platform: ios
+---
+# OpenVPN Connect setup guide
+
+OpenVPN Connect is the official iOS client from OpenVPN Technologies.
+
+1.  Install app from the [iTunes store](https://apps.apple.com/us/app/openvpn-connect/id590379981).
+
+    ![](/images-static/uploads/install-openvpn-connect-iphone-010-320x480.png)
+
+2.  Download the [IVPN config files](/openvpn-config) to your Mac/PC and unzip. Within the extracted folder are the config files which represent each server in the IVPN network. You will need one or more of these files in the next step depending on whether you want to connect to a server in a single location or wish to have all the locations available on your iPhone.
+
+3.  To upload the configurations file/s into OpenVPN Connect, you have to either upload them to a cloud storage service such as dropbox or email them to yourself (or use AirDrop if you know how to use it).
+
+    To use dropbox, upload the config file/s to your dropbox account. On the iPhone, open Dropbox and select a config file. Click on the share icon (square with an arrow pointing up) in the top right corner. Tap on the `Open in` icon and then tap `Copy to OpenVPN`.
+
+    To email, send the config file/s to an email address that is accessible on your device. Open the email and tap the icon of the configuration file in your email. Choose the option `Copy to OpenVPN`.
+
+4.  Tap the green "+" button to add the server.
+
+    ![](/images-static/uploads/install-openvpn-connect-iphone-020-320x480.png)
+
+5.  Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' and any password.
+
+    <div markdown="1" class="notice notice--info">
+    Only your account ID is used for authentication and is case-sensitive. The password field can be left empty or set to anything if your client software requires a non-blank password.
+    </div>
+
+    Click on the `save` slider if you wish to save your credentials. Click on the `Connection` slider (under the disconnected button) to initiate the connection.
+
+    ![](/images-static/uploads/install-openvpn-connect-iphone-030-320x480.png)
+
+6.  If you see a message asking you whether to "Allow OpenVPN to enable VPN connection" click `Yes`.
+
+    ![](/images-static/uploads/install-openvpn-connect-iphone-040-320x480.png)
+
+7.  Once connected you will see the new status `Connected` and also a VPN status bar icon. You can click on the `+` symbol to see more information about your connection.
+
+    ![](/images-static/uploads/install-openvpn-connect-iphone-050-320x480.png)
diff --git a/src/content/es/pages/setup/ios-wireguard.md b/src/content/es/pages/setup/ios-wireguard.md
new file mode 100644
index 000000000..ce10ab10f
--- /dev/null
+++ b/src/content/es/pages/setup/ios-wireguard.md
@@ -0,0 +1,26 @@
+---
+title: WireGuard setup guide for iOS
+url: /setup/ios-wireguard/
+layout: setup
+platform: ios
+---
+# WireGuard setup guide
+
+<div markdown="1" class="notice notice--warning">
+To use WireGuard on iOS, we recommend downloading IVPN's <a href="/apps-ios/">iOS client</a>, which supports the protocol. Please follow the steps below if you would prefer to use the official WireGuard app for iOS instead:
+</div>
+
+1.  Download and install the latest version of WireGuard from the [App Store](https://apps.apple.com/us/app/wireguard/id1441195209).
+
+2.  Navigate to our [config file generator](/account/wireguard-config)
+
+3.  Choose `Generate key` or `Add key` manually
+
+4.  Select the required `Single` or `Multi-hop` server configuration, `Port`, `Internet protocol` and hit `Generate QR code`
+
+5.  Launch the WireGuard app, tap on the `Add a tunnel` button in the middle > `Create from QR-code`. Give it any name and tap on the `Create Tunnel`
+
+6. `Allow` the "WireGuard would like to add VPN configurations" prompt
+
+7.  Toggle the connect switch on and check your connection status on our website:<br></br>
+![](/images-static/uploads/connection-status-tool.png)
diff --git a/src/content/es/pages/setup/linux-ipsec-with-ikev2.md b/src/content/es/pages/setup/linux-ipsec-with-ikev2.md
new file mode 100644
index 000000000..c1c69cc8c
--- /dev/null
+++ b/src/content/es/pages/setup/linux-ipsec-with-ikev2.md
@@ -0,0 +1,44 @@
+---
+title: Linux IPSec with IKEv2 Setup Guide
+url: /setup/linux-ipsec-with-ikev2/
+layout: setup
+platform: linux
+---
+# IPSec with IKEv2 setup guide
+
+The following Strogswan configuration is known to work:
+
+1.  Create a config file in your strongswan `ipsec.d` directory e.g. `ivpn.conf` with the following
+
+    ```
+    conn ivpn
+        keyexchange=ikev2
+        right=gb.gw.ivpn.net
+        rightid=gb.gw.ivpn.net
+        rightsubnet=0.0.0.0/0
+        rightauth=pubkey
+        leftsourceip=%config
+        leftauth=eap-mschapv2
+        eap_identity=ivpnaccountID
+        auto=start
+        dpdaction=restart
+    ```
+
+    Change the right= and rightid= as appropriate for the server you want to connect to.  The `ivpnaccountID` is case-sensitive.
+
+2.  Create a .secrets file e.g. ivpn.secrets in the strongswan ipsec.d directory e.g. ivpn.secrets with the following
+
+    ```
+    ivpnaccountID : EAP "ivpn"
+    ```
+
+    Note that there is a space either side of the colon `:`.
+
+3.  Depending on your Linux distribution and version, you may need to download some or all of the following certificates and store them in files located in your strongswan ipsec.d/cacerts directory:  
+
+    [https://letsencrypt.org/certs/letsencryptauthorityx3.pem.txt](https://letsencrypt.org/certs/letsencryptauthorityx3.pem.txt)  
+    [https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem.txt](https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem.txt)  
+    [https://letsencrypt.org/certs/trustid-x3-root.pem.txt](https://letsencrypt.org/certs/trustid-x3-root.pem.txt)  
+    [https://letsencrypt.org/certs/isrgrootx1.pem.txt](https://letsencrypt.org/certs/isrgrootx1.pem.txt)  
+
+4.  Tell strongswan to restart or reload it's config.
diff --git a/src/content/es/pages/setup/linux-netman.md b/src/content/es/pages/setup/linux-netman.md
new file mode 100644
index 000000000..cbd5538d8
--- /dev/null
+++ b/src/content/es/pages/setup/linux-netman.md
@@ -0,0 +1,51 @@
+---
+title: OpenVPN using NetworkManager Setup Guide
+url: /setup/linux-netman/
+layout: setup
+platform: linux
+---
+# OpenVPN NetworkManager setup guide
+
+<div markdown="1" class="notice notice--warning">
+Network Manager is designed to provide automatic connectivity, through whatever channels are available. Once a VPN connection is established, all traffic is routed through the tunnel. After network interruptions, Network Manager will normally automatically restart OpenVPN to reconnect.
+<br><br>
+However, Network Manager occasionally kills the OpenVPN process after network interruptions. High network loading seems to increase the risk. And when connectivity returns, Network Manager doesn't restart OpenVPN.
+<br><br>
+Therefore, to ensure that you have no leaks when using OpenVPN with Network Manager, it's crucial to have firewall (iptables) rules that restrict traffic to the VPN tunnel, and that allow direct connections only to the VPN server. It's also prudent to block all IPv6 traffic.
+</div>
+
+1. Install OpenVPN and the OpenVPN plugin for the Network Manager. Depending on your distro you may also require the `network-manager-openvpn-gnome` package.
+
+   ```
+   sudo apt-get install openvpn network-manager-openvpn
+   ```
+
+2. Download the [latest config files](/openvpn-config) and extract contents to a temporary directory.
+
+3. Click on the Network Manager icon (normally top right menubar) and select `Edit connections..` > `"+"` > `Import a saved VPN configuration..` > `Create`.
+
+4. Select one of the .ovpn files you extracted from step 2 representing the server you would like to configure and click `Open` to import.
+
+5. The VPN configuration window will open on the `VPN` tab. Under the `Authentication` heading update the `Type` to `Password`.
+
+6. Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' and any password.
+
+   <div markdown="1" class="notice notice--info">
+   Only your account ID is used for authentication and is case-sensitive. The password field can be left empty or set to anything if your client software requires a non-blank password.
+   </div>
+
+7. Click on the Network Manager icon in the toolbar and select the newly configured server under `VPN Connections`.
+
+8. Once connected you should see a a small lock next to the Network Manager icon. You can confirm that you are connected by checking your external IP in the terminal.
+
+   ```
+   curl ifconfig.co
+   ```
+
+### Troubleshooting
+
+Most issues can be easily resolved by reviewing the OpenVPN logs. Network Manager normally writes to the syslog e.g. `/var/log/syslog` or `/var/log/messages`. You can filter the relevant logs by using grep e.g.
+
+```
+sudo grep VPN /var/log/syslog
+```
diff --git a/src/content/es/pages/setup/linux-terminal.md b/src/content/es/pages/setup/linux-terminal.md
new file mode 100644
index 000000000..e13170399
--- /dev/null
+++ b/src/content/es/pages/setup/linux-terminal.md
@@ -0,0 +1,165 @@
+---
+title: OpenVPN using terminal Setup Guide
+url: /setup/linux-terminal/
+layout: setup
+platform: linux
+---
+# OpenVPN Terminal setup guide
+
+1.  Install OpenVPN using your package manager if it is not installed already:
+
+    #### Debian, Ubuntu, Mint:
+
+    ```
+    sudo apt-get install openvpn
+    ```
+
+    #### Fedora, CentOS:
+
+    ```
+    sudo yum install openvpn
+    ```
+
+    or
+
+    ```
+    sudo dnf install openvpn
+    ```
+
+    #### Arch, Manjaro:
+
+    ```
+    sudo pacman -S openvpn
+    ```
+
+    #### openSUSE:
+
+    ```
+    zypper install openvpn
+    ```
+
+2.  Download the OpenVPN [config files](/openvpn-config) to your home directory and extract the contents to a known location. 
+    <div markdown="1" class="notice notice--info">
+    Note: In most cases you want to use the UDP Protocol.
+    </div>
+
+
+    ```
+    unzip ivpn-openvpn-config.zip
+    Archive:  ivpn-openvpn-config.zip
+        creating: ivpn-openvpn-config/
+        inflating: ivpn-openvpn-config/Austria.ovpn
+        inflating: ivpn-openvpn-config/Australia.ovpn
+        ...
+    cd ivpn-openvpn-config/
+    pwd
+    /home/user/ivpn-openvpn-config
+    ```
+
+    In this case, the configuration files are in the `ivpn-openvpn-config/` sub-folder of the **user** home folder. The full path is `/home/user/ivpn-openvpn-config/`.
+
+    <div markdown="1" class="notice notice--info">
+    Note: Unless your Linux user account is called user the full path will likely be different on your computer system.
+    </div>
+    
+
+3.  You can initiate an OpenVPN connection by specifying the configuration file you wish to use. You will need to manually enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' and any password.
+   
+    <div markdown="1" class="notice notice--info">
+    Only your account ID is used for the authentication and is case-sensitive. The password can be anything, like "ivpn", if your client requires a non-blank password.
+    </div>
+
+    ```
+    sudo openvpn --config /home/user/ivpn-openvpn-config/Austria.ovpn
+    ```
+
+    or
+
+    ```
+    cd /home/user/ivpn-openvpn-config/
+    sudo openvpn --config Austria.ovpn
+    ```
+
+    <div markdown="1" class="notice notice--info">
+    Note: If you close the Terminal window with an active VPN connection, the VPN will be disconnected. Please keep the Terminal window open. You can also disconnect the VPN by pressing `Ctrl+c` in the Terminal window. You will see a few extra lines as the connection cleans up.
+    </div>
+
+4.  It is possible to create a file to store your credentials, which saves from entering them for each connection. Create a file called `pass` in a known location. This known location might be the same `ivpn-openvpn-config/` from the previous steps. Enter your account ID (starts with 'ivpn') on the first line and any password on the second line:
+
+    ```
+    nano /home/user/ivpn-openvpn-config/pass
+    ivpnADCdef123
+    anyPasswordHere
+    ```
+
+    Press `Ctrl+x` to save the file and exit from the `nano` editor.
+
+5.  Protect your credentials from other users on your computer system:
+
+    ```
+    chmod 400 home/user/ivpn-openvpn-config/pass
+    ```
+
+6.  Update the .ovpn files to point to your credential file. A single file can be edited manually:
+
+    ```
+    nano /home/user/ivpn-openvpn-config/Austria.ovpn
+    ```
+
+    Change the `auth-user-pass` line to `auth-user-pass /home/user/ivpn-openvpn-config/pass`. Press `Ctrl+x` to save the file and exit from the nano editor.
+
+    All of the .ovpn files can be changed at the same time:
+
+    ```
+    cd /home/user/ivpn-openvpn-config/
+    sed -i 's:auth-user-pass:auth-user-pass /home/user/ivpn-openvpn-config/pass:' *.ovpn
+    ```
+
+7.  After connecting to one of our OpenVPN servers, the internal DNS server for the VPN connection can be automatically added to the `/etc/resolv.conf` file if you have either the `resolvconf` or `openresolv` package installed. When the VPN connection is established, the `resolvconf` package will create a temporary backup of your computer system's `/etc/resolv.conf` file and replace the contents with our internal DNS server. This is automatic on most distributions, but some Debian-based distros have trouble with the extra DNS.
+
+    A temporary fix is to edit the /etc/resolv.conf file to make sure the only DNS server present is ours. First, find the VPN server IP address:
+
+    ```
+    ip a | grep tun
+    tun0: <POINTOPOINT...
+        inet 10.x.y.z/22 ...
+    ```
+
+    The corresponding DNS server for this `10.x.y.z` IP address is `10.x.y.1`. You could also use our global internal IP address: `10.0.254.1`. Comment out all non-blank lines and add one for our DNS server:
+
+    ```
+    sudo nano /etc/resolv.conf
+    # a comment is a line that starts with '#'
+    #
+    #nameserver 192.168.0.1
+    #search domain
+    nameserver 10.x.y.1
+    ```
+
+    Press `Ctrl+x` to save the file and exit from the `nano` editor.
+
+    You can undo the changes to the `/etc/resolv.conf` file by editing it with the `nano` editor and reversing the changes. The file will also be restored to the original state if you reboot your computer system.
+
+8.  A more permanent DNS fix is available via [this guide](/knowledgebase/linux/linux-webpages-do-not-load-or-dns-leaks-when-connecting-via-networkmanager/).
+
+9.  If you wish to have the OpenVPN connection establish automatically with the system start, please see the following guides for [Ubuntu](/knowledgebase/linux/linux-autostart-openvpn-in-systemd-ubuntu/) and [Fedora](/knowledgebase/linux/linux-autostart-openvpn-in-systemd-fedora/).
+
+10. Check your external IP to verify that you are connected:
+
+    ```
+    curl https://api.ivpn.net/v4/geo-lookup
+    ```
+
+    If you have the `jq` JSON parser program installed, it looks a little friendlier:
+
+    ```
+    curl https://api.ivpn.net/v4/geo-lookup | jq
+    ```
+
+### Troubleshooting
+
+1.  Most issues can be easily resolved by reviewing the logs. The diagnostic logging for the connection is available in the same Terminal window that you executed the connection command from. Some distributions will write OpenVPN logs to the syslog e.g. `/var/log/syslog` or `/var/log/messages`. You can filter VPN connection details with the `grep` command:
+
+    ```
+    grep -i vpn /var/log/syslog
+    ```
diff --git a/src/content/es/pages/setup/linux-wireguard-netman.md b/src/content/es/pages/setup/linux-wireguard-netman.md
new file mode 100644
index 000000000..4607b1235
--- /dev/null
+++ b/src/content/es/pages/setup/linux-wireguard-netman.md
@@ -0,0 +1,100 @@
+---
+title: WireGuard using NetworkManager Setup Guide
+url: /setup/linux-wireguard-netman/
+layout: setup
+platform: linux
+---
+# WireGuard NetworkManager setup guide
+
+WireGuard support was added to NetworkManager in v1.16. This guide was created with NetworkManager v1.20.4-1 on Manjaro with KDE and verified on openSUSE Tumbleweed with KDE with NetworkManager v1.18.2-1.1. Generally, KDE's implementation of NetworkManager supports WireGuard, though other desktop environments might not.
+
+### Configure your environment
+
+1.  [Install WireGuard](https://www.wireguard.com/install/) for your distribution.
+
+    Install additional packages for Debian/Ubuntu/Mint:
+
+    ```
+    $ sudo apt install resolvconf curl
+    ```
+
+2.  Generate your private and public keys and store them in a safe place.
+
+    ```
+    $ cd ~
+    $ mkdir wireguard
+    $ cd wireguard
+    $ wg genkey | tee privatekey | wg pubkey > publickey
+    $ chmod 600 privatekey
+    $ cat privatekey
+    abcdefghijklmnopqrstuvwxyz0123456789=
+    $ cat publickey
+    9876543210zyxwvutsrqponmlkjihgfedcba=
+    ```
+
+    Note: The keys above are examples only.
+
+### Setup WireGuard to use IVPN
+
+1.  Log in to the [IVPN Account Area](/account/login/).
+
+2.  From the `Account` page, click the `WireGuard` tab. Go to `WireGuard Key Management` located under `Tools`. Click the `Add New Key` button. Copy the contents of the public key file and paste them into the `Public Key:` field. Add a comment, like `Linux` if you prefer, and click the `Add Key` button.
+
+    <div markdown="1" class="notice notice--warning">
+    Be sure to copy the PUBLIC key and not the PRIVATE key. The PRIVATE key must always be kept a carefully guarded secret.
+    </div>
+
+3.  Make note of the `IP Address` beside your newly added public key on the WireGuard tab in the Account Area. This is the IP address your computer system will have on our internal network. It will be in the form `172.x.y.z`.
+
+4.  Open the NetworkManager `Configure network connections` window. This is often available via an icon in the system tray near the clock, though each Linux distribution may be different.
+
+5.  Click the `+` to add a new connection. Select `WireGuard` from the list, then click the `Create` button.
+
+6.  The `Connection name:` field should reflect the server location and will be used as the network interface name. Alphanumeric characters and dashes may be good choices, which easily reflect the names of our servers (ie. ca1, de1, us-ga1).
+
+    Enter your private key in the `Private Key:` field on the `WireGuard Interface` tab.
+
+    ![](/images-static/uploads/wg-nm-10-new-connection1.png)
+
+7.  Click the `Peers...` button on the `WireGuard Interface` tab and add the following:
+
+    <div markdown="1" class="notice notice--info">
+    <strong>Public key:</strong> = WireGuard server public key available on the <strong>WireGuard Server List</strong> page in the Account Area<br>
+    <strong>Allowed IPs:</strong> = 0.0.0.0/0<br>
+    <strong>Endpoint address:</strong> = WireGuard server address available on the <strong>WireGuard Server List</strong> page in the Account Area<br>
+    <strong>Endpoint port:</strong> = choose one of the ports we offer: 53, 80, 443, 1194, 2049, 2050, 30587, 41893, 48574, 58237
+    </div>
+
+    Click `OK`.
+
+    ![](/images-static/uploads/wg-nm-20-peer1.png)
+
+8.  On the IPv4 tab, set `Method:` to **Manual**. The DNS server can be one of three options:
+
+    <div markdown="1" class="notice notice--info">
+    <strong>172.16.0.1</strong> = regular DNS with no blocking<br>
+    <strong>10.0.254.2</strong> = standard AntiTracker to block advertising and malware domains<br>
+    <strong>10.0.254.3</strong> = Hardcore Mode AntiTracker to also block Google and Facebook domains
+    </div>
+
+    Click the `+ Add` button to add the IP address we have assigned your account in step 3 above. The Netmask is 255.255.255.255 and the Gateway is 0.0.0.0.
+
+    ![](/images-static/uploads/wg-nm-30-IPv4-1.png)
+
+9.  On the **IPv6** tab, set `Method:` to **Ignored**.
+
+10. Click the `Save` button.
+
+### Connecting and Disconnecting
+
+1.  To connect, click the `NetworkManager` icon in the system tray and click `Connect` beside the newly created WireGuard connection.
+
+2.  Check the connection status.
+
+    ![](/images-static/uploads/wg-nm-40-connection-status1.png)
+
+3.  Check [https://www.dnsleaktest.com](https://www.dnsleaktest.com) to verify the IP address your traffic is coming from (and that there are no leaks).
+
+4.  To disconnect, click the `NetworkManager` icon in the system tray and click the `Disconnect` button next to the active connection.
+
+    ![](/images-static/uploads/wg-nm-50-disconnect1.png)
diff --git a/src/content/es/pages/setup/linux-wireguard.md b/src/content/es/pages/setup/linux-wireguard.md
new file mode 100644
index 000000000..6a68bf6f5
--- /dev/null
+++ b/src/content/es/pages/setup/linux-wireguard.md
@@ -0,0 +1,160 @@
+---
+title: WireGuard using terminal Setup Guide
+url: /setup/linux-wireguard/
+layout: setup
+platform: linux
+---
+# WireGuard terminal setup guide
+
+### Configure your environment
+
+1.  [Install WireGuard](https://www.wireguard.com/install/) for your distribution.
+
+    Install additional packages for Debian/Ubuntu/Mint:
+
+    ```
+    $ sudo apt install resolvconf curl
+    ```
+
+2.  Generate your private and public keys and store them in a safe place.
+
+    ```
+    $ cd ~
+    $ mkdir wireguard
+    $ cd wireguard
+    $ wg genkey | tee privatekey | wg pubkey > publickey
+    $ chmod 600 privatekey
+    $ cat privatekey
+    abcdefghijklmnopqrstuvwxyz0123456789=
+    $ cat publickey
+    9876543210zyxwvutsrqponmlkjihgfedcba=
+    ```
+
+    Note: The keys above are examples only.
+
+### Setup WireGuard to use IVPN
+
+1.  Log in to the [IVPN Client Area](/account/login/).
+
+2.  On the `VPN Accounts` page, click the `WireGuard` tab. Go to `WireGuard Key Management` located under `Tools`. Click the `Add New Key` button. Copy the contents of the public key file and paste them into the `Public Key:` field. Add a comment, like `Linux` if you prefer, and click the `Add Key` button.
+
+    <div markdown="1" class="notice notice--warning">
+    Be sure to copy the PUBLIC key and not the PRIVATE key. The PRIVATE key must always be kept a carefully guarded secret.
+    </div>
+
+3.  Make note of the `IPv4 address` and `IPv6 address` beside your newly added public key on the WireGuard tab in the Client Area. These are the IP addresses your computer system will have on our internal network that will be in the `172.x.y.z` & `fd00:4956:504e:ffff::aaaa:bbbb` format respectively.
+
+4.  WireGuard uses the UDP protocol and IVPN offers different ports to connect on. Choose a port:
+
+    ```
+    udp 53
+    udp 80
+    udp 443
+    udp 1194
+    udp 2049
+    udp 2050
+    udp 30587
+    udp 41893
+    udp 48574
+    udp 58237
+    ```
+
+5.  Choose a WireGuard server to connect to from our **[Server Status](/status/)** page. Remember the hostname and the public key of the server.
+
+6.  To create a WireGuard configuration file for the connection you will need the following information:
+
+    Your private key from step #2 of the environment configuration.
+
+    ```
+    $ cat ~/wireguard/privatekey
+    abcdefghijklmnopqrstuvwxyz0123456789=
+    ```
+
+    Your assigned IP addresses from step #3 above.
+
+    ```
+    172.x.y.z, fd00:4956:504e:ffff::aaaa:bbbb
+    ```
+
+    The server port from step #4 above.
+
+    ```
+    2049
+    ```
+
+    The server `hostname` and server `public_key` from step #5 above.
+
+    ```
+    us-tx1.wg.ivpn.net
+    JPT1veXLmasj2uQDstX24mpR7VWD+GmV8JDkidkz91Q=
+    ```
+
+7.  Create the WireGuard configuration file.
+
+    ```
+    $ sudo mkdir /etc/wireguard
+    $ sudo touch /etc/wireguard/us-tx1.conf
+    $ sudo chmod 600 /etc/wireguard/us-tx1.conf
+    $ sudo nano /etc/wireguard/us-tx1.conf
+    ```
+
+    Use Nano or your favorite text editor to edit the configuration file. Enter the details accordingly
+
+    ```
+    [Interface]
+    PrivateKey = abcdefghijklmnopqrstuvwxyz0123456789=
+    Address = 172.x.y.z/32, fd00:4956:504e:ffff::x:y/128
+    DNS = 172.16.0.1
+    [Peer]
+    PublicKey = JPT1veXLmasj2uQDstX24mpR7VWD+GmV8JDkidkz91Q=
+    Endpoint = us-tx1.wg.ivpn.net:2049
+    AllowedIPs = 0.0.0.0/0, ::/0
+    ```
+
+    Press `Ctrl + x` to save the file and exit from the nano editor.
+
+    <div markdown="1" class="notice notice--info">
+    - Add '/32' & '/128' to the end of your assigned IPv4 and IPv6 addresses respectively.<br>
+    - Add the chosen port at the end of the hostname with a prefix of ':'
+    </div>
+
+8.  You are now ready. To connect run:
+
+    ```
+    $ sudo wg-quick up us-tx1
+    ```
+
+9.  Check the contents of `/etc/resolv.conf` to confirm that the `wg-quick` program updated the DNS server in your system.
+
+    ```
+    $ cat /etc/resolv.conf
+    nameserver 172.16.0.1
+    ...
+    ```
+
+    You may have to manually add an entry for our internal DNS IP address.
+
+    ```
+    $ sudo nano /etc/resolv.conf
+    nameserver 172.16.0.1
+    ...
+    ```
+
+    Press `Ctrl + x` to save the file and exit from the nano editor.
+
+10. Check your external IPv4 & IPv6 IP addresses to verify that you are connected to IVPN.
+
+    ```
+    $ curl ifconfig.co
+    $ curl -6 ifconfig.co
+    ```
+
+11. To disconnect run:
+
+    ```
+    $ sudo wg-quick down us-tx1
+    ```
+
+    <div markdown="1" class="notice notice--warning">
+    Be sure to undo the manually applied changes to <code>/etc/resolv.conf</code> if any changes were required.
+    </div>
diff --git a/src/content/es/pages/setup/macos-ipsec-with-ikev2.md b/src/content/es/pages/setup/macos-ipsec-with-ikev2.md
new file mode 100644
index 000000000..5b4332393
--- /dev/null
+++ b/src/content/es/pages/setup/macos-ipsec-with-ikev2.md
@@ -0,0 +1,41 @@
+---
+title: IPSec IKEv2 for macOS Setup Guide
+url: /setup/macos-ipsec-with-ikev2/
+layout: setup
+platform: macos
+---
+# IPSec with IKEv2 setup guide
+
+This guide will help you set up an IPSec connection using IKEv2
+
+1. In the dock click `System Preferences`
+
+2. In System Preferences click `Network`
+
+3. In Network click the `+` symbol on the bottom left
+
+4. Select `Interface` VPN
+   
+   Select `VPN Type` IKEv2
+   
+   Give this a `Service Name` to identify it by and click `Create`
+
+   ![](/images-static/uploads/mac-osx-ipsec-with-ikev2-004.png)
+
+5. In Network fill in the `Server Address` using the address of one of the servers from the [server status](/status/) list (depending on which country you want to connect to). The `Remote ID` should be the same as the Server Address
+
+   ![](/images-static/uploads/mac-osx-ipsec-with-ikev2-005.png)
+
+6. Click `Authentication Settings ...`. Select `Username`. Fill in your IVPN Account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' (case-sensitive) and the following password - `ivpn`. Click `OK`
+
+   ![](/images-static/uploads/mac-osx-ipsec-with-ikev2-006.png)
+
+7. In Network click `Apply`
+
+8. To connect, in network click on the adaptor created above then click `Connect`
+
+   ![](/images-static/uploads/mac-osx-ipsec-with-ikev2-008.png)
+
+9. To Disconnect, in network click on the adaptor and then click `Disconnect`.
+
+   ![](/images-static/uploads/mac-osx-ipsec-with-ikev2-009.png)
diff --git a/src/content/es/pages/setup/macos-openvpn-tunnelblick.md b/src/content/es/pages/setup/macos-openvpn-tunnelblick.md
new file mode 100644
index 000000000..4dcf0355c
--- /dev/null
+++ b/src/content/es/pages/setup/macos-openvpn-tunnelblick.md
@@ -0,0 +1,27 @@
+---
+title: Tunnelblick (OpenVPN) for macOS Setup Guide
+url: /setup/macos-openvpn-tunnelblick/
+layout: setup
+platform: macos
+---
+# Tunnelblick setup guide
+
+1. Download the [latest stable release](https://tunnelblick.net/downloads.html). If you are using a pre-release version of macOS then you may need to download the beta release. Unless your version of macOS is not supported by the current stable release we always recommend using the stable release.
+
+2. Double-click the downloaded `.dmg` file to open the disk image. Double-click the `Tunnelblick.app` icon to install into your applications folder. You may see a warning about Tunnelblick being downloaded from the Internet - Click `open` to continue. When the installer asks if you want to launch or quit Tunnelblick, click `Quit`.
+
+3. Download the [IVPN config files](/openvpn-config). Unzip the downloaded file and then open the new `ivpn-openvpn-config` folder. Select all the files, right-click one of them and select `open with` / `tunnelblick.app`.
+
+4. Select whether you want to enable the connections for only yourself or for all users of your computer. Next you will be asked to enter your macOS password to import the configurations.
+
+5. You will notice a new status menu icon that looks like a tunnel. Click this icon and you will be presented with a list of VPN servers that you have imported. Click on a VPN server to connect.
+
+6. Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' and any password.
+
+   <div markdown="1" class="notice notice--info">
+   Only your account ID is used for authentication and is case-sensitive. The password field can be left empty or set to anything if your client software requires a non-blank password.
+   </div>
+
+   Click `Save in keychain` to save the credentials for that server. Click `OK` to continue. You should see the status menu icon running some animation effects as it connects to the IVPN network.
+
+7. If the tunnel has gone dark you are connected! Click the Tunnelbick icon and you will see your active connections in the list. Click the same VPN server entry to disconnect.
diff --git a/src/content/es/pages/setup/macos-wireguard.md b/src/content/es/pages/setup/macos-wireguard.md
new file mode 100644
index 000000000..6d68c839b
--- /dev/null
+++ b/src/content/es/pages/setup/macos-wireguard.md
@@ -0,0 +1,24 @@
+---
+title: WireGuard manual setup for macOS 10.14+
+url: /setup/macos-wireguard/
+layout: setup
+platform: macos
+---
+# WireGuard setup guide for macOS 10.14+
+
+<div markdown="1" class="notice notice--warning">
+To use WireGuard on macOS, we recommend downloading IVPN's <a href="/apps-macos/">macOS client</a>, which supports the protocol. Please follow the steps below if you would prefer to use the official WireGuard app for macOS instead:
+</div>
+
+1.  [Download](https://itunes.apple.com/us/app/wireguard/id1451685025?ls=1&mt=12) and install the latest version of WireGuard client from Apple's App Store.
+
+2.  Navigate to our [config file generator](/account/wireguard-config)
+
+3.  Choose `Generate key` or `Add key` manually
+
+4.  Select the required `Single` or `Multi-hop` server configuration(s), `Port`, `Internet protocol` and hit `Download zip archive`
+
+5.  Extract the downloaded .zip file, launch the WireGuard app, click on the `+` button in the bottom left > `Import Tunnel(s) from File...` and select the extracted config file(s)
+
+6.  Click on the `Activate` button and check your connection status on our website:<br></br>
+![](/images-static/uploads/connection-status-tool.png)
diff --git a/src/content/es/pages/setup/nas/_index.md b/src/content/es/pages/setup/nas/_index.md
new file mode 100644
index 000000000..fc8be6b50
--- /dev/null
+++ b/src/content/es/pages/setup/nas/_index.md
@@ -0,0 +1,8 @@
+---
+title: VPN setup guides for NAS
+description: Install and configure a VPN securely on your NAS with our easy step-by-step setup guides.
+url: /setup/nas/
+section: NAS Setup
+platform: nas
+layout: setup-list
+---
diff --git a/src/content/es/pages/setup/nas/qnap.md b/src/content/es/pages/setup/nas/qnap.md
new file mode 100644
index 000000000..1f1f2b274
--- /dev/null
+++ b/src/content/es/pages/setup/nas/qnap.md
@@ -0,0 +1,72 @@
+---
+title: VPN Setup guide for the QNAP NAS
+listItem: QNAP
+url: /setup/nas/qnap/
+section: NAS Setup
+platform: nas
+layout: setup-article
+weight: 20
+---
+## QNAP NAS Setup Guide
+
+<div markdown="1" class="notice notice--warning">
+This guide was produced using QTS v4.3.6
+</div>
+
+1.  Download and extract the IVPN [.ovpn config files](/openvpn-config) to your computer system.
+
+2.  In the QNAP web interface, open the `AppCenter` and search for **qvpn**.
+
+    ![](/images-static/uploads/install-qnap-1.png)
+
+3.  Click the `+ Install` button to add the `QVPN Service` app to your device if it is not installed already.
+
+4.  Open the `QVPN Service` app and under the the `VPN Client` area, click `VPN Connection Profiles`. Click the `Add` button and choose `OpenVPN`.
+
+    ![](/images-static/uploads/install-qnap-2.png)
+
+5.  Use the file picker dialogue box to choose the VPN server location you prefer and click `OK`.
+
+6.  Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' and any password in the credential fields and (optionally) change the **Profile Name** to something different. Click the `Apply` button.
+
+    <div markdown="1" class="notice notice--info">
+    Only your account ID is used for authentication and is case-sensitive. The password field can be left empty or set to anything if your client software requires a non-blank password.
+    </div>
+
+    ![](/images-static/uploads/install-qnap-3.png)
+
+    <div markdown="1" class="notice notice--info">
+    <strong>Note:</strong> You are free to choose whichever server location you prefer. Our Japan server is used here only as an example.
+    </div>
+
+7.  Add as many VPN server profiles as you would like.
+
+8.  Click the `Connect` icon under the `Actions` column. The connection may take 10 to 30 seconds and the `Status` indicator will turn green when the connection is successful.
+
+    ![](/images-static/uploads/install-qnap-4.png)
+
+9.  Click the `Use VPN as NAS Default Gateway` button for extra settings related to the default gateway and failover.
+
+    ![](/images-static/uploads/install-qnap-5.png)
+
+    <div markdown="1" class="notice notice--info">
+    If you check the <code>Allow other network devices in the same subnet to connect to the VPN through the NAS</code> option, change the default gateway on your computer system to the local network IP address of the QNAP device to route all of the Internet traffic on your computer through the NAS VPN.<br>
+    Use our standard DNS server <strong>10.0.254.1</strong>, our AntiTracker DNS <strong>10.0.254.2</strong>, or our Hardcore Mode AntiTracker <strong>10.0.254.3</strong> on your computer system to complete the routing setup.
+    </div>
+
+    ![](/images-static/uploads/install-qnap-6.png)
+
+10. Instead of using servers separated by a great distance, you might prefer to use a location with multiple servers. This may offer a more seemless and familiar network experience if failover occurs:
+
+    ```
+    ca1.gw.ivpn.net
+    ca2.gw.ivpn.net
+    de1.gw.ivpn.net
+    de2.gw.ivpn.net
+    us-ga1.gw.ivpn.net
+    us-ga2.gw.ivpn.net
+    ```
+
+    You will have to make a copy of the .ovpn file and edit the server hostname prior to importing both files. Any text editor, like WordPad or TextEdit, will handle the editing. The server hostname is on line 4.  
+    Our [server status page](/status/) lists all of our servers.
+
diff --git a/src/content/es/pages/setup/nas/synology-6.md b/src/content/es/pages/setup/nas/synology-6.md
new file mode 100644
index 000000000..5a4d8c00c
--- /dev/null
+++ b/src/content/es/pages/setup/nas/synology-6.md
@@ -0,0 +1,50 @@
+---
+title: VPN Setup guide for the Synology NAS 6.1
+listItem: Synology v.6.1
+url: /setup/nas/synology-6/
+section: NAS Setup
+platform: nas
+layout: setup-article
+weight: 10
+---
+## Synology NAS Setup Guide for DSM v.6.1
+
+The following guide explains how to set up your Synology NAS based on DiskStation Manager (DSM) v.6.1.
+
+1.  Download and extract the archive with our [.ovpn config files](/openvpn-config).
+
+2.  Log into your Synology device, navigate to `Control Panel` - `Network` - `Network Interface` & click on the `Create` - `Create VPN Profile`.
+
+    ![](/images-static/uploads/install-synology-nas6.1-1.png)
+
+3.  Choose `OpenVPN (via importing a .ovpn file)` & click on `Next`
+
+    ![](/images-static/uploads/install-synology-nas6.1-2.png)
+
+4.  Fill in the following fields:
+
+    **Profile name** - Give it any name you want, e.g. **IVPN_Germany**.  
+    **User name** - Your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX'.  
+    **Password** - Any password.  
+
+    <div markdown="1" class="notice notice--info">
+    Only your account ID is used for authentication and is case-sensitive. Enter anything into the password field. !IMPORTANT! The password field cannot be left empty.
+    </div>
+
+    **Import .ovpn file** - specify the location of the VPN profile file you adjusted in the first step.  
+    Click `Next`.
+
+    ![](/images-static/uploads/install-synology-nas6.1-3.png)
+
+5.  We recommend enabling all options in the Advanced Settings:
+
+    `Use default gateway on remote network` - enable this option to route the network traffic of the Synology NAS to the specified VPN server.  
+    `Allow other network devices to connect through this Synology server's Internet connection` - enable this option to allow network devices that are within the same local network as your Synology NAS to connect to the same VPN server.  
+    `Reconnect when the VPN connection is lost` - if the VPN connection is unexpectedly lost, the system will attempt to reestablish the connection five times, attempting once every 30 seconds.  
+    Click `Apply`.  
+
+    ![](/images-static/uploads/install-synology-nas6.1-4.png)
+
+6.  The VPN profile is now successfully created. You can now manage your tunnel with `Connect/Disconnect` button.
+
+    ![](/images-static/uploads/install-synology-nas6.1-5.png)
diff --git a/src/content/es/pages/setup/router/_index.md b/src/content/es/pages/setup/router/_index.md
new file mode 100644
index 000000000..cf206167c
--- /dev/null
+++ b/src/content/es/pages/setup/router/_index.md
@@ -0,0 +1,20 @@
+---
+title: VPN Setup guide for Routers
+description: Install and configure a VPN securely on your router with our easy step-by-step setup guides.
+url: /setup/router/
+section: Routers Setup
+platform: router
+layout: setup-list
+---
+## IVPN Integrated Solutions
+
+It is now possible to purchase a VPN router with IVPN pre-configured. When you receive the router all you need to do is enter your account ID and any password to connect.
+
+* [Vilfo router](https://www.vilfo.com/providers/ivpn?ref=ivpn) - Please note that if you purchase a router from Vilfo we receive a commission.
+
+## Router Not Listed?
+
+If your router includes a VPN client, use one of our configuration file generators and import it into your device:
+
+* [OpenVPN](https://www.ivpn.net/openvpn-config) - OpenVPN username = IVPN Account ID (case-sensitive), password = any non-blank string (ie. **ivpn** or **i**)
+* [WireGuard](https://www.ivpn.net/account/wireguard-config) - website login required
diff --git a/src/content/es/pages/setup/router/asuswrt-merlin-openvpn.md b/src/content/es/pages/setup/router/asuswrt-merlin-openvpn.md
new file mode 100644
index 000000000..5f2c952b7
--- /dev/null
+++ b/src/content/es/pages/setup/router/asuswrt-merlin-openvpn.md
@@ -0,0 +1,42 @@
+---
+title: VPN Setup guide for Asuswrt-Merlin
+listItem: Asuswrt-Merlin OpenVPN
+url: /setup/router/asuswrt-merlin-openvpn/
+section: Router Setup
+platform: router
+layout: setup-article
+weight: 49
+---
+## Asuswrt-Merlin OpenVPN Setup Guide
+
+<div markdown="1" class="notice notice--warning">
+This guide was produced using Asuswrt-Merlin firmware v388.1
+</div>
+
+### Configuring the VPN tunnel
+
+1. [Generate and download](/openvpn-config) the .zip archive containing the OpenVPN config file with the selected server and configuration
+
+2. Extract the archive, launch the web browser and enter the IP address of your router, which is usually `192.168.1.1`
+
+3. Once logged in, navigate to `VPN` – `VPN Client` tab - `OpenVPN`
+
+4. Click on the `Choose file` button. Open the extracted earlier .ovpn config file, hit the `Upload` button and select the following configuration:
+    
+    * Put any name into the `Description` field
+    * `Accept DNS Configuration` - **Exclusive** (this option ensures that only DNS server provided by the VPN server is used)
+    * `Redirect Internet traffic through tunnel` - **Yes (all)**
+    * (optional) `Automatic start at boot time` - **Yes**
+    * (optional) `Killswitch - Block routed clients if tunnel goes down` - **Yes**
+
+5. Enter your IVPN account id into the `Username` field (i-XXXX-XXXX-XXXX or ivpnXXXXXXXX) and any string into the `Password` field, e.g. 'ivpn'. Click `Apply`
+
+6. Toggle `Service state` switch On to connect.
+
+    ![](/images-static/uploads/asuswrt-merlin-openvpn-1.png)
+
+### Final steps
+
+1. Reboot your router and wait for a minute or two for everything to settle, then reboot your computer system
+
+2. To confirm that you are connected to the IVPN network, check the connection status tool on our website and run a dns leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) from any devices connected to your Asus router
\ No newline at end of file
diff --git a/src/content/es/pages/setup/router/asuswrt-merlin-wireguard.md b/src/content/es/pages/setup/router/asuswrt-merlin-wireguard.md
new file mode 100644
index 000000000..11113f60a
--- /dev/null
+++ b/src/content/es/pages/setup/router/asuswrt-merlin-wireguard.md
@@ -0,0 +1,53 @@
+---
+title: VPN Setup guide for Asuswrt-Merlin
+listItem: Asuswrt-Merlin WireGuard
+url: /setup/router/asuswrt-merlin-wireguard/
+section: Router Setup
+platform: router
+layout: setup-article
+weight: 50
+---
+## Asuswrt-Merlin WireGuard Setup Guide
+
+<div markdown="1" class="notice notice--warning">
+This guide was produced using Asuswrt-Merlin firmware v388.1
+</div>
+
+### Configuring the VPN tunnel
+
+1. [Generate and download](/account/wireguard-config) the .zip archive containing the WireGuard config file with the selected server and configuration
+
+    <div markdown="1" class="notice notice--info">
+    WireGuard config file generator is only available for accounts that were created after November 2020 (account ID format: i-XXXX-XXXX-XXXX). If you have an IVPN subscription created before this date (account ID format: ivpnXXXXXXXX), and wish to make use of the config file generator, contact our customer service to help you make the switch.
+    </div>
+
+2. Extract the archive, launch the web browser and enter the IP address of your router, which is usually `192.168.1.1`
+
+3. Once logged in, navigate to `VPN` – `VPN Client` tab - `WireGuard`
+
+4. Click on the `Choose file` button. Select the extracted earlier config file, and hit the `Upload` button
+
+5. Put any name into the `Description` field, set `Enable WireGuard` to **Yes**, and click `Apply`
+    
+    ![](/images-static/uploads/asuswrt-merlin-wireguard-1.png)
+
+6. Navigate to `VPN` - `VPN Director` area, scroll down, and click on the `+` icon to add a new rule for routing devices on your local network via the WireGuard interface
+
+    ![](/images-static/uploads/asuswrt-merlin-wireguard-2.png)
+
+7. Fill in the following configuration:
+
+    * `Interface` - select the recently created WireGuard interface
+    * `Enable` - check
+    * `Description` - give it any name
+    * `Local IP` - the address of your local network (e.g. 192.168.1.0/24) or IP address/es of your local network device/s separated with a comma if you wish to use VPN only on specific device/s
+
+    ![](/images-static/uploads/asuswrt-merlin-wireguard-3.png)
+
+8. Click `OK` and `Apply`
+
+### Final steps
+
+1. Reboot your router and wait for a minute or two for everything to settle, then reboot your computer system
+
+2. To confirm that you are connected to the IVPN network, check the connection status tool on our website and run a dns leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) from any devices connected to your Asus router
\ No newline at end of file
diff --git a/src/content/es/pages/setup/router/asuswrt-openvpn.md b/src/content/es/pages/setup/router/asuswrt-openvpn.md
new file mode 100644
index 000000000..1bab1364d
--- /dev/null
+++ b/src/content/es/pages/setup/router/asuswrt-openvpn.md
@@ -0,0 +1,56 @@
+---
+title: VPN Setup guide for Asuswrt
+listItem: Asuswrt OpenVPN
+url: /setup/router/asuswrt-openvpn/
+section: Router Setup
+platform: router
+layout: setup-article
+weight: 47
+---
+## Asuswrt OpenVPN Setup Guide
+
+<div markdown="1" class="notice notice--warning">
+This guide was produced using Asus stock firmware v3.0.0.4.388_21732
+</div>
+
+### Configuring the VPN tunnel
+
+1. [Generate and download](/openvpn-config) the .zip archive containing the OpenVPN config file with the selected server and configuration
+
+2. Extract the archive, launch the web browser and enter the IP address of your router, which is usually `192.168.1.1`
+
+3. Once logged in, navigate to `VPN` – `VPN Fusion` tab & click on the `Add profile` button
+
+    ![](/images-static/uploads/asuswrt-openvpn-1.png)
+
+4. Give the profile any name, select `OpenVPN` from the **VPN type** drop list, click on the `Import .ovpn file` button and open the extracted earlier .ovpn config file
+
+5. Enter your IVPN account id in the `Username` field (i-XXXX-XXXX-XXXX or ivpnXXXXXXXX) and any string into the `Password` field, e.g. 'ivpn'. Click `Apply and Enable`
+
+    ![](/images-static/uploads/asuswrt-openvpn-2.png)
+
+6. To manage the connection, toggle the switch next the created VPN profile On or Off
+
+    ![](/images-static/uploads/asuswrt-openvpn-3.png)
+
+### DNS
+
+1. Navigate to `LAN` - `DHCP Server`
+
+2. Set `Advertise router's IP in addition to user-specified DNS` to **No**
+
+3. Enter one of the following DNS servers in the `DNS Server 1` field:
+
+    * 10.0.254.1 = redular DNS with no blocking (10.0.254.101 for Multi-hop connections)
+    * 10.0.254.2 = standard AntiTracker to block advertising and malware domains
+    * 10.0.254.3 = AntiTracker Hardcore Mode to additionally block all domains owned by Google and Facebook
+
+4. Click `Apply`
+
+    ![](/images-static/uploads/asuswrt-openvpn-4.png)
+
+### Final steps
+
+1. Reboot your router and wait for a minute or two for everything to settle, then reboot your computer system
+
+2. To confirm that you are connected to the IVPN network, check the connection status tool on our website and run a dns leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) from any devices connected to your Asus router
\ No newline at end of file
diff --git a/src/content/es/pages/setup/router/asuswrt-wireguard.md b/src/content/es/pages/setup/router/asuswrt-wireguard.md
new file mode 100644
index 000000000..db96e639d
--- /dev/null
+++ b/src/content/es/pages/setup/router/asuswrt-wireguard.md
@@ -0,0 +1,46 @@
+---
+title: VPN Setup guide for Asuswrt
+listItem: Asuswrt WireGuard
+url: /setup/router/asuswrt-wireguard/
+section: Router Setup
+platform: router
+layout: setup-article
+weight: 48
+---
+## Asuswrt WireGuard Setup Guide
+
+<div markdown="1" class="notice notice--warning">
+This guide was produced using Asus stock firmware v3.0.0.4.388_21732
+</div>
+
+### Configuring the VPN tunnel
+
+1. [Generate and download](/account/wireguard-config) the .zip archive containing the WireGuard config file with the selected server and configuration
+
+    <div markdown="1" class="notice notice--info">
+    WireGuard config file generator is only available for accounts that were created after November 2020 (account ID format: i-XXXX-XXXX-XXXX). If you have an IVPN subscription created before this date (account ID format: ivpnXXXXXXXX), and wish to make use of the config file generator, contact our customer service to help you make the switch.
+    </div>
+
+2. Extract the archive, launch the web browser and enter the IP address of your router, which is usually `192.168.1.1`
+
+3. Once logged in, navigate to `VPN` – `VPN Fusion` tab & click on the `Add profile` button
+
+    ![](/images-static/uploads/asuswrt-wireguard-1.png)
+
+4. Give the profile any name, select `WireGuard` from the **VPN type** drop list, click on the `Upload Config` button and import the extracted earlier config file
+
+    ![](/images-static/uploads/asuswrt-wireguard-2.png)
+
+5. Scroll down, remove the extra characters in the `Endpoint Port` field, leaving the port number selected in the config file generator and click on the `Apply and Enable` button
+
+    ![](/images-static/uploads/asuswrt-wireguard-3.png)
+
+6. To manage the connection, toggle the switch next to the created VPN profile On or Off
+
+    ![](/images-static/uploads/asuswrt-wireguard-4.png)
+
+### Final steps
+
+1. Reboot your router and wait for a minute or two for everything to settle, then reboot your computer system
+
+2. To confirm that you are connected to the IVPN network, check the connection status tool on our website and run a dns leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) from any devices connected to your Asus router
\ No newline at end of file
diff --git a/src/content/es/pages/setup/router/ddwrt-auto.md b/src/content/es/pages/setup/router/ddwrt-auto.md
new file mode 100644
index 000000000..fe06f1542
--- /dev/null
+++ b/src/content/es/pages/setup/router/ddwrt-auto.md
@@ -0,0 +1,26 @@
+---
+title: VPN Setup guide for DD-WRT routers using our automated setup script
+listItem: DD-WRT OpenVPN auto
+url: /setup/router/ddwrt-auto/
+section: Router Setup
+platform: router
+layout: setup-article
+weight: 11
+---
+## DD-WRT OpenVPN Automatic Setup
+
+1.  Navigate to the home page of your router - By default `192.168.1.1`. If required enter your username and password, by default username is 'root' and password is 'admin'. Click on the `Administration` tab and then the `Commands` tab.
+
+2.  Navigate to the [DD-WRT auto installer script](/clientarea/ddwrt/) (You may need to login to the client area if you are not logged in).
+
+3.  Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX', any password and select a server to connect to. Click `Download script`.
+
+    <div markdown="1" class="notice notice--info">
+    Only your account ID is used for authentication and is case-sensitive. The password field can be left empty or set to anything if your client software requires a non-blank password.
+    </div>
+
+4.  Open the downloaded text file and copy and paste into the `Commands` text area.
+
+5.  Click on the `Save Startup` button.
+
+6.  Click on the `Management` tab and then click on the `Reboot router` button on the bottom of that page. Your router will reboot and connect to the VPN. This can take up to 3 minutes.
diff --git a/src/content/es/pages/setup/router/ddwrt-manual.md b/src/content/es/pages/setup/router/ddwrt-manual.md
new file mode 100644
index 000000000..cdc7fb501
--- /dev/null
+++ b/src/content/es/pages/setup/router/ddwrt-manual.md
@@ -0,0 +1,112 @@
+---
+title: VPN Setup guide for DD-WRT routers using the manual method
+listItem: DD-WRT OpenVPN manual
+url: /setup/router/ddwrt-manual/
+section: Router Setup
+platform: router
+layout: setup-article
+weight: 12
+---
+## DD-WRT OpenVPN Manual Setup Guide
+
+<div markdown="1" class="notice notice--warning">
+The DD-WRT UI is constantly evolving and there are multiple variations depending on the specific build and version of the firmware. You may not see the exact same options in the same order as below.
+</div>
+
+1.  Navigate to the home page of your router - By default `192.168.1.1`.
+
+2.  Click on the `Services` tab. You may be asked to enter your router username and password.
+
+3.  Click on the `VPN` tab and then click on the `Start OpenVPN Client` button.
+
+4.  Enter the following configuration (as also shown in the screen shot below):
+
+    <div markdown="1" class="notice notice--warning">
+    Where we do not specify a value leave the default value in place.
+    </div>
+
+    *   **Server IP/Name:** Enter a server name from the [server status](/status/) page e.g. **ch.gw.ivpn.net**
+    *   **Port:** 2049
+    *   **Tunnel Device:** TUN
+    *   **Tunnel Protocol:** UDP
+
+    <div markdown="1" class="notice notice--info">You can also use ports UDP: 53, 80, 443, 1194, 2050 & TCP: 80, 443, 1443</div>
+
+    *   **Encryption cipher:** AES-256 CBC
+    *   **Hash Algorithm:** SHA1
+    *   **User Pass Authentication:** Enable (If this option does not exist you will need to follow the steps in the appendix).  
+        Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' and any password.     
+        <div markdown="1" class="notice notice--info">
+        Only your account ID is used for authentication and is case-sensitive. The password field can be left empty or set to anything if your client software requires a non-blank password.
+        </div>
+
+    *   **Advanced options:** Enable
+    *   **TLS cipher:** None
+    *   **LZO Compression:** No
+    *   **NAT:** Enable
+    *   **Firewall Protection:** Enable
+    *   **Tls Auth Key:** Download and paste the contents of the [TLS-auth](/releases/config/ta.key) file.
+    *   **Additional Config:**  
+        ```
+        tls-client
+        tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA
+        key-direction 1
+        resolv-retry infinite
+        keepalive 10 60
+        nobind
+        persist-key
+        persist-tun
+        persist-remote-ip
+        verb 3
+        ```
+        
+    *   **CA Cert:** Download and paste the contents of the [CA cert](/releases/config/ca.crt) file.
+
+    ![](/images-static/uploads/install-dd-wrt-manual-010-579x1450.png)
+
+5.  Click the `Save` button, then click the `Apply Settings` button.
+
+### DNS
+
+1. Navigate to `Setup` > `Basic Setup`.
+
+2. Specify one of the following DNS servers in the `Static DNS 1` field:
+
+    * *10.0.254.1* = redular DNS with no blocking
+    * *10.0.254.2* = standard AntiTracker to block advertising and malware domains
+    * *10.0.254.3* = AntiTracker Hardcore Mode to also block Google and Facebook
+
+    ..and *198.245.51.147* in the `Static DNS 2` field.
+
+3. Click `Save` & `Apply Settings`.
+
+### Final steps
+
+1. Reboot your router and wait for a minute or two for everything to settle, then reboot your computer system and check the status of the OpenVPN client in the `Status` > `OpenVPN` area.
+
+2. Check the assigned public IP address on our website and run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) from one of the devices connected to your DD-WRT router.
+
+**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and replace the port number in *Step 4* with the chosen Exit-hop server Multi-hop port. 
+    
+### Appendix
+
+If you do not have the **User Pass Authentication** field in your DD-WRT version please follow the steps below:
+
+1.  Add the following line to your `Additional Config` field:
+
+    ```
+    auth-user-pass /tmp/auth.conf
+    ```
+
+2.  Save your configuration by clicking on the `save` button.
+
+3.  Click on the `Adminstration` tab and then the `Commands` tab. Enter the text shown in the box below **replacing the username and password in quotes with your account ID ('ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX') and any password**. Click on `Save startup` to continue.
+
+    ```
+    #!/bin/sh
+    touch /tmp/auth.conf
+    echo "username" > /tmp/auth.conf
+    echo "password" >> /tmp/auth.conf
+    ```
+
+4.  If the previous command worked correctly you should now see the contents above in a new section on the same page called `Startup`.
diff --git a/src/content/es/pages/setup/router/ddwrt-wireguard.md b/src/content/es/pages/setup/router/ddwrt-wireguard.md
new file mode 100644
index 000000000..d516c139c
--- /dev/null
+++ b/src/content/es/pages/setup/router/ddwrt-wireguard.md
@@ -0,0 +1,89 @@
+---
+title: WireGuard setup guide for DD-WRT routers
+listItem: DD-WRT WireGuard
+url: /setup/router/ddwrt-wireguard/
+section: Router Setup
+platform: router
+layout: setup-article
+weight: 13
+---
+## DD-WRT WireGuard Setup Guide
+
+<div markdown="1" class="notice notice--warning">
+The DD-WRT UI is constantly evolving and there are multiple variations depending on the specific build and version of the firmware. You may not see the exact same options in the same order as below.<br><br>
+This guide was produced using DD-WRT v46772.
+</div>
+
+### Configuring the VPN tunnel
+
+1.  Navigate to the home page of your router - By default `192.168.1.1`.
+
+2.  Go to `Setup` > `Tunnels` > and click the `Add Tunnel` button. Choose **Enable** and select WireGuard from the dropdown menu.
+
+3.  Set the `MTU` value of the WireGuard tunnel to `1412`. 
+
+4.  Click the `Generate Key` button and go to the `Client Area` on the IVPN website to add the generated public key to the `Key Management` area. Make note of the **IPv4 address** we assign to your public key and add it to the IP address field followed by a `/32` subnet mask.
+
+    <div markdown="1" class="notice notice--info">
+    <strong>Hint:</strong> After clicking <code>Generate Key</code>, it may or may not be possible to copy the public key displayed on the <code>Tunnels</code> page. Click the <code>Save</code> and <code>Apply Settings</code> buttons, then go to <code>Administration</code>  > <code>Commands</code>  and enter wg in the <code>Commands</code>  box, then click <code>Run Commands</code> . This will display details of the WireGuard connection including the public key, which can be easily copied.<br><br>
+    <img src="/images-static/uploads/install-openvpn-ddwrt-wireguard-010.png">
+    </div>
+
+5.  Set `Kill Switch` to `Enable`. This will prevent out-bound traffic when the VPN client is disconnected from the server.
+
+6.  Click the `Add Peer` button and enter the following peer configuration (as also shown in the screen shot below):
+
+    *   **Peer Tunnel IP:** 0.0.0.0
+    *   **Peer Tunnel DNS:** Specify one of the following DNS servers:
+        * *172.16.0.1* = redular DNS with no blocking
+        * *10.0.254.2* = standard AntiTracker to block advertising and malware domains
+        * *10.0.254.3* = AntiTracker Hardcore Mode to also block Google and Facebook
+    *   **Endpoint:** Enable
+    *   **Endpoint Address:** Enter an IVPN WireGuard server hostname (available on the **[Server Status](/status/)** page) and choose a port:
+        ```
+        udp 53
+        udp 80
+        udp 443
+        udp 1194
+        udp 2049
+        udp 2050
+        udp 30587
+        udp 41893
+        udp 48574
+        udp 58237
+        ```
+    *   **Allowed IPs:** 0.0.0.0/0
+    *   **Route Allowed IP's via tunnel**: Enable
+    *   **Persistent Keepalive:** 25
+    *   **Peer Public Key:** Enter an IVPN WireGuard server public key (available on the **[Server Status](/status/)** page)
+    *   **Use Pre-shared Key:** Disable
+
+    ![](/images-static/uploads/install-openvpn-ddwrt-wireguard-020-2.png)
+
+    <div markdown="1" class="notice notice--info">
+    <strong>Note:</strong> You are welcome to use whichever server you prefer. The <strong>Endpoint Address</strong> and <strong>Peer Public Key</strong> in the example above are specific to our server in Sweden.
+    </div>
+
+7.  Click the `Save` button, then click the `Apply Settings` button.
+
+### DNS
+
+1. Navigate to `Setup` > `Basic Setup`.
+
+2. Specify one of the following DNS servers in the `Static DNS 1` field:
+
+    * *172.16.0.1* = redular DNS with no blocking
+    * *10.0.254.2* = standard AntiTracker to block advertising and malware domains
+    * *10.0.254.3* = AntiTracker Hardcore Mode to also block Google and Facebook
+
+    ..and *198.245.51.147* in the `Static DNS 2` field.
+
+3. Click `Save` & `Apply Settings`.
+
+### Final steps
+
+1. Reboot your router and wait for a minute or two for everything to settle, then reboot your computer system.
+
+2. Check the assigned public IP address on our website and run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) from one of the devices connected to your DD-WRT router.
+
+**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and make the required adjustments to the port in the `Endpoint Address` & public key in the `Peer Public Key` fields. 
diff --git a/src/content/es/pages/setup/router/ddwrt.md b/src/content/es/pages/setup/router/ddwrt.md
new file mode 100644
index 000000000..88b385a58
--- /dev/null
+++ b/src/content/es/pages/setup/router/ddwrt.md
@@ -0,0 +1,25 @@
+---
+title: DD-WRT Router Setup Guide
+listItem: DD-WRT
+url: /setup/router/ddwrt/
+section: Router Setup
+platform: router
+layout: setup-article
+weight: 10
+---
+## DD-WRT Router Setup Guide
+
+Our service is compatible with routers running DD-WRT. However please note:
+
+1. If you do not already have a compatible router or do not wish to risk bricking it, we recommend [FlashRouters](http://www.flashrouters.com/routers/vpn-types/ivpn/) who offer a variety of custom-built DD-WRT routers specially configured for IVPN. We receive no commission from sales but we highly recommend them as they have the expertise to support DD-WRT with its constantly evolving firmware and associated bugs.
+2. If you already have a router FlashRouters [offer support](https://www.flashrouters.com/services/support-plans) plans where they will remotely install the correct firmware on your router and configure it to connect to our VPN service.
+3. We do not provide support in getting DD-WRT or Tomato firmware installed on your router. You [install DD-WRT](http://www.dd-wrt.com/wiki/index.php/Installation) at your own risk. We take no responsibility if you brick/damage your router in the process.
+4. Please ensure that you are using the latest version of the DD-WRT firmware. There are multiple bugs relating to OpenVPN and DNS in older versions.
+5. Our DD-WRT OpenVPN scripts **will not work with MINI or MICRO versions of DD-WRT. You must install the BIG or MEGA versions of the DD-WRT firmware** (Some customers have reported STD versions working).
+
+### Setup guides
+
+* [DD-WRT OpenVPN Automated Setup Guide](/setup/router/ddwrt-auto/)  
+  (Only compatible with BIG or MEGA versions of DD-WRT)
+* [DD-WRT OpenVPN Manual Setup Guide](/setup/router/ddwrt-manual/)
+* [DD-WRT WireGuard Setup Guide](/setup/router/ddwrt-wireguard/)
diff --git a/src/content/es/pages/setup/router/openwrt-wireguard-legacy.md b/src/content/es/pages/setup/router/openwrt-wireguard-legacy.md
new file mode 100644
index 000000000..e5b691afc
--- /dev/null
+++ b/src/content/es/pages/setup/router/openwrt-wireguard-legacy.md
@@ -0,0 +1,129 @@
+---
+title: WireGuard Setup guide for OpenWrt (legacy)
+listItem: OpenWrt WireGuard (legacy)
+url: /setup/router/openwrt-wireguard-legacy/
+section: Router Setup
+platform: router
+layout: setup-article
+weight: 22
+---
+## OpenWrt WireGuard Setup Guide
+
+<div markdown="1" class="notice notice--warning">
+This guide was produced using OpenWrt v.19.07.8 and v.21.02.0
+</div>
+
+### Install required packages
+
+1. In your router's webUI, navigate to `System` - `Software`, click `Update lists`
+
+2. In the **Filter** field, type **WireGuard**, locate and install the **wireguard**, **wireguard-tools**, **kmod-wireguard**, and **luci-app-wireguard** packages.  Note: The **wireguard** package is included in version 21.02.<br></br>
+![](/images-static/uploads/install-wireguard-openwrt-01.png)
+
+3. Restart your router
+
+### Generate WireGuard keypair
+
+1. SSH into your router as 'root' ([OpenWrt Wiki](https://openwrt.org/docs/guide-quick-start/sshadministration)):<br></br>
+    ># ssh root@192.168.1.1
+2. Generate WireGuard keys:<br></br>
+    ># wg genkey | tee privatekey | wg pubkey > publickey
+    ># chmod 600 privatekey
+3. Note your Private & Public keys, you will need them later:<br></br>
+    ># cat privatekey
+    ># cat publickey
+
+### Obtain WireGuard IP address
+
+1. Log into the [Client Area](/account/login/#id)
+2. Navigate to `WireGuard` tab and click the `Add a new key` button<br></br>
+![](/images-static/uploads/install-wireguard-openwrt-02.png)
+3. Copy and paste the **Public key** obtained previously, give it any name, then click the `Add key` button and note the assigned IP address<br></br>
+![](/images-static/uploads/install-wireguard-openwrt-03.png)
+
+### Create an Interface
+
+1. Navigate to `Network` - `Interface`, 
+2. Click the `Add new interface...` button and enter the following configuration:
+
+    * Name - give it any name, e.g. **ivpnAustria**
+    * Protocol - **WireGuard VPN**
+
+3. `Create interface`
+
+4. In the `General Settings` tab:
+
+    * Bring up on boot - **Checked**
+    * Private Key - copy and paste the generated previously **Private key**
+    * IP Address - enter the **WireGuard IP Address** obtained in the Client Area ending with **/32**, e.g. **172.27.123.169/32**<br></br>
+![](/images-static/uploads/install-wireguard-openwrt-04.png)
+
+5. In the `Advanced Settings` tab, set `MTU` to **1412**
+
+6. In the `Peers` tab:
+
+    * Description - give it any name, e.g. **Austria**
+    * Public Key - the **IVPN WireGuard server public key**, available on the [IVPN server status page](https://www.ivpn.net/status)
+    * Allowed IPs - **0.0.0.0/0**
+    * Route Allowed IPs - **Checked**
+    * Endpoint Host - an **IP address of IVPN WireGuard server**<br></br>
+    Hostnames are available on the [IVPN server status page](https://www.ivpn.net/status). To turn the hostname of the server into an IP address use, e.g. the `nslookup at1.wg.ivpn.net` command in your computer's terminal:
+	> $ nslookup at1.wg.ivpn.net  
+	> ...  
+	> Name:   at1.wg.ivpn.net  
+	> Address: 185.244.212.69 
+    * Endpoint Port - **53**, **80**, **443**, **1194**, **2049**, **2050**, **30587**, **41893**, **48574** or **58237**. All ports are equally secure
+    * Persistent Keep Alive - **25** seconds is reasonable<br></br>
+![](/images-static/uploads/install-wireguard-openwrt-05.png)
+
+7. Click `Save` & `Save & Apply`
+
+### Add a Firewall zone
+
+1. Navigate to `Network` - `Firewall`
+
+2. Click the `Add` button and enter the following configuration:
+
+    * Name - Give it any name, e.g. **ivpn_fw**
+    * Input - **Reject**
+    * Output - **Accept**
+    * Forward - **Reject**
+    * Masquerading - **Checked**
+    * MSS clamping - **Checked**
+    * Covered networks - select the previously created VPN tunnel interface, e.g. **ivpnAustria**
+    * Allow forward to destination zones - **Unspecified**
+    * Allow forward from source zones - **lan**<br></br>
+![](/images-static/uploads/install-wireguard-openwrt-06.png)<br></br>
+
+3. Click `Save` & `Save & Apply`
+
+### Configuring a Kill-switch (optional)
+
+To ensure the traffic on your LAN devices travels strictly via the VPN tunnel and to prevent any possible leaks if the router disconnects from the VPN server for any reason, edit your lan firewall zone and remove **WAN** from the `Allow forward to destination zones` field, then click `Save` & `Save & Apply` buttons.<br></br>
+![](/images-static/uploads/install-wireguard-openwrt-07.png)
+
+### DNS
+
+1. Navigate to `Network` - `Interfaces`
+
+2. Click on the `Edit` button next to the **WAN** interface
+
+3. In the `Advanced Settings` tab, uncheck the `Use DNS servers advertised by peer` and specify one of the following DNS servers in the `Use custom DNS servers` field:
+
+    - *172.16.0.1* = regular DNS with no blocking
+    - *10.0.254.2* = standard AntiTracker to block advertising and malware domains
+    - *10.0.254.3* = Hardcore Mode AntiTracker to also block Google and Facebook domains<br></br>
+![](/images-static/uploads/install-wireguard-openwrt-08.png)
+
+4. Click the `Save` button.
+
+5. For firmware version 21.02, repeat steps 2 to 4 for the **IVPN WireGuard** and **WAN6** interfaces.  For firmware version 19.07, repeat steps 2 to 4 for the **WAN6** interface.
+
+6. Click the `Save & Apply` button.
+
+### Final Steps
+
+1. A device reboot is not required, though it may be useful to confirm that everything behaves as expected.
+2. Run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) via one of the internal network clients attached to your OpenWRT router.
+
+**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and make the required changes to the `Endpoint Address` port and `Peer Public Key`.
\ No newline at end of file
diff --git a/src/content/es/pages/setup/router/openwrt-wireguard.md b/src/content/es/pages/setup/router/openwrt-wireguard.md
new file mode 100644
index 000000000..9db4389d3
--- /dev/null
+++ b/src/content/es/pages/setup/router/openwrt-wireguard.md
@@ -0,0 +1,87 @@
+---
+title: WireGuard Setup guide for OpenWrt
+listItem: OpenWrt WireGuard
+url: /setup/router/openwrt-wireguard/
+section: Router Setup
+platform: router
+layout: setup-article
+weight: 21
+---
+## OpenWrt WireGuard Setup Guide
+
+<div markdown="1" class="notice notice--warning">
+This guide was produced using OpenWrt v.23.05
+</div>
+
+### Installing required packages
+
+1. In your router's webUI, navigate to `System` - `Software`, click `Update lists`.
+
+2. In the **Filter** field, type **WireGuard**, locate and install the **wireguard-tools**, **kmod-wireguard**, and **luci-proto-wireguard** packages.<br></br>
+![](/images-static/uploads/openwrt-wireguard-0.png)
+
+3. Restart your router.
+
+### Creating an Interface
+
+1. [Generate](/account/wireguard-config) a WireGuard config file with the preferred server and parameters. Extract the archive, open the file with any text editors and copy its contents.
+
+    <div markdown="1" class="notice notice--info">
+    WireGuard config file generator is only available for accounts that were created after November 2020 (account ID format: i-XXXX-XXXX-XXXX). If you have an IVPN subscription created before this date (account ID format: ivpnXXXXXXXX) and wish to make use of the feature, contact our customer service to help you make the switch.
+    </div>
+
+2. In OpenWRT, navigate to `Network` - `Interfaces`, click on the `Add new interface`. Give it any name, e.g. **ivpnAustria**, set `Protocol` to `WireGuard VPN`, then click on the `Create interface` button.
+
+3. In the `General Settings` tab, click on the `Load configuration...` button, paste the contents of the WireGuard config file from step 1 and click on the `Import settings` button.<br></br>
+![](/images-static/uploads/openwrt-wireguard-1.png)
+
+4. In the `Advanced Settings` tab, set `MTU` to `1412`.
+
+5. In the `Peers` tab, click `Edit` next to the imported peer configuration, check the `Route Allowed IPs` option, set `Persistent Keep Alive` to `25` and click `Save`.<br></br>
+![](/images-static/uploads/openwrt-wireguard-2.png)
+
+6. Click `Save & Apply`.
+
+### Adding a Firewall zone
+
+1. Navigate to `Network` - `Firewall`
+
+2. Click the `Add` button and enter the following configuration:
+
+    * Name - Give it any name, e.g. **ivpn_fw**
+    * Input - **Reject**
+    * Output - **Accept**
+    * Forward - **Reject**
+    * Masquerading - **Checked**
+    * MSS clamping - **Checked**
+    * Covered networks - select the previously created VPN tunnel interface, e.g. **ivpnAustria**
+    * Allow forward to destination zones - **Unspecified**
+    * Allow forward from source zones - **lan**<br></br>
+![](/images-static/uploads/install-wireguard-openwrt-06.png)<br></br>
+
+3. Click `Save` & `Save & Apply`
+
+### Configuring a Kill-switch (optional)
+
+To ensure the traffic on your LAN devices travels strictly via the VPN tunnel and to prevent any possible leaks if the router disconnects from the VPN server for any reason, edit your lan firewall zone and remove **WAN** from the `Allow forward to destination zones` field, then click `Save` & `Save & Apply` buttons.<br></br>
+![](/images-static/uploads/install-wireguard-openwrt-07.png)
+
+### DNS
+
+1. Navigate to `Network` - `Interfaces`
+
+2. Click on the `Edit` button next to the **WAN** interface
+
+3. In the `Advanced Settings` tab, uncheck the `Use DNS servers advertised by peer` and enter the WireGuard regular DNS server IP address (172.16.0.1) or the one associated with the preferred [AntiTracker](/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers/) list.<br></br>
+![](/images-static/uploads/install-wireguard-openwrt-08.png)
+
+4. Click `Save`.
+
+5. If your ISP additionally provides you with an IPv6 IP address, repeat steps 2 to 4 for the **WAN6** interface.
+
+6. Click `Save & Apply`.
+
+### Final Steps
+
+1. A device reboot is not required, though it may be useful to confirm that everything behaves as expected.
+2. Run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) via one of the internal network clients attached to your OpenWRT router.
\ No newline at end of file
diff --git a/src/content/es/pages/setup/router/openwrt.md b/src/content/es/pages/setup/router/openwrt.md
new file mode 100644
index 000000000..3aa465817
--- /dev/null
+++ b/src/content/es/pages/setup/router/openwrt.md
@@ -0,0 +1,108 @@
+---
+title: OpenVPN Setup guide for OpenWrt
+listItem: OpenWrt OpenVPN
+url: /setup/router/openwrt-openvpn/
+section: Router Setup
+platform: router
+layout: setup-article
+weight: 20
+---
+## OpenWrt OpenVPN Setup Guide
+
+<div markdown="1" class="notice notice--warning">
+This guide was produced using OpenWrt v.19.07.2
+</div>
+
+### Install required packages
+
+1. In your router's webUI, navigate to `System` - `Software`, click `Update lists`
+
+2. In the **Filter** field, type **OpenVPN**, locate and install **openvpn-openssl** & **luci-app-openvpn** packages<br></br>
+![](/images-static/uploads/install-openvpn-openwrt-01.png)
+    
+3. Restart your router
+    <div markdown="1" class="notice notice--info">
+    If you receive an error while attempting to install the 'luci-app-openvpn' package, check the 'Overwrite files from other package(s)' checkbox
+    </div>
+
+### Create a VPN profile
+
+1. Download and extract our [config files](/openvpn-config) to your computer
+
+2. In your router, navigate to `VPN` - `OpenVPN`
+
+3. Under the **OVPN configuration file upload** section, `Browse` for the .ovpn config file with the VPN server you would like to connect to, give it any name, then click `Upload`
+
+4. Click the `Edit` button next to the created OpenVPN instance and enter your IVPN account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' (case-sensitive) and any password (e.g. ivpn) in 2 separate lines in the text box at the bottom
+
+5. Append the credentials file path to the **auth-user-pass** line in the first text box. The full path is visible just above the second text box, e.g. - `auth-user-pass /etc/openvpn/Austria.auth`. Click `Save`<br></br>
+![](/images-static/uploads/install-openvpn-openwrt-02.png)
+
+6. Replace the hostname of the VPN server in line 4 with its IP address - `remote 185.244.212.66 2049`.<br></br>
+To turn the hostname of the server into an IP address use, e.g. the `nslookup at.gw.ivpn.net` command in your computer's terminal:
+	> $ nslookup at.gw.ivpn.net  
+	> ...  
+	> Name:   at.gw.ivpn.net  
+	> Address: 185.244.212.66
+
+7. Click `Save`. Return to main `OpenVPN` section, check the `Enabled` checkbox and click on the `Save & Apply` button. 
+
+### Create an Interface
+
+1. Navigate to `Network` - `Interfaces`
+
+2. Click on the `Add new interface` button and enter the following configuration:
+
+    * Name - Give it any name, e.g. **ivpnAustria**
+    * Protocol - **Unmanaged**
+    * Interface - **tun0**<br></br>
+![](/images-static/uploads/install-openvpn-openwrt-03.png)
+
+3. `Create interface`
+
+4. In the interface properties window, ensure that **Bring up on boot** is checked, then click `Save` & `Save & Apply` buttons.
+
+### Add a Firewall zone
+
+1. Navigate to `Network` - `Firewall`
+
+2. Click the `Add` button and enter the following configuration:
+
+    * Name - Give it any name, e.g. **ivpn_fw**
+    * Input - **Reject**
+    * Output - **Accept**
+    * Forward - **Reject**
+    * Masquerading - **Checked**
+    * MSS clamping - **Checked**
+    * Covered networks - select the previously created VPN tunnel interface, e.g. **ivpnAustria**
+    * Allow forward to destination zones - **Unspecified**
+    * Allow forward from source zones - **lan**<br></br>
+![](/images-static/uploads/install-openvpn-openwrt-04.png)<br></br>
+3. Click `Save` & `Save & Apply` buttons.
+
+### Configure a Kill-switch (optional)
+
+To ensure the traffic on your LAN devices travels strictly via the VPN tunnel and to prevent any possible leaks if the router disconnects from the VPN server for any reason, edit your lan firewall zone and remove **WAN** from the `Allow forward to destination zones` field, then click `Save` & `Save & Apply` buttons.<br></br>
+![](/images-static/uploads/install-openvpn-openwrt-05.png)
+
+### DNS
+
+1. Navigate to `Network` - `Interfaces`
+
+2. Click on the `Edit` button next to the **WAN** interface
+
+3. In the `Advanced Settings` tab, uncheck the `User DNS servers advertised by peer` and specify one of the following DNS servers in the `Use custom DNS servers` field:
+
+    - *10.0.254.1* = regular DNS with no blocking
+    - *10.0.254.2* = standard AntiTracker to block advertising and malware domains
+    - *10.0.254.3* = Hardcore Mode AntiTracker to also block Google and Facebook domains<br></br>
+![](/images-static/uploads/install-openvpn-openwrt-06.png)
+
+3. Click `Save` & `Save & Apply` buttons.
+
+### Final Steps
+
+1. A device reboot is not required, though it may be useful to confirm that everything behaves as expected.
+2. Run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) via one of the internal network clients attached to your OpenWRT router.
+
+**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and make the required changes in the .ovpn config file. 
\ No newline at end of file
diff --git a/src/content/es/pages/setup/router/opnsense-openvpn-instances.md b/src/content/es/pages/setup/router/opnsense-openvpn-instances.md
new file mode 100644
index 000000000..8239dab1f
--- /dev/null
+++ b/src/content/es/pages/setup/router/opnsense-openvpn-instances.md
@@ -0,0 +1,91 @@
+---
+title: OPNsense OpenVPN Setup Guide
+listItem: OPNsense OpenVPN
+url: /setup/router/opnsense-openvpn/
+section: Router Setup
+platform: router
+layout: setup-article
+weight: 60
+---
+## OPNsense OpenVPN Setup Guide
+
+<div markdown="1" class="notice notice--warning">
+This guide was produced using OPNsense 24.1.1
+</div>
+
+### Adding a CA certificate
+
+1. In your router's webUI, navigate to `System` > `Trust` > `Authorities` and click on the `+` button.
+
+2. Give it any name, i.e. "IVPN CA", select `Import an existing Certificate Authority`, then copy and paste the contents of our [ca.crt](/releases/config/ca.crt) file into the `Certificate Data` field.
+
+3. Click `Save`.
+
+    ![](/images-static/uploads/install-openvpn-opnsense-01.png)
+
+### Adding a Static key
+
+1. Navigate to `VPN` > `OpenVPN` > `Instances` > `Static Keys` tab and click on the `+` button.
+
+2. Give it any name, i.e. "IVPN TLS Key", set `Mode` to `auth (Authenticate control channel packets)`, then copy and paste the contents of our [ta.key](/releases/config/ta.key) file into the `Static Key` field.
+
+3. Click `Save`.
+
+    ![](/images-static/uploads/install-openvpn-opnsense-instance-02.png)
+
+### Creating an OpenVPN Client Instance
+
+1. Navigate to the `Instances` tab, click on the `+` button, toggle the `Advanced mode` switch on and enter the following configuration:
+
+    *   Role - **Client**
+    *   Description - give it any name, i.e. **IVPN Ukraine**
+    *   Enabled - **Toggled on**
+    *   Protocol - **UDP** or **TCP**
+    *   Type - **tun**
+    *   Keep alive interval - **10**
+    *   Keep alive timeout - **60**
+    *   Remote - [choose](/status/) the server and enter its hostname with the port number separated with a colon, e.g. `ua2.gw.ivpn.net:2049` (available ports can be found [here](/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect/))
+    *   Certificate Authority - **IVPN CA**
+    *   TLS static key - **[auth] IVPN TLS Key**
+    *   Auth - **SHA1 (160-bit)**
+    *   Username - your IVPN account ID (**i-XXXX-XXXX-XXXX** or **ivpnXXXXXXXX**. Note, the ID is case-sensitive)
+    *   Password - any string, i.e. **ivpn** <br></br>![](/images-static/uploads/install-openvpn-opnsense-instance-03.png)<br></br>
+
+2. Click `Save`.
+
+### Creating an Interface
+
+1. Navigate to `Interfaces` > `Assignments`
+
+2. Look for the interface with `ovpnc1` name, give it any description, i.e. "IVPNUkraine", then click on the `+` button and `Save`<br></br>![](/images-static/uploads/install-openvpn-opnsense-04.png)
+
+3. Click on the newly added interface name, have the `Enable Interface` option checked and `Save` the changes.
+
+### Configuring a Firewall
+
+1. Navigate to `Firewall` > `NAT` > `Outbound`, select `Manual outbound NAT rule generation` and click `Save`
+
+2. Click on the `+` button to add a new rule and fill in the following configuration:
+
+    *   Disabled - **Unchecked**
+    *   Interface - select the created earlier interface, i.e. **IVPNUkraine**
+    *   Source Address - **LAN net**
+    *   Translation / target - **Interface address**
+
+3. Click `Save` and `Apply Changes`.<br></br>![](/images-static/uploads/install-openvpn-opnsense-06.png)
+
+### DNS
+
+1. Navigate to `Services` > `ISC DHCPv4` > `[LAN]`
+
+2. In the `DNS servers` field, enter the OpenVPN regular DNS server IP address (10.0.254.1) or the one associated with the preferred [AntiTracker](/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers/) list.
+
+3. Click `Save`.<br></br>![](/images-static/uploads/install-openvpn-opnsense-instance-06.png)
+
+### Final Steps
+
+1. Restart your router and check the status of the OpenVPN client in the `VPN` - `OpenVPN` - `Connection Status` area.<br></br>![](/images-static/uploads/install-openvpn-opnsense-instance-04.png)
+
+2. Check the conenction status and the assigned public IP address on our website and run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) from one of the devices connected to your OPNsense router.<br></br>![](/images-static/uploads/install-openvpn-opnsense-instance-05.png)
+
+**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and replace the port number in **Configuring an OpenVPN Client** section, `Remote` field with the chosen Exit-hop server Multi-hop port. 
diff --git a/src/content/es/pages/setup/router/opnsense-wireguard.md b/src/content/es/pages/setup/router/opnsense-wireguard.md
new file mode 100644
index 000000000..9613e65a2
--- /dev/null
+++ b/src/content/es/pages/setup/router/opnsense-wireguard.md
@@ -0,0 +1,99 @@
+---
+title: OPNSense WireGuard Setup Guide
+listItem: OPNsense WireGuard
+url: /setup/router/opnsense-wireguard/
+section: Router Setup
+platform: router
+layout: setup-article
+weight: 61
+---
+## OPNSense WireGuard Setup Guide
+
+<div markdown="1" class="notice notice--warning">
+This guide was produced using OPNSense 20.1.
+</div>
+
+### Configure Your Environment
+
+1.  Navigate to the home page of your router - By default `192.168.1.1`.
+
+2.  Install system updates: `System > Firmware > Updates`
+
+3.  Install the WireGuard plugin via `System > Firmware > Plugins` and scroll down to **os-wireguard**, then click the `+` to install. Reboot via `Power > Reboot` to make sure WireGuard is applied to the system.
+
+    ![](/images-static/uploads/opns-wg-1-3-wg-plugin.png)
+
+### Add an Endpoint (Server Location /Peer)
+
+1.  Log in to the [IVPN Client Area](/account/).
+
+2.  Choose a WireGuard server to connect to from our [Server Status](/status/) page. Make note of the hostname and the public key of the server.
+
+3.  In the OPNSense web interface, go to `VPN > WireGuard > Endpoints` and click the `+` to add a VPN server location (Endpoint/Peer):
+
+    <div markdown="1" class="notice notice--info">
+    <strong>Name:</strong> A short interface name, like ivpnJapan or ivpnSeattle.<br>
+    <strong>Public Key:</strong> The server public key is available from the server list in the step above.<br>
+    <strong>Shared Secret:</strong> Leave it blank.<br>
+    <strong>Alloweb IPs:</strong> 0.0.0.0/0<br>
+    <strong>Endpoint Address:</strong> The server hostname is available from the server list in the step above.<br>
+    <strong>Endpoint Port:</strong> IVPN offers different ports to connect on: 53, 80, 443, 1194, 2049, 2050, 30587, 41893, 48574, and 58237<br>
+    <strong>Keepalive:</strong> 25
+    </div>
+
+    ![](/images-static/uploads/opns-wg-2-3-edit-endpoint.png)
+
+4.  Click the `Save` button to add the **Endpoint** to your OPNSense system.
+
+### Add a Local Interface
+
+1.  In the OPNSense web interface, go to `VPN > WireGuard > Local` and click the `+` to add a local interface and enter the following:
+
+    <div markdown="1" class="notice notice--info">
+    <strong>Name:</strong> A short interface name, like ivpn.<br>
+    <strong>Listen Port:</strong> Default value is likely fine.<br>
+    <strong>DNS Server:</strong> The DNS server can be one of three options:<br><br>
+    <i>172.16.0.1</i> = regular DNS with no blocking<br>
+    <i>10.0.254.2</i> = standard AntiTracker to block advertising and malware domains<br>
+    <i>10.0.254.3</i> = Hardcore Mode AntiTracker to also block Google and Facebook domains<br><br>
+    <strong>Tunnel Address:</strong> Enter a temporary placeholder address, like 10.9.9.9<br>
+    <strong>Peers:</strong> Choose the <strong>Endpoint</strong> (VPN server location) you created in the previous step.
+    </div>
+
+    Click the `Save` button to generate your **Public** and **Private** keys.
+
+2.  Click the pencil icon to edit the local interface you created in the previous step and make note of your **Public Key**.
+
+    ![](/images-static/uploads/opns-wg-3-2-local-interface.png)
+
+3.  On the `VPN Accounts` page in the Client Area on our website, click the `WireGuard` tab. Go to `WireGuard Key Management` located under **Tools**. Click the `Add New Key` button. Copy the contents of the **Public Key** from OPNSense and paste them into the **Public Key**: field. Add a comment, like OPNSense if you prefer, and click the `Add Key button`.
+
+    <div markdown="1" class="notice notice--warning">
+    Be sure to copy the <strong>Public Key</strong> and not the <strong>Private Key</strong>. The <strong>Private Key</strong> must always be kept a carefully guarded secret.
+    </div>
+
+4.  Make note of the IPv4 Address beside your newly added public key on the WireGuard tab in the Client Area. This is the IP address your computer system will have on our internal network. It will be in the form **172.x.y.z**.
+
+5.  Go back to the OPNSense web interface and the local interface that is being edited. Remove the temporary placeholder from the **Tunnel Address** field and enter the IP address from the step above plus the /32 netmask **(172.x.y.z/32)**.
+
+    ![](/images-static/uploads/opns-wg-3-5-edit-local-interface.png)
+
+6.  Click the `Save` button.
+
+### Connecting
+
+1.  Go to the `VPN > WireGuard > General` tab and put a check mark beside **Enable WireGuard** on the General tab, then click the `Save` button.
+
+2.  Check the `VPN > WireGuard > List Configuration` and `Handshakes` tabs to see connection details.
+
+3.  Go to the `Interfaces > LAN` page and set the `MSS` value to `1412`.  Click the `Save` button at the bottom of the page, then click the `Apply changes` button at the top of the page.
+
+4.  To let you internal network clients go through the tunnel, add a **NAT entry**. Go to `Firewall > NAT > Outbound` and click `+Add` to add a rule. Check that rule generation is set to **Manual** or **Hybrid**. Add a rule and select **Wireguard** as `Interface`. `Source Address` should be **LAN net** and set `Translation / target` to **Interface address**.
+
+    ![](/images-static/uploads/opns-wg-4-3-nat-rule.png)
+
+5.  Click the `Save` button, click the `Apply Changes` button, then reboot the OPNSense router.
+
+6.  Run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com/) via one of the internal network clients attached to your OPNSense router.
+
+**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and make the required changes to the `Endpoint Address` port and `Peer Public Key`. 
diff --git a/src/content/es/pages/setup/router/opnsense.md b/src/content/es/pages/setup/router/opnsense.md
new file mode 100644
index 000000000..b2e53eaf9
--- /dev/null
+++ b/src/content/es/pages/setup/router/opnsense.md
@@ -0,0 +1,90 @@
+---
+title: OPNsense OpenVPN Setup Guide (legacy)
+listItem: OPNsense OpenVPN (legacy)
+url: /setup/router/opnsense-openvpn-legacy/
+section: Router Setup
+platform: router
+layout: setup-article
+weight: 62
+---
+## OPNsense OpenVPN Setup Guide
+
+<div markdown="1" class="notice notice--warning">
+This guide was produced using OPNsense 21.7.1
+</div>
+
+### Add a Certificate
+
+1. In your router's webUI, navigate to `System` > `Trust` > `Authorities` and click on the `+` button
+
+2. Give it any name, i.e. "IVPN CA", select `Import an existing Certificate Authority`, then copy and paste the contents of our [ca.crt](/releases/config/ca.crt) file into the `Certificate Data` field
+
+3. Click `Save`.
+
+    ![](/images-static/uploads/install-openvpn-opnsense-01.png)
+
+### Configure an OpenVPN Client
+
+1. Choose an OpenVPN server from our [Server Status](/status/) page and make note of its hostname (this guide uses Ukranian server as an example - ua1.gw.ivpn.net)
+
+2. Navigate to `VPN` > `OpenVPN` > `Clients`, click on the `+` button and enter the following configuration:
+
+    *   Disabled - **Unchecked**
+    *   Description - Give it any name, i.e. **IVPN Ukraine**
+    *   Server Mode - **Peer to Peer (SSL/TLS)**
+    *   Protocol - **UDP** or **TCP**
+    *   Device mode - **tun**
+    *   Interface - **WAN**
+    *   Remote server - IVPN's server hostname, i.e. **ua1.gw.ivpn.net**
+    *   Port - **2049** (or 53, 80, 443, 1194, 2050 for UDP and 80, 443, 1443 for TCP. All ports are equally secure)
+    *   Username - Your IVPN account ID (**i-XXXX-XXXX-XXXX** or **ivpnXXXXXXXX** case-sensitive)
+    *   Password - any string, i.e. **ivpn** <br></br>![](/images-static/uploads/install-openvpn-opnsense-02.png)<br></br>
+    *   TLS Authentication - check the `Enable authentication of TLS packets` option then copy and paste the contents of our [ta.key](/releases/config/ta.key) file
+    *   Peer Certificate Authority - **IVPN CA**
+    *   Client Certificate - **None (Username and Password required)**
+    *   Encryption algorithm - **CHACHA20-POLY1305 (256 bit key)** (AES-256-GCM & AES-256-CBC are also supported)
+    *   Auth Digest Algorithm - **SHA1 (160bit)**
+    *   Compression - **Legacy - Disabled LZO algorithm (--comp-lzo no)**<br></br>![](/images-static/uploads/install-openvpn-opnsense-03.png)<br></br>
+
+3. Click `Save`.
+
+### Create an Interface
+
+1. Navigate to `Interfaces` > `Assignments`
+
+2. Look for the interface with `ovpnc1` name, give it any description, i.e. "IVPNUkraine", then click on the `+` button and `Save`<br></br>![](/images-static/uploads/install-openvpn-opnsense-04.png)
+
+3. Click on the newly added interface name, have the `Enable Interface` option checked and `Save` the changes.
+
+### Configure Firewall
+
+1. Navigate to `Firewall` > `NAT` > `Outbound`, select `Manual outbound NAT rule generation` and click `Save`
+
+2. Click on the `+` button to add a new rule and fill in the following configuration:
+
+    *   Disabled - **Unchecked**
+    *   Interface - select the created earlier interface, i.e. **IVPNUkraine**
+    *   Source Address - **LAN net**
+    *   Translation / target - **Interface address**
+
+3. Click `Save` and `Apply Changes`.<br></br>![](/images-static/uploads/install-openvpn-opnsense-06.png)
+
+### DNS
+
+1. Navigate to `Services` > `DHCPv4` > `[LAN]`
+
+2. In the `DNS servers` field, specify one of the following DNS servers:
+
+    * *10.0.254.1* = regular DNS with no blocking
+    * *10.0.254.2* = standard AntiTracker to block advertising and malware domains
+    * *10.0.254.3* = AntiTracker Hardcore Mode to also block Google and Facebook domains
+
+3. Click `Save`.<br></br>![](/images-static/uploads/install-openvpn-opnsense-08.png)
+
+### Final Steps
+
+1. Restart your router device and check the status of the OpenVPN client in the `VPN` - `OpenVPN` - `Connection Status` area.<br></br>![](/images-static/uploads/install-openvpn-opnsense-10.png)
+
+2. Check the conenction status and the assigned public IP address on our website and run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) from one of the devices connected to your OPNsense router.<br></br>![](/images-static/uploads/install-openvpn-opnsense-11.png)
+
+**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and replace the port number in *Step 2* of *Configure an OpenVPN Client* section with the chosen Exit-hop server Multi-hop port. 
diff --git a/src/content/es/pages/setup/router/pfsense-wireguard.md b/src/content/es/pages/setup/router/pfsense-wireguard.md
new file mode 100644
index 000000000..7190b0a22
--- /dev/null
+++ b/src/content/es/pages/setup/router/pfsense-wireguard.md
@@ -0,0 +1,206 @@
+---
+title: WireGuard Setup guide for pfsense
+h2: pfSense® WireGuard® Setup Guide
+listItem: pfSense WireGuard
+url: /setup/router/pfsense-wireguard/
+section: Router Setup
+platform: router
+layout: setup-article
+weight: 31
+contents:
+- item:
+    title: WireGuard Configuration
+    anchor: config
+- item:
+    title: Interfaces
+    anchor: interfaces
+- item:
+    title: Firewall
+    anchor: firewall
+- item:
+    title: Static Routing
+    anchor: routing
+- item:
+    title: DNS
+    anchor: dns
+- item:
+    title: DNS Resolver
+    anchor: resolver
+- item:
+    title: Final Steps
+    anchor: final
+---
+<div markdown="1" class="notice notice--warning">
+This guide was produced using pfSense v2.5.2.
+</div>
+
+### Set WireGuard Configuration {#config}
+
+#### Install the Package
+
+1. Click `System` > `Package Manager` and go to `Available Packages`.
+2. Search for "wire" and install the **WireGuard** package.
+
+#### Add a Tunnel
+
+1. In your pfSense device, navigate  to `VPN` > `WireGuard` and click `+ Add Tunnel`.
+2. Check `Enabled`.
+3. Enter a `Description`, like **IVPN WG**.
+4. Upload the **Public key** and obtain a client IP address:
+    - In the `Tunnel Configuration` > `Interface Keys` section, click the `Generate` key button, copy the **Public key**, then go to the **IVPN Account Area** by logging in to the [ivpn.net website](https://www.ivpn.net/account/login/).
+    - Click the `WireGuard` tab in the **IVPN Account Area** and click `Add a new key`.
+    - Paste the **Public key** and click the `Add` button to obtain a **172.x.y.z** client IPv4 address and a **fd00:4956:504e:ffff::wxyz:wxyz** client IPv6 address.
+5. Enter the client IP address into `Address` field.  For IPv4 addresses, like **172.x.y.z**, choose `32` from the subnet mask dropdown.  For IPv6 addresses, like **fd00:4956:504e:ffff::wxyz:wxyz**, choose `128` from the subnet mask dropdown.
+    <div markdown="1" class="notice notice--info">
+    <strong>Note:</strong> It is possible to use a "simplified" IPv6 address.  Use the IPv6 prefix and add the IPv4 address: <strong>fd00:4956:504e:ffff::172.x.y.z</strong>.  pfSense and other WireGuard clients accept both forms.
+    </div>
+6. Click the `Save Tunnel` button and click the `Apply Changes` button.
+<div markdown="1" class="notice notice--warning">
+Be sure to copy the <strong>Public Key</strong> and not the <strong>Private Key</strong>. The <strong>Private Key</strong> must always be kept a carefully guarded secret.
+</div>
+
+#### Add a Peer
+
+1. On the new tunnel line (**tun_wg0**), click the `Add Peer` icon (head and shoulders with a + sign) under the **Actions** column and enter the following:
+    * `Description`: Describe the VPN server, like **IVPN Ukraine**
+    * `Dynamic Endpoint`: Unchecked.  
+    * `Endpoint`: IP address or hostname of IVPN's WireGuard server, hostnames are available on the [IVPN server status page](https://www.ivpn.net/status)
+	- To turn the hostname for the Ukraine server (ua.wg.ivpn.net) into an IP address (176.103.57.129), for example, run `nslookup ua.wg.ivpn.net` in a **Command Prompt** on Windows or **Terminal** on macOS or Linux or via `Diagnostics` > `Command Prompt` > `Execute Shell Command` in the pfSense web interface:  
+	> $ nslookup ua.wg.ivpn.net  
+	> ...  
+	> Name:   ua.wg.ivpn.net  
+	> Address: 176.103.57.129  
+    * `Endpoint Port`: Choose one of 53, 2049, 2050, 30587, 41893, 48574, or 58237, all are equally secure
+    * `Keep Alive`: 25 seconds is reasonable
+    * `Public key`: IVPN WireGuard server's key, available on the [IVPN server status page](https://www.ivpn.net/status)
+    * `Allowed IPs`: For IPv4 addresses, enter **0.0.0.0/0**.  For IPv6 addresses, enter **::/0**
+2. Click the `Save Peer` button and click the `Apply Changes` button.
+
+![](/images-static/uploads/pf-wg-10-peer.png)
+
+### Interfaces {#interfaces}
+
+1. Navigate to `Interfaces` > `Assignments` and click the `+ Add` button beside `Available networks ports: tun_wg0`.  The interface becomes **OPT1** (or another OPT*).
+2. Click the `Save` button.
+3. Click the `OPT1` interface name link and put a check mark beside `Enable`.
+4. Change the `Description` from **OPT1** to **WG_IVPN**
+5. IPv4:
+    * Set `IPv4 Configuration Type` to **Static IPv4**
+    * In the `Set IPv4 Configuration` section, set the `IPv4 Address` to the same **172.x.y.z** IP address that was assigned in the Account Area.  The subnet mask is **/32**
+    * Beside `IPv4 Upstream Gateway`, click the `+ Add a new gateway` button
+    * Change the `Gateway name` to **WG_IVPN_GWV4**
+    * Set `Gateway IPv4` to same **172.x.y.z** IP address that was assigned in the IVPN website **Account Area**
+    * Click the `+ Add` button on the **New Gateway** popup
+6. IPv6:
+    * Set `IPv6 Configuration Type` to **Static IPv6**
+    * In the `Set IPv6 Configuration` section, set the `IPv6 Address` to the same **fd00:4956:504e:ffff::wxyz:wxyz** IP address that was assigned in the Account Area (or use the "simplified" IPv6 address).  The subnet mask is **/128**
+    * Beside `IPv6 Upstream Gateway`, click the `+ Add a new gateway` button
+    * Change the `Gateway name` to **WG_IVPN_GWV6**
+    * Set `Gateway IPv6` to same **fd00:4956:504e:ffff::wxyz:wxyz** IP address that was assigned in the Account Area (or use the "simplified" IPv6 address)
+    * Click the `+ Add` button on the **New Gateway** popup
+7. Click the `Save` button and click the `Apply Changes` button.
+8. Navigate to `Interfaces` > `LAN` and set `MSS` to **1412**
+9. Click the `Save` button and click the `Apply Changes` button.
+
+![](/images-static/uploads/pf-wg-15-interface.png)
+
+### Firewall {#firewall}
+
+#### NAT
+
+1. Navigate to `Firewall` > `NAT` > `Outbound` and change the mode to **Manual**.
+2. Click the `Save` button and click the `Apply Changes` button.
+3. Look for the entry that contains your local network subnet (the one that does not contain port "500" or IP address "127.0.0.0" entries, this might be 192.168.1.0/24) and click on the `Pen icon (Edit mapping)`.
+4. Change `Interface` to **WG_IVPN** and change `Description` to mention the VPN, like **LAN to IVPN**.
+5. Click the `Save` button and click the `Apply Changes` button.
+6. Delete the other rule(s) containing your local network subnet that exist via WAN, (keep the 127.0.0.0). This will ensure that traffic does not leak if the VPN tunnel accidentally goes down.
+7. Click the `Apply Changes` button.
+
+![](/images-static/uploads/pf-wg-20-fw-nat-outbound.png)
+
+#### Rules
+
+1. Navigate to `Firewall` > `Rules` > `LAN`, click the `Add (top)` button and set the following:
+    - `Action`: **Pass**
+    - `Interface`: **LAN**
+    - `Address Family`: **IPv4**
+    - `Protocol`: **Any**
+    - `Source`: **LAN net**
+    - Add an optional `Description`
+    - Click `Extra Options` > `Display Advanced` and scroll down to `Gateway` and set it to the WG_IVPN gateway **WG_IVPN_GWV4**
+2. Click the `Save` button and click the `Apply Changes` button.
+3. If your LAN includes IPv6, create another firewall rule following step #1 above.  Set `Address Family` to **IPv6** and set `Advanced` > `Gateway` to **WG_IVPN_GWV6**, then click `Save` and `Apply Changes`.
+4. Disable the default WAN access firewall rules on the  `Firewall` > `Rules` > `LAN` page:
+    - Click the green check marks beside the `Default allow` rules for IPv4* and IPv6* to turn them off.
+    - Click the `Apply Changes` button.
+
+![](/images-static/uploads/pf-wg-30-fw-rules-lan.png)
+
+#### Additional Kill Switch Configuration
+
+1. Navigate to `Firewall` > `Rules` > `Floating`, click on the `Add` button and create the rule to reject all traffic on WAN interface:
+    - `Action`: **Reject**
+    - `Quick`: **Check**
+    - `Interface`: **WAN**
+    - `Direction`: **Any**
+    - `Address Family`: **IPv4+IPv6**
+    - `Protocol`: **Any**
+    - `Description`: **Reject all WAN traffic**
+    - `Save`
+2. Click on the `Add (top)` button again and create another rule to allow the traffic from WAN interface to VPN server:
+    - `Action`: **Pass**
+    - `Quick`: **Check**
+    - `Interface`: **WAN**
+    - `Direction`: **Any**
+    - `Address Family`: **IPv4**
+    - `Protocol`: **Any**
+    - `Destination` > `Single host or alias` > `176.103.57.129`
+    - `Description`: **Allow traffic to VPN server**
+    - `Save`
+3. Ensure that 'Reject' rule resides below the 'Allow' one, otherwise drag it down manually.
+4. Click the `Save` button and click the `Apply Changes` button.
+
+![](/images-static/uploads/pf-wg-50-killswitch.png)
+
+### Static Routing {#routing}
+
+1. Navigate to `System` > `Routing` > `Static routes` tab.
+2. Click the `Add` button and configure the routes as follows:
+    - `Destination network`: The IP address of the WireGuard server `176.103.57.129`
+    - `Gateway`: Your router's `WAN` gateway
+    - `Description`: "WAN to VPN"
+    - Click `Save`
+3. Navigate to `System` > `Routing` > `Gateways` tab and set `Default gateway IPv4` to **WG_IVPN_GWV4** and set `Default gateway IPv6` to **WG_IVPN_GWV6**.
+4. Click `Save` and `Apply changes`.
+
+![](/images-static/uploads/pf-wg-35-routing.png)
+
+### DNS {#dns}
+
+1. Navigate to `System` > `General Setup` > `DNS` and set the `DNS Servers` > `Address` to one of the three internal DNS server options:
+    - *172.16.0.1* = regular DNS with no blocking
+    - *10.0.254.2* = standard AntiTracker to block advertising and malware domains
+    - *10.0.254.3* = Hardcore Mode AntiTracker to also block Google and Facebook domains
+2. Set the `Gateway` to the WG_IVPN gateway **WG_IVPN_WGV4**
+3. Uncheck `DNS Server Override` and click the `Save` button.
+![](/images-static/uploads/pf-wg-40-dns.png)
+4. Navigate to `Services` > `DHCP Server` and set the `DNS Servers` > `DNS Server 1` to the DNS server you chose in step #1 above.
+5. Click `Save`.
+
+### DNS Resolver {#resolver}
+
+1. Navigate to `Services` > `DNS Resolver` and have `Enable DNSSEC` checked.
+2. Check `Enable Forwarding Mode` beside `DNS Query Forwarding`.
+3. Click the `Save` button and click the `Apply Changes` button.
+
+### Final Steps {#final}
+
+1. A device reboot is not required, though it may be useful to confirm that everything behaves as expected.
+2. Run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) via one of the internal network clients attached to your pfSense router.
+3. Use `curl` on the pfSense router to confirm the router's traffic uses the VPN connection:
+    - Go to `Diagnostics` > `Command Prompt`.
+    - For IPv4, enter `curl -4 ifconfig.co` in the `Execute Shell Command` box, then press `Execute`.
+    - For IPv6, enter `curl -6 ifconfig.co` in the `Execute Shell Command` box, then press `Execute`.
+    - In both cases, the IP address on the last line of the shell output is the VPN server.
+
+**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and make the required changes to the `Endpoint Address` port and `Peer Public Key`. 
\ No newline at end of file
diff --git a/src/content/es/pages/setup/router/pfsense.md b/src/content/es/pages/setup/router/pfsense.md
new file mode 100644
index 000000000..cde3f7da2
--- /dev/null
+++ b/src/content/es/pages/setup/router/pfsense.md
@@ -0,0 +1,164 @@
+---
+title: OpenVPN Setup Guide for pfSense
+listItem: pfSense OpenVPN
+url: /setup/router/pfsense/
+section: Router Setup
+platform: router
+layout: setup-article
+weight: 30
+---
+## pfSense® OpenVPN Setup Guide
+
+<div markdown="1" class="notice notice--warning">
+This guide was produced using pfSense v2.7.0.
+</div>
+
+
+### Basic pfSense Setup
+
+1.  **Add the CA.crt to the Certificate Manager**  
+    In your pfSense device click on `System` -> `Certificates` -> `Authorities` and then click on `+Add`.
+
+    Give it a name, i.e. **"IVPN CA"**.
+
+    Choose `Import an existing Certificate Authority` and paste the following under **"Certificate data"**:  
+
+    ```
+    -----BEGIN CERTIFICATE-----
+    MIIGoDCCBIigAwIBAgIJAJjvUclXmxtnMA0GCSqGSIb3DQEBCwUAMIGMMQswCQYD
+    VQQGEwJDSDEPMA0GA1UECAwGWnVyaWNoMQ8wDQYDVQQHDAZadXJpY2gxETAPBgNV
+    BAoMCElWUE4ubmV0MQ0wCwYDVQQLDARJVlBOMRgwFgYDVQQDDA9JVlBOIFJvb3Qg
+    Q0EgdjIxHzAdBgkqhkiG9w0BCQEWEHN1cHBvcnRAaXZwbi5uZXQwHhcNMjAwMjI2
+    MTA1MjI5WhcNNDAwMjIxMTA1MjI5WjCBjDELMAkGA1UEBhMCQ0gxDzANBgNVBAgM
+    Blp1cmljaDEPMA0GA1UEBwwGWnVyaWNoMREwDwYDVQQKDAhJVlBOLm5ldDENMAsG
+    A1UECwwESVZQTjEYMBYGA1UEAwwPSVZQTiBSb290IENBIHYyMR8wHQYJKoZIhvcN
+    AQkBFhBzdXBwb3J0QGl2cG4ubmV0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
+    CgKCAgEAxHVeaQN3nYCLnGoEg6cY44AExbQ3W6XGKYwC9vI+HJbb1o0tAv56ryvc
+    6eS6BdG5q9M8fHaHEE/jw9rtznioiXPwIEmqMqFPA9k1oRIQTGX73m+zHGtRpt9P
+    4tGYhkvbqnN0OGI0H+j9R6cwKi7KpWIoTVibtyI7uuwgzC2nvDzVkLi63uvnCKRX
+    cGy3VWC06uWFbqI9+QDrHHgdJA1F0wRfg0Iac7TE75yXItBMvNLbdZpge9SmplYW
+    FQ2rVPG+n75KepJ+KW7PYfTP4Mh3R8A7h3/WRm03o3spf2aYw71t44voZ6agvslv
+    wqGyczDytsLUny0U2zR7/mfEAyVbL8jqcWr2Df0m3TA0WxwdWvA51/RflVk9G96L
+    ncUkoxuBT56QSMtdjbMSqRgLfz1iPsglQEaCzUSqHfQExvONhXtNgy+Pr2+wGrEu
+    SlLMee7aUEMTFEX/vHPZanCrUVYf5Vs8vDOirZjQSHJfgZfwj3nL5VLtIq6ekDhS
+    AdrqCTILP3V2HbgdZGWPVQxl4YmQPKo0IJpse5Kb6TF2o0i90KhORcKg7qZA40sE
+    bYLEwqTM7VBs1FahTXsOPAoMa7xZWV1TnigF5pdVS1l51dy5S8L4ErHFEnAp242B
+    DuTClSLVnWDdofW0EZ0OkK7V9zKyVl75dlBgxMIS0y5MsK7IWicCAwEAAaOCAQEw
+    gf4wHQYDVR0OBBYEFHUDcMOMo35yg2A/v0uYfkDE11CXMIHBBgNVHSMEgbkwgbaA
+    FHUDcMOMo35yg2A/v0uYfkDE11CXoYGSpIGPMIGMMQswCQYDVQQGEwJDSDEPMA0G
+    A1UECAwGWnVyaWNoMQ8wDQYDVQQHDAZadXJpY2gxETAPBgNVBAoMCElWUE4ubmV0
+    MQ0wCwYDVQQLDARJVlBOMRgwFgYDVQQDDA9JVlBOIFJvb3QgQ0EgdjIxHzAdBgkq
+    hkiG9w0BCQEWEHN1cHBvcnRAaXZwbi5uZXSCCQCY71HJV5sbZzAMBgNVHRMEBTAD
+    AQH/MAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAABAjRMJy+mXFLezA
+    Z8iUgxOjNtSqkCv1aU78K1XkYUzbwNNrSIVGKfP9cqOEiComXY6nniws7QEV2IWi
+    lcdPKm0x57recrr9TExGGOTVGB/WdmsFfn0g/HgmxNvXypzG3qulBk4qQTymICds
+    l9vIPb1l9FSjKw1KgUVuCPaYq7xiXbZ/kZdZX49xeKtoDBrXKKhXVYoWus/S+k2I
+    S8iCxvcp599y7LQJg5DOGlbaxFhsW4R+kfGOaegyhPvpaznguv02i7NLd99XqJhp
+    v2jTUF5F3T23Z4KkL/wTo4zxz09DKOlELrE4ai++ilCt/mXWECXNOSNXzgszpe6W
+    As0h9R++sH+AzJyhBfIGgPUTxHHHvxBVLj3k6VCgF7mRP2Y+rTWa6d8AGI2+Raey
+    V9DVVH9UeSoU0Hv2JHiZL6dRERnyg8dyzKeTCke8poLIjXF+gyvI+22/xsL8jcNH
+    i9Kji3Vpc3i0Mxzx3gu2N+PL71CwJilgqBgxj0firr3k8sFcWVSGos6RJ3IvFvTh
+    xYx0p255WrWM01fR9TktPYEfjDT9qpIJ8OrGlNOhWhYj+a45qibXDpaDdb/uBEmf
+    2sSXNifjSeUyqu6cKfZvMqB7pS3l/AhuAOTT80E4sXLEoDxkFD4C78swZ8wyWRKw
+    sWGIGABGAHwXEAoDiZ/jjFrEZT0=
+    -----END CERTIFICATE-----
+    ```
+
+    Click `Save`.  
+
+    ![](/images-static/uploads/install-pfsense-openvpn-2.7.0-010.png)
+
+2.  **Add a VPN connection**  
+    In this example, we will create the VPN connection to Canada server (CA.GW.IVPN.NET). You can find domain names of other locations on our [server status page](/status/).  
+
+    Click on `VPN` -> `OpenVPN` -> `Clients` -> `+Add` and enter the following configuration:  
+
+    *   **Description** - IVPN Canada
+    *   **Server Mode** - Peer to Peer (SSL/TLS)
+    *   **Device mode** - tun Layer 3 Tunnel Mode
+    *   **Protocol** - UDP on IPv4 only
+    *   **Interface** - WAN
+    *   **Server host** - convert hostname `ca.gw.ivpn.net` to an IP address by using `nslookup ca.gw.ivpn.net` in a Command Prompt or Terminal
+    *   **Server port** - 1194 (or any port from the [list](/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect/))
+
+        ![](/images-static/uploads/install-pfsense-openvpn-2.7.0-020.png)
+
+    *   Under **User Authentication Settings**, use your IVPN Account ID for authentication (like `ivpnXXXXXXXX` or `i-XXXX-XXXX-XXXX`, case-sensitive). Set the password field to anything non-blank (ie. ivpn or i).
+    *   Check **Use a TLS Key** option under **TLS Configuration** -> uncheck the **Automatically generate a TLS Key** option and past the following and past the following under **TLS Key**  
+        ```
+        -----BEGIN OpenVPN Static key V1-----
+        ac470c93ff9f5602a8aab37dee84a528
+        14d10f20490ad23c47d5d82120c1bf85
+        9e93d0696b455d4a1b8d55d40c2685c4
+        1ca1d0aef29a3efd27274c4ef09020a3
+        978fe45784b335da6df2d12db97bbb83
+        8416515f2a96f04715fd28949c6fe296
+        a925cfada3f8b8928ed7fc963c156327
+        2f5cf46e5e1d9c845d7703ca881497b7
+        e6564a9d1dea9358adffd435295479f4
+        7d5298fabf5359613ff5992cb57ff081
+        a04dfb81a26513a6b44a9b5490ad265f
+        8a02384832a59cc3e075ad545461060b
+        7bcab49bac815163cb80983dd51d5b1f
+        d76170ffd904d8291071e96efc3fb777
+        856c717b148d08a510f5687b8a8285dc
+        ffe737b98916dd15ef6235dee4266d3b
+        -----END OpenVPN Static key V1-----
+        ```
+    *   **TLS Key Usage Mode** - TLS Authentication
+    *   **TLS keydir direction** - Direction 1
+    *   **Peer Certificate Authority** - IVPN CA
+    *   **Client Certificate** - None (Username or Password required)
+    *   **Data Encryption Algorithm** - AES-256-GCM, CHACHA20-POLY1305
+    *   **Fallback Data Encryption Algorithm** - AES-256-CBC
+    *   **Auth digest algorithm** - SHA1 (160-bit)
+    *   **Server Certificate Key Usage Validation** - Enforce key usage
+        ![](/images-static/uploads/install-pfsense-openvpn-2.7.0-030.png)
+    *   **Allow Compression** - Refuse any non-stub compression (Most secure)
+    *   **Custom options** - `verify-x509-name ca name-prefix` (middle entry `ca` needs to match the prefix for the VPN server hostname)
+    *   **UDP Fast I/O** - checked.
+    *   **Gateway creation** - IPv4 only
+    *   Click `Save`.
+
+3.  **Add an interface**  
+
+    *   Click on `Interfaces` -> `Assignments`.
+    *   Use the Drop-down menu for the `Available network ports` and select `ovpnc* (IVPN Canada)` and click `+Add`
+    *   Click on the new interface name (it is usually named `OPT1` or `OPT2`) and check the **Enable Interface** option.
+    *   Click `Save/Apply`.
+    *   **OPTIONAL:** Disable IPv6 via `Interface` -> `WAN` -> `IPv6 Configuration Type` = None, then click `Save/Apply`.  
+
+4.  **Adjust NAT rules**  
+
+    *   Click on `Firewall` -> `NAT` -> `Outbound`. Set `Mode` to `Manual Outbound NAT rule Generation (AON)` and click `Save/Apply`
+    *   Look for the entry that contains your local IP address (the one that does not contain port `500` nor `127.0.0.0` entries, for you this will probably be `192.168.1.0/24`) and click on the `Pen icon (Edit mapping)`
+    *   Set the interface to the one created in step 3, write a description and have both **Disabled** and **Do not NAT** options **Unchecked**. Click on the `Save/Apply` button
+    *   Delete or disable other rules that contain your local IP that exist via WAN, (keep the 127.0.0.0 ones). This will ensure that traffic doesn't leak if the VPN tunnel accidentally goes down.
+    *   Click `Save/Apply`.  
+        ![](/images-static/uploads/install-pfsense-openvpn-2.7.0-040.png)
+
+5.  **Configure DNS**
+
+    * Navigate to `System` -> `General Setup`
+    * Add an internal OpenVPN DNS server address, like `10.0.254.1` for regular DNS or use an [AntiTracker](/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers/) address, and set **Gateway** to `OPT1` .
+    * Click the `+Add DNS Server` to add a public DNS server, like our public, validating, non-logging, recursive DNS server at `198.245.51.147`, and set **Gateway** to `WAN`.
+    * Uncheck the box for **DNS Server Override**.
+    * Click `Save`.
+        ![](/images-static/uploads/install-pfsense-openvpn-2.7.0-050.png)
+    * Reboot the pfSense router to apply the new configuration, then reboot your local network clients.
+    * Open [dnsleaktest.com](https://dnsleaktest.com/) and run a leak test to verify that you are connected to IVPN.  
+
+**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and replace the port number in *Step 2* with the chosen Exit-hop server Multi-hop port and the `verify-x509-name` prefix in the OpenVPN client **Custom options** area matches the exit server.  
+
+### Privacy Considerations
+
+Recent versions of pfSense send an NTP request to a Google server as part of the system [bootstrap](https://docs.netgate.com/pfsense/en/latest/services/ntpd/bootstrap.html) process.  There are choices with respect to how to handle this:
+1. Ignore it and accept that a Google server will see your real IP address each time your router boots.
+1. Create the `/conf/ntp-boot-time-servers` file and leave it empty, which skips the NTP synchronization.
+1. Create the `/conf/ntp-boot-time-servers` file and add one or more NTP server IP addresses of your choice (separated by a single space).
+
+To create the empty file, access the router's shell and type `touch /conf/ntp-boot-time-servers`.
+
+To populate the file with one address, type `echo a.b.c.d > /conf/ntp-boot-time-servers`, where *a.b.c.d* is an NTP server IP address of your choice.
+
+To remove the file, type `rm -i /conf/ntp-boot-time-servers`.
diff --git a/src/content/es/pages/setup/router/tomato-manual.md b/src/content/es/pages/setup/router/tomato-manual.md
new file mode 100644
index 000000000..f65a7143a
--- /dev/null
+++ b/src/content/es/pages/setup/router/tomato-manual.md
@@ -0,0 +1,106 @@
+---
+title: OpenVPN Setup guide for a Tomato router
+listItem: Tomato OpenVPN
+url: /setup/router/tomato-manual/
+section: Router Setup
+platform: router
+layout: setup-article
+weight: 41
+---
+## Tomato OpenVPN Setup Guide
+
+### Basic Tomato Setup
+
+<div markdown="1" class="notice notice--warning">
+This guide was produced using FreshTomato version 2020.3
+</div>
+
+1.  Launch the web browser and enter the IP address of your router - `http://192.168.1.1/`, by default.
+
+2.  Navigate to `VPN Tunneling` > `OpenVPN Client` > `Basic`.
+
+3.  Enter the following configuration:
+
+    * **Start with WAN:** Check
+    * **Interface Type:** TUN
+    * **Protocol:** UDP
+    * **Server Address/Port:** Enter a server name from the [server status](/status/) page, e.g. `ua.gw.ivpn.net` and Port `2049`
+
+    <div markdown="1" class="notice notice--info">You can also use ports UDP: 53, 80, 443, 1194, 2050 & TCP: 80, 443, 1443</div>
+
+    * **Firewall:** Automatic
+    * **Create NAT on tunnel:** Check
+    * **Inbound Firewall:** Check
+    * **Authorization Mode:** TLS
+    * **TLS control channel:** Outgoing Auth (1)
+    * **Username/Password Authentication:** Check. Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' (case-sensitive) and any password (ie. `ivpn`).
+    * **Auth digest:** SHA1
+    * Click `Save`.
+
+    ![](/images-static/uploads/install-openvpn-tomato-010.png)
+
+4.  Navigate to `Advanced` tab and enter the following configuration:
+
+    *   **Poll interval:** 0
+    *   **Redirect Internet traffic:** All
+    *   **Accept DNS configuration:** Strict
+    *   **Cipher Negotiation:** Enabled (with fallback)
+    *   **Negotiable ciphers:** AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC
+    *   **Legacy/fallback cipher:** Use Default
+    *   **Compression:** None
+    *   **TLS Renegotiation Time:** -1
+    *   **Connection retry:** 30
+    *   **Verify server certificate:** Unchecked
+    *   **Custom Configuration:**
+        ```
+        tls-client
+        tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA
+        key-direction 1
+        resolv-retry infinite
+        keepalive 10 60
+        nobind
+        persist-key
+        persist-tun
+        persist-remote-ip
+        verb 3
+        ```
+        
+    *   Click `Save`.
+
+    ![](/images-static/uploads/install-openvpn-tomato-020.png)
+
+5.  Proceed to `Keys` tab > copy and paste [Static Key](/releases/config/ta.key) and [Certificate Authority](/releases/config/ca.crt) into corresponding fields. Click `Save`.
+
+    ![](/images-static/uploads/install-openvpn-tomato-030.png)
+
+6.  Navigate to `Status` tab and click the `Start Now` button to connect.
+
+    ![](/images-static/uploads/install-openvpn-tomato-040.png)
+
+### Configuring DNS
+
+1. Navigate to `Basic` - `Network`
+
+2. Specify one of the following DNS servers in the `DNS 1` field:
+
+    * *10.0.254.1* = redular DNS with no blocking
+    * *10.0.254.2* = standard AntiTracker to block advertising and malware domains
+    * *10.0.254.3* = AntiTracker Hardcore Mode to also block Google and Facebook
+
+    ..and *198.245.51.147* in the `DNS 2` field.
+
+3. Click `Save`.
+
+### Configuring a Kill-Switch
+
+1. Navigate to `Administration` > `Scripts` > `Firewall`
+2. Enter the following: ``iptables -I FORWARD -i br0 -o `nvram get wan_iface` -j DROP``
+3. Click `Save` and reboot your router.
+
+### Final steps
+
+1. Reboot your router and wait for a minute or two for everything to settle, then reboot your computer system.
+
+2. Check the assigned public IP address on our website and run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) from one of the devices connected to your Tomato router.
+
+**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and replace the port number in *Step 3* with the chosen Exit-hop server Multi-hop port. 
\ No newline at end of file
diff --git a/src/content/es/pages/setup/windows-10-ipsec-with-ikev2.md b/src/content/es/pages/setup/windows-10-ipsec-with-ikev2.md
new file mode 100644
index 000000000..cdf2938b6
--- /dev/null
+++ b/src/content/es/pages/setup/windows-10-ipsec-with-ikev2.md
@@ -0,0 +1,90 @@
+---
+title: Windows 10 IPSec IKEv2 Setup Guide
+url: /setup/windows-10-ipsec-with-ikev2/
+layout: setup
+platform: windows
+---
+# IPSec with IKEv2 setup guide for Windows 10
+
+This guide will help you set up an IPSec connection using IKEv2
+
+1.  Open the `Control panel` by clicking the start menu icon and typing control
+
+2.  Click `Network and Internet` followed by `Network and Sharing Centre`
+
+3.  Click `Setup a new connection or network`
+
+    ![](/images-static/uploads/windows-10-ipsec-with-ikev2-003.png)
+
+4.  Click `Connect to a workplace`, then click `Next`
+
+    ![](/images-static/uploads/windows-10-ipsec-with-ikev2-004.png)
+
+5.  Click `Use my Internet connection (VPN)`
+
+    ![](/images-static/uploads/windows-10-ipsec-with-ikev2-005.png)
+
+6.  Enter the address of one of the servers from the [server status](/status/) list (depending on which country you want to connect to).
+    
+    Below that give the connection a name e.g. IVPN - GB.
+    
+    Choose `Remember my credentials` if you don't want to enter your account ID and password every time you connect.
+    
+    Click `Create` to continue
+
+    ![](/images-static/uploads/windows-10-ipsec-with-ikev2-006.png)
+
+7.  The VPN connection is now created but we still need to configure it. Open the `Network and Sharing Centre` as shown in steps 1 and 2.
+    
+    Click `Change Adapter settings`
+
+    ![](/images-static/uploads/windows-10-ipsec-with-ikev2-007.png)
+
+8.  Right click the icon with the name of the connection you created and with the text WAN Miniport (IKE v2)
+
+9.  Below it and click `Properties`
+
+    ![](/images-static/uploads/windows-10-ipsec-with-ikev2-009.png)
+
+10.  Select the `Security` tab and change the Type of VPN to `IKEv2` and the data encryption to `Maximum strength encryption (disconnect if server declines)`  
+
+     Under `Authentication` select `Use Extensible Authentication Protocol (EAP)` and `Microsoft: Secured password (EAP-MSCHAP v2) (encryption enabled)`  
+
+     ![](/images-static/uploads/windows-10-ipsec-with-ikev2-010.png)
+
+11.  Right click the icon with the name of the connection you created again and select `Create shortcut`
+
+     ![](/images-static/uploads/windows-10-ipsec-with-ikev2-011.png)
+
+12.  Click `Yes` to create a shortcut on the desktop
+
+     ![](/images-static/uploads/windows-10-ipsec-with-ikev2-012.png)
+
+13.  Search for `VPN settings` in the search field on the Taskbar or in the Start menu. Click `VPN settings` in the results list.
+
+     ![](/images-static/uploads/windows-10-ipsec-with-ikev2-013a-130-search-vpn.png)
+
+14.  Click the VPN connection created in step #6 above and click the `Advanced options` button.
+
+     ![](/images-static/uploads/windows-10-ipsec-with-ikev2-013b-140-advanced-options.png)
+
+15.  Under `Connection properties`, click the `Edit` button.
+
+     ![](/images-static/uploads/windows-10-ipsec-with-ikev2-013c-150-connection-properties.png)
+
+16.  Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' (case-sensitive) and the following password - `ivpn`, then click the `Save` button. Close all of the windows that have been opened during this process.
+
+     ![](/images-static/uploads/windows-10-ipsec-with-ikev2-013d-160-ivpn-username-password.png)
+
+17.  To Connect, click your `Task Bar Network Icon`, then click the name of the `IVPN` connection and then `Connect`
+
+     ![](/images-static/uploads/windows-10-ipsec-with-ikev2-013.png)
+
+18.  After a few seconds the network applet should indicate that you are connected to the VPN server.
+
+     ![](/images-static/uploads/windows-10-ipsec-with-ikev2-015.png)
+
+
+DNS may leak with this manual connection. Check out our guide on [setting DNS manually](/knowledgebase/windows/windows-10-set-ivpn-dns-servers-manually/).
+
+[Disabling IPv6](/knowledgebase/windows/windows-10-disable-ipv6/) may be another way to further tighten up your system.
diff --git a/src/content/es/pages/setup/windows-10-openvpn-community.md b/src/content/es/pages/setup/windows-10-openvpn-community.md
new file mode 100644
index 000000000..4c7846c38
--- /dev/null
+++ b/src/content/es/pages/setup/windows-10-openvpn-community.md
@@ -0,0 +1,33 @@
+---
+title: OpenVPN Manual setup for Windows 10
+url: /setup/windows-10-openvpn-community/
+layout: setup
+platform: windows
+---
+# OpenVPN GUI setup guide for Windows 10
+
+This guide demonstrates how to install the community edition of OpenVPN for Windows.
+
+<div markdown="1" class="notice notice--warning">
+If you are using IVPN to protect your privacy/anonymity this software does not offer any DNS leak protection, you may wish to install the scripts from <a href="https://www.dnsleaktest.com">www.dnsleaktest.com</a> to implement DNS leak prevention. In addition if the VPN connection is dropped for any reason, traffic may leak unencrypted through your default gateway. You may want to configure firewall software to mitigate this risk. For these reasons we recommend installing the IVPN client.
+</div>
+
+1.  Download the latest OpenVPN installer from the [OpenVPN community downloads](http://openvpn.net/index.php/download/community-downloads.html) page. Ensure that you download the correct version for your architecture i.e. 32 or 64 bit (If you're not sure see [here](http://windows.microsoft.com/en-us/windows7/find-out-32-or-64-bit)).
+
+2.  Run the installer and answer the required prompts to install the software. Select the default set of components to install. If you have not installed OpenVPN before you may be asked to install the TAP drivers. Check the box "Always trust software from OpenVPN" and click `Install`.
+
+3.  Download the [OpenVPN configuration files](/openvpn-config).
+
+4.  Extract the zip file and copy the contents of the `ivpn-openvpn-config` folder (the .ovpn files) to the `config` folder within the OpenVPN installation directory (Usually C:\Program Files (x86)\OpenVPN\config on 32-bit systems and C:\Program Files\OpenVPN\config on 64-bit systems).
+
+5.  Right click on the OpenVPN shortcut on the desktop and choose `Properties`, switch to the `Compatibility` tab and enable `Run this program as an administrator`.
+
+6.  Start the OpenVPN GUI by double-clicking the shortcut on the desktop. You must allow the application to run as administrator if it requests permission (This is required to update the local routing table).
+
+7.  Right click on the OpenVPN system tray icon (two small monitors in bottom right corner, click the up arrow if icon is hidden) and select the server you wish to connect to and click on `Connect`. Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' and any password when prompted.
+
+    <div markdown="1" class="notice notice--info">
+    Only your account ID is used for authentication and is case-sensitive. The password field can be left empty or set to anything if your client software requires a non-blank password.
+    </div>
+
+8.  When the tray icon turns green you are connected to the IVPN network. Right click to disconnect.
diff --git a/src/content/es/pages/setup/windows-10-wireguard.md b/src/content/es/pages/setup/windows-10-wireguard.md
new file mode 100644
index 000000000..b23b4117d
--- /dev/null
+++ b/src/content/es/pages/setup/windows-10-wireguard.md
@@ -0,0 +1,24 @@
+---
+title: WireGuard Manual setup for Windows 10
+url: /setup/windows-10-wireguard/
+layout: setup
+platform: windows
+---
+# WireGuard setup guide for Windows 10
+
+<div markdown="1" class="notice notice--warning">
+To use WireGuard on Windows, we recommend downloading IVPN's <a href="/apps-windows/">Windows client</a>, which supports the protocol. Please follow the steps below if you would prefer to use the official WireGuard app for Windows instead:
+</div>
+
+1.  [Download](https://www.wireguard.com/install/) and install the latest version of the WireGuard client from the official WireGuard website
+
+2.  Navigate to our [config file generator](/account/wireguard-config)
+
+3.  Choose `Generate key` or `Add key` manually
+
+4.  Select the required `Single` or `Multi-hop` server configuration(s), `Port`, `Internet protocol` and hit `Download zip archive`
+
+5.  Extract the downloaded .zip file, launch the WireGuard app, click on the `Add Tunnel` button in the bottom left > `Import Tunnel(s) from File...` and select the extracted config file(s)
+
+6.  Click on the `Activate` button and check your connection status on our website:<br></br>
+![](/images-static/uploads/connection-status-tool.png)
diff --git a/src/content/es/pages/setup/windows-8-openvpn-community.md b/src/content/es/pages/setup/windows-8-openvpn-community.md
new file mode 100644
index 000000000..022951bae
--- /dev/null
+++ b/src/content/es/pages/setup/windows-8-openvpn-community.md
@@ -0,0 +1,33 @@
+---
+title: OpenVPN GUI setup guide for Windows 8
+url: /setup/windows-8-openvpn-community/
+layout: setup
+platform: windows
+---
+# OpenVPN GUI setup guide for Windows 8
+
+This guide demonstrates how to install the community edition of OpenVPN for Windows.
+
+<div markdown="1" class="notice notice--warning">
+If you are using IVPN to protect your privacy/anonymity this software does not offer any DNS leak protection, you may wish to install the scripts from <a href="https://www.dnsleaktest.com">www.dnsleaktest.com</a> to implement DNS leak prevention. In addition if the VPN connection is dropped for any reason, traffic may leak unencrypted through your default gateway. You may want to configure firewall software to mitigate this risk. For these reasons we recommend installing the IVPN client.
+</div>
+
+1. Download the latest OpenVPN installer from the [OpenVPN community downloads](http://openvpn.net/index.php/download/community-downloads.html) page. Ensure that you download the correct version for your architecture i.e. 32 or 64 bit (If you're not sure see [here](http://windows.microsoft.com/en-us/windows7/find-out-32-or-64-bit)).
+
+2. Run the installer and answer the required prompts to install the software. Select the default set of components to install. If you have not installed OpenVPN before you may be asked to install the TAP drivers. Check the box "Always trust software from OpenVPN" and click `Install`.
+
+3. Download the [OpenVPN configuration files](/openvpn-config).
+
+4. Extract the zip file and copy the contents of the `ivpn-openvpn-config` folder (the .ovpn files) to the `config` folder within the OpenVPN installation directory (Usually C:\Program Files (x86)\OpenVPN\config on 32-bit systems and C:\Program Files\OpenVPN\config on 64-bit systems).
+
+5. Right click on the OpenVPN shortcut on the desktop and choose `Properties`, switch to the `Compatibility` tab and enable `Run this program as an administrator`.
+
+6. Start the OpenVPN GUI by double-clicking the shortcut on the desktop. You must allow the application to run as administrator if it requests permission (This is required to update the local routing table).
+
+7. Right click on the OpenVPN system tray icon (two small monitors in bottom right corner, click the up arrow if icon is hidden) and select the server you wish to connect to and click on `Connect`. Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' and any password when prompted.
+
+   <div markdown="1" class="notice notice--info">
+   Only your account ID is used for authentication and is case-sensitive. The password field can be left empty or set to anything if your client software requires a non-blank password.
+   </div>
+
+8.  When the tray icon turns green you are connected to the IVPN network. Right click to disconnect.
diff --git a/src/content/es/pages/supported-projects.md b/src/content/es/pages/supported-projects.md
new file mode 100644
index 000000000..ec00ed85a
--- /dev/null
+++ b/src/content/es/pages/supported-projects.md
@@ -0,0 +1,32 @@
+---
+title: IVPN Supported Projects
+description: IVPN proudly supports many organizations and projects that closely align with our values. Read more about our beliefs and why we do what we do.
+url: /supported-projects/
+---
+# Supported Projects
+
+IVPN proudly supports the following organizations and projects.
+{{< figure class="features__image--light" src="/images-static/uploads/logo-eff.svg" alt="Electronic Frontier Foundation" >}}
+{{< figure class="features__image--dark" src="/images-static/uploads/logo-eff.svg" alt="Electronic Frontier Foundation" >}}
+[Electronic Frontier Foundation](https://www.eff.org) is a non-profit group founded in San Francisco in 1990. It is the leading activist collective fighting against governments and corporations to preserve privacy and individual freedom on the internet. IVPN has been an organization member of the EFF since May 2013.
+{{< figure class="features__image--light" src="/images-static/uploads/logo-wireguard.svg" alt="WireGuard" >}}
+{{< figure class="features__image--dark" src="/images-static/uploads/logo-wireguard.svg" alt="WireGuard" >}}
+[WireGuard](https://www.wireguard.com) is an open-source VPN protocol developed by Jason A. Donenfeld. Development of WireGuard is supported by donations from companies who deploy it to their networks. IVPN first supported the project in November 2018 before implementing the protocol to our service.
+{{< figure width="125" class="features__image--light" src="/images-static/uploads/BTCPay.svg" alt="BTCPay" >}}
+{{< figure width="125" class="features__image--dark" src="/images-static/uploads/BTCPay.svg" alt="BTCPay" >}}
+[BTCPay Server Foundation](https://foundation.btcpayserver.org) is a non-profit organization responsible for maintaining [BTCPay Server](https://btcpayserver.org), a self-hosted, open-source cryptocurrency payment processor. IVPN is a long-standing user and advocate of BTCPay, and became a Foundation supporter in 2022.
+{{< figure class="features__image--light" src="/images-static/uploads/torservers.svg" alt="Torservers.net" >}}
+{{< figure class="features__image--dark" src="/images-static/uploads/torservers-dark.svg" alt="Torservers.net" >}}
+[Torservers.net](https://torservers.net) is an independent, global network of organizations that help the Tor network by running high bandwidth Tor relays to make the Tor network faster and more reliable. IVPN have been sponsoring a Tor server through torservers.net since June 2014.
+{{< figure class="features__image--light" src="/images-static/uploads/tor.svg" alt="Tor" >}}
+{{< figure class="features__image--dark" src="/images-static/uploads/tor.svg" alt="Tor" >}}
+[The Tor Project](https://www.torproject.org/) works for advancing human rights and defending privacy online through free software and open networks. Tor directs Internet traffic through an overlay network consisting of thousands of relays to protect a user's location and usage from network surveillance or traffic analysis. IVPN started sponsoring Tor in November 2019.
+{{< figure class="features__image--light" src="/images-static/uploads/fightforthefuture.svg" alt="Fight for the future" >}}
+{{< figure class="features__image--dark" src="/images-static/uploads/fightforthefuture-dark.svg" alt="Fight for the future" >}}
+[Fight for the Future](https://www.fightforthefuture.org/) is a non-profit advocacy group working on promoting issues related to copyright, online privacy and censorship on the Internet. Some major campaigns started by FTFF were SOPA and PIPA protests and the launch of [BanFacialRecognition.com](http://banfacialrecognition.com/). IVPN became a Rebel level sponsor in November 2019.
+{{< figure class="features__image--light" src="/images-static/uploads/accessnow.svg" alt="Access Now" >}}
+{{< figure class="features__image--dark" src="/images-static/uploads/accessnow-dark.svg" alt="Access Now" >}}
+[Access Now](https://www.accessnow.org/) is a non-profit advocacy group dedicated to fight for an open and free Internet extending the digital rights of users around the world. They are the organizing body behind ‘RightsCon’, a summit taking place to discuss human rights in the digital age. IVPN first donated to Access Now in November 2019.
+{{< figure class="features__image--light" src="/images-static/uploads/logo-org.svg" alt="The Open Rights Group" >}}
+{{< figure class="features__image--dark" src="/images-static/uploads/logo-org.svg" alt="The Open Rights Group" >}}
+[The Open Rights Group](https://www.openrightsgroup.org) is the UK's only digital campaigning organization working to protect the rights to privacy and free speech online. With almost 3,000 active supporters, the ORG is a grassroots organization with local groups across the UK. IVPN are corporate sponsors of the ORG since April 2016.
diff --git a/src/content/es/pages/supportua-ru.md b/src/content/es/pages/supportua-ru.md
new file mode 100644
index 000000000..10fa3b043
--- /dev/null
+++ b/src/content/es/pages/supportua-ru.md
@@ -0,0 +1,22 @@
+---
+title: Support UA
+url: /supportua/ru/
+alternateURL: "/supportua/ru/"
+hreflang: "ru"
+---
+## Спасибо за ваш интерес к сервису IVPN.
+
+Кампания по предоставлению бесплатного доступа, которую мы начали в феврале 2022 года, завершена. Ваучеры более не распространяются.
+
+Для доступа к нашему сервису мы рекомендуем создать платную [учетную запись IVPN](/pricing/).
+
+Примечание: мы не можем гарантировать обеспечение непрерывного доступа к IVPN в сильно ограниченных сетевых средах. Если вы всё же планируете пользоваться нашим сервисом в таких условиях, предлагаем ознакомиться с [данной статьёй](/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do/).
+
+
+## Thank you for your interest in the IVPN service.
+
+The free access campaign we have started in February 2022 has ended. We are no longer distributing voucher codes. 
+
+To get access to our service we recommend creating a [paid IVPN account](/pricing/).
+
+Note: we cannot guarantee that IVPN provides continuous access in heavily restricted network environments. We suggest reviewing [this article](/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do/) about using our service under such circumstances.
\ No newline at end of file
diff --git a/src/content/es/pages/supportua.md b/src/content/es/pages/supportua.md
new file mode 100644
index 000000000..7f965e051
--- /dev/null
+++ b/src/content/es/pages/supportua.md
@@ -0,0 +1,22 @@
+---
+title: Support UA
+url: /supportua/ua/
+alternateURL: "/supportua/ua/"
+hreflang: "uk"
+---
+## Дякуємо за ваш інтерес до сервісу IVPN.
+
+Кампанія з безкоштовного доступу, яку ми розпочали у лютому 2022 року, завершилася. Ваучери більше не розповсюджуються.
+
+Для отримання доступу до нашого сервісу ми рекомендуємо створити платний [обліковий запис IVPN](/pricing/).
+
+Примітка: ми не можемо гарантувати забезпечення постійного доступа до IVPN в сильно обмежених мережевих середовищах. Якщо ви все ж таки плануєте користуватися нашим сервісом у таких умовах, пропонуємо ознайомитися з [даною статтею](/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do/).
+
+
+## Thank you for your interest in the IVPN service.
+
+The free access campaign we have started in February 2022 has ended. We are no longer distributing voucher codes. 
+
+To get access to our service we recommend creating a [paid IVPN account](/pricing/).
+
+Note: we cannot guarantee that IVPN provides continuous access in heavily restricted network environments. We suggest reviewing [this article](/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do/) about using our service under such circumstances.
diff --git a/src/content/es/pages/team.md b/src/content/es/pages/team.md
new file mode 100644
index 000000000..a9a9fb4af
--- /dev/null
+++ b/src/content/es/pages/team.md
@@ -0,0 +1,101 @@
+---
+title: IVPN Team
+url: /team/
+sections:
+  - type: heading_text_cta_one_column
+    content: >-
+      # Who is behind IVPN?
+
+      IVPN is run by a team of information security experts and privacy activists. The founding team is a group of security professionals who met whilst studying information security at the University of London, UK (Royal Holloway). IVPN has been around since 2009, far longer than most VPN services.
+    cta_label: Our Manifesto
+    cta_url: /manifesto/
+  - type: image_full_width
+    image: /images-static/uploads/team.png
+    image_retina: /images-static/uploads/team-2x.png
+    image_alt_text: IVPN Team
+  - type: heading_text_one_column
+    content: "## What we believe"
+  - type: text_two_column
+    content_column_1: >-
+      #### Privacy is necessary for personal autonomy
+
+
+      We believe privacy is a necessary precondition for the development and preservation of the self. The power to selectively reveal oneself to the world is under attack from governments and corporations. We are fighting back.
+    content_column_2: >-
+      #### Freedom is necessary for an open society
+
+
+      We believe you have the right to freedom of opinion and expression online without interference or surveillance. Freedom leads to enhanced expressions of creativity and original thought. We are determined to protect this right.
+  - type: text_two_column
+    content_column_1: >-
+      #### Surveillance can not be the answer
+
+
+      Advanced surveillance tools like device monitoring and facial recognition technologies are being deployed at a rapid pace. We refuse to accept that these tools are necessary for a safe society and call on governments to roll back their use.
+    content_column_2: >-
+      #### Privacy requires strong security
+
+
+      We need tools enabled by strong encryption to protect ourselves against hostile adversaries. With the right set of protections we can once again control what we share with those we don’t know and can’t trust.
+  - type: lead_text_one_column
+    content: Our current team is fully distributed, with 10 people from 7 countries.
+  - type: team_three_column
+    members:
+      - image: /images-static/uploads/team-nick.png
+        image_retina: /images-static/uploads/team-nick-2x.png
+        name: Nicholas Pestell
+        description: Nick is founder and CEO of IVPN and 100% owner of IVPN Limited, the company through which the IVPN service is operated. Nick brings considerable expertise in risk management and security testing whilst working for Royal Bank of Scotland, Network Rail and ABN AMRO Bank.
+        linkedin: https://www.linkedin.com/in/nick-pestell/
+        github: https://github.com/cipheromega
+      - image: /images-static/uploads/team-edward.png
+        image_retina: /images-static/uploads/team-edward-2x.png
+        name: Eduard De
+        description: As the leader of our customer service department, Edward is responsible for making sure all customer inquiries are dealt with in a swift and professional manner, no matter when they come through.
+        linkedin: https://www.linkedin.com/in/edward-de-91793b163/
+        github: 
+      - image: /images-static/uploads/team-avatar.png
+        image_retina: /images-static/uploads/team-avatar.png
+        name: Iain Douglas
+        description: With over 20 years' experience working with Unix and Linux, Iain knows a thing or two. He manages the team responsible for ensuring the security and availability of our public VPN infrastructure.
+        github: https://github.com/Iain-ivpn
+      - image: /images-static/uploads/team-gorka.png
+        image_retina: /images-static/uploads/team-gorka-2x.png
+        name: Gorka Pernas
+        description: After gathering a decade of experience in quality assurance-related roles at technology firms, Gorka now applies his knowledge in helping the IVPN team ship bug-free apps and making sure you suffer no privacy leaks.
+        linkedin: https://www.linkedin.com/in/gorkapernas/
+        github: https://github.com/gorkapernas
+      - image: /images-static/uploads/nathan.png
+        image_retina: /images-static/uploads/nathan.png
+        name: Natanael Rodriguez
+        description: With over 15 years of experience in software development, Nathan now uses his skills to tackle all backend related projects at IVPN.
+        github: https://github.com/nathanrod
+      - image: /images-static/uploads/team-juraj.png
+        image_retina: /images-static/uploads/team-juraj-2x.png
+        name: Juraj Hilje
+        description: As an unapologetic Apple fan and believer in smooth user experience, it was a natural choice for Juraj to get into iOS development a decade ago. Now he's obsessed with building the best VPN app available on the App Store.
+        github: https://github.com/jurajhilje
+      - image: /images-static/uploads/team-stenya.png
+        image_retina: /images-static/uploads/team-stenya-2x.png
+        name: Oleksandr Stelnykovych
+        description: Stenya has more than 15 years of experience as a software developer in various roles. At IVPN, he is working on building the best VPN applications for Windows and macOS desktops.
+        linkedin: https://www.linkedin.com/in/alexandrstelnykovych/
+        github: https://github.com/stenya
+      - image: /images-static/uploads/team-jordan.png
+        image_retina: /images-static/uploads/team-jordan-2x.png
+        name: Jordan Sullivan
+        description: As a customer service shift leader for the Americas, Jordan uses his problem solving-based technical support skills to help anyone in need of clear and patient assistance.
+        linkedin: 
+        github: https://github.com/jordan-ivpn
+      - image: /images-static/uploads/team-marina.png
+        image_retina: /images-static/uploads/team-marina-2x.png
+        name: Marina Tretiakova
+        description: As finance specialist, Marina not only ensures that IVPN's books are in order, but she is also responsible for developing business processes, performing internal controls and ensuring statutory compliance.
+        linkedin: https://www.linkedin.com/in/marina-radionova-64800135/
+        github: 
+      - image: /images-static/uploads/team-viktor.png
+        image_retina: /images-static/uploads/team-viktor-2x.png
+        name: Viktor Vecsei
+        description: A reformed marketing professional, Viktor has become a fervent privacy advocate since joining IVPN. He is responsible for all communication and outreach efforts that spread the word about IVPN’s mission.
+        linkedin: https://www.linkedin.com/in/viktorvecsei/
+        github: https://github.com/johnnyburnaway
+---
diff --git a/src/content/es/pages/terms-of-service.md b/src/content/es/pages/terms-of-service.md
new file mode 100644
index 000000000..27a63d63d
--- /dev/null
+++ b/src/content/es/pages/terms-of-service.md
@@ -0,0 +1,63 @@
+---
+title: IVPN Terms of Service
+url: /tos/
+layout:
+canonical:
+---
+# Terms of Service
+
+###### Last updated: 21 January 2021
+
+These are the terms of service you are agreeing to when you subscribe and/or are using the services of IVPN, operated by IVPN Limited.
+
+Please note that in this agreement, the term "You" means you the "Subscriber/User", and the term "We" or "Our" means IVPN Limited, its owners, employees, agents and any others involved with IVPN Limited.
+
+##### As a subscriber of our services, you agree that:
+
+1. You will not use our service to hack or attack other computers or networks on the internet.
+
+2. You will not use our service to scan (eg. port scanning, running proxy hunters) other computers or networks on the internet.
+
+3. You will not use our service to transmit viruses, worms, trojans etc. to other computers or networks on the internet.
+
+4. You will not use our service to attack our servers and resources in any way.
+
+5. You will not use our service for receiving and distributing pirated copyright materials. This includes, but is not limited to the following activities: trading, selling, bartering, sharing, transmitting or receiving, of such materials.
+
+6. You will not use our service to send unsolicited data in any form. This includes, but is not limited to the following: Sending unsolicited emails (i.e. SPAM email), hate email, mass-marketing emails, unsolicited instant messages and unsolicited SMS.
+
+7. You will not use our services to engage in any sort of child pornography activities. This includes, but not limited to the following: Trading, bartering, selling, transmitting or receiving such material.
+
+8. You will not use our service for any type of criminal activities. This includes but is not limited to the following: Engaging in the use of stolen credit cards, stolen bank accounts, stolen debit cards, stolen charge cards, stolen online payment accounts (eg. PayPal).
+
+9. You will not use our service to send out phishing or identity theft emails.
+
+10. You will not promote or encourage criminal or terrorist activities of any sort.
+
+11. You will not use our services to threaten or harass others.
+
+12. You will not run resource intensive programs that will interfere with the usage of our services by our users.
+
+13. You will not share your account with others. You will be responsible for all the activities involving your account.
+
+14. You agree not to pay for the service from a stolen credit card.
+
+15. You will not resell or attempt to resell IVPN accounts or services to any individual or entity for use or further resale without the express written permission of IVPN Limited.
+
+16. The service that is offered to you is provided on an "as is" basis, with no warranties whatsoever. We are not liable for any direct, indirect, consequential, inconveniences, or whatsoever damages, or loss of profit, that may arise from the use of our services.
+
+17. We cannot and do not guarantee the speed of our service. We also cannot and do not guarantee that you will have an uninterrupted service. We are not liable for any direct, indirect, consequential, inconveniences, or whatsoever damages, or loss of profit, that may arise from the use of our services.
+
+18. We are not in any shape or form liable for damages of any sort (realized or unrealized) resulting from the use of, or through the use of, or arising from the use of, or the inability to use the IVPN service pertaining to any registered user.
+
+19. In any event, IVPN shall never be liable for any monetary damages beyond what the user paid to IVPN and this will not include court costs or attorney fees irrespective of any statutes or laws that may be interpreted otherwise.
+
+20. We reserve the right to make amendments or modifications to our Terms Of Use Agreement. If we make changes that are material, we will take every reasonable step to ensure that changes are brought to your attention by posting all changes prominently on the IVPN website and emailing our existing customers. The notice will designate a reasonable period of time after which the new Terms will take effect. If you disagree with our changes, then you should stop using the IVPN service within the designated notice period. Your continued use of the IVPN service will be subject to the new Terms. However, any dispute that arose before the changes shall be governed by the Terms that were in place when the dispute arose.
+
+This is our binding agreement when you agree to these terms of service.
+
+The main goal of our service is to protect your privacy. We absolutely do not condone or promote criminal activities of any sort.
+
+If you violate any of our terms, we reserve the right to terminate your service without any advance warning or notification. No refunds or credit will be given.
+
+If you have any questions about this policy please [contact us](/contactus/).
diff --git a/src/content/es/pages/thank-you-light.md b/src/content/es/pages/thank-you-light.md
new file mode 100644
index 000000000..3e4e20b40
--- /dev/null
+++ b/src/content/es/pages/thank-you-light.md
@@ -0,0 +1,6 @@
+---
+title: IVPN Account - Thank You
+description: IVPN Account - Thank You.
+url: /thank-you-light
+layout: application
+---
diff --git a/src/content/es/pages/transparency-report.md b/src/content/es/pages/transparency-report.md
new file mode 100644
index 000000000..a9dae33e4
--- /dev/null
+++ b/src/content/es/pages/transparency-report.md
@@ -0,0 +1,22 @@
+---
+title: IVPN Transparency report
+description: Its important our customers fully understand what private information we collect, store and process. Read our clear and simple policy to get the facts you need.
+url: /transparency-report/
+---
+# Transparency Report
+
+The table below shows the number of valid legal requests received from government or law enforcement agencies.
+
+For more information about how requests are processed please see the [legal process guidelines for law enforcement](/legal-process-guidelines/).
+
+|   | # Requests received | # Valid requests received | # Valid requests received where data was provided |
+|---|---|---|---|
+| 2024 | 4 | 0 | 0 |
+| 2023 | 2 | 0 | 0 |
+| 2022 | 0 | 0 | 0 |
+| 2021 | 1 | 1 | 0 |
+| 2020 | 0 | 0 | 0 |
+| 2019 | 1 | 1 | 0 |
+| 2018 | 1 | 0 | 0 |
+| 2017 | 1 | 0 | 0 |
+| 2016 | 0 | 0 | 0 |
diff --git a/src/content/es/pages/trust.md b/src/content/es/pages/trust.md
new file mode 100644
index 000000000..0240a2448
--- /dev/null
+++ b/src/content/es/pages/trust.md
@@ -0,0 +1,75 @@
+---
+title: Signals of Trustworthiness
+url: /trust/
+---
+# Signals of Trustworthiness
+
+## Part I. Corporate Accountability & Business Model
+
+1.  ### What is the public facing and full legal name of the VPN service and any parent or holding companies? Do these entities have ownership or economic stakes in other VPN services, and if so, do they share user information? Where are they incorporated? Is there any other company or partner directly involved in operating the VPN service, and if so, what is its full legal name?  
+
+    The public facing name is IVPN. The Legal name of the company is IVPN Limited.  
+    IVPN Limited has no parent or holding companies.  
+    There are no other companies or partners directly involved in operating the IVPN service.  
+
+2.  ### Does the company, or other companies involved in the operation or ownership of the service, have any ownership in VPN review websites?  
+
+    No.
+
+3.  ### What is the service’s business model (i.e., how does the VPN make money)? For example, is the sole source of the service’s revenue from consumer subscriptions?  
+
+    100% of revenue is generated from selling VPN consumer subscriptions.
+
+    ## Part II. Privacy: Logging/Data Collection Practices and Responding to Law Enforcement
+
+4.  ### Does the service store any data or metadata generated during a VPN session (from connection to disconnection) after the session is terminated? If so what data? (including data from Client / VPN app, APIs, VPN gateways).
+
+    No.
+
+5.  ### Does your company store (or share with others) any user browsing and/or network activity data, including DNS lookups and records of domain names and websites visited?
+
+    No.
+
+6.  ### Do you have a clear process for responding to legitimate requests for data from law enforcement and courts?
+
+    Yes, please see [Law Enforcement Legal Process Guidelines](/legal-process-guidelines/) and [transparency report](/transparency-report/).
+
+    #### Security controls to protect data in the event of unauthorized physical access to servers  
+    If an adversary gains physical access to a server its prudent to assume that they will gain access to the unencrypted data stored on the server. As VPN servers are not under the direct physical control of IVPN they have been designed with the expectation that they will be compromised. To protect the privacy of IVPN customers the following controls are implemented:  
+    * No logs relating to the customer connection or network activity generated by an IVPN user are created or stored. This includes not creating any temporary or in-memory logs.
+    * No storage of information relating to an IVPN user’s account i.e. authentication credentials are not stored locally.
+    * 24/7 monitoring of all servers to alert IVPN of any suspicious activity or if a server is taken offline. If a server is offline and there no evidence from the data center that it is a hardware fault then procedures are followed to revoke the certificates on the server to prevent a potential MITM attack.
+
+    ## Part III. Security Protocols and Protections
+
+7.  ### What do you do to protect against unauthorized access to customer data flows over the VPN?
+
+    #### Administrative controls  
+    * Implementation of an Information Security Management System (ISMS) based on ISO 27001.
+    * Background screening of all employees.
+    * Mandatory information security training.
+    * Vetting of data centers where servers are hosted.
+    * Patch management policy to ensure consistent and rapid resolution of vulnerabilities.
+    * VPN servers do not store any logs relating to the customer connection or network activity generated by the customer. VPN gateways do not store any information relating to a users account e.g. authentication credentials.
+
+    #### Technical controls  
+    * Enforcement of 2FA for system access to all servers.
+    * Access control using a private company VPN with RSA 4096 certificates for authentication.
+    * Mandatory Access Controls (SELinux).
+    * Firewalled IPMI.
+    * Full disk encryption (LUKS) requiring password entry at boot.
+    * Configuration management software to enforce consistent configuration and security controls based on CIS Benchmarks.
+    * 24/7 systems monitoring and alerting of suspicious system activity using host-based integrity protection.
+
+    #### Customer connections  
+    * Customer VPN connections are secured using OpenVPN with RSA-4096 / AES-256-GCM keys.
+    * Full mesh multi-hop network – IVPN customers can choose to connect to any location in the IVPN infrastructure and have their VPN traffic exit in any other location. To enable this functionality, secure VPN tunnels are established between every server in the IVPN network. This makes it significantly more difficult for an adversary to gain access to a server as the servers would be in multiple jurisdictions. In addition, should the exit server be compromised the adversary would not be able to trace an IVPN customer’s connection other than to the entry VPN server.
+
+8.  ### What other controls does the service use to protect user data?
+
+    * IVPN accepts anonymous payments using cash since 2010. Customers are also able to pay anonymously using Bitcoin if they are able to source Bitcoins anonymously.
+    * All VPN servers are built using Open Source software e.g. CentOS, OpenVPN, StrongSWAN etc.
+    * [Vulnerability disclosure](/vulnerability-reporting/) process.
+    * [Warrant canary](/resources/canary.txt).
+    * IVPN is a transparent organisation with published information [about staff](/team/) on the website and Linkedin profiles.
+    * In-depth [privacy guides](/privacy-guides/) for IVPN customers.
diff --git a/src/content/es/pages/what-is-vpn.md b/src/content/es/pages/what-is-vpn.md
new file mode 100644
index 000000000..871bb5821
--- /dev/null
+++ b/src/content/es/pages/what-is-vpn.md
@@ -0,0 +1,28 @@
+---
+title: What is a VPN?
+description: What is a VPN? A VPN or Virtual Private Network encrypts data sent between computers on the Internet. When using a VPN for privacy, your data is encrypted so your ISP or mobile network provider cannot surveil your internet activity.
+url: /what-is-a-vpn/
+---
+# What is a VPN?
+
+A VPN or Virtual Private Network encrypts data sent between computers on the Internet. When using a VPN for privacy, your data is encrypted so your ISP or mobile network provider cannot surveil your internet activity.
+
+### Alice’s ISP can track every site she visits, and so can yours.
+
+{{< figure class="features__image--light" src="/images-static/uploads/what-is-a-vpn-alice.svg" alt="What is a VPN - Alice ISP" >}}
+{{< figure class="features__image--dark" src="/images-static/uploads/what-is-a-vpn-alice-dark.svg" alt="What is a VPN - Alice ISP" >}}
+
+Without a VPN you connect to the internet through your internet service provider (ISP) and risk exposing your private Internet activity. If you are not using HTTPS then every site you visit, and the content that you view or download, can be tracked by your ISP. It's like sending confidential messages using postcards except that unlike your post office, your ISP can record and store every message with almost zero effort and cost. Even if you are using HTTPS, the IP address or domain being visited can still be tracked by the ISP. 
+
+Even on public Wi-Fi, your data can be intercepted by eavesdroppers or hackers. Your activity or personal data may be intercepted without your knowledge, leaving you exposed.
+
+Take a look at Alice’s case, as shown in the diagram. Her traffic is flowing through the ISP without any encryption, and so her ISP is able to record exactly where she is connected. In addition, the servers she is connected to also log her private IP address, affording her no privacy.
+
+### Bob uses IVPN to protect his privacy instead.
+
+{{< figure class="features__image--light" src="/images-static/uploads/what-is-a-vpn-bob-ivpn.svg" alt="What is a VPN - Bob IVPN" >}}
+{{< figure class="features__image--dark" src="/images-static/uploads/what-is-a-vpn-bob-ivpn-dark.svg" alt="What is a VPN - Bob IVPN" >}}
+
+With IVPN, you first connect to one of our secure servers through your ISP. Once connected, all of your online activity is encrypted and cannot be monitored or logged by your ISP. In addition, your data is protected from eavesdroppers or hackers positioned between your computer and ISP.
+
+In Bob’s case, he is connected to an IVPN server and therefore all traffic going through his ISP is encrypted. The ISP can only record that Bob is connected to an IVPN server, nothing else. The servers he is connected to see only that the IVPN server is connected to them and therefore can only record the IP address of the IVPN server in their logs. The best VPN services will diligently ensure that they do not log any user connection data, ensuring their customers' privacy.
diff --git a/src/content/es/pages/wireguard-vpn.md b/src/content/es/pages/wireguard-vpn.md
new file mode 100644
index 000000000..e32f32987
--- /dev/null
+++ b/src/content/es/pages/wireguard-vpn.md
@@ -0,0 +1,85 @@
+---
+title: WireGuard VPN protocol for privacy - start using with IVPN
+description: WireGuard is a revolutionary VPN protocol that promises better security and faster speeds compared to existing solutions. IVPN offers WireGuard in our Windows, macOS, Linux, Android and iOS apps. Get set up and running with WireGuard VPN in two minutes.
+url: /wireguard/
+---
+# WireGuard<sup>®</sup> VPN
+
+[WireGuard](https://www.wireguard.com/) is a revolutionary VPN protocol using state-of-the-art cryptography that promises better security and faster speeds compared to existing solutions. See the [WireGuard protocol page](https://www.wireguard.com/) for a quick overview of the protocol and cryptography. For an in-depth discussion review the [technical white paper](https://www.wireguard.com/papers/wireguard.pdf).
+
+## IVPN + WireGuard
+
+Since its merge into Linux Kernel v5.6, the release of WireGuard 1.0 and a 3rd party security audit, we consider the protocol to be ready for wide-scale use. We consider WireGuard to be the best protocol for most customers due to its exceptional performance, security properties, ability to roam between IP addresses without packet loss or disconnections and instantly connect/disconnect.
+
+However, WireGuard® was not designed with privacy VPN providers in mind. In addition, it leaves certain aspects (e.g. IP address assignment, key distribution etc.) to the responsibility of the implementer. As a result some privacy issues exist which all responsible VPN providers must resolve. These issues do not in any way represent a weakness of the WireGuard protocol itself, they are simply aspects which the protocol designers intentionally left out. We have identified and implemented the following solutions on the IVPN network.
+
+<span class="badge">Issue</span>
+
+#### Public IP address of peer is stored in memory indefinitely
+
+We have implemented a key management daemon on all servers which scans the list of peers where the latest handshake time > 180 seconds and deletes/reinstates their configuration.
+
+<span class="badge">Issue</span>
+
+#### No mechanism for tunnel IP address allocation or rotation
+
+IVPN apps automatically and transparently call backend every 24 hours to generate new random IP address and distribute to all servers.
+
+<span class="badge">Issue</span>
+
+#### No identity-hiding forward secrecy
+
+IVPN apps automatically and transparently regenerates new key pair every 24 hours and upload public key to backend to distribute to all servers. 
+
+## WireGuard  FAQ
+
+#### How can I use WireGuard?
+
+* [Set up your own WireGuard server](https://www.wireguard.com/quickstart/) and connect using one of the official client apps.
+* Subscribe to a VPN provider that supports WireGuard. While IVPN is not the only service to offer WireGuard, we were [early adopters](/blog/introducing-wireguard-fully-automated/) and have significant experience in supporting it.
+
+#### Which operating systems does WireGuard support?
+
+WireGuard supports all major operating systems. Support for WireGuard is built in to IVPN’s Windows, macOS, Linux, Android and iOS apps.
+
+#### What cryptography is used in WireGuard?
+
+WireGuard utilizes the following protocols and primitives:
+
+* [ChaCha20](http://cr.yp.to/chacha.html) for symmetric encryption, authenticated with [Poly1305](http://cr.yp.to/mac.html), using [RFC7539's AEAD construction](https://tools.ietf.org/html/rfc7539)
+* [Curve25519](http://cr.yp.to/ecdh.html) for ECDH
+* [BLAKE2s](https://blake2.net/) for hashing and keyed hashing, as described in [RFC7693](https://tools.ietf.org/html/rfc7693)
+* [SipHash](http://cr.yp.to/siphash/siphash-20120918.pdf) for hashtable keys
+* [HKDF](https://eprint.iacr.org/2010/264) for key derivation, as described in [RFC5869](https://tools.ietf.org/html/rfc5869)
+* [Noise_IK handshake](https://www.wireguard.com/protocol/#key-exchange-and-data-packets) from [Noise](http://noiseprotocol.org/noise.pdf), building on the work of [CurveCP](http://www.curvecp.org/), [NaCL](http://cr.yp.to/highspeed/naclcrypto-20090310.pdf), [KEA+](http://research.microsoft.com/en-us/um/people/klauter/security_of_kea_ake_protocol.pdf), [SIGMA](http://webee.technion.ac.il/~hugo/sigma-pdf.pdf), [FHMQV](https://eprint.iacr.org/2009/408.pdf), and [HOMQV](https://eprint.iacr.org/2010/638.pdf)
+* All packets are sent over UDP
+
+#### Where do you have WireGuard servers?
+
+We offer WireGuard servers in 45 locations in 32 countries. Review the full list of servers on our [server status page](/status/).
+
+#### I’m an IVPN subscriber. Do I need to register for WireGuard?
+
+WireGuard is available and ready for use for all existing IVPN customers. You do not need to sign up separately.
+
+#### Do you offer all features of IVPN for WireGuard?
+
+We support the same security and privacy features as with OpenVPN e.g. Firewall, Trusted networks, AntiTracker and Multi-hop.
+
+#### Do you offer IPv6 support for WireGuard?
+
+Yes.
+
+#### What ports do you use for WireGuard?
+
+UDP ports 53, 80, 443, 1194, 2049, 2050, 30587, 41893, 48574, 58237.
+
+#### Do I need to manually create and add a public key in the IVPN Client Area when adding a new device?
+
+No, when using the IVPN app keys are automatically generated and the public key uploaded to our server the moment you select the WireGuard protocol in the app.
+
+If you are not using an IVPN app you can also generate and download WireGuard configuration files in the [Client Area](/account/wireguard-config).
+
+#### What DNS server is used when connecting with WireGuard?
+
+We host our own log-less DNS servers which are pushed and applied automatically to your device when you connect. When connected the IP address of the DNS server is 172.16.0.1
diff --git a/src/i18n/en.toml b/src/i18n/en.toml
new file mode 100644
index 000000000..35c4214e5
--- /dev/null
+++ b/src/i18n/en.toml
@@ -0,0 +1,2 @@
+[home]
+other = "Home"
diff --git a/src/static/images/lang.svg b/src/static/images/lang.svg
new file mode 100644
index 000000000..52e4daff9
--- /dev/null
+++ b/src/static/images/lang.svg
@@ -0,0 +1,6 @@
+<?xml version="1.0"?><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 100 100"><circle cx="50" cy="50" r="40" fill="#a0c8d7" stroke="#323232" stroke-width="5" stroke-linecap="round" stroke-linejoin="round" stroke-miterlimit="10"/><ellipse cx="50" cy="50" rx="21.818" ry="40" fill="none" stroke="#323232" stroke-width="5" stroke-linecap="round" stroke-linejoin="round" stroke-miterlimit="10"/><path fill="none" stroke="#323232" stroke-width="5" stroke-linecap="round" stroke-linejoin="round" stroke-miterlimit="10" d="M50 10v80"/><path fill="none" stroke="#323232" stroke-width="5" stroke-linecap="round" stroke-linejoin="round" stroke-miterlimit="10" d="M12.713 35.521h74.649"/><path fill="none" stroke="#323232" stroke-width="5" stroke-linecap="round" stroke-linejoin="round" stroke-miterlimit="10" d="M12.713 63.752h74.649"/><path d="M76.874 20.373c.11 1.481.181 2.974.181 4.486 0 30.154-22.337 54.598-49.891 54.598-1.504 0-2.988-.086-4.458-.228C29.854 85.906 39.446 90 50 90c22.091 0 40-17.909 40-40 0-11.746-5.064-22.31-13.126-29.627z" opacity=".1" stroke="#000" stroke-width="5" stroke-linecap="round" stroke-linejoin="round" stroke-miterlimit="10"/><metadata xmlns:d="https://loading.io/stock/">
+<d:name>language</d:name>
+<d:tags>language,international,foreign,global,relocate,transfer,move,rotate,spin</d:tags>
+<d:license>by</d:license>
+<d:slug>boxs49</d:slug>
+</metadata></svg>
\ No newline at end of file
diff --git a/src/themes/ivpn-v3/assets/js/assets/icons/lgn.svg b/src/themes/ivpn-v3/assets/js/assets/icons/lgn.svg
new file mode 100644
index 000000000..52e4daff9
--- /dev/null
+++ b/src/themes/ivpn-v3/assets/js/assets/icons/lgn.svg
@@ -0,0 +1,6 @@
+<?xml version="1.0"?><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 100 100"><circle cx="50" cy="50" r="40" fill="#a0c8d7" stroke="#323232" stroke-width="5" stroke-linecap="round" stroke-linejoin="round" stroke-miterlimit="10"/><ellipse cx="50" cy="50" rx="21.818" ry="40" fill="none" stroke="#323232" stroke-width="5" stroke-linecap="round" stroke-linejoin="round" stroke-miterlimit="10"/><path fill="none" stroke="#323232" stroke-width="5" stroke-linecap="round" stroke-linejoin="round" stroke-miterlimit="10" d="M50 10v80"/><path fill="none" stroke="#323232" stroke-width="5" stroke-linecap="round" stroke-linejoin="round" stroke-miterlimit="10" d="M12.713 35.521h74.649"/><path fill="none" stroke="#323232" stroke-width="5" stroke-linecap="round" stroke-linejoin="round" stroke-miterlimit="10" d="M12.713 63.752h74.649"/><path d="M76.874 20.373c.11 1.481.181 2.974.181 4.486 0 30.154-22.337 54.598-49.891 54.598-1.504 0-2.988-.086-4.458-.228C29.854 85.906 39.446 90 50 90c22.091 0 40-17.909 40-40 0-11.746-5.064-22.31-13.126-29.627z" opacity=".1" stroke="#000" stroke-width="5" stroke-linecap="round" stroke-linejoin="round" stroke-miterlimit="10"/><metadata xmlns:d="https://loading.io/stock/">
+<d:name>language</d:name>
+<d:tags>language,international,foreign,global,relocate,transfer,move,rotate,spin</d:tags>
+<d:license>by</d:license>
+<d:slug>boxs49</d:slug>
+</metadata></svg>
\ No newline at end of file
diff --git a/src/themes/ivpn-v3/assets/scss/config/grid.scss b/src/themes/ivpn-v3/assets/scss/config/grid.scss
index 225d11c16..b5d81594a 100644
--- a/src/themes/ivpn-v3/assets/scss/config/grid.scss
+++ b/src/themes/ivpn-v3/assets/scss/config/grid.scss
@@ -1,4 +1,4 @@
-$container: 1080px;
+$container: 1180px;
 
 $default-grid-gutter: 24px;
 
diff --git a/src/themes/ivpn-v3/layouts/_default/baseof.html b/src/themes/ivpn-v3/layouts/_default/baseof.html
index 2e9a45a9e..c569909d0 100644
--- a/src/themes/ivpn-v3/layouts/_default/baseof.html
+++ b/src/themes/ivpn-v3/layouts/_default/baseof.html
@@ -13,7 +13,7 @@
     {{ end }}
   </head>
     <body onclick="">{{/* onclick="" fixes iOS Safari :hover touch events */}}
-        <script>let t = localStorage.getItem('theme');if (t) {document.body.className=t + '-theme';}</script>               
+        <script>let t = localStorage.getItem('theme');if (t) {document.body.className=t + '-theme';}</script>            
         {{- partial "header.html" . -}}
         <main>
             {{- block "main" . }}{{- end }}
diff --git a/src/themes/ivpn-v3/layouts/blog/single.html b/src/themes/ivpn-v3/layouts/blog/single.html
index 2a287e445..d1de383c8 100644
--- a/src/themes/ivpn-v3/layouts/blog/single.html
+++ b/src/themes/ivpn-v3/layouts/blog/single.html
@@ -1,19 +1,19 @@
 {{ define "main" }}
 <section class="blog-article">
     <div class="breadcrumb">
-        <a href="/blog/">IVPN Blog</a><span class="breadcrumb-seperator">></span>{{ range .Params.categories }}{{ with ($.Site.GetPage (printf "/categories/%s" (. | urlize))) }}<a href="{{ .URL }}">{{ .Title }}</a>{{ end }}{{ end }}<span class="breadcrumb-seperator">></span>{{ .Title }}
+        <a href="/blog/">IVPN Blog</a><span class="breadcrumb-seperator">></span>{{ range .Params.categories }}{{ with ($.Site.GetPage (printf "/categories/%s" (. | urlize))) }}<a href="{{ .Permalink }}">{{ .Title }}</a>{{ end }}{{ end }}<span class="breadcrumb-seperator">></span>{{ .Title }}
     </div>
     <div class="blog-article__heading">
         <h1>{{ .Title }}</h1>
         <p>
             {{ range .Params.categories }}
                 {{ with ($.Site.GetPage (printf "/categories/%s" (. | urlize))) }}
-                    <a href="{{ .URL }}" class="badge">{{ .Title }}</a>
+                    <a href="{{ .Permalink }}" class="badge">{{ .Title }}</a>
                 {{ end }}
             {{ end }}
             {{ range .Params.authors }}
                 {{ with ($.Site.GetPage (printf "/authors/%s" (. | urlize))) }}
-                    By <a href="{{ .URL }}">{{ .Title }}</a> |
+                    By <a href="{{ .Permalink }}">{{ .Title }}</a> |
                 {{ end }}
             {{ end }}
             Posted on {{ .Date.Format "January 2, 2006"}}
@@ -68,14 +68,14 @@ <h3>{{ len .Params.comments }} Comments</h3>
                 <div class="blog-article__highlighted">
                     {{ range .Params.categories }}
                         {{ with ($.Site.GetPage (printf "/categories/%s" (. | urlize))) }}
-                            <a href="{{ .URL }}" class="badge">{{ .Title }}</a>
+                            <a href="{{ .Permalink }}" class="badge">{{ .Title }}</a>
                         {{ end }}
                     {{ end }}
-                    <h4><a href="{{ .Page.URL }}">{{ .Page.Title }}</a></h4>
+                    <h4><a href="{{ .Page.Permalink }}">{{ .Page.Title }}</a></h4>
                     <p class="blog-article__highlighted-meta">
                         {{ range .Params.authors }}
                             {{ with ($.Site.GetPage (printf "/authors/%s" (. | urlize))) }}
-                                By <a href="{{ .URL }}">{{ .Title }}</a>
+                                By <a href="{{ .Permalink }}">{{ .Title }}</a>
                             {{ end }}
                         {{ end }}
                     </p>
@@ -93,22 +93,22 @@ <h4><a href="{{ .Page.URL }}">{{ .Page.Title }}</a></h4>
                 <div class="blog-article__related">
                     <div class="blog-article__related-image">
                         {{ if .Params.thumbnailImage }}
-                            <a href="{{ .Page.URL }}">
+                            <a href="{{ .Page.Permalink }}">
                                 <img src="{{ site.Params.cdnUrl }}{{ .Params.thumbnailImage }}" alt="{{ .Title }}">
                             </a>
                         {{ end }}
                         {{ range .Params.categories }}
                             {{ with ($.Site.GetPage (printf "/categories/%s" (. | urlize))) }}
-                                <a href="{{ .URL }}" class="badge">{{ .Title }}</a>
+                                <a href="{{ .Permalink }}" class="badge">{{ .Title }}</a>
                             {{ end }}
                         {{ end }}
                     </div>
-                    <h4><a href="{{ .Page.URL }}">{{ .Page.Title }}</a></h4>
+                    <h4><a href="{{ .Page.Permalink }}">{{ .Page.Title }}</a></h4>
                     <p class="blog-article__related-meta">
                         Posted on {{ .Date.Format "January 2, 2006"}} by
                         {{ range .Params.authors }}
                             {{ with ($.Site.GetPage (printf "/authors/%s" (. | urlize))) }}
-                                <a href="{{ .URL }}">{{ .Title }}</a>
+                                <a href="{{ .Permalink }}">{{ .Title }}</a>
                             {{ end }}
                         {{ end }}
                     </p>
diff --git a/src/themes/ivpn-v3/layouts/pages/guides.html b/src/themes/ivpn-v3/layouts/pages/guides.html
index 0b394d641..b3ec34327 100644
--- a/src/themes/ivpn-v3/layouts/pages/guides.html
+++ b/src/themes/ivpn-v3/layouts/pages/guides.html
@@ -5,7 +5,7 @@
         <h2>Get started</h2>
         <section class="guides">
             {{ range where .Pages "Params.section" "Basic" }}
-            <a href="{{ .URL }}">
+            <a href="{{ .Permalink }}">
                 <span>{{ .Title }}</span>
                 <em>Read more</em>
             </a>
@@ -14,7 +14,7 @@ <h2>Get started</h2>
         <h2>Advanced Privacy and Anonymity</h2>
         <section class="guides">
             {{ range where .Pages "Params.section" "Advanced" }}
-            <a href="{{ .URL }}">
+            <a href="{{ .Permalink }}">
                 <span>{{ .Title }}</span>
                 <em>Read more</em>
             </a>
@@ -23,7 +23,7 @@ <h2>Advanced Privacy and Anonymity</h2>
         <h2>Misc</h2>
         <section class="guides">
             {{ range where .Pages "Params.section" "Misc" }}
-            <a href="{{ .URL }}">
+            <a href="{{ .Permalink }}">
                 <span>{{ .Title }}</span>
                 <em>Read more</em>
             </a>
diff --git a/src/themes/ivpn-v3/layouts/pages/help-details.html b/src/themes/ivpn-v3/layouts/pages/help-details.html
index 9e0540cce..2840baf37 100644
--- a/src/themes/ivpn-v3/layouts/pages/help-details.html
+++ b/src/themes/ivpn-v3/layouts/pages/help-details.html
@@ -34,7 +34,7 @@ <h3>Related Articles</h3>
                         {{ if isset .Params "h1" }}
                             {{ if not (in .Params.h1 $pageH1) }}
                             <li>
-                                <a href="{{ .URL }}">{{ .Params.h1 }}</a>
+                                <a href="{{ .Permalink }}">{{ .Params.h1 }}</a>
                             </li>
                             {{ end }}
                         {{ end }}
diff --git a/src/themes/ivpn-v3/layouts/pages/help.html b/src/themes/ivpn-v3/layouts/pages/help.html
index 0b6efd439..32b71a062 100644
--- a/src/themes/ivpn-v3/layouts/pages/help.html
+++ b/src/themes/ivpn-v3/layouts/pages/help.html
@@ -28,7 +28,7 @@ <h1>Help Center</h1>
                 <ul class="list">
                     {{ range where .Site.Pages ".Params.sections" "intersect" (slice .Params.section) }}
                     <li>
-                        <a href="{{ .URL }}">{{ .Params.h1 }}</a>
+                        <a href="{{ .Permalink }}">{{ .Params.h1 }}</a>
                     </li>
                     {{ end }}
                 </ul>
diff --git a/src/themes/ivpn-v3/layouts/pages/setup-article.html b/src/themes/ivpn-v3/layouts/pages/setup-article.html
index 3bcd4e286..f89b9825b 100644
--- a/src/themes/ivpn-v3/layouts/pages/setup-article.html
+++ b/src/themes/ivpn-v3/layouts/pages/setup-article.html
@@ -7,7 +7,7 @@ <h1>{{ .Params.section }}</h1>
             <nav id="nav">
                 {{ $listItem := .Params.listItem }}
                 {{ range .Parent.Pages }}
-                <a class="{{ if eq .Params.listItem $listItem }}active{{ end }}" href="{{ .URL }}">{{ .Params.listItem }}</a>
+                <a class="{{ if eq .Params.listItem $listItem }}active{{ end }}" href="{{ .Permalink }}">{{ .Params.listItem }}</a>
                 {{ end }}
             </nav>
             <main id="main">
diff --git a/src/themes/ivpn-v3/layouts/pages/setup-list.html b/src/themes/ivpn-v3/layouts/pages/setup-list.html
index 1351e605d..c54736be1 100644
--- a/src/themes/ivpn-v3/layouts/pages/setup-list.html
+++ b/src/themes/ivpn-v3/layouts/pages/setup-list.html
@@ -6,7 +6,7 @@ <h1>{{ .Params.section }}</h1>
         <div class="listing">
             <nav id="nav">
                 {{ range .Pages }}
-                <a href="{{ .URL }}">{{ .Params.listItem }}</a>
+                <a href="{{ .Permalink }}">{{ .Params.listItem }}</a>
                 {{ end }}
             </nav>
             <main id="main">
diff --git a/src/themes/ivpn-v3/layouts/partials/blog-article.html b/src/themes/ivpn-v3/layouts/partials/blog-article.html
index b46d898a2..d42b15a38 100644
--- a/src/themes/ivpn-v3/layouts/partials/blog-article.html
+++ b/src/themes/ivpn-v3/layouts/partials/blog-article.html
@@ -1,5 +1,5 @@
 <article class="article">
-    <a href="{{ .Page.URL }}" class="article__image {{ if eq .Params.thumbnailImage nil }}article__image--placeholder{{ end }}">
+    <a href="{{ .Page.Permalink }}" class="article__image {{ if eq .Params.thumbnailImage nil }}article__image--placeholder{{ end }}">
         {{ if .Params.thumbnailImage }}
             <img src="{{ site.Params.cdnUrl }}{{ .Params.thumbnailImage }}" class="img-fluid" alt="{{ .Page.Title }}"/>
         {{ else }}
@@ -9,20 +9,20 @@
     <div class="article__summary">
         {{ range .Params.categories }}
             {{ with ($.Site.GetPage (printf "/categories/%s" (. | urlize))) }}
-                <a href="{{ .URL }}" class="badge">{{ .Title }}</a>
+                <a href="{{ .Permalink }}" class="badge">{{ .Title }}</a>
             {{ end }}
         {{ end }}
-        <h3><a href="{{ .Page.URL }}">{{ .Page.Title }}</a></h3>
+        <h3><a href="{{ .Page.Permalink}}">{{ .Page.Title }}</a></h3>
         <p class="article-meta">
             {{ range .Params.authors }}
                 {{ with ($.Site.GetPage (printf "/authors/%s" (. | urlize))) }}
-                    By <a href="{{ .URL }}">{{ .Title }}</a> |
+                    By <a href="{{ .Permalink }}">{{ .Title }}</a> |
                 {{ end }}
             {{ end }}
             Posted on {{ .Page.Date.Format "January 2, 2006"}}
         </p>
 
         <p class="article-summary">{{ .Page.Summary | safeHTML }}</p>
-        <a class="article-continue" href="{{ .Page.URL }}">Continue reading</a>
+        <a class="article-continue" href="{{ .Page.Permalink }}">Continue reading</a>
     </div>
 </article>
diff --git a/src/themes/ivpn-v3/layouts/partials/blog-categories.html b/src/themes/ivpn-v3/layouts/partials/blog-categories.html
index b7bd7893f..cc63e4226 100644
--- a/src/themes/ivpn-v3/layouts/partials/blog-categories.html
+++ b/src/themes/ivpn-v3/layouts/partials/blog-categories.html
@@ -1,7 +1,7 @@
 <section class="blog__categories">
     {{ range sort .Site.Taxonomies.categories ".Page.Weight" "asc" }}
         <div class="blog__category">
-            <a href="{{ .Page.URL }}">
+            <a href="{{ .Page.Permalink }}">
                 <span class="title">{{ .Page.Title }}</span>
                 <span class="sub-title">({{ .Count }} {{ if eq .Count 1 }}article{{ else }}articles{{ end }})</span>
             </a>
diff --git a/src/themes/ivpn-v3/layouts/partials/blog-side-bar.html b/src/themes/ivpn-v3/layouts/partials/blog-side-bar.html
index d5ccfd9a2..fa56f8115 100644
--- a/src/themes/ivpn-v3/layouts/partials/blog-side-bar.html
+++ b/src/themes/ivpn-v3/layouts/partials/blog-side-bar.html
@@ -1,7 +1,7 @@
 <div>
     <p class="sidebar-header">Tags</p>
     {{ range .Site.Taxonomies.tags }}
-        <a href="{{ .Page.URL }}" rel="noindex, dofollow" class="tag">{{ .Page.Title }}</a>
+        <a href="{{ .Page.Permalink }}" rel="noindex, dofollow" class="tag">{{ .Page.Title }}</a>
     {{ end }}
 </div>
 <div class="blog__highlighted">
@@ -10,14 +10,14 @@
         <div class="blog__highlighted-article blog__highlighted-article--border-top">
             {{ range .Params.categories }}
                 {{ with ($.Site.GetPage (printf "/categories/%s" (. | urlize))) }}
-                    <a href="{{ .URL }}" class="badge steel-badge">{{ .Title }}</a>
+                    <a href="{{ .Permalink }}" class="badge steel-badge">{{ .Title }}</a>
                 {{ end }}
             {{ end }}
-            <h4><a href="{{ .Page.URL }}">{{ .Page.Title }}</a></h4>
+            <h4><a href="{{ .Page.Permalink }}">{{ .Page.Title }}</a></h4>
             <p class="blog__highlighted-meta">
                 {{ range .Params.authors }}
                     {{ with ($.Site.GetPage (printf "/authors/%s" (. | urlize))) }}
-                        By <a href="{{ .URL }}">{{ .Title }}</a>
+                        By <a href="{{ .Permalink }}">{{ .Title }}</a>
                     {{ end }}
                 {{ end }}
             </p>
diff --git a/src/themes/ivpn-v3/layouts/partials/header.html b/src/themes/ivpn-v3/layouts/partials/header.html
index 6b6ef57b9..238d67d98 100644
--- a/src/themes/ivpn-v3/layouts/partials/header.html
+++ b/src/themes/ivpn-v3/layouts/partials/header.html
@@ -58,6 +58,16 @@
                 </li>
             {{ end }}
         {{ end }}
+
+        <div class='login-menu'>
+            <li class="navigation__item submenu" id="{{ urlize .Name }}">
+                <a class="navigation__link navigation__link--is-cta" href="#"><img width="25" height="25" src="/images/lang.svg"></a><span class='dropdown_icon'></span>
+                <ul class='submenu__items'>
+                {{ range $.Site.Home.AllTranslations }}
+                <li><a  class='navigation__link' href="{{ .RelPermalink }}">{{ .Language.LanguageName }}</a></li>
+                {{ end }}
+                </ul>
+        </div>
     </ul>
     <div class="mobile-navigation">
 
diff --git a/src/themes/ivpn-v3/package.json b/src/themes/ivpn-v3/package.json
index 6e30ffd1b..ac9cc29ea 100644
--- a/src/themes/ivpn-v3/package.json
+++ b/src/themes/ivpn-v3/package.json
@@ -40,7 +40,9 @@
     "yarn-upgrade-all": "^0.7.2"
   },
   "dependencies": {
+    "@intlify/unplugin-vue-i18n": "^4.0.0",
     "vue-country-flag-next": "^2.3.2",
+    "vue-i18n": "9",
     "vue-multiselect": "^3.0.0-beta.1"
   }
 }
diff --git a/src/themes/ivpn-v3/package.json.bak b/src/themes/ivpn-v3/package.json.bak
new file mode 100644
index 000000000..ae2610e80
--- /dev/null
+++ b/src/themes/ivpn-v3/package.json.bak
@@ -0,0 +1,47 @@
+{
+  "name": "ivpn-v3",
+  "version": "1.0.0",
+  "main": "index.js",
+  "license": "MIT",
+  "private": true,
+  "scripts": {
+    "watch": "npm run development -- --watch",
+    "development": "cross-env NODE_ENV=development ENV_FILE=./.env.development node_modules/webpack/bin/webpack.js --progress --config=node_modules/laravel-mix/setup/webpack.config.js",
+    "staging": "cross-env NODE_ENV=staging node_modules/webpack/bin/webpack.js --progress --config=node_modules/laravel-mix/setup/webpack.config.js",
+    "production": "cross-env NODE_ENV=production node_modules/webpack/bin/webpack.js --config=node_modules/laravel-mix/setup/webpack.config.js",
+    "copy:manifest": "cp static/mix-manifest.json data/manifest.json"
+  },
+  "devDependencies": {
+    "@vue/compat": "^3.2.47",
+    "@vue/compiler-sfc": "^3.2.47",
+    "braintree-web": "^3.92.1",
+    "cross-env": "^7.0.2",
+    "date-fns": "^2.29.3",
+    "file-saver": "^2.0.5",
+    "flexbox-grid-mixins": "^0.3.4",
+    "ip-num": "^1.5.1",
+    "js-cookie": "^3.0.1",
+    "jszip": "^3.10.1",
+    "laravel-mix": "^6.0.49",
+    "laravel-mix-bundle-analyzer": "^1.0.5",
+    "lunr": "^2.3.9",
+    "mix-env-file": "^0.1.1",
+    "paypal-checkout": "^4.0.336",
+    "postcss": "^8.4.31",
+    "qrcode-generator": "^1.4.4",
+    "resolve-url-loader": "^5.0.0",
+    "sass": "^1.54.9",
+    "sass-loader": "^13.0.2",
+    "vue": "^3.2.47",
+    "vue-loader": "^17.0.1",
+    "vue-router": "^4.1.6",
+    "vue-select": "^4.0.0-beta.5",
+    "vuex": "^4.1.0",
+    "yarn-upgrade-all": "^0.7.2"
+  },
+  "dependencies": {
+    "@getalby/bitcoin-connect": "^3.2.1",
+    "vue-country-flag-next": "^2.3.2",
+    "vue-multiselect": "^3.0.0-beta.1"
+  }
+}
diff --git a/src/themes/ivpn-v3/webpack.mix.js b/src/themes/ivpn-v3/webpack.mix.js
index 0a0271404..a03d6af37 100644
--- a/src/themes/ivpn-v3/webpack.mix.js
+++ b/src/themes/ivpn-v3/webpack.mix.js
@@ -4,6 +4,8 @@ let path = require('path');
 require('laravel-mix-bundle-analyzer');
 require('mix-env-file');
 
+const VueI18nPlugin = require('@intlify/unplugin-vue-i18n/webpack')
+
 /*
  |--------------------------------------------------------------------------
  | Mix Asset Management
@@ -24,7 +26,10 @@ mix.webpackConfig({
             '@': path.resolve('assets/js'),
             'scss': path.resolve('assets/scss'),
         }
-    }
+    },
+    plugins: [
+        VueI18nPlugin({})
+    ]
 });
 
 // if (mix.inProduction()) {
diff --git a/src/themes/ivpn-v3/yarn-error.log b/src/themes/ivpn-v3/yarn-error.log
new file mode 100644
index 000000000..abfb110e7
--- /dev/null
+++ b/src/themes/ivpn-v3/yarn-error.log
@@ -0,0 +1,6094 @@
+Arguments: 
+  /Users/nathan/.nvm/versions/node/v20.8.0/bin/node /opt/homebrew/Cellar/yarn/1.22.19/libexec/bin/yarn.js --cwd ./src/themes/ivpn-v3/
+
+PATH: 
+  /Users/nathan/.nvm/versions/node/v20.8.0/bin:/usr/local/bin:/opt/homebrew/bin:/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin:/usr/local/MacGPG2/bin:/usr/local/go/bin
+
+Yarn version: 
+  1.22.19
+
+Node version: 
+  20.8.0
+
+Platform: 
+  darwin arm64
+
+Trace: 
+  SyntaxError: Invalid value type 2709:0 in /Users/nathan/ivpn/ivpn.net/src/themes/ivpn-v3/yarn.lock
+      at Parser.unexpected (/opt/homebrew/Cellar/yarn/1.22.19/libexec/lib/cli.js:63491:11)
+      at Parser.parse (/opt/homebrew/Cellar/yarn/1.22.19/libexec/lib/cli.js:63619:16)
+      at Parser.parse (/opt/homebrew/Cellar/yarn/1.22.19/libexec/lib/cli.js:63596:26)
+      at parse (/opt/homebrew/Cellar/yarn/1.22.19/libexec/lib/cli.js:63696:21)
+      at module.exports.exports.default (/opt/homebrew/Cellar/yarn/1.22.19/libexec/lib/cli.js:63258:96)
+      at Function.<anonymous> (/opt/homebrew/Cellar/yarn/1.22.19/libexec/lib/cli.js:3068:63)
+      at Generator.next (<anonymous>)
+      at step (/opt/homebrew/Cellar/yarn/1.22.19/libexec/lib/cli.js:310:30)
+      at /opt/homebrew/Cellar/yarn/1.22.19/libexec/lib/cli.js:321:13
+
+npm manifest: 
+  {
+    "name": "ivpn-v3",
+    "version": "1.0.0",
+    "main": "index.js",
+    "license": "MIT",
+    "private": true,
+    "scripts": {
+      "watch": "npm run development -- --watch",
+      "development": "cross-env NODE_ENV=development ENV_FILE=./.env.development node_modules/webpack/bin/webpack.js --progress --config=node_modules/laravel-mix/setup/webpack.config.js",
+      "staging": "cross-env NODE_ENV=staging node_modules/webpack/bin/webpack.js --progress --config=node_modules/laravel-mix/setup/webpack.config.js",
+      "production": "cross-env NODE_ENV=production node_modules/webpack/bin/webpack.js --config=node_modules/laravel-mix/setup/webpack.config.js",
+      "copy:manifest": "cp static/mix-manifest.json data/manifest.json"
+    },
+    "devDependencies": {
+      "@vue/compat": "^3.2.47",
+      "@vue/compiler-sfc": "^3.2.47",
+      "braintree-web": "^3.92.1",
+      "cross-env": "^7.0.2",
+      "date-fns": "^2.29.3",
+      "file-saver": "^2.0.5",
+      "flexbox-grid-mixins": "^0.3.4",
+      "ip-num": "^1.5.1",
+      "js-cookie": "^3.0.1",
+      "jszip": "^3.10.1",
+      "laravel-mix": "^6.0.49",
+      "laravel-mix-bundle-analyzer": "^1.0.5",
+      "lunr": "^2.3.9",
+      "mix-env-file": "^0.1.1",
+      "paypal-checkout": "^4.0.336",
+      "postcss": "^8.4.31",
+      "qrcode-generator": "^1.4.4",
+      "resolve-url-loader": "^5.0.0",
+      "sass": "^1.54.9",
+      "sass-loader": "^13.0.2",
+      "vue": "^3.2.47",
+      "vue-loader": "^17.0.1",
+      "vue-router": "^4.1.6",
+      "vue-select": "^4.0.0-beta.5",
+      "vuex": "^4.1.0",
+      "yarn-upgrade-all": "^0.7.2"
+    },
+    "dependencies": {
+      "@getalby/bitcoin-connect": "^3.2.1",
+      "vue-country-flag-next": "^2.3.2",
+      "vue-multiselect": "^3.0.0-beta.1"
+    }
+  }
+
+yarn manifest: 
+  No manifest
+
+Lockfile: 
+  # THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+  # yarn lockfile v1
+  
+  
+  "@ampproject/remapping@^2.2.0":
+    version "2.2.0"
+    resolved "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.0.tgz"
+    integrity sha512-qRmjj8nj9qmLTQXXmaR1cck3UXSRMPrbsLJAasZpF+t3riI71BXed5ebIOYwQntykeZuhjsdweEc9BxH5Jc26w==
+    dependencies:
+      "@jridgewell/gen-mapping" "^0.1.0"
+      "@jridgewell/trace-mapping" "^0.3.9"
+  
+  "@babel/code-frame@^7.0.0", "@babel/code-frame@^7.21.4", "@babel/code-frame@^7.22.13":
+    version "7.22.13"
+    resolved "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz"
+    integrity sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==
+    dependencies:
+      "@babel/highlight" "^7.22.13"
+      chalk "^2.4.2"
+  
+  "@babel/compat-data@^7.17.7", "@babel/compat-data@^7.20.5", "@babel/compat-data@^7.21.4":
+    version "7.21.4"
+    resolved "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.21.4.tgz"
+    integrity sha512-/DYyDpeCfaVinT40FPGdkkb+lYSKvsVuMjDAG7jPOWWiM1ibOaB9CXJAlc4d1QpP/U2q2P9jbrSlClKSErd55g==
+  
+  "@babel/core@^7.0.0", "@babel/core@^7.0.0-0", "@babel/core@^7.12.0", "@babel/core@^7.13.0", "@babel/core@^7.15.8", "@babel/core@^7.4.0-0":
+    version "7.21.4"
+    resolved "https://registry.npmjs.org/@babel/core/-/core-7.21.4.tgz"
+    integrity sha512-qt/YV149Jman/6AfmlxJ04LMIu8bMoyl3RB91yTFrxQmgbrSvQMy7cI8Q62FHx1t8wJ8B5fu0UDoLwHAhUo1QA==
+    dependencies:
+      "@ampproject/remapping" "^2.2.0"
+      "@babel/code-frame" "^7.21.4"
+      "@babel/generator" "^7.21.4"
+      "@babel/helper-compilation-targets" "^7.21.4"
+      "@babel/helper-module-transforms" "^7.21.2"
+      "@babel/helpers" "^7.21.0"
+      "@babel/parser" "^7.21.4"
+      "@babel/template" "^7.20.7"
+      "@babel/traverse" "^7.21.4"
+      "@babel/types" "^7.21.4"
+      convert-source-map "^1.7.0"
+      debug "^4.1.0"
+      gensync "^1.0.0-beta.2"
+      json5 "^2.2.2"
+      semver "^6.3.0"
+  
+  "@babel/generator@^7.21.4", "@babel/generator@^7.23.0":
+    version "7.23.0"
+    resolved "https://registry.npmjs.org/@babel/generator/-/generator-7.23.0.tgz"
+    integrity sha512-lN85QRR+5IbYrMWM6Y4pE/noaQtg4pNiqeNGX60eqOfo6gtEj6uw/JagelB8vVztSd7R6M5n1+PQkDbHbBRU4g==
+    dependencies:
+      "@babel/types" "^7.23.0"
+      "@jridgewell/gen-mapping" "^0.3.2"
+      "@jridgewell/trace-mapping" "^0.3.17"
+      jsesc "^2.5.1"
+  
+  "@babel/helper-annotate-as-pure@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/helper-annotate-as-pure/-/helper-annotate-as-pure-7.18.6.tgz"
+    integrity sha512-duORpUiYrEpzKIop6iNbjnwKLAKnJ47csTyRACyEmWj0QdUrm5aqNJGHSSEQSUAvNW0ojX0dOmK9dZduvkfeXA==
+    dependencies:
+      "@babel/types" "^7.18.6"
+  
+  "@babel/helper-builder-binary-assignment-operator-visitor@^7.18.6":
+    version "7.18.9"
+    resolved "https://registry.npmjs.org/@babel/helper-builder-binary-assignment-operator-visitor/-/helper-builder-binary-assignment-operator-visitor-7.18.9.tgz"
+    integrity sha512-yFQ0YCHoIqarl8BCRwBL8ulYUaZpz3bNsA7oFepAzee+8/+ImtADXNOmO5vJvsPff3qi+hvpkY/NYBTrBQgdNw==
+    dependencies:
+      "@babel/helper-explode-assignable-expression" "^7.18.6"
+      "@babel/types" "^7.18.9"
+  
+  "@babel/helper-compilation-targets@^7.17.7", "@babel/helper-compilation-targets@^7.18.9", "@babel/helper-compilation-targets@^7.20.7", "@babel/helper-compilation-targets@^7.21.4":
+    version "7.21.4"
+    resolved "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.21.4.tgz"
+    integrity sha512-Fa0tTuOXZ1iL8IeDFUWCzjZcn+sJGd9RZdH9esYVjEejGmzf+FFYQpMi/kZUk2kPy/q1H3/GPw7np8qar/stfg==
+    dependencies:
+      "@babel/compat-data" "^7.21.4"
+      "@babel/helper-validator-option" "^7.21.0"
+      browserslist "^4.21.3"
+      lru-cache "^5.1.1"
+      semver "^6.3.0"
+  
+  "@babel/helper-create-class-features-plugin@^7.18.6", "@babel/helper-create-class-features-plugin@^7.21.0":
+    version "7.21.4"
+    resolved "https://registry.npmjs.org/@babel/helper-create-class-features-plugin/-/helper-create-class-features-plugin-7.21.4.tgz"
+    integrity sha512-46QrX2CQlaFRF4TkwfTt6nJD7IHq8539cCL7SDpqWSDeJKY1xylKKY5F/33mJhLZ3mFvKv2gGrVS6NkyF6qs+Q==
+    dependencies:
+      "@babel/helper-annotate-as-pure" "^7.18.6"
+      "@babel/helper-environment-visitor" "^7.18.9"
+      "@babel/helper-function-name" "^7.21.0"
+      "@babel/helper-member-expression-to-functions" "^7.21.0"
+      "@babel/helper-optimise-call-expression" "^7.18.6"
+      "@babel/helper-replace-supers" "^7.20.7"
+      "@babel/helper-skip-transparent-expression-wrappers" "^7.20.0"
+      "@babel/helper-split-export-declaration" "^7.18.6"
+  
+  "@babel/helper-create-regexp-features-plugin@^7.18.6", "@babel/helper-create-regexp-features-plugin@^7.20.5":
+    version "7.21.4"
+    resolved "https://registry.npmjs.org/@babel/helper-create-regexp-features-plugin/-/helper-create-regexp-features-plugin-7.21.4.tgz"
+    integrity sha512-M00OuhU+0GyZ5iBBN9czjugzWrEq2vDpf/zCYHxxf93ul/Q5rv+a5h+/+0WnI1AebHNVtl5bFV0qsJoH23DbfA==
+    dependencies:
+      "@babel/helper-annotate-as-pure" "^7.18.6"
+      regexpu-core "^5.3.1"
+  
+  "@babel/helper-define-polyfill-provider@^0.3.3":
+    version "0.3.3"
+    resolved "https://registry.npmjs.org/@babel/helper-define-polyfill-provider/-/helper-define-polyfill-provider-0.3.3.tgz"
+    integrity sha512-z5aQKU4IzbqCC1XH0nAqfsFLMVSo22SBKUc0BxGrLkolTdPTructy0ToNnlO2zA4j9Q/7pjMZf0DSY+DSTYzww==
+    dependencies:
+      "@babel/helper-compilation-targets" "^7.17.7"
+      "@babel/helper-plugin-utils" "^7.16.7"
+      debug "^4.1.1"
+      lodash.debounce "^4.0.8"
+      resolve "^1.14.2"
+      semver "^6.1.2"
+  
+  "@babel/helper-environment-visitor@^7.18.9", "@babel/helper-environment-visitor@^7.22.20":
+    version "7.22.20"
+    resolved "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz"
+    integrity sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==
+  
+  "@babel/helper-explode-assignable-expression@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/helper-explode-assignable-expression/-/helper-explode-assignable-expression-7.18.6.tgz"
+    integrity sha512-eyAYAsQmB80jNfg4baAtLeWAQHfHFiR483rzFK+BhETlGZaQC9bsfrugfXDCbRHLQbIA7U5NxhhOxN7p/dWIcg==
+    dependencies:
+      "@babel/types" "^7.18.6"
+  
+  "@babel/helper-function-name@^7.18.9", "@babel/helper-function-name@^7.19.0", "@babel/helper-function-name@^7.21.0", "@babel/helper-function-name@^7.23.0":
+    version "7.23.0"
+    resolved "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz"
+    integrity sha512-OErEqsrxjZTJciZ4Oo+eoZqeW9UIiOcuYKRJA4ZAgV9myA+pOXhhmpfNCKjEH/auVfEYVFJ6y1Tc4r0eIApqiw==
+    dependencies:
+      "@babel/template" "^7.22.15"
+      "@babel/types" "^7.23.0"
+  
+  "@babel/helper-hoist-variables@^7.18.6", "@babel/helper-hoist-variables@^7.22.5":
+    version "7.22.5"
+    resolved "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz"
+    integrity sha512-wGjk9QZVzvknA6yKIUURb8zY3grXCcOZt+/7Wcy8O2uctxhplmUPkOdlgoNhmdVee2c92JXbf1xpMtVNbfoxRw==
+    dependencies:
+      "@babel/types" "^7.22.5"
+  
+  "@babel/helper-member-expression-to-functions@^7.20.7", "@babel/helper-member-expression-to-functions@^7.21.0":
+    version "7.21.0"
+    resolved "https://registry.npmjs.org/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.21.0.tgz"
+    integrity sha512-Muu8cdZwNN6mRRNG6lAYErJ5X3bRevgYR2O8wN0yn7jJSnGDu6eG59RfT29JHxGUovyfrh6Pj0XzmR7drNVL3Q==
+    dependencies:
+      "@babel/types" "^7.21.0"
+  
+  "@babel/helper-module-imports@^7.18.6", "@babel/helper-module-imports@^7.21.4":
+    version "7.21.4"
+    resolved "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.21.4.tgz"
+    integrity sha512-orajc5T2PsRYUN3ZryCEFeMDYwyw09c/pZeaQEZPH0MpKzSvn3e0uXsDBu3k03VI+9DBiRo+l22BfKTpKwa/Wg==
+    dependencies:
+      "@babel/types" "^7.21.4"
+  
+  "@babel/helper-module-transforms@^7.18.6", "@babel/helper-module-transforms@^7.20.11", "@babel/helper-module-transforms@^7.21.2":
+    version "7.21.2"
+    resolved "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.21.2.tgz"
+    integrity sha512-79yj2AR4U/Oqq/WOV7Lx6hUjau1Zfo4cI+JLAVYeMV5XIlbOhmjEk5ulbTc9fMpmlojzZHkUUxAiK+UKn+hNQQ==
+    dependencies:
+      "@babel/helper-environment-visitor" "^7.18.9"
+      "@babel/helper-module-imports" "^7.18.6"
+      "@babel/helper-simple-access" "^7.20.2"
+      "@babel/helper-split-export-declaration" "^7.18.6"
+      "@babel/helper-validator-identifier" "^7.19.1"
+      "@babel/template" "^7.20.7"
+      "@babel/traverse" "^7.21.2"
+      "@babel/types" "^7.21.2"
+  
+  "@babel/helper-optimise-call-expression@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/helper-optimise-call-expression/-/helper-optimise-call-expression-7.18.6.tgz"
+    integrity sha512-HP59oD9/fEHQkdcbgFCnbmgH5vIQTJbxh2yf+CdM89/glUNnuzr87Q8GIjGEnOktTROemO0Pe0iPAYbqZuOUiA==
+    dependencies:
+      "@babel/types" "^7.18.6"
+  
+  "@babel/helper-plugin-utils@^7.0.0", "@babel/helper-plugin-utils@^7.10.4", "@babel/helper-plugin-utils@^7.12.13", "@babel/helper-plugin-utils@^7.14.5", "@babel/helper-plugin-utils@^7.16.7", "@babel/helper-plugin-utils@^7.18.6", "@babel/helper-plugin-utils@^7.18.9", "@babel/helper-plugin-utils@^7.19.0", "@babel/helper-plugin-utils@^7.20.2", "@babel/helper-plugin-utils@^7.8.0", "@babel/helper-plugin-utils@^7.8.3":
+    version "7.20.2"
+    resolved "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.20.2.tgz"
+    integrity sha512-8RvlJG2mj4huQ4pZ+rU9lqKi9ZKiRmuvGuM2HlWmkmgOhbs6zEAw6IEiJ5cQqGbDzGZOhwuOQNtZMi/ENLjZoQ==
+  
+  "@babel/helper-remap-async-to-generator@^7.18.9":
+    version "7.18.9"
+    resolved "https://registry.npmjs.org/@babel/helper-remap-async-to-generator/-/helper-remap-async-to-generator-7.18.9.tgz"
+    integrity sha512-dI7q50YKd8BAv3VEfgg7PS7yD3Rtbi2J1XMXaalXO0W0164hYLnh8zpjRS0mte9MfVp/tltvr/cfdXPvJr1opA==
+    dependencies:
+      "@babel/helper-annotate-as-pure" "^7.18.6"
+      "@babel/helper-environment-visitor" "^7.18.9"
+      "@babel/helper-wrap-function" "^7.18.9"
+      "@babel/types" "^7.18.9"
+  
+  "@babel/helper-replace-supers@^7.18.6", "@babel/helper-replace-supers@^7.20.7":
+    version "7.20.7"
+    resolved "https://registry.npmjs.org/@babel/helper-replace-supers/-/helper-replace-supers-7.20.7.tgz"
+    integrity sha512-vujDMtB6LVfNW13jhlCrp48QNslK6JXi7lQG736HVbHz/mbf4Dc7tIRh1Xf5C0rF7BP8iiSxGMCmY6Ci1ven3A==
+    dependencies:
+      "@babel/helper-environment-visitor" "^7.18.9"
+      "@babel/helper-member-expression-to-functions" "^7.20.7"
+      "@babel/helper-optimise-call-expression" "^7.18.6"
+      "@babel/template" "^7.20.7"
+      "@babel/traverse" "^7.20.7"
+      "@babel/types" "^7.20.7"
+  
+  "@babel/helper-simple-access@^7.20.2":
+    version "7.20.2"
+    resolved "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.20.2.tgz"
+    integrity sha512-+0woI/WPq59IrqDYbVGfshjT5Dmk/nnbdpcF8SnMhhXObpTq2KNBdLFRFrkVdbDOyUmHBCxzm5FHV1rACIkIbA==
+    dependencies:
+      "@babel/types" "^7.20.2"
+  
+  "@babel/helper-skip-transparent-expression-wrappers@^7.20.0":
+    version "7.20.0"
+    resolved "https://registry.npmjs.org/@babel/helper-skip-transparent-expression-wrappers/-/helper-skip-transparent-expression-wrappers-7.20.0.tgz"
+    integrity sha512-5y1JYeNKfvnT8sZcK9DVRtpTbGiomYIHviSP3OQWmDPU3DeH4a1ZlT/N2lyQ5P8egjcRaT/Y9aNqUxK0WsnIIg==
+    dependencies:
+      "@babel/types" "^7.20.0"
+  
+  "@babel/helper-split-export-declaration@^7.18.6", "@babel/helper-split-export-declaration@^7.22.6":
+    version "7.22.6"
+    resolved "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz"
+    integrity sha512-AsUnxuLhRYsisFiaJwvp1QF+I3KjD5FOxut14q/GzovUe6orHLesW2C7d754kRm53h5gqrz6sFl6sxc4BVtE/g==
+    dependencies:
+      "@babel/types" "^7.22.5"
+  
+  "@babel/helper-string-parser@^7.22.5":
+    version "7.22.5"
+    resolved "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz"
+    integrity sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==
+  
+  "@babel/helper-validator-identifier@^7.19.1", "@babel/helper-validator-identifier@^7.22.20":
+    version "7.22.20"
+    resolved "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz"
+    integrity sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==
+  
+  "@babel/helper-validator-option@^7.21.0":
+    version "7.21.0"
+    resolved "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.21.0.tgz"
+    integrity sha512-rmL/B8/f0mKS2baE9ZpyTcTavvEuWhTTW8amjzXNvYG4AwBsqTLikfXsEofsJEfKHf+HQVQbFOHy6o+4cnC/fQ==
+  
+  "@babel/helper-wrap-function@^7.18.9":
+    version "7.20.5"
+    resolved "https://registry.npmjs.org/@babel/helper-wrap-function/-/helper-wrap-function-7.20.5.tgz"
+    integrity sha512-bYMxIWK5mh+TgXGVqAtnu5Yn1un+v8DDZtqyzKRLUzrh70Eal2O3aZ7aPYiMADO4uKlkzOiRiZ6GX5q3qxvW9Q==
+    dependencies:
+      "@babel/helper-function-name" "^7.19.0"
+      "@babel/template" "^7.18.10"
+      "@babel/traverse" "^7.20.5"
+      "@babel/types" "^7.20.5"
+  
+  "@babel/helpers@^7.21.0":
+    version "7.21.0"
+    resolved "https://registry.npmjs.org/@babel/helpers/-/helpers-7.21.0.tgz"
+    integrity sha512-XXve0CBtOW0pd7MRzzmoyuSj0e3SEzj8pgyFxnTT1NJZL38BD1MK7yYrm8yefRPIDvNNe14xR4FdbHwpInD4rA==
+    dependencies:
+      "@babel/template" "^7.20.7"
+      "@babel/traverse" "^7.21.0"
+      "@babel/types" "^7.21.0"
+  
+  "@babel/highlight@^7.22.13":
+    version "7.22.20"
+    resolved "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz"
+    integrity sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==
+    dependencies:
+      "@babel/helper-validator-identifier" "^7.22.20"
+      chalk "^2.4.2"
+      js-tokens "^4.0.0"
+  
+  "@babel/parser@^7.1.0", "@babel/parser@^7.16.4", "@babel/parser@^7.20.7", "@babel/parser@^7.21.4", "@babel/parser@^7.22.15", "@babel/parser@^7.23.0":
+    version "7.23.0"
+    resolved "https://registry.npmjs.org/@babel/parser/-/parser-7.23.0.tgz"
+    integrity sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==
+  
+  "@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression/-/plugin-bugfix-safari-id-destructuring-collision-in-function-expression-7.18.6.tgz"
+    integrity sha512-Dgxsyg54Fx1d4Nge8UnvTrED63vrwOdPmyvPzlNN/boaliRP54pm3pGzZD1SJUwrBA+Cs/xdG8kXX6Mn/RfISQ==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.18.6"
+  
+  "@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining@^7.20.7":
+    version "7.20.7"
+    resolved "https://registry.npmjs.org/@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining/-/plugin-bugfix-v8-spread-parameters-in-optional-chaining-7.20.7.tgz"
+    integrity sha512-sbr9+wNE5aXMBBFBICk01tt7sBf2Oc9ikRFEcem/ZORup9IMUdNhW7/wVLEbbtlWOsEubJet46mHAL2C8+2jKQ==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.20.2"
+      "@babel/helper-skip-transparent-expression-wrappers" "^7.20.0"
+      "@babel/plugin-proposal-optional-chaining" "^7.20.7"
+  
+  "@babel/plugin-proposal-async-generator-functions@^7.20.7":
+    version "7.20.7"
+    resolved "https://registry.npmjs.org/@babel/plugin-proposal-async-generator-functions/-/plugin-proposal-async-generator-functions-7.20.7.tgz"
+    integrity sha512-xMbiLsn/8RK7Wq7VeVytytS2L6qE69bXPB10YCmMdDZbKF4okCqY74pI/jJQ/8U0b/F6NrT2+14b8/P9/3AMGA==
+    dependencies:
+      "@babel/helper-environment-visitor" "^7.18.9"
+      "@babel/helper-plugin-utils" "^7.20.2"
+      "@babel/helper-remap-async-to-generator" "^7.18.9"
+      "@babel/plugin-syntax-async-generators" "^7.8.4"
+  
+  "@babel/plugin-proposal-class-properties@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-proposal-class-properties/-/plugin-proposal-class-properties-7.18.6.tgz"
+    integrity sha512-cumfXOF0+nzZrrN8Rf0t7M+tF6sZc7vhQwYQck9q1/5w2OExlD+b4v4RpMJFaV1Z7WcDRgO6FqvxqxGlwo+RHQ==
+    dependencies:
+      "@babel/helper-create-class-features-plugin" "^7.18.6"
+      "@babel/helper-plugin-utils" "^7.18.6"
+  
+  "@babel/plugin-proposal-class-static-block@^7.21.0":
+    version "7.21.0"
+    resolved "https://registry.npmjs.org/@babel/plugin-proposal-class-static-block/-/plugin-proposal-class-static-block-7.21.0.tgz"
+    integrity sha512-XP5G9MWNUskFuP30IfFSEFB0Z6HzLIUcjYM4bYOPHXl7eiJ9HFv8tWj6TXTN5QODiEhDZAeI4hLok2iHFFV4hw==
+    dependencies:
+      "@babel/helper-create-class-features-plugin" "^7.21.0"
+      "@babel/helper-plugin-utils" "^7.20.2"
+      "@babel/plugin-syntax-class-static-block" "^7.14.5"
+  
+  "@babel/plugin-proposal-dynamic-import@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-proposal-dynamic-import/-/plugin-proposal-dynamic-import-7.18.6.tgz"
+    integrity sha512-1auuwmK+Rz13SJj36R+jqFPMJWyKEDd7lLSdOj4oJK0UTgGueSAtkrCvz9ewmgyU/P941Rv2fQwZJN8s6QruXw==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.18.6"
+      "@babel/plugin-syntax-dynamic-import" "^7.8.3"
+  
+  "@babel/plugin-proposal-export-namespace-from@^7.18.9":
+    version "7.18.9"
+    resolved "https://registry.npmjs.org/@babel/plugin-proposal-export-namespace-from/-/plugin-proposal-export-namespace-from-7.18.9.tgz"
+    integrity sha512-k1NtHyOMvlDDFeb9G5PhUXuGj8m/wiwojgQVEhJ/fsVsMCpLyOP4h0uGEjYJKrRI+EVPlb5Jk+Gt9P97lOGwtA==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.18.9"
+      "@babel/plugin-syntax-export-namespace-from" "^7.8.3"
+  
+  "@babel/plugin-proposal-json-strings@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-proposal-json-strings/-/plugin-proposal-json-strings-7.18.6.tgz"
+    integrity sha512-lr1peyn9kOdbYc0xr0OdHTZ5FMqS6Di+H0Fz2I/JwMzGmzJETNeOFq2pBySw6X/KFL5EWDjlJuMsUGRFb8fQgQ==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.18.6"
+      "@babel/plugin-syntax-json-strings" "^7.8.3"
+  
+  "@babel/plugin-proposal-logical-assignment-operators@^7.20.7":
+    version "7.20.7"
+    resolved "https://registry.npmjs.org/@babel/plugin-proposal-logical-assignment-operators/-/plugin-proposal-logical-assignment-operators-7.20.7.tgz"
+    integrity sha512-y7C7cZgpMIjWlKE5T7eJwp+tnRYM89HmRvWM5EQuB5BoHEONjmQ8lSNmBUwOyy/GFRsohJED51YBF79hE1djug==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.20.2"
+      "@babel/plugin-syntax-logical-assignment-operators" "^7.10.4"
+  
+  "@babel/plugin-proposal-nullish-coalescing-operator@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-proposal-nullish-coalescing-operator/-/plugin-proposal-nullish-coalescing-operator-7.18.6.tgz"
+    integrity sha512-wQxQzxYeJqHcfppzBDnm1yAY0jSRkUXR2z8RePZYrKwMKgMlE8+Z6LUno+bd6LvbGh8Gltvy74+9pIYkr+XkKA==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.18.6"
+      "@babel/plugin-syntax-nullish-coalescing-operator" "^7.8.3"
+  
+  "@babel/plugin-proposal-numeric-separator@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-proposal-numeric-separator/-/plugin-proposal-numeric-separator-7.18.6.tgz"
+    integrity sha512-ozlZFogPqoLm8WBr5Z8UckIoE4YQ5KESVcNudyXOR8uqIkliTEgJ3RoketfG6pmzLdeZF0H/wjE9/cCEitBl7Q==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.18.6"
+      "@babel/plugin-syntax-numeric-separator" "^7.10.4"
+  
+  "@babel/plugin-proposal-object-rest-spread@^7.15.6", "@babel/plugin-proposal-object-rest-spread@^7.20.7":
+    version "7.20.7"
+    resolved "https://registry.npmjs.org/@babel/plugin-proposal-object-rest-spread/-/plugin-proposal-object-rest-spread-7.20.7.tgz"
+    integrity sha512-d2S98yCiLxDVmBmE8UjGcfPvNEUbA1U5q5WxaWFUGRzJSVAZqm5W6MbPct0jxnegUZ0niLeNX+IOzEs7wYg9Dg==
+    dependencies:
+      "@babel/compat-data" "^7.20.5"
+      "@babel/helper-compilation-targets" "^7.20.7"
+      "@babel/helper-plugin-utils" "^7.20.2"
+      "@babel/plugin-syntax-object-rest-spread" "^7.8.3"
+      "@babel/plugin-transform-parameters" "^7.20.7"
+  
+  "@babel/plugin-proposal-optional-catch-binding@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-proposal-optional-catch-binding/-/plugin-proposal-optional-catch-binding-7.18.6.tgz"
+    integrity sha512-Q40HEhs9DJQyaZfUjjn6vE8Cv4GmMHCYuMGIWUnlxH6400VGxOuwWsPt4FxXxJkC/5eOzgn0z21M9gMT4MOhbw==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.18.6"
+      "@babel/plugin-syntax-optional-catch-binding" "^7.8.3"
+  
+  "@babel/plugin-proposal-optional-chaining@^7.20.7", "@babel/plugin-proposal-optional-chaining@^7.21.0":
+    version "7.21.0"
+    resolved "https://registry.npmjs.org/@babel/plugin-proposal-optional-chaining/-/plugin-proposal-optional-chaining-7.21.0.tgz"
+    integrity sha512-p4zeefM72gpmEe2fkUr/OnOXpWEf8nAgk7ZYVqqfFiyIG7oFfVZcCrU64hWn5xp4tQ9LkV4bTIa5rD0KANpKNA==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.20.2"
+      "@babel/helper-skip-transparent-expression-wrappers" "^7.20.0"
+      "@babel/plugin-syntax-optional-chaining" "^7.8.3"
+  
+  "@babel/plugin-proposal-private-methods@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-proposal-private-methods/-/plugin-proposal-private-methods-7.18.6.tgz"
+    integrity sha512-nutsvktDItsNn4rpGItSNV2sz1XwS+nfU0Rg8aCx3W3NOKVzdMjJRu0O5OkgDp3ZGICSTbgRpxZoWsxoKRvbeA==
+    dependencies:
+      "@babel/helper-create-class-features-plugin" "^7.18.6"
+      "@babel/helper-plugin-utils" "^7.18.6"
+  
+  "@babel/plugin-proposal-private-property-in-object@^7.21.0":
+    version "7.21.0"
+    resolved "https://registry.npmjs.org/@babel/plugin-proposal-private-property-in-object/-/plugin-proposal-private-property-in-object-7.21.0.tgz"
+    integrity sha512-ha4zfehbJjc5MmXBlHec1igel5TJXXLDDRbuJ4+XT2TJcyD9/V1919BA8gMvsdHcNMBy4WBUBiRb3nw/EQUtBw==
+    dependencies:
+      "@babel/helper-annotate-as-pure" "^7.18.6"
+      "@babel/helper-create-class-features-plugin" "^7.21.0"
+      "@babel/helper-plugin-utils" "^7.20.2"
+      "@babel/plugin-syntax-private-property-in-object" "^7.14.5"
+  
+  "@babel/plugin-proposal-unicode-property-regex@^7.18.6", "@babel/plugin-proposal-unicode-property-regex@^7.4.4":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-proposal-unicode-property-regex/-/plugin-proposal-unicode-property-regex-7.18.6.tgz"
+    integrity sha512-2BShG/d5yoZyXZfVePH91urL5wTG6ASZU9M4o03lKK8u8UW1y08OMttBSOADTcJrnPMpvDXRG3G8fyLh4ovs8w==
+    dependencies:
+      "@babel/helper-create-regexp-features-plugin" "^7.18.6"
+      "@babel/helper-plugin-utils" "^7.18.6"
+  
+  "@babel/plugin-syntax-async-generators@^7.8.4":
+    version "7.8.4"
+    resolved "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz"
+    integrity sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.8.0"
+  
+  "@babel/plugin-syntax-class-properties@^7.12.13":
+    version "7.12.13"
+    resolved "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz"
+    integrity sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.12.13"
+  
+  "@babel/plugin-syntax-class-static-block@^7.14.5":
+    version "7.14.5"
+    resolved "https://registry.npmjs.org/@babel/plugin-syntax-class-static-block/-/plugin-syntax-class-static-block-7.14.5.tgz"
+    integrity sha512-b+YyPmr6ldyNnM6sqYeMWE+bgJcJpO6yS4QD7ymxgH34GBPNDM/THBh8iunyvKIZztiwLH4CJZ0RxTk9emgpjw==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.14.5"
+  
+  "@babel/plugin-syntax-dynamic-import@^7.8.3":
+    version "7.8.3"
+    resolved "https://registry.npmjs.org/@babel/plugin-syntax-dynamic-import/-/plugin-syntax-dynamic-import-7.8.3.tgz"
+    integrity sha512-5gdGbFon+PszYzqs83S3E5mpi7/y/8M9eC90MRTZfduQOYW76ig6SOSPNe41IG5LoP3FGBn2N0RjVDSQiS94kQ==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.8.0"
+  
+  "@babel/plugin-syntax-export-namespace-from@^7.8.3":
+    version "7.8.3"
+    resolved "https://registry.npmjs.org/@babel/plugin-syntax-export-namespace-from/-/plugin-syntax-export-namespace-from-7.8.3.tgz"
+    integrity sha512-MXf5laXo6c1IbEbegDmzGPwGNTsHZmEy6QGznu5Sh2UCWvueywb2ee+CCE4zQiZstxU9BMoQO9i6zUFSY0Kj0Q==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.8.3"
+  
+  "@babel/plugin-syntax-import-assertions@^7.20.0":
+    version "7.20.0"
+    resolved "https://registry.npmjs.org/@babel/plugin-syntax-import-assertions/-/plugin-syntax-import-assertions-7.20.0.tgz"
+    integrity sha512-IUh1vakzNoWalR8ch/areW7qFopR2AEw03JlG7BbrDqmQ4X3q9uuipQwSGrUn7oGiemKjtSLDhNtQHzMHr1JdQ==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.19.0"
+  
+  "@babel/plugin-syntax-json-strings@^7.8.3":
+    version "7.8.3"
+    resolved "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz"
+    integrity sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.8.0"
+  
+  "@babel/plugin-syntax-logical-assignment-operators@^7.10.4":
+    version "7.10.4"
+    resolved "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz"
+    integrity sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.10.4"
+  
+  "@babel/plugin-syntax-nullish-coalescing-operator@^7.8.3":
+    version "7.8.3"
+    resolved "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz"
+    integrity sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.8.0"
+  
+  "@babel/plugin-syntax-numeric-separator@^7.10.4":
+    version "7.10.4"
+    resolved "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz"
+    integrity sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.10.4"
+  
+  "@babel/plugin-syntax-object-rest-spread@^7.8.3":
+    version "7.8.3"
+    resolved "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz"
+    integrity sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.8.0"
+  
+  "@babel/plugin-syntax-optional-catch-binding@^7.8.3":
+    version "7.8.3"
+    resolved "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz"
+    integrity sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.8.0"
+  
+  "@babel/plugin-syntax-optional-chaining@^7.8.3":
+    version "7.8.3"
+    resolved "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz"
+    integrity sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.8.0"
+  
+  "@babel/plugin-syntax-private-property-in-object@^7.14.5":
+    version "7.14.5"
+    resolved "https://registry.npmjs.org/@babel/plugin-syntax-private-property-in-object/-/plugin-syntax-private-property-in-object-7.14.5.tgz"
+    integrity sha512-0wVnp9dxJ72ZUJDV27ZfbSj6iHLoytYZmh3rFcxNnvsJF3ktkzLDZPy/mA17HGsaQT3/DQsWYX1f1QGWkCoVUg==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.14.5"
+  
+  "@babel/plugin-syntax-top-level-await@^7.14.5":
+    version "7.14.5"
+    resolved "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz"
+    integrity sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.14.5"
+  
+  "@babel/plugin-transform-arrow-functions@^7.20.7":
+    version "7.20.7"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-arrow-functions/-/plugin-transform-arrow-functions-7.20.7.tgz"
+    integrity sha512-3poA5E7dzDomxj9WXWwuD6A5F3kc7VXwIJO+E+J8qtDtS+pXPAhrgEyh+9GBwBgPq1Z+bB+/JD60lp5jsN7JPQ==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.20.2"
+  
+  "@babel/plugin-transform-async-to-generator@^7.20.7":
+    version "7.20.7"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-async-to-generator/-/plugin-transform-async-to-generator-7.20.7.tgz"
+    integrity sha512-Uo5gwHPT9vgnSXQxqGtpdufUiWp96gk7yiP4Mp5bm1QMkEmLXBO7PAGYbKoJ6DhAwiNkcHFBol/x5zZZkL/t0Q==
+    dependencies:
+      "@babel/helper-module-imports" "^7.18.6"
+      "@babel/helper-plugin-utils" "^7.20.2"
+      "@babel/helper-remap-async-to-generator" "^7.18.9"
+  
+  "@babel/plugin-transform-block-scoped-functions@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-block-scoped-functions/-/plugin-transform-block-scoped-functions-7.18.6.tgz"
+    integrity sha512-ExUcOqpPWnliRcPqves5HJcJOvHvIIWfuS4sroBUenPuMdmW+SMHDakmtS7qOo13sVppmUijqeTv7qqGsvURpQ==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.18.6"
+  
+  "@babel/plugin-transform-block-scoping@^7.21.0":
+    version "7.21.0"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-block-scoping/-/plugin-transform-block-scoping-7.21.0.tgz"
+    integrity sha512-Mdrbunoh9SxwFZapeHVrwFmri16+oYotcZysSzhNIVDwIAb1UV+kvnxULSYq9J3/q5MDG+4X6w8QVgD1zhBXNQ==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.20.2"
+  
+  "@babel/plugin-transform-classes@^7.21.0":
+    version "7.21.0"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-classes/-/plugin-transform-classes-7.21.0.tgz"
+    integrity sha512-RZhbYTCEUAe6ntPehC4hlslPWosNHDox+vAs4On/mCLRLfoDVHf6hVEd7kuxr1RnHwJmxFfUM3cZiZRmPxJPXQ==
+    dependencies:
+      "@babel/helper-annotate-as-pure" "^7.18.6"
+      "@babel/helper-compilation-targets" "^7.20.7"
+      "@babel/helper-environment-visitor" "^7.18.9"
+      "@babel/helper-function-name" "^7.21.0"
+      "@babel/helper-optimise-call-expression" "^7.18.6"
+      "@babel/helper-plugin-utils" "^7.20.2"
+      "@babel/helper-replace-supers" "^7.20.7"
+      "@babel/helper-split-export-declaration" "^7.18.6"
+      globals "^11.1.0"
+  
+  "@babel/plugin-transform-computed-properties@^7.20.7":
+    version "7.20.7"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-computed-properties/-/plugin-transform-computed-properties-7.20.7.tgz"
+    integrity sha512-Lz7MvBK6DTjElHAmfu6bfANzKcxpyNPeYBGEafyA6E5HtRpjpZwU+u7Qrgz/2OR0z+5TvKYbPdphfSaAcZBrYQ==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.20.2"
+      "@babel/template" "^7.20.7"
+  
+  "@babel/plugin-transform-destructuring@^7.21.3":
+    version "7.21.3"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-destructuring/-/plugin-transform-destructuring-7.21.3.tgz"
+    integrity sha512-bp6hwMFzuiE4HqYEyoGJ/V2LeIWn+hLVKc4pnj++E5XQptwhtcGmSayM029d/j2X1bPKGTlsyPwAubuU22KhMA==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.20.2"
+  
+  "@babel/plugin-transform-dotall-regex@^7.18.6", "@babel/plugin-transform-dotall-regex@^7.4.4":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-dotall-regex/-/plugin-transform-dotall-regex-7.18.6.tgz"
+    integrity sha512-6S3jpun1eEbAxq7TdjLotAsl4WpQI9DxfkycRcKrjhQYzU87qpXdknpBg/e+TdcMehqGnLFi7tnFUBR02Vq6wg==
+    dependencies:
+      "@babel/helper-create-regexp-features-plugin" "^7.18.6"
+      "@babel/helper-plugin-utils" "^7.18.6"
+  
+  "@babel/plugin-transform-duplicate-keys@^7.18.9":
+    version "7.18.9"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-duplicate-keys/-/plugin-transform-duplicate-keys-7.18.9.tgz"
+    integrity sha512-d2bmXCtZXYc59/0SanQKbiWINadaJXqtvIQIzd4+hNwkWBgyCd5F/2t1kXoUdvPMrxzPvhK6EMQRROxsue+mfw==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.18.9"
+  
+  "@babel/plugin-transform-exponentiation-operator@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-exponentiation-operator/-/plugin-transform-exponentiation-operator-7.18.6.tgz"
+    integrity sha512-wzEtc0+2c88FVR34aQmiz56dxEkxr2g8DQb/KfaFa1JYXOFVsbhvAonFN6PwVWj++fKmku8NP80plJ5Et4wqHw==
+    dependencies:
+      "@babel/helper-builder-binary-assignment-operator-visitor" "^7.18.6"
+      "@babel/helper-plugin-utils" "^7.18.6"
+  
+  "@babel/plugin-transform-for-of@^7.21.0":
+    version "7.21.0"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-for-of/-/plugin-transform-for-of-7.21.0.tgz"
+    integrity sha512-LlUYlydgDkKpIY7mcBWvyPPmMcOphEyYA27Ef4xpbh1IiDNLr0kZsos2nf92vz3IccvJI25QUwp86Eo5s6HmBQ==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.20.2"
+  
+  "@babel/plugin-transform-function-name@^7.18.9":
+    version "7.18.9"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-function-name/-/plugin-transform-function-name-7.18.9.tgz"
+    integrity sha512-WvIBoRPaJQ5yVHzcnJFor7oS5Ls0PYixlTYE63lCj2RtdQEl15M68FXQlxnG6wdraJIXRdR7KI+hQ7q/9QjrCQ==
+    dependencies:
+      "@babel/helper-compilation-targets" "^7.18.9"
+      "@babel/helper-function-name" "^7.18.9"
+      "@babel/helper-plugin-utils" "^7.18.9"
+  
+  "@babel/plugin-transform-literals@^7.18.9":
+    version "7.18.9"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-literals/-/plugin-transform-literals-7.18.9.tgz"
+    integrity sha512-IFQDSRoTPnrAIrI5zoZv73IFeZu2dhu6irxQjY9rNjTT53VmKg9fenjvoiOWOkJ6mm4jKVPtdMzBY98Fp4Z4cg==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.18.9"
+  
+  "@babel/plugin-transform-member-expression-literals@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-member-expression-literals/-/plugin-transform-member-expression-literals-7.18.6.tgz"
+    integrity sha512-qSF1ihLGO3q+/g48k85tUjD033C29TNTVB2paCwZPVmOsjn9pClvYYrM2VeJpBY2bcNkuny0YUyTNRyRxJ54KA==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.18.6"
+  
+  "@babel/plugin-transform-modules-amd@^7.20.11":
+    version "7.20.11"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-modules-amd/-/plugin-transform-modules-amd-7.20.11.tgz"
+    integrity sha512-NuzCt5IIYOW0O30UvqktzHYR2ud5bOWbY0yaxWZ6G+aFzOMJvrs5YHNikrbdaT15+KNO31nPOy5Fim3ku6Zb5g==
+    dependencies:
+      "@babel/helper-module-transforms" "^7.20.11"
+      "@babel/helper-plugin-utils" "^7.20.2"
+  
+  "@babel/plugin-transform-modules-commonjs@^7.21.2":
+    version "7.21.2"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-modules-commonjs/-/plugin-transform-modules-commonjs-7.21.2.tgz"
+    integrity sha512-Cln+Yy04Gxua7iPdj6nOV96smLGjpElir5YwzF0LBPKoPlLDNJePNlrGGaybAJkd0zKRnOVXOgizSqPYMNYkzA==
+    dependencies:
+      "@babel/helper-module-transforms" "^7.21.2"
+      "@babel/helper-plugin-utils" "^7.20.2"
+      "@babel/helper-simple-access" "^7.20.2"
+  
+  "@babel/plugin-transform-modules-systemjs@^7.20.11":
+    version "7.20.11"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-modules-systemjs/-/plugin-transform-modules-systemjs-7.20.11.tgz"
+    integrity sha512-vVu5g9BPQKSFEmvt2TA4Da5N+QVS66EX21d8uoOihC+OCpUoGvzVsXeqFdtAEfVa5BILAeFt+U7yVmLbQnAJmw==
+    dependencies:
+      "@babel/helper-hoist-variables" "^7.18.6"
+      "@babel/helper-module-transforms" "^7.20.11"
+      "@babel/helper-plugin-utils" "^7.20.2"
+      "@babel/helper-validator-identifier" "^7.19.1"
+  
+  "@babel/plugin-transform-modules-umd@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-modules-umd/-/plugin-transform-modules-umd-7.18.6.tgz"
+    integrity sha512-dcegErExVeXcRqNtkRU/z8WlBLnvD4MRnHgNs3MytRO1Mn1sHRyhbcpYbVMGclAqOjdW+9cfkdZno9dFdfKLfQ==
+    dependencies:
+      "@babel/helper-module-transforms" "^7.18.6"
+      "@babel/helper-plugin-utils" "^7.18.6"
+  
+  "@babel/plugin-transform-named-capturing-groups-regex@^7.20.5":
+    version "7.20.5"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-named-capturing-groups-regex/-/plugin-transform-named-capturing-groups-regex-7.20.5.tgz"
+    integrity sha512-mOW4tTzi5iTLnw+78iEq3gr8Aoq4WNRGpmSlrogqaiCBoR1HFhpU4JkpQFOHfeYx3ReVIFWOQJS4aZBRvuZ6mA==
+    dependencies:
+      "@babel/helper-create-regexp-features-plugin" "^7.20.5"
+      "@babel/helper-plugin-utils" "^7.20.2"
+  
+  "@babel/plugin-transform-new-target@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-new-target/-/plugin-transform-new-target-7.18.6.tgz"
+    integrity sha512-DjwFA/9Iu3Z+vrAn+8pBUGcjhxKguSMlsFqeCKbhb9BAV756v0krzVK04CRDi/4aqmk8BsHb4a/gFcaA5joXRw==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.18.6"
+  
+  "@babel/plugin-transform-object-super@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-object-super/-/plugin-transform-object-super-7.18.6.tgz"
+    integrity sha512-uvGz6zk+pZoS1aTZrOvrbj6Pp/kK2mp45t2B+bTDre2UgsZZ8EZLSJtUg7m/no0zOJUWgFONpB7Zv9W2tSaFlA==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.18.6"
+      "@babel/helper-replace-supers" "^7.18.6"
+  
+  "@babel/plugin-transform-parameters@^7.20.7", "@babel/plugin-transform-parameters@^7.21.3":
+    version "7.21.3"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-parameters/-/plugin-transform-parameters-7.21.3.tgz"
+    integrity sha512-Wxc+TvppQG9xWFYatvCGPvZ6+SIUxQ2ZdiBP+PHYMIjnPXD+uThCshaz4NZOnODAtBjjcVQQ/3OKs9LW28purQ==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.20.2"
+  
+  "@babel/plugin-transform-property-literals@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-property-literals/-/plugin-transform-property-literals-7.18.6.tgz"
+    integrity sha512-cYcs6qlgafTud3PAzrrRNbQtfpQ8+y/+M5tKmksS9+M1ckbH6kzY8MrexEM9mcA6JDsukE19iIRvAyYl463sMg==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.18.6"
+  
+  "@babel/plugin-transform-regenerator@^7.20.5":
+    version "7.20.5"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-regenerator/-/plugin-transform-regenerator-7.20.5.tgz"
+    integrity sha512-kW/oO7HPBtntbsahzQ0qSE3tFvkFwnbozz3NWFhLGqH75vLEg+sCGngLlhVkePlCs3Jv0dBBHDzCHxNiFAQKCQ==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.20.2"
+      regenerator-transform "^0.15.1"
+  
+  "@babel/plugin-transform-reserved-words@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-reserved-words/-/plugin-transform-reserved-words-7.18.6.tgz"
+    integrity sha512-oX/4MyMoypzHjFrT1CdivfKZ+XvIPMFXwwxHp/r0Ddy2Vuomt4HDFGmft1TAY2yiTKiNSsh3kjBAzcM8kSdsjA==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.18.6"
+  
+  "@babel/plugin-transform-runtime@^7.15.8":
+    version "7.21.4"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-runtime/-/plugin-transform-runtime-7.21.4.tgz"
+    integrity sha512-1J4dhrw1h1PqnNNpzwxQ2UBymJUF8KuPjAAnlLwZcGhHAIqUigFW7cdK6GHoB64ubY4qXQNYknoUeks4Wz7CUA==
+    dependencies:
+      "@babel/helper-module-imports" "^7.21.4"
+      "@babel/helper-plugin-utils" "^7.20.2"
+      babel-plugin-polyfill-corejs2 "^0.3.3"
+      babel-plugin-polyfill-corejs3 "^0.6.0"
+      babel-plugin-polyfill-regenerator "^0.4.1"
+      semver "^6.3.0"
+  
+  "@babel/plugin-transform-shorthand-properties@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-shorthand-properties/-/plugin-transform-shorthand-properties-7.18.6.tgz"
+    integrity sha512-eCLXXJqv8okzg86ywZJbRn19YJHU4XUa55oz2wbHhaQVn/MM+XhukiT7SYqp/7o00dg52Rj51Ny+Ecw4oyoygw==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.18.6"
+  
+  "@babel/plugin-transform-spread@^7.20.7":
+    version "7.20.7"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-spread/-/plugin-transform-spread-7.20.7.tgz"
+    integrity sha512-ewBbHQ+1U/VnH1fxltbJqDeWBU1oNLG8Dj11uIv3xVf7nrQu0bPGe5Rf716r7K5Qz+SqtAOVswoVunoiBtGhxw==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.20.2"
+      "@babel/helper-skip-transparent-expression-wrappers" "^7.20.0"
+  
+  "@babel/plugin-transform-sticky-regex@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-sticky-regex/-/plugin-transform-sticky-regex-7.18.6.tgz"
+    integrity sha512-kfiDrDQ+PBsQDO85yj1icueWMfGfJFKN1KCkndygtu/C9+XUfydLC8Iv5UYJqRwy4zk8EcplRxEOeLyjq1gm6Q==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.18.6"
+  
+  "@babel/plugin-transform-template-literals@^7.18.9":
+    version "7.18.9"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-template-literals/-/plugin-transform-template-literals-7.18.9.tgz"
+    integrity sha512-S8cOWfT82gTezpYOiVaGHrCbhlHgKhQt8XH5ES46P2XWmX92yisoZywf5km75wv5sYcXDUCLMmMxOLCtthDgMA==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.18.9"
+  
+  "@babel/plugin-transform-typeof-symbol@^7.18.9":
+    version "7.18.9"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-typeof-symbol/-/plugin-transform-typeof-symbol-7.18.9.tgz"
+    integrity sha512-SRfwTtF11G2aemAZWivL7PD+C9z52v9EvMqH9BuYbabyPuKUvSWks3oCg6041pT925L4zVFqaVBeECwsmlguEw==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.18.9"
+  
+  "@babel/plugin-transform-unicode-escapes@^7.18.10":
+    version "7.18.10"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-unicode-escapes/-/plugin-transform-unicode-escapes-7.18.10.tgz"
+    integrity sha512-kKAdAI+YzPgGY/ftStBFXTI1LZFju38rYThnfMykS+IXy8BVx+res7s2fxf1l8I35DV2T97ezo6+SGrXz6B3iQ==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.18.9"
+  
+  "@babel/plugin-transform-unicode-regex@^7.18.6":
+    version "7.18.6"
+    resolved "https://registry.npmjs.org/@babel/plugin-transform-unicode-regex/-/plugin-transform-unicode-regex-7.18.6.tgz"
+    integrity sha512-gE7A6Lt7YLnNOL3Pb9BNeZvi+d8l7tcRrG4+pwJjK9hD2xX4mEvjlQW60G9EEmfXVYRPv9VRQcyegIVHCql/AA==
+    dependencies:
+      "@babel/helper-create-regexp-features-plugin" "^7.18.6"
+      "@babel/helper-plugin-utils" "^7.18.6"
+  
+  "@babel/preset-env@^7.15.8":
+    version "7.21.4"
+    resolved "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.21.4.tgz"
+    integrity sha512-2W57zHs2yDLm6GD5ZpvNn71lZ0B/iypSdIeq25OurDKji6AdzV07qp4s3n1/x5BqtiGaTrPN3nerlSCaC5qNTw==
+    dependencies:
+      "@babel/compat-data" "^7.21.4"
+      "@babel/helper-compilation-targets" "^7.21.4"
+      "@babel/helper-plugin-utils" "^7.20.2"
+      "@babel/helper-validator-option" "^7.21.0"
+      "@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression" "^7.18.6"
+      "@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining" "^7.20.7"
+      "@babel/plugin-proposal-async-generator-functions" "^7.20.7"
+      "@babel/plugin-proposal-class-properties" "^7.18.6"
+      "@babel/plugin-proposal-class-static-block" "^7.21.0"
+      "@babel/plugin-proposal-dynamic-import" "^7.18.6"
+      "@babel/plugin-proposal-export-namespace-from" "^7.18.9"
+      "@babel/plugin-proposal-json-strings" "^7.18.6"
+      "@babel/plugin-proposal-logical-assignment-operators" "^7.20.7"
+      "@babel/plugin-proposal-nullish-coalescing-operator" "^7.18.6"
+      "@babel/plugin-proposal-numeric-separator" "^7.18.6"
+      "@babel/plugin-proposal-object-rest-spread" "^7.20.7"
+      "@babel/plugin-proposal-optional-catch-binding" "^7.18.6"
+      "@babel/plugin-proposal-optional-chaining" "^7.21.0"
+      "@babel/plugin-proposal-private-methods" "^7.18.6"
+      "@babel/plugin-proposal-private-property-in-object" "^7.21.0"
+      "@babel/plugin-proposal-unicode-property-regex" "^7.18.6"
+      "@babel/plugin-syntax-async-generators" "^7.8.4"
+      "@babel/plugin-syntax-class-properties" "^7.12.13"
+      "@babel/plugin-syntax-class-static-block" "^7.14.5"
+      "@babel/plugin-syntax-dynamic-import" "^7.8.3"
+      "@babel/plugin-syntax-export-namespace-from" "^7.8.3"
+      "@babel/plugin-syntax-import-assertions" "^7.20.0"
+      "@babel/plugin-syntax-json-strings" "^7.8.3"
+      "@babel/plugin-syntax-logical-assignment-operators" "^7.10.4"
+      "@babel/plugin-syntax-nullish-coalescing-operator" "^7.8.3"
+      "@babel/plugin-syntax-numeric-separator" "^7.10.4"
+      "@babel/plugin-syntax-object-rest-spread" "^7.8.3"
+      "@babel/plugin-syntax-optional-catch-binding" "^7.8.3"
+      "@babel/plugin-syntax-optional-chaining" "^7.8.3"
+      "@babel/plugin-syntax-private-property-in-object" "^7.14.5"
+      "@babel/plugin-syntax-top-level-await" "^7.14.5"
+      "@babel/plugin-transform-arrow-functions" "^7.20.7"
+      "@babel/plugin-transform-async-to-generator" "^7.20.7"
+      "@babel/plugin-transform-block-scoped-functions" "^7.18.6"
+      "@babel/plugin-transform-block-scoping" "^7.21.0"
+      "@babel/plugin-transform-classes" "^7.21.0"
+      "@babel/plugin-transform-computed-properties" "^7.20.7"
+      "@babel/plugin-transform-destructuring" "^7.21.3"
+      "@babel/plugin-transform-dotall-regex" "^7.18.6"
+      "@babel/plugin-transform-duplicate-keys" "^7.18.9"
+      "@babel/plugin-transform-exponentiation-operator" "^7.18.6"
+      "@babel/plugin-transform-for-of" "^7.21.0"
+      "@babel/plugin-transform-function-name" "^7.18.9"
+      "@babel/plugin-transform-literals" "^7.18.9"
+      "@babel/plugin-transform-member-expression-literals" "^7.18.6"
+      "@babel/plugin-transform-modules-amd" "^7.20.11"
+      "@babel/plugin-transform-modules-commonjs" "^7.21.2"
+      "@babel/plugin-transform-modules-systemjs" "^7.20.11"
+      "@babel/plugin-transform-modules-umd" "^7.18.6"
+      "@babel/plugin-transform-named-capturing-groups-regex" "^7.20.5"
+      "@babel/plugin-transform-new-target" "^7.18.6"
+      "@babel/plugin-transform-object-super" "^7.18.6"
+      "@babel/plugin-transform-parameters" "^7.21.3"
+      "@babel/plugin-transform-property-literals" "^7.18.6"
+      "@babel/plugin-transform-regenerator" "^7.20.5"
+      "@babel/plugin-transform-reserved-words" "^7.18.6"
+      "@babel/plugin-transform-shorthand-properties" "^7.18.6"
+      "@babel/plugin-transform-spread" "^7.20.7"
+      "@babel/plugin-transform-sticky-regex" "^7.18.6"
+      "@babel/plugin-transform-template-literals" "^7.18.9"
+      "@babel/plugin-transform-typeof-symbol" "^7.18.9"
+      "@babel/plugin-transform-unicode-escapes" "^7.18.10"
+      "@babel/plugin-transform-unicode-regex" "^7.18.6"
+      "@babel/preset-modules" "^0.1.5"
+      "@babel/types" "^7.21.4"
+      babel-plugin-polyfill-corejs2 "^0.3.3"
+      babel-plugin-polyfill-corejs3 "^0.6.0"
+      babel-plugin-polyfill-regenerator "^0.4.1"
+      core-js-compat "^3.25.1"
+      semver "^6.3.0"
+  
+  "@babel/preset-modules@^0.1.5":
+    version "0.1.5"
+    resolved "https://registry.npmjs.org/@babel/preset-modules/-/preset-modules-0.1.5.tgz"
+    integrity sha512-A57th6YRG7oR3cq/yt/Y84MvGgE0eJG2F1JLhKuyG+jFxEgrd/HAMJatiFtmOiZurz+0DkrvbheCLaV5f2JfjA==
+    dependencies:
+      "@babel/helper-plugin-utils" "^7.0.0"
+      "@babel/plugin-proposal-unicode-property-regex" "^7.4.4"
+      "@babel/plugin-transform-dotall-regex" "^7.4.4"
+      "@babel/types" "^7.4.4"
+      esutils "^2.0.2"
+  
+  "@babel/regjsgen@^0.8.0":
+    version "0.8.0"
+    resolved "https://registry.npmjs.org/@babel/regjsgen/-/regjsgen-0.8.0.tgz"
+    integrity sha512-x/rqGMdzj+fWZvCOYForTghzbtqPDZ5gPwaoNGHdgDfF2QA/XZbCBp4Moo5scrkAMPhB7z26XM/AaHuIJdgauA==
+  
+  "@babel/runtime@^7.15.4", "@babel/runtime@^7.8.4":
+    version "7.21.0"
+    resolved "https://registry.npmjs.org/@babel/runtime/-/runtime-7.21.0.tgz"
+    integrity sha512-xwII0//EObnq89Ji5AKYQaRYiW/nZ3llSv29d49IuxPhKbtJoLP+9QUUZ4nVragQVtaVGeZrpB+ZtG/Pdy/POw==
+    dependencies:
+      regenerator-runtime "^0.13.11"
+  
+  "@babel/template@^7.18.10", "@babel/template@^7.20.7", "@babel/template@^7.22.15":
+    version "7.22.15"
+    resolved "https://registry.npmjs.org/@babel/template/-/template-7.22.15.tgz"
+    integrity sha512-QPErUVm4uyJa60rkI73qneDacvdvzxshT3kksGqlGWYdOTIUOwJ7RDUL8sGqslY1uXWSL6xMFKEXDS3ox2uF0w==
+    dependencies:
+      "@babel/code-frame" "^7.22.13"
+      "@babel/parser" "^7.22.15"
+      "@babel/types" "^7.22.15"
+  
+  "@babel/traverse@^7.20.5", "@babel/traverse@^7.20.7", "@babel/traverse@^7.21.0", "@babel/traverse@^7.21.2", "@babel/traverse@^7.21.4":
+    version "7.23.2"
+    resolved "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.2.tgz"
+    integrity sha512-azpe59SQ48qG6nu2CzcMLbxUudtN+dOM9kDbUqGq3HXUJRlo7i8fvPoxQUzYgLZ4cMVmuZgm8vvBpNeRhd6XSw==
+    dependencies:
+      "@babel/code-frame" "^7.22.13"
+      "@babel/generator" "^7.23.0"
+      "@babel/helper-environment-visitor" "^7.22.20"
+      "@babel/helper-function-name" "^7.23.0"
+      "@babel/helper-hoist-variables" "^7.22.5"
+      "@babel/helper-split-export-declaration" "^7.22.6"
+      "@babel/parser" "^7.23.0"
+      "@babel/types" "^7.23.0"
+      debug "^4.1.0"
+      globals "^11.1.0"
+  
+  "@babel/types@^7.0.0", "@babel/types@^7.18.6", "@babel/types@^7.18.9", "@babel/types@^7.20.0", "@babel/types@^7.20.2", "@babel/types@^7.20.5", "@babel/types@^7.20.7", "@babel/types@^7.21.0", "@babel/types@^7.21.2", "@babel/types@^7.21.4", "@babel/types@^7.22.15", "@babel/types@^7.22.5", "@babel/types@^7.23.0", "@babel/types@^7.3.0", "@babel/types@^7.4.4":
+    version "7.23.0"
+    resolved "https://registry.npmjs.org/@babel/types/-/types-7.23.0.tgz"
+    integrity sha512-0oIyUfKoI3mSqMvsxBdclDwxXKXAUA8v/apZbc+iSyARYou1o8ZGDxbUYyLFoW2arqS2jDGqJuZvv1d/io1axg==
+    dependencies:
+      "@babel/helper-string-parser" "^7.22.5"
+      "@babel/helper-validator-identifier" "^7.22.20"
+      to-fast-properties "^2.0.0"
+  
+  "@braintree/asset-loader@0.4.4":
+    version "0.4.4"
+    resolved "https://registry.npmjs.org/@braintree/asset-loader/-/asset-loader-0.4.4.tgz"
+    integrity sha512-uVhXC5dydmngmNVuDiKgfXSlz4kv4x5ytIJodI8N5SY16mRh13m/UmbQ7yH+o8DQqp50qPZ45MUHIZkXKPg85w==
+    dependencies:
+      promise-polyfill "^8.1.3"
+  
+  "@braintree/browser-detection@^1.12.1", "@braintree/browser-detection@1.14.0":
+    version "1.14.0"
+    resolved "https://registry.npmjs.org/@braintree/browser-detection/-/browser-detection-1.14.0.tgz"
+    integrity sha512-OsqU+28RhNvSw8Y5JEiUHUrAyn4OpYazFkjSJe8ZVZfkAaRXQc6hsV38MMEpIlkPMig+A68buk/diY+0O8/dMQ==
+  
+  "@braintree/class-list@0.2.0":
+    version "0.2.0"
+    resolved "https://registry.npmjs.org/@braintree/class-list/-/class-list-0.2.0.tgz"
+    integrity sha512-iLXJT51jnBFuGvyTAQqZ2uwyEVwdyapyz52F5MK1Uoh2ZOiPJ5hoqI0wncyCP2KfqrgyCpOkkEaLMLb/94unGA==
+  
+  "@braintree/event-emitter@0.4.1":
+    version "0.4.1"
+    resolved "https://registry.npmjs.org/@braintree/event-emitter/-/event-emitter-0.4.1.tgz"
+    integrity sha512-X41357O3OXUDlnwMvS1m0GQEn3zB3s3flOBeg2J5OBvLvdJEIAVpPkblABPtsPrlciDSvfv1aSG5ixHPgFH0Zg==
+  
+  "@braintree/extended-promise@0.4.1":
+    version "0.4.1"
+    resolved "https://registry.npmjs.org/@braintree/extended-promise/-/extended-promise-0.4.1.tgz"
+    integrity sha512-00n7m4z+swWHoFQLHLvrIBIEoxnGUBsl3ogvX79ITpcn8CHczDwtxYy5+RhMoAraRdfN3oB+8QIpN3KOxs2Q7w==
+  
+  "@braintree/iframer@1.1.0":
+    version "1.1.0"
+    resolved "https://registry.npmjs.org/@braintree/iframer/-/iframer-1.1.0.tgz"
+    integrity sha512-tVpr7U6u6bqeQlHreEjYMNtnHX62vLnNWziY2kQLqkWhvusPuY5DfuGEIPpWqsd+V/a1slyTQaxK6HWTlH6A/Q==
+  
+  "@braintree/sanitize-url@6.0.2":
+    version "6.0.2"
+    resolved "https://registry.npmjs.org/@braintree/sanitize-url/-/sanitize-url-6.0.2.tgz"
+    integrity sha512-Tbsj02wXCbqGmzdnXNk0SOF19ChhRU70BsroIi4Pm6Ehp56in6vch94mfbdQ17DozxkL3BAVjbZ4Qc1a0HFRAg==
+  
+  "@braintree/uuid@^0.1.0", "@braintree/uuid@0.1.0":
+    version "0.1.0"
+    resolved "https://registry.npmjs.org/@braintree/uuid/-/uuid-0.1.0.tgz"
+    integrity sha512-YvZJdlNcK5EnR+7M8AjgEAf4Qx696+FOSYlPfy5ePn80vODtVAUU0FxHnzKZC0og1VbDNQDDiwhthR65D4Na0g==
+  
+  "@braintree/wrap-promise@2.1.0":
+    version "2.1.0"
+    resolved "https://registry.npmjs.org/@braintree/wrap-promise/-/wrap-promise-2.1.0.tgz"
+    integrity sha512-UIrJB+AfKU0CCfbMoWrsGpd2D/hBpY/SGgFI6WRHPOwhaZ3g9rz1weiJ6eb6L9KgVyunT7s2tckcPkbHw+NzeA==
+  
+  "@colors/colors@1.5.0":
+    version "1.5.0"
+    resolved "https://registry.npmjs.org/@colors/colors/-/colors-1.5.0.tgz"
+    integrity sha512-ooWCrlZP11i8GImSjTHYHLkvFDP48nS4+204nGb1RiX/WXYHmJA2III9/e2DWVabCESdW7hBAEzHRqUn9OUVvQ==
+  
+  "@discoveryjs/json-ext@^0.5.0":
+    version "0.5.7"
+    resolved "https://registry.npmjs.org/@discoveryjs/json-ext/-/json-ext-0.5.7.tgz"
+    integrity sha512-dBVuXR082gk3jsFp7Rd/JI4kytwGHecnCoTtXFb7DB6CNHp4rg5k1bhg0nWdLGLnOV71lmDzGQaLMy8iPLY0pw==
+  
+  "@getalby/bitcoin-connect@^3.2.1":
+    version "3.2.1"
+    resolved "https://registry.npmjs.org/@getalby/bitcoin-connect/-/bitcoin-connect-3.2.1.tgz"
+    integrity sha512-mpfiqcPVSvWtAD/dDSb6iRHf2JE7BxoD7NDTN6/+2fmL9CzWPCZ+nxUl9WN9+hdM2d6q1zdAqWHm2SLhCrYJsQ==
+    dependencies:
+      "@getalby/lightning-tools" "^5.0.1"
+      "@getalby/sdk" "^3.2.3"
+      "@lightninglabs/lnc-web" "^0.2.8-alpha"
+      qrcode-generator "^1.4.4"
+      zustand "^4.4.7"
+  
+  "@getalby/lightning-tools@^5.0.1":
+    version "5.0.1"
+    resolved "https://registry.npmjs.org/@getalby/lightning-tools/-/lightning-tools-5.0.1.tgz"
+    integrity sha512-xoBfBYMQrJqwryU9fAYGIW6dzWRpdsAw8rroqTROba2bHdYT0ZvGnt4tjqXUhRswopR2X+wp1QeeWHZNL9A0Kg==
+  
+  "@getalby/sdk@^3.2.3":
+    version "3.2.3"
+    resolved "https://registry.npmjs.org/@getalby/sdk/-/sdk-3.2.3.tgz"
+    integrity sha512-8eIqg1vEH2CdkNoHsIlL5q2bKLvLR+XiSWK2RQnTAB+Z0CNlVW2jRM8JxxeubHnKBDTiBrBMkPqBIAhQqc8now==
+    dependencies:
+      events "^3.3.0"
+      nostr-tools "^1.17.0"
+  
+  "@jridgewell/gen-mapping@^0.1.0":
+    version "0.1.1"
+    resolved "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.1.1.tgz"
+    integrity sha512-sQXCasFk+U8lWYEe66WxRDOE9PjVz4vSM51fTu3Hw+ClTpUSQb718772vH3pyS5pShp6lvQM7SxgIDXXXmOX7w==
+    dependencies:
+      "@jridgewell/set-array" "^1.0.0"
+      "@jridgewell/sourcemap-codec" "^1.4.10"
+  
+  "@jridgewell/gen-mapping@^0.3.0":
+    version "0.3.2"
+    resolved "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.2.tgz"
+    integrity sha512-mh65xKQAzI6iBcFzwv28KVWSmCkdRBWoOh+bYQGW3+6OZvbbN3TqMGo5hqYxQniRcH9F2VZIoJCm4pa3BPDK/A==
+    dependencies:
+      "@jridgewell/set-array" "^1.0.1"
+      "@jridgewell/sourcemap-codec" "^1.4.10"
+      "@jridgewell/trace-mapping" "^0.3.9"
+  
+  "@jridgewell/gen-mapping@^0.3.2":
+    version "0.3.2"
+    resolved "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.2.tgz"
+    integrity sha512-mh65xKQAzI6iBcFzwv28KVWSmCkdRBWoOh+bYQGW3+6OZvbbN3TqMGo5hqYxQniRcH9F2VZIoJCm4pa3BPDK/A==
+    dependencies:
+      "@jridgewell/set-array" "^1.0.1"
+      "@jridgewell/sourcemap-codec" "^1.4.10"
+      "@jridgewell/trace-mapping" "^0.3.9"
+  
+  "@jridgewell/resolve-uri@3.1.0":
+    version "3.1.0"
+    resolved "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz"
+    integrity sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w==
+  
+  "@jridgewell/set-array@^1.0.0", "@jridgewell/set-array@^1.0.1":
+    version "1.1.2"
+    resolved "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.1.2.tgz"
+    integrity sha512-xnkseuNADM0gt2bs+BvhO0p78Mk762YnZdsuzFV018NoG1Sj1SCQvpSqa7XUaTam5vAGasABV9qXASMKnFMwMw==
+  
+  "@jridgewell/source-map@^0.3.2":
+    version "0.3.2"
+    resolved "https://registry.npmjs.org/@jridgewell/source-map/-/source-map-0.3.2.tgz"
+    integrity sha512-m7O9o2uR8k2ObDysZYzdfhb08VuEml5oWGiosa1VdaPZ/A6QyPkAJuwN0Q1lhULOf6B7MtQmHENS743hWtCrgw==
+    dependencies:
+      "@jridgewell/gen-mapping" "^0.3.0"
+      "@jridgewell/trace-mapping" "^0.3.9"
+  
+  "@jridgewell/sourcemap-codec@^1.4.10", "@jridgewell/sourcemap-codec@1.4.14":
+    version "1.4.14"
+    resolved "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz"
+    integrity sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==
+  
+  "@jridgewell/trace-mapping@^0.3.17", "@jridgewell/trace-mapping@^0.3.9":
+    version "0.3.17"
+    resolved "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.17.tgz"
+    integrity sha512-MCNzAp77qzKca9+W/+I0+sEpaUnZoeasnghNeVc41VZCEKaCH73Vq3BZZ/SzWIgrqE4H4ceI+p+b6C0mHf9T4g==
+    dependencies:
+      "@jridgewell/resolve-uri" "3.1.0"
+      "@jridgewell/sourcemap-codec" "1.4.14"
+  
+  "@leichtgewicht/ip-codec@^2.0.1":
+    version "2.0.4"
+    resolved "https://registry.npmjs.org/@leichtgewicht/ip-codec/-/ip-codec-2.0.4.tgz"
+    integrity sha512-Hcv+nVC0kZnQ3tD9GVu5xSMR4VVYOteQIr/hwFPVEvPdlXqgGEuRjiheChHgdM+JyqdgNcmzZOX/tnl0JOiI7A==
+  
+  "@lightninglabs/lnc-core@0.2.8-alpha":
+    version "0.2.8-alpha"
+    resolved "https://registry.npmjs.org/@lightninglabs/lnc-core/-/lnc-core-0.2.8-alpha.tgz"
+    integrity sha512-2tHzmklIiQhJiK1aabX0R2AbbWi0mizWgniCUOb573XToYQN7L61Phh+hWUCxIFfAhHCkp2mnSmX+7eT/ikxOg==
+  
+  "@lightninglabs/lnc-web@^0.2.8-alpha":
+    version "0.2.8-alpha"
+    resolved "https://registry.npmjs.org/@lightninglabs/lnc-web/-/lnc-web-0.2.8-alpha.tgz"
+    integrity sha512-Pe0Moupd7mglbvbVZk7GqPNxa/4lFFWWsnYtiSahzjhNCmTaoQkk/gUY8kk1u5mHaqUmrL1YgLCLsmbGbWPV/g==
+    dependencies:
+      "@lightninglabs/lnc-core" "0.2.8-alpha"
+      crypto-js "4.1.1"
+  
+  "@noble/ciphers@0.2.0":
+    version "0.2.0"
+    resolved "https://registry.npmjs.org/@noble/ciphers/-/ciphers-0.2.0.tgz"
+    integrity sha512-6YBxJDAapHSdd3bLDv6x2wRPwq4QFMUaB3HvljNBUTThDd12eSm7/3F+2lnfzx2jvM+S6Nsy0jEt9QbPqSwqRw==
+  
+  "@noble/curves@~1.1.0", "@noble/curves@1.1.0":
+    version "1.1.0"
+    resolved "https://registry.npmjs.org/@noble/curves/-/curves-1.1.0.tgz"
+    integrity sha512-091oBExgENk/kGj3AZmtBDMpxQPDtxQABR2B9lb1JbVTs6ytdzZNwvhxQ4MWasRNEzlbEH8jCWFCwhF/Obj5AA==
+    dependencies:
+      "@noble/hashes" "1.3.1"
+  
+  "@noble/hashes@~1.3.0", "@noble/hashes@~1.3.1", "@noble/hashes@1.3.1":
+    version "1.3.1"
+    resolved "https://registry.npmjs.org/@noble/hashes/-/hashes-1.3.1.tgz"
+    integrity sha512-EbqwksQwz9xDRGfDST86whPBgM65E0OH/pCgqW0GBVzO22bNE+NuIbeTb714+IfSjU3aRk47EUvXIb5bTsenKA==
+  
+  "@nodelib/fs.scandir@2.1.5":
+    version "2.1.5"
+    resolved "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz"
+    integrity sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==
+    dependencies:
+      "@nodelib/fs.stat" "2.0.5"
+      run-parallel "^1.1.9"
+  
+  "@nodelib/fs.stat@^2.0.2", "@nodelib/fs.stat@2.0.5":
+    version "2.0.5"
+    resolved "https://registry.npmjs.org/@nodelib/fs.stat/-/fs.stat-2.0.5.tgz"
+    integrity sha512-RkhPPp2zrqDAQA/2jNhnztcPAlv64XdhIp7a7454A5ovI7Bukxgt7MX7udwAu3zg1DcpPU0rz3VV1SeaqvY4+A==
+  
+  "@nodelib/fs.walk@^1.2.3":
+    version "1.2.8"
+    resolved "https://registry.npmjs.org/@nodelib/fs.walk/-/fs.walk-1.2.8.tgz"
+    integrity sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg==
+    dependencies:
+      "@nodelib/fs.scandir" "2.1.5"
+      fastq "^1.6.0"
+  
+  "@paypal/sdk-constants@^1.0.64":
+    version "1.0.102"
+    resolved "https://registry.npmjs.org/@paypal/sdk-constants/-/sdk-constants-1.0.102.tgz"
+    integrity sha512-lRPHead3ezyiWACNVoBbJCramQ4ud5PaQo7cFpDRIOWVl6r/gSS+pYjmu00N6ifMbzgogo84kReQjPiCjMjRQQ==
+    dependencies:
+      cross-domain-utils "^2.0.10"
+      hi-base32 "^0.5.0"
+      zalgo-promise "^1.0.28"
+  
+  "@scure/base@~1.1.0", "@scure/base@1.1.1":
+    version "1.1.1"
+    resolved "https://registry.npmjs.org/@scure/base/-/base-1.1.1.tgz"
+    integrity sha512-ZxOhsSyxYwLJj3pLZCefNitxsj093tb2vq90mp2txoYeBqbcjDjqFhyM8eUjq/uFm6zJ+mUuqxlS2FkuSY1MTA==
+  
+  "@scure/bip32@1.3.1":
+    version "1.3.1"
+    resolved "https://registry.npmjs.org/@scure/bip32/-/bip32-1.3.1.tgz"
+    integrity sha512-osvveYtyzdEVbt3OfwwXFr4P2iVBL5u1Q3q4ONBfDY/UpOuXmOlbgwc1xECEboY8wIays8Yt6onaWMUdUbfl0A==
+    dependencies:
+      "@noble/curves" "~1.1.0"
+      "@noble/hashes" "~1.3.1"
+      "@scure/base" "~1.1.0"
+  
+  "@scure/bip39@1.2.1":
+    version "1.2.1"
+    resolved "https://registry.npmjs.org/@scure/bip39/-/bip39-1.2.1.tgz"
+    integrity sha512-Z3/Fsz1yr904dduJD0NpiyRHhRYHdcnyh73FZWiV+/qhWi83wNJ3NWolYqCEN+ZWsUz2TWwajJggcRE9r1zUYg==
+    dependencies:
+      "@noble/hashes" "~1.3.0"
+      "@scure/base" "~1.1.0"
+  
+  "@trysound/sax@0.2.0":
+    version "0.2.0"
+    resolved "https://registry.npmjs.org/@trysound/sax/-/sax-0.2.0.tgz"
+    integrity sha512-L7z9BgrNEcYyUYtF+HaEfiS5ebkh9jXqbszz7pC0hRBPaatV0XjSD3+eHrpqFemQfgwiFF0QPIarnIihIDn7OA==
+  
+  "@types/babel__core@^7.1.16":
+    version "7.20.0"
+    resolved "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.0.tgz"
+    integrity sha512-+n8dL/9GWblDO0iU6eZAwEIJVr5DWigtle+Q6HLOrh/pdbXOhOtqzq8VPPE2zvNJzSKY4vH/z3iT3tn0A3ypiQ==
+    dependencies:
+      "@babel/parser" "^7.20.7"
+      "@babel/types" "^7.20.7"
+      "@types/babel__generator" "*"
+      "@types/babel__template" "*"
+      "@types/babel__traverse" "*"
+  
+  "@types/babel__generator@*":
+    version "7.6.4"
+    resolved "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.4.tgz"
+    integrity sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg==
+    dependencies:
+      "@babel/types" "^7.0.0"
+  
+  "@types/babel__template@*":
+    version "7.4.1"
+    resolved "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.1.tgz"
+    integrity sha512-azBFKemX6kMg5Io+/rdGT0dkGreboUVR0Cdm3fz9QJWpaQGJRQXl7C+6hOTCZcMll7KFyEQpgbYI2lHdsS4U7g==
+    dependencies:
+      "@babel/parser" "^7.1.0"
+      "@babel/types" "^7.0.0"
+  
+  "@types/babel__traverse@*":
+    version "7.18.3"
+    resolved "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.18.3.tgz"
+    integrity sha512-1kbcJ40lLB7MHsj39U4Sh1uTd2E7rLEa79kmDpI6cy+XiXsteB3POdQomoq4FxszMrO3ZYchkhYJw7A2862b3w==
+    dependencies:
+      "@babel/types" "^7.3.0"
+  
+  "@types/body-parser@*":
+    version "1.19.2"
+    resolved "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.2.tgz"
+    integrity sha512-ALYone6pm6QmwZoAgeyNksccT9Q4AWZQ6PvfwR37GT6r6FWUPguq6sUmNGSMV2Wr761oQoBxwGGa6DR5o1DC9g==
+    dependencies:
+      "@types/connect" "*"
+      "@types/node" "*"
+  
+  "@types/bonjour@^3.5.9":
+    version "3.5.10"
+    resolved "https://registry.npmjs.org/@types/bonjour/-/bonjour-3.5.10.tgz"
+    integrity sha512-p7ienRMiS41Nu2/igbJxxLDWrSZ0WxM8UQgCeO9KhoVF7cOVFkrKsiDr1EsJIla8vV3oEEjGcz11jc5yimhzZw==
+    dependencies:
+      "@types/node" "*"
+  
+  "@types/clean-css@^4.2.5":
+    version "4.2.6"
+    resolved "https://registry.npmjs.org/@types/clean-css/-/clean-css-4.2.6.tgz"
+    integrity sha512-Ze1tf+LnGPmG6hBFMi0B4TEB0mhF7EiMM5oyjLDNPE9hxrPU0W+5+bHvO+eFPA+bt0iC1zkQMoU/iGdRVjcRbw==
+    dependencies:
+      "@types/node" "*"
+      source-map "^0.6.0"
+  
+  "@types/connect-history-api-fallback@^1.3.5":
+    version "1.3.5"
+    resolved "https://registry.npmjs.org/@types/connect-history-api-fallback/-/connect-history-api-fallback-1.3.5.tgz"
+    integrity sha512-h8QJa8xSb1WD4fpKBDcATDNGXghFj6/3GRWG6dhmRcu0RX1Ubasur2Uvx5aeEwlf0MwblEC2bMzzMQntxnw/Cw==
+    dependencies:
+      "@types/express-serve-static-core" "*"
+      "@types/node" "*"
+  
+  "@types/connect@*":
+    version "3.4.35"
+    resolved "https://registry.npmjs.org/@types/connect/-/connect-3.4.35.tgz"
+    integrity sha512-cdeYyv4KWoEgpBISTxWvqYsVy444DOqehiF3fM3ne10AmJ62RSyNkUnxMJXHQWRQQX2eR94m5y1IZyDwBjV9FQ==
+    dependencies:
+      "@types/node" "*"
+  
+  "@types/eslint-scope@^3.7.3":
+    version "3.7.4"
+    resolved "https://registry.npmjs.org/@types/eslint-scope/-/eslint-scope-3.7.4.tgz"
+    integrity sha512-9K4zoImiZc3HlIp6AVUDE4CWYx22a+lhSZMYNpbjW04+YF0KWj4pJXnEMjdnFTiQibFFmElcsasJXDbdI/EPhA==
+    dependencies:
+      "@types/eslint" "*"
+      "@types/estree" "*"
+  
+  "@types/eslint@*":
+    version "8.37.0"
+    resolved "https://registry.npmjs.org/@types/eslint/-/eslint-8.37.0.tgz"
+    integrity sha512-Piet7dG2JBuDIfohBngQ3rCt7MgO9xCO4xIMKxBThCq5PNRB91IjlJ10eJVwfoNtvTErmxLzwBZ7rHZtbOMmFQ==
+    dependencies:
+      "@types/estree" "*"
+      "@types/json-schema" "*"
+  
+  "@types/estree@*", "@types/estree@^1.0.0":
+    version "1.0.5"
+    resolved "https://registry.npmjs.org/@types/estree/-/estree-1.0.5.tgz"
+    integrity sha512-/kYRxGDLWzHOB7q+wtSUQlFrtcdUccpfy+X+9iMBpHK8QLLhx2wIPYuS5DYtR9Wa/YlZAbIovy7qVdB1Aq6Lyw==
+  
+  "@types/express-serve-static-core@*", "@types/express-serve-static-core@^4.17.33":
+    version "4.17.33"
+    resolved "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.33.tgz"
+    integrity sha512-TPBqmR/HRYI3eC2E5hmiivIzv+bidAfXofM+sbonAGvyDhySGw9/PQZFt2BLOrjUUR++4eJVpx6KnLQK1Fk9tA==
+    dependencies:
+      "@types/node" "*"
+      "@types/qs" "*"
+      "@types/range-parser" "*"
+  
+  "@types/express@*", "@types/express@^4.17.13":
+    version "4.17.17"
+    resolved "https://registry.npmjs.org/@types/express/-/express-4.17.17.tgz"
+    integrity sha512-Q4FmmuLGBG58btUnfS1c1r/NQdlp3DMfGDGig8WhfpA2YRUtEkxAjkZb0yvplJGYdF1fsQ81iMDcH24sSCNC/Q==
+    dependencies:
+      "@types/body-parser" "*"
+      "@types/express-serve-static-core" "^4.17.33"
+      "@types/qs" "*"
+      "@types/serve-static" "*"
+  
+  "@types/glob@^7.1.1":
+    version "7.2.0"
+    resolved "https://registry.npmjs.org/@types/glob/-/glob-7.2.0.tgz"
+    integrity sha512-ZUxbzKl0IfJILTS6t7ip5fQQM/J3TJYubDm3nMbgubNNYS62eXeUpoLUC8/7fJNiFYHTrGPQn7hspDUzIHX3UA==
+    dependencies:
+      "@types/minimatch" "*"
+      "@types/node" "*"
+  
+  "@types/http-proxy@^1.17.8":
+    version "1.17.10"
+    resolved "https://registry.npmjs.org/@types/http-proxy/-/http-proxy-1.17.10.tgz"
+    integrity sha512-Qs5aULi+zV1bwKAg5z1PWnDXWmsn+LxIvUGv6E2+OOMYhclZMO+OXd9pYVf2gLykf2I7IV2u7oTHwChPNsvJ7g==
+    dependencies:
+      "@types/node" "*"
+  
+  "@types/imagemin-gifsicle@^7.0.1":
+    version "7.0.1"
+    resolved "https://registry.npmjs.org/@types/imagemin-gifsicle/-/imagemin-gifsicle-7.0.1.tgz"
+    integrity sha512-kUz6sUh0P95JOS0RGEaaemWUrASuw+dLsWIveK2UZJx74id/B9epgblMkCk/r5MjUWbZ83wFvacG5Rb/f97gyA==
+    dependencies:
+      "@types/imagemin" "*"
+  
+  "@types/imagemin-mozjpeg@^8.0.1":
+    version "8.0.1"
+    resolved "https://registry.npmjs.org/@types/imagemin-mozjpeg/-/imagemin-mozjpeg-8.0.1.tgz"
+    integrity sha512-kMQWEoKxxhlnH4POI3qfW9DjXlQfi80ux3l2b3j5R3eudSCoUIzKQLkfMjNJ6eMYnMWBcB+rfQOWqIzdIwFGKw==
+    dependencies:
+      "@types/imagemin" "*"
+  
+  "@types/imagemin-optipng@^5.2.1":
+    version "5.2.1"
+    resolved "https://registry.npmjs.org/@types/imagemin-optipng/-/imagemin-optipng-5.2.1.tgz"
+    integrity sha512-XCM/3q+HUL7v4zOqMI+dJ5dTxT+MUukY9KU49DSnYb/4yWtSMHJyADP+WHSMVzTR63J2ZvfUOzSilzBNEQW78g==
+    dependencies:
+      "@types/imagemin" "*"
+  
+  "@types/imagemin-svgo@^8.0.0":
+    version "8.0.1"
+    resolved "https://registry.npmjs.org/@types/imagemin-svgo/-/imagemin-svgo-8.0.1.tgz"
+    integrity sha512-YafkdrVAcr38U0Ln1C+L1n4SIZqC47VBHTyxCq7gTUSd1R9MdIvMcrljWlgU1M9O68WZDeQWUrKipKYfEOCOvQ==
+    dependencies:
+      "@types/imagemin" "*"
+      "@types/svgo" "^1"
+  
+  "@types/imagemin@*":
+    version "8.0.1"
+    resolved "https://registry.npmjs.org/@types/imagemin/-/imagemin-8.0.1.tgz"
+    integrity sha512-DSpM//dRPzme7doePGkmR1uoquHi0h0ElaA5qFnxHECfFcB8z/jhMI8eqmxWNpHn9ZG18p4PC918sZLhR0cr5A==
+    dependencies:
+      "@types/node" "*"
+  
+  "@types/json-schema@*", "@types/json-schema@^7.0.5", "@types/json-schema@^7.0.8", "@types/json-schema@^7.0.9":
+    version "7.0.11"
+    resolved "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.11.tgz"
+    integrity sha512-wOuvG1SN4Us4rez+tylwwwCV1psiNVOkJeM3AUWUNWg/jDQY2+HE/444y5gc+jBmRqASOm2Oeh5c1axHobwRKQ==
+  
+  "@types/mime@*":
+    version "3.0.1"
+    resolved "https://registry.npmjs.org/@types/mime/-/mime-3.0.1.tgz"
+    integrity sha512-Y4XFY5VJAuw0FgAqPNd6NNoV44jbq9Bz2L7Rh/J6jLTiHBSBJa9fxqQIvkIld4GsoDOcCbvzOUAbLPsSKKg+uA==
+  
+  "@types/minimatch@*":
+    version "5.1.2"
+    resolved "https://registry.npmjs.org/@types/minimatch/-/minimatch-5.1.2.tgz"
+    integrity sha512-K0VQKziLUWkVKiRVrx4a40iPaxTUefQmjtkQofBkYRcoaaL/8rhwDWww9qWbrgicNOgnpIsMxyNIUM4+n6dUIA==
+  
+  "@types/node@*":
+    version "18.15.11"
+    resolved "https://registry.npmjs.org/@types/node/-/node-18.15.11.tgz"
+    integrity sha512-E5Kwq2n4SbMzQOn6wnmBjuK9ouqlURrcZDVfbo9ftDDTFt3nk7ZKK4GMOzoYgnpQJKcxwQw+lGaBvvlMo0qN/Q==
+  
+  "@types/parse-json@^4.0.0":
+    version "4.0.0"
+    resolved "https://registry.npmjs.org/@types/parse-json/-/parse-json-4.0.0.tgz"
+    integrity sha512-//oorEZjL6sbPcKUaCdIGlIUeH26mgzimjBB77G6XRgnDl/L5wOnpyBGRe/Mmf5CVW3PwEBE1NjiMZ/ssFh4wA==
+  
+  "@types/qs@*":
+    version "6.9.7"
+    resolved "https://registry.npmjs.org/@types/qs/-/qs-6.9.7.tgz"
+    integrity sha512-FGa1F62FT09qcrueBA6qYTrJPVDzah9a+493+o2PCXsesWHIn27G98TsSMs3WPNbZIEj4+VJf6saSFpvD+3Zsw==
+  
+  "@types/range-parser@*":
+    version "1.2.4"
+    resolved "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.4.tgz"
+    integrity sha512-EEhsLsD6UsDM1yFhAvy0Cjr6VwmpMWqFBCb9w07wVugF7w9nfajxLuVmngTIpgS6svCnm6Vaw+MZhoDCKnOfsw==
+  
+  "@types/retry@0.12.0":
+    version "0.12.0"
+    resolved "https://registry.npmjs.org/@types/retry/-/retry-0.12.0.tgz"
+    integrity sha512-wWKOClTTiizcZhXnPY4wikVAwmdYHp8q6DmC+EJUzAMsycb7HB32Kh9RN4+0gExjmPmZSAQjgURXIGATPegAvA==
+  
+  "@types/serve-index@^1.9.1":
+    version "1.9.1"
+    resolved "https://registry.npmjs.org/@types/serve-index/-/serve-index-1.9.1.tgz"
+    integrity sha512-d/Hs3nWDxNL2xAczmOVZNj92YZCS6RGxfBPjKzuu/XirCgXdpKEb88dYNbrYGint6IVWLNP+yonwVAuRC0T2Dg==
+    dependencies:
+      "@types/express" "*"
+  
+  "@types/serve-static@*", "@types/serve-static@^1.13.10":
+    version "1.15.1"
+    resolved "https://registry.npmjs.org/@types/serve-static/-/serve-static-1.15.1.tgz"
+    integrity sha512-NUo5XNiAdULrJENtJXZZ3fHtfMolzZwczzBbnAeBbqBwG+LaG6YaJtuwzwGSQZ2wsCrxjEhNNjAkKigy3n8teQ==
+    dependencies:
+      "@types/mime" "*"
+      "@types/node" "*"
+  
+  "@types/sockjs@^0.3.33":
+    version "0.3.33"
+    resolved "https://registry.npmjs.org/@types/sockjs/-/sockjs-0.3.33.tgz"
+    integrity sha512-f0KEEe05NvUnat+boPTZ0dgaLZ4SfSouXUgv5noUiefG2ajgKjmETo9ZJyuqsl7dfl2aHlLJUiki6B4ZYldiiw==
+    dependencies:
+      "@types/node" "*"
+  
+  "@types/svgo@^1":
+    version "1.3.6"
+    resolved "https://registry.npmjs.org/@types/svgo/-/svgo-1.3.6.tgz"
+    integrity sha512-AZU7vQcy/4WFEuwnwsNsJnFwupIpbllH1++LXScN6uxT1Z4zPzdrWG97w4/I7eFKFTvfy/bHFStWjdBAg2Vjug==
+  
+  "@types/ws@^8.5.1":
+    version "8.5.4"
+    resolved "https://registry.npmjs.org/@types/ws/-/ws-8.5.4.tgz"
+    integrity sha512-zdQDHKUgcX/zBc4GrwsE/7dVdAD8JR4EuiAXiiUhhfyIJXXb2+PrGshFyeXWQPMmmZ2XxgaqclgpIC7eTXc1mg==
+    dependencies:
+      "@types/node" "*"
+  
+  "@vue/compat@^3.2.47":
+    version "3.2.47"
+    resolved "https://registry.npmjs.org/@vue/compat/-/compat-3.2.47.tgz"
+    integrity sha512-spULbnhceN3fIGYRRgq75RPRqsakfUV0tyZ4zTweOB48bWtwHUn677exg8/58uLOBc1F5B5lXTD5qf7epqpTuw==
+    dependencies:
+      "@babel/parser" "^7.16.4"
+      estree-walker "^2.0.2"
+      source-map "^0.6.1"
+  
+  "@vue/compiler-core@3.2.47":
+    version "3.2.47"
+    resolved "https://registry.npmjs.org/@vue/compiler-core/-/compiler-core-3.2.47.tgz"
+    integrity sha512-p4D7FDnQb7+YJmO2iPEv0SQNeNzcbHdGByJDsT4lynf63AFkOTFN07HsiRSvjGo0QrxR/o3d0hUyNCUnBU2Tig==
+    dependencies:
+      "@babel/parser" "^7.16.4"
+      "@vue/shared" "3.2.47"
+      estree-walker "^2.0.2"
+      source-map "^0.6.1"
+  
+  "@vue/compiler-dom@3.2.47":
+    version "3.2.47"
+    resolved "https://registry.npmjs.org/@vue/compiler-dom/-/compiler-dom-3.2.47.tgz"
+    integrity sha512-dBBnEHEPoftUiS03a4ggEig74J2YBZ2UIeyfpcRM2tavgMWo4bsEfgCGsu+uJIL/vax9S+JztH8NmQerUo7shQ==
+    dependencies:
+      "@vue/compiler-core" "3.2.47"
+      "@vue/shared" "3.2.47"
+  
+  "@vue/compiler-sfc@^3.2.47", "@vue/compiler-sfc@3.2.47":
+    version "3.2.47"
+    resolved "https://registry.npmjs.org/@vue/compiler-sfc/-/compiler-sfc-3.2.47.tgz"
+    integrity sha512-rog05W+2IFfxjMcFw10tM9+f7i/+FFpZJJ5XHX72NP9eC2uRD+42M3pYcQqDXVYoj74kHMSEdQ/WmCjt8JFksQ==
+    dependencies:
+      "@babel/parser" "^7.16.4"
+      "@vue/compiler-core" "3.2.47"
+      "@vue/compiler-dom" "3.2.47"
+      "@vue/compiler-ssr" "3.2.47"
+      "@vue/reactivity-transform" "3.2.47"
+      "@vue/shared" "3.2.47"
+      estree-walker "^2.0.2"
+      magic-string "^0.25.7"
+      postcss "^8.1.10"
+      source-map "^0.6.1"
+  
+  "@vue/compiler-ssr@3.2.47":
+    version "3.2.47"
+    resolved "https://registry.npmjs.org/@vue/compiler-ssr/-/compiler-ssr-3.2.47.tgz"
+    integrity sha512-wVXC+gszhulcMD8wpxMsqSOpvDZ6xKXSVWkf50Guf/S+28hTAXPDYRTbLQ3EDkOP5Xz/+SY37YiwDquKbJOgZw==
+    dependencies:
+      "@vue/compiler-dom" "3.2.47"
+      "@vue/shared" "3.2.47"
+  
+  "@vue/devtools-api@^6.0.0-beta.11", "@vue/devtools-api@^6.4.5":
+    version "6.5.0"
+    resolved "https://registry.npmjs.org/@vue/devtools-api/-/devtools-api-6.5.0.tgz"
+    integrity sha512-o9KfBeaBmCKl10usN4crU53fYtC1r7jJwdGKjPT24t348rHxgfpZ0xL3Xm/gLUYnc0oTp8LAmrxOeLyu6tbk2Q==
+  
+  "@vue/reactivity-transform@3.2.47":
+    version "3.2.47"
+    resolved "https://registry.npmjs.org/@vue/reactivity-transform/-/reactivity-transform-3.2.47.tgz"
+    integrity sha512-m8lGXw8rdnPVVIdIFhf0LeQ/ixyHkH5plYuS83yop5n7ggVJU+z5v0zecwEnX7fa7HNLBhh2qngJJkxpwEEmYA==
+    dependencies:
+      "@babel/parser" "^7.16.4"
+      "@vue/compiler-core" "3.2.47"
+      "@vue/shared" "3.2.47"
+      estree-walker "^2.0.2"
+      magic-string "^0.25.7"
+  
+  "@vue/reactivity@3.2.47":
+    version "3.2.47"
+    resolved "https://registry.npmjs.org/@vue/reactivity/-/reactivity-3.2.47.tgz"
+    integrity sha512-7khqQ/75oyyg+N/e+iwV6lpy1f5wq759NdlS1fpAhFXa8VeAIKGgk2E/C4VF59lx5b+Ezs5fpp/5WsRYXQiKxQ==
+    dependencies:
+      "@vue/shared" "3.2.47"
+  
+  "@vue/runtime-core@3.2.47":
+    version "3.2.47"
+    resolved "https://registry.npmjs.org/@vue/runtime-core/-/runtime-core-3.2.47.tgz"
+    integrity sha512-RZxbLQIRB/K0ev0K9FXhNbBzT32H9iRtYbaXb0ZIz2usLms/D55dJR2t6cIEUn6vyhS3ALNvNthI+Q95C+NOpA==
+    dependencies:
+      "@vue/reactivity" "3.2.47"
+      "@vue/shared" "3.2.47"
+  
+  "@vue/runtime-dom@3.2.47":
+    version "3.2.47"
+    resolved "https://registry.npmjs.org/@vue/runtime-dom/-/runtime-dom-3.2.47.tgz"
+    integrity sha512-ArXrFTjS6TsDei4qwNvgrdmHtD930KgSKGhS5M+j8QxXrDJYLqYw4RRcDy1bz1m1wMmb6j+zGLifdVHtkXA7gA==
+    dependencies:
+      "@vue/runtime-core" "3.2.47"
+      "@vue/shared" "3.2.47"
+      csstype "^2.6.8"
+  
+  "@vue/server-renderer@3.2.47":
+    version "3.2.47"
+    resolved "https://registry.npmjs.org/@vue/server-renderer/-/server-renderer-3.2.47.tgz"
+    integrity sha512-dN9gc1i8EvmP9RCzvneONXsKfBRgqFeFZLurmHOveL7oH6HiFXJw5OGu294n1nHc/HMgTy6LulU/tv5/A7f/LA==
+    dependencies:
+      "@vue/compiler-ssr" "3.2.47"
+      "@vue/shared" "3.2.47"
+  
+  "@vue/shared@3.2.47":
+    version "3.2.47"
+    resolved "https://registry.npmjs.org/@vue/shared/-/shared-3.2.47.tgz"
+    integrity sha512-BHGyyGN3Q97EZx0taMQ+OLNuZcW3d37ZEVmEAyeoA9ERdGvm9Irc/0Fua8SNyOtV1w6BS4q25wbMzJujO9HIfQ==
+  
+  "@webassemblyjs/ast@^1.11.5", "@webassemblyjs/ast@1.11.6":
+    version "1.11.6"
+    resolved "https://registry.npmjs.org/@webassemblyjs/ast/-/ast-1.11.6.tgz"
+    integrity sha512-IN1xI7PwOvLPgjcf180gC1bqn3q/QaOCwYUahIOhbYUu8KA/3tw2RT/T0Gidi1l7Hhj5D/INhJxiICObqpMu4Q==
+    dependencies:
+      "@webassemblyjs/helper-numbers" "1.11.6"
+      "@webassemblyjs/helper-wasm-bytecode" "1.11.6"
+  
+  "@webassemblyjs/floating-point-hex-parser@1.11.6":
+    version "1.11.6"
+    resolved "https://registry.npmjs.org/@webassemblyjs/floating-point-hex-parser/-/floating-point-hex-parser-1.11.6.tgz"
+    integrity sha512-ejAj9hfRJ2XMsNHk/v6Fu2dGS+i4UaXBXGemOfQ/JfQ6mdQg/WXtwleQRLLS4OvfDhv8rYnVwH27YJLMyYsxhw==
+  
+  "@webassemblyjs/helper-api-error@1.11.6":
+    version "1.11.6"
+    resolved "https://registry.npmjs.org/@webassemblyjs/helper-api-error/-/helper-api-error-1.11.6.tgz"
+    integrity sha512-o0YkoP4pVu4rN8aTJgAyj9hC2Sv5UlkzCHhxqWj8butaLvnpdc2jOwh4ewE6CX0txSfLn/UYaV/pheS2Txg//Q==
+  
+  "@webassemblyjs/helper-buffer@1.11.6":
+    version "1.11.6"
+    resolved "https://registry.npmjs.org/@webassemblyjs/helper-buffer/-/helper-buffer-1.11.6.tgz"
+    integrity sha512-z3nFzdcp1mb8nEOFFk8DrYLpHvhKC3grJD2ardfKOzmbmJvEf/tPIqCY+sNcwZIY8ZD7IkB2l7/pqhUhqm7hLA==
+  
+  "@webassemblyjs/helper-numbers@1.11.6":
+    version "1.11.6"
+    resolved "https://registry.npmjs.org/@webassemblyjs/helper-numbers/-/helper-numbers-1.11.6.tgz"
+    integrity sha512-vUIhZ8LZoIWHBohiEObxVm6hwP034jwmc9kuq5GdHZH0wiLVLIPcMCdpJzG4C11cHoQ25TFIQj9kaVADVX7N3g==
+    dependencies:
+      "@webassemblyjs/floating-point-hex-parser" "1.11.6"
+      "@webassemblyjs/helper-api-error" "1.11.6"
+      "@xtuc/long" "4.2.2"
+  
+  "@webassemblyjs/helper-wasm-bytecode@1.11.6":
+    version "1.11.6"
+    resolved "https://registry.npmjs.org/@webassemblyjs/helper-wasm-bytecode/-/helper-wasm-bytecode-1.11.6.tgz"
+    integrity sha512-sFFHKwcmBprO9e7Icf0+gddyWYDViL8bpPjJJl0WHxCdETktXdmtWLGVzoHbqUcY4Be1LkNfwTmXOJUFZYSJdA==
+  
+  "@webassemblyjs/helper-wasm-section@1.11.6":
+    version "1.11.6"
+    resolved "https://registry.npmjs.org/@webassemblyjs/helper-wasm-section/-/helper-wasm-section-1.11.6.tgz"
+    integrity sha512-LPpZbSOwTpEC2cgn4hTydySy1Ke+XEu+ETXuoyvuyezHO3Kjdu90KK95Sh9xTbmjrCsUwvWwCOQQNta37VrS9g==
+    dependencies:
+      "@webassemblyjs/ast" "1.11.6"
+      "@webassemblyjs/helper-buffer" "1.11.6"
+      "@webassemblyjs/helper-wasm-bytecode" "1.11.6"
+      "@webassemblyjs/wasm-gen" "1.11.6"
+  
+  "@webassemblyjs/ieee754@1.11.6":
+    version "1.11.6"
+    resolved "https://registry.npmjs.org/@webassemblyjs/ieee754/-/ieee754-1.11.6.tgz"
+    integrity sha512-LM4p2csPNvbij6U1f19v6WR56QZ8JcHg3QIJTlSwzFcmx6WSORicYj6I63f9yU1kEUtrpG+kjkiIAkevHpDXrg==
+    dependencies:
+      "@xtuc/ieee754" "^1.2.0"
+  
+  "@webassemblyjs/leb128@1.11.6":
+    version "1.11.6"
+    resolved "https://registry.npmjs.org/@webassemblyjs/leb128/-/leb128-1.11.6.tgz"
+    integrity sha512-m7a0FhE67DQXgouf1tbN5XQcdWoNgaAuoULHIfGFIEVKA6tu/edls6XnIlkmS6FrXAquJRPni3ZZKjw6FSPjPQ==
+    dependencies:
+      "@xtuc/long" "4.2.2"
+  
+  "@webassemblyjs/utf8@1.11.6":
+    version "1.11.6"
+    resolved "https://registry.npmjs.org/@webassemblyjs/utf8/-/utf8-1.11.6.tgz"
+    integrity sha512-vtXf2wTQ3+up9Zsg8sa2yWiQpzSsMyXj0qViVP6xKGCUT8p8YJ6HqI7l5eCnWx1T/FYdsv07HQs2wTFbbof/RA==
+  
+  "@webassemblyjs/wasm-edit@^1.11.5":
+    version "1.11.6"
+    resolved "https://registry.npmjs.org/@webassemblyjs/wasm-edit/-/wasm-edit-1.11.6.tgz"
+    integrity sha512-Ybn2I6fnfIGuCR+Faaz7YcvtBKxvoLV3Lebn1tM4o/IAJzmi9AWYIPWpyBfU8cC+JxAO57bk4+zdsTjJR+VTOw==
+    dependencies:
+      "@webassemblyjs/ast" "1.11.6"
+      "@webassemblyjs/helper-buffer" "1.11.6"
+      "@webassemblyjs/helper-wasm-bytecode" "1.11.6"
+      "@webassemblyjs/helper-wasm-section" "1.11.6"
+      "@webassemblyjs/wasm-gen" "1.11.6"
+      "@webassemblyjs/wasm-opt" "1.11.6"
+      "@webassemblyjs/wasm-parser" "1.11.6"
+      "@webassemblyjs/wast-printer" "1.11.6"
+  
+  "@webassemblyjs/wasm-gen@1.11.6":
+    version "1.11.6"
+    resolved "https://registry.npmjs.org/@webassemblyjs/wasm-gen/-/wasm-gen-1.11.6.tgz"
+    integrity sha512-3XOqkZP/y6B4F0PBAXvI1/bky7GryoogUtfwExeP/v7Nzwo1QLcq5oQmpKlftZLbT+ERUOAZVQjuNVak6UXjPA==
+    dependencies:
+      "@webassemblyjs/ast" "1.11.6"
+      "@webassemblyjs/helper-wasm-bytecode" "1.11.6"
+      "@webassemblyjs/ieee754" "1.11.6"
+      "@webassemblyjs/leb128" "1.11.6"
+      "@webassemblyjs/utf8" "1.11.6"
+  
+  "@webassemblyjs/wasm-opt@1.11.6":
+    version "1.11.6"
+    resolved "https://registry.npmjs.org/@webassemblyjs/wasm-opt/-/wasm-opt-1.11.6.tgz"
+    integrity sha512-cOrKuLRE7PCe6AsOVl7WasYf3wbSo4CeOk6PkrjS7g57MFfVUF9u6ysQBBODX0LdgSvQqRiGz3CXvIDKcPNy4g==
+    dependencies:
+      "@webassemblyjs/ast" "1.11.6"
+      "@webassemblyjs/helper-buffer" "1.11.6"
+      "@webassemblyjs/wasm-gen" "1.11.6"
+      "@webassemblyjs/wasm-parser" "1.11.6"
+  
+  "@webassemblyjs/wasm-parser@^1.11.5", "@webassemblyjs/wasm-parser@1.11.6":
+    version "1.11.6"
+    resolved "https://registry.npmjs.org/@webassemblyjs/wasm-parser/-/wasm-parser-1.11.6.tgz"
+    integrity sha512-6ZwPeGzMJM3Dqp3hCsLgESxBGtT/OeCvCZ4TA1JUPYgmhAx38tTPR9JaKy0S5H3evQpO/h2uWs2j6Yc/fjkpTQ==
+    dependencies:
+      "@webassemblyjs/ast" "1.11.6"
+      "@webassemblyjs/helper-api-error" "1.11.6"
+      "@webassemblyjs/helper-wasm-bytecode" "1.11.6"
+      "@webassemblyjs/ieee754" "1.11.6"
+      "@webassemblyjs/leb128" "1.11.6"
+      "@webassemblyjs/utf8" "1.11.6"
+  
+  "@webassemblyjs/wast-printer@1.11.6":
+    version "1.11.6"
+    resolved "https://registry.npmjs.org/@webassemblyjs/wast-printer/-/wast-printer-1.11.6.tgz"
+    integrity sha512-JM7AhRcE+yW2GWYaKeHL5vt4xqee5N2WcezptmgyhNS+ScggqcT1OtXykhAb13Sn5Yas0j2uv9tHgrjwvzAP4A==
+    dependencies:
+      "@webassemblyjs/ast" "1.11.6"
+      "@xtuc/long" "4.2.2"
+  
+  "@webpack-cli/configtest@^1.2.0":
+    version "1.2.0"
+    resolved "https://registry.npmjs.org/@webpack-cli/configtest/-/configtest-1.2.0.tgz"
+    integrity sha512-4FB8Tj6xyVkyqjj1OaTqCjXYULB9FMkqQ8yGrZjRDrYh0nOE+7Lhs45WioWQQMV+ceFlE368Ukhe6xdvJM9Egg==
+  
+  "@webpack-cli/info@^1.5.0":
+    version "1.5.0"
+    resolved "https://registry.npmjs.org/@webpack-cli/info/-/info-1.5.0.tgz"
+    integrity sha512-e8tSXZpw2hPl2uMJY6fsMswaok5FdlGNRTktvFk2sD8RjH0hE2+XistawJx1vmKteh4NmGmNUrp+Tb2w+udPcQ==
+    dependencies:
+      envinfo "^7.7.3"
+  
+  "@webpack-cli/serve@^1.7.0":
+    version "1.7.0"
+    resolved "https://registry.npmjs.org/@webpack-cli/serve/-/serve-1.7.0.tgz"
+    integrity sha512-oxnCNGj88fL+xzV+dacXs44HcDwf1ovs3AuEzvP7mqXw7fQntqIhQ1BRmynh4qEKQSSSRSWVyXRjmTbZIX9V2Q==
+  
+  "@xtuc/ieee754@^1.2.0":
+    version "1.2.0"
+    resolved "https://registry.npmjs.org/@xtuc/ieee754/-/ieee754-1.2.0.tgz"
+    integrity sha512-DX8nKgqcGwsc0eJSqYt5lwP4DH5FlHnmuWWBRy7X0NcaGR0ZtuyeESgMwTYVEtxmsNGY+qit4QYT/MIYTOTPeA==
+  
+  "@xtuc/long@4.2.2":
+    version "4.2.2"
+    resolved "https://registry.npmjs.org/@xtuc/long/-/long-4.2.2.tgz"
+    integrity sha512-NuHqBY1PB/D8xU6s/thBgOAiAP7HOYDQ32+BFZILJ8ivkUkAHQnWfn6WhL79Owj1qmUnoN/YPhktdIoucipkAQ==
+  
+  accepts@~1.3.4, accepts@~1.3.5, accepts@~1.3.8:
+    version "1.3.8"
+    resolved "https://registry.npmjs.org/accepts/-/accepts-1.3.8.tgz"
+    integrity sha512-PYAthTa2m2VKxuvSD3DPC/Gy+U+sOA1LAuT8mkmRuvw+NACSaeXEQ+NHcVF7rONl6qcaxV3Uuemwawk+7+SJLw==
+    dependencies:
+      mime-types "~2.1.34"
+      negotiator "0.6.3"
+  
+  acorn-import-assertions@^1.9.0:
+    version "1.9.0"
+    resolved "https://registry.npmjs.org/acorn-import-assertions/-/acorn-import-assertions-1.9.0.tgz"
+    integrity sha512-cmMwop9x+8KFhxvKrKfPYmN6/pKTYYHBqLa0DfvVZcKMJWNyWLnaqND7dx/qn66R7ewM1UX5XMaDVP5wlVTaVA==
+  
+  acorn-walk@^7.1.1:
+    version "7.2.0"
+    resolved "https://registry.npmjs.org/acorn-walk/-/acorn-walk-7.2.0.tgz"
+    integrity sha512-OPdCF6GsMIP+Az+aWfAAOEt2/+iVDKE7oy6lJ098aoe59oAmK76qV6Gw60SbZ8jHuG2wH058GF4pLFbYamYrVA==
+  
+  acorn@^7.1.1:
+    version "7.4.1"
+    resolved "https://registry.npmjs.org/acorn/-/acorn-7.4.1.tgz"
+    integrity sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A==
+  
+  acorn@^8, acorn@^8.5.0, acorn@^8.7.1:
+    version "8.8.2"
+    resolved "https://registry.npmjs.org/acorn/-/acorn-8.8.2.tgz"
+    integrity sha512-xjIYgE8HBrkpd/sJqOGNspf8uHG+NOHGOw6a/Urj8taM2EXfdNAH2oFcPeIFfsv3+kz/mJrS5VuMqbNLjCa2vw==
+  
+  adjust-sourcemap-loader@^4.0.0:
+    version "4.0.0"
+    resolved "https://registry.npmjs.org/adjust-sourcemap-loader/-/adjust-sourcemap-loader-4.0.0.tgz"
+    integrity sha512-OXwN5b9pCUXNQHJpwwD2qP40byEmSgzj8B4ydSN0uMNYWiFmJ6x6KwUllMmfk8Rwu/HJDFR7U8ubsWBoN0Xp0A==
+    dependencies:
+      loader-utils "^2.0.0"
+      regex-parser "^2.2.11"
+  
+  ajv-formats@^2.1.1:
+    version "2.1.1"
+    resolved "https://registry.npmjs.org/ajv-formats/-/ajv-formats-2.1.1.tgz"
+    integrity sha512-Wx0Kx52hxE7C18hkMEggYlEifqWZtYaRgouJor+WMdPnQyEK13vgEWyVNup7SoeeoLMsr4kf5h6dOW11I15MUA==
+    dependencies:
+      ajv "^8.0.0"
+  
+  ajv-keywords@^3.5.2:
+    version "3.5.2"
+    resolved "https://registry.npmjs.org/ajv-keywords/-/ajv-keywords-3.5.2.tgz"
+    integrity sha512-5p6WTN0DdTGVQk6VjcEju19IgaHudalcfabD7yhDGeA6bcQnmL+CpveLJq/3hvfwd1aof6L386Ougkx6RfyMIQ==
+  
+  ajv-keywords@^5.0.0:
+    version "5.1.0"
+    resolved "https://registry.npmjs.org/ajv-keywords/-/ajv-keywords-5.1.0.tgz"
+    integrity sha512-YCS/JNFAUyr5vAuhk1DWm1CBxRHW9LbJ2ozWeemrIqpbsqKjHVxYPyi5GC0rjZIT5JxJ3virVTS8wk4i/Z+krw==
+    dependencies:
+      fast-deep-equal "^3.1.3"
+  
+  ajv@^6.12.4, ajv@^6.12.5, ajv@^6.9.1:
+    version "6.12.6"
+    resolved "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz"
+    integrity sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==
+    dependencies:
+      fast-deep-equal "^3.1.1"
+      fast-json-stable-stringify "^2.0.0"
+      json-schema-traverse "^0.4.1"
+      uri-js "^4.2.2"
+  
+  ajv@^8.0.0:
+    version "8.12.0"
+    resolved "https://registry.npmjs.org/ajv/-/ajv-8.12.0.tgz"
+    integrity sha512-sRu1kpcO9yLtYxBKvqfTeh9KzZEwO3STyX1HT+4CaDzC6HpTGYhIhPIzj9XuKU7KYDwnaeh5hcOwjy1QuJzBPA==
+    dependencies:
+      fast-deep-equal "^3.1.1"
+      json-schema-traverse "^1.0.0"
+      require-from-string "^2.0.2"
+      uri-js "^4.2.2"
+  
+  ajv@^8.8.0, ajv@^8.8.2:
+    version "8.12.0"
+    resolved "https://registry.npmjs.org/ajv/-/ajv-8.12.0.tgz"
+    integrity sha512-sRu1kpcO9yLtYxBKvqfTeh9KzZEwO3STyX1HT+4CaDzC6HpTGYhIhPIzj9XuKU7KYDwnaeh5hcOwjy1QuJzBPA==
+    dependencies:
+      fast-deep-equal "^3.1.1"
+      json-schema-traverse "^1.0.0"
+      require-from-string "^2.0.2"
+      uri-js "^4.2.2"
+  
+  ansi-html-community@^0.0.8:
+    version "0.0.8"
+    resolved "https://registry.npmjs.org/ansi-html-community/-/ansi-html-community-0.0.8.tgz"
+    integrity sha512-1APHAyr3+PCamwNw3bXCPp4HFLONZt/yIH0sZp0/469KWNTEy+qN5jQ3GVX6DMZ1UXAi34yVwtTeaG/HpBuuzw==
+  
+  ansi-regex@^5.0.1:
+    version "5.0.1"
+    resolved "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz"
+    integrity sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==
+  
+  ansi-styles@^3.2.1:
+    version "3.2.1"
+    resolved "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz"
+    integrity sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==
+    dependencies:
+      color-convert "^1.9.0"
+  
+  ansi-styles@^4.0.0, ansi-styles@^4.1.0:
+    version "4.3.0"
+    resolved "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz"
+    integrity sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==
+    dependencies:
+      color-convert "^2.0.1"
+  
+  anymatch@~3.1.2:
+    version "3.1.3"
+    resolved "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz"
+    integrity sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==
+    dependencies:
+      normalize-path "^3.0.0"
+      picomatch "^2.0.4"
+  
+  array-flatten@^2.1.2:
+    version "2.1.2"
+    resolved "https://registry.npmjs.org/array-flatten/-/array-flatten-2.1.2.tgz"
+    integrity sha512-hNfzcOV8W4NdualtqBFPyVO+54DSJuZGY9qT4pRroB6S9e3iiido2ISIC5h9R2sPJ8H3FHCIiEnsv1lPXO3KtQ==
+  
+  array-flatten@1.1.1:
+    version "1.1.1"
+    resolved "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz"
+    integrity sha512-PCVAQswWemu6UdxsDFFX/+gVeYqKAod3D3UVm91jHwynguOwAvYPhx8nNlM++NqRcK6CxxpUafjmhIdKiHibqg==
+  
+  array-union@^2.1.0:
+    version "2.1.0"
+    resolved "https://registry.npmjs.org/array-union/-/array-union-2.1.0.tgz"
+    integrity sha512-HGyxoOTYUyCM6stUe6EJgnd4EoewAI7zMdfqO+kGjnlZmBDz/cR5pf8r/cR4Wq60sL/p0IkcjUEEPwS3GFrIyw==
+  
+  asn1.js@^5.2.0:
+    version "5.4.1"
+    resolved "https://registry.npmjs.org/asn1.js/-/asn1.js-5.4.1.tgz"
+    integrity sha512-+I//4cYPccV8LdmBLiX8CYvf9Sp3vQsrqu2QNXRcrbiWvcx/UdlFiqUJJzxRQxgsZmvhXhn4cSKeSmoFjVdupA==
+    dependencies:
+      bn.js "^4.0.0"
+      inherits "^2.0.1"
+      minimalistic-assert "^1.0.0"
+      safer-buffer "^2.1.0"
+  
+  assert@^1.1.1:
+    version "1.5.0"
+    resolved "https://registry.npmjs.org/assert/-/assert-1.5.0.tgz"
+    integrity sha512-EDsgawzwoun2CZkCgtxJbv392v4nbk9XDD06zI+kQYoBM/3RBWLlEyJARDOmhAAosBjWACEkKL6S+lIZtcAubA==
+    dependencies:
+      object-assign "^4.1.1"
+      util "0.10.3"
+  
+  async-limiter@~1.0.0:
+    version "1.0.1"
+    resolved "https://registry.npmjs.org/async-limiter/-/async-limiter-1.0.1.tgz"
+    integrity sha512-csOlWGAcRFJaI6m+F2WKdnMKr4HhdhFVBk0H/QbJFMCr+uO2kwohwXQPxw/9OCxp05r5ghVBFSyioixx3gfkNQ==
+  
+  autoprefixer@^10.4.0:
+    version "10.4.14"
+    resolved "https://registry.npmjs.org/autoprefixer/-/autoprefixer-10.4.14.tgz"
+    integrity sha512-FQzyfOsTlwVzjHxKEqRIAdJx9niO6VCBCoEwax/VLSoQF29ggECcPuBqUMZ+u8jCZOPSy8b8/8KnuFbp0SaFZQ==
+    dependencies:
+      browserslist "^4.21.5"
+      caniuse-lite "^1.0.30001464"
+      fraction.js "^4.2.0"
+      normalize-range "^0.1.2"
+      picocolors "^1.0.0"
+      postcss-value-parser "^4.2.0"
+  
+  babel-loader@^8.2.3:
+    version "8.3.0"
+    resolved "https://registry.npmjs.org/babel-loader/-/babel-loader-8.3.0.tgz"
+    integrity sha512-H8SvsMF+m9t15HNLMipppzkC+Y2Yq+v3SonZyU70RBL/h1gxPkH08Ot8pEE9Z4Kd+czyWJClmFS8qzIP9OZ04Q==
+    dependencies:
+      find-cache-dir "^3.3.1"
+      loader-utils "^2.0.0"
+      make-dir "^3.1.0"
+      schema-utils "^2.6.5"
+  
+  babel-plugin-polyfill-corejs2@^0.3.3:
+    version "0.3.3"
+    resolved "https://registry.npmjs.org/babel-plugin-polyfill-corejs2/-/babel-plugin-polyfill-corejs2-0.3.3.tgz"
+    integrity sha512-8hOdmFYFSZhqg2C/JgLUQ+t52o5nirNwaWM2B9LWteozwIvM14VSwdsCAUET10qT+kmySAlseadmfeeSWFCy+Q==
+    dependencies:
+      "@babel/compat-data" "^7.17.7"
+      "@babel/helper-define-polyfill-provider" "^0.3.3"
+      semver "^6.1.1"
+  
+  babel-plugin-polyfill-corejs3@^0.6.0:
+    version "0.6.0"
+    resolved "https://registry.npmjs.org/babel-plugin-polyfill-corejs3/-/babel-plugin-polyfill-corejs3-0.6.0.tgz"
+    integrity sha512-+eHqR6OPcBhJOGgsIar7xoAB1GcSwVUA3XjAd7HJNzOXT4wv6/H7KIdA/Nc60cvUlDbKApmqNvD1B1bzOt4nyA==
+    dependencies:
+      "@babel/helper-define-polyfill-provider" "^0.3.3"
+      core-js-compat "^3.25.1"
+  
+  babel-plugin-polyfill-regenerator@^0.4.1:
+    version "0.4.1"
+    resolved "https://registry.npmjs.org/babel-plugin-polyfill-regenerator/-/babel-plugin-polyfill-regenerator-0.4.1.tgz"
+    integrity sha512-NtQGmyQDXjQqQ+IzRkBVwEOz9lQ4zxAQZgoAYEtU9dJjnl1Oc98qnN7jcp+bE7O7aYzVpavXE3/VKXNzUbh7aw==
+    dependencies:
+      "@babel/helper-define-polyfill-provider" "^0.3.3"
+  
+  balanced-match@^1.0.0:
+    version "1.0.2"
+    resolved "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz"
+    integrity sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==
+  
+  base64-js@^1.0.2:
+    version "1.5.1"
+    resolved "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz"
+    integrity sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==
+  
+  Base64@^1.0.0:
+    version "1.1.0"
+    resolved "https://registry.npmjs.org/Base64/-/Base64-1.1.0.tgz"
+    integrity sha512-qeacf8dvGpf+XAT27ESHMh7z84uRzj/ua2pQdJg483m3bEXv/kVFtDnMgvf70BQGqzbZhR9t6BmASzKvqfJf3Q==
+  
+  batch@0.6.1:
+    version "0.6.1"
+    resolved "https://registry.npmjs.org/batch/-/batch-0.6.1.tgz"
+    integrity sha512-x+VAiMRL6UPkx+kudNvxTl6hB2XNNCG2r+7wixVfIYwu/2HKRXimwQyaumLjMveWvT2Hkd/cAJw+QBMfJ/EKVw==
+  
+  beaver-logger@^3.0.17, beaver-logger@^3.0.6:
+    version "3.0.19"
+    resolved "https://registry.npmjs.org/beaver-logger/-/beaver-logger-3.0.19.tgz"
+    integrity sha512-hfBwPUD8PeE6mFSTtWAYd/wI8AzaoeRGNIpWGZWJGZBLyl7Fb7n6PL33JujUzWKWDsIi9V3HoppqIyM/CeeSnw==
+    dependencies:
+      zalgo-promise "^1.0.26"
+  
+  belter@^1.0.77, belter@1.0.173:
+    version "1.0.173"
+    resolved "https://registry.npmjs.org/belter/-/belter-1.0.173.tgz"
+    integrity sha512-wmUVEQR0igzKKO1yHT6ouGLCwzoeXFf1OsHeAk8DcCOgYtdBU8NiUlV94qx8NLFnahuwbpDqLBETfHUGXQOL8Q==
+    dependencies:
+      cross-domain-safe-weakmap "^1"
+      cross-domain-utils "^2"
+      zalgo-promise "^1"
+  
+  bfj@^6.1.1:
+    version "6.1.2"
+    resolved "https://registry.npmjs.org/bfj/-/bfj-6.1.2.tgz"
+    integrity sha512-BmBJa4Lip6BPRINSZ0BPEIfB1wUY/9rwbwvIHQA1KjX9om29B6id0wnWXq7m3bn5JrUVjeOTnVuhPT1FiHwPGw==
+    dependencies:
+      bluebird "^3.5.5"
+      check-types "^8.0.3"
+      hoopy "^0.1.4"
+      tryer "^1.0.1"
+  
+  big.js@^5.2.2:
+    version "5.2.2"
+    resolved "https://registry.npmjs.org/big.js/-/big.js-5.2.2.tgz"
+    integrity sha512-vyL2OymJxmarO8gxMr0mhChsO9QGwhynfuu4+MHTAW6czfq9humCB7rKpUjDd9YUiDPU4mzpyupFSvOClAwbmQ==
+  
+  binary-extensions@^2.0.0:
+    version "2.2.0"
+    resolved "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.2.0.tgz"
+    integrity sha512-jDctJ/IVQbZoJykoeHbhXpOlNBqGNcwXJKJog42E5HDPUwQTSdjCHdihjj0DlnheQ7blbT6dHOafNAiS8ooQKA==
+  
+  bluebird@^3.5.5:
+    version "3.7.2"
+    resolved "https://registry.npmjs.org/bluebird/-/bluebird-3.7.2.tgz"
+    integrity sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg==
+  
+  bn.js@^4.0.0:
+    version "4.12.0"
+    resolved "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz"
+    integrity sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==
+  
+  bn.js@^4.1.0:
+    version "4.12.0"
+    resolved "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz"
+    integrity sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==
+  
+  bn.js@^4.11.9:
+    version "4.12.0"
+    resolved "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz"
+    integrity sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==
+  
+  bn.js@^5.0.0, bn.js@^5.2.1:
+    version "5.2.1"
+    resolved "https://registry.npmjs.org/bn.js/-/bn.js-5.2.1.tgz"
+    integrity sha512-eXRvHzWyYPBuB4NBy0cmYQjGitUrtqwbvlzP3G6VFnNRbsZQIxQ10PbKKHt8gZ/HW/D/747aDl+QkDqg3KQLMQ==
+  
+  body-parser@1.20.1:
+    version "1.20.1"
+    resolved "https://registry.npmjs.org/body-parser/-/body-parser-1.20.1.tgz"
+    integrity sha512-jWi7abTbYwajOytWCQc37VulmWiRae5RyTpaCyDcS5/lMdtwSz5lOpDE67srw/HYe35f1z3fDQw+3txg7gNtWw==
+    dependencies:
+      bytes "3.1.2"
+      content-type "~1.0.4"
+      debug "2.6.9"
+      depd "2.0.0"
+      destroy "1.2.0"
+      http-errors "2.0.0"
+      iconv-lite "0.4.24"
+      on-finished "2.4.1"
+      qs "6.11.0"
+      raw-body "2.5.1"
+      type-is "~1.6.18"
+      unpipe "1.0.0"
+  
+  bonjour-service@^1.0.11:
+    version "1.1.1"
+    resolved "https://registry.npmjs.org/bonjour-service/-/bonjour-service-1.1.1.tgz"
+    integrity sha512-Z/5lQRMOG9k7W+FkeGTNjh7htqn/2LMnfOvBZ8pynNZCM9MwkQkI3zeI4oz09uWdcgmgHugVvBqxGg4VQJ5PCg==
+    dependencies:
+      array-flatten "^2.1.2"
+      dns-equal "^1.0.0"
+      fast-deep-equal "^3.1.3"
+      multicast-dns "^7.2.5"
+  
+  boolbase@^1.0.0:
+    version "1.0.0"
+    resolved "https://registry.npmjs.org/boolbase/-/boolbase-1.0.0.tgz"
+    integrity sha512-JZOSA7Mo9sNGB8+UjSgzdLtokWAky1zbztM3WRLCbZ70/3cTANmQmOdR7y2g+J0e2WXywy1yS468tY+IruqEww==
+  
+  bowser@^1.7.1:
+    version "1.9.4"
+    resolved "https://registry.npmjs.org/bowser/-/bowser-1.9.4.tgz"
+    integrity sha512-9IdMmj2KjigRq6oWhmwv1W36pDuA4STQZ8q6YO9um+x07xgYNCD3Oou+WP/3L1HNz7iqythGet3/p4wvc8AAwQ==
+  
+  brace-expansion@^1.1.7:
+    version "1.1.11"
+    resolved "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz"
+    integrity sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==
+    dependencies:
+      balanced-match "^1.0.0"
+      concat-map "0.0.1"
+  
+  braces@^3.0.2, braces@~3.0.2:
+    version "3.0.2"
+    resolved "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz"
+    integrity sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==
+    dependencies:
+      fill-range "^7.0.1"
+  
+  braintree-web@^3.92.1:
+    version "3.92.1"
+    resolved "https://registry.npmjs.org/braintree-web/-/braintree-web-3.92.1.tgz"
+    integrity sha512-ZYHa1rZD2vFi7Z0mMCEVI6seyARZ30inifRYvqXOPlhOX8teIkR6aqUXOcDljQxL7qlrIo4jpnScF9lcuaeYtA==
+    dependencies:
+      "@braintree/asset-loader" "0.4.4"
+      "@braintree/browser-detection" "1.14.0"
+      "@braintree/class-list" "0.2.0"
+      "@braintree/event-emitter" "0.4.1"
+      "@braintree/extended-promise" "0.4.1"
+      "@braintree/iframer" "1.1.0"
+      "@braintree/sanitize-url" "6.0.2"
+      "@braintree/uuid" "0.1.0"
+      "@braintree/wrap-promise" "2.1.0"
+      cached-path-relative "1.1.0"
+      card-validator "8.1.1"
+      credit-card-type "9.1.0"
+      decode-uri-component "0.2.2"
+      framebus "5.2.0"
+      inject-stylesheet "5.0.0"
+      json5 "2.2.3"
+      minimist "1.2.8"
+      promise-polyfill "8.2.3"
+      restricted-input "3.0.5"
+      terser "4.8.1"
+  
+  brorand@^1.0.1, brorand@^1.1.0:
+    version "1.1.0"
+    resolved "https://registry.npmjs.org/brorand/-/brorand-1.1.0.tgz"
+    integrity sha512-cKV8tMCEpQs4hK/ik71d6LrPOnpkpGBR0wzxqr68g2m/LB2GxVYQroAjMJZRVM1Y4BCjCKc3vAamxSzOY2RP+w==
+  
+  browserify-aes@^1.0.0, browserify-aes@^1.0.4:
+    version "1.2.0"
+    resolved "https://registry.npmjs.org/browserify-aes/-/browserify-aes-1.2.0.tgz"
+    integrity sha512-+7CHXqGuspUn/Sl5aO7Ea0xWGAtETPXNSAjHo48JfLdPWcMng33Xe4znFvQweqc/uzk5zSOI3H52CYnjCfb5hA==
+    dependencies:
+      buffer-xor "^1.0.3"
+      cipher-base "^1.0.0"
+      create-hash "^1.1.0"
+      evp_bytestokey "^1.0.3"
+      inherits "^2.0.1"
+      safe-buffer "^5.0.1"
+  
+  browserify-cipher@^1.0.0:
+    version "1.0.1"
+    resolved "https://registry.npmjs.org/browserify-cipher/-/browserify-cipher-1.0.1.tgz"
+    integrity sha512-sPhkz0ARKbf4rRQt2hTpAHqn47X3llLkUGn+xEJzLjwY8LRs2p0v7ljvI5EyoRO/mexrNunNECisZs+gw2zz1w==
+    dependencies:
+      browserify-aes "^1.0.4"
+      browserify-des "^1.0.0"
+      evp_bytestokey "^1.0.0"
+  
+  browserify-des@^1.0.0:
+    version "1.0.2"
+    resolved "https://registry.npmjs.org/browserify-des/-/browserify-des-1.0.2.tgz"
+    integrity sha512-BioO1xf3hFwz4kc6iBhI3ieDFompMhrMlnDFC4/0/vd5MokpuAc3R+LYbwTA9A5Yc9pq9UYPqffKpW2ObuwX5A==
+    dependencies:
+      cipher-base "^1.0.1"
+      des.js "^1.0.0"
+      inherits "^2.0.1"
+      safe-buffer "^5.1.2"
+  
+  browserify-rsa@^4.0.0, browserify-rsa@^4.1.0:
+    version "4.1.0"
+    resolved "https://registry.npmjs.org/browserify-rsa/-/browserify-rsa-4.1.0.tgz"
+    integrity sha512-AdEER0Hkspgno2aR97SAf6vi0y0k8NuOpGnVH3O99rcA5Q6sh8QxcngtHuJ6uXwnfAXNM4Gn1Gb7/MV1+Ymbog==
+    dependencies:
+      bn.js "^5.0.0"
+      randombytes "^2.0.1"
+  
+  browserify-sign@^4.0.0:
+    version "4.2.2"
+    resolved "https://registry.npmjs.org/browserify-sign/-/browserify-sign-4.2.2.tgz"
+    integrity sha512-1rudGyeYY42Dk6texmv7c4VcQ0EsvVbLwZkA+AQB7SxvXxmcD93jcHie8bzecJ+ChDlmAm2Qyu0+Ccg5uhZXCg==
+    dependencies:
+      bn.js "^5.2.1"
+      browserify-rsa "^4.1.0"
+      create-hash "^1.2.0"
+      create-hmac "^1.1.7"
+      elliptic "^6.5.4"
+      inherits "^2.0.4"
+      parse-asn1 "^5.1.6"
+      readable-stream "^3.6.2"
+      safe-buffer "^5.2.1"
+  
+  browserify-zlib@^0.2.0:
+    version "0.2.0"
+    resolved "https://registry.npmjs.org/browserify-zlib/-/browserify-zlib-0.2.0.tgz"
+    integrity sha512-Z942RysHXmJrhqk88FmKBVq/v5tqmSkDz7p54G/MGyjMnCFFnC79XWNbg+Vta8W6Wb2qtSZTSxIGkJrRpCFEiA==
+    dependencies:
+      pako "~1.0.5"
+  
+  browserslist@^4.0.0, browserslist@^4.14.5, browserslist@^4.21.3, browserslist@^4.21.4, browserslist@^4.21.5, "browserslist@>= 4.21.0":
+    version "4.21.5"
+    resolved "https://registry.npmjs.org/browserslist/-/browserslist-4.21.5.tgz"
+    integrity sha512-tUkiguQGW7S3IhB7N+c2MV/HZPSCPAAiYBZXLsBhFB/PCy6ZKKsZrmBayHV9fdGV/ARIfJ14NkxKzRDjvp7L6w==
+    dependencies:
+      caniuse-lite "^1.0.30001449"
+      electron-to-chromium "^1.4.284"
+      node-releases "^2.0.8"
+      update-browserslist-db "^1.0.10"
+  
+  buffer-from@^1.0.0:
+    version "1.1.2"
+    resolved "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz"
+    integrity sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==
+  
+  buffer-xor@^1.0.3:
+    version "1.0.3"
+    resolved "https://registry.npmjs.org/buffer-xor/-/buffer-xor-1.0.3.tgz"
+    integrity sha512-571s0T7nZWK6vB67HI5dyUF7wXiNcfaPPPTl6zYCNApANjIvYJTg7hlud/+cJpdAhS7dVzqMLmfhfHR3rAcOjQ==
+  
+  buffer@^4.3.0:
+    version "4.9.2"
+    resolved "https://registry.npmjs.org/buffer/-/buffer-4.9.2.tgz"
+    integrity sha512-xq+q3SRMOxGivLhBNaUdC64hDTQwejJ+H0T/NB1XMtTVEwNTrfFF3gAxiyW0Bu/xWEGhjVKgUcMhCrUy2+uCWg==
+    dependencies:
+      base64-js "^1.0.2"
+      ieee754 "^1.1.4"
+      isarray "^1.0.0"
+  
+  builtin-status-codes@^3.0.0:
+    version "3.0.0"
+    resolved "https://registry.npmjs.org/builtin-status-codes/-/builtin-status-codes-3.0.0.tgz"
+    integrity sha512-HpGFw18DgFWlncDfjTa2rcQ4W88O1mC8e8yZ2AvQY5KDaktSTwo+KRf6nHK6FRI5FyRyb/5T6+TSxfP7QyGsmQ==
+  
+  bytes@3.0.0:
+    version "3.0.0"
+    resolved "https://registry.npmjs.org/bytes/-/bytes-3.0.0.tgz"
+    integrity sha512-pMhOfFDPiv9t5jjIXkHosWmkSyQbvsgEVNkz0ERHbuLh2T/7j4Mqqpz523Fe8MVY89KC6Sh/QfS2sM+SjgFDcw==
+  
+  bytes@3.1.2:
+    version "3.1.2"
+    resolved "https://registry.npmjs.org/bytes/-/bytes-3.1.2.tgz"
+    integrity sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg==
+  
+  cached-path-relative@1.1.0:
+    version "1.1.0"
+    resolved "https://registry.npmjs.org/cached-path-relative/-/cached-path-relative-1.1.0.tgz"
+    integrity sha512-WF0LihfemtesFcJgO7xfOoOcnWzY/QHR4qeDqV44jPU3HTI54+LnfXK3SA27AVVGCdZFgjjFFaqUA9Jx7dMJZA==
+  
+  call-bind@^1.0.0:
+    version "1.0.2"
+    resolved "https://registry.npmjs.org/call-bind/-/call-bind-1.0.2.tgz"
+    integrity sha512-7O+FbCihrB5WGbFYesctwmTKae6rOiIzmz1icreWJ+0aA7LJfuqhEso2T9ncpcFtzMQtzXf2QGGueWJGTYsqrA==
+    dependencies:
+      function-bind "^1.1.1"
+      get-intrinsic "^1.0.2"
+  
+  callsites@^3.0.0:
+    version "3.1.0"
+    resolved "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz"
+    integrity sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==
+  
+  camel-case@^4.1.1:
+    version "4.1.2"
+    resolved "https://registry.npmjs.org/camel-case/-/camel-case-4.1.2.tgz"
+    integrity sha512-gxGWBrTT1JuMx6R+o5PTXMmUnhnVzLQ9SNutD4YqKtI6ap897t3tKECYla6gCWEkplXnlNybEkZg9GEGxKFCgw==
+    dependencies:
+      pascal-case "^3.1.2"
+      tslib "^2.0.3"
+  
+  caniuse-api@^3.0.0:
+    version "3.0.0"
+    resolved "https://registry.npmjs.org/caniuse-api/-/caniuse-api-3.0.0.tgz"
+    integrity sha512-bsTwuIg/BZZK/vreVTYYbSWoe2F+71P7K5QGEX+pT250DZbfU1MQ5prOKpPR+LL6uWKK3KMwMCAS74QB3Um1uw==
+    dependencies:
+      browserslist "^4.0.0"
+      caniuse-lite "^1.0.0"
+      lodash.memoize "^4.1.2"
+      lodash.uniq "^4.5.0"
+  
+  caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001449, caniuse-lite@^1.0.30001464:
+    version "1.0.30001474"
+    resolved "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001474.tgz"
+    integrity sha512-iaIZ8gVrWfemh5DG3T9/YqarVZoYf0r188IjaGwx68j4Pf0SGY6CQkmJUIE+NZHkkecQGohzXmBGEwWDr9aM3Q==
+  
+  card-validator@8.1.1:
+    version "8.1.1"
+    resolved "https://registry.npmjs.org/card-validator/-/card-validator-8.1.1.tgz"
+    integrity sha512-cN4FsKwoTfTFnqPwVc7TQLSsH/QMDB3n/gWm0XelcApz4sKipnOQ6k33sa3bWsNnnIpgs7eXOF+mUV2UQAX2Sw==
+    dependencies:
+      credit-card-type "^9.1.0"
+  
+  chalk@^2.4.1:
+    version "2.4.2"
+    resolved "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz"
+    integrity sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==
+    dependencies:
+      ansi-styles "^3.2.1"
+      escape-string-regexp "^1.0.5"
+      supports-color "^5.3.0"
+  
+  chalk@^2.4.2:
+    version "2.4.2"
+    resolved "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz"
+    integrity sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==
+    dependencies:
+      ansi-styles "^3.2.1"
+      escape-string-regexp "^1.0.5"
+      supports-color "^5.3.0"
+  
+  chalk@^4.1.0, chalk@^4.1.2:
+    version "4.1.2"
+    resolved "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz"
+    integrity sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==
+    dependencies:
+      ansi-styles "^4.1.0"
+      supports-color "^7.1.0"
+  
+  charenc@0.0.2:
+    version "0.0.2"
+    resolved "https://registry.npmjs.org/charenc/-/charenc-0.0.2.tgz"
+    integrity sha512-yrLQ/yVUFXkzg7EDQsPieE/53+0RlaWTs+wBrvW36cyilJ2SaDWfl4Yj7MtLTXleV9uEKefbAGUPv2/iWSooRA==
+  
+  check-types@^8.0.3:
+    version "8.0.3"
+    resolved "https://registry.npmjs.org/check-types/-/check-types-8.0.3.tgz"
+    integrity sha512-YpeKZngUmG65rLudJ4taU7VLkOCTMhNl/u4ctNC56LQS/zJTyNH0Lrtwm1tfTsbLlwvlfsA2d1c8vCf/Kh2KwQ==
+  
+  chokidar@^3.5.2, chokidar@^3.5.3, "chokidar@>=3.0.0 <4.0.0":
+    version "3.5.3"
+    resolved "https://registry.npmjs.org/chokidar/-/chokidar-3.5.3.tgz"
+    integrity sha512-Dr3sfKRP6oTcjf2JmUmFJfeVMvXBdegxB0iVQ5eb2V10uFJUCAS8OByZdVAyVb8xXNz3GjjTgj9kLWsZTqE6kw==
+    dependencies:
+      anymatch "~3.1.2"
+      braces "~3.0.2"
+      glob-parent "~5.1.2"
+      is-binary-path "~2.1.0"
+      is-glob "~4.0.1"
+      normalize-path "~3.0.0"
+      readdirp "~3.6.0"
+    optionalDependencies:
+      fsevents "~2.3.2"
+  
+  chrome-trace-event@^1.0.2:
+    version "1.0.3"
+    resolved "https://registry.npmjs.org/chrome-trace-event/-/chrome-trace-event-1.0.3.tgz"
+    integrity sha512-p3KULyQg4S7NIHixdwbGX+nFHkoBiA4YQmyWtjb8XngSKV124nJmRysgAeujbUVb15vh+RvFUfCPqU7rXk+hZg==
+  
+  cipher-base@^1.0.0, cipher-base@^1.0.1, cipher-base@^1.0.3:
+    version "1.0.4"
+    resolved "https://registry.npmjs.org/cipher-base/-/cipher-base-1.0.4.tgz"
+    integrity sha512-Kkht5ye6ZGmwv40uUDZztayT2ThLQGfnj/T71N/XzeZeo3nf8foyW7zGTsPYkEya3m5f3cAypH+qe7YOrM1U2Q==
+    dependencies:
+      inherits "^2.0.1"
+      safe-buffer "^5.0.1"
+  
+  clean-css@^4.2.3:
+    version "4.2.4"
+    resolved "https://registry.npmjs.org/clean-css/-/clean-css-4.2.4.tgz"
+    integrity sha512-EJUDT7nDVFDvaQgAo2G/PJvxmp1o/c6iXLbswsBbUFXi1Nr+AjA2cKmfbKDMjMvzEe75g3P6JkaDDAKk96A85A==
+    dependencies:
+      source-map "~0.6.0"
+  
+  clean-css@^5.2.4:
+    version "5.3.2"
+    resolved "https://registry.npmjs.org/clean-css/-/clean-css-5.3.2.tgz"
+    integrity sha512-JVJbM+f3d3Q704rF4bqQ5UUyTtuJ0JRKNbTKVEeujCCBoMdkEi+V+e8oktO9qGQNSvHrFTM6JZRXrUvGR1czww==
+    dependencies:
+      source-map "~0.6.0"
+  
+  cli-table3@^0.6.0:
+    version "0.6.3"
+    resolved "https://registry.npmjs.org/cli-table3/-/cli-table3-0.6.3.tgz"
+    integrity sha512-w5Jac5SykAeZJKntOxJCrm63Eg5/4dhMWIcuTbo9rpE+brgaSZo0RuNJZeOyMgsUdhDeojvgyQLmjI+K50ZGyg==
+    dependencies:
+      string-width "^4.2.0"
+    optionalDependencies:
+      "@colors/colors" "1.5.0"
+  
+  cliui@^8.0.1:
+    version "8.0.1"
+    resolved "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz"
+    integrity sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==
+    dependencies:
+      string-width "^4.2.0"
+      strip-ansi "^6.0.1"
+      wrap-ansi "^7.0.0"
+  
+  clone-deep@^4.0.1:
+    version "4.0.1"
+    resolved "https://registry.npmjs.org/clone-deep/-/clone-deep-4.0.1.tgz"
+    integrity sha512-neHB9xuzh/wk0dIHweyAXv2aPGZIVk3pLMe+/RNzINf17fe0OG96QroktYAUm7SM1PBnzTabaLboqqxDyMU+SQ==
+    dependencies:
+      is-plain-object "^2.0.4"
+      kind-of "^6.0.2"
+      shallow-clone "^3.0.0"
+  
+  collect.js@^4.28.5:
+    version "4.36.1"
+    resolved "https://registry.npmjs.org/collect.js/-/collect.js-4.36.1.tgz"
+    integrity sha512-jd97xWPKgHn6uvK31V6zcyPd40lUJd7gpYxbN2VOVxGWO4tyvS9Li4EpsFjXepGTo2tYcOTC4a8YsbQXMJ4XUw==
+  
+  color-convert@^1.9.0:
+    version "1.9.3"
+    resolved "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz"
+    integrity sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==
+    dependencies:
+      color-name "1.1.3"
+  
+  color-convert@^2.0.1:
+    version "2.0.1"
+    resolved "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz"
+    integrity sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==
+    dependencies:
+      color-name "~1.1.4"
+  
+  color-name@~1.1.4:
+    version "1.1.4"
+    resolved "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz"
+    integrity sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==
+  
+  color-name@1.1.3:
+    version "1.1.3"
+    resolved "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz"
+    integrity sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==
+  
+  colord@^2.9.1:
+    version "2.9.3"
+    resolved "https://registry.npmjs.org/colord/-/colord-2.9.3.tgz"
+    integrity sha512-jeC1axXpnb0/2nn/Y1LPuLdgXBLH7aDcHu4KEKfqw3CUhX7ZpfBSlPKyqXE6btIgEzfWtrX3/tyBCaCvXvMkOw==
+  
+  colorette@^2.0.10, colorette@^2.0.14:
+    version "2.0.19"
+    resolved "https://registry.npmjs.org/colorette/-/colorette-2.0.19.tgz"
+    integrity sha512-3tlv/dIP7FWvj3BsbHrGLJ6l/oKh1O3TcgBqMn+yyCagOxc23fyzDS6HypQbgxWbkpDnf52p1LuR4eWDQ/K9WQ==
+  
+  commander@^2.18.0:
+    version "2.20.3"
+    resolved "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz"
+    integrity sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ==
+  
+  commander@^2.20.0:
+    version "2.20.3"
+    resolved "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz"
+    integrity sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ==
+  
+  commander@^2.9.0:
+    version "2.20.3"
+    resolved "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz"
+    integrity sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ==
+  
+  commander@^4.1.1:
+    version "4.1.1"
+    resolved "https://registry.npmjs.org/commander/-/commander-4.1.1.tgz"
+    integrity sha512-NOKm8xhkzAjzFx8B2v5OAHT+u5pRQc2UCa2Vq9jYL/31o2wi9mxBA7LIFs3sV5VSC49z6pEhfbMULvShKj26WA==
+  
+  commander@^7.0.0, commander@^7.2.0:
+    version "7.2.0"
+    resolved "https://registry.npmjs.org/commander/-/commander-7.2.0.tgz"
+    integrity sha512-QrWXB+ZQSVPmIWIhtEO9H+gwHaMGYiF5ChvoJ+K9ZGHG/sVsa6yiesAD1GC/x46sET00Xlwo1u49RVVVzvcSkw==
+  
+  commondir@^1.0.1:
+    version "1.0.1"
+    resolved "https://registry.npmjs.org/commondir/-/commondir-1.0.1.tgz"
+    integrity sha512-W9pAhw0ja1Edb5GVdIF1mjZw/ASI0AlShXM83UUGe2DVr5TdAPEA1OA8m/g8zWp9x6On7gqufY+FatDbC3MDQg==
+  
+  compressible@~2.0.16:
+    version "2.0.18"
+    resolved "https://registry.npmjs.org/compressible/-/compressible-2.0.18.tgz"
+    integrity sha512-AF3r7P5dWxL8MxyITRMlORQNaOA2IkAFaTr4k7BUumjPtRpGDTZpl0Pb1XCO6JeDCBdp126Cgs9sMxqSjgYyRg==
+    dependencies:
+      mime-db ">= 1.43.0 < 2"
+  
+  compression@^1.7.4:
+    version "1.7.4"
+    resolved "https://registry.npmjs.org/compression/-/compression-1.7.4.tgz"
+    integrity sha512-jaSIDzP9pZVS4ZfQ+TzvtiWhdpFhE2RDHz8QJkpX9SIpLq88VueF5jJw6t+6CUQcAoA6t+x89MLrWAqpfDE8iQ==
+    dependencies:
+      accepts "~1.3.5"
+      bytes "3.0.0"
+      compressible "~2.0.16"
+      debug "2.6.9"
+      on-headers "~1.0.2"
+      safe-buffer "5.1.2"
+      vary "~1.1.2"
+  
+  concat-map@0.0.1:
+    version "0.0.1"
+    resolved "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz"
+    integrity sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==
+  
+  concat@^1.0.3:
+    version "1.0.3"
+    resolved "https://registry.npmjs.org/concat/-/concat-1.0.3.tgz"
+    integrity sha512-f/ZaH1aLe64qHgTILdldbvyfGiGF4uzeo9IuXUloIOLQzFmIPloy9QbZadNsuVv0j5qbKQvQb/H/UYf2UsKTpw==
+    dependencies:
+      commander "^2.9.0"
+  
+  connect-history-api-fallback@^2.0.0:
+    version "2.0.0"
+    resolved "https://registry.npmjs.org/connect-history-api-fallback/-/connect-history-api-fallback-2.0.0.tgz"
+    integrity sha512-U73+6lQFmfiNPrYbXqr6kZ1i1wiRqXnp2nhMsINseWXO8lDau0LGEffJ8kQi4EjLZympVgRdvqjAgiZ1tgzDDA==
+  
+  consola@^2.15.3:
+    version "2.15.3"
+    resolved "https://registry.npmjs.org/consola/-/consola-2.15.3.tgz"
+    integrity sha512-9vAdYbHj6x2fLKC4+oPH0kFzY/orMZyG2Aj+kNylHxKGJ/Ed4dpNyAQYwJOdqO4zdM7XpVHmyejQDcQHrnuXbw==
+  
+  console-browserify@^1.1.0:
+    version "1.2.0"
+    resolved "https://registry.npmjs.org/console-browserify/-/console-browserify-1.2.0.tgz"
+    integrity sha512-ZMkYO/LkF17QvCPqM0gxw8yUzigAOZOSWSHg91FH6orS7vcEj5dVZTidN2fQ14yBSdg97RqhSNwLUXInd52OTA==
+  
+  constants-browserify@^1.0.0:
+    version "1.0.0"
+    resolved "https://registry.npmjs.org/constants-browserify/-/constants-browserify-1.0.0.tgz"
+    integrity sha512-xFxOwqIzR/e1k1gLiWEophSCMqXcwVHIH7akf7b/vxcUeGunlj3hvZaaqxwHsTgn+IndtkQJgSztIDWeumWJDQ==
+  
+  content-disposition@0.5.4:
+    version "0.5.4"
+    resolved "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.4.tgz"
+    integrity sha512-FveZTNuGw04cxlAiWbzi6zTAL/lhehaWbTtgluJh4/E95DqMwTmha3KZN1aAWA8cFIhHzMZUvLevkw5Rqk+tSQ==
+    dependencies:
+      safe-buffer "5.2.1"
+  
+  content-type@~1.0.4:
+    version "1.0.5"
+    resolved "https://registry.npmjs.org/content-type/-/content-type-1.0.5.tgz"
+    integrity sha512-nTjqfcBFEipKdXCv4YDQWCfmcLZKm81ldF0pAopTvyrFGVbcR6P/VAAd5G7N+0tTr8QqiU0tFadD6FK4NtJwOA==
+  
+  convert-source-map@^1.7.0:
+    version "1.9.0"
+    resolved "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz"
+    integrity sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==
+  
+  cookie-signature@1.0.6:
+    version "1.0.6"
+    resolved "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz"
+    integrity sha512-QADzlaHc8icV8I7vbaJXJwod9HWYp8uCqf1xa4OfNu1T7JVxQIrUgOWtHdNDtPiywmFbiS12VjotIXLrKM3orQ==
+  
+  cookie@0.5.0:
+    version "0.5.0"
+    resolved "https://registry.npmjs.org/cookie/-/cookie-0.5.0.tgz"
+    integrity sha512-YZ3GUyn/o8gfKJlnlX7g7xq4gyO6OSuhGPKaaGssGB2qgDUS0gPgtTvoyZLTt9Ab6dC4hfc9dV5arkvc/OCmrw==
+  
+  core-js-compat@^3.25.1:
+    version "3.30.0"
+    resolved "https://registry.npmjs.org/core-js-compat/-/core-js-compat-3.30.0.tgz"
+    integrity sha512-P5A2h/9mRYZFIAP+5Ab8ns6083IyVpSclU74UNvbGVQ8VM7n3n3/g2yF3AkKQ9NXz2O+ioxLbEWKnDtgsFamhg==
+    dependencies:
+      browserslist "^4.21.5"
+  
+  core-util-is@~1.0.0:
+    version "1.0.3"
+    resolved "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.3.tgz"
+    integrity sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ==
+  
+  cosmiconfig@^7.0.0:
+    version "7.1.0"
+    resolved "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-7.1.0.tgz"
+    integrity sha512-AdmX6xUzdNASswsFtmwSt7Vj8po9IuqXm0UXz7QKPuEUmPB4XyjGfaAr2PSuELMwkRMVH1EpIkX5bTZGRB3eCA==
+    dependencies:
+      "@types/parse-json" "^4.0.0"
+      import-fresh "^3.2.1"
+      parse-json "^5.0.0"
+      path-type "^4.0.0"
+      yaml "^1.10.0"
+  
+  create-ecdh@^4.0.0:
+    version "4.0.4"
+    resolved "https://registry.npmjs.org/create-ecdh/-/create-ecdh-4.0.4.tgz"
+    integrity sha512-mf+TCx8wWc9VpuxfP2ht0iSISLZnt0JgWlrOKZiNqyUZWnjIaCIVNQArMHnCZKfEYRg6IM7A+NeJoN8gf/Ws0A==
+    dependencies:
+      bn.js "^4.1.0"
+      elliptic "^6.5.3"
+  
+  create-hash@^1.1.0, create-hash@^1.1.2, create-hash@^1.2.0:
+    version "1.2.0"
+    resolved "https://registry.npmjs.org/create-hash/-/create-hash-1.2.0.tgz"
+    integrity sha512-z00bCGNHDG8mHAkP7CtT1qVu+bFQUPjYq/4Iv3C3kWjTFV10zIjfSoeqXo9Asws8gwSHDGj/hl2u4OGIjapeCg==
+    dependencies:
+      cipher-base "^1.0.1"
+      inherits "^2.0.1"
+      md5.js "^1.3.4"
+      ripemd160 "^2.0.1"
+      sha.js "^2.4.0"
+  
+  create-hmac@^1.1.0, create-hmac@^1.1.4, create-hmac@^1.1.7:
+    version "1.1.7"
+    resolved "https://registry.npmjs.org/create-hmac/-/create-hmac-1.1.7.tgz"
+    integrity sha512-MJG9liiZ+ogc4TzUwuvbER1JRdgvUFSB5+VR/g5h82fGaIRWMWddtKBHi7/sVhfjQZ6SehlyhvQYrcYkaUIpLg==
+    dependencies:
+      cipher-base "^1.0.3"
+      create-hash "^1.1.0"
+      inherits "^2.0.1"
+      ripemd160 "^2.0.0"
+      safe-buffer "^5.0.1"
+      sha.js "^2.4.8"
+  
+  credit-card-type@^9.1.0, credit-card-type@9.1.0:
+    version "9.1.0"
+    resolved "https://registry.npmjs.org/credit-card-type/-/credit-card-type-9.1.0.tgz"
+    integrity sha512-CpNFuLxiPFxuZqhSKml3M+t0K/484pMAnfYWH14JoD7OZMnmC0Lmo+P7JX9SobqFpRoo7ifA18kOHdxJywYPEA==
+  
+  cross-domain-safe-weakmap@^1, cross-domain-safe-weakmap@^1.0.1, cross-domain-safe-weakmap@^1.0.22:
+    version "1.0.28"
+    resolved "https://registry.npmjs.org/cross-domain-safe-weakmap/-/cross-domain-safe-weakmap-1.0.28.tgz"
+    integrity sha512-gfQiQYSdWr9cYFVpmzp+b6MyTnefefDHr+fvm+JVv20hQxetV5J6chZOAusrpM/kFpTTbVDnHCziBFaREvgc0Q==
+    dependencies:
+      cross-domain-utils "^2.0.0"
+  
+  cross-domain-utils@^2, cross-domain-utils@^2.0.0, cross-domain-utils@^2.0.1, cross-domain-utils@^2.0.10, cross-domain-utils@^2.0.16:
+    version "2.0.34"
+    resolved "https://registry.npmjs.org/cross-domain-utils/-/cross-domain-utils-2.0.34.tgz"
+    integrity sha512-ke4PirGRXwEElEmE/7k5aCvCW+EqbgseT7AOObzFfaVnOLuEVN9SjVWoOfS/qAT0rDPn3ggmNDW6mguMBy4HgA==
+    dependencies:
+      zalgo-promise "^1.0.11"
+  
+  cross-env@^7.0.2:
+    version "7.0.3"
+    resolved "https://registry.npmjs.org/cross-env/-/cross-env-7.0.3.tgz"
+    integrity sha512-+/HKd6EgcQCJGh2PSjZuUitQBQynKor4wrFbRg4DtAgS1aWO+gU52xpH7M9ScGgXSYmAVS9bIJ8EzuaGw0oNAw==
+    dependencies:
+      cross-spawn "^7.0.1"
+  
+  cross-spawn@^7.0.1, cross-spawn@^7.0.3:
+    version "7.0.3"
+    resolved "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz"
+    integrity sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==
+    dependencies:
+      path-key "^3.1.0"
+      shebang-command "^2.0.0"
+      which "^2.0.1"
+  
+  crypt@0.0.2:
+    version "0.0.2"
+    resolved "https://registry.npmjs.org/crypt/-/crypt-0.0.2.tgz"
+    integrity sha512-mCxBlsHFYh9C+HVpiEacem8FEBnMXgU9gy4zmNC+SXAZNB/1idgp/aulFJ4FgCi7GPEVbfyng092GqL2k2rmow==
+  
+  crypto-browserify@^3.11.0:
+    version "3.12.0"
+    resolved "https://registry.npmjs.org/crypto-browserify/-/crypto-browserify-3.12.0.tgz"
+    integrity sha512-fz4spIh+znjO2VjL+IdhEpRJ3YN6sMzITSBijk6FK2UvTqruSQW+/cCZTSNsMiZNvUeq0CqurF+dAbyiGOY6Wg==
+    dependencies:
+      browserify-cipher "^1.0.0"
+      browserify-sign "^4.0.0"
+      create-ecdh "^4.0.0"
+      create-hash "^1.1.0"
+      create-hmac "^1.1.0"
+      diffie-hellman "^5.0.0"
+      inherits "^2.0.1"
+      pbkdf2 "^3.0.3"
+      public-encrypt "^4.0.0"
+      randombytes "^2.0.0"
+      randomfill "^1.0.3"
+  
+  crypto-js@4.1.1:
+    version "4.1.1"
+    resolved "https://registry.npmjs.org/crypto-js/-/crypto-js-4.1.1.tgz"
+    integrity sha512-o2JlM7ydqd3Qk9CA0L4NL6mTzU2sdx96a+oOfPu8Mkl/PK51vSyoi8/rQ8NknZtk44vq15lmhAj9CIAGwgeWKw==
+  
+  css-declaration-sorter@^6.3.1:
+    version "6.4.0"
+    resolved "https://registry.npmjs.org/css-declaration-sorter/-/css-declaration-sorter-6.4.0.tgz"
+    integrity sha512-jDfsatwWMWN0MODAFuHszfjphEXfNw9JUAhmY4pLu3TyTU+ohUpsbVtbU+1MZn4a47D9kqh03i4eyOm+74+zew==
+  
+  css-loader@^5.2.6:
+    version "5.2.7"
+    resolved "https://registry.npmjs.org/css-loader/-/css-loader-5.2.7.tgz"
+    integrity sha512-Q7mOvpBNBG7YrVGMxRxcBJZFL75o+cH2abNASdibkj/fffYD8qWbInZrD0S9ccI6vZclF3DsHE7njGlLtaHbhg==
+    dependencies:
+      icss-utils "^5.1.0"
+      loader-utils "^2.0.0"
+      postcss "^8.2.15"
+      postcss-modules-extract-imports "^3.0.0"
+      postcss-modules-local-by-default "^4.0.0"
+      postcss-modules-scope "^3.0.0"
+      postcss-modules-values "^4.0.0"
+      postcss-value-parser "^4.1.0"
+      schema-utils "^3.0.0"
+      semver "^7.3.5"
+  
+  css-select@^4.1.3:
+    version "4.3.0"
+    resolved "https://registry.npmjs.org/css-select/-/css-select-4.3.0.tgz"
+    integrity sha512-wPpOYtnsVontu2mODhA19JrqWxNsfdatRKd64kmpRbQgh1KtItko5sTnEpPdpSaJszTOhEMlF/RPz28qj4HqhQ==
+    dependencies:
+      boolbase "^1.0.0"
+      css-what "^6.0.1"
+      domhandler "^4.3.1"
+      domutils "^2.8.0"
+      nth-check "^2.0.1"
+  
+  css-tree@^1.1.2, css-tree@^1.1.3:
+    version "1.1.3"
+    resolved "https://registry.npmjs.org/css-tree/-/css-tree-1.1.3.tgz"
+    integrity sha512-tRpdppF7TRazZrjJ6v3stzv93qxRcSsFmW6cX0Zm2NVKpxE1WV1HblnghVv9TreireHkqI/VDEsfolRF1p6y7Q==
+    dependencies:
+      mdn-data "2.0.14"
+      source-map "^0.6.1"
+  
+  css-what@^6.0.1:
+    version "6.1.0"
+    resolved "https://registry.npmjs.org/css-what/-/css-what-6.1.0.tgz"
+    integrity sha512-HTUrgRJ7r4dsZKU6GjmpfRK1O76h97Z8MfS1G0FozR+oF2kG6Vfe8JE6zwrkbxigziPHinCJ+gCPjA9EaBDtRw==
+  
+  cssesc@^3.0.0:
+    version "3.0.0"
+    resolved "https://registry.npmjs.org/cssesc/-/cssesc-3.0.0.tgz"
+    integrity sha512-/Tb/JcjK111nNScGob5MNtsntNM1aCNUDipB/TkwZFhyDrrE47SOx/18wF2bbjgc3ZzCSKW1T5nt5EbFoAz/Vg==
+  
+  cssnano-preset-default@^5.2.14:
+    version "5.2.14"
+    resolved "https://registry.npmjs.org/cssnano-preset-default/-/cssnano-preset-default-5.2.14.tgz"
+    integrity sha512-t0SFesj/ZV2OTylqQVOrFgEh5uanxbO6ZAdeCrNsUQ6fVuXwYTxJPNAGvGTxHbD68ldIJNec7PyYZDBrfDQ+6A==
+    dependencies:
+      css-declaration-sorter "^6.3.1"
+      cssnano-utils "^3.1.0"
+      postcss-calc "^8.2.3"
+      postcss-colormin "^5.3.1"
+      postcss-convert-values "^5.1.3"
+      postcss-discard-comments "^5.1.2"
+      postcss-discard-duplicates "^5.1.0"
+      postcss-discard-empty "^5.1.1"
+      postcss-discard-overridden "^5.1.0"
+      postcss-merge-longhand "^5.1.7"
+      postcss-merge-rules "^5.1.4"
+      postcss-minify-font-values "^5.1.0"
+      postcss-minify-gradients "^5.1.1"
+      postcss-minify-params "^5.1.4"
+      postcss-minify-selectors "^5.2.1"
+      postcss-normalize-charset "^5.1.0"
+      postcss-normalize-display-values "^5.1.0"
+      postcss-normalize-positions "^5.1.1"
+      postcss-normalize-repeat-style "^5.1.1"
+      postcss-normalize-string "^5.1.0"
+      postcss-normalize-timing-functions "^5.1.0"
+      postcss-normalize-unicode "^5.1.1"
+      postcss-normalize-url "^5.1.0"
+      postcss-normalize-whitespace "^5.1.1"
+      postcss-ordered-values "^5.1.3"
+      postcss-reduce-initial "^5.1.2"
+      postcss-reduce-transforms "^5.1.0"
+      postcss-svgo "^5.1.0"
+      postcss-unique-selectors "^5.1.1"
+  
+  cssnano-utils@^3.1.0:
+    version "3.1.0"
+    resolved "https://registry.npmjs.org/cssnano-utils/-/cssnano-utils-3.1.0.tgz"
+    integrity sha512-JQNR19/YZhz4psLX/rQ9M83e3z2Wf/HdJbryzte4a3NSuafyp9w/I4U+hx5C2S9g41qlstH7DEWnZaaj83OuEA==
+  
+  cssnano@^5.0.8:
+    version "5.1.15"
+    resolved "https://registry.npmjs.org/cssnano/-/cssnano-5.1.15.tgz"
+    integrity sha512-j+BKgDcLDQA+eDifLx0EO4XSA56b7uut3BQFH+wbSaSTuGLuiyTa/wbRYthUXX8LC9mLg+WWKe8h+qJuwTAbHw==
+    dependencies:
+      cssnano-preset-default "^5.2.14"
+      lilconfig "^2.0.3"
+      yaml "^1.10.2"
+  
+  csso@^4.2.0:
+    version "4.2.0"
+    resolved "https://registry.npmjs.org/csso/-/csso-4.2.0.tgz"
+    integrity sha512-wvlcdIbf6pwKEk7vHj8/Bkc0B4ylXZruLvOgs9doS5eOsOpuodOV2zJChSpkp+pRpYQLQMeF04nr3Z68Sta9jA==
+    dependencies:
+      css-tree "^1.1.2"
+  
+  csstype@^2.6.8:
+    version "2.6.20"
+    resolved "https://registry.npmjs.org/csstype/-/csstype-2.6.20.tgz"
+    integrity sha512-/WwNkdXfckNgw6S5R125rrW8ez139lBHWouiBvX8dfMFtcn6V81REDqnH7+CRpRipfYlyU1CmOnOxrmGcFOjeA==
+  
+  date-fns@^2.29.3:
+    version "2.29.3"
+    resolved "https://registry.npmjs.org/date-fns/-/date-fns-2.29.3.tgz"
+    integrity sha512-dDCnyH2WnnKusqvZZ6+jA1O51Ibt8ZMRNkDZdyAyK4YfbDwa/cEmuztzG5pk6hqlp9aSBPYcjOlktquahGwGeA==
+  
+  debug@^4.1.0, debug@^4.1.1:
+    version "4.3.4"
+    resolved "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz"
+    integrity sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==
+    dependencies:
+      ms "2.1.2"
+  
+  debug@2.6.9:
+    version "2.6.9"
+    resolved "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz"
+    integrity sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==
+    dependencies:
+      ms "2.0.0"
+  
+  decode-uri-component@0.2.2:
+    version "0.2.2"
+    resolved "https://registry.npmjs.org/decode-uri-component/-/decode-uri-component-0.2.2.tgz"
+    integrity sha512-FqUYQ+8o158GyGTrMFJms9qh3CqTKvAqgqsTnkLI8sKu0028orqBhxNMFkFen0zGyg6epACD32pjVk58ngIErQ==
+  
+  default-gateway@^6.0.3:
+    version "6.0.3"
+    resolved "https://registry.npmjs.org/default-gateway/-/default-gateway-6.0.3.tgz"
+    integrity sha512-fwSOJsbbNzZ/CUFpqFBqYfYNLj1NbMPm8MMCIzHjC83iSJRBEGmDUxU+WP661BaBQImeC2yHwXtz+P/O9o+XEg==
+    dependencies:
+      execa "^5.0.0"
+  
+  define-lazy-prop@^2.0.0:
+    version "2.0.0"
+    resolved "https://registry.npmjs.org/define-lazy-prop/-/define-lazy-prop-2.0.0.tgz"
+    integrity sha512-Ds09qNh8yw3khSjiJjiUInaGX9xlqZDY7JVryGxdxV7NPeuqQfplOpQ66yJFZut3jLa5zOwkXw1g9EI2uKh4Og==
+  
+  depd@~1.1.2:
+    version "1.1.2"
+    resolved "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz"
+    integrity sha512-7emPTl6Dpo6JRXOXjLRxck+FlLRX5847cLKEn00PLAgc3g2hTZZgr+e4c2v6QpSmLeFP3n5yUo7ft6avBK/5jQ==
+  
+  depd@2.0.0:
+    version "2.0.0"
+    resolved "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz"
+    integrity sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw==
+  
+  des.js@^1.0.0:
+    version "1.0.1"
+    resolved "https://registry.npmjs.org/des.js/-/des.js-1.0.1.tgz"
+    integrity sha512-Q0I4pfFrv2VPd34/vfLrFOoRmlYj3OV50i7fskps1jZWK1kApMWWT9G6RRUeYedLcBDIhnSDaUvJMb3AhUlaEA==
+    dependencies:
+      inherits "^2.0.1"
+      minimalistic-assert "^1.0.0"
+  
+  destroy@1.2.0:
+    version "1.2.0"
+    resolved "https://registry.npmjs.org/destroy/-/destroy-1.2.0.tgz"
+    integrity sha512-2sJGJTaXIIaR1w4iJSNoN0hnMY7Gpc/n8D4qSCJw8QqFWXf7cuAgnEHxBpweaVcPevC2l3KpjYCx3NypQQgaJg==
+  
+  detect-node@^2.0.4:
+    version "2.1.0"
+    resolved "https://registry.npmjs.org/detect-node/-/detect-node-2.1.0.tgz"
+    integrity sha512-T0NIuQpnTvFDATNuHN5roPwSBG83rFsuO+MXXH9/3N1eFbn4wcPjttvjMLEPWJ0RGUYgQE7cGgS3tNxbqCGM7g==
+  
+  diffie-hellman@^5.0.0:
+    version "5.0.3"
+    resolved "https://registry.npmjs.org/diffie-hellman/-/diffie-hellman-5.0.3.tgz"
+    integrity sha512-kqag/Nl+f3GwyK25fhUMYj81BUOrZ9IuJsjIcDE5icNM9FJHAVm3VcUDxdLPoQtTuUylWm6ZIknYJwwaPxsUzg==
+    dependencies:
+      bn.js "^4.1.0"
+      miller-rabin "^4.0.0"
+      randombytes "^2.0.0"
+  
+  dir-glob@^3.0.1:
+    version "3.0.1"
+    resolved "https://registry.npmjs.org/dir-glob/-/dir-glob-3.0.1.tgz"
+    integrity sha512-WkrWp9GR4KXfKGYzOLmTuGVi1UWFfws377n9cc55/tb6DuqyF6pcQ5AbiHEshaDpY9v6oaSr2XCDidGmMwdzIA==
+    dependencies:
+      path-type "^4.0.0"
+  
+  dns-equal@^1.0.0:
+    version "1.0.0"
+    resolved "https://registry.npmjs.org/dns-equal/-/dns-equal-1.0.0.tgz"
+    integrity sha512-z+paD6YUQsk+AbGCEM4PrOXSss5gd66QfcVBFTKR/HpFL9jCqikS94HYwKww6fQyO7IxrIIyUu+g0Ka9tUS2Cg==
+  
+  dns-packet@^5.2.2:
+    version "5.5.0"
+    resolved "https://registry.npmjs.org/dns-packet/-/dns-packet-5.5.0.tgz"
+    integrity sha512-USawdAUzRkV6xrqTjiAEp6M9YagZEzWcSUaZTcIFAiyQWW1SoI6KyId8y2+/71wbgHKQAKd+iupLv4YvEwYWvA==
+    dependencies:
+      "@leichtgewicht/ip-codec" "^2.0.1"
+  
+  dom-serializer@^1.0.1:
+    version "1.4.1"
+    resolved "https://registry.npmjs.org/dom-serializer/-/dom-serializer-1.4.1.tgz"
+    integrity sha512-VHwB3KfrcOOkelEG2ZOfxqLZdfkil8PtJi4P8N2MMXucZq2yLp75ClViUlOVwyoHEDjYU433Aq+5zWP61+RGag==
+    dependencies:
+      domelementtype "^2.0.1"
+      domhandler "^4.2.0"
+      entities "^2.0.0"
+  
+  domain-browser@^1.1.1:
+    version "1.2.0"
+    resolved "https://registry.npmjs.org/domain-browser/-/domain-browser-1.2.0.tgz"
+    integrity sha512-jnjyiM6eRyZl2H+W8Q/zLMA481hzi0eszAaBUzIVnmYVDBbnLxVNnfu1HgEBvCbL+71FrxMl3E6lpKH7Ge3OXA==
+  
+  domelementtype@^2.0.1, domelementtype@^2.2.0:
+    version "2.3.0"
+    resolved "https://registry.npmjs.org/domelementtype/-/domelementtype-2.3.0.tgz"
+    integrity sha512-OLETBj6w0OsagBwdXnPdN0cnMfF9opN69co+7ZrbfPGrdpPVNBUj02spi6B1N7wChLQiPn4CSH/zJvXw56gmHw==
+  
+  domhandler@^3.0.0:
+    version "3.3.0"
+    resolved "https://registry.npmjs.org/domhandler/-/domhandler-3.3.0.tgz"
+    integrity sha512-J1C5rIANUbuYK+FuFL98650rihynUOEzRLxW+90bKZRWB6A1X1Tf82GxR1qAWLyfNPRvjqfip3Q5tdYlmAa9lA==
+    dependencies:
+      domelementtype "^2.0.1"
+  
+  domhandler@^4.2.0:
+    version "4.3.1"
+    resolved "https://registry.npmjs.org/domhandler/-/domhandler-4.3.1.tgz"
+    integrity sha512-GrwoxYN+uWlzO8uhUXRl0P+kHE4GtVPfYzVLcUxPL7KNdHKj66vvlhiweIHqYYXWlw+T8iLMp42Lm67ghw4WMQ==
+    dependencies:
+      domelementtype "^2.2.0"
+  
+  domhandler@^4.3.1:
+    version "4.3.1"
+    resolved "https://registry.npmjs.org/domhandler/-/domhandler-4.3.1.tgz"
+    integrity sha512-GrwoxYN+uWlzO8uhUXRl0P+kHE4GtVPfYzVLcUxPL7KNdHKj66vvlhiweIHqYYXWlw+T8iLMp42Lm67ghw4WMQ==
+    dependencies:
+      domelementtype "^2.2.0"
+  
+  domutils@^2.0.0, domutils@^2.8.0:
+    version "2.8.0"
+    resolved "https://registry.npmjs.org/domutils/-/domutils-2.8.0.tgz"
+    integrity sha512-w96Cjofp72M5IIhpjgobBimYEfoPjx1Vx0BSX9P30WBdZW2WIKU0T1Bd0kz2eNZ9ikjKgHbEyKx8BB6H1L3h3A==
+    dependencies:
+      dom-serializer "^1.0.1"
+      domelementtype "^2.2.0"
+      domhandler "^4.2.0"
+  
+  dot-case@^3.0.4:
+    version "3.0.4"
+    resolved "https://registry.npmjs.org/dot-case/-/dot-case-3.0.4.tgz"
+    integrity sha512-Kv5nKlh6yRrdrGvxeJ2e5y2eRUpkUosIW4A2AS38zwSz27zu7ufDwQPi5Jhs3XAlGNetl3bmnGhQsMtkKJnj3w==
+    dependencies:
+      no-case "^3.0.4"
+      tslib "^2.0.3"
+  
+  dotenv-expand@^5.1.0:
+    version "5.1.0"
+    resolved "https://registry.npmjs.org/dotenv-expand/-/dotenv-expand-5.1.0.tgz"
+    integrity sha512-YXQl1DSa4/PQyRfgrv6aoNjhasp/p4qs9FjJ4q4cQk+8m4r6k4ZSiEyytKG8f8W9gi8WsQtIObNmKd+tMzNTmA==
+  
+  dotenv@^10.0.0:
+    version "10.0.0"
+    resolved "https://registry.npmjs.org/dotenv/-/dotenv-10.0.0.tgz"
+    integrity sha512-rlBi9d8jpv9Sf1klPjNfFAuWDjKLwTIJJ/VxtoTwIR6hnZxcEOQCZg2oIL3MWBYw5GpUDKOEnND7LXTbIpQ03Q==
+  
+  duplexer@^0.1.1:
+    version "0.1.2"
+    resolved "https://registry.npmjs.org/duplexer/-/duplexer-0.1.2.tgz"
+    integrity sha512-jtD6YG370ZCIi/9GTaJKQxWTZD045+4R4hTk/x1UyoqadyJ9x9CgSi1RlVDQF8U2sxLLSnFkCaMihqljHIWgMg==
+  
+  ee-first@1.1.1:
+    version "1.1.1"
+    resolved "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz"
+    integrity sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow==
+  
+  ejs@^2.6.1:
+    version "2.7.4"
+    resolved "https://registry.npmjs.org/ejs/-/ejs-2.7.4.tgz"
+    integrity sha512-7vmuyh5+kuUyJKePhQfRQBhXV5Ce+RnaeeQArKu1EAMpL3WbgMt5WG6uQZpEVvYSSsxMXRKOewtDk9RaTKXRlA==
+  
+  electron-to-chromium@^1.4.284:
+    version "1.4.352"
+    resolved "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.352.tgz"
+    integrity sha512-ikFUEyu5/q+wJpMOxWxTaEVk2M1qKqTGKKyfJmod1CPZxKfYnxVS41/GCBQg21ItBpZybyN8sNpRqCUGm+Zc4Q==
+  
+  elliptic@^6.5.3, elliptic@^6.5.4:
+    version "6.5.4"
+    resolved "https://registry.npmjs.org/elliptic/-/elliptic-6.5.4.tgz"
+    integrity sha512-iLhC6ULemrljPZb+QutR5TQGB+pdW6KGD5RSegS+8sorOZT+rdQFbsQFJgvN3eRqNALqJer4oQ16YvJHlU8hzQ==
+    dependencies:
+      bn.js "^4.11.9"
+      brorand "^1.1.0"
+      hash.js "^1.0.0"
+      hmac-drbg "^1.0.1"
+      inherits "^2.0.4"
+      minimalistic-assert "^1.0.1"
+      minimalistic-crypto-utils "^1.0.1"
+  
+  emoji-regex@^8.0.0:
+    version "8.0.0"
+    resolved "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz"
+    integrity sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==
+  
+  emojis-list@^3.0.0:
+    version "3.0.0"
+    resolved "https://registry.npmjs.org/emojis-list/-/emojis-list-3.0.0.tgz"
+    integrity sha512-/kyM18EfinwXZbno9FyUGeFh87KC8HRQBQGildHZbEuRyWFOmv1U10o9BBp8XVZDVNNuQKyIGIu5ZYAAXJ0V2Q==
+  
+  encodeurl@~1.0.2:
+    version "1.0.2"
+    resolved "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz"
+    integrity sha512-TPJXq8JqFaVYm2CWmPvnP2Iyo4ZSM7/QKcSmuMLDObfpH5fi7RUGmd/rTDf+rut/saiDiQEeVTNgAmJEdAOx0w==
+  
+  enhanced-resolve@^5.15.0:
+    version "5.15.0"
+    resolved "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.15.0.tgz"
+    integrity sha512-LXYT42KJ7lpIKECr2mAXIaMldcNCh/7E0KBKOu4KSfkHmP+mZmSs+8V5gBAqisWBy0OO4W5Oyys0GO1Y8KtdKg==
+    dependencies:
+      graceful-fs "^4.2.4"
+      tapable "^2.2.0"
+  
+  entities@^2.0.0:
+    version "2.2.0"
+    resolved "https://registry.npmjs.org/entities/-/entities-2.2.0.tgz"
+    integrity sha512-p92if5Nz619I0w+akJrLZH0MX0Pb5DX39XOwQTtXSdQQOaYH03S1uIQp4mhOZtAXrxq4ViO67YTiLBo2638o9A==
+  
+  envinfo@^7.7.3:
+    version "7.8.1"
+    resolved "https://registry.npmjs.org/envinfo/-/envinfo-7.8.1.tgz"
+    integrity sha512-/o+BXHmB7ocbHEAs6F2EnG0ogybVVUdkRunTT2glZU9XAaGmhqskrvKwqXuDfNjEO0LZKWdejEEpnq8aM0tOaw==
+  
+  error-ex@^1.3.1:
+    version "1.3.2"
+    resolved "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz"
+    integrity sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==
+    dependencies:
+      is-arrayish "^0.2.1"
+  
+  es-module-lexer@^1.2.1:
+    version "1.4.1"
+    resolved "https://registry.npmjs.org/es-module-lexer/-/es-module-lexer-1.4.1.tgz"
+    integrity sha512-cXLGjP0c4T3flZJKQSuziYoq7MlT+rnvfZjfp7h+I7K9BNX54kP9nyWvdbwjQ4u1iWbOL4u96fgeZLToQlZC7w==
+  
+  escalade@^3.1.1:
+    version "3.1.1"
+    resolved "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz"
+    integrity sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==
+  
+  escape-html@~1.0.3:
+    version "1.0.3"
+    resolved "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz"
+    integrity sha512-NiSupZ4OeuGwr68lGIeym/ksIZMJodUGOSCZ/FSnTxcrekbvqrgdUxlJOMpijaKZVjAJrWrGs/6Jy8OMuyj9ow==
+  
+  escape-string-regexp@^1.0.5:
+    version "1.0.5"
+    resolved "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz"
+    integrity sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==
+  
+  eslint-scope@5.1.1:
+    version "5.1.1"
+    resolved "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz"
+    integrity sha512-2NxwbF/hZ0KpepYN0cNbo+FN6XoK7GaHlQhgx/hIZl6Va0bF45RQOOwhLIy8lQDbuCiadSLCBnH2CFYquit5bw==
+    dependencies:
+      esrecurse "^4.3.0"
+      estraverse "^4.1.1"
+  
+  esrecurse@^4.3.0:
+    version "4.3.0"
+    resolved "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz"
+    integrity sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==
+    dependencies:
+      estraverse "^5.2.0"
+  
+  estraverse@^4.1.1:
+    version "4.3.0"
+    resolved "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz"
+    integrity sha512-39nnKffWz8xN1BU/2c79n9nB9HDzo0niYUqx6xyqUnyoAnQyyWpOTdZEeiCch8BBu515t4wp9ZmgVfVhn9EBpw==
+  
+  estraverse@^5.2.0:
+    version "5.3.0"
+    resolved "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz"
+    integrity sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==
+  
+  estree-walker@^2.0.2:
+    version "2.0.2"
+    resolved "https://registry.npmjs.org/estree-walker/-/estree-walker-2.0.2.tgz"
+    integrity sha512-Rfkk/Mp/DL7JVje3u18FxFujQlTNR2q6QfMSMB7AvCBx91NGj/ba3kCfza0f6dVDbw7YlRf/nDrn7pQrCCyQ/w==
+  
+  esutils@^2.0.2:
+    version "2.0.3"
+    resolved "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz"
+    integrity sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==
+  
+  etag@~1.8.1:
+    version "1.8.1"
+    resolved "https://registry.npmjs.org/etag/-/etag-1.8.1.tgz"
+    integrity sha512-aIL5Fx7mawVa300al2BnEE4iNvo1qETxLrPI/o05L7z6go7fCw1J6EQmbK4FmJ2AS7kgVF/KEZWufBfdClMcPg==
+  
+  eventemitter3@^4.0.0:
+    version "4.0.7"
+    resolved "https://registry.npmjs.org/eventemitter3/-/eventemitter3-4.0.7.tgz"
+    integrity sha512-8guHBZCwKnFhYdHr2ysuRWErTwhoN2X8XELRlrRwpmfeY2jjuUN4taQMsULKUVo1K4DvZl+0pgfyoysHxvmvEw==
+  
+  events@^3.0.0, events@^3.2.0, events@^3.3.0:
+    version "3.3.0"
+    resolved "https://registry.npmjs.org/events/-/events-3.3.0.tgz"
+    integrity sha512-mQw+2fkQbALzQ7V0MY0IqdnXNOeTtP4r0lN9z7AAawCXgqea7bDii20AYrIBrFd/Hx0M2Ocz6S111CaFkUcb0Q==
+  
+  evp_bytestokey@^1.0.0, evp_bytestokey@^1.0.3:
+    version "1.0.3"
+    resolved "https://registry.npmjs.org/evp_bytestokey/-/evp_bytestokey-1.0.3.tgz"
+    integrity sha512-/f2Go4TognH/KvCISP7OUsHn85hT9nUkxxA9BEWxFn+Oj9o8ZNLm/40hdlgSLyuOimsrTKLUMEorQexp/aPQeA==
+    dependencies:
+      md5.js "^1.3.4"
+      safe-buffer "^5.1.1"
+  
+  execa@^5.0.0:
+    version "5.1.1"
+    resolved "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz"
+    integrity sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==
+    dependencies:
+      cross-spawn "^7.0.3"
+      get-stream "^6.0.0"
+      human-signals "^2.1.0"
+      is-stream "^2.0.0"
+      merge-stream "^2.0.0"
+      npm-run-path "^4.0.1"
+      onetime "^5.1.2"
+      signal-exit "^3.0.3"
+      strip-final-newline "^2.0.0"
+  
+  express@^4.16.3, express@^4.17.3:
+    version "4.18.2"
+    resolved "https://registry.npmjs.org/express/-/express-4.18.2.tgz"
+    integrity sha512-5/PsL6iGPdfQ/lKM1UuielYgv3BUoJfz1aUwU9vHZ+J7gyvwdQXFEBIEIaxeGf0GIcreATNyBExtalisDbuMqQ==
+    dependencies:
+      accepts "~1.3.8"
+      array-flatten "1.1.1"
+      body-parser "1.20.1"
+      content-disposition "0.5.4"
+      content-type "~1.0.4"
+      cookie "0.5.0"
+      cookie-signature "1.0.6"
+      debug "2.6.9"
+      depd "2.0.0"
+      encodeurl "~1.0.2"
+      escape-html "~1.0.3"
+      etag "~1.8.1"
+      finalhandler "1.2.0"
+      fresh "0.5.2"
+      http-errors "2.0.0"
+      merge-descriptors "1.0.1"
+      methods "~1.1.2"
+      on-finished "2.4.1"
+      parseurl "~1.3.3"
+      path-to-regexp "0.1.7"
+      proxy-addr "~2.0.7"
+      qs "6.11.0"
+      range-parser "~1.2.1"
+      safe-buffer "5.2.1"
+      send "0.18.0"
+      serve-static "1.15.0"
+      setprototypeof "1.2.0"
+      statuses "2.0.1"
+      type-is "~1.6.18"
+      utils-merge "1.0.1"
+      vary "~1.1.2"
+  
+  fast-deep-equal@^3.1.1, fast-deep-equal@^3.1.3:
+    version "3.1.3"
+    resolved "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz"
+    integrity sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==
+  
+  fast-glob@^3.0.3:
+    version "3.2.12"
+    resolved "https://registry.npmjs.org/fast-glob/-/fast-glob-3.2.12.tgz"
+    integrity sha512-DVj4CQIYYow0BlaelwK1pHl5n5cRSJfM60UA0zK891sVInoPri2Ekj7+e1CT3/3qxXenpI+nBBmQAcJPJgaj4w==
+    dependencies:
+      "@nodelib/fs.stat" "^2.0.2"
+      "@nodelib/fs.walk" "^1.2.3"
+      glob-parent "^5.1.2"
+      merge2 "^1.3.0"
+      micromatch "^4.0.4"
+  
+  fast-json-stable-stringify@^2.0.0:
+    version "2.1.0"
+    resolved "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz"
+    integrity sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==
+  
+  fastest-levenshtein@^1.0.12:
+    version "1.0.16"
+    resolved "https://registry.npmjs.org/fastest-levenshtein/-/fastest-levenshtein-1.0.16.tgz"
+    integrity sha512-eRnCtTTtGZFpQCwhJiUOuxPQWRXVKYDn0b2PeHfXL6/Zi53SLAzAHfVhVWK2AryC/WH05kGfxhFIPvTF0SXQzg==
+  
+  fastq@^1.6.0:
+    version "1.15.0"
+    resolved "https://registry.npmjs.org/fastq/-/fastq-1.15.0.tgz"
+    integrity sha512-wBrocU2LCXXa+lWBt8RoIRD89Fi8OdABODa/kEnyeyjS5aZO5/GNvI5sEINADqP/h8M29UHTHUb53sUu5Ihqdw==
+    dependencies:
+      reusify "^1.0.4"
+  
+  faye-websocket@^0.11.3:
+    version "0.11.4"
+    resolved "https://registry.npmjs.org/faye-websocket/-/faye-websocket-0.11.4.tgz"
+    integrity sha512-CzbClwlXAuiRQAlUyfqPgvPoNKTckTPGfwZV4ZdAhVcP2lh9KUxJg2b5GkE7XbjKQ3YJnQ9z6D9ntLAlB+tP8g==
+    dependencies:
+      websocket-driver ">=0.5.1"
+  
+  file-loader@^6.2.0:
+    version "6.2.0"
+    resolved "https://registry.npmjs.org/file-loader/-/file-loader-6.2.0.tgz"
+    integrity sha512-qo3glqyTa61Ytg4u73GultjHGjdRyig3tG6lPtyX/jOEJvHif9uB0/OCI2Kif6ctF3caQTW2G5gym21oAsI4pw==
+    dependencies:
+      loader-utils "^2.0.0"
+      schema-utils "^3.0.0"
+  
+  file-saver@^2.0.5:
+    version "2.0.5"
+    resolved "https://registry.npmjs.org/file-saver/-/file-saver-2.0.5.tgz"
+    integrity sha512-P9bmyZ3h/PRG+Nzga+rbdI4OEpNDzAVyy74uVO9ATgzLK6VtAsYybF/+TOCvrc0MO793d6+42lLyZTw7/ArVzA==
+  
+  file-type@^12.0.0:
+    version "12.4.2"
+    resolved "https://registry.npmjs.org/file-type/-/file-type-12.4.2.tgz"
+    integrity sha512-UssQP5ZgIOKelfsaB5CuGAL+Y+q7EmONuiwF3N5HAH0t27rvrttgi6Ra9k/+DVaY9UF6+ybxu5pOXLUdA8N7Vg==
+  
+  filesize@^3.6.1:
+    version "3.6.1"
+    resolved "https://registry.npmjs.org/filesize/-/filesize-3.6.1.tgz"
+    integrity sha512-7KjR1vv6qnicaPMi1iiTcI85CyYwRO/PSFCu6SvqL8jN2Wjt/NIYQTFtFs7fSDCYOstUkEWIQGFUg5YZQfjlcg==
+  
+  fill-range@^7.0.1:
+    version "7.0.1"
+    resolved "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz"
+    integrity sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==
+    dependencies:
+      to-regex-range "^5.0.1"
+  
+  finalhandler@1.2.0:
+    version "1.2.0"
+    resolved "https://registry.npmjs.org/finalhandler/-/finalhandler-1.2.0.tgz"
+    integrity sha512-5uXcUVftlQMFnWC9qu/svkWv3GTd2PfUhK/3PLkYNAe7FbqJMt3515HaxE6eRL74GdsriiwujiawdaB1BpEISg==
+    dependencies:
+      debug "2.6.9"
+      encodeurl "~1.0.2"
+      escape-html "~1.0.3"
+      on-finished "2.4.1"
+      parseurl "~1.3.3"
+      statuses "2.0.1"
+      unpipe "~1.0.0"
+  
+  find-cache-dir@^3.3.1:
+    version "3.3.2"
+    resolved "https://registry.npmjs.org/find-cache-dir/-/find-cache-dir-3.3.2.tgz"
+    integrity sha512-wXZV5emFEjrridIgED11OoUKLxiYjAcqot/NJdAkOhlJ+vGzwhOAfcG5OX1jP+S0PcjEn8bdMJv+g2jwQ3Onig==
+    dependencies:
+      commondir "^1.0.1"
+      make-dir "^3.0.2"
+      pkg-dir "^4.1.0"
+  
+  find-up@^4.0.0:
+    version "4.1.0"
+    resolved "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz"
+    integrity sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==
+    dependencies:
+      locate-path "^5.0.0"
+      path-exists "^4.0.0"
+  
+  flexbox-grid-mixins@^0.3.4:
+    version "0.3.4"
+    resolved "https://registry.npmjs.org/flexbox-grid-mixins/-/flexbox-grid-mixins-0.3.4.tgz"
+    integrity sha512-RjtmsfUD40vqTMhHZ5B5Aomxs9SqedKJTxixkkde972qMoIxxv1csdU3kJrdqGscbvBI53waS7Exwbu9TostCg==
+  
+  follow-redirects@^1.0.0:
+    version "1.15.4"
+    resolved "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.4.tgz"
+    integrity sha512-Cr4D/5wlrb0z9dgERpUL3LrmPKVDsETIJhaCMeDfuFYcqa5bldGV6wBsAN6X/vxlXQtFBMrXdXxdL8CbDTGniw==
+  
+  form-serialize@^0.7.2:
+    version "0.7.2"
+    resolved "https://registry.npmjs.org/form-serialize/-/form-serialize-0.7.2.tgz"
+    integrity sha1-sKL/DCICb7bT0VydM/beakMuRzI= sha512-ohEA4Crzd/+hSREjGf4kSsy73WhAtQ7H+blGEz2DVd+JCi0TV5nZBSn9PaPlvrl9m29fa6xclAfpRkqZ57b1bw==
+  
+  forwarded@0.2.0:
+    version "0.2.0"
+    resolved "https://registry.npmjs.org/forwarded/-/forwarded-0.2.0.tgz"
+    integrity sha512-buRG0fpBtRHSTCOASe6hD258tEubFoRLb4ZNA6NxMVHNw2gOcwHo9wyablzMzOA5z9xA9L1KNjk/Nt6MT9aYow==
+  
+  fraction.js@^4.2.0:
+    version "4.2.0"
+    resolved "https://registry.npmjs.org/fraction.js/-/fraction.js-4.2.0.tgz"
+    integrity sha512-MhLuK+2gUcnZe8ZHlaaINnQLl0xRIGRfcGk2yl8xoQAfHrSsL3rYu6FCmBdkdbhc9EPlwyGHewaRsvwRMJtAlA==
+  
+  framebus@5.2.0:
+    version "5.2.0"
+    resolved "https://registry.npmjs.org/framebus/-/framebus-5.2.0.tgz"
+    integrity sha512-hIKt71vBVd/g0emUbuVg8HAeHEjxBwhAE87CKXvxPIy0sCoGWqBulB1k9lWBWUU6ZHXPs0xjXWMwUldWMiqD6A==
+    dependencies:
+      "@braintree/uuid" "^0.1.0"
+  
+  fresh@0.5.2:
+    version "0.5.2"
+    resolved "https://registry.npmjs.org/fresh/-/fresh-0.5.2.tgz"
+    integrity sha512-zJ2mQYM18rEFOudeV4GShTGIQ7RbzA7ozbU9I/XBpm7kqgMywgmylMwXHxZJmkVoYkna9d2pVXVXPdYTP9ej8Q==
+  
+  fs-extra@^10.0.0:
+    version "10.1.0"
+    resolved "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz"
+    integrity sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==
+    dependencies:
+      graceful-fs "^4.2.0"
+      jsonfile "^6.0.1"
+      universalify "^2.0.0"
+  
+  fs-monkey@^1.0.3:
+    version "1.0.3"
+    resolved "https://registry.npmjs.org/fs-monkey/-/fs-monkey-1.0.3.tgz"
+    integrity sha512-cybjIfiiE+pTWicSCLFHSrXZ6EilF30oh91FDP9S2B051prEa7QWfrVTQm10/dDpswBDXZugPa1Ogu8Yh+HV0Q==
+  
+  fs.realpath@^1.0.0:
+    version "1.0.0"
+    resolved "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz"
+    integrity sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==
+  
+  fsevents@~2.3.2:
+    version "2.3.2"
+    resolved "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz"
+    integrity sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==
+  
+  function-bind@^1.1.1:
+    version "1.1.1"
+    resolved "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz"
+    integrity sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==
+  
+  gensync@^1.0.0-beta.2:
+    version "1.0.0-beta.2"
+    resolved "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz"
+    integrity sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==
+  
+  get-caller-file@^2.0.5:
+    version "2.0.5"
+    resolved "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz"
+    integrity sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==
+  
+  get-intrinsic@^1.0.2:
+    version "1.2.0"
+    resolved "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.0.tgz"
+    integrity sha512-L049y6nFOuom5wGyRc3/gdTLO94dySVKRACj1RmJZBQXlbTMhtNIgkWkUHq+jYmZvKf14EW1EoJnnjbmoHij0Q==
+    dependencies:
+      function-bind "^1.1.1"
+      has "^1.0.3"
+      has-symbols "^1.0.3"
+  
+  get-stream@^6.0.0:
+    version "6.0.1"
+    resolved "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz"
+    integrity sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==
+  
+  glob-parent@^5.1.2, glob-parent@~5.1.2:
+    version "5.1.2"
+    resolved "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz"
+    integrity sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==
+    dependencies:
+      is-glob "^4.0.1"
+  
+  glob-to-regexp@^0.4.1:
+    version "0.4.1"
+    resolved "https://registry.npmjs.org/glob-to-regexp/-/glob-to-regexp-0.4.1.tgz"
+    integrity sha512-lkX1HJXwyMcprw/5YUZc2s7DrpAiHB21/V+E1rHUrVNokkvB6bqMzT0VfV6/86ZNabt1k14YOIaT7nDvOX3Iiw==
+  
+  glob@^7.1.3, glob@^7.2.0:
+    version "7.2.3"
+    resolved "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz"
+    integrity sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==
+    dependencies:
+      fs.realpath "^1.0.0"
+      inflight "^1.0.4"
+      inherits "2"
+      minimatch "^3.1.1"
+      once "^1.3.0"
+      path-is-absolute "^1.0.0"
+  
+  globals@^11.1.0:
+    version "11.12.0"
+    resolved "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz"
+    integrity sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==
+  
+  globby@^10.0.0:
+    version "10.0.2"
+    resolved "https://registry.npmjs.org/globby/-/globby-10.0.2.tgz"
+    integrity sha512-7dUi7RvCoT/xast/o/dLN53oqND4yk0nsHkhRgn9w65C4PofCLOoJ39iSOg+qVDdWQPIEj+eszMHQ+aLVwwQSg==
+    dependencies:
+      "@types/glob" "^7.1.1"
+      array-union "^2.1.0"
+      dir-glob "^3.0.1"
+      fast-glob "^3.0.3"
+      glob "^7.1.3"
+      ignore "^5.1.1"
+      merge2 "^1.2.3"
+      slash "^3.0.0"
+  
+  graceful-fs@^4.1.2, graceful-fs@^4.1.6, graceful-fs@^4.2.0, graceful-fs@^4.2.2, graceful-fs@^4.2.4, graceful-fs@^4.2.6, graceful-fs@^4.2.9:
+    version "4.2.11"
+    resolved "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz"
+    integrity sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==
+  
+  growly@^1.3.0:
+    version "1.3.0"
+    resolved "https://registry.npmjs.org/growly/-/growly-1.3.0.tgz"
+    integrity sha512-+xGQY0YyAWCnqy7Cd++hc2JqMYzlm0dG30Jd0beaA64sROr8C4nt8Yc9V5Ro3avlSUDTN0ulqP/VBKi1/lLygw==
+  
+  gzip-size@^5.0.0:
+    version "5.1.1"
+    resolved "https://registry.npmjs.org/gzip-size/-/gzip-size-5.1.1.tgz"
+    integrity sha512-FNHi6mmoHvs1mxZAds4PpdCS6QG8B4C1krxJsMutgxl5t3+GlRTzzI3NEkifXx2pVsOvJdOGSmIgDhQ55FwdPA==
+    dependencies:
+      duplexer "^0.1.1"
+      pify "^4.0.1"
+  
+  handle-thing@^2.0.0:
+    version "2.0.1"
+    resolved "https://registry.npmjs.org/handle-thing/-/handle-thing-2.0.1.tgz"
+    integrity sha512-9Qn4yBxelxoh2Ow62nP+Ka/kMnOXRi8BXnRaUwezLNhqelnN49xKz4F/dPP8OYLxLxq6JDtZb2i9XznUQbNPTg==
+  
+  has-flag@^3.0.0:
+    version "3.0.0"
+    resolved "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz"
+    integrity sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==
+  
+  has-flag@^4.0.0:
+    version "4.0.0"
+    resolved "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz"
+    integrity sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==
+  
+  has-symbols@^1.0.3:
+    version "1.0.3"
+    resolved "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz"
+    integrity sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==
+  
+  has@^1.0.3:
+    version "1.0.3"
+    resolved "https://registry.npmjs.org/has/-/has-1.0.3.tgz"
+    integrity sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==
+    dependencies:
+      function-bind "^1.1.1"
+  
+  hash-base@^3.0.0:
+    version "3.1.0"
+    resolved "https://registry.npmjs.org/hash-base/-/hash-base-3.1.0.tgz"
+    integrity sha512-1nmYp/rhMDiE7AYkDw+lLwlAzz0AntGIe51F3RfFfEqyQ3feY2eI/NcwC6umIQVOASPMsWJLJScWKSSvzL9IVA==
+    dependencies:
+      inherits "^2.0.4"
+      readable-stream "^3.6.0"
+      safe-buffer "^5.2.0"
+  
+  hash-sum@^1.0.2:
+    version "1.0.2"
+    resolved "https://registry.npmjs.org/hash-sum/-/hash-sum-1.0.2.tgz"
+    integrity sha512-fUs4B4L+mlt8/XAtSOGMUO1TXmAelItBPtJG7CyHJfYTdDjwisntGO2JQz7oUsatOY9o68+57eziUVNw/mRHmA==
+  
+  hash-sum@^2.0.0:
+    version "2.0.0"
+    resolved "https://registry.npmjs.org/hash-sum/-/hash-sum-2.0.0.tgz"
+    integrity sha512-WdZTbAByD+pHfl/g9QSsBIIwy8IT+EsPiKDs0KNX+zSHhdDLFKdZu0BQHljvO+0QI/BasbMSUa8wYNCZTvhslg==
+  
+  hash.js@^1.0.0, hash.js@^1.0.3:
+    version "1.1.7"
+    resolved "https://registry.npmjs.org/hash.js/-/hash.js-1.1.7.tgz"
+    integrity sha512-taOaskGt4z4SOANNseOviYDvjEJinIkRgmp7LbKP2YTTmVxWBl87s/uzK9r+44BclBSp2X7K1hqeNfz9JbBeXA==
+    dependencies:
+      inherits "^2.0.3"
+      minimalistic-assert "^1.0.1"
+  
+  he@^1.2.0:
+    version "1.2.0"
+    resolved "https://registry.npmjs.org/he/-/he-1.2.0.tgz"
+    integrity sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==
+  
+  hi-base32@^0.5.0:
+    version "0.5.1"
+    resolved "https://registry.npmjs.org/hi-base32/-/hi-base32-0.5.1.tgz"
+    integrity sha512-EmBBpvdYh/4XxsnUybsPag6VikPYnN30td+vQk+GI3qpahVEG9+gTkG0aXVxTjBqQ5T6ijbWIu77O+C5WFWsnA==
+  
+  hmac-drbg@^1.0.1:
+    version "1.0.1"
+    resolved "https://registry.npmjs.org/hmac-drbg/-/hmac-drbg-1.0.1.tgz"
+    integrity sha512-Tti3gMqLdZfhOQY1Mzf/AanLiqh1WTiJgEj26ZuYQ9fbkLomzGchCws4FyrSd4VkpBfiNhaE1On+lOz894jvXg==
+    dependencies:
+      hash.js "^1.0.3"
+      minimalistic-assert "^1.0.0"
+      minimalistic-crypto-utils "^1.0.1"
+  
+  hoopy@^0.1.4:
+    version "0.1.4"
+    resolved "https://registry.npmjs.org/hoopy/-/hoopy-0.1.4.tgz"
+    integrity sha512-HRcs+2mr52W0K+x8RzcLzuPPmVIKMSv97RGHy0Ea9y/mpcaK+xTrjICA04KAHi4GRzxliNqNJEFYWHghy3rSfQ==
+  
+  hpack.js@^2.1.6:
+    version "2.1.6"
+    resolved "https://registry.npmjs.org/hpack.js/-/hpack.js-2.1.6.tgz"
+    integrity sha512-zJxVehUdMGIKsRaNt7apO2Gqp0BdqW5yaiGHXXmbpvxgBYVZnAql+BJb4RO5ad2MgpbZKn5G6nMnegrH1FcNYQ==
+    dependencies:
+      inherits "^2.0.1"
+      obuf "^1.0.0"
+      readable-stream "^2.0.1"
+      wbuf "^1.1.0"
+  
+  html-entities@^2.3.2:
+    version "2.3.3"
+    resolved "https://registry.npmjs.org/html-entities/-/html-entities-2.3.3.tgz"
+    integrity sha512-DV5Ln36z34NNTDgnz0EWGBLZENelNAtkiFA4kyNOG2tDI6Mz1uSWiq1wAKdyjnJwyDiDO7Fa2SO1CTxPXL8VxA==
+  
+  html-loader@^1.3.2:
+    version "1.3.2"
+    resolved "https://registry.npmjs.org/html-loader/-/html-loader-1.3.2.tgz"
+    integrity sha512-DEkUwSd0sijK5PF3kRWspYi56XP7bTNkyg5YWSzBdjaSDmvCufep5c4Vpb3PBf6lUL0YPtLwBfy9fL0t5hBAGA==
+    dependencies:
+      html-minifier-terser "^5.1.1"
+      htmlparser2 "^4.1.0"
+      loader-utils "^2.0.0"
+      schema-utils "^3.0.0"
+  
+  html-minifier-terser@^5.1.1:
+    version "5.1.1"
+    resolved "https://registry.npmjs.org/html-minifier-terser/-/html-minifier-terser-5.1.1.tgz"
+    integrity sha512-ZPr5MNObqnV/T9akshPKbVgyOqLmy+Bxo7juKCfTfnjNniTAMdy4hz21YQqoofMBJD2kdREaqPPdThoR78Tgxg==
+    dependencies:
+      camel-case "^4.1.1"
+      clean-css "^4.2.3"
+      commander "^4.1.1"
+      he "^1.2.0"
+      param-case "^3.0.3"
+      relateurl "^0.2.7"
+      terser "^4.6.3"
+  
+  htmlparser2@^4.1.0:
+    version "4.1.0"
+    resolved "https://registry.npmjs.org/htmlparser2/-/htmlparser2-4.1.0.tgz"
+    integrity sha512-4zDq1a1zhE4gQso/c5LP1OtrhYTncXNSpvJYtWJBtXAETPlMfi3IFNjGuQbYLuVY4ZR0QMqRVvo4Pdy9KLyP8Q==
+    dependencies:
+      domelementtype "^2.0.1"
+      domhandler "^3.0.0"
+      domutils "^2.0.0"
+      entities "^2.0.0"
+  
+  http-deceiver@^1.2.7:
+    version "1.2.7"
+    resolved "https://registry.npmjs.org/http-deceiver/-/http-deceiver-1.2.7.tgz"
+    integrity sha512-LmpOGxTfbpgtGVxJrj5k7asXHCgNZp5nLfp+hWc8QQRqtb7fUy6kRY3BO1h9ddF6yIPYUARgxGOwB42DnxIaNw==
+  
+  http-errors@~1.6.2:
+    version "1.6.3"
+    resolved "https://registry.npmjs.org/http-errors/-/http-errors-1.6.3.tgz"
+    integrity sha512-lks+lVC8dgGyh97jxvxeYTWQFvh4uw4yC12gVl63Cg30sjPX4wuGcdkICVXDAESr6OJGjqGA8Iz5mkeN6zlD7A==
+    dependencies:
+      depd "~1.1.2"
+      inherits "2.0.3"
+      setprototypeof "1.1.0"
+      statuses ">= 1.4.0 < 2"
+  
+  http-errors@2.0.0:
+    version "2.0.0"
+    resolved "https://registry.npmjs.org/http-errors/-/http-errors-2.0.0.tgz"
+    integrity sha512-FtwrG/euBzaEjYeRqOgly7G0qviiXoJWnvEH2Z1plBdXgbyjv34pHTSb9zoeHMyDy33+DWy5Wt9Wo+TURtOYSQ==
+    dependencies:
+      depd "2.0.0"
+      inherits "2.0.4"
+      setprototypeof "1.2.0"
+      statuses "2.0.1"
+      toidentifier "1.0.1"
+  
+  http-parser-js@>=0.5.1:
+    version "0.5.8"
+    resolved "https://registry.npmjs.org/http-parser-js/-/http-parser-js-0.5.8.tgz"
+    integrity sha512-SGeBX54F94Wgu5RH3X5jsDtf4eHyRogWX1XGT3b4HuW3tQPM4AaBzoUji/4AAJNXCEOWZ5O0DgZmJw1947gD5Q==
+  
+  http-proxy-middleware@^2.0.3:
+    version "2.0.6"
+    resolved "https://registry.npmjs.org/http-proxy-middleware/-/http-proxy-middleware-2.0.6.tgz"
+    integrity sha512-ya/UeJ6HVBYxrgYotAZo1KvPWlgB48kUJLDePFeneHsVujFaW5WNj2NgWCAE//B1Dl02BIfYlpNgBy8Kf8Rjmw==
+    dependencies:
+      "@types/http-proxy" "^1.17.8"
+      http-proxy "^1.18.1"
+      is-glob "^4.0.1"
+      is-plain-obj "^3.0.0"
+      micromatch "^4.0.2"
+  
+  http-proxy@^1.18.1:
+    version "1.18.1"
+    resolved "https://registry.npmjs.org/http-proxy/-/http-proxy-1.18.1.tgz"
+    integrity sha512-7mz/721AbnJwIVbnaSv1Cz3Am0ZLT/UBwkC92VlxhXv/k/BBQfM2fXElQNC27BVGr0uwUpplYPQM9LnaBMR5NQ==
+    dependencies:
+      eventemitter3 "^4.0.0"
+      follow-redirects "^1.0.0"
+      requires-port "^1.0.0"
+  
+  https-browserify@^1.0.0:
+    version "1.0.0"
+    resolved "https://registry.npmjs.org/https-browserify/-/https-browserify-1.0.0.tgz"
+    integrity sha512-J+FkSdyD+0mA0N+81tMotaRMfSL9SGi+xpD3T6YApKsc3bGSXJlfXri3VyFOeYkfLRQisDk1W+jIFFKBeUBbBg==
+  
+  human-signals@^2.1.0:
+    version "2.1.0"
+    resolved "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz"
+    integrity sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==
+  
+  iconv-lite@0.4.24:
+    version "0.4.24"
+    resolved "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz"
+    integrity sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==
+    dependencies:
+      safer-buffer ">= 2.1.2 < 3"
+  
+  icss-utils@^5.0.0, icss-utils@^5.1.0:
+    version "5.1.0"
+    resolved "https://registry.npmjs.org/icss-utils/-/icss-utils-5.1.0.tgz"
+    integrity sha512-soFhflCVWLfRNOPU3iv5Z9VUdT44xFRbzjLsEzSr5AQmgqPMTHdU3PMT1Cf1ssx8fLNJDA1juftYl+PUcv3MqA==
+  
+  ieee754@^1.1.4:
+    version "1.2.1"
+    resolved "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz"
+    integrity sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==
+  
+  ignore@^5.1.1:
+    version "5.2.4"
+    resolved "https://registry.npmjs.org/ignore/-/ignore-5.2.4.tgz"
+    integrity sha512-MAb38BcSbH0eHNBxn7ql2NH/kX33OkB3lZ1BNdh7ENeRChHTYsTvWrMubiIAMNS2llXEEgZ1MUOBtXChP3kaFQ==
+  
+  "imagemin@^5.0.0 || ^6.0.0 || ^7.0.0 || ^8.0.0", imagemin@^7.0.1:
+    version "7.0.1"
+    resolved "https://registry.npmjs.org/imagemin/-/imagemin-7.0.1.tgz"
+    integrity sha512-33AmZ+xjZhg2JMCe+vDf6a9mzWukE7l+wAtesjE7KyteqqKjzxv7aVQeWnul1Ve26mWvEQqyPwl0OctNBfSR9w==
+    dependencies:
+      file-type "^12.0.0"
+      globby "^10.0.0"
+      graceful-fs "^4.2.2"
+      junk "^3.1.0"
+      make-dir "^3.0.0"
+      p-pipe "^3.0.0"
+      replace-ext "^1.0.0"
+  
+  img-loader@^4.0.0:
+    version "4.0.0"
+    resolved "https://registry.npmjs.org/img-loader/-/img-loader-4.0.0.tgz"
+    integrity sha512-UwRcPQdwdOyEHyCxe1V9s9YFwInwEWCpoO+kJGfIqDrBDqA8jZUsEZTxQ0JteNPGw/Gupmwesk2OhLTcnw6tnQ==
+    dependencies:
+      loader-utils "^1.1.0"
+  
+  immediate@~3.0.5:
+    version "3.0.6"
+    resolved "https://registry.npmjs.org/immediate/-/immediate-3.0.6.tgz"
+    integrity sha1-nbHb0Pr43m++D13V5Wu2BigN5ps= sha512-XXOFtyqDjNDAQxVfYxuF7g9Il/IbWmmlQg2MYKOH8ExIT1qg6xc4zyS3HaEEATgs1btfzxq15ciUiY7gjSXRGQ==
+  
+  immutable@^4.0.0:
+    version "4.0.0"
+    resolved "https://registry.npmjs.org/immutable/-/immutable-4.0.0.tgz"
+    integrity sha512-zIE9hX70qew5qTUjSS7wi1iwj/l7+m54KWU247nhM3v806UdGj1yDndXj+IOYxxtW9zyLI+xqFNZjTuDaLUqFw==
+  
+  import-fresh@^3.2.1:
+    version "3.3.0"
+    resolved "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz"
+    integrity sha512-veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw==
+    dependencies:
+      parent-module "^1.0.0"
+      resolve-from "^4.0.0"
+  
+  import-local@^3.0.2:
+    version "3.1.0"
+    resolved "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz"
+    integrity sha512-ASB07uLtnDs1o6EHjKpX34BKYDSqnFerfTOJL2HvMqF70LnxpjkzDB8J44oT9pu4AMPkQwf8jl6szgvNd2tRIg==
+    dependencies:
+      pkg-dir "^4.2.0"
+      resolve-cwd "^3.0.0"
+  
+  inflight@^1.0.4:
+    version "1.0.6"
+    resolved "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz"
+    integrity sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==
+    dependencies:
+      once "^1.3.0"
+      wrappy "1"
+  
+  inherits@^2.0.1, inherits@^2.0.3, inherits@^2.0.4, inherits@~2.0.1, inherits@~2.0.3, inherits@2, inherits@2.0.4:
+    version "2.0.4"
+    resolved "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz"
+    integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==
+  
+  inherits@2.0.1:
+    version "2.0.1"
+    resolved "https://registry.npmjs.org/inherits/-/inherits-2.0.1.tgz"
+    integrity sha512-8nWq2nLTAwd02jTqJExUYFSD/fKq6VH9Y/oG2accc/kdI0V98Bag8d5a4gi3XHz73rDWa2PvTtvcWYquKqSENA==
+  
+  inherits@2.0.3:
+    version "2.0.3"
+    resolved "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz"
+    integrity sha512-x00IRNXNy63jwGkJmzPigoySHbaqpNuzKbBOmzK+g2OdZpQ9w+sxCN+VSB3ja7IAge2OP2qpfxTjeNcyjmW1uw==
+  
+  inject-stylesheet@5.0.0:
+    version "5.0.0"
+    resolved "https://registry.npmjs.org/inject-stylesheet/-/inject-stylesheet-5.0.0.tgz"
+    integrity sha512-GzncrJP8E/pavMQzoO93CXoYCfTttwVm2cX2TyXJdgtVE0cCvWSFCn1/uMsM6ZkEg7LUsOcKuamcLiGWlv2p9A==
+  
+  interpret@^2.2.0:
+    version "2.2.0"
+    resolved "https://registry.npmjs.org/interpret/-/interpret-2.2.0.tgz"
+    integrity sha512-Ju0Bz/cEia55xDwUWEa8+olFpCiQoypjnQySseKtmjNrnps3P+xfpUmGr90T7yjlVJmOtybRvPXhKMbHr+fWnw==
+  
+  ip-num@^1.5.1:
+    version "1.5.1"
+    resolved "https://registry.npmjs.org/ip-num/-/ip-num-1.5.1.tgz"
+    integrity sha512-QziFxgxq3mjIf5CuwlzXFYscHxgLqdEdJKRo2UJ5GurL5zrSRMzT/O+nK0ABimoFH8MWF8YwIiwECYsHc1LpUQ==
+  
+  ipaddr.js@^2.0.1:
+    version "2.0.1"
+    resolved "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-2.0.1.tgz"
+    integrity sha512-1qTgH9NG+IIJ4yfKs2e6Pp1bZg8wbDbKHT21HrLIeYBTRLgMYKnMTPAuI3Lcs61nfx5h1xlXnbJtH1kX5/d/ng==
+  
+  ipaddr.js@1.9.1:
+    version "1.9.1"
+    resolved "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz"
+    integrity sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g==
+  
+  is-arrayish@^0.2.1:
+    version "0.2.1"
+    resolved "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz"
+    integrity sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==
+  
+  is-binary-path@~2.1.0:
+    version "2.1.0"
+    resolved "https://registry.npmjs.org/is-binary-path/-/is-binary-path-2.1.0.tgz"
+    integrity sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw==
+    dependencies:
+      binary-extensions "^2.0.0"
+  
+  is-buffer@~1.1.6:
+    version "1.1.6"
+    resolved "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz"
+    integrity sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==
+  
+  is-core-module@^2.9.0:
+    version "2.11.0"
+    resolved "https://registry.npmjs.org/is-core-module/-/is-core-module-2.11.0.tgz"
+    integrity sha512-RRjxlvLDkD1YJwDbroBHMb+cukurkDWNyHx7D3oNB5x9rb5ogcksMC5wHCadcXoo67gVr/+3GFySh3134zi6rw==
+    dependencies:
+      has "^1.0.3"
+  
+  is-docker@^2.0.0, is-docker@^2.1.1:
+    version "2.2.1"
+    resolved "https://registry.npmjs.org/is-docker/-/is-docker-2.2.1.tgz"
+    integrity sha512-F+i2BKsFrH66iaUFc0woD8sLy8getkwTwtOBjvs56Cx4CgJDeKQeqfz8wAYiSb8JOprWhHH5p77PbmYCvvUuXQ==
+  
+  is-extglob@^2.1.1:
+    version "2.1.1"
+    resolved "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz"
+    integrity sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ==
+  
+  is-fullwidth-code-point@^3.0.0:
+    version "3.0.0"
+    resolved "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz"
+    integrity sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==
+  
+  is-glob@^4.0.1, is-glob@~4.0.1:
+    version "4.0.3"
+    resolved "https://registry.npmjs.org/is-glob/-/is-glob-4.0.3.tgz"
+    integrity sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg==
+    dependencies:
+      is-extglob "^2.1.1"
+  
+  is-number@^7.0.0:
+    version "7.0.0"
+    resolved "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz"
+    integrity sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==
+  
+  is-plain-obj@^3.0.0:
+    version "3.0.0"
+    resolved "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-3.0.0.tgz"
+    integrity sha512-gwsOE28k+23GP1B6vFl1oVh/WOzmawBrKwo5Ev6wMKzPkaXaCDIQKzLnvsA42DRlbVTWorkgTKIviAKCWkfUwA==
+  
+  is-plain-object@^2.0.4:
+    version "2.0.4"
+    resolved "https://registry.npmjs.org/is-plain-object/-/is-plain-object-2.0.4.tgz"
+    integrity sha512-h5PpgXkWitc38BBMYawTYMWJHFZJVnBquFE57xFpjB8pJFiF6gZ+bU+WyI/yqXiFR5mdLsgYNaPe8uao6Uv9Og==
+    dependencies:
+      isobject "^3.0.1"
+  
+  is-stream@^2.0.0:
+    version "2.0.1"
+    resolved "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz"
+    integrity sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==
+  
+  is-wsl@^2.2.0:
+    version "2.2.0"
+    resolved "https://registry.npmjs.org/is-wsl/-/is-wsl-2.2.0.tgz"
+    integrity sha512-fKzAra0rGJUUBwGBgNkHZuToZcn+TtXHpeCgmkMJMMYx1sQDYaCSyjJBSCa2nH1DGm7s3n1oBnohoVTBaN7Lww==
+    dependencies:
+      is-docker "^2.0.0"
+  
+  isarray@^1.0.0, isarray@~1.0.0:
+    version "1.0.0"
+    resolved "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz"
+    integrity sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==
+  
+  isexe@^2.0.0:
+    version "2.0.0"
+    resolved "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz"
+    integrity sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==
+  
+  isobject@^3.0.1:
+    version "3.0.1"
+    resolved "https://registry.npmjs.org/isobject/-/isobject-3.0.1.tgz"
+    integrity sha512-WhB9zCku7EGTj/HQQRz5aUQEUeoQZH2bWcltRErOpymJ4boYE6wL9Tbr23krRPSZ+C5zqNSrSw+Cc7sZZ4b7vg==
+  
+  jest-worker@^27.4.5:
+    version "27.5.1"
+    resolved "https://registry.npmjs.org/jest-worker/-/jest-worker-27.5.1.tgz"
+    integrity sha512-7vuh85V5cdDofPyxn58nrPjBktZo0u9x1g8WtjQol+jZDaE+fhN+cIvTj11GndBnMnyfrUOG1sZQxCdjKh+DKg==
+    dependencies:
+      "@types/node" "*"
+      merge-stream "^2.0.0"
+      supports-color "^8.0.0"
+  
+  js-cookie@^3.0.1:
+    version "3.0.1"
+    resolved "https://registry.npmjs.org/js-cookie/-/js-cookie-3.0.1.tgz"
+    integrity sha512-+0rgsUXZu4ncpPxRL+lNEptWMOWl9etvPHc/koSRp6MPwpRYAhmk0dUG00J4bxVV3r9uUzfo24wW0knS07SKSw==
+  
+  "js-tokens@^3.0.0 || ^4.0.0", js-tokens@^4.0.0:
+    version "4.0.0"
+    resolved "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz"
+    integrity sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==
+  
+  jsesc@^2.5.1:
+    version "2.5.2"
+    resolved "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz"
+    integrity sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==
+  
+  jsesc@~0.5.0:
+    version "0.5.0"
+    resolved "https://registry.npmjs.org/jsesc/-/jsesc-0.5.0.tgz"
+    integrity sha512-uZz5UnB7u4T9LvwmFqXii7pZSouaRPorGs5who1Ip7VO0wxanFvBL7GkM6dTHlgX+jhBApRetaWpnDabOeTcnA==
+  
+  json-parse-even-better-errors@^2.3.0, json-parse-even-better-errors@^2.3.1:
+    version "2.3.1"
+    resolved "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz"
+    integrity sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==
+  
+  json-schema-traverse@^0.4.1:
+    version "0.4.1"
+    resolved "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz"
+    integrity sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==
+  
+  json-schema-traverse@^1.0.0:
+    version "1.0.0"
+    resolved "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz"
+    integrity sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==
+  
+  json5@^1.0.1:
+    version "1.0.2"
+    resolved "https://registry.npmjs.org/json5/-/json5-1.0.2.tgz"
+    integrity sha512-g1MWMLBiz8FKi1e4w0UyVL3w+iJceWAFBAaBnnGKOpNa5f8TLktkbre1+s6oICydWAm+HRUGTmI+//xv2hvXYA==
+    dependencies:
+      minimist "^1.2.0"
+  
+  json5@^2.1.2, json5@^2.2.2, json5@2.2.3:
+    version "2.2.3"
+    resolved "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz"
+    integrity sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==
+  
+  jsonfile@^6.0.1:
+    version "6.1.0"
+    resolved "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz"
+    integrity sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==
+    dependencies:
+      universalify "^2.0.0"
+    optionalDependencies:
+      graceful-fs "^4.1.6"
+  
+  jszip@^3.10.1:
+    version "3.10.1"
+    resolved "https://registry.npmjs.org/jszip/-/jszip-3.10.1.tgz"
+    integrity sha512-xXDvecyTpGLrqFrvkrUSoxxfJI5AH7U8zxxtVclpsUtMCq4JQ290LY8AW5c7Ggnr/Y/oK+bQMbqK2qmtk3pN4g==
+    dependencies:
+      lie "~3.3.0"
+      pako "~1.0.2"
+      readable-stream "~2.3.6"
+      setimmediate "^1.0.5"
+  
+  junk@^3.1.0:
+    version "3.1.0"
+    resolved "https://registry.npmjs.org/junk/-/junk-3.1.0.tgz"
+    integrity sha512-pBxcB3LFc8QVgdggvZWyeys+hnrNWg4OcZIU/1X59k5jQdLBlCsYGRQaz234SqoRLTCgMH00fY0xRJH+F9METQ==
+  
+  kind-of@^6.0.2:
+    version "6.0.3"
+    resolved "https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz"
+    integrity sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==
+  
+  klona@^2.0.4, klona@^2.0.5:
+    version "2.0.6"
+    resolved "https://registry.npmjs.org/klona/-/klona-2.0.6.tgz"
+    integrity sha512-dhG34DXATL5hSxJbIexCft8FChFXtmskoZYnoPWjXQuebWYCNkVeV3KkGegCK9CP1oswI/vQibS2GY7Em/sJJA==
+  
+  laravel-mix-bundle-analyzer@^1.0.5:
+    version "1.0.5"
+    resolved "https://registry.npmjs.org/laravel-mix-bundle-analyzer/-/laravel-mix-bundle-analyzer-1.0.5.tgz"
+    integrity sha512-Oeq1mW6oDaZZhjs1Yga/xZpj5kfH2TonKbqzSPW5BJiI8WomvMBGUmq9yHzy/Zh2fw0R/133U9/hFANTTrgjfQ==
+    dependencies:
+      webpack-bundle-analyzer "^3.0.3"
+  
+  laravel-mix@^6.0.49, "laravel-mix@>= 4.0.0":
+    version "6.0.49"
+    resolved "https://registry.npmjs.org/laravel-mix/-/laravel-mix-6.0.49.tgz"
+    integrity sha512-bBMFpFjp26XfijPvY5y9zGKud7VqlyOE0OWUcPo3vTBY5asw8LTjafAbee1dhfLz6PWNqDziz69CP78ELSpfKw==
+    dependencies:
+      "@babel/core" "^7.15.8"
+      "@babel/plugin-proposal-object-rest-spread" "^7.15.6"
+      "@babel/plugin-syntax-dynamic-import" "^7.8.3"
+      "@babel/plugin-transform-runtime" "^7.15.8"
+      "@babel/preset-env" "^7.15.8"
+      "@babel/runtime" "^7.15.4"
+      "@types/babel__core" "^7.1.16"
+      "@types/clean-css" "^4.2.5"
+      "@types/imagemin-gifsicle" "^7.0.1"
+      "@types/imagemin-mozjpeg" "^8.0.1"
+      "@types/imagemin-optipng" "^5.2.1"
+      "@types/imagemin-svgo" "^8.0.0"
+      autoprefixer "^10.4.0"
+      babel-loader "^8.2.3"
+      chalk "^4.1.2"
+      chokidar "^3.5.2"
+      clean-css "^5.2.4"
+      cli-table3 "^0.6.0"
+      collect.js "^4.28.5"
+      commander "^7.2.0"
+      concat "^1.0.3"
+      css-loader "^5.2.6"
+      cssnano "^5.0.8"
+      dotenv "^10.0.0"
+      dotenv-expand "^5.1.0"
+      file-loader "^6.2.0"
+      fs-extra "^10.0.0"
+      glob "^7.2.0"
+      html-loader "^1.3.2"
+      imagemin "^7.0.1"
+      img-loader "^4.0.0"
+      lodash "^4.17.21"
+      md5 "^2.3.0"
+      mini-css-extract-plugin "^1.6.2"
+      node-libs-browser "^2.2.1"
+      postcss-load-config "^3.1.0"
+      postcss-loader "^6.2.0"
+      semver "^7.3.5"
+      strip-ansi "^6.0.0"
+      style-loader "^2.0.0"
+      terser "^5.9.0"
+      terser-webpack-plugin "^5.2.4"
+      vue-style-loader "^4.1.3"
+      webpack "^5.60.0"
+      webpack-cli "^4.9.1"
+      webpack-dev-server "^4.7.3"
+      webpack-merge "^5.8.0"
+      webpack-notifier "^1.14.1"
+      webpackbar "^5.0.0-3"
+      yargs "^17.2.1"
+  
+  launch-editor@^2.6.0:
+    version "2.6.0"
+    resolved "https://registry.npmjs.org/launch-editor/-/launch-editor-2.6.0.tgz"
+    integrity sha512-JpDCcQnyAAzZZaZ7vEiSqL690w7dAEyLao+KC96zBplnYbJS7TYNjvM3M7y3dGz+v7aIsJk3hllWuc0kWAjyRQ==
+    dependencies:
+      picocolors "^1.0.0"
+      shell-quote "^1.7.3"
+  
+  lie@~3.3.0:
+    version "3.3.0"
+    resolved "https://registry.npmjs.org/lie/-/lie-3.3.0.tgz"
+    integrity sha512-UaiMJzeWRlEujzAuw5LokY1L5ecNQYZKfmyZ9L7wDHb/p5etKaxXhohBcrw0EYby+G/NA52vRSN4N39dxHAIwQ==
+    dependencies:
+      immediate "~3.0.5"
+  
+  lilconfig@^2.0.3, lilconfig@^2.0.5:
+    version "2.1.0"
+    resolved "https://registry.npmjs.org/lilconfig/-/lilconfig-2.1.0.tgz"
+    integrity sha512-utWOt/GHzuUxnLKxB6dk81RoOeoNeHgbrXiuGk4yyF5qlRz+iIVWu56E2fqGHFrXz0QNUhLB/8nKqvRH66JKGQ==
+  
+  lines-and-columns@^1.1.6:
+    version "1.2.4"
+    resolved "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz"
+    integrity sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==
+  
+  loader-runner@^4.2.0:
+    version "4.3.0"
+    resolved "https://registry.npmjs.org/loader-runner/-/loader-runner-4.3.0.tgz"
+    integrity sha512-3R/1M+yS3j5ou80Me59j7F9IMs4PXs3VqRrm0TU3AbKPxlmpoY1TNscJV/oGJXo8qCatFGTfDbY6W6ipGOYXfg==
+  
+  loader-utils@^1.0.2:
+    version "1.4.2"
+    resolved "https://registry.npmjs.org/loader-utils/-/loader-utils-1.4.2.tgz"
+    integrity sha512-I5d00Pd/jwMD2QCduo657+YM/6L3KZu++pmX9VFncxaxvHcru9jx1lBaFft+r4Mt2jK0Yhp41XlRAihzPxHNCg==
+    dependencies:
+      big.js "^5.2.2"
+      emojis-list "^3.0.0"
+      json5 "^1.0.1"
+  
+  loader-utils@^1.1.0:
+    version "1.4.2"
+    resolved "https://registry.npmjs.org/loader-utils/-/loader-utils-1.4.2.tgz"
+    integrity sha512-I5d00Pd/jwMD2QCduo657+YM/6L3KZu++pmX9VFncxaxvHcru9jx1lBaFft+r4Mt2jK0Yhp41XlRAihzPxHNCg==
+    dependencies:
+      big.js "^5.2.2"
+      emojis-list "^3.0.0"
+      json5 "^1.0.1"
+  
+  loader-utils@^2.0.0:
+    version "2.0.4"
+    resolved "https://registry.npmjs.org/loader-utils/-/loader-utils-2.0.4.tgz"
+    integrity sha512-xXqpXoINfFhgua9xiqD8fPFHgkoq1mmmpE92WlDbm9rNRd/EbRb+Gqf908T2DMfuHjjJlksiK2RbHVOdD/MqSw==
+    dependencies:
+      big.js "^5.2.2"
+      emojis-list "^3.0.0"
+      json5 "^2.1.2"
+  
+  locate-path@^5.0.0:
+    version "5.0.0"
+    resolved "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz"
+    integrity sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==
+    dependencies:
+      p-locate "^4.1.0"
+  
+  lodash.debounce@^4.0.8:
+    version "4.0.8"
+    resolved "https://registry.npmjs.org/lodash.debounce/-/lodash.debounce-4.0.8.tgz"
+    integrity sha512-FT1yDzDYEoYWhnSGnpE/4Kj1fLZkDFyqRb7fNt6FdYOSxlUWAtp42Eh6Wb0rGIv/m9Bgo7x4GhQbm5Ys4SG5ow==
+  
+  lodash.memoize@^4.1.2:
+    version "4.1.2"
+    resolved "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz"
+    integrity sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag==
+  
+  lodash.uniq@^4.5.0:
+    version "4.5.0"
+    resolved "https://registry.npmjs.org/lodash.uniq/-/lodash.uniq-4.5.0.tgz"
+    integrity sha512-xfBaXQd9ryd9dlSDvnvI0lvxfLJlYAZzXomUYzLKtUeOQvOP5piqAWuGtrhWeqaXK9hhoM/iyJc5AV+XfsX3HQ==
+  
+  lodash@^4.17.19, lodash@^4.17.21:
+    version "4.17.21"
+    resolved "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz"
+    integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==
+  
+  loose-envify@^1.1.0:
+    version "1.4.0"
+    resolved "https://registry.npmjs.org/loose-envify/-/loose-envify-1.4.0.tgz"
+    integrity sha512-lyuxPGr/Wfhrlem2CL/UcnUc1zcqKAImBDzukY7Y5F/yQiNdko6+fRLevlw1HgMySw7f611UIY408EtxRSoK3Q==
+    dependencies:
+      js-tokens "^3.0.0 || ^4.0.0"
+  
+  lower-case@^2.0.2:
+    version "2.0.2"
+    resolved "https://registry.npmjs.org/lower-case/-/lower-case-2.0.2.tgz"
+    integrity sha512-7fm3l3NAF9WfN6W3JOmf5drwpVqX78JtoGJ3A6W0a6ZnldM41w2fV5D490psKFTpMds8TJse/eHLFFsNHHjHgg==
+    dependencies:
+      tslib "^2.0.3"
+  
+  lru-cache@^5.1.1:
+    version "5.1.1"
+    resolved "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz"
+    integrity sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==
+    dependencies:
+      yallist "^3.0.2"
+  
+  lru-cache@^6.0.0:
+    version "6.0.0"
+    resolved "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz"
+    integrity sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==
+    dependencies:
+      yallist "^4.0.0"
+  
+  lunr@^2.3.9:
+    version "2.3.9"
+    resolved "https://registry.npmjs.org/lunr/-/lunr-2.3.9.tgz"
+    integrity sha512-zTU3DaZaF3Rt9rhN3uBMGQD3dD2/vFQqnvZCDv4dl5iOzq2IZQqTxu90r4E5J+nP70J3ilqVCrbho2eWaeW8Ow==
+  
+  magic-string@^0.25.7:
+    version "0.25.9"
+    resolved "https://registry.npmjs.org/magic-string/-/magic-string-0.25.9.tgz"
+    integrity sha512-RmF0AsMzgt25qzqqLc1+MbHmhdx0ojF2Fvs4XnOqz2ZOBXzzkEwc/dJQZCYHAn7v1jbVOjAZfK8msRn4BxO4VQ==
+    dependencies:
+      sourcemap-codec "^1.4.8"
+  
+  make-dir@^3.0.0, make-dir@^3.0.2, make-dir@^3.1.0:
+    version "3.1.0"
+    resolved "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz"
+    integrity sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==
+    dependencies:
+      semver "^6.0.0"
+  
+  md5.js@^1.3.4:
+    version "1.3.5"
+    resolved "https://registry.npmjs.org/md5.js/-/md5.js-1.3.5.tgz"
+    integrity sha512-xitP+WxNPcTTOgnTJcrhM0xvdPepipPSf3I8EIpGKeFLjt3PlJLIDG3u8EX53ZIubkb+5U2+3rELYpEhHhzdkg==
+    dependencies:
+      hash-base "^3.0.0"
+      inherits "^2.0.1"
+      safe-buffer "^5.1.2"
+  
+  md5@^2.3.0:
+    version "2.3.0"
+    resolved "https://registry.npmjs.org/md5/-/md5-2.3.0.tgz"
+    integrity sha512-T1GITYmFaKuO91vxyoQMFETst+O71VUPEU3ze5GNzDm0OWdP8v1ziTaAEPUr/3kLsY3Sftgz242A1SetQiDL7g==
+    dependencies:
+      charenc "0.0.2"
+      crypt "0.0.2"
+      is-buffer "~1.1.6"
+  
+  mdn-data@2.0.14:
+    version "2.0.14"
+    resolved "https://registry.npmjs.org/mdn-data/-/mdn-data-2.0.14.tgz"
+    integrity sha512-dn6wd0uw5GsdswPFfsgMp5NSB0/aDe6fK94YJV/AJDYXL6HVLWBsxeq7js7Ad+mU2K9LAlwpk6kN2D5mwCPVow==
+  
+  media-typer@0.3.0:
+    version "0.3.0"
+    resolved "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz"
+    integrity sha512-dq+qelQ9akHpcOl/gUVRTxVIOkAJ1wR3QAvb4RsVjS8oVoFjDGTc679wJYmUmknUF5HwMLOgb5O+a3KxfWapPQ==
+  
+  memfs@^3.4.3:
+    version "3.4.13"
+    resolved "https://registry.npmjs.org/memfs/-/memfs-3.4.13.tgz"
+    integrity sha512-omTM41g3Skpvx5dSYeZIbXKcXoAVc/AoMNwn9TKx++L/gaen/+4TTttmu8ZSch5vfVJ8uJvGbroTsIlslRg6lg==
+    dependencies:
+      fs-monkey "^1.0.3"
+  
+  merge-descriptors@1.0.1:
+    version "1.0.1"
+    resolved "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-1.0.1.tgz"
+    integrity sha512-cCi6g3/Zr1iqQi6ySbseM1Xvooa98N0w31jzUYrXPX2xqObmFGHJ0tQ5u74H3mVh7wLouTseZyYIq39g8cNp1w==
+  
+  merge-stream@^2.0.0:
+    version "2.0.0"
+    resolved "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz"
+    integrity sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==
+  
+  merge2@^1.2.3, merge2@^1.3.0:
+    version "1.4.1"
+    resolved "https://registry.npmjs.org/merge2/-/merge2-1.4.1.tgz"
+    integrity sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg==
+  
+  methods@~1.1.2:
+    version "1.1.2"
+    resolved "https://registry.npmjs.org/methods/-/methods-1.1.2.tgz"
+    integrity sha512-iclAHeNqNm68zFtnZ0e+1L2yUIdvzNoauKU4WBA3VvH/vPFieF7qfRlwUZU+DA9P9bPXIS90ulxoUoCH23sV2w==
+  
+  micromatch@^4.0.2, micromatch@^4.0.4:
+    version "4.0.5"
+    resolved "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz"
+    integrity sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==
+    dependencies:
+      braces "^3.0.2"
+      picomatch "^2.3.1"
+  
+  miller-rabin@^4.0.0:
+    version "4.0.1"
+    resolved "https://registry.npmjs.org/miller-rabin/-/miller-rabin-4.0.1.tgz"
+    integrity sha512-115fLhvZVqWwHPbClyntxEVfVDfl9DLLTuJvq3g2O/Oxi8AiNouAHvDSzHS0viUJc+V5vm3eq91Xwqn9dp4jRA==
+    dependencies:
+      bn.js "^4.0.0"
+      brorand "^1.0.1"
+  
+  "mime-db@>= 1.43.0 < 2", mime-db@1.52.0:
+    version "1.52.0"
+    resolved "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz"
+    integrity sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==
+  
+  mime-types@^2.1.27, mime-types@^2.1.31, mime-types@~2.1.17, mime-types@~2.1.24, mime-types@~2.1.34:
+    version "2.1.35"
+    resolved "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz"
+    integrity sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==
+    dependencies:
+      mime-db "1.52.0"
+  
+  mime@1.6.0:
+    version "1.6.0"
+    resolved "https://registry.npmjs.org/mime/-/mime-1.6.0.tgz"
+    integrity sha512-x0Vn8spI+wuJ1O6S7gnbaQg8Pxh4NNHb7KSINmEWKiPE4RKOplvijn+NkmYmmRgP68mc70j2EbeTFRsrswaQeg==
+  
+  mimic-fn@^2.1.0:
+    version "2.1.0"
+    resolved "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz"
+    integrity sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==
+  
+  mini-css-extract-plugin@^1.6.2:
+    version "1.6.2"
+    resolved "https://registry.npmjs.org/mini-css-extract-plugin/-/mini-css-extract-plugin-1.6.2.tgz"
+    integrity sha512-WhDvO3SjGm40oV5y26GjMJYjd2UMqrLAGKy5YS2/3QKJy2F7jgynuHTir/tgUUOiNQu5saXHdc8reo7YuhhT4Q==
+    dependencies:
+      loader-utils "^2.0.0"
+      schema-utils "^3.0.0"
+      webpack-sources "^1.1.0"
+  
+  minimalistic-assert@^1.0.0, minimalistic-assert@^1.0.1:
+    version "1.0.1"
+    resolved "https://registry.npmjs.org/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz"
+    integrity sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==
+  
+  minimalistic-crypto-utils@^1.0.1:
+    version "1.0.1"
+    resolved "https://registry.npmjs.org/minimalistic-crypto-utils/-/minimalistic-crypto-utils-1.0.1.tgz"
+    integrity sha512-JIYlbt6g8i5jKfJ3xz7rF0LXmv2TkDxBLUkiBeZ7bAx4GnnNMr8xFpGnOxn6GhTEHx3SjRrZEoU+j04prX1ktg==
+  
+  minimatch@^3.1.1:
+    version "3.1.2"
+    resolved "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz"
+    integrity sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==
+    dependencies:
+      brace-expansion "^1.1.7"
+  
+  minimist@^1.2.0, minimist@^1.2.5, minimist@1.2.8:
+    version "1.2.8"
+    resolved "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz"
+    integrity sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==
+  
+  mix-env-file@^0.1.1:
+    version "0.1.1"
+    resolved "https://registry.npmjs.org/mix-env-file/-/mix-env-file-0.1.1.tgz"
+    integrity sha512-bfeOoRlW4J4aS17Qu3XROkWXR/IN5/j/3aSKeQ2qBjFR8tXYbwY8wnO0w0Xhrfv9EHCbBUihNa0YBOAy2jm7dg==
+  
+  mkdirp@^0.5.1:
+    version "0.5.5"
+    resolved "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.5.tgz"
+    integrity sha512-NKmAlESf6jMGym1++R0Ra7wvhV+wFW63FaSOFPwRahvea0gMUcGUhVeAg/0BC0wiv9ih5NYPB1Wn1UEI1/L+xQ==
+    dependencies:
+      minimist "^1.2.5"
+  
+  ms@2.0.0:
+    version "2.0.0"
+    resolved "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz"
+    integrity sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==
+  
+  ms@2.1.2:
+    version "2.1.2"
+    resolved "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz"
+    integrity sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==
+  
+  ms@2.1.3:
+    version "2.1.3"
+    resolved "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz"
+    integrity sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==
+  
+  multicast-dns@^7.2.5:
+    version "7.2.5"
+    resolved "https://registry.npmjs.org/multicast-dns/-/multicast-dns-7.2.5.tgz"
+    integrity sha512-2eznPJP8z2BFLX50tf0LuODrpINqP1RVIm/CObbTcBRITQgmC/TjcREF1NeTBzIcR5XO/ukWo+YHOjBbFwIupg==
+    dependencies:
+      dns-packet "^5.2.2"
+      thunky "^1.0.2"
+  
+  nanoid@^3.3.6:
+    version "3.3.6"
+    resolved "https://registry.npmjs.org/nanoid/-/nanoid-3.3.6.tgz"
+    integrity sha512-BGcqMMJuToF7i1rt+2PWSNVnWIkGCU78jBG3RxO/bZlnZPK2Cmi2QaffxGO/2RvWi9sL+FAiRiXMgsyxQ1DIDA==
+  
+  negotiator@0.6.3:
+    version "0.6.3"
+    resolved "https://registry.npmjs.org/negotiator/-/negotiator-0.6.3.tgz"
+    integrity sha512-+EUsqGPLsM+j/zdChZjsnX51g4XrHFOIXwfnCVPGlQk/k5giakcKsuxCObBRu6DSm9opw/O6slWbJdghQM4bBg==
+  
+  neo-async@^2.6.2:
+    version "2.6.2"
+    resolved "https://registry.npmjs.org/neo-async/-/neo-async-2.6.2.tgz"
+    integrity sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw==
+  
+  no-case@^3.0.4:
+    version "3.0.4"
+    resolved "https://registry.npmjs.org/no-case/-/no-case-3.0.4.tgz"
+    integrity sha512-fgAN3jGAh+RoxUGZHTSOLJIqUc2wmoBwGR4tbpNAKmmovFoWq0OdRkb0VkldReO2a2iBT/OEulG9XSUc10r3zg==
+    dependencies:
+      lower-case "^2.0.2"
+      tslib "^2.0.3"
+  
+  node-forge@^1:
+    version "1.3.1"
+    resolved "https://registry.npmjs.org/node-forge/-/node-forge-1.3.1.tgz"
+    integrity sha512-dPEtOeMvF9VMcYV/1Wb8CPoVAXtp6MKMlcbAt4ddqmGqUJ6fQZFXkNZNkNlfevtNkGtaSoXf/vNNNSvgrdXwtA==
+  
+  node-libs-browser@^2.2.1:
+    version "2.2.1"
+    resolved "https://registry.npmjs.org/node-libs-browser/-/node-libs-browser-2.2.1.tgz"
+    integrity sha512-h/zcD8H9kaDZ9ALUWwlBUDo6TKF8a7qBSCSEGfjTVIYeqsioSKaAX+BN7NgiMGp6iSIXZ3PxgCu8KS3b71YK5Q==
+    dependencies:
+      assert "^1.1.1"
+      browserify-zlib "^0.2.0"
+      buffer "^4.3.0"
+      console-browserify "^1.1.0"
+      constants-browserify "^1.0.0"
+      crypto-browserify "^3.11.0"
+      domain-browser "^1.1.1"
+      events "^3.0.0"
+      https-browserify "^1.0.0"
+      os-browserify "^0.3.0"
+      path-browserify "0.0.1"
+      process "^0.11.10"
+      punycode "^1.2.4"
+      querystring-es3 "^0.2.0"
+      readable-stream "^2.3.3"
+      stream-browserify "^2.0.1"
+      stream-http "^2.7.2"
+      string_decoder "^1.0.0"
+      timers-browserify "^2.0.4"
+      tty-browserify "0.0.0"
+      url "^0.11.0"
+      util "^0.11.0"
+      vm-browserify "^1.0.1"
+  
+  node-notifier@^9.0.0:
+    version "9.0.1"
+    resolved "https://registry.npmjs.org/node-notifier/-/node-notifier-9.0.1.tgz"
+    integrity sha512-fPNFIp2hF/Dq7qLDzSg4vZ0J4e9v60gJR+Qx7RbjbWqzPDdEqeVpEx5CFeDAELIl+A/woaaNn1fQ5nEVerMxJg==
+    dependencies:
+      growly "^1.3.0"
+      is-wsl "^2.2.0"
+      semver "^7.3.2"
+      shellwords "^0.1.1"
+      uuid "^8.3.0"
+      which "^2.0.2"
+  
+  node-releases@^2.0.8:
+    version "2.0.10"
+    resolved "https://registry.npmjs.org/node-releases/-/node-releases-2.0.10.tgz"
+    integrity sha512-5GFldHPXVG/YZmFzJvKK2zDSzPKhEp0+ZR5SVaoSag9fsL5YgHbUHDfnG5494ISANDcK4KwPXAx2xqVEydmd7w==
+  
+  normalize-path@^3.0.0, normalize-path@~3.0.0:
+    version "3.0.0"
+    resolved "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz"
+    integrity sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==
+  
+  normalize-range@^0.1.2:
+    version "0.1.2"
+    resolved "https://registry.npmjs.org/normalize-range/-/normalize-range-0.1.2.tgz"
+    integrity sha512-bdok/XvKII3nUpklnV6P2hxtMNrCboOjAcyBuQnWEhO665FwrSNRxU+AqpsyvO6LgGYPspN+lu5CLtw4jPRKNA==
+  
+  normalize-url@^6.0.1:
+    version "6.1.0"
+    resolved "https://registry.npmjs.org/normalize-url/-/normalize-url-6.1.0.tgz"
+    integrity sha512-DlL+XwOy3NxAQ8xuC0okPgK46iuVNAK01YN7RueYBqqFeGsBjV9XmCAzAdgt+667bCl5kPh9EqKKDwnaPG1I7A==
+  
+  nostr-tools@^1.17.0:
+    version "1.17.0"
+    resolved "https://registry.npmjs.org/nostr-tools/-/nostr-tools-1.17.0.tgz"
+    integrity sha512-LZmR8GEWKZeElbFV5Xte75dOeE9EFUW/QLI1Ncn3JKn0kFddDKEfBbFN8Mu4TMs+L4HR/WTPha2l+PPuRnJcMw==
+    dependencies:
+      "@noble/ciphers" "0.2.0"
+      "@noble/curves" "1.1.0"
+      "@noble/hashes" "1.3.1"
+      "@scure/base" "1.1.1"
+      "@scure/bip32" "1.3.1"
+      "@scure/bip39" "1.2.1"
+  
+  npm-run-path@^4.0.1:
+    version "4.0.1"
+    resolved "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz"
+    integrity sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==
+    dependencies:
+      path-key "^3.0.0"
+  
+  nth-check@^2.0.1:
+    version "2.1.1"
+    resolved "https://registry.npmjs.org/nth-check/-/nth-check-2.1.1.tgz"
+    integrity sha512-lqjrjmaOoAnWfMmBPL+XNnynZh2+swxiX3WUE0s4yEHI6m+AwrK2UZOimIRl3X/4QctVqS8AiZjFqyOGrMXb/w==
+    dependencies:
+      boolbase "^1.0.0"
+  
+  object-assign@^4.1.1:
+    version "4.1.1"
+    resolved "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz"
+    integrity sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==
+  
+  object-inspect@^1.9.0:
+    version "1.12.3"
+    resolved "https://registry.npmjs.org/object-inspect/-/object-inspect-1.12.3.tgz"
+    integrity sha512-geUvdk7c+eizMNUDkRpW1wJwgfOiOeHbxBR/hLXK1aT6zmVSO0jsQcs7fj6MGw89jC/cjGfLcNOrtMYtGqm81g==
+  
+  obuf@^1.0.0, obuf@^1.1.2:
+    version "1.1.2"
+    resolved "https://registry.npmjs.org/obuf/-/obuf-1.1.2.tgz"
+    integrity sha512-PX1wu0AmAdPqOL1mWhqmlOd8kOIZQwGZw6rh7uby9fTc5lhaOWFLX3I6R1hrF9k3zUY40e6igsLGkDXK92LJNg==
+  
+  on-finished@2.4.1:
+    version "2.4.1"
+    resolved "https://registry.npmjs.org/on-finished/-/on-finished-2.4.1.tgz"
+    integrity sha512-oVlzkg3ENAhCk2zdv7IJwd/QUD4z2RxRwpkcGY8psCVcCYZNq4wYnVWALHM+brtuJjePWiYF/ClmuDr8Ch5+kg==
+    dependencies:
+      ee-first "1.1.1"
+  
+  on-headers@~1.0.2:
+    version "1.0.2"
+    resolved "https://registry.npmjs.org/on-headers/-/on-headers-1.0.2.tgz"
+    integrity sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA==
+  
+  once@^1.3.0:
+    version "1.4.0"
+    resolved "https://registry.npmjs.org/once/-/once-1.4.0.tgz"
+    integrity sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==
+    dependencies:
+      wrappy "1"
+  
+  onetime@^5.1.2:
+    version "5.1.2"
+    resolved "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz"
+    integrity sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==
+    dependencies:
+      mimic-fn "^2.1.0"
+  
+  open@^8.0.9:
+    version "8.4.2"
+    resolved "https://registry.npmjs.org/open/-/open-8.4.2.tgz"
+    integrity sha512-7x81NCL719oNbsq/3mh+hVrAWmFuEYUqrq/Iw3kUzH8ReypT9QQ0BLoJS7/G9k6N81XjW4qHWtjWwe/9eLy1EQ==
+    dependencies:
+      define-lazy-prop "^2.0.0"
+      is-docker "^2.1.1"
+      is-wsl "^2.2.0"
+  
+  opener@^1.5.1:
+    version "1.5.2"
+    resolved "https://registry.npmjs.org/opener/-/opener-1.5.2.tgz"
+    integrity sha512-ur5UIdyw5Y7yEj9wLzhqXiy6GZ3Mwx0yGI+5sMn2r0N0v3cKJvUmFH5yPP+WXh9e0xfyzyJX95D8l088DNFj7A==
+  
+  os-browserify@^0.3.0:
+    version "0.3.0"
+    resolved "https://registry.npmjs.org/os-browserify/-/os-browserify-0.3.0.tgz"
+    integrity sha512-gjcpUc3clBf9+210TRaDWbf+rZZZEshZ+DlXMRCeAjp0xhTrnQsKHypIy1J3d5hKdUzj69t708EHtU8P6bUn0A==
+  
+  p-limit@^2.2.0:
+    version "2.3.0"
+    resolved "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz"
+    integrity sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==
+    dependencies:
+      p-try "^2.0.0"
+  
+  p-locate@^4.1.0:
+    version "4.1.0"
+    resolved "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz"
+    integrity sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==
+    dependencies:
+      p-limit "^2.2.0"
+  
+  p-pipe@^3.0.0:
+    version "3.1.0"
+    resolved "https://registry.npmjs.org/p-pipe/-/p-pipe-3.1.0.tgz"
+    integrity sha512-08pj8ATpzMR0Y80x50yJHn37NF6vjrqHutASaX5LiH5npS9XPvrUmscd9MF5R4fuYRHOxQR1FfMIlF7AzwoPqw==
+  
+  p-retry@^4.5.0:
+    version "4.6.2"
+    resolved "https://registry.npmjs.org/p-retry/-/p-retry-4.6.2.tgz"
+    integrity sha512-312Id396EbJdvRONlngUx0NydfrIQ5lsYu0znKVUzVvArzEIt08V1qhtyESbGVd1FGX7UKtiFp5uwKZdM8wIuQ==
+    dependencies:
+      "@types/retry" "0.12.0"
+      retry "^0.13.1"
+  
+  p-try@^2.0.0:
+    version "2.2.0"
+    resolved "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz"
+    integrity sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==
+  
+  pako@~1.0.2, pako@~1.0.5:
+    version "1.0.11"
+    resolved "https://registry.npmjs.org/pako/-/pako-1.0.11.tgz"
+    integrity sha512-4hLB8Py4zZce5s4yd9XzopqwVv/yGNhV1Bl8NTmCq1763HeK2+EwVTv+leGeL13Dnh2wfbqowVPXCIO0z4taYw==
+  
+  param-case@^3.0.3:
+    version "3.0.4"
+    resolved "https://registry.npmjs.org/param-case/-/param-case-3.0.4.tgz"
+    integrity sha512-RXlj7zCYokReqWpOPH9oYivUzLYZ5vAPIfEmCTNViosC78F8F0H9y7T7gG2M39ymgutxF5gcFEsyZQSph9Bp3A==
+    dependencies:
+      dot-case "^3.0.4"
+      tslib "^2.0.3"
+  
+  parent-module@^1.0.0:
+    version "1.0.1"
+    resolved "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz"
+    integrity sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==
+    dependencies:
+      callsites "^3.0.0"
+  
+  parse-asn1@^5.0.0, parse-asn1@^5.1.6:
+    version "5.1.6"
+    resolved "https://registry.npmjs.org/parse-asn1/-/parse-asn1-5.1.6.tgz"
+    integrity sha512-RnZRo1EPU6JBnra2vGHj0yhp6ebyjBZpmUCLHWiFhxlzvBCCpAuZ7elsBp1PVAbQN0/04VD/19rfzlBSwLstMw==
+    dependencies:
+      asn1.js "^5.2.0"
+      browserify-aes "^1.0.0"
+      evp_bytestokey "^1.0.0"
+      pbkdf2 "^3.0.3"
+      safe-buffer "^5.1.1"
+  
+  parse-json@^5.0.0:
+    version "5.2.0"
+    resolved "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz"
+    integrity sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==
+    dependencies:
+      "@babel/code-frame" "^7.0.0"
+      error-ex "^1.3.1"
+      json-parse-even-better-errors "^2.3.0"
+      lines-and-columns "^1.1.6"
+  
+  parseurl@~1.3.2, parseurl@~1.3.3:
+    version "1.3.3"
+    resolved "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz"
+    integrity sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ==
+  
+  pascal-case@^3.1.2:
+    version "3.1.2"
+    resolved "https://registry.npmjs.org/pascal-case/-/pascal-case-3.1.2.tgz"
+    integrity sha512-uWlGT3YSnK9x3BQJaOdcZwrnV6hPpd8jFH1/ucpiLRPh/2zCVJKS19E4GvYHvaCcACn3foXZ0cLB9Wrx1KGe5g==
+    dependencies:
+      no-case "^3.0.4"
+      tslib "^2.0.3"
+  
+  path-browserify@0.0.1:
+    version "0.0.1"
+    resolved "https://registry.npmjs.org/path-browserify/-/path-browserify-0.0.1.tgz"
+    integrity sha512-BapA40NHICOS+USX9SN4tyhq+A2RrN/Ws5F0Z5aMHDp98Fl86lX8Oti8B7uN93L4Ifv4fHOEA+pQw87gmMO/lQ==
+  
+  path-exists@^4.0.0:
+    version "4.0.0"
+    resolved "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz"
+    integrity sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==
+  
+  path-is-absolute@^1.0.0:
+    version "1.0.1"
+    resolved "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz"
+    integrity sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==
+  
+  path-key@^3.0.0, path-key@^3.1.0:
+    version "3.1.1"
+    resolved "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz"
+    integrity sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==
+  
+  path-parse@^1.0.7:
+    version "1.0.7"
+    resolved "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz"
+    integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==
+  
+  path-to-regexp@0.1.7:
+    version "0.1.7"
+    resolved "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz"
+    integrity sha512-5DFkuoqlv1uYQKxy8omFBeJPQcdoE07Kv2sferDCrAq1ohOU+MSDswDIbnx3YAM60qIOnYa53wBhXW0EbMonrQ==
+  
+  path-type@^4.0.0:
+    version "4.0.0"
+    resolved "https://registry.npmjs.org/path-type/-/path-type-4.0.0.tgz"
+    integrity sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==
+  
+  paypal-checkout@^4.0.336:
+    version "4.0.336"
+    resolved "https://registry.npmjs.org/paypal-checkout/-/paypal-checkout-4.0.336.tgz"
+    integrity sha512-UIll2A/NhatwIMq3pz4jbEkanjk4ksd/LAo+G2TAfk/hGHlp5ASJXySrJKKuGv2TnXHPp1Elg/O7eOH6EafWwg==
+    dependencies:
+      "@paypal/sdk-constants" "^1.0.64"
+      Base64 "^1.0.0"
+      beaver-logger "^3.0.6"
+      belter "1.0.173"
+      bowser "^1.7.1"
+      cross-domain-utils "^2.0.1"
+      form-serialize "^0.7.2"
+      hi-base32 "^0.5.0"
+      post-robot "^8.0.0"
+      zalgo-promise "^1.0.10"
+      zoid "^6.0.67"
+  
+  pbkdf2@^3.0.3:
+    version "3.1.2"
+    resolved "https://registry.npmjs.org/pbkdf2/-/pbkdf2-3.1.2.tgz"
+    integrity sha512-iuh7L6jA7JEGu2WxDwtQP1ddOpaJNC4KlDEFfdQajSGgGPNi4OyDc2R7QnbY2bR9QjBVGwgvTdNJZoE7RaxUMA==
+    dependencies:
+      create-hash "^1.1.2"
+      create-hmac "^1.1.4"
+      ripemd160 "^2.0.1"
+      safe-buffer "^5.0.1"
+      sha.js "^2.4.8"
+  
+  picocolors@^1.0.0:
+    version "1.0.0"
+    resolved "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz"
+    integrity sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==
+  
+  picomatch@^2.0.4, picomatch@^2.2.1, picomatch@^2.3.1:
+    version "2.3.1"
+    resolved "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz"
+    integrity sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==
+  
+  pify@^4.0.1:
+    version "4.0.1"
+    resolved "https://registry.npmjs.org/pify/-/pify-4.0.1.tgz"
+    integrity sha512-uB80kBFb/tfd68bVleG9T5GGsGPjJrLAUpR5PZIrhBnIaRTQRjqdJSsIKkOP6OAIFbj7GOrcudc5pNjZ+geV2g==
+  
+  pkg-dir@^4.1.0, pkg-dir@^4.2.0:
+    version "4.2.0"
+    resolved "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz"
+    integrity sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==
+    dependencies:
+      find-up "^4.0.0"
+  
+  post-robot@^8.0.0, post-robot@^8.0.29:
+    version "8.0.31"
+    resolved "https://registry.npmjs.org/post-robot/-/post-robot-8.0.31.tgz"
+    integrity sha512-nUhtKgtmcgyuPm4RnIhUB3gsDYJBHOgFry3TvOxhIHpgfwYY/T69d4oB90tw4YUllFZUUwqLEv1Wgyg6eOoJ7A==
+    dependencies:
+      cross-domain-safe-weakmap "^1.0.1"
+      cross-domain-utils "^2.0.0"
+      zalgo-promise "^1.0.3"
+  
+  postcss-calc@^8.2.3:
+    version "8.2.4"
+    resolved "https://registry.npmjs.org/postcss-calc/-/postcss-calc-8.2.4.tgz"
+    integrity sha512-SmWMSJmB8MRnnULldx0lQIyhSNvuDl9HfrZkaqqE/WHAhToYsAvDq+yAsA/kIyINDszOp3Rh0GFoNuH5Ypsm3Q==
+    dependencies:
+      postcss-selector-parser "^6.0.9"
+      postcss-value-parser "^4.2.0"
+  
+  postcss-colormin@^5.3.1:
+    version "5.3.1"
+    resolved "https://registry.npmjs.org/postcss-colormin/-/postcss-colormin-5.3.1.tgz"
+    integrity sha512-UsWQG0AqTFQmpBegeLLc1+c3jIqBNB0zlDGRWR+dQ3pRKJL1oeMzyqmH3o2PIfn9MBdNrVPWhDbT769LxCTLJQ==
+    dependencies:
+      browserslist "^4.21.4"
+      caniuse-api "^3.0.0"
+      colord "^2.9.1"
+      postcss-value-parser "^4.2.0"
+  
+  postcss-convert-values@^5.1.3:
+    version "5.1.3"
+    resolved "https://registry.npmjs.org/postcss-convert-values/-/postcss-convert-values-5.1.3.tgz"
+    integrity sha512-82pC1xkJZtcJEfiLw6UXnXVXScgtBrjlO5CBmuDQc+dlb88ZYheFsjTn40+zBVi3DkfF7iezO0nJUPLcJK3pvA==
+    dependencies:
+      browserslist "^4.21.4"
+      postcss-value-parser "^4.2.0"
+  
+  postcss-discard-comments@^5.1.2:
+    version "5.1.2"
+    resolved "https://registry.npmjs.org/postcss-discard-comments/-/postcss-discard-comments-5.1.2.tgz"
+    integrity sha512-+L8208OVbHVF2UQf1iDmRcbdjJkuBF6IS29yBDSiWUIzpYaAhtNl6JYnYm12FnkeCwQqF5LeklOu6rAqgfBZqQ==
+  
+  postcss-discard-duplicates@^5.1.0:
+    version "5.1.0"
+    resolved "https://registry.npmjs.org/postcss-discard-duplicates/-/postcss-discard-duplicates-5.1.0.tgz"
+    integrity sha512-zmX3IoSI2aoenxHV6C7plngHWWhUOV3sP1T8y2ifzxzbtnuhk1EdPwm0S1bIUNaJ2eNbWeGLEwzw8huPD67aQw==
+  
+  postcss-discard-empty@^5.1.1:
+    version "5.1.1"
+    resolved "https://registry.npmjs.org/postcss-discard-empty/-/postcss-discard-empty-5.1.1.tgz"
+    integrity sha512-zPz4WljiSuLWsI0ir4Mcnr4qQQ5e1Ukc3i7UfE2XcrwKK2LIPIqE5jxMRxO6GbI3cv//ztXDsXwEWT3BHOGh3A==
+  
+  postcss-discard-overridden@^5.1.0:
+    version "5.1.0"
+    resolved "https://registry.npmjs.org/postcss-discard-overridden/-/postcss-discard-overridden-5.1.0.tgz"
+    integrity sha512-21nOL7RqWR1kasIVdKs8HNqQJhFxLsyRfAnUDm4Fe4t4mCWL9OJiHvlHPjcd8zc5Myu89b/7wZDnOSjFgeWRtw==
+  
+  postcss-load-config@^3.1.0:
+    version "3.1.4"
+    resolved "https://registry.npmjs.org/postcss-load-config/-/postcss-load-config-3.1.4.tgz"
+    integrity sha512-6DiM4E7v4coTE4uzA8U//WhtPwyhiim3eyjEMFCnUpzbrkK9wJHgKDT2mR+HbtSrd/NubVaYTOpSpjUl8NQeRg==
+    dependencies:
+      lilconfig "^2.0.5"
+      yaml "^1.10.2"
+  
+  postcss-loader@^6.2.0:
+    version "6.2.1"
+    resolved "https://registry.npmjs.org/postcss-loader/-/postcss-loader-6.2.1.tgz"
+    integrity sha512-WbbYpmAaKcux/P66bZ40bpWsBucjx/TTgVVzRZ9yUO8yQfVBlameJ0ZGVaPfH64hNSBh63a+ICP5nqOpBA0w+Q==
+    dependencies:
+      cosmiconfig "^7.0.0"
+      klona "^2.0.5"
+      semver "^7.3.5"
+  
+  postcss-merge-longhand@^5.1.7:
+    version "5.1.7"
+    resolved "https://registry.npmjs.org/postcss-merge-longhand/-/postcss-merge-longhand-5.1.7.tgz"
+    integrity sha512-YCI9gZB+PLNskrK0BB3/2OzPnGhPkBEwmwhfYk1ilBHYVAZB7/tkTHFBAnCrvBBOmeYyMYw3DMjT55SyxMBzjQ==
+    dependencies:
+      postcss-value-parser "^4.2.0"
+      stylehacks "^5.1.1"
+  
+  postcss-merge-rules@^5.1.4:
+    version "5.1.4"
+    resolved "https://registry.npmjs.org/postcss-merge-rules/-/postcss-merge-rules-5.1.4.tgz"
+    integrity sha512-0R2IuYpgU93y9lhVbO/OylTtKMVcHb67zjWIfCiKR9rWL3GUk1677LAqD/BcHizukdZEjT8Ru3oHRoAYoJy44g==
+    dependencies:
+      browserslist "^4.21.4"
+      caniuse-api "^3.0.0"
+      cssnano-utils "^3.1.0"
+      postcss-selector-parser "^6.0.5"
+  
+  postcss-minify-font-values@^5.1.0:
+    version "5.1.0"
+    resolved "https://registry.npmjs.org/postcss-minify-font-values/-/postcss-minify-font-values-5.1.0.tgz"
+    integrity sha512-el3mYTgx13ZAPPirSVsHqFzl+BBBDrXvbySvPGFnQcTI4iNslrPaFq4muTkLZmKlGk4gyFAYUBMH30+HurREyA==
+    dependencies:
+      postcss-value-parser "^4.2.0"
+  
+  postcss-minify-gradients@^5.1.1:
+    version "5.1.1"
+    resolved "https://registry.npmjs.org/postcss-minify-gradients/-/postcss-minify-gradients-5.1.1.tgz"
+    integrity sha512-VGvXMTpCEo4qHTNSa9A0a3D+dxGFZCYwR6Jokk+/3oB6flu2/PnPXAh2x7x52EkY5xlIHLm+Le8tJxe/7TNhzw==
+    dependencies:
+      colord "^2.9.1"
+      cssnano-utils "^3.1.0"
+      postcss-value-parser "^4.2.0"
+  
+  postcss-minify-params@^5.1.4:
+    version "5.1.4"
+    resolved "https://registry.npmjs.org/postcss-minify-params/-/postcss-minify-params-5.1.4.tgz"
+    integrity sha512-+mePA3MgdmVmv6g+30rn57USjOGSAyuxUmkfiWpzalZ8aiBkdPYjXWtHuwJGm1v5Ojy0Z0LaSYhHaLJQB0P8Jw==
+    dependencies:
+      browserslist "^4.21.4"
+      cssnano-utils "^3.1.0"
+      postcss-value-parser "^4.2.0"
+  
+  postcss-minify-selectors@^5.2.1:
+    version "5.2.1"
+    resolved "https://registry.npmjs.org/postcss-minify-selectors/-/postcss-minify-selectors-5.2.1.tgz"
+    integrity sha512-nPJu7OjZJTsVUmPdm2TcaiohIwxP+v8ha9NehQ2ye9szv4orirRU3SDdtUmKH+10nzn0bAyOXZ0UEr7OpvLehg==
+    dependencies:
+      postcss-selector-parser "^6.0.5"
+  
+  postcss-modules-extract-imports@^3.0.0:
+    version "3.0.0"
+    resolved "https://registry.npmjs.org/postcss-modules-extract-imports/-/postcss-modules-extract-imports-3.0.0.tgz"
+    integrity sha512-bdHleFnP3kZ4NYDhuGlVK+CMrQ/pqUm8bx/oGL93K6gVwiclvX5x0n76fYMKuIGKzlABOy13zsvqjb0f92TEXw==
+  
+  postcss-modules-local-by-default@^4.0.0:
+    version "4.0.0"
+    resolved "https://registry.npmjs.org/postcss-modules-local-by-default/-/postcss-modules-local-by-default-4.0.0.tgz"
+    integrity sha512-sT7ihtmGSF9yhm6ggikHdV0hlziDTX7oFoXtuVWeDd3hHObNkcHRo9V3yg7vCAY7cONyxJC/XXCmmiHHcvX7bQ==
+    dependencies:
+      icss-utils "^5.0.0"
+      postcss-selector-parser "^6.0.2"
+      postcss-value-parser "^4.1.0"
+  
+  postcss-modules-scope@^3.0.0:
+    version "3.0.0"
+    resolved "https://registry.npmjs.org/postcss-modules-scope/-/postcss-modules-scope-3.0.0.tgz"
+    integrity sha512-hncihwFA2yPath8oZ15PZqvWGkWf+XUfQgUGamS4LqoP1anQLOsOJw0vr7J7IwLpoY9fatA2qiGUGmuZL0Iqlg==
+    dependencies:
+      postcss-selector-parser "^6.0.4"
+  
+  postcss-modules-values@^4.0.0:
+    version "4.0.0"
+    resolved "https://registry.npmjs.org/postcss-modules-values/-/postcss-modules-values-4.0.0.tgz"
+    integrity sha512-RDxHkAiEGI78gS2ofyvCsu7iycRv7oqw5xMWn9iMoR0N/7mf9D50ecQqUo5BZ9Zh2vH4bCUR/ktCqbB9m8vJjQ==
+    dependencies:
+      icss-utils "^5.0.0"
+  
+  postcss-normalize-charset@^5.1.0:
+    version "5.1.0"
+    resolved "https://registry.npmjs.org/postcss-normalize-charset/-/postcss-normalize-charset-5.1.0.tgz"
+    integrity sha512-mSgUJ+pd/ldRGVx26p2wz9dNZ7ji6Pn8VWBajMXFf8jk7vUoSrZ2lt/wZR7DtlZYKesmZI680qjr2CeFF2fbUg==
+  
+  postcss-normalize-display-values@^5.1.0:
+    version "5.1.0"
+    resolved "https://registry.npmjs.org/postcss-normalize-display-values/-/postcss-normalize-display-values-5.1.0.tgz"
+    integrity sha512-WP4KIM4o2dazQXWmFaqMmcvsKmhdINFblgSeRgn8BJ6vxaMyaJkwAzpPpuvSIoG/rmX3M+IrRZEz2H0glrQNEA==
+    dependencies:
+      postcss-value-parser "^4.2.0"
+  
+  postcss-normalize-positions@^5.1.1:
+    version "5.1.1"
+    resolved "https://registry.npmjs.org/postcss-normalize-positions/-/postcss-normalize-positions-5.1.1.tgz"
+    integrity sha512-6UpCb0G4eofTCQLFVuI3EVNZzBNPiIKcA1AKVka+31fTVySphr3VUgAIULBhxZkKgwLImhzMR2Bw1ORK+37INg==
+    dependencies:
+      postcss-value-parser "^4.2.0"
+  
+  postcss-normalize-repeat-style@^5.1.1:
+    version "5.1.1"
+    resolved "https://registry.npmjs.org/postcss-normalize-repeat-style/-/postcss-normalize-repeat-style-5.1.1.tgz"
+    integrity sha512-mFpLspGWkQtBcWIRFLmewo8aC3ImN2i/J3v8YCFUwDnPu3Xz4rLohDO26lGjwNsQxB3YF0KKRwspGzE2JEuS0g==
+    dependencies:
+      postcss-value-parser "^4.2.0"
+  
+  postcss-normalize-string@^5.1.0:
+    version "5.1.0"
+    resolved "https://registry.npmjs.org/postcss-normalize-string/-/postcss-normalize-string-5.1.0.tgz"
+    integrity sha512-oYiIJOf4T9T1N4i+abeIc7Vgm/xPCGih4bZz5Nm0/ARVJ7K6xrDlLwvwqOydvyL3RHNf8qZk6vo3aatiw/go3w==
+    dependencies:
+      postcss-value-parser "^4.2.0"
+  
+  postcss-normalize-timing-functions@^5.1.0:
+    version "5.1.0"
+    resolved "https://registry.npmjs.org/postcss-normalize-timing-functions/-/postcss-normalize-timing-functions-5.1.0.tgz"
+    integrity sha512-DOEkzJ4SAXv5xkHl0Wa9cZLF3WCBhF3o1SKVxKQAa+0pYKlueTpCgvkFAHfk+Y64ezX9+nITGrDZeVGgITJXjg==
+    dependencies:
+      postcss-value-parser "^4.2.0"
+  
+  postcss-normalize-unicode@^5.1.1:
+    version "5.1.1"
+    resolved "https://registry.npmjs.org/postcss-normalize-unicode/-/postcss-normalize-unicode-5.1.1.tgz"
+    integrity sha512-qnCL5jzkNUmKVhZoENp1mJiGNPcsJCs1aaRmURmeJGES23Z/ajaln+EPTD+rBeNkSryI+2WTdW+lwcVdOikrpA==
+    dependencies:
+      browserslist "^4.21.4"
+      postcss-value-parser "^4.2.0"
+  
+  postcss-normalize-url@^5.1.0:
+    version "5.1.0"
+    resolved "https://registry.npmjs.org/postcss-normalize-url/-/postcss-normalize-url-5.1.0.tgz"
+    integrity sha512-5upGeDO+PVthOxSmds43ZeMeZfKH+/DKgGRD7TElkkyS46JXAUhMzIKiCa7BabPeIy3AQcTkXwVVN7DbqsiCew==
+    dependencies:
+      normalize-url "^6.0.1"
+      postcss-value-parser "^4.2.0"
+  
+  postcss-normalize-whitespace@^5.1.1:
+    version "5.1.1"
+    resolved "https://registry.npmjs.org/postcss-normalize-whitespace/-/postcss-normalize-whitespace-5.1.1.tgz"
+    integrity sha512-83ZJ4t3NUDETIHTa3uEg6asWjSBYL5EdkVB0sDncx9ERzOKBVJIUeDO9RyA9Zwtig8El1d79HBp0JEi8wvGQnA==
+    dependencies:
+      postcss-value-parser "^4.2.0"
+  
+  postcss-ordered-values@^5.1.3:
+    version "5.1.3"
+    resolved "https://registry.npmjs.org/postcss-ordered-values/-/postcss-ordered-values-5.1.3.tgz"
+    integrity sha512-9UO79VUhPwEkzbb3RNpqqghc6lcYej1aveQteWY+4POIwlqkYE21HKWaLDF6lWNuqCobEAyTovVhtI32Rbv2RQ==
+    dependencies:
+      cssnano-utils "^3.1.0"
+      postcss-value-parser "^4.2.0"
+  
+  postcss-reduce-initial@^5.1.2:
+    version "5.1.2"
+    resolved "https://registry.npmjs.org/postcss-reduce-initial/-/postcss-reduce-initial-5.1.2.tgz"
+    integrity sha512-dE/y2XRaqAi6OvjzD22pjTUQ8eOfc6m/natGHgKFBK9DxFmIm69YmaRVQrGgFlEfc1HePIurY0TmDeROK05rIg==
+    dependencies:
+      browserslist "^4.21.4"
+      caniuse-api "^3.0.0"
+  
+  postcss-reduce-transforms@^5.1.0:
+    version "5.1.0"
+    resolved "https://registry.npmjs.org/postcss-reduce-transforms/-/postcss-reduce-transforms-5.1.0.tgz"
+    integrity sha512-2fbdbmgir5AvpW9RLtdONx1QoYG2/EtqpNQbFASDlixBbAYuTcJ0dECwlqNqH7VbaUnEnh8SrxOe2sRIn24XyQ==
+    dependencies:
+      postcss-value-parser "^4.2.0"
+  
+  postcss-selector-parser@^6.0.2, postcss-selector-parser@^6.0.4, postcss-selector-parser@^6.0.5, postcss-selector-parser@^6.0.9:
+    version "6.0.11"
+    resolved "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-6.0.11.tgz"
+    integrity sha512-zbARubNdogI9j7WY4nQJBiNqQf3sLS3wCP4WfOidu+p28LofJqDH1tcXypGrcmMHhDk2t9wGhCsYe/+szLTy1g==
+    dependencies:
+      cssesc "^3.0.0"
+      util-deprecate "^1.0.2"
+  
+  postcss-svgo@^5.1.0:
+    version "5.1.0"
+    resolved "https://registry.npmjs.org/postcss-svgo/-/postcss-svgo-5.1.0.tgz"
+    integrity sha512-D75KsH1zm5ZrHyxPakAxJWtkyXew5qwS70v56exwvw542d9CRtTo78K0WeFxZB4G7JXKKMbEZtZayTGdIky/eA==
+    dependencies:
+      postcss-value-parser "^4.2.0"
+      svgo "^2.7.0"
+  
+  postcss-unique-selectors@^5.1.1:
+    version "5.1.1"
+    resolved "https://registry.npmjs.org/postcss-unique-selectors/-/postcss-unique-selectors-5.1.1.tgz"
+    integrity sha512-5JiODlELrz8L2HwxfPnhOWZYWDxVHWL83ufOv84NrcgipI7TaeRsatAhK4Tr2/ZiYldpK/wBvw5BD3qfaK96GA==
+    dependencies:
+      postcss-selector-parser "^6.0.5"
+  
+  postcss-value-parser@^4.1.0, postcss-value-parser@^4.2.0:
+    version "4.2.0"
+    resolved "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-4.2.0.tgz"
+    integrity sha512-1NNCs6uurfkVbeXG4S8JFT9t19m45ICnif8zWLd5oPSZ50QnwMfK+H3jv408d4jw/7Bttv5axS5IiHoLaVNHeQ==
+  
+  "postcss@^7.0.0 || ^8.0.1", postcss@^8.0.9, postcss@^8.1.0, postcss@^8.1.10, postcss@^8.2.14, postcss@^8.2.15, postcss@^8.2.2, postcss@^8.3.11, postcss@^8.4.31, postcss@>=8.0.9:
+    version "8.4.31"
+    resolved "https://registry.npmjs.org/postcss/-/postcss-8.4.31.tgz"
+    integrity sha512-PS08Iboia9mts/2ygV3eLpY5ghnUcfLV/EXTOW1E2qYxJKGGBUtNjN76FYHnMs36RmARn41bC0AZmn+rR0OVpQ==
+    dependencies:
+      nanoid "^3.3.6"
+      picocolors "^1.0.0"
+      source-map-js "^1.0.2"
+  
+  pretty-time@^1.1.0:
+    version "1.1.0"
+    resolved "https://registry.npmjs.org/pretty-time/-/pretty-time-1.1.0.tgz"
+    integrity sha512-28iF6xPQrP8Oa6uxE6a1biz+lWeTOAPKggvjB8HAs6nVMKZwf5bG++632Dx614hIWgUPkgivRfG+a8uAXGTIbA==
+  
+  process-nextick-args@~2.0.0:
+    version "2.0.1"
+    resolved "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz"
+    integrity sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==
+  
+  process@^0.11.10:
+    version "0.11.10"
+    resolved "https://registry.npmjs.org/process/-/process-0.11.10.tgz"
+    integrity sha512-cdGef/drWFoydD1JsMzuFf8100nZl+GT+yacc2bEced5f9Rjk4z+WtFUTBu9PhOi9j/jfmBPu0mMEY4wIdAF8A==
+  
+  promise-polyfill@^8.1.3, promise-polyfill@8.2.3:
+    version "8.2.3"
+    resolved "https://registry.npmjs.org/promise-polyfill/-/promise-polyfill-8.2.3.tgz"
+    integrity sha512-Og0+jCRQetV84U8wVjMNccfGCnMQ9mGs9Hv78QFe+pSDD3gWTpz0y+1QCuxy5d/vBFuZ3iwP2eycAkvqIMPmWg==
+  
+  proxy-addr@~2.0.7:
+    version "2.0.7"
+    resolved "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.7.tgz"
+    integrity sha512-llQsMLSUDUPT44jdrU/O37qlnifitDP+ZwrmmZcoSKyLKvtZxpyV0n2/bD/N4tBAAZ/gJEdZU7KMraoK1+XYAg==
+    dependencies:
+      forwarded "0.2.0"
+      ipaddr.js "1.9.1"
+  
+  public-encrypt@^4.0.0:
+    version "4.0.3"
+    resolved "https://registry.npmjs.org/public-encrypt/-/public-encrypt-4.0.3.tgz"
+    integrity sha512-zVpa8oKZSz5bTMTFClc1fQOnyyEzpl5ozpi1B5YcvBrdohMjH2rfsBtyXcuNuwjsDIXmBYlF2N5FlJYhR29t8Q==
+    dependencies:
+      bn.js "^4.1.0"
+      browserify-rsa "^4.0.0"
+      create-hash "^1.1.0"
+      parse-asn1 "^5.0.0"
+      randombytes "^2.0.1"
+      safe-buffer "^5.1.2"
+  
+  punycode@^1.2.4:
+    version "1.4.1"
+    resolved "https://registry.npmjs.org/punycode/-/punycode-1.4.1.tgz"
+    integrity sha512-jmYNElW7yvO7TV33CjSmvSiE2yco3bV2czu/OzDKdMNVZQWfxCblURLhf+47syQRBntjfLdd/H0egrzIG+oaFQ==
+  
+  punycode@^2.1.0:
+    version "2.3.0"
+    resolved "https://registry.npmjs.org/punycode/-/punycode-2.3.0.tgz"
+    integrity sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==
+  
+  punycode@1.3.2:
+    version "1.3.2"
+    resolved "https://registry.npmjs.org/punycode/-/punycode-1.3.2.tgz"
+    integrity sha512-RofWgt/7fL5wP1Y7fxE7/EmTLzQVnB0ycyibJ0OOHIlJqTNzglYFxVwETOcIoJqJmpDXJ9xImDv+Fq34F/d4Dw==
+  
+  qrcode-generator@^1.4.4:
+    version "1.4.4"
+    resolved "https://registry.npmjs.org/qrcode-generator/-/qrcode-generator-1.4.4.tgz"
+    integrity sha512-HM7yY8O2ilqhmULxGMpcHSF1EhJJ9yBj8gvDEuZ6M+KGJ0YY2hKpnXvRD+hZPLrDVck3ExIGhmPtSdcjC+guuw==
+  
+  qs@6.11.0:
+    version "6.11.0"
+    resolved "https://registry.npmjs.org/qs/-/qs-6.11.0.tgz"
+    integrity sha512-MvjoMCJwEarSbUYk5O+nmoSzSutSsTwF85zcHPQ9OrlFoZOYIjaqBAJIqIXjptyD5vThxGq52Xu/MaJzRkIk4Q==
+    dependencies:
+      side-channel "^1.0.4"
+  
+  querystring-es3@^0.2.0:
+    version "0.2.1"
+    resolved "https://registry.npmjs.org/querystring-es3/-/querystring-es3-0.2.1.tgz"
+    integrity sha512-773xhDQnZBMFobEiztv8LIl70ch5MSF/jUQVlhwFyBILqq96anmoctVIYz+ZRp0qbCKATTn6ev02M3r7Ga5vqA==
+  
+  querystring@0.2.0:
+    version "0.2.0"
+    resolved "https://registry.npmjs.org/querystring/-/querystring-0.2.0.tgz"
+    integrity sha512-X/xY82scca2tau62i9mDyU9K+I+djTMUsvwf7xnUX5GLvVzgJybOJf4Y6o9Zx3oJK/LSXg5tTZBjwzqVPaPO2g==
+  
+  queue-microtask@^1.2.2:
+    version "1.2.3"
+    resolved "https://registry.npmjs.org/queue-microtask/-/queue-microtask-1.2.3.tgz"
+    integrity sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A==
+  
+  randombytes@^2.0.0, randombytes@^2.0.1, randombytes@^2.0.5, randombytes@^2.1.0:
+    version "2.1.0"
+    resolved "https://registry.npmjs.org/randombytes/-/randombytes-2.1.0.tgz"
+    integrity sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ==
+    dependencies:
+      safe-buffer "^5.1.0"
+  
+  randomfill@^1.0.3:
+    version "1.0.4"
+    resolved "https://registry.npmjs.org/randomfill/-/randomfill-1.0.4.tgz"
+    integrity sha512-87lcbR8+MhcWcUiQ+9e+Rwx8MyR2P7qnt15ynUlbm3TU/fjbgz4GsvfSUDTemtCCtVCqb4ZcEFlyPNTh9bBTLw==
+    dependencies:
+      randombytes "^2.0.5"
+      safe-buffer "^5.1.0"
+  
+  range-parser@^1.2.1, range-parser@~1.2.1:
+    version "1.2.1"
+    resolved "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz"
+    integrity sha512-Hrgsx+orqoygnmhFbKaHE6c296J+HTAQXoxEF6gNupROmmGJRoyzfG3ccAveqCBrwr/2yxQ5BVd/GTl5agOwSg==
+  
+  raw-body@2.5.1:
+    version "2.5.1"
+    resolved "https://registry.npmjs.org/raw-body/-/raw-body-2.5.1.tgz"
+    integrity sha512-qqJBtEyVgS0ZmPGdCFPWJ3FreoqvG4MVQln/kCgF7Olq95IbOp0/BWyMwbdtn4VTvkM8Y7khCQ2Xgk/tcrCXig==
+    dependencies:
+      bytes "3.1.2"
+      http-errors "2.0.0"
+      iconv-lite "0.4.24"
+      unpipe "1.0.0"
+  
+  "react@^16.8.0 || ^17.0.0 || ^18.0.0", react@>=16.8:
+    version "18.2.0"
+    resolved "https://registry.npmjs.org/react/-/react-18.2.0.tgz"
+    integrity sha512-/3IjMdb2L9QbBdWiW5e3P2/npwMBaU9mHCSCUzNln0ZCYbcfTsGbTJrU/kGemdH2IWmB2ioZ+zkxtmq6g09fGQ==
+    dependencies:
+      loose-envify "^1.1.0"
+  
+  readable-stream@^2.0.1, readable-stream@^2.0.2, readable-stream@^2.3.3, readable-stream@^2.3.6, readable-stream@~2.3.6:
+    version "2.3.7"
+    resolved "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.7.tgz"
+    integrity sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw==
+    dependencies:
+      core-util-is "~1.0.0"
+      inherits "~2.0.3"
+      isarray "~1.0.0"
+      process-nextick-args "~2.0.0"
+      safe-buffer "~5.1.1"
+      string_decoder "~1.1.1"
+      util-deprecate "~1.0.1"
+  
+  readable-stream@^3.0.6:
+    version "3.6.2"
+    resolved "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz"
+    integrity sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==
+    dependencies:
+      inherits "^2.0.3"
+      string_decoder "^1.1.1"
+      util-deprecate "^1.0.1"
+  
+  readable-stream@^3.6.0:
+    version "3.6.2"
+    resolved "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz"
+    integrity sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==
+    dependencies:
+      inherits "^2.0.3"
+      string_decoder "^1.1.1"
+      util-deprecate "^1.0.1"
+  
+  readable-stream@^3.6.2:
+    version "3.6.2"
+    resolved "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz"
+    integrity sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==
+    dependencies:
+      inherits "^2.0.3"
+      string_decoder "^1.1.1"
+      util-deprecate "^1.0.1"
+  
+  readdirp@~3.6.0:
+    version "3.6.0"
+    resolved "https://registry.npmjs.org/readdirp/-/readdirp-3.6.0.tgz"
+    integrity sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA==
+    dependencies:
+      picomatch "^2.2.1"
+  
+  rechoir@^0.7.0:
+    version "0.7.1"
+    resolved "https://registry.npmjs.org/rechoir/-/rechoir-0.7.1.tgz"
+    integrity sha512-/njmZ8s1wVeR6pjTZ+0nCnv8SpZNRMT2D1RLOJQESlYFDBvwpTA4KWJpZ+sBJ4+vhjILRcK7JIFdGCdxEAAitg==
+    dependencies:
+      resolve "^1.9.0"
+  
+  regenerate-unicode-properties@^10.1.0:
+    version "10.1.0"
+    resolved "https://registry.npmjs.org/regenerate-unicode-properties/-/regenerate-unicode-properties-10.1.0.tgz"
+    integrity sha512-d1VudCLoIGitcU/hEg2QqvyGZQmdC0Lf8BqdOMXGFSvJP4bNV1+XqbPQeHHLD51Jh4QJJ225dlIFvY4Ly6MXmQ==
+    dependencies:
+      regenerate "^1.4.2"
+  
+  regenerate@^1.4.2:
+    version "1.4.2"
+    resolved "https://registry.npmjs.org/regenerate/-/regenerate-1.4.2.tgz"
+    integrity sha512-zrceR/XhGYU/d/opr2EKO7aRHUeiBI8qjtfHqADTwZd6Szfy16la6kqD0MIUs5z5hx6AaKa+PixpPrR289+I0A==
+  
+  regenerator-runtime@^0.13.11:
+    version "0.13.11"
+    resolved "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.13.11.tgz"
+    integrity sha512-kY1AZVr2Ra+t+piVaJ4gxaFaReZVH40AKNo7UCX6W+dEwBo/2oZJzqfuN1qLq1oL45o56cPaTXELwrTh8Fpggg==
+  
+  regenerator-transform@^0.15.1:
+    version "0.15.1"
+    resolved "https://registry.npmjs.org/regenerator-transform/-/regenerator-transform-0.15.1.tgz"
+    integrity sha512-knzmNAcuyxV+gQCufkYcvOqX/qIIfHLv0u5x79kRxuGojfYVky1f15TzZEu2Avte8QGepvUNTnLskf8E6X6Vyg==
+    dependencies:
+      "@babel/runtime" "^7.8.4"
+  
+  regex-parser@^2.2.11:
+    version "2.2.11"
+    resolved "https://registry.npmjs.org/regex-parser/-/regex-parser-2.2.11.tgz"
+    integrity sha512-jbD/FT0+9MBU2XAZluI7w2OBs1RBi6p9M83nkoZayQXXU9e8Robt69FcZc7wU4eJD/YFTjn1JdCk3rbMJajz8Q==
+  
+  regexpu-core@^5.3.1:
+    version "5.3.2"
+    resolved "https://registry.npmjs.org/regexpu-core/-/regexpu-core-5.3.2.tgz"
+    integrity sha512-RAM5FlZz+Lhmo7db9L298p2vHP5ZywrVXmVXpmAD9GuL5MPH6t9ROw1iA/wfHkQ76Qe7AaPF0nGuim96/IrQMQ==
+    dependencies:
+      "@babel/regjsgen" "^0.8.0"
+      regenerate "^1.4.2"
+      regenerate-unicode-properties "^10.1.0"
+      regjsparser "^0.9.1"
+      unicode-match-property-ecmascript "^2.0.0"
+      unicode-match-property-value-ecmascript "^2.1.0"
+  
+  regjsparser@^0.9.1:
+    version "0.9.1"
+    resolved "https://registry.npmjs.org/regjsparser/-/regjsparser-0.9.1.tgz"
+    integrity sha512-dQUtn90WanSNl+7mQKcXAgZxvUe7Z0SqXlgzv0za4LwiUhyzBC58yQO3liFoUgu8GiJVInAhJjkj1N0EtQ5nkQ==
+    dependencies:
+      jsesc "~0.5.0"
+  
+  relateurl@^0.2.7:
+    version "0.2.7"
+    resolved "https://registry.npmjs.org/relateurl/-/relateurl-0.2.7.tgz"
+    integrity sha512-G08Dxvm4iDN3MLM0EsP62EDV9IuhXPR6blNz6Utcp7zyV3tr4HVNINt6MpaRWbxoOHT3Q7YN2P+jaHX8vUbgog==
+  
+  replace-ext@^1.0.0:
+    version "1.0.1"
+    resolved "https://registry.npmjs.org/replace-ext/-/replace-ext-1.0.1.tgz"
+    integrity sha512-yD5BHCe7quCgBph4rMQ+0KkIRKwWCrHDOX1p1Gp6HwjPM5kVoCdKGNhN7ydqqsX6lJEnQDKZ/tFMiEdQ1dvPEw==
+  
+  require-directory@^2.1.1:
+    version "2.1.1"
+    resolved "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz"
+    integrity sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==
+  
+  require-from-string@^2.0.2:
+    version "2.0.2"
+    resolved "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz"
+    integrity sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==
+  
+  requires-port@^1.0.0:
+    version "1.0.0"
+    resolved "https://registry.npmjs.org/requires-port/-/requires-port-1.0.0.tgz"
+    integrity sha512-KigOCHcocU3XODJxsu8i/j8T9tzT4adHiecwORRQ0ZZFcp7ahwXuRU1m+yuO90C5ZUyGeGfocHDI14M3L3yDAQ==
+  
+  resolve-cwd@^3.0.0:
+    version "3.0.0"
+    resolved "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz"
+    integrity sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==
+    dependencies:
+      resolve-from "^5.0.0"
+  
+  resolve-from@^4.0.0:
+    version "4.0.0"
+    resolved "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz"
+    integrity sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==
+  
+  resolve-from@^5.0.0:
+    version "5.0.0"
+    resolved "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz"
+    integrity sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==
+  
+  resolve-url-loader@^5.0.0:
+    version "5.0.0"
+    resolved "https://registry.npmjs.org/resolve-url-loader/-/resolve-url-loader-5.0.0.tgz"
+    integrity sha512-uZtduh8/8srhBoMx//5bwqjQ+rfYOUq8zC9NrMUGtjBiGTtFJM42s58/36+hTqeqINcnYe08Nj3LkK9lW4N8Xg==
+    dependencies:
+      adjust-sourcemap-loader "^4.0.0"
+      convert-source-map "^1.7.0"
+      loader-utils "^2.0.0"
+      postcss "^8.2.14"
+      source-map "0.6.1"
+  
+  resolve@^1.14.2, resolve@^1.9.0:
+    version "1.22.1"
+    resolved "https://registry.npmjs.org/resolve/-/resolve-1.22.1.tgz"
+    integrity sha512-nBpuuYuY5jFsli/JIs1oldw6fOQCBioohqWZg/2hiaOybXOft4lonv85uDOKXdf8rhyK159cxU5cDcK/NKk8zw==
+    dependencies:
+      is-core-module "^2.9.0"
+      path-parse "^1.0.7"
+      supports-preserve-symlinks-flag "^1.0.0"
+  
+  restricted-input@3.0.5:
+    version "3.0.5"
+    resolved "https://registry.npmjs.org/restricted-input/-/restricted-input-3.0.5.tgz"
+    integrity sha512-lUuXZ3wUnHURRarj5/0C8vomWIfWJO+p7T6RYwB46v7Oyuyr3yyupU+i7SjqUv4S6RAeAAZt1C/QCLJ9xhQBow==
+    dependencies:
+      "@braintree/browser-detection" "^1.12.1"
+  
+  retry@^0.13.1:
+    version "0.13.1"
+    resolved "https://registry.npmjs.org/retry/-/retry-0.13.1.tgz"
+    integrity sha512-XQBQ3I8W1Cge0Seh+6gjj03LbmRFWuoszgK9ooCpwYIrhhoO80pfq4cUkU5DkknwfOfFteRwlZ56PYOGYyFWdg==
+  
+  reusify@^1.0.4:
+    version "1.0.4"
+    resolved "https://registry.npmjs.org/reusify/-/reusify-1.0.4.tgz"
+    integrity sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw==
+  
+  rimraf@^3.0.2:
+    version "3.0.2"
+    resolved "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz"
+    integrity sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==
+    dependencies:
+      glob "^7.1.3"
+  
+  ripemd160@^2.0.0, ripemd160@^2.0.1:
+    version "2.0.2"
+    resolved "https://registry.npmjs.org/ripemd160/-/ripemd160-2.0.2.tgz"
+    integrity sha512-ii4iagi25WusVoiC4B4lq7pbXfAp3D9v5CwfkY33vffw2+pkDjY1D8GaN7spsxvCSx8dkPqOZCEZyfxcmJG2IA==
+    dependencies:
+      hash-base "^3.0.0"
+      inherits "^2.0.1"
+  
+  run-parallel@^1.1.9:
+    version "1.2.0"
+    resolved "https://registry.npmjs.org/run-parallel/-/run-parallel-1.2.0.tgz"
+    integrity sha512-5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA==
+    dependencies:
+      queue-microtask "^1.2.2"
+  
+  safe-buffer@^5.0.1, safe-buffer@^5.1.0, safe-buffer@^5.1.1, safe-buffer@^5.1.2, safe-buffer@^5.2.0, safe-buffer@^5.2.1, safe-buffer@>=5.1.0, safe-buffer@~5.2.0, safe-buffer@5.2.1:
+    version "5.2.1"
+    resolved "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz"
+    integrity sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==
+  
+  safe-buffer@~5.1.0, safe-buffer@~5.1.1:
+    version "5.1.2"
+    resolved "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz"
+    integrity sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==
+  
+  safe-buffer@5.1.2:
+    version "5.1.2"
+    resolved "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz"
+    integrity sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==
+  
+  safer-buffer@^2.1.0, "safer-buffer@>= 2.1.2 < 3":
+    version "2.1.2"
+    resolved "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz"
+    integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==
+  
+  sass-loader@^13.0.2:
+    version "13.0.2"
+    resolved "https://registry.npmjs.org/sass-loader/-/sass-loader-13.0.2.tgz"
+    integrity sha512-BbiqbVmbfJaWVeOOAu2o7DhYWtcNmTfvroVgFXa6k2hHheMxNAeDHLNoDy/Q5aoaVlz0LH+MbMktKwm9vN/j8Q==
+    dependencies:
+      klona "^2.0.4"
+      neo-async "^2.6.2"
+  
+  sass@^1.3.0, sass@^1.54.9:
+    version "1.54.9"
+    resolved "https://registry.npmjs.org/sass/-/sass-1.54.9.tgz"
+    integrity sha512-xb1hjASzEH+0L0WI9oFjqhRi51t/gagWnxLiwUNMltA0Ab6jIDkAacgKiGYKM9Jhy109osM7woEEai6SXeJo5Q==
+    dependencies:
+      chokidar ">=3.0.0 <4.0.0"
+      immutable "^4.0.0"
+      source-map-js ">=0.6.2 <2.0.0"
+  
+  schema-utils@^2.6.5:
+    version "2.7.1"
+    resolved "https://registry.npmjs.org/schema-utils/-/schema-utils-2.7.1.tgz"
+    integrity sha512-SHiNtMOUGWBQJwzISiVYKu82GiV4QYGePp3odlY1tuKO7gPtphAT5R/py0fA6xtbgLL/RvtJZnU9b8s0F1q0Xg==
+    dependencies:
+      "@types/json-schema" "^7.0.5"
+      ajv "^6.12.4"
+      ajv-keywords "^3.5.2"
+  
+  schema-utils@^3.0.0:
+    version "3.1.1"
+    resolved "https://registry.npmjs.org/schema-utils/-/schema-utils-3.1.1.tgz"
+    integrity sha512-Y5PQxS4ITlC+EahLuXaY86TXfR7Dc5lw294alXOq86JAHCihAIZfqv8nNCWvaEJvaC51uN9hbLGeV0cFBdH+Fw==
+    dependencies:
+      "@types/json-schema" "^7.0.8"
+      ajv "^6.12.5"
+      ajv-keywords "^3.5.2"
+  
+  schema-utils@^3.1.1:
+    version "3.1.1"
+    resolved "https://registry.npmjs.org/schema-utils/-/schema-utils-3.1.1.tgz"
+    integrity sha512-Y5PQxS4ITlC+EahLuXaY86TXfR7Dc5lw294alXOq86JAHCihAIZfqv8nNCWvaEJvaC51uN9hbLGeV0cFBdH+Fw==
+    dependencies:
+      "@types/json-schema" "^7.0.8"
+      ajv "^6.12.5"
+      ajv-keywords "^3.5.2"
+  
+  schema-utils@^3.2.0:
+    version "3.3.0"
+    resolved "https://registry.npmjs.org/schema-utils/-/schema-utils-3.3.0.tgz"
+    integrity sha512-pN/yOAvcC+5rQ5nERGuwrjLlYvLTbCibnZ1I7B1LaiAz9BRBlE9GMgE/eqV30P7aJQUf7Ddimy/RsbYO/GrVGg==
+    dependencies:
+      "@types/json-schema" "^7.0.8"
+      ajv "^6.12.5"
+      ajv-keywords "^3.5.2"
+  
+  schema-utils@^4.0.0:
+    version "4.0.0"
+    resolved "https://registry.npmjs.org/schema-utils/-/schema-utils-4.0.0.tgz"
+    integrity sha512-1edyXKgh6XnJsJSQ8mKWXnN/BVaIbFMLpouRUrXgVq7WYne5kw3MW7UPhO44uRXQSIpTSXoJbmrR2X0w9kUTyg==
+    dependencies:
+      "@types/json-schema" "^7.0.9"
+      ajv "^8.8.0"
+      ajv-formats "^2.1.1"
+      ajv-keywords "^5.0.0"
+  
+  select-hose@^2.0.0:
+    version "2.0.0"
+    resolved "https://registry.npmjs.org/select-hose/-/select-hose-2.0.0.tgz"
+    integrity sha512-mEugaLK+YfkijB4fx0e6kImuJdCIt2LxCRcbEYPqRGCs4F2ogyfZU5IAZRdjCP8JPq2AtdNoC/Dux63d9Kiryg==
+  
+  selfsigned@^2.1.1:
+    version "2.1.1"
+    resolved "https://registry.npmjs.org/selfsigned/-/selfsigned-2.1.1.tgz"
+    integrity sha512-GSL3aowiF7wa/WtSFwnUrludWFoNhftq8bUkH9pkzjpN2XSPOAYEgg6e0sS9s0rZwgJzJiQRPU18A6clnoW5wQ==
+    dependencies:
+      node-forge "^1"
+  
+  semver@^6.0.0:
+    version "6.3.1"
+    resolved "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz"
+    integrity sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==
+  
+  semver@^6.1.1:
+    version "6.3.1"
+    resolved "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz"
+    integrity sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==
+  
+  semver@^6.1.2:
+    version "6.3.1"
+    resolved "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz"
+    integrity sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==
+  
+  semver@^6.3.0:
+    version "6.3.1"
+    resolved "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz"
+    integrity sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==
+  
+  semver@^7.3.2, semver@^7.3.5:
+    version "7.5.4"
+    resolved "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz"
+    integrity sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==
+    dependencies:
+      lru-cache "^6.0.0"
+  
+  send@0.18.0:
+    version "0.18.0"
+    resolved "https://registry.npmjs.org/send/-/send-0.18.0.tgz"
+    integrity sha512-qqWzuOjSFOuqPjFe4NOsMLafToQQwBSOEpS+FwEt3A2V3vKubTquT3vmLTQpFgMXp8AlFWFuP1qKaJZOtPpVXg==
+    dependencies:
+      debug "2.6.9"
+      depd "2.0.0"
+      destroy "1.2.0"
+      encodeurl "~1.0.2"
+      escape-html "~1.0.3"
+      etag "~1.8.1"
+      fresh "0.5.2"
+      http-errors "2.0.0"
+      mime "1.6.0"
+      ms "2.1.3"
+      on-finished "2.4.1"
+      range-parser "~1.2.1"
+      statuses "2.0.1"
+  
+  serialize-javascript@^6.0.1:
+    version "6.0.1"
+    resolved "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-6.0.1.tgz"
+    integrity sha512-owoXEFjWRllis8/M1Q+Cw5k8ZH40e3zhp/ovX+Xr/vi1qj6QesbyXXViFbpNvWvPNAD62SutwEXavefrLJWj7w==
+    dependencies:
+      randombytes "^2.1.0"
+  
+  serve-index@^1.9.1:
+    version "1.9.1"
+    resolved "https://registry.npmjs.org/serve-index/-/serve-index-1.9.1.tgz"
+    integrity sha512-pXHfKNP4qujrtteMrSBb0rc8HJ9Ms/GrXwcUtUtD5s4ewDJI8bT3Cz2zTVRMKtri49pLx2e0Ya8ziP5Ya2pZZw==
+    dependencies:
+      accepts "~1.3.4"
+      batch "0.6.1"
+      debug "2.6.9"
+      escape-html "~1.0.3"
+      http-errors "~1.6.2"
+      mime-types "~2.1.17"
+      parseurl "~1.3.2"
+  
+  serve-static@1.15.0:
+    version "1.15.0"
+    resolved "https://registry.npmjs.org/serve-static/-/serve-static-1.15.0.tgz"
+    integrity sha512-XGuRDNjXUijsUL0vl6nSD7cwURuzEgglbOaFuZM9g3kwDXOWVTck0jLzjPzGD+TazWbboZYu52/9/XPdUgne9g==
+    dependencies:
+      encodeurl "~1.0.2"
+      escape-html "~1.0.3"
+      parseurl "~1.3.3"
+      send "0.18.0"
+  
+  setimmediate@^1.0.4, setimmediate@^1.0.5:
+    version "1.0.5"
+    resolved "https://registry.npmjs.org/setimmediate/-/setimmediate-1.0.5.tgz"
+    integrity sha512-MATJdZp8sLqDl/68LfQmbP8zKPLQNV6BIZoIgrscFDQ+RsvK/BxeDQOgyxKKoh0y/8h3BqVFnCqQ/gd+reiIXA==
+  
+  setprototypeof@1.1.0:
+    version "1.1.0"
+    resolved "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.1.0.tgz"
+    integrity sha512-BvE/TwpZX4FXExxOxZyRGQQv651MSwmWKZGqvmPcRIjDqWub67kTKuIMx43cZZrS/cBBzwBcNDWoFxt2XEFIpQ==
+  
+  setprototypeof@1.2.0:
+    version "1.2.0"
+    resolved "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.2.0.tgz"
+    integrity sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw==
+  
+  sha.js@^2.4.0, sha.js@^2.4.8:
+    version "2.4.11"
+    resolved "https://registry.npmjs.org/sha.js/-/sha.js-2.4.11.tgz"
+    integrity sha512-QMEp5B7cftE7APOjk5Y6xgrbWu+WkLVQwk8JNjZ8nKRciZaByEW6MubieAiToS7+dwvrjGhH8jRXz3MVd0AYqQ==
+    dependencies:
+      inherits "^2.0.1"
+      safe-buffer "^5.0.1"
+  
+  shallow-clone@^3.0.0:
+    version "3.0.1"
+    resolved "https://registry.npmjs.org/shallow-clone/-/shallow-clone-3.0.1.tgz"
+    integrity sha512-/6KqX+GVUdqPuPPd2LxDDxzX6CAbjJehAAOKlNpqqUpAqPM6HeL8f+o3a+JsyGjn2lv0WY8UsTgUJjU9Ok55NA==
+    dependencies:
+      kind-of "^6.0.2"
+  
+  shebang-command@^2.0.0:
+    version "2.0.0"
+    resolved "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz"
+    integrity sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==
+    dependencies:
+      shebang-regex "^3.0.0"
+  
+  shebang-regex@^3.0.0:
+    version "3.0.0"
+    resolved "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz"
+    integrity sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==
+  
+  shell-quote@^1.7.3:
+    version "1.8.0"
+    resolved "https://registry.npmjs.org/shell-quote/-/shell-quote-1.8.0.tgz"
+    integrity sha512-QHsz8GgQIGKlRi24yFc6a6lN69Idnx634w49ay6+jA5yFh7a1UY+4Rp6HPx/L/1zcEDPEij8cIsiqR6bQsE5VQ==
+  
+  shellwords@^0.1.1:
+    version "0.1.1"
+    resolved "https://registry.npmjs.org/shellwords/-/shellwords-0.1.1.tgz"
+    integrity sha512-vFwSUfQvqybiICwZY5+DAWIPLKsWO31Q91JSKl3UYv+K5c2QRPzn0qzec6QPu1Qc9eHYItiP3NdJqNVqetYAww==
+  
+  side-channel@^1.0.4:
+    version "1.0.4"
+    resolved "https://registry.npmjs.org/side-channel/-/side-channel-1.0.4.tgz"
+    integrity sha512-q5XPytqFEIKHkGdiMIrY10mvLRvnQh42/+GoBlFW3b2LXLE2xxJpZFdm94we0BaoV3RwJyGqg5wS7epxTv0Zvw==
+    dependencies:
+      call-bind "^1.0.0"
+      get-intrinsic "^1.0.2"
+      object-inspect "^1.9.0"
+  
+  signal-exit@^3.0.3:
+    version "3.0.7"
+    resolved "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz"
+    integrity sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==
+  
+  slash@^3.0.0:
+    version "3.0.0"
+    resolved "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz"
+    integrity sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==
+  
+  sockjs@^0.3.24:
+    version "0.3.24"
+    resolved "https://registry.npmjs.org/sockjs/-/sockjs-0.3.24.tgz"
+    integrity sha512-GJgLTZ7vYb/JtPSSZ10hsOYIvEYsjbNU+zPdIHcUaWVNUEPivzxku31865sSSud0Da0W4lEeOPlmw93zLQchuQ==
+    dependencies:
+      faye-websocket "^0.11.3"
+      uuid "^8.3.2"
+      websocket-driver "^0.7.4"
+  
+  source-list-map@^2.0.0:
+    version "2.0.1"
+    resolved "https://registry.npmjs.org/source-list-map/-/source-list-map-2.0.1.tgz"
+    integrity sha512-qnQ7gVMxGNxsiL4lEuJwe/To8UnK7fAnmbGEEH8RpLouuKbeEm0lhbQVFIrNSuB+G7tVrAlVsZgETT5nljf+Iw==
+  
+  source-map-js@^1.0.2, "source-map-js@>=0.6.2 <2.0.0":
+    version "1.0.2"
+    resolved "https://registry.npmjs.org/source-map-js/-/source-map-js-1.0.2.tgz"
+    integrity sha512-R0XvVJ9WusLiqTCEiGCmICCMplcCkIwwR11mOSD9CR5u+IXYdiseeEuXCVAjS54zqwkLcPNnmU4OeJ6tUrWhDw==
+  
+  source-map-support@~0.5.12, source-map-support@~0.5.20:
+    version "0.5.21"
+    resolved "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.21.tgz"
+    integrity sha512-uBHU3L3czsIyYXKX88fdrGovxdSCoTGDRZ6SYXtSRxLZUzHg5P/66Ht6uoUlHu9EZod+inXhKo3qQgwXUT/y1w==
+    dependencies:
+      buffer-from "^1.0.0"
+      source-map "^0.6.0"
+  
+  source-map@^0.6.0, source-map@^0.6.1, source-map@~0.6.0, source-map@~0.6.1, source-map@0.6.1:
+    version "0.6.1"
+    resolved "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz"
+    integrity sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==
+  
+  sourcemap-codec@^1.4.8:
+    version "1.4.8"
+    resolved "https://registry.npmjs.org/sourcemap-codec/-/sourcemap-codec-1.4.8.tgz"
+    integrity sha512-9NykojV5Uih4lgo5So5dtw+f0JgJX30KCNI8gwhz2J9A15wD0Ml6tjHKwf6fTSa6fAdVBdZeNOs9eJ71qCk8vA==
+  
+  spdy-transport@^3.0.0:
+    version "3.0.0"
+    resolved "https://registry.npmjs.org/spdy-transport/-/spdy-transport-3.0.0.tgz"
+    integrity sha512-hsLVFE5SjA6TCisWeJXFKniGGOpBgMLmerfO2aCyCU5s7nJ/rpAepqmFifv/GCbSbueEeAJJnmSQ2rKC/g8Fcw==
+    dependencies:
+      debug "^4.1.0"
+      detect-node "^2.0.4"
+      hpack.js "^2.1.6"
+      obuf "^1.1.2"
+      readable-stream "^3.0.6"
+      wbuf "^1.7.3"
+  
+  spdy@^4.0.2:
+    version "4.0.2"
+    resolved "https://registry.npmjs.org/spdy/-/spdy-4.0.2.tgz"
+    integrity sha512-r46gZQZQV+Kl9oItvl1JZZqJKGr+oEkB08A6BzkiR7593/7IbtuncXHd2YoYeTsG4157ZssMu9KYvUHLcjcDoA==
+    dependencies:
+      debug "^4.1.0"
+      handle-thing "^2.0.0"
+      http-deceiver "^1.2.7"
+      select-hose "^2.0.0"
+      spdy-transport "^3.0.0"
+  
+  stable@^0.1.8:
+    version "0.1.8"
+    resolved "https://registry.npmjs.org/stable/-/stable-0.1.8.tgz"
+    integrity sha512-ji9qxRnOVfcuLDySj9qzhGSEFVobyt1kIOSkj1qZzYLzq7Tos/oUUWvotUPQLlrsidqsK6tBH89Bc9kL5zHA6w==
+  
+  "statuses@>= 1.4.0 < 2":
+    version "1.5.0"
+    resolved "https://registry.npmjs.org/statuses/-/statuses-1.5.0.tgz"
+    integrity sha512-OpZ3zP+jT1PI7I8nemJX4AKmAX070ZkYPVWV/AaKTJl+tXCTGyVdC1a4SL8RUQYEwk/f34ZX8UTykN68FwrqAA==
+  
+  statuses@2.0.1:
+    version "2.0.1"
+    resolved "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz"
+    integrity sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==
+  
+  std-env@^3.0.1:
+    version "3.3.2"
+    resolved "https://registry.npmjs.org/std-env/-/std-env-3.3.2.tgz"
+    integrity sha512-uUZI65yrV2Qva5gqE0+A7uVAvO40iPo6jGhs7s8keRfHCmtg+uB2X6EiLGCI9IgL1J17xGhvoOqSz79lzICPTA==
+  
+  stream-browserify@^2.0.1:
+    version "2.0.2"
+    resolved "https://registry.npmjs.org/stream-browserify/-/stream-browserify-2.0.2.tgz"
+    integrity sha512-nX6hmklHs/gr2FuxYDltq8fJA1GDlxKQCz8O/IM4atRqBH8OORmBNgfvW5gG10GT/qQ9u0CzIvr2X5Pkt6ntqg==
+    dependencies:
+      inherits "~2.0.1"
+      readable-stream "^2.0.2"
+  
+  stream-http@^2.7.2:
+    version "2.8.3"
+    resolved "https://registry.npmjs.org/stream-http/-/stream-http-2.8.3.tgz"
+    integrity sha512-+TSkfINHDo4J+ZobQLWiMouQYB+UVYFttRA94FpEzzJ7ZdqcL4uUUQ7WkdkI4DSozGmgBUE/a47L+38PenXhUw==
+    dependencies:
+      builtin-status-codes "^3.0.0"
+      inherits "^2.0.1"
+      readable-stream "^2.3.6"
+      to-arraybuffer "^1.0.0"
+      xtend "^4.0.0"
+  
+  string_decoder@^1.0.0, string_decoder@^1.1.1:
+    version "1.3.0"
+    resolved "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz"
+    integrity sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==
+    dependencies:
+      safe-buffer "~5.2.0"
+  
+  string_decoder@~1.1.1:
+    version "1.1.1"
+    resolved "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz"
+    integrity sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==
+    dependencies:
+      safe-buffer "~5.1.0"
+  
+  string-width@^4.1.0, string-width@^4.2.0, string-width@^4.2.3:
+    version "4.2.3"
+    resolved "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz"
+    integrity sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==
+    dependencies:
+      emoji-regex "^8.0.0"
+      is-fullwidth-code-point "^3.0.0"
+      strip-ansi "^6.0.1"
+  
+  strip-ansi@^6.0.0, strip-ansi@^6.0.1:
+    version "6.0.1"
+    resolved "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz"
+    integrity sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==
+    dependencies:
+      ansi-regex "^5.0.1"
+  
+  strip-final-newline@^2.0.0:
+    version "2.0.0"
+    resolved "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz"
+    integrity sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==
+  
+  style-loader@^2.0.0:
+    version "2.0.0"
+    resolved "https://registry.npmjs.org/style-loader/-/style-loader-2.0.0.tgz"
+    integrity sha512-Z0gYUJmzZ6ZdRUqpg1r8GsaFKypE+3xAzuFeMuoHgjc9KZv3wMyCRjQIWEbhoFSq7+7yoHXySDJyyWQaPajeiQ==
+    dependencies:
+      loader-utils "^2.0.0"
+      schema-utils "^3.0.0"
+  
+  stylehacks@^5.1.1:
+    version "5.1.1"
+    resolved "https://registry.npmjs.org/stylehacks/-/stylehacks-5.1.1.tgz"
+    integrity sha512-sBpcd5Hx7G6seo7b1LkpttvTz7ikD0LlH5RmdcBNb6fFR0Fl7LQwHDFr300q4cwUqi+IYrFGmsIHieMBfnN/Bw==
+    dependencies:
+      browserslist "^4.21.4"
+      postcss-selector-parser "^6.0.4"
+  
+  supports-color@^5.3.0:
+    version "5.5.0"
+    resolved "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz"
+    integrity sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==
+    dependencies:
+      has-flag "^3.0.0"
+  
+  supports-color@^7.1.0:
+    version "7.2.0"
+    resolved "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz"
+    integrity sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==
+    dependencies:
+      has-flag "^4.0.0"
+  
+  supports-color@^8.0.0:
+    version "8.1.1"
+    resolved "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz"
+    integrity sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==
+    dependencies:
+      has-flag "^4.0.0"
+  
+  supports-preserve-symlinks-flag@^1.0.0:
+    version "1.0.0"
+    resolved "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz"
+    integrity sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==
+  
+  svgo@^2.7.0:
+    version "2.8.0"
+    resolved "https://registry.npmjs.org/svgo/-/svgo-2.8.0.tgz"
+    integrity sha512-+N/Q9kV1+F+UeWYoSiULYo4xYSDQlTgb+ayMobAXPwMnLvop7oxKMo9OzIrX5x3eS4L4f2UHhc9axXwY8DpChg==
+    dependencies:
+      "@trysound/sax" "0.2.0"
+      commander "^7.2.0"
+      css-select "^4.1.3"
+      css-tree "^1.1.3"
+      csso "^4.2.0"
+      picocolors "^1.0.0"
+      stable "^0.1.8"
+  
+  tapable@^2.1.1, tapable@^2.2.0:
+    version "2.2.1"
+    resolved "https://registry.npmjs.org/tapable/-/tapable-2.2.1.tgz"
+    integrity sha512-GNzQvQTOIP6RyTfE2Qxb8ZVlNmw0n88vp1szwWRimP02mnTsx3Wtn5qRdqY9w2XduFNUgvOwhNnQsjwCp+kqaQ==
+  
+  terser-webpack-plugin@^5.2.4, terser-webpack-plugin@^5.3.7:
+    version "5.3.7"
+    resolved "https://registry.npmjs.org/terser-webpack-plugin/-/terser-webpack-plugin-5.3.7.tgz"
+    integrity sha512-AfKwIktyP7Cu50xNjXF/6Qb5lBNzYaWpU6YfoX3uZicTx0zTy0stDDCsvjDapKsSDvOeWo5MEq4TmdBy2cNoHw==
+    dependencies:
+      "@jridgewell/trace-mapping" "^0.3.17"
+      jest-worker "^27.4.5"
+      schema-utils "^3.1.1"
+      serialize-javascript "^6.0.1"
+      terser "^5.16.5"
+  
+  terser@^4.6.3, terser@4.8.1:
+    version "4.8.1"
+    resolved "https://registry.npmjs.org/terser/-/terser-4.8.1.tgz"
+    integrity sha512-4GnLC0x667eJG0ewJTa6z/yXrbLGv80D9Ru6HIpCQmO+Q4PfEtBFi0ObSckqwL6VyQv/7ENJieXHo2ANmdQwgw==
+    dependencies:
+      commander "^2.20.0"
+      source-map "~0.6.1"
+      source-map-support "~0.5.12"
+  
+  terser@^5.16.5:
+    version "5.16.8"
+    resolved "https://registry.npmjs.org/terser/-/terser-5.16.8.tgz"
+    integrity sha512-QI5g1E/ef7d+PsDifb+a6nnVgC4F22Bg6T0xrBrz6iloVB4PUkkunp6V8nzoOOZJIzjWVdAGqCdlKlhLq/TbIA==
+    dependencies:
+      "@jridgewell/source-map" "^0.3.2"
+      acorn "^8.5.0"
+      commander "^2.20.0"
+      source-map-support "~0.5.20"
+  
+  terser@^5.9.0:
+    version "5.16.8"
+    resolved "https://registry.npmjs.org/terser/-/terser-5.16.8.tgz"
+    integrity sha512-QI5g1E/ef7d+PsDifb+a6nnVgC4F22Bg6T0xrBrz6iloVB4PUkkunp6V8nzoOOZJIzjWVdAGqCdlKlhLq/TbIA==
+    dependencies:
+      "@jridgewell/source-map" "^0.3.2"
+      acorn "^8.5.0"
+      commander "^2.20.0"
+      source-map-support "~0.5.20"
+  
+  thunky@^1.0.2:
+    version "1.1.0"
+    resolved "https://registry.npmjs.org/thunky/-/thunky-1.1.0.tgz"
+    integrity sha512-eHY7nBftgThBqOyHGVN+l8gF0BucP09fMo0oO/Lb0w1OF80dJv+lDVpXG60WMQvkcxAkNybKsrEIE3ZtKGmPrA==
+  
+  timers-browserify@^2.0.4:
+    version "2.0.12"
+    resolved "https://registry.npmjs.org/timers-browserify/-/timers-browserify-2.0.12.tgz"
+    integrity sha512-9phl76Cqm6FhSX9Xe1ZUAMLtm1BLkKj2Qd5ApyWkXzsMRaA7dgr81kf4wJmQf/hAvg8EEyJxDo3du/0KlhPiKQ==
+    dependencies:
+      setimmediate "^1.0.4"
+  
+  to-arraybuffer@^1.0.0:
+    version "1.0.1"
+    resolved "https://registry.npmjs.org/to-arraybuffer/-/to-arraybuffer-1.0.1.tgz"
+    integrity sha512-okFlQcoGTi4LQBG/PgSYblw9VOyptsz2KJZqc6qtgGdes8VktzUQkj4BI2blit072iS8VODNcMA+tvnS9dnuMA==
+  
+  to-fast-properties@^2.0.0:
+    version "2.0.0"
+    resolved "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz"
+    integrity sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==
+  
+  to-regex-range@^5.0.1:
+    version "5.0.1"
+    resolved "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz"
+    integrity sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==
+    dependencies:
+      is-number "^7.0.0"
+  
+  toidentifier@1.0.1:
+    version "1.0.1"
+    resolved "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.1.tgz"
+    integrity sha512-o5sSPKEkg/DIQNmH43V0/uerLrpzVedkUh8tGNvaeXpfpuwjKenlSox/2O/BTlZUtEe+JG7s5YhEz608PlAHRA==
+  
+  tryer@^1.0.1:
+    version "1.0.1"
+    resolved "https://registry.npmjs.org/tryer/-/tryer-1.0.1.tgz"
+    integrity sha512-c3zayb8/kWWpycWYg87P71E1S1ZL6b6IJxfb5fvsUgsf0S2MVGaDhDXXjDMpdCpfWXqptc+4mXwmiy1ypXqRAA==
+  
+  tslib@^2.0.3:
+    version "2.5.0"
+    resolved "https://registry.npmjs.org/tslib/-/tslib-2.5.0.tgz"
+    integrity sha512-336iVw3rtn2BUK7ORdIAHTyxHGRIHVReokCR3XjbckJMK7ms8FysBfhLR8IXnAgy7T0PTPNBWKiH514FOW/WSg==
+  
+  tty-browserify@0.0.0:
+    version "0.0.0"
+    resolved "https://registry.npmjs.org/tty-browserify/-/tty-browserify-0.0.0.tgz"
+    integrity sha512-JVa5ijo+j/sOoHGjw0sxw734b1LhBkQ3bvUGNdxnVXDCX81Yx7TFgnZygxrIIWn23hbfTaMYLwRmAxFyDuFmIw==
+  
+  type-is@~1.6.18:
+    version "1.6.18"
+    resolved "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz"
+    integrity sha512-TkRKr9sUTxEH8MdfuCSP7VizJyzRNMjj2J2do2Jr3Kym598JVdEksuzPQCnlFPW4ky9Q+iA+ma9BGm06XQBy8g==
+    dependencies:
+      media-typer "0.3.0"
+      mime-types "~2.1.24"
+  
+  unicode-canonical-property-names-ecmascript@^2.0.0:
+    version "2.0.0"
+    resolved "https://registry.npmjs.org/unicode-canonical-property-names-ecmascript/-/unicode-canonical-property-names-ecmascript-2.0.0.tgz"
+    integrity sha512-yY5PpDlfVIU5+y/BSCxAJRBIS1Zc2dDG3Ujq+sR0U+JjUevW2JhocOF+soROYDSaAezOzOKuyyixhD6mBknSmQ==
+  
+  unicode-match-property-ecmascript@^2.0.0:
+    version "2.0.0"
+    resolved "https://registry.npmjs.org/unicode-match-property-ecmascript/-/unicode-match-property-ecmascript-2.0.0.tgz"
+    integrity sha512-5kaZCrbp5mmbz5ulBkDkbY0SsPOjKqVS35VpL9ulMPfSl0J0Xsm+9Evphv9CoIZFwre7aJoa94AY6seMKGVN5Q==
+    dependencies:
+      unicode-canonical-property-names-ecmascript "^2.0.0"
+      unicode-property-aliases-ecmascript "^2.0.0"
+  
+  unicode-match-property-value-ecmascript@^2.1.0:
+    version "2.1.0"
+    resolved "https://registry.npmjs.org/unicode-match-property-value-ecmascript/-/unicode-match-property-value-ecmascript-2.1.0.tgz"
+    integrity sha512-qxkjQt6qjg/mYscYMC0XKRn3Rh0wFPlfxB0xkt9CfyTvpX1Ra0+rAmdX2QyAobptSEvuy4RtpPRui6XkV+8wjA==
+  
+  unicode-property-aliases-ecmascript@^2.0.0:
+    version "2.1.0"
+    resolved "https://registry.npmjs.org/unicode-property-aliases-ecmascript/-/unicode-property-aliases-ecmascript-2.1.0.tgz"
+    integrity sha512-6t3foTQI9qne+OZoVQB/8x8rk2k1eVy1gRXhV3oFQ5T6R1dqQ1xtin3XqSlx3+ATBkliTaR/hHyJBm+LVPNM8w==
+  
+  universalify@^2.0.0:
+    version "2.0.0"
+    resolved "https://registry.npmjs.org/universalify/-/universalify-2.0.0.tgz"
+    integrity sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ==
+  
+  unpipe@~1.0.0, unpipe@1.0.0:
+    version "1.0.0"
+    resolved "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz"
+    integrity sha512-pjy2bYhSsufwWlKwPc+l3cN7+wuJlK6uz0YdJEOlQDbl6jo/YlPi4mb8agUkVC8BF7V8NuzeyPNqRksA3hztKQ==
+  
+  update-browserslist-db@^1.0.10:
+    version "1.0.10"
+    resolved "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.10.tgz"
+    integrity sha512-OztqDenkfFkbSG+tRxBeAnCVPckDBcvibKd35yDONx6OU8N7sqgwc7rCbkJ/WcYtVRZ4ba68d6byhC21GFh7sQ==
+    dependencies:
+      escalade "^3.1.1"
+      picocolors "^1.0.0"
+  
+  uri-js@^4.2.2:
+    version "4.4.1"
+    resolved "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz"
+    integrity sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==
+    dependencies:
+      punycode "^2.1.0"
+  
+  url@^0.11.0:
+    version "0.11.0"
+    resolved "https://registry.npmjs.org/url/-/url-0.11.0.tgz"
+    integrity sha512-kbailJa29QrtXnxgq+DdCEGlbTeYM2eJUxsz6vjZavrCYPMIFHMKQmSKYAIuUK2i7hgPm28a8piX5NTUtM/LKQ==
+    dependencies:
+      punycode "1.3.2"
+      querystring "0.2.0"
+  
+  use-sync-external-store@1.2.0:
+    version "1.2.0"
+    resolved "https://registry.npmjs.org/use-sync-external-store/-/use-sync-external-store-1.2.0.tgz"
+    integrity sha512-eEgnFxGQ1Ife9bzYs6VLi8/4X6CObHMw9Qr9tPY43iKwsPw8xE8+EFsf/2cFZ5S3esXgpWgtSCtLNS41F+sKPA==
+  
+  util-deprecate@^1.0.1, util-deprecate@^1.0.2, util-deprecate@~1.0.1:
+    version "1.0.2"
+    resolved "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz"
+    integrity sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==
+  
+  util@^0.11.0:
+    version "0.11.1"
+    resolved "https://registry.npmjs.org/util/-/util-0.11.1.tgz"
+    integrity sha512-HShAsny+zS2TZfaXxD9tYj4HQGlBezXZMZuM/S5PKLLoZkShZiGk9o5CzukI1LVHZvjdvZ2Sj1aW/Ndn2NB/HQ==
+    dependencies:
+      inherits "2.0.3"
+  
+  util@0.10.3:
+    version "0.10.3"
+    resolved "https://registry.npmjs.org/util/-/util-0.10.3.tgz"
+    integrity sha512-5KiHfsmkqacuKjkRkdV7SsfDJ2EGiPsK92s2MhNSY0craxjTdKTtqKsJaCWp4LW33ZZ0OPUv1WO/TFvNQRiQxQ==
+    dependencies:
+      inherits "2.0.1"
+  
+  utils-merge@1.0.1:
+    version "1.0.1"
+    resolved "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz"
+    integrity sha512-pMZTvIkT1d+TFGvDOqodOclx0QWkkgi6Tdoa8gC8ffGAAqz9pzPTZWAybbsHHoED/ztMtkv/VoYTYyShUn81hA==
+  
+  uuid@^8.3.0, uuid@^8.3.2:
+    version "8.3.2"
+    resolved "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz"
+    integrity sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==
+  
+  vary@~1.1.2:
+    version "1.1.2"
+    resolved "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz"
+    integrity sha512-BNGbWLfd0eUPabhkXUVm0j8uuvREyTh5ovRa/dyow/BqAbZJyC+5fU+IzQOzmAKzYqYRAISoRhdQr3eIZ/PXqg==
+  
+  vm-browserify@^1.0.1:
+    version "1.1.2"
+    resolved "https://registry.npmjs.org/vm-browserify/-/vm-browserify-1.1.2.tgz"
+    integrity sha512-2ham8XPWTONajOR0ohOKOHXkm3+gaBmGut3SRuu75xLd/RRaY6vqgh8NBYYk7+RW3u5AtzPQZG8F10LHkl0lAQ==
+  
+  vue-country-flag-next@^2.3.2:
+    version "2.3.2"
+    resolved "https://registry.npmjs.org/vue-country-flag-next/-/vue-country-flag-next-2.3.2.tgz"
+    integrity sha512-Lv12L1VTwlBgizpZ3xPEPO3zuIETaJmeSiPuLOWLLgu2EakwU/o72iKYiKcdZ6BXiSkfss+Ski5fDzjuxZ1DcA==
+  
+  vue-loader@^17.0.1:
+    version "17.0.1"
+    resolved "https://registry.npmjs.org/vue-loader/-/vue-loader-17.0.1.tgz"
+    integrity sha512-/OOyugJnImKCkAKrAvdsWMuwoCqGxWT5USLsjohzWbMgOwpA5wQmzQiLMzZd7DjhIfunzAGIApTOgIylz/kwcg==
+    dependencies:
+      chalk "^4.1.0"
+      hash-sum "^2.0.0"
+      loader-utils "^2.0.0"
+  
+  vue-multiselect@^3.0.0-beta.1:
+    version "3.0.0-beta.2"
+    resolved "https://registry.npmjs.org/vue-multiselect/-/vue-multiselect-3.0.0-beta.2.tgz"
+    integrity sha512-TFVHtI/KdWoD3Opzbkso8OIqkZlZEqFF7f2jlYx1ttgC4Jv/48IGlU5zn6cBR4p2bFDFGCHF5SkLCaadLhnBPQ==
+  
+  vue-router@^4.1.6:
+    version "4.1.6"
+    resolved "https://registry.npmjs.org/vue-router/-/vue-router-4.1.6.tgz"
+    integrity sha512-DYWYwsG6xNPmLq/FmZn8Ip+qrhFEzA14EI12MsMgVxvHFDYvlr4NXpVF5hrRH1wVcDP8fGi5F4rxuJSl8/r+EQ==
+    dependencies:
+      "@vue/devtools-api" "^6.4.5"
+  
+  vue-select@^4.0.0-beta.5:
+    version "4.0.0-beta.5"
+    resolved "https://registry.npmjs.org/vue-select/-/vue-select-4.0.0-beta.5.tgz"
+    integrity sha512-W9alTe9NwVn2GR9QFW5CbrX47yghEaJCpUVs9JTv9Q7CWmsNPp5kIlETdke4aFHphZvyjDUlyvH/7/8XzfVZkw==
+  
+  vue-style-loader@^4.1.3:
+    version "4.1.3"
+    resolved "https://registry.npmjs.org/vue-style-loader/-/vue-style-loader-4.1.3.tgz"
+    integrity sha512-sFuh0xfbtpRlKfm39ss/ikqs9AbKCoXZBpHeVZ8Tx650o0k0q/YCM7FRvigtxpACezfq6af+a7JeqVTWvncqDg==
+    dependencies:
+      hash-sum "^1.0.2"
+      loader-utils "^1.0.2"
+  
+  vue@^3.0.0, vue@^3.2.0, vue@^3.2.47, vue@3.2.47, vue@3.x:
+    version "3.2.47"
+    resolved "https://registry.npmjs.org/vue/-/vue-3.2.47.tgz"
+    integrity sha512-60188y/9Dc9WVrAZeUVSDxRQOZ+z+y5nO2ts9jWXSTkMvayiWxCWOWtBQoYjLeccfXkiiPZWAHcV+WTPhkqJHQ==
+    dependencies:
+      "@vue/compiler-dom" "3.2.47"
+      "@vue/compiler-sfc" "3.2.47"
+      "@vue/runtime-dom" "3.2.47"
+      "@vue/server-renderer" "3.2.47"
+      "@vue/shared" "3.2.47"
+  
+  vuex@^4.1.0:
+    version "4.1.0"
+    resolved "https://registry.npmjs.org/vuex/-/vuex-4.1.0.tgz"
+    integrity sha512-hmV6UerDrPcgbSy9ORAtNXDr9M4wlNP4pEFKye4ujJF8oqgFFuxDCdOLS3eNoRTtq5O3hoBDh9Doj1bQMYHRbQ==
+    dependencies:
+      "@vue/devtools-api" "^6.0.0-beta.11"
+  
+  watchpack@^2.4.0:
+    version "2.4.0"
+    resolved "https://registry.npmjs.org/watchpack/-/watchpack-2.4.0.tgz"
+    integrity sha512-Lcvm7MGST/4fup+ifyKi2hjyIAwcdI4HRgtvTpIUxBRhB+RFtUh8XtDOxUfctVCnhVi+QQj49i91OyvzkJl6cg==
+    dependencies:
+      glob-to-regexp "^0.4.1"
+      graceful-fs "^4.1.2"
+  
+  wbuf@^1.1.0, wbuf@^1.7.3:
+    version "1.7.3"
+    resolved "https://registry.npmjs.org/wbuf/-/wbuf-1.7.3.tgz"
+    integrity sha512-O84QOnr0icsbFGLS0O3bI5FswxzRr8/gHwWkDlQFskhSPryQXvrTMxjxGP4+iWYoauLoBvfDpkrOauZ+0iZpDA==
+    dependencies:
+      minimalistic-assert "^1.0.0"
+  
+  webpack-bundle-analyzer@^3.0.3:
+    version "3.9.0"
+    resolved "https://registry.npmjs.org/webpack-bundle-analyzer/-/webpack-bundle-analyzer-3.9.0.tgz"
+    integrity sha512-Ob8amZfCm3rMB1ScjQVlbYYUEJyEjdEtQ92jqiFUYt5VkEeO2v5UMbv49P/gnmCZm3A6yaFQzCBvpZqN4MUsdA==
+    dependencies:
+      acorn "^7.1.1"
+      acorn-walk "^7.1.1"
+      bfj "^6.1.1"
+      chalk "^2.4.1"
+      commander "^2.18.0"
+      ejs "^2.6.1"
+      express "^4.16.3"
+      filesize "^3.6.1"
+      gzip-size "^5.0.0"
+      lodash "^4.17.19"
+      mkdirp "^0.5.1"
+      opener "^1.5.1"
+      ws "^6.0.0"
+  
+  webpack-cli@^4.9.1, webpack-cli@4.x.x:
+    version "4.10.0"
+    resolved "https://registry.npmjs.org/webpack-cli/-/webpack-cli-4.10.0.tgz"
+    integrity sha512-NLhDfH/h4O6UOy+0LSso42xvYypClINuMNBVVzX4vX98TmTaTUxwRbXdhucbFMd2qLaCTcLq/PdYrvi8onw90w==
+    dependencies:
+      "@discoveryjs/json-ext" "^0.5.0"
+      "@webpack-cli/configtest" "^1.2.0"
+      "@webpack-cli/info" "^1.5.0"
+      "@webpack-cli/serve" "^1.7.0"
+      colorette "^2.0.14"
+      commander "^7.0.0"
+      cross-spawn "^7.0.3"
+      fastest-levenshtein "^1.0.12"
+      import-local "^3.0.2"
+      interpret "^2.2.0"
+      rechoir "^0.7.0"
+      webpack-merge "^5.7.3"
+  
+  webpack-dev-middleware@^5.3.1:
+    version "5.3.3"
+    resolved "https://registry.npmjs.org/webpack-dev-middleware/-/webpack-dev-middleware-5.3.3.tgz"
+    integrity sha512-hj5CYrY0bZLB+eTO+x/j67Pkrquiy7kWepMHmUMoPsmcUaeEnQJqFzHJOyxgWlq746/wUuA64p9ta34Kyb01pA==
+    dependencies:
+      colorette "^2.0.10"
+      memfs "^3.4.3"
+      mime-types "^2.1.31"
+      range-parser "^1.2.1"
+      schema-utils "^4.0.0"
+  
+  webpack-dev-server@^4.7.3:
+    version "4.13.2"
+    resolved "https://registry.npmjs.org/webpack-dev-server/-/webpack-dev-server-4.13.2.tgz"
+    integrity sha512-5i6TrGBRxG4vnfDpB6qSQGfnB6skGBXNL5/542w2uRGLimX6qeE5BQMLrzIC3JYV/xlGOv+s+hTleI9AZKUQNw==
+    dependencies:
+      "@types/bonjour" "^3.5.9"
+      "@types/connect-history-api-fallback" "^1.3.5"
+      "@types/express" "^4.17.13"
+      "@types/serve-index" "^1.9.1"
+      "@types/serve-static" "^1.13.10"
+      "@types/sockjs" "^0.3.33"
+      "@types/ws" "^8.5.1"
+      ansi-html-community "^0.0.8"
+      bonjour-service "^1.0.11"
+      chokidar "^3.5.3"
+      colorette "^2.0.10"
+      compression "^1.7.4"
+      connect-history-api-fallback "^2.0.0"
+      default-gateway "^6.0.3"
+      express "^4.17.3"
+      graceful-fs "^4.2.6"
+      html-entities "^2.3.2"
+      http-proxy-middleware "^2.0.3"
+      ipaddr.js "^2.0.1"
+      launch-editor "^2.6.0"
+      open "^8.0.9"
+      p-retry "^4.5.0"
+      rimraf "^3.0.2"
+      schema-utils "^4.0.0"
+      selfsigned "^2.1.1"
+      serve-index "^1.9.1"
+      sockjs "^0.3.24"
+      spdy "^4.0.2"
+      webpack-dev-middleware "^5.3.1"
+      ws "^8.13.0"
+  
+  webpack-merge@^5.7.3, webpack-merge@^5.8.0:
+    version "5.8.0"
+    resolved "https://registry.npmjs.org/webpack-merge/-/webpack-merge-5.8.0.tgz"
+    integrity sha512-/SaI7xY0831XwP6kzuwhKWVKDP9t1QY1h65lAFLbZqMPIuYcD9QAW4u9STIbU9kaJbPBB/geU/gLr1wDjOhQ+Q==
+    dependencies:
+      clone-deep "^4.0.1"
+      wildcard "^2.0.0"
+  
+  webpack-notifier@^1.14.1:
+    version "1.15.0"
+    resolved "https://registry.npmjs.org/webpack-notifier/-/webpack-notifier-1.15.0.tgz"
+    integrity sha512-N2V8UMgRB5komdXQRavBsRpw0hPhJq2/SWNOGuhrXpIgRhcMexzkGQysUyGStHLV5hkUlgpRiF7IUXoBqyMmzQ==
+    dependencies:
+      node-notifier "^9.0.0"
+      strip-ansi "^6.0.0"
+  
+  webpack-sources@^1.1.0:
+    version "1.4.3"
+    resolved "https://registry.npmjs.org/webpack-sources/-/webpack-sources-1.4.3.tgz"
+    integrity sha512-lgTS3Xhv1lCOKo7SA5TjKXMjpSM4sBjNV5+q2bqesbSPs5FjGmU6jjtBSkX9b4qW87vDIsCIlUPOEhbZrMdjeQ==
+    dependencies:
+      source-list-map "^2.0.0"
+      source-map "~0.6.1"
+  
+  webpack-sources@^3.2.3:
+    version "3.2.3"
+    resolved "https://registry.npmjs.org/webpack-sources/-/webpack-sources-3.2.3.tgz"
+    integrity sha512-/DyMEOrDgLKKIG0fmvtz+4dUX/3Ghozwgm6iPp8KRhvn+eQf9+Q7GWxVNMk3+uCPWfdXYC4ExGBckIXdFEfH1w==
+  
+  "webpack@^4.0.0 || ^5.0.0", "webpack@^4.1.0 || ^5.0.0-0", "webpack@^4.27.0 || ^5.0.0", "webpack@^4.37.0 || ^5.0.0", "webpack@^4.4.0 || ^5.0.0", webpack@^5.0.0, webpack@^5.1.0, webpack@^5.60.0, webpack@>=2, "webpack@3 || 4 || 5", "webpack@4.x.x || 5.x.x":
+    version "5.89.0"
+    resolved "https://registry.npmjs.org/webpack/-/webpack-5.89.0.tgz"
+    integrity sha512-qyfIC10pOr70V+jkmud8tMfajraGCZMBWJtrmuBymQKCrLTRejBI8STDp1MCyZu/QTdZSeacCQYpYNQVOzX5kw==
+    dependencies:
+      "@types/eslint-scope" "^3.7.3"
+      "@types/estree" "^1.0.0"
+      "@webassemblyjs/ast" "^1.11.5"
+      "@webassemblyjs/wasm-edit" "^1.11.5"
+      "@webassemblyjs/wasm-parser" "^1.11.5"
+      acorn "^8.7.1"
+      acorn-import-assertions "^1.9.0"
+      browserslist "^4.14.5"
+      chrome-trace-event "^1.0.2"
+      enhanced-resolve "^5.15.0"
+      es-module-lexer "^1.2.1"
+      eslint-scope "5.1.1"
+      events "^3.2.0"
+      glob-to-regexp "^0.4.1"
+      graceful-fs "^4.2.9"
+      json-parse-even-better-errors "^2.3.1"
+      loader-runner "^4.2.0"
+      mime-types "^2.1.27"
+      neo-async "^2.6.2"
+      schema-utils "^3.2.0"
+      tapable "^2.1.1"
+      terser-webpack-plugin "^5.3.7"
+      watchpack "^2.4.0"
+      webpack-sources "^3.2.3"
+  
+  webpackbar@^5.0.0-3:
+    version "5.0.2"
+    resolved "https://registry.npmjs.org/webpackbar/-/webpackbar-5.0.2.tgz"
+    integrity sha512-BmFJo7veBDgQzfWXl/wwYXr/VFus0614qZ8i9znqcl9fnEdiVkdbi0TedLQ6xAK92HZHDJ0QmyQ0fmuZPAgCYQ==
+    dependencies:
+      chalk "^4.1.0"
+      consola "^2.15.3"
+      pretty-time "^1.1.0"
+      std-env "^3.0.1"
+  
+  websocket-driver@^0.7.4, websocket-driver@>=0.5.1:
+    version "0.7.4"
+    resolved "https://registry.npmjs.org/websocket-driver/-/websocket-driver-0.7.4.tgz"
+    integrity sha512-b17KeDIQVjvb0ssuSDF2cYXSg2iztliJ4B9WdsuB6J952qCPKmnVq4DyW5motImXHDC1cBT/1UezrJVsKw5zjg==
+    dependencies:
+      http-parser-js ">=0.5.1"
+      safe-buffer ">=5.1.0"
+      websocket-extensions ">=0.1.1"
+  
+  websocket-extensions@>=0.1.1:
+    version "0.1.4"
+    resolved "https://registry.npmjs.org/websocket-extensions/-/websocket-extensions-0.1.4.tgz"
+    integrity sha512-OqedPIGOfsDlo31UNwYbCFMSaO9m9G/0faIHj5/dZFDMFqPTcx6UwqyOy3COEaEOg/9VsGIpdqn62W5KhoKSpg==
+  
+  which@^2.0.1, which@^2.0.2:
+    version "2.0.2"
+    resolved "https://registry.npmjs.org/which/-/which-2.0.2.tgz"
+    integrity sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==
+    dependencies:
+      isexe "^2.0.0"
+  
+  wildcard@^2.0.0:
+    version "2.0.0"
+    resolved "https://registry.npmjs.org/wildcard/-/wildcard-2.0.0.tgz"
+    integrity sha512-JcKqAHLPxcdb9KM49dufGXn2x3ssnfjbcaQdLlfZsL9rH9wgDQjUtDxbo8NE0F6SFvydeu1VhZe7hZuHsB2/pw==
+  
+  wrap-ansi@^7.0.0:
+    version "7.0.0"
+    resolved "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz"
+    integrity sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==
+    dependencies:
+      ansi-styles "^4.0.0"
+      string-width "^4.1.0"
+      strip-ansi "^6.0.0"
+  
+  wrappy@1:
+    version "1.0.2"
+    resolved "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz"
+    integrity sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==
+  
+  ws@^6.0.0:
+    version "6.2.1"
+    resolved "https://registry.npmjs.org/ws/-/ws-6.2.1.tgz"
+    integrity sha512-GIyAXC2cB7LjvpgMt9EKS2ldqr0MTrORaleiOno6TweZ6r3TKtoFQWay/2PceJ3RuBasOHzXNn5Lrw1X0bEjqA==
+    dependencies:
+      async-limiter "~1.0.0"
+  
+  ws@^8.13.0:
+    version "8.13.0"
+    resolved "https://registry.npmjs.org/ws/-/ws-8.13.0.tgz"
+    integrity sha512-x9vcZYTrFPC7aSIbj7sRCYo7L/Xb8Iy+pW0ng0wt2vCJv7M9HOMy0UoN3rr+IFC7hb7vXoqS+P9ktyLLLhO+LA==
+  
+  xtend@^4.0.0:
+    version "4.0.2"
+    resolved "https://registry.npmjs.org/xtend/-/xtend-4.0.2.tgz"
+    integrity sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==
+  
+  y18n@^5.0.5:
+    version "5.0.8"
+    resolved "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz"
+    integrity sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==
+  
+  yallist@^3.0.2:
+    version "3.1.1"
+    resolved "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz"
+    integrity sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==
+  
+  yallist@^4.0.0:
+    version "4.0.0"
+    resolved "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz"
+    integrity sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==
+  
+  yaml@^1.10.0, yaml@^1.10.2:
+    version "1.10.2"
+    resolved "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz"
+    integrity sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==
+  
+  yargs-parser@^21.1.1:
+    version "21.1.1"
+    resolved "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz"
+    integrity sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==
+  
+  yargs@^17.2.1:
+    version "17.7.1"
+    resolved "https://registry.npmjs.org/yargs/-/yargs-17.7.1.tgz"
+    integrity sha512-cwiTb08Xuv5fqF4AovYacTFNxk62th7LKJ6BL9IGUpTJrWoU7/7WdQGTP2SjKf1dUNBGzDd28p/Yfs/GI6JrLw==
+    dependencies:
+      cliui "^8.0.1"
+      escalade "^3.1.1"
+      get-caller-file "^2.0.5"
+      require-directory "^2.1.1"
+      string-width "^4.2.3"
+      y18n "^5.0.5"
+      yargs-parser "^21.1.1"
+  
+  yarn-upgrade-all@^0.7.2:
+    version "0.7.2"
+    resolved "https://registry.npmjs.org/yarn-upgrade-all/-/yarn-upgrade-all-0.7.2.tgz"
+    integrity sha512-iVxmoBuNdpxeahAIehJ039Pp6S8zQ/qTENQRMV5hp7x/2tLGUzytCODIKZFjfUwcRRKT3boGgHheUEWC7+VlQw==
+  
+  zalgo-promise@^1, zalgo-promise@^1.0.10, zalgo-promise@^1.0.11, zalgo-promise@^1.0.26, zalgo-promise@^1.0.28, zalgo-promise@^1.0.3, zalgo-promise@^1.0.34:
+    version "1.0.46"
+    resolved "https://registry.npmjs.org/zalgo-promise/-/zalgo-promise-1.0.46.tgz"
+    integrity sha512-tzPpQRqaQQavxl17TY98nznvmr+judUg3My7ugsUcRDbdqisYOE2z79HNNDgXnyX3eA0mf2bMOJrqHptt00npg==
+  
+  zoid@^6.0.67:
+    version "6.0.80"
+    resolved "https://registry.npmjs.org/zoid/-/zoid-6.0.80.tgz"
+    integrity sha512-6hulO+7+lwnfFbC7XbJwzSIyp2tP2gteHpmdQeDjMtsx/cI1YzrhZQ5ZGl0VEofv/jQB9RZh/+gf8S3wC5U7ow==
+    dependencies:
+      beaver-logger "^3.0.17"
+      belter "^1.0.77"
+      cross-domain-safe-weakmap "^1.0.22"
+      cross-domain-utils "^2.0.16"
+      hi-base32 "^0.5.0"
+      post-robot "^8.0.29"
+      zalgo-promise "^1.0.34"
+  
+  zustand@^4.4.7:
+    version "4.4.7"
+    resolved "https://registry.npmjs.org/zustand/-/zustand-4.4.7.tgz"
+    integrity sha512-QFJWJMdlETcI69paJwhSMJz7PPWjVP8Sjhclxmxmxv/RYI7ZOvR5BHX+ktH0we9gTWQMxcne8q1OY8xxz604gw==
+    dependencies:
+      use-sync-external-store "1.2.0"
diff --git a/src/themes/ivpn-v3/yarn.lock b/src/themes/ivpn-v3/yarn.lock
index d39249a58..4b7d58cde 100644
--- a/src/themes/ivpn-v3/yarn.lock
+++ b/src/themes/ivpn-v3/yarn.lock
@@ -1071,6 +1071,60 @@
   resolved "https://registry.yarnpkg.com/@discoveryjs/json-ext/-/json-ext-0.5.7.tgz#1d572bfbbe14b7704e0ba0f39b74815b84870d70"
   integrity sha512-dBVuXR082gk3jsFp7Rd/JI4kytwGHecnCoTtXFb7DB6CNHp4rg5k1bhg0nWdLGLnOV71lmDzGQaLMy8iPLY0pw==
 
+"@intlify/bundle-utils@^8.0.0":
+  version "8.0.0"
+  resolved "https://registry.yarnpkg.com/@intlify/bundle-utils/-/bundle-utils-8.0.0.tgz#4e05153ac031bfc7adef70baedc9b0744a93adfd"
+  integrity sha512-1B++zykRnMwQ+20SpsZI1JCnV/YJt9Oq7AGlEurzkWJOFtFAVqaGc/oV36PBRYeiKnTbY9VYfjBimr2Vt42wLQ==
+  dependencies:
+    "@intlify/message-compiler" "^9.4.0"
+    "@intlify/shared" "^9.4.0"
+    acorn "^8.8.2"
+    escodegen "^2.1.0"
+    estree-walker "^2.0.2"
+    jsonc-eslint-parser "^2.3.0"
+    mlly "^1.2.0"
+    source-map-js "^1.0.1"
+    yaml-eslint-parser "^1.2.2"
+
+"@intlify/core-base@9.11.1":
+  version "9.11.1"
+  resolved "https://registry.yarnpkg.com/@intlify/core-base/-/core-base-9.11.1.tgz#0cef49b87bc493eba8e024c4ae688aa5503fdb97"
+  integrity sha512-qWXBBlEA+DC0CsHkfJiQK9ELm11c9I6lDpodY4FoOf99eMas1R6JR4woPhrfAcrtxFHp1UmXWdrQNKDegSW9IA==
+  dependencies:
+    "@intlify/message-compiler" "9.11.1"
+    "@intlify/shared" "9.11.1"
+
+"@intlify/message-compiler@9.11.1", "@intlify/message-compiler@^9.4.0":
+  version "9.11.1"
+  resolved "https://registry.yarnpkg.com/@intlify/message-compiler/-/message-compiler-9.11.1.tgz#6da0ab700c994903ddcac0ccf2d38e7ad4edf912"
+  integrity sha512-y/aWx7DkaTKK2qWUw0hVbJpon8+urWXngeqh15DuIXZh6n/V/oPQiO/Ho1hUKbwap6MVMuz0OcnAJvqh3p9YPg==
+  dependencies:
+    "@intlify/shared" "9.11.1"
+    source-map-js "^1.0.2"
+
+"@intlify/shared@9.11.1", "@intlify/shared@^9.4.0":
+  version "9.11.1"
+  resolved "https://registry.yarnpkg.com/@intlify/shared/-/shared-9.11.1.tgz#03e9ae5a90d62df4800f307d9f1dfc34b6fd8cbc"
+  integrity sha512-yuDG82vjgId2oasNRgZ0PKJrF65zlL33MNyITP5itbLcP4AYOR/NcIuD+/DiI+GHXdxASMKJU0ZiITLc6RC+qw==
+
+"@intlify/unplugin-vue-i18n@^4.0.0":
+  version "4.0.0"
+  resolved "https://registry.yarnpkg.com/@intlify/unplugin-vue-i18n/-/unplugin-vue-i18n-4.0.0.tgz#b82fb1bb1a3b982d8f35d07729ca5337d6018269"
+  integrity sha512-q2Mhqa/mLi0tulfLFO4fMXXvEbkSZpI5yGhNNsLTNJJ41icEGUuyDe+j5zRZIKSkOJRgX6YbCyibTDJdRsukmw==
+  dependencies:
+    "@intlify/bundle-utils" "^8.0.0"
+    "@intlify/shared" "^9.4.0"
+    "@rollup/pluginutils" "^5.1.0"
+    "@vue/compiler-sfc" "^3.2.47"
+    debug "^4.3.3"
+    fast-glob "^3.2.12"
+    js-yaml "^4.1.0"
+    json5 "^2.2.3"
+    pathe "^1.0.0"
+    picocolors "^1.0.0"
+    source-map-js "^1.0.2"
+    unplugin "^1.1.0"
+
 "@jridgewell/gen-mapping@^0.1.0":
   version "0.1.1"
   resolved "https://registry.yarnpkg.com/@jridgewell/gen-mapping/-/gen-mapping-0.1.1.tgz#e5d2e450306a9491e3bd77e323e38d7aff315996"
@@ -1154,6 +1208,15 @@
     hi-base32 "^0.5.0"
     zalgo-promise "^1.0.28"
 
+"@rollup/pluginutils@^5.1.0":
+  version "5.1.0"
+  resolved "https://registry.yarnpkg.com/@rollup/pluginutils/-/pluginutils-5.1.0.tgz#7e53eddc8c7f483a4ad0b94afb1f7f5fd3c771e0"
+  integrity sha512-XTIWOPPcpvyKI6L1NHo0lFlCyznUEyPmPY1mc3KpPVDYulHSTvyeLNVW00QTLIAFNhR3kYnJTQHeGqU4M3n09g==
+  dependencies:
+    "@types/estree" "^1.0.0"
+    estree-walker "^2.0.2"
+    picomatch "^2.3.1"
+
 "@trysound/sax@0.2.0":
   version "0.2.0"
   resolved "https://registry.yarnpkg.com/@trysound/sax/-/sax-0.2.0.tgz#cccaab758af56761eb7bf37af6f03f326dd798ad"
@@ -1256,6 +1319,11 @@
   resolved "https://registry.yarnpkg.com/@types/estree/-/estree-0.0.51.tgz#cfd70924a25a3fd32b218e5e420e6897e1ac4f40"
   integrity sha512-CuPgU6f3eT/XgKKPqKd/gLZV1Xmvf1a2R5POBOGQa6uv82xpls89HU5zKeVoyR8XzHd1RGNOlQlvUe3CFkjWNQ==
 
+"@types/estree@^1.0.0":
+  version "1.0.5"
+  resolved "https://registry.yarnpkg.com/@types/estree/-/estree-1.0.5.tgz#a6ce3e556e00fd9895dd872dd172ad0d4bd687f4"
+  integrity sha512-/kYRxGDLWzHOB7q+wtSUQlFrtcdUccpfy+X+9iMBpHK8QLLhx2wIPYuS5DYtR9Wa/YlZAbIovy7qVdB1Aq6Lyw==
+
 "@types/express-serve-static-core@*", "@types/express-serve-static-core@^4.17.33":
   version "4.17.33"
   resolved "https://registry.yarnpkg.com/@types/express-serve-static-core/-/express-serve-static-core-4.17.33.tgz#de35d30a9d637dc1450ad18dd583d75d5733d543"
@@ -1461,6 +1529,11 @@
   resolved "https://registry.yarnpkg.com/@vue/devtools-api/-/devtools-api-6.5.0.tgz#98b99425edee70b4c992692628fa1ea2c1e57d07"
   integrity sha512-o9KfBeaBmCKl10usN4crU53fYtC1r7jJwdGKjPT24t348rHxgfpZ0xL3Xm/gLUYnc0oTp8LAmrxOeLyu6tbk2Q==
 
+"@vue/devtools-api@^6.5.0":
+  version "6.6.1"
+  resolved "https://registry.yarnpkg.com/@vue/devtools-api/-/devtools-api-6.6.1.tgz#7c14346383751d9f6ad4bea0963245b30220ef83"
+  integrity sha512-LgPscpE3Vs0x96PzSSB4IGVSZXZBZHpfxs+ZA1d+VEPwHdOXowy/Y2CsvCAIFrf+ssVU1pD1jidj505EpUnfbA==
+
 "@vue/reactivity-transform@3.2.47":
   version "3.2.47"
   resolved "https://registry.yarnpkg.com/@vue/reactivity-transform/-/reactivity-transform-3.2.47.tgz#e45df4d06370f8abf29081a16afd25cffba6d84e"
@@ -1675,6 +1748,11 @@ acorn-import-assertions@^1.7.6:
   resolved "https://registry.yarnpkg.com/acorn-import-assertions/-/acorn-import-assertions-1.8.0.tgz#ba2b5939ce62c238db6d93d81c9b111b29b855e9"
   integrity sha512-m7VZ3jwz4eK6A4Vtt8Ew1/mNbP24u0FhdyfA7fSvnJR6LMdfOYnmuIrrJAgrYfYJ10F/otaHTtrtrtmHdMNzEw==
 
+acorn-jsx@^5.3.2:
+  version "5.3.2"
+  resolved "https://registry.yarnpkg.com/acorn-jsx/-/acorn-jsx-5.3.2.tgz#7ed5bb55908b3b2f1bc55c6af1653bada7f07937"
+  integrity sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==
+
 acorn-walk@^7.1.1:
   version "7.2.0"
   resolved "https://registry.yarnpkg.com/acorn-walk/-/acorn-walk-7.2.0.tgz#0de889a601203909b0fbe07b8938dc21d2e967bc"
@@ -1685,6 +1763,11 @@ acorn@^7.1.1:
   resolved "https://registry.yarnpkg.com/acorn/-/acorn-7.4.1.tgz#feaed255973d2e77555b83dbc08851a6c63520fa"
   integrity sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A==
 
+acorn@^8.11.3, acorn@^8.8.2, acorn@^8.9.0:
+  version "8.11.3"
+  resolved "https://registry.yarnpkg.com/acorn/-/acorn-8.11.3.tgz#71e0b14e13a4ec160724b38fb7b0f233b1b81d7a"
+  integrity sha512-Y9rRfJG5jcKOE0CLisYbojUjIrIEE7AGMzA/Sm4BslANhbS+cDMpgBdcPT91oJ7OuJ9hYJBx59RjbhxVnrF8Xg==
+
 acorn@^8.5.0, acorn@^8.7.1:
   version "8.8.2"
   resolved "https://registry.yarnpkg.com/acorn/-/acorn-8.8.2.tgz#1b2f25db02af965399b9776b0c2c391276d37c4a"
@@ -1777,6 +1860,11 @@ anymatch@~3.1.2:
     normalize-path "^3.0.0"
     picomatch "^2.0.4"
 
+argparse@^2.0.1:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/argparse/-/argparse-2.0.1.tgz#246f50f3ca78a3240f6c997e8a9bd1eac49e4b38"
+  integrity sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==
+
 array-flatten@1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/array-flatten/-/array-flatten-1.1.1.tgz#9a5f699051b1e7073328f2a008968b64ea2955d2"
@@ -2219,6 +2307,21 @@ chokidar@^3.5.2, chokidar@^3.5.3:
   optionalDependencies:
     fsevents "~2.3.2"
 
+chokidar@^3.6.0:
+  version "3.6.0"
+  resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-3.6.0.tgz#197c6cc669ef2a8dc5e7b4d97ee4e092c3eb0d5b"
+  integrity sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw==
+  dependencies:
+    anymatch "~3.1.2"
+    braces "~3.0.2"
+    glob-parent "~5.1.2"
+    is-binary-path "~2.1.0"
+    is-glob "~4.0.1"
+    normalize-path "~3.0.0"
+    readdirp "~3.6.0"
+  optionalDependencies:
+    fsevents "~2.3.2"
+
 chrome-trace-event@^1.0.2:
   version "1.0.3"
   resolved "https://registry.yarnpkg.com/chrome-trace-event/-/chrome-trace-event-1.0.3.tgz#1015eced4741e15d06664a957dbbf50d041e26ac"
@@ -2645,7 +2748,7 @@ debug@2.6.9:
   dependencies:
     ms "2.0.0"
 
-debug@^4.1.0, debug@^4.1.1:
+debug@^4.1.0, debug@^4.1.1, debug@^4.3.3:
   version "4.3.4"
   resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.4.tgz#1319f6579357f2338d3337d2cdd4914bb5dcc865"
   integrity sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==
@@ -2873,6 +2976,17 @@ escape-string-regexp@^1.0.5:
   resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz#1b61c0562190a8dff6ae3bb2cf0200ca130b86d4"
   integrity sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==
 
+escodegen@^2.1.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/escodegen/-/escodegen-2.1.0.tgz#ba93bbb7a43986d29d6041f99f5262da773e2e17"
+  integrity sha512-2NlIDTwUWJN0mRPQOdtQBzbUHvdGY2P1VXSyU83Q3xKxM7WHX2Ql8dKq782Q9TgQUNOLEzEYu9bzLNj1q88I5w==
+  dependencies:
+    esprima "^4.0.1"
+    estraverse "^5.2.0"
+    esutils "^2.0.2"
+  optionalDependencies:
+    source-map "~0.6.1"
+
 eslint-scope@5.1.1:
   version "5.1.1"
   resolved "https://registry.yarnpkg.com/eslint-scope/-/eslint-scope-5.1.1.tgz#e786e59a66cb92b3f6c1fb0d508aab174848f48c"
@@ -2881,6 +2995,25 @@ eslint-scope@5.1.1:
     esrecurse "^4.3.0"
     estraverse "^4.1.1"
 
+eslint-visitor-keys@^3.0.0, eslint-visitor-keys@^3.4.1:
+  version "3.4.3"
+  resolved "https://registry.yarnpkg.com/eslint-visitor-keys/-/eslint-visitor-keys-3.4.3.tgz#0cd72fe8550e3c2eae156a96a4dddcd1c8ac5800"
+  integrity sha512-wpc+LXeiyiisxPlEkUzU6svyS1frIO3Mgxj1fdy7Pm8Ygzguax2N3Fa/D/ag1WqbOprdI+uY6wMUl8/a2G+iag==
+
+espree@^9.0.0:
+  version "9.6.1"
+  resolved "https://registry.yarnpkg.com/espree/-/espree-9.6.1.tgz#a2a17b8e434690a5432f2f8018ce71d331a48c6f"
+  integrity sha512-oruZaFkjorTpF32kDSI5/75ViwGeZginGGy2NoOSg3Q9bnwlnmDm4HLnkl0RE3n+njDXR037aY1+x58Z/zFdwQ==
+  dependencies:
+    acorn "^8.9.0"
+    acorn-jsx "^5.3.2"
+    eslint-visitor-keys "^3.4.1"
+
+esprima@^4.0.1:
+  version "4.0.1"
+  resolved "https://registry.yarnpkg.com/esprima/-/esprima-4.0.1.tgz#13b04cdb3e6c5d19df91ab6987a8695619b0aa71"
+  integrity sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==
+
 esrecurse@^4.3.0:
   version "4.3.0"
   resolved "https://registry.yarnpkg.com/esrecurse/-/esrecurse-4.3.0.tgz#7ad7964d679abb28bee72cec63758b1c5d2c9921"
@@ -2999,6 +3132,17 @@ fast-glob@^3.0.3:
     merge2 "^1.3.0"
     micromatch "^4.0.4"
 
+fast-glob@^3.2.12:
+  version "3.3.2"
+  resolved "https://registry.yarnpkg.com/fast-glob/-/fast-glob-3.3.2.tgz#a904501e57cfdd2ffcded45e99a54fef55e46129"
+  integrity sha512-oX2ruAFQwf/Orj8m737Y5adxDQO0LAB7/S5MnxCdTNDd4p6BsyIVsv9JQsATbTSq8KHRpLwIHbVlUNatxd+1Ow==
+  dependencies:
+    "@nodelib/fs.stat" "^2.0.2"
+    "@nodelib/fs.walk" "^1.2.3"
+    glob-parent "^5.1.2"
+    merge2 "^1.3.0"
+    micromatch "^4.0.4"
+
 fast-json-stable-stringify@^2.0.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz#874bf69c6f404c2b5d99c481341399fd55892633"
@@ -3646,6 +3790,13 @@ js-tokens@^4.0.0:
   resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-4.0.0.tgz#19203fb59991df98e3a287050d4647cdeaf32499"
   integrity sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==
 
+js-yaml@^4.1.0:
+  version "4.1.0"
+  resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.0.tgz#c1fb65f8f5017901cdd2c951864ba18458a10602"
+  integrity sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==
+  dependencies:
+    argparse "^2.0.1"
+
 jsesc@^2.5.1:
   version "2.5.2"
   resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-2.5.2.tgz#80564d2e483dacf6e8ef209650a67df3f0c283a4"
@@ -3678,11 +3829,26 @@ json5@^1.0.1:
   dependencies:
     minimist "^1.2.0"
 
-json5@^2.1.2, json5@^2.2.2:
+json5@^2.1.2, json5@^2.2.2, json5@^2.2.3:
   version "2.2.3"
   resolved "https://registry.yarnpkg.com/json5/-/json5-2.2.3.tgz#78cd6f1a19bdc12b73db5ad0c61efd66c1e29283"
   integrity sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==
 
+jsonc-eslint-parser@^2.3.0:
+  version "2.4.0"
+  resolved "https://registry.yarnpkg.com/jsonc-eslint-parser/-/jsonc-eslint-parser-2.4.0.tgz#74ded53f9d716e8d0671bd167bf5391f452d5461"
+  integrity sha512-WYDyuc/uFcGp6YtM2H0uKmUwieOuzeE/5YocFJLnLfclZ4inf3mRn8ZVy1s7Hxji7Jxm6Ss8gqpexD/GlKoGgg==
+  dependencies:
+    acorn "^8.5.0"
+    eslint-visitor-keys "^3.0.0"
+    espree "^9.0.0"
+    semver "^7.3.5"
+
+jsonc-parser@^3.2.0:
+  version "3.2.1"
+  resolved "https://registry.yarnpkg.com/jsonc-parser/-/jsonc-parser-3.2.1.tgz#031904571ccf929d7670ee8c547545081cb37f1a"
+  integrity sha512-AilxAyFOAcK5wA1+LeaySVBrHsGQvUFCDWXKpZjzaL0PqW+xfBOttn8GNtWKFWqneyMZj41MWF9Kl6iPWLwgOA==
+
 jsonfile@^6.0.1:
   version "6.1.0"
   resolved "https://registry.yarnpkg.com/jsonfile/-/jsonfile-6.1.0.tgz#bc55b2634793c679ec6403094eb13698a6ec0aae"
@@ -4036,6 +4202,16 @@ mkdirp@^0.5.1:
   dependencies:
     minimist "^1.2.5"
 
+mlly@^1.2.0:
+  version "1.6.1"
+  resolved "https://registry.yarnpkg.com/mlly/-/mlly-1.6.1.tgz#0983067dc3366d6314fc5e12712884e6978d028f"
+  integrity sha512-vLgaHvaeunuOXHSmEbZ9izxPx3USsk8KCQ8iC+aTlp5sKRSoZvwhHh5L9VbKSaVC6sJDqbyohIS76E2VmHIPAA==
+  dependencies:
+    acorn "^8.11.3"
+    pathe "^1.1.2"
+    pkg-types "^1.0.3"
+    ufo "^1.3.2"
+
 ms@2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8"
@@ -4343,6 +4519,11 @@ path-type@^4.0.0:
   resolved "https://registry.yarnpkg.com/path-type/-/path-type-4.0.0.tgz#84ed01c0a7ba380afe09d90a8c180dcd9d03043b"
   integrity sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==
 
+pathe@^1.0.0, pathe@^1.1.0, pathe@^1.1.2:
+  version "1.1.2"
+  resolved "https://registry.yarnpkg.com/pathe/-/pathe-1.1.2.tgz#6c4cb47a945692e48a1ddd6e4094d170516437ec"
+  integrity sha512-whLdWMYL2TwI08hn8/ZqAbrVemu0LNaNNJZX73O6qaIdCTfXutsLhMkjdENX0qhsQ9uIimo4/aQOmXkoon2nDQ==
+
 paypal-checkout@^4.0.336:
   version "4.0.336"
   resolved "https://registry.yarnpkg.com/paypal-checkout/-/paypal-checkout-4.0.336.tgz#255065fa32c509904fa4ff0d99f9ddb212899eda"
@@ -4393,6 +4574,15 @@ pkg-dir@^4.1.0, pkg-dir@^4.2.0:
   dependencies:
     find-up "^4.0.0"
 
+pkg-types@^1.0.3:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/pkg-types/-/pkg-types-1.0.3.tgz#988b42ab19254c01614d13f4f65a2cfc7880f868"
+  integrity sha512-nN7pYi0AQqJnoLPC9eHFQ8AcyaixBUOwvqc5TDnIKCMEE6I0y8P7OKA7fPexsXGCGxQDl/cmrLAp26LhcwxZ4A==
+  dependencies:
+    jsonc-parser "^3.2.0"
+    mlly "^1.2.0"
+    pathe "^1.1.0"
+
 post-robot@^8.0.0, post-robot@^8.0.29:
   version "8.0.31"
   resolved "https://registry.yarnpkg.com/post-robot/-/post-robot-8.0.31.tgz#0b5592b695d9252b86105b50b33d4469447349d5"
@@ -5211,6 +5401,11 @@ source-list-map@^2.0.0:
   resolved "https://registry.yarnpkg.com/source-map-js/-/source-map-js-1.0.2.tgz#adbc361d9c62df380125e7f161f71c826f1e490c"
   integrity sha512-R0XvVJ9WusLiqTCEiGCmICCMplcCkIwwR11mOSD9CR5u+IXYdiseeEuXCVAjS54zqwkLcPNnmU4OeJ6tUrWhDw==
 
+source-map-js@^1.0.1:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/source-map-js/-/source-map-js-1.2.0.tgz#16b809c162517b5b8c3e7dcd315a2a5c2612b2af"
+  integrity sha512-itJW8lvSA0TXEphiRoawsCksnlf8SyvmFzIhltqAHluXd88pkCd+cXJVHTDwdCr0IzwptSm035IHQktUu1QUMg==
+
 source-map-support@~0.5.12, source-map-support@~0.5.20:
   version "0.5.21"
   resolved "https://registry.yarnpkg.com/source-map-support/-/source-map-support-0.5.21.tgz#04fe7c7f9e1ed2d662233c28cb2b35b9f63f6e4f"
@@ -5473,6 +5668,11 @@ type-is@~1.6.18:
     media-typer "0.3.0"
     mime-types "~2.1.24"
 
+ufo@^1.3.2:
+  version "1.5.3"
+  resolved "https://registry.yarnpkg.com/ufo/-/ufo-1.5.3.tgz#3325bd3c977b6c6cd3160bf4ff52989adc9d3344"
+  integrity sha512-Y7HYmWaFwPUmkoQCUIAYpKqkOf+SbVj/2fJJZ4RJMCfZp0rTGwRbzQD+HghfnhKOjL9E01okqz+ncJskGYfBNw==
+
 unicode-canonical-property-names-ecmascript@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/unicode-canonical-property-names-ecmascript/-/unicode-canonical-property-names-ecmascript-2.0.0.tgz#301acdc525631670d39f6146e0e77ff6bbdebddc"
@@ -5506,6 +5706,16 @@ unpipe@1.0.0, unpipe@~1.0.0:
   resolved "https://registry.yarnpkg.com/unpipe/-/unpipe-1.0.0.tgz#b2bf4ee8514aae6165b4817829d21b2ef49904ec"
   integrity sha512-pjy2bYhSsufwWlKwPc+l3cN7+wuJlK6uz0YdJEOlQDbl6jo/YlPi4mb8agUkVC8BF7V8NuzeyPNqRksA3hztKQ==
 
+unplugin@^1.1.0:
+  version "1.10.1"
+  resolved "https://registry.yarnpkg.com/unplugin/-/unplugin-1.10.1.tgz#8ceda065dc71bc67d923dea0920f05c67f2cd68c"
+  integrity sha512-d6Mhq8RJeGA8UfKCu54Um4lFA0eSaRa3XxdAJg8tIdxbu1ubW0hBCZUL7yI2uGyYCRndvbK8FLHzqy2XKfeMsg==
+  dependencies:
+    acorn "^8.11.3"
+    chokidar "^3.6.0"
+    webpack-sources "^3.2.3"
+    webpack-virtual-modules "^0.6.1"
+
 update-browserslist-db@^1.0.10:
   version "1.0.10"
   resolved "https://registry.yarnpkg.com/update-browserslist-db/-/update-browserslist-db-1.0.10.tgz#0f54b876545726f17d00cd9a2561e6dade943ff3"
@@ -5573,6 +5783,15 @@ vue-country-flag-next@^2.3.2:
   resolved "https://registry.yarnpkg.com/vue-country-flag-next/-/vue-country-flag-next-2.3.2.tgz#c35d283f83b7631be414c720391a8363991557c2"
   integrity sha512-Lv12L1VTwlBgizpZ3xPEPO3zuIETaJmeSiPuLOWLLgu2EakwU/o72iKYiKcdZ6BXiSkfss+Ski5fDzjuxZ1DcA==
 
+vue-i18n@9:
+  version "9.11.1"
+  resolved "https://registry.yarnpkg.com/vue-i18n/-/vue-i18n-9.11.1.tgz#87d8fceaf8862240d64091227ecf66a1465d6096"
+  integrity sha512-S7Xi8DkLQG4xnnbxkxzipJK6CdfLdZkmApn95st89HFGp8LTmTH0Tv+Zw6puhOCZJCFrH73PHo3Ylwd2+Bmdxg==
+  dependencies:
+    "@intlify/core-base" "9.11.1"
+    "@intlify/shared" "9.11.1"
+    "@vue/devtools-api" "^6.5.0"
+
 vue-loader@^17.0.1:
   version "17.0.1"
   resolved "https://registry.yarnpkg.com/vue-loader/-/vue-loader-17.0.1.tgz#c0ee8875e0610a0c2d13ba9b4d50a9c8442e7a3a"
@@ -5753,6 +5972,11 @@ webpack-sources@^3.2.3:
   resolved "https://registry.yarnpkg.com/webpack-sources/-/webpack-sources-3.2.3.tgz#2d4daab8451fd4b240cc27055ff6a0c2ccea0cde"
   integrity sha512-/DyMEOrDgLKKIG0fmvtz+4dUX/3Ghozwgm6iPp8KRhvn+eQf9+Q7GWxVNMk3+uCPWfdXYC4ExGBckIXdFEfH1w==
 
+webpack-virtual-modules@^0.6.1:
+  version "0.6.1"
+  resolved "https://registry.yarnpkg.com/webpack-virtual-modules/-/webpack-virtual-modules-0.6.1.tgz#ac6fdb9c5adb8caecd82ec241c9631b7a3681b6f"
+  integrity sha512-poXpCylU7ExuvZK8z+On3kX+S8o/2dQ/SVYueKA0D4WEMXROXgY8Ez50/bQEUmvoSMMrWcrJqCHuhAbsiwg7Dg==
+
 webpack@^5.60.0:
   version "5.77.0"
   resolved "https://registry.yarnpkg.com/webpack/-/webpack-5.77.0.tgz#dea3ad16d7ea6b84aa55fa42f4eac9f30e7eb9b4"
@@ -5865,11 +6089,25 @@ yallist@^4.0.0:
   resolved "https://registry.yarnpkg.com/yallist/-/yallist-4.0.0.tgz#9bb92790d9c0effec63be73519e11a35019a3a72"
   integrity sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==
 
+yaml-eslint-parser@^1.2.2:
+  version "1.2.2"
+  resolved "https://registry.yarnpkg.com/yaml-eslint-parser/-/yaml-eslint-parser-1.2.2.tgz#1a9673ebe254328cfc2fa99f297f6d8c9364ccd8"
+  integrity sha512-pEwzfsKbTrB8G3xc/sN7aw1v6A6c/pKxLAkjclnAyo5g5qOh6eL9WGu0o3cSDQZKrTNk4KL4lQSwZW+nBkANEg==
+  dependencies:
+    eslint-visitor-keys "^3.0.0"
+    lodash "^4.17.21"
+    yaml "^2.0.0"
+
 yaml@^1.10.0, yaml@^1.10.2:
   version "1.10.2"
   resolved "https://registry.yarnpkg.com/yaml/-/yaml-1.10.2.tgz#2301c5ffbf12b467de8da2333a459e29e7920e4b"
   integrity sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==
 
+yaml@^2.0.0:
+  version "2.4.1"
+  resolved "https://registry.yarnpkg.com/yaml/-/yaml-2.4.1.tgz#2e57e0b5e995292c25c75d2658f0664765210eed"
+  integrity sha512-pIXzoImaqmfOrL7teGUBt/T7ZDnyeGBWyXQBvOVhLkWLN37GXv8NMLK406UY6dS51JfcQHsmcW5cJ441bHg6Lg==
+
 yargs-parser@^21.1.1:
   version "21.1.1"
   resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-21.1.1.tgz#9096bceebf990d21bb31fa9516e0ede294a77d35"

From f6c17b0e16c5ba60d2735a0ec6f358076970b2ca Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Fri, 10 May 2024 11:55:57 +0100
Subject: [PATCH 02/98] =?UTF-8?q?=CB=98Localization:=20Added=203=20pilot?=
 =?UTF-8?q?=20pages?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/content/es/pages/antitracker.md         | 16 +++++++--------
 src/content/es/pages/transparency-report.md | 12 +++++------
 src/content/es/pages/what-is-vpn.md         | 22 ++++++++++-----------
 3 files changed, 25 insertions(+), 25 deletions(-)

diff --git a/src/content/es/pages/antitracker.md b/src/content/es/pages/antitracker.md
index d7587a254..a47423d84 100644
--- a/src/content/es/pages/antitracker.md
+++ b/src/content/es/pages/antitracker.md
@@ -1,24 +1,24 @@
 ---
-title: VPN with Ad block and Anti-Tracking
-description: Increase your privacy protection by using IVPN with built-in tracking protection. We block requests from advertising and data harvesting companies to make your browsing experience lighter and more private.
+title: VPN con bloqueo de anuncios y antiseguimiento
+description: Aumente su protección y privacidad utilizando IVPN con protección de seguimiento incorporada. Bloqueamos solicitudes de empresas de publicidad y recopilación de datos para que su experiencia de navegación sea más ligera y privada.
 url: /antitracker/
 ---
 # AntiTracker
 
-AntiTracker is a built-in tool for IVPN apps that blocks ads, web trackers, adware and malware. It prevents snooping on your activities by social networks, data brokers and marketers. This provides additional privacy protection on top of the regular VPN benefits gained by using IVPN.
+AntiTracker es una herramienta integrada para aplicaciones IVPN que bloquea anuncios, rastreadores web, adware y malware. Evita que las redes sociales, los intermediarios de datos y los especialistas en marketing espíen sus actividades. Esto proporciona protección de privacidad adicional además de los beneficios de VPN habituales que se obtienen al utilizar IVPN.
 
-Most websites and apps either run ads or pass on user data to third parties, enabling companies to build a detailed profile of your preferences. Besides profiting from ads, site operators might get paid by the third parties for valuable information about your behavior.
+La mayoría de los sitios web y aplicaciones publican anuncios o transmiten datos de usuario a terceros, lo que permite a las empresas crear un perfil detallado de sus preferencias. Además de beneficiarse de los anuncios, los operadores del sitio pueden recibir pagos de terceros por información valiosa sobre su comportamiento.
 
 {{< figure class="features__image--light" src="/images-static/uploads/what-is-a-vpn-3-rd-party-trackers.svg" alt="What is a VPN - 3-rd party trackers" >}}
 {{< figure class="features__image--dark" src="/images-static/uploads/what-is-a-vpn-3-rd-party-trackers-dark.svg" alt="What is a VPN - 3-rd party trackers" >}}
 
-With AntiTracker enabled in the IVPN apps, network connection requests by third-party trackers are stopped. This prevents companies from profiling you based on the actions you have taken in a browser or in apps. Since AntiTracker blocks advertising services, they won't collect your personal information, and ads targeted to you won’t follow you around.
+Con AntiTracker habilitado en las aplicaciones IVPN, se detienen las solicitudes de conexión de red realizadas por rastreadores de terceros. Esto evita que las empresas le creen un perfil en función de las acciones que ha realizado en un navegador o en las aplicaciones. Dado que AntiTracker bloquea los servicios de publicidad, no recopilarán su información personal y los anuncios dirigidos a usted no le seguirán.
 
-For stronger protection against the leaders of the surveillance economy, you can also block domains for Facebook and Google services by enabling AntiTracker's Hardcore mode.
+Para una mayor protección contra los líderes de la economía de la vigilancia, también puede bloquear dominios para los servicios de Facebook y Google habilitando el modo Hardcore de AntiTracker.
 
 {{< figure class="features__image--light" src="/images-static/uploads/what-is-a-vpn-antitracker.svg" alt="What is a VPN - Antitracker" >}}
 {{< figure class="features__image--dark" src="/images-static/uploads/what-is-a-vpn-antitracker-dark.svg" alt="What is a VPN - Antitracker" >}}
 
-Each IVPN plan includes AntiTracker, it works on every device supported by our service and uses a selection of continuously updated [block lists](/knowledgebase/general/antitracker-plus-lists-explained/).
+Cada plan IVPN incluye AntiTracker, funciona en todos los dispositivos compatibles con nuestro servicio y utiliza una selección de [listas de bloqueo](/knowledgebase/general/antitracker-plus-lists-explained/) actualizadas continuamente .
 
-To learn more about IVPN’s AntiTracker visit our dedicated [FAQ](/knowledgebase/general/antitracker-faq/). 
+Para obtener más información sobre AntiTracker de IVPN, visite nuestras [Preguntas frecuentes](/knowledgebase/general/antitracker-faq/). 
diff --git a/src/content/es/pages/transparency-report.md b/src/content/es/pages/transparency-report.md
index 560087098..8ddfe4cb5 100644
--- a/src/content/es/pages/transparency-report.md
+++ b/src/content/es/pages/transparency-report.md
@@ -1,15 +1,15 @@
 ---
-title: IVPN Transparency report
-description: Its important our customers fully understand what private information we collect, store and process. Read our clear and simple policy to get the facts you need.
+title: Informe de transparencia de IVPN
+description: Es importante que nuestros clientes comprendan completamente qué información privada recopilamos, almacenamos y procesamos. Lea nuestra política clara y sencilla para obtener la información que necesita.
 url: /transparency-report/
 ---
-# Transparency Report
+# Informe de transparencia
 
-The table below shows the number of valid legal requests received from government or law enforcement agencies.
+La siguiente tabla muestra la cantidad de solicitudes legales válidas recibidas del gobierno o agencias encargadas de hacer cumplir la ley.
 
-For more information about how requests are processed please see the [legal process guidelines for law enforcement](/legal-process-guidelines/).
+Para obtener más información sobre cómo se procesan las solicitudes, consulte las [directrices de proceso legal para el cumplimiento de la ley](/legal-process-guidelines/).
 
-|   | # Requests received | # Valid requests received | # Valid requests received where data was provided |
+|   | # Solicitudes recibidas| # Solicitudes válidas recibidas | # Solicitudes válidas recibidas donde se proporcionaron datos |
 |---|---|---|---|
 | 2024 | 6 | 0 | 0 |
 | 2023 | 2 | 0 | 0 |
diff --git a/src/content/es/pages/what-is-vpn.md b/src/content/es/pages/what-is-vpn.md
index 871bb5821..c1684b209 100644
--- a/src/content/es/pages/what-is-vpn.md
+++ b/src/content/es/pages/what-is-vpn.md
@@ -1,28 +1,28 @@
 ---
-title: What is a VPN?
-description: What is a VPN? A VPN or Virtual Private Network encrypts data sent between computers on the Internet. When using a VPN for privacy, your data is encrypted so your ISP or mobile network provider cannot surveil your internet activity.
+title: ¿Qué es una VPN?
+description: ¿Qué es una VPN? Una VPN o red privada virtual cifra los datos enviados entre computadoras en Internet. Cuando utiliza una VPN por motivos de privacidad, sus datos se cifran para que su ISP o proveedor de red móvil no pueda monitorear su actividad en Internet.
 url: /what-is-a-vpn/
 ---
-# What is a VPN?
+# ¿Qué es una VPN?
 
-A VPN or Virtual Private Network encrypts data sent between computers on the Internet. When using a VPN for privacy, your data is encrypted so your ISP or mobile network provider cannot surveil your internet activity.
+Una VPN o red privada virtual cifra los datos enviados entre computadoras en Internet. Cuando utiliza una VPN por motivos de privacidad, sus datos se cifran para que su ISP o proveedor de red móvil no pueda monitorear su actividad en Internet.
 
-### Alice’s ISP can track every site she visits, and so can yours.
+### El ISP de Alice puede rastrear cada sitio que visita, y el suyo también.
 
 {{< figure class="features__image--light" src="/images-static/uploads/what-is-a-vpn-alice.svg" alt="What is a VPN - Alice ISP" >}}
 {{< figure class="features__image--dark" src="/images-static/uploads/what-is-a-vpn-alice-dark.svg" alt="What is a VPN - Alice ISP" >}}
 
-Without a VPN you connect to the internet through your internet service provider (ISP) and risk exposing your private Internet activity. If you are not using HTTPS then every site you visit, and the content that you view or download, can be tracked by your ISP. It's like sending confidential messages using postcards except that unlike your post office, your ISP can record and store every message with almost zero effort and cost. Even if you are using HTTPS, the IP address or domain being visited can still be tracked by the ISP. 
+Sin una VPN, se conecta a Internet a través de su proveedor de servicios de Internet (ISP) y corre el riesgo de exponer su actividad privada en Internet. Si no utiliza HTTPS, su ISP puede rastrear cada sitio que visite y el contenido que vea o descargue. Es como enviar mensajes confidenciales mediante postales, excepto que, a diferencia de su oficina de correos, su ISP puede grabar y almacenar cada mensaje con casi cero esfuerzo y costo. Incluso si utiliza HTTPS, el ISP aún puede rastrear la dirección IP o el dominio que se está visitando.
 
-Even on public Wi-Fi, your data can be intercepted by eavesdroppers or hackers. Your activity or personal data may be intercepted without your knowledge, leaving you exposed.
+Incluso en redes Wi-Fi públicas, sus datos pueden ser interceptados por espías o piratas informáticos. Su actividad o sus datos personales pueden ser interceptados sin su conocimiento, dejándolo expuesto.
 
-Take a look at Alice’s case, as shown in the diagram. Her traffic is flowing through the ISP without any encryption, and so her ISP is able to record exactly where she is connected. In addition, the servers she is connected to also log her private IP address, affording her no privacy.
+Eche un vistazo al caso de Alice, como se muestra en el diagrama. Su tráfico fluye a través del ISP sin ningún cifrado, por lo que su ISP puede registrar exactamente dónde está conectada. Además, los servidores a los que está conectada también registran su dirección IP privada, lo que no le brinda privacidad.
 
-### Bob uses IVPN to protect his privacy instead.
+### Bob usa IVPN para proteger su privacidad.
 
 {{< figure class="features__image--light" src="/images-static/uploads/what-is-a-vpn-bob-ivpn.svg" alt="What is a VPN - Bob IVPN" >}}
 {{< figure class="features__image--dark" src="/images-static/uploads/what-is-a-vpn-bob-ivpn-dark.svg" alt="What is a VPN - Bob IVPN" >}}
 
-With IVPN, you first connect to one of our secure servers through your ISP. Once connected, all of your online activity is encrypted and cannot be monitored or logged by your ISP. In addition, your data is protected from eavesdroppers or hackers positioned between your computer and ISP.
+Con IVPN, primero se conecta a uno de nuestros servidores seguros a través de tu ISP. Una vez conectado, toda su actividad en línea está cifrada y su ISP no puede monitorearla ni registrarla. Además, sus datos están protegidos contra espías o piratas informáticos ubicados entre su computadora y el ISP.
 
-In Bob’s case, he is connected to an IVPN server and therefore all traffic going through his ISP is encrypted. The ISP can only record that Bob is connected to an IVPN server, nothing else. The servers he is connected to see only that the IVPN server is connected to them and therefore can only record the IP address of the IVPN server in their logs. The best VPN services will diligently ensure that they do not log any user connection data, ensuring their customers' privacy.
+En el caso de Bob, está conectado a un servidor IVPN y, por tanto, todo el tráfico que pasa por su ISP está cifrado. El ISP sólo puede registrar que Bob está conectado a un servidor IVPN, nada más. Los servidores a los que está conectado solo ven que el servidor IVPN está conectado a ellos y, por lo tanto, solo pueden registrar la dirección IP del servidor IVPN en sus registros. Los mejores servicios de VPN se asegurarán diligentemente de no registrar ningún dato de conexión del usuario, garantizando la privacidad de sus clientes.
\ No newline at end of file

From 8550d0624223d8504457870febc931bb7276f03c Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Mon, 13 May 2024 19:40:22 +0100
Subject: [PATCH 03/98] Localization: Added team page

---
 src/content/es/pages/team.md | 48 ++++++++++++++++++------------------
 1 file changed, 24 insertions(+), 24 deletions(-)

diff --git a/src/content/es/pages/team.md b/src/content/es/pages/team.md
index a9a9fb4af..291ef55f0 100644
--- a/src/content/es/pages/team.md
+++ b/src/content/es/pages/team.md
@@ -1,101 +1,101 @@
 ---
-title: IVPN Team
+title: Equipo IVPN
 url: /team/
 sections:
   - type: heading_text_cta_one_column
     content: >-
-      # Who is behind IVPN?
+      # ¿Quién está detrás de IVPN?
 
-      IVPN is run by a team of information security experts and privacy activists. The founding team is a group of security professionals who met whilst studying information security at the University of London, UK (Royal Holloway). IVPN has been around since 2009, far longer than most VPN services.
-    cta_label: Our Manifesto
+       IVPN está dirigido por un equipo de expertos en seguridad de la información y activistas de la privacidad. El equipo fundador es un grupo de profesionales de la seguridad que se conocieron mientras estudiaban seguridad de la información en la Universidad de Londres, Reino Unido (Royal Holloway). IVPN existe desde 2009, mucho más tiempo que la mayoría de los servicios VPN.
+    cta_label: Nuestro Manifesto
     cta_url: /manifesto/
   - type: image_full_width
     image: /images-static/uploads/team.png
     image_retina: /images-static/uploads/team-2x.png
     image_alt_text: IVPN Team
   - type: heading_text_one_column
-    content: "## What we believe"
+    content: "## En qué creemos"
   - type: text_two_column
     content_column_1: >-
-      #### Privacy is necessary for personal autonomy
+      #### La privacidad es necesaria para la autonomía personal
 
 
-      We believe privacy is a necessary precondition for the development and preservation of the self. The power to selectively reveal oneself to the world is under attack from governments and corporations. We are fighting back.
+      Creemos que la privacidad es una condición previa necesaria para el desarrollo y la preservación de uno mismo. El poder de revelarse selectivamente al mundo está siendo atacado por gobiernos y corporaciones. Estamos contraatacando.
     content_column_2: >-
-      #### Freedom is necessary for an open society
+      #### La libertad es necesaria para una sociedad abierta
 
 
-      We believe you have the right to freedom of opinion and expression online without interference or surveillance. Freedom leads to enhanced expressions of creativity and original thought. We are determined to protect this right.
+      Creemos que usted tiene derecho a la libertad de opinión y expresión en línea sin interferencias ni vigilancia. La libertad conduce a expresiones mejoradas de creatividad y pensamiento original. Estamos decididos a proteger este derecho.
   - type: text_two_column
     content_column_1: >-
-      #### Surveillance can not be the answer
+      #### La vigilancia no puede ser la respuesta
 
 
-      Advanced surveillance tools like device monitoring and facial recognition technologies are being deployed at a rapid pace. We refuse to accept that these tools are necessary for a safe society and call on governments to roll back their use.
+      Se están implementando a un ritmo rápido herramientas de vigilancia avanzadas, como el monitoreo de dispositivos y las tecnologías de reconocimiento facial. Nos negamos a aceptar que estas herramientas sean necesarias para una sociedad segura y pedimos a los gobiernos que reduzcan su uso.
     content_column_2: >-
-      #### Privacy requires strong security
+      #### La privacidad requiere una seguridad sólida
 
 
-      We need tools enabled by strong encryption to protect ourselves against hostile adversaries. With the right set of protections we can once again control what we share with those we don’t know and can’t trust.
+      Necesitamos herramientas habilitadas con un cifrado sólido para protegernos contra adversarios hostiles. Con el conjunto adecuado de protecciones podemos volver a controlar lo que compartimos con aquellos que no conocemos y en los que no podemos confiar.
   - type: lead_text_one_column
-    content: Our current team is fully distributed, with 10 people from 7 countries.
+    content: Nuestro equipo actual está completamente distribuido, con 10 personas de 7 países.
   - type: team_three_column
     members:
       - image: /images-static/uploads/team-nick.png
         image_retina: /images-static/uploads/team-nick-2x.png
         name: Nicholas Pestell
-        description: Nick is founder and CEO of IVPN and 100% owner of IVPN Limited, the company through which the IVPN service is operated. Nick brings considerable expertise in risk management and security testing whilst working for Royal Bank of Scotland, Network Rail and ABN AMRO Bank.
+        description: Nick es fundador y director ejecutivo de IVPN y propietario 100% de IVPN Limited, la empresa a través de la cual se opera el servicio IVPN. Nick aporta una considerable experiencia en gestión de riesgos y pruebas de seguridad mientras trabaja para Royal Bank of Scotland, Network Rail y ABN AMRO Bank.
         linkedin: https://www.linkedin.com/in/nick-pestell/
         github: https://github.com/cipheromega
       - image: /images-static/uploads/team-edward.png
         image_retina: /images-static/uploads/team-edward-2x.png
         name: Eduard De
-        description: As the leader of our customer service department, Edward is responsible for making sure all customer inquiries are dealt with in a swift and professional manner, no matter when they come through.
+        description: Como líder de nuestro departamento de atención al cliente, Edward es responsable de garantizar que todas las consultas de los clientes se atiendan de manera rápida y profesional, sin importar cuándo lleguen.
         linkedin: https://www.linkedin.com/in/edward-de-91793b163/
         github: 
       - image: /images-static/uploads/team-avatar.png
         image_retina: /images-static/uploads/team-avatar.png
         name: Iain Douglas
-        description: With over 20 years' experience working with Unix and Linux, Iain knows a thing or two. He manages the team responsible for ensuring the security and availability of our public VPN infrastructure.
+        description: Con más de 20 años de experiencia trabajando con Unix y Linux, Iain sabe un par de cosas. Dirige el equipo responsable de garantizar la seguridad y disponibilidad de nuestra infraestructura VPN pública.
         github: https://github.com/Iain-ivpn
       - image: /images-static/uploads/team-gorka.png
         image_retina: /images-static/uploads/team-gorka-2x.png
         name: Gorka Pernas
-        description: After gathering a decade of experience in quality assurance-related roles at technology firms, Gorka now applies his knowledge in helping the IVPN team ship bug-free apps and making sure you suffer no privacy leaks.
+        description: Después de acumular una década de experiencia en funciones relacionadas con el control de calidad en empresas de tecnología, Gorka ahora aplica sus conocimientos para ayudar al equipo de IVPN a enviar aplicaciones sin errores y asegurarse de que no sufra fugas de privacidad.
         linkedin: https://www.linkedin.com/in/gorkapernas/
         github: https://github.com/gorkapernas
       - image: /images-static/uploads/nathan.png
         image_retina: /images-static/uploads/nathan.png
         name: Natanael Rodriguez
-        description: With over 15 years of experience in software development, Nathan now uses his skills to tackle all backend related projects at IVPN.
+        description: Con más de 15 años de experiencia en desarrollo de software, Nathan ahora utiliza sus habilidades para abordar todos los proyectos relacionados con backend en IVPN.
         github: https://github.com/nathanrod
       - image: /images-static/uploads/team-juraj.png
         image_retina: /images-static/uploads/team-juraj-2x.png
         name: Juraj Hilje
-        description: As an unapologetic Apple fan and believer in smooth user experience, it was a natural choice for Juraj to get into iOS development a decade ago. Now he's obsessed with building the best VPN app available on the App Store.
+        description: Como fanático incondicional de Apple y creyente en una experiencia de usuario fluida, fue una elección natural para Juraj ingresar al desarrollo de iOS hace una década. Ahora está obsesionado con crear la mejor aplicación VPN disponible en la App Store.
         github: https://github.com/jurajhilje
       - image: /images-static/uploads/team-stenya.png
         image_retina: /images-static/uploads/team-stenya-2x.png
         name: Oleksandr Stelnykovych
-        description: Stenya has more than 15 years of experience as a software developer in various roles. At IVPN, he is working on building the best VPN applications for Windows and macOS desktops.
+        description: Stenya tiene más de 15 años de experiencia como desarrollador de software en diversos roles. En IVPN, está trabajando en la creación de las mejores aplicaciones VPN para escritorios Windows y macOS.
         linkedin: https://www.linkedin.com/in/alexandrstelnykovych/
         github: https://github.com/stenya
       - image: /images-static/uploads/team-jordan.png
         image_retina: /images-static/uploads/team-jordan-2x.png
         name: Jordan Sullivan
-        description: As a customer service shift leader for the Americas, Jordan uses his problem solving-based technical support skills to help anyone in need of clear and patient assistance.
+        description: Como líder de turno de servicio al cliente para las Américas, Jordan utiliza sus habilidades de soporte técnico basadas en la resolución de problemas para ayudar a cualquiera que necesite una asistencia clara y paciente.
         linkedin: 
         github: https://github.com/jordan-ivpn
       - image: /images-static/uploads/team-marina.png
         image_retina: /images-static/uploads/team-marina-2x.png
         name: Marina Tretiakova
-        description: As finance specialist, Marina not only ensures that IVPN's books are in order, but she is also responsible for developing business processes, performing internal controls and ensuring statutory compliance.
+        description: Como especialista en finanzas, Marina no sólo garantiza que los libros del IVPN estén en orden, sino que también es responsable de desarrollar los procesos de negocio, realizar controles internos y garantizar el cumplimiento de las leyes.
         linkedin: https://www.linkedin.com/in/marina-radionova-64800135/
         github: 
       - image: /images-static/uploads/team-viktor.png
         image_retina: /images-static/uploads/team-viktor-2x.png
         name: Viktor Vecsei
-        description: A reformed marketing professional, Viktor has become a fervent privacy advocate since joining IVPN. He is responsible for all communication and outreach efforts that spread the word about IVPN’s mission.
+        description: Viktor, un profesional de marketing reformado, se ha convertido en un ferviente defensor de la privacidad desde que se unió a IVPN. Es responsable de todos los esfuerzos de comunicación y divulgación que difunden la misión de IVPN.
         linkedin: https://www.linkedin.com/in/viktorvecsei/
         github: https://github.com/johnnyburnaway
 ---

From 577910a7085fd85575bfbe142fad14344354510f Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Tue, 14 May 2024 15:19:03 +0200
Subject: [PATCH 04/98] Update antitracker.md

---
 src/content/es/pages/antitracker.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/content/es/pages/antitracker.md b/src/content/es/pages/antitracker.md
index a47423d84..6b1b2d91e 100644
--- a/src/content/es/pages/antitracker.md
+++ b/src/content/es/pages/antitracker.md
@@ -5,16 +5,16 @@ url: /antitracker/
 ---
 # AntiTracker
 
-AntiTracker es una herramienta integrada para aplicaciones IVPN que bloquea anuncios, rastreadores web, adware y malware. Evita que las redes sociales, los intermediarios de datos y los especialistas en marketing espíen sus actividades. Esto proporciona protección de privacidad adicional además de los beneficios de VPN habituales que se obtienen al utilizar IVPN.
+AntiTracker es una herramienta integrada para las aplicaciones IVPN que bloquea anuncios, rastreadores web, adware y malware. Evita que las redes sociales, las empresas recopiladoras de datos y especialistas en marketing espíen tus actividades. Proporciona protección de privacidad adicional además de los beneficios VPN habituales que se obtienen al utilizar IVPN.
 
-La mayoría de los sitios web y aplicaciones publican anuncios o transmiten datos de usuario a terceros, lo que permite a las empresas crear un perfil detallado de sus preferencias. Además de beneficiarse de los anuncios, los operadores del sitio pueden recibir pagos de terceros por información valiosa sobre su comportamiento.
+La mayoría de las páginas web y aplicaciones utilizan anuncios o transmiten datos de usuario a terceros, lo que permite a las empresas crear un perfil detallado de tus preferencias. Además de beneficiarse de los anuncios, los operadores de las páginas web pueden recibir pagos de terceros para obtener información valiosa sobre tu comportamiento.
 
 {{< figure class="features__image--light" src="/images-static/uploads/what-is-a-vpn-3-rd-party-trackers.svg" alt="What is a VPN - 3-rd party trackers" >}}
 {{< figure class="features__image--dark" src="/images-static/uploads/what-is-a-vpn-3-rd-party-trackers-dark.svg" alt="What is a VPN - 3-rd party trackers" >}}
 
-Con AntiTracker habilitado en las aplicaciones IVPN, se detienen las solicitudes de conexión de red realizadas por rastreadores de terceros. Esto evita que las empresas le creen un perfil en función de las acciones que ha realizado en un navegador o en las aplicaciones. Dado que AntiTracker bloquea los servicios de publicidad, no recopilarán su información personal y los anuncios dirigidos a usted no le seguirán.
+Con AntiTracker habilitado en las aplicaciones IVPN, se detienen las peticiones de conexión de red realizadas por rastreadores, evitando que las empresas creen tu perfil en función de las acciones que hayas realizado en un navegador o en las aplicaciones. Dado que AntiTracker bloquea los servicios de publicidad, los rastreadores no recopilarán tu información personal y los anuncios dirigidos a ti no te seguiran.
 
-Para una mayor protección contra los líderes de la economía de la vigilancia, también puede bloquear dominios para los servicios de Facebook y Google habilitando el modo Hardcore de AntiTracker.
+Para una mayor protección contra los líderes de la economía de la vigilancia, también puedes bloquear dominios para los servicios de Facebook y Google habilitando el modo Hardcore de AntiTracker.
 
 {{< figure class="features__image--light" src="/images-static/uploads/what-is-a-vpn-antitracker.svg" alt="What is a VPN - Antitracker" >}}
 {{< figure class="features__image--dark" src="/images-static/uploads/what-is-a-vpn-antitracker-dark.svg" alt="What is a VPN - Antitracker" >}}

From acca7c4cbcac515c1cd85671c7e6288130565671 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Tue, 14 May 2024 15:22:37 +0200
Subject: [PATCH 05/98] Update antitracker.md

---
 src/content/es/pages/antitracker.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/content/es/pages/antitracker.md b/src/content/es/pages/antitracker.md
index 6b1b2d91e..1626c1af2 100644
--- a/src/content/es/pages/antitracker.md
+++ b/src/content/es/pages/antitracker.md
@@ -1,6 +1,6 @@
 ---
-title: VPN con bloqueo de anuncios y antiseguimiento
-description: Aumente su protección y privacidad utilizando IVPN con protección de seguimiento incorporada. Bloqueamos solicitudes de empresas de publicidad y recopilación de datos para que su experiencia de navegación sea más ligera y privada.
+title: VPN con bloqueo de anuncios y antirastreo
+description: Aumenta tu protección y privacidad utilizando IVPN con protección de rastreo incorporada. Bloqueamos peticiones de empresas de publicidad y recopiladoras de datos para que tu experiencia de navegación sea más ligera y privada.
 url: /antitracker/
 ---
 # AntiTracker

From aab35a862f688ded92bd8e7c85f4541a02b68c98 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Tue, 14 May 2024 20:47:00 +0100
Subject: [PATCH 06/98] Localization: Update hugo config

---
 src/config/_default/config.toml    | 20 ++++++++++++++++----
 src/config/_default/languages.toml | 11 -----------
 2 files changed, 16 insertions(+), 15 deletions(-)
 delete mode 100644 src/config/_default/languages.toml

diff --git a/src/config/_default/config.toml b/src/config/_default/config.toml
index 5fb6fde6c..c13ea488e 100644
--- a/src/config/_default/config.toml
+++ b/src/config/_default/config.toml
@@ -1,18 +1,30 @@
-baseURL = "https://www.ivpn.net"
-languageCode = "en-us"
+baseURL = "https://www.ivpn.net" 
 title = "IVPN"
 theme = "ivpn-v3"
 paginate = 8
 summaryLength = 35
 disableKinds = ["sitemap", "taxonomy"]
-defaultContentLanguage = 'en'
-defaultContentLanguageInSubdir = true
 pygmentsUseClasses=true
 pygmentsCodefencesGuessSyntax=true
 pygmentsCodefences=true
 pygmentsStyle="monokai"
 pygmentsOptions="noclasses=false"
 
+DefaultContentLanguage = "en"
+defaultContentLanguageInSubdir = true
+
+[languages]
+  [languages.en]
+    languageCode = "en"
+    contentDir = 'content/en'
+    languageName = 'English'
+    weight = 1
+  [languages.es]
+    languageCode = "es"
+    contentDir = 'content/es'
+    languageName = 'Español'
+    weight = 2
+
 [markup.goldmark.renderer]
     unsafe= true
 
diff --git a/src/config/_default/languages.toml b/src/config/_default/languages.toml
deleted file mode 100644
index 2a379adfd..000000000
--- a/src/config/_default/languages.toml
+++ /dev/null
@@ -1,11 +0,0 @@
-[en]
-contentDir = "content/en"
-languageName = "English"
-languageCode = "en"
-weight = 1
-
-[es]
-contentDir = "content/es"
-languageName = "Spanish"
-languageCode = "es"
-weight = 2
\ No newline at end of file

From 4bddfef5879cf600490d74146c43ee5b5e1403a0 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Tue, 14 May 2024 20:48:33 +0100
Subject: [PATCH 07/98] Localization: Update hugo config

---
 nginx.conf | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/nginx.conf b/nginx.conf
index efab49f0d..8947b6fb0 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -27,17 +27,25 @@ server {
         add_header Content-Type application/json;
     }
 
+    location ^~ /en/(.*){
+        try_files /en/$uri/ $uri/index.html =404;
+    }
+
+    location ^~ /es/(.*) {
+        try_files /es/$uri/ $uri/index.html =404;
+    }
+
     # This will try to load index.html file if
     # requested without a trailing slash
-    location ~ ^/ {
-        try_files $uri $uri/index.html  =404;
-    }
+    #location ~ ^/ {
+    #    try_files $uri $uri/index.html  =404;
+    #}
 
     # Error 404 page
-    error_page 404 /404.html;
+    #error_page 404 /404.html;
     location = /404.html {
         root /var/www/static;
-        internal;
+       internal;
     }
 
     error_log /var/log/nginx/error.log;

From 5e80b677929628db2fc9c49313976e460956a19a Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Tue, 14 May 2024 20:49:01 +0100
Subject: [PATCH 08/98] Localization: Update hugo config

---
 Dockerfile.bak | 20 +++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

diff --git a/Dockerfile.bak b/Dockerfile.bak
index 74f89f4b8..6539045de 100644
--- a/Dockerfile.bak
+++ b/Dockerfile.bak
@@ -1,8 +1,8 @@
 FROM nginx:1.18 AS builder
 
 ARG ENV=production
-ARG BASE_URL=http://localhost:8001
-ARG API_URL=http://localhost:8001
+ARG BASE_URL=http://localhost:8010/
+ARG API_URL=http://localhost:8010/
 ARG PAYPAL_CLIENT_ID=Ae94bviH2d45LcrM1nnnUcIDuJNb2NZgR_-3GKoJS1krkkNiInSl9V-SHMLvpPd1V8P9-yDRNoWBWK44
 
 WORKDIR /opt/build
@@ -11,10 +11,11 @@ WORKDIR /opt/build
 RUN apt-get update  \
     && apt-get install -y gnupg gnupg2 gnupg1 \
     && curl -sL https://deb.nodesource.com/setup_16.x | bash - \
+    && curl -sL https://deb.nodesource.com/setup_16.x | bash - \
     && apt-get install -y nodejs \
     && apt-get update \
     && npm install --global yarn \
-    && curl -L  https://github.com/gohugoio/hugo/releases/download/v0.76.3/hugo_0.76.3_Linux-64bit.deb -o /tmp/hugo.deb \
+    && curl -L  https://github.com/gohugoio/hugo/releases/download/v0.125.3/hugo_0.125.3_linux-amd64.deb -o /tmp/hugo.deb \
     && dpkg -i /tmp/hugo.deb \
     && rm /tmp/hugo.deb
 
@@ -31,11 +32,20 @@ RUN yarn --cwd ./src/themes/ivpn-v3/ run copy:manifest
 RUN sed -E -e 's/^layout:(.*)$/layout: mobile-app/' \
      -e 's/^url:(.*)$/url: \/privacy-mobile-app\//' \
      -e 's/^canonical:(.*)$/canonical: \/privacy\//' \
-   ./src/content/pages/privacy-policy.md > ./src/content/pages/privacy-policy-mobile.md \
+   ./src/content/en/pages/privacy-policy.md > ./src/content/en/pages/privacy-policy-mobile.md \
+   && sed -E -e 's/^layout:(.*)$/layout: mobile-app/' \
+     -e 's/^url:(.*)$/url: \/tos-mobile-app\//' \
+     -e 's/^canonical:(.*)$/canonical: \/tos\//' \
+   ./src/content/en/pages/terms-of-service.md > ./src/content/en/pages/terms-of-service-mobile.md
+
+RUN sed -E -e 's/^layout:(.*)$/layout: mobile-app/' \
+     -e 's/^url:(.*)$/url: \/privacy-mobile-app\//' \
+     -e 's/^canonical:(.*)$/canonical: \/privacy\//' \
+   ./src/content/es/pages/privacy-policy.md > ./src/content/es/pages/privacy-policy-mobile.md \
    && sed -E -e 's/^layout:(.*)$/layout: mobile-app/' \
      -e 's/^url:(.*)$/url: \/tos-mobile-app\//' \
      -e 's/^canonical:(.*)$/canonical: \/tos\//' \
-   ./src/content/pages/terms-of-service.md > ./src/content/pages/terms-of-service-mobile.md
+   ./src/content/es/pages/terms-of-service.md > ./src/content/es/pages/terms-of-service-mobile.md 
 
 RUN hugo -s ./src -b ${BASE_URL} --environment $ENV -d /opt/build/public
 

From 036045dd5bee108b8122b5bc94290238bcfe6c02 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Wed, 15 May 2024 20:23:03 +0100
Subject: [PATCH 09/98] Localization: Fix pilot pages urls

---
 Dockerfile                                  |  1 -
 nginx.conf                                  | 14 +++-----------
 src/content/en/pages/antitracker.md         |  2 +-
 src/content/en/pages/home.md                |  2 +-
 src/content/en/pages/team.md                |  2 +-
 src/content/en/pages/test.md                |  6 ++++++
 src/content/en/pages/transparency-report.md |  2 +-
 src/content/en/pages/what-is-vpn.md         |  2 +-
 src/content/es/pages/antitracker.md         |  2 +-
 src/content/es/pages/home.md                |  2 +-
 src/content/es/pages/team.md                |  2 +-
 src/content/es/pages/test.md                |  6 ++++++
 src/content/es/pages/transparency-report.md |  2 +-
 src/content/es/pages/what-is-vpn.md         |  2 +-
 14 files changed, 25 insertions(+), 22 deletions(-)
 create mode 100644 src/content/en/pages/test.md
 create mode 100644 src/content/es/pages/test.md

diff --git a/Dockerfile b/Dockerfile
index 6028ab5ac..ae9ccaf7b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -11,7 +11,6 @@ WORKDIR /opt/build
 RUN apt-get update  \
     && apt-get install -y gnupg gnupg2 gnupg1 \
     && curl -sL https://deb.nodesource.com/setup_16.x | bash - \
-    && curl -sL https://deb.nodesource.com/setup_16.x | bash - \
     && apt-get install -y nodejs \
     && apt-get update \
     && npm install --global yarn \
diff --git a/nginx.conf b/nginx.conf
index 8947b6fb0..c4d14fbb9 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -27,19 +27,11 @@ server {
         add_header Content-Type application/json;
     }
 
-    location ^~ /en/(.*){
-        try_files /en/$uri/ $uri/index.html =404;
-    }
-
-    location ^~ /es/(.*) {
-        try_files /es/$uri/ $uri/index.html =404;
-    }
-
     # This will try to load index.html file if
     # requested without a trailing slash
-    #location ~ ^/ {
-    #    try_files $uri $uri/index.html  =404;
-    #}
+    location ~ ^/ {
+        try_files $uri $uri/index.html  =404;
+    }
 
     # Error 404 page
     #error_page 404 /404.html;
diff --git a/src/content/en/pages/antitracker.md b/src/content/en/pages/antitracker.md
index d7587a254..ca823d6ab 100644
--- a/src/content/en/pages/antitracker.md
+++ b/src/content/en/pages/antitracker.md
@@ -1,7 +1,7 @@
 ---
 title: VPN with Ad block and Anti-Tracking
 description: Increase your privacy protection by using IVPN with built-in tracking protection. We block requests from advertising and data harvesting companies to make your browsing experience lighter and more private.
-url: /antitracker/
+url: antitracker/
 ---
 # AntiTracker
 
diff --git a/src/content/en/pages/home.md b/src/content/en/pages/home.md
index 6b890163a..d4001e624 100644
--- a/src/content/en/pages/home.md
+++ b/src/content/en/pages/home.md
@@ -1,7 +1,7 @@
 ---
 title: VPN for Privacy & Security | IVPN | Resist Online Surveillance
 description: Audited, open-source VPN service with WireGuard, killswitch and tracker blocker. No logs, no false promises. Anonymous signup with 30 day money back guarantee.
-url: /
+url: /en/
 isMenuCta: false
 hasSeperator: false
 sections:
diff --git a/src/content/en/pages/team.md b/src/content/en/pages/team.md
index a9a9fb4af..4d24f162c 100644
--- a/src/content/en/pages/team.md
+++ b/src/content/en/pages/team.md
@@ -1,6 +1,6 @@
 ---
 title: IVPN Team
-url: /team/
+url: team/
 sections:
   - type: heading_text_cta_one_column
     content: >-
diff --git a/src/content/en/pages/test.md b/src/content/en/pages/test.md
new file mode 100644
index 000000000..4a5b275d8
--- /dev/null
+++ b/src/content/en/pages/test.md
@@ -0,0 +1,6 @@
+---
+title: "Test"
+date: 2024-05-15T17:05:28+01:00
+url: /test/
+---
+
diff --git a/src/content/en/pages/transparency-report.md b/src/content/en/pages/transparency-report.md
index a9dae33e4..92e79cfc6 100644
--- a/src/content/en/pages/transparency-report.md
+++ b/src/content/en/pages/transparency-report.md
@@ -1,7 +1,7 @@
 ---
 title: IVPN Transparency report
 description: Its important our customers fully understand what private information we collect, store and process. Read our clear and simple policy to get the facts you need.
-url: /transparency-report/
+url: transparency-report/
 ---
 # Transparency Report
 
diff --git a/src/content/en/pages/what-is-vpn.md b/src/content/en/pages/what-is-vpn.md
index 871bb5821..00fe92a97 100644
--- a/src/content/en/pages/what-is-vpn.md
+++ b/src/content/en/pages/what-is-vpn.md
@@ -1,7 +1,7 @@
 ---
 title: What is a VPN?
 description: What is a VPN? A VPN or Virtual Private Network encrypts data sent between computers on the Internet. When using a VPN for privacy, your data is encrypted so your ISP or mobile network provider cannot surveil your internet activity.
-url: /what-is-a-vpn/
+url: what-is-a-vpn/
 ---
 # What is a VPN?
 
diff --git a/src/content/es/pages/antitracker.md b/src/content/es/pages/antitracker.md
index 1626c1af2..365cc4f39 100644
--- a/src/content/es/pages/antitracker.md
+++ b/src/content/es/pages/antitracker.md
@@ -1,7 +1,7 @@
 ---
 title: VPN con bloqueo de anuncios y antirastreo
 description: Aumenta tu protección y privacidad utilizando IVPN con protección de rastreo incorporada. Bloqueamos peticiones de empresas de publicidad y recopiladoras de datos para que tu experiencia de navegación sea más ligera y privada.
-url: /antitracker/
+url: antitracker/
 ---
 # AntiTracker
 
diff --git a/src/content/es/pages/home.md b/src/content/es/pages/home.md
index 2c50775df..9001f5594 100644
--- a/src/content/es/pages/home.md
+++ b/src/content/es/pages/home.md
@@ -1,7 +1,7 @@
 ---
 title: VPN for Privacy & Security | IVPN | Resist Online Surveillance
 description: Audited, open-source VPN service with WireGuard, killswitch and tracker blocker. No logs, no false promises. Anonymous signup with 30 day money back guarantee.
-url: /
+url: /es/
 isMenuCta: false
 hasSeperator: false
 sections:
diff --git a/src/content/es/pages/team.md b/src/content/es/pages/team.md
index 291ef55f0..656d2cec1 100644
--- a/src/content/es/pages/team.md
+++ b/src/content/es/pages/team.md
@@ -1,6 +1,6 @@
 ---
 title: Equipo IVPN
-url: /team/
+url: team/
 sections:
   - type: heading_text_cta_one_column
     content: >-
diff --git a/src/content/es/pages/test.md b/src/content/es/pages/test.md
new file mode 100644
index 000000000..c469370f0
--- /dev/null
+++ b/src/content/es/pages/test.md
@@ -0,0 +1,6 @@
+---
+title: "Test"
+date: 2024-05-15T17:05:34+01:00
+url: /test/
+---
+
diff --git a/src/content/es/pages/transparency-report.md b/src/content/es/pages/transparency-report.md
index 8ddfe4cb5..7c003c0a8 100644
--- a/src/content/es/pages/transparency-report.md
+++ b/src/content/es/pages/transparency-report.md
@@ -1,7 +1,7 @@
 ---
 title: Informe de transparencia de IVPN
 description: Es importante que nuestros clientes comprendan completamente qué información privada recopilamos, almacenamos y procesamos. Lea nuestra política clara y sencilla para obtener la información que necesita.
-url: /transparency-report/
+url: transparency-report/
 ---
 # Informe de transparencia
 
diff --git a/src/content/es/pages/what-is-vpn.md b/src/content/es/pages/what-is-vpn.md
index c1684b209..f4a466f0d 100644
--- a/src/content/es/pages/what-is-vpn.md
+++ b/src/content/es/pages/what-is-vpn.md
@@ -1,7 +1,7 @@
 ---
 title: ¿Qué es una VPN?
 description: ¿Qué es una VPN? Una VPN o red privada virtual cifra los datos enviados entre computadoras en Internet. Cuando utiliza una VPN por motivos de privacidad, sus datos se cifran para que su ISP o proveedor de red móvil no pueda monitorear su actividad en Internet.
-url: /what-is-a-vpn/
+url: what-is-a-vpn/
 ---
 # ¿Qué es una VPN?
 

From 718880ac9d609776502580098ff14ebe60a2f984 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Thu, 16 May 2024 11:12:14 +0100
Subject: [PATCH 10/98] Localization: Fix pilot pages urls

---
 src/config/_default/menus/menus.en.toml | 12 +++++--
 src/config/_default/menus/menus.es.toml | 48 ++++++++++++++-----------
 src/content/es/pages/what-is-vpn.md     |  8 ++---
 3 files changed, 40 insertions(+), 28 deletions(-)

diff --git a/src/config/_default/menus/menus.en.toml b/src/config/_default/menus/menus.en.toml
index 867f91f60..6b7299e2f 100644
--- a/src/config/_default/menus/menus.en.toml
+++ b/src/config/_default/menus/menus.en.toml
@@ -68,13 +68,13 @@
   [[footercolone]]
     identifier = "antitracker"
     name = "AntiTracker"
-    url = "/antitracker/"
+    url = "/en/antitracker/"
     weight = 20
 
   [[footercolone]]
     identifier = "what-is-a-vpn"
     name = "What is a VPN"
-    url = "/what-is-a-vpn/"
+    url = "/en/what-is-a-vpn/"
     weight = 40
   
   [[footercolone]]
@@ -83,6 +83,12 @@
     url = "/pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard/"
     weight = 70
 
+  [[footercolone]]
+    identifier = "change-language"
+    name = "Versión española"
+    url = "/es"
+    weight = 71
+
   [[footercoltwo]]
     identifier = "manifesto"
     name = "Our Manifesto"
@@ -98,7 +104,7 @@
   [[footercoltwo]]
     identifier = "transparency-report"
     name = "Transparency Report"
-    url = "/transparency-report/"
+    url = "/en/transparency-report/"
     weight = 30
 
   [[footercoltwo]]
diff --git a/src/config/_default/menus/menus.es.toml b/src/config/_default/menus/menus.es.toml
index 3063192b1..75a7eb16b 100644
--- a/src/config/_default/menus/menus.es.toml
+++ b/src/config/_default/menus/menus.es.toml
@@ -1,18 +1,18 @@
 [[main]]
     identifier = "team"
-    name = "Equipo"
+    name = "Team"
     url = "/team/"
     weight = 10
 
   [[main]]
     identifier = "ethics"
-    name = "Ética"
+    name = "Ethics"
     url = "/ethics/"
     weight = 20
   
   [[main]]
     identifier = "privacy"
-    name = "Privacidad"
+    name = "Privacy"
     url = "/privacy/"
     weight = 30
 
@@ -24,7 +24,7 @@
 
   [[main]]
     identifier = "prices"
-    name = "Precio"
+    name = "Pricing"
     url = "/pricing/"
     weight = 45
 
@@ -37,19 +37,19 @@
 
   [[main]]
     identifier = "guides"
-    name = "Guías"
+    name = "Guides"
     url = "/privacy-guides/"
     weight = 60
 
   [[main]]
     identifier = "help"
-    name = "Ayuda"
+    name = "Help"
     url = "/knowledgebase/general/"
     weight = 70
 
   [[footercolone]]
     identifier = "generate-account"
-    name = "Crear Cuenta"
+    name = "Generate Account"
     url = "/signup/"
     weight = 5
 
@@ -68,37 +68,43 @@
   [[footercolone]]
     identifier = "antitracker"
     name = "AntiTracker"
-    url = "/antitracker/"
+    url = "/es/antitracker/"
     weight = 20
 
   [[footercolone]]
     identifier = "what-is-a-vpn"
     name = "Qué es un VPN"
-    url = "/what-is-a-vpn/"
+    url = "/es/what-is-a-vpn/"
     weight = 40
   
   [[footercolone]]
     identifier = "pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard"
-    name = "Comparar Protocolos"
+    name = "Protocol Comparison"
     url = "/pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard/"
     weight = 70
 
+  [[footercolone]]
+    identifier = "change-language"
+    name = "English version"
+    url = "/en"
+    weight = 71
+
   [[footercoltwo]]
     identifier = "manifesto"
-    name = "Nuestro Manifiesto"
+    name = "Our Manifesto"
     url = "/manifesto/"
     weight = 10
 
   [[footercoltwo]]
     identifier = "status"
-    name = "Servidores"
+    name = "Servers"
     url = "/status/"
     weight = 20
 
   [[footercoltwo]]
     identifier = "transparency-report"
-    name = "Reporte de Transparencia"
-    url = "/transparency-report/"
+    name = "Informe de transparencia"
+    url = "/es/transparency-report/"
     weight = 30
 
   [[footercoltwo]]
@@ -109,43 +115,43 @@
   
   [[footercoltwo]]
     identifier = "supported-projects"
-    name = "Proyectos Soportados"
+    name = "Supported Projects"
     url = "/supported-projects/"
     weight = 50
   
   [[footercolthree]]
     identifier = "vulnerability-reporting"
-    name = "Reporte de Vulnerabilidades"
+    name = "Report Vulnerability"
     url = "/vulnerability-reporting/"
     weight = 10
 
   [[footercolthree]]
     identifier = "legal-process-guidelines"
-    name = "Guías Legales"
+    name = "Legal Guidelines"
     url = "/legal-process-guidelines/"
     weight = 20
   
   [[footercolthree]]
     identifier = "tos"
-    name = "Términos de Servicios"
+    name = "Terms of Service"
     url = "/tos/"
     weight = 30
 
   [[footercolthree]]
     identifier = "privacy-policy"
-    name = "Política de Privacidad"
+    name = "Privacy Policy"
     url = "/privacy/"
     weight = 50
 
   [[footercolthree]]
     identifier = "refund-policy"
-    name = "Política de reembolso"
+    name = "Refund Policy"
     url = "/refunds/"
     weight = 60
 
   [[footercolfour]]
     identifier = "contact"
-    name = "Contactar"
+    name = "Contact us"
     url = "/contactus/"
     weight = 10
 
diff --git a/src/content/es/pages/what-is-vpn.md b/src/content/es/pages/what-is-vpn.md
index f4a466f0d..c5c8d6464 100644
--- a/src/content/es/pages/what-is-vpn.md
+++ b/src/content/es/pages/what-is-vpn.md
@@ -5,18 +5,18 @@ url: what-is-a-vpn/
 ---
 # ¿Qué es una VPN?
 
-Una VPN o red privada virtual cifra los datos enviados entre computadoras en Internet. Cuando utiliza una VPN por motivos de privacidad, sus datos se cifran para que su ISP o proveedor de red móvil no pueda monitorear su actividad en Internet.
+Una VPN o red privada virtual cifra los datos enviados entre computadoras en Internet. Cuando utilizas una VPN por motivos de privacidad, tus datos se cifran para que tu ISP o proveedor de red móvil no pueda monitorear tu actividad en Internet.
 
 ### El ISP de Alice puede rastrear cada sitio que visita, y el suyo también.
 
 {{< figure class="features__image--light" src="/images-static/uploads/what-is-a-vpn-alice.svg" alt="What is a VPN - Alice ISP" >}}
 {{< figure class="features__image--dark" src="/images-static/uploads/what-is-a-vpn-alice-dark.svg" alt="What is a VPN - Alice ISP" >}}
 
-Sin una VPN, se conecta a Internet a través de su proveedor de servicios de Internet (ISP) y corre el riesgo de exponer su actividad privada en Internet. Si no utiliza HTTPS, su ISP puede rastrear cada sitio que visite y el contenido que vea o descargue. Es como enviar mensajes confidenciales mediante postales, excepto que, a diferencia de su oficina de correos, su ISP puede grabar y almacenar cada mensaje con casi cero esfuerzo y costo. Incluso si utiliza HTTPS, el ISP aún puede rastrear la dirección IP o el dominio que se está visitando.
+Sin una VPN, te conectas a Internet a través de tu proveedor de servicios de Internet (ISP) y corres el riesgo de exponer tu actividad privada en Internet. Si no utilizas HTTPS, tu ISP puede rastrear cada sitio que visites y el contenido que veas o descargues. Es como enviar mensajes confidenciales mediante postales, excepto que, a diferencia de su oficina de correos, tu ISP puede grabar y almacenar cada mensaje con casi cero esfuerzo y costo. Incluso si utilizas HTTPS, el ISP aún puede rastrear la dirección IP o el dominio que se está visitando.
 
-Incluso en redes Wi-Fi públicas, sus datos pueden ser interceptados por espías o piratas informáticos. Su actividad o sus datos personales pueden ser interceptados sin su conocimiento, dejándolo expuesto.
+Incluso en redes Wi-Fi públicas, tus datos pueden ser interceptados por espías o piratas informáticos. Tu actividad o tus datos personales pueden ser interceptados sin tu conocimiento, dejándolo expuesto.
 
-Eche un vistazo al caso de Alice, como se muestra en el diagrama. Su tráfico fluye a través del ISP sin ningún cifrado, por lo que su ISP puede registrar exactamente dónde está conectada. Además, los servidores a los que está conectada también registran su dirección IP privada, lo que no le brinda privacidad.
+Echa un vistazo al caso de Alice, como se muestra en el diagrama. Su tráfico fluye a través del ISP sin ningún cifrado, por lo que su ISP puede registrar exactamente dónde está conectada. Además, los servidores a los que está conectada también registran su dirección IP privada, lo que no le brinda privacidad.
 
 ### Bob usa IVPN para proteger su privacidad.
 

From d9cf453103b05399b94eb91b9125a1cbf5fe815d Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Thu, 16 May 2024 11:30:18 +0100
Subject: [PATCH 11/98] Localization: Fix pilot pages urls

---
 src/content/en/pages/home.md |  2 +-
 src/content/es/pages/home.md | 58 ++++++++++++++++++++----------------
 2 files changed, 34 insertions(+), 26 deletions(-)

diff --git a/src/content/en/pages/home.md b/src/content/en/pages/home.md
index d4001e624..1e71f0b8b 100644
--- a/src/content/en/pages/home.md
+++ b/src/content/en/pages/home.md
@@ -1,7 +1,7 @@
 ---
 title: VPN for Privacy & Security | IVPN | Resist Online Surveillance
 description: Audited, open-source VPN service with WireGuard, killswitch and tracker blocker. No logs, no false promises. Anonymous signup with 30 day money back guarantee.
-url: /en/
+url: /en
 isMenuCta: false
 hasSeperator: false
 sections:
diff --git a/src/content/es/pages/home.md b/src/content/es/pages/home.md
index 9001f5594..c1461bf3f 100644
--- a/src/content/es/pages/home.md
+++ b/src/content/es/pages/home.md
@@ -1,7 +1,7 @@
 ---
 title: VPN for Privacy & Security | IVPN | Resist Online Surveillance
 description: Audited, open-source VPN service with WireGuard, killswitch and tracker blocker. No logs, no false promises. Anonymous signup with 30 day money back guarantee.
-url: /es/
+url: /es
 isMenuCta: false
 hasSeperator: false
 sections:
@@ -11,38 +11,46 @@ sections:
     dark_image: /images-static/uploads/ivpn-home-dark.png
     dark_image_retina: /images-static/uploads/ivpn-home-dark@2x.png
     content: >-
-      # Resista la vigilancia en línea
+      # Resist Online Surveillance 
 
-      Lo que usted hace en línea puede ser rastreado por organizaciones que quizás no conozca o en las que no confíe y pase a formar parte de un registro permanente. Una VPN no puede resolver esto por sí sola, pero puede evitar que su ISP pueda compartir o vender sus datos.
-    cta_one_label: Crear cuenta IVPN
+      What you do online can be tracked by organizations you may not know or trust and become part of a permanent record. A VPN can’t solve this on its own, but can prevent your ISP from being able to share or sell your data.
+    cta_one_label: Generate IVPN account
     cta_one_is_blue: true
     cta_one_url: /signup/
-    cta_one_note: No es necesario email
-    cta_two_label: IVPN en GitHub
+    cta_one_note: no email required
+    cta_two_label: IVPN on GitHub
     cta_two_is_blue: false
     cta_two_url: https://github.com/ivpn
   - type: usps_three_column_home
     usps:
-      - name: Sin logs
-        description: No registramos ninguna actividad del usuario relacionada con el uso del servicio VPN, como se explica en nuestra clara [política de privacidad](/privacidad).
-      - name: Sin datos de clientes
-        description: Somos un servicio de privacidad, por lo que no recopilamos ni almacenamos ningún dato personal al registrarse, ni siquiera su correo electrónico. También aceptamos efectivo, monero y bitcoin.
-      - name: Sitio web y aplicaciones de código abierto
-        description: Este sitio web y la aplicación IVPN para todas las plataformas son de código abierto para mayor transparencia y seguridad.
-      - name: Sin servicios en la nube ni almacenamiento de datos
-        description: Todos los servidores que administran el servicio IVPN son autohospedados y operados por IVPN, incluidos el correo electrónico y el chat en vivo.
-      - name: Auditorías de seguridad independientes
-        description: Nos comprometemos a realizar [auditorías de seguridad anuales](/blog/tags/audit/) para mejorar nuestras prácticas de seguridad y transparencia.
-      - name: Sin reseñas falsas
-        description: Nunca pagamos por reseñas y no tenemos un programa de afiliados, por lo que no nos encontrará en las listas de las "10 mejores VPN".
-      - name: Sin falsas promesas ni tonterías
-        description: No prometemos anonimato ni "cifrado de grado militar". Publicamos extensas [guías de privacidad](/privacy-guides/) y educamos a nuestros clientes sobre lo que una VPN puede lograr de manera realista.
-      - name: Defensores de la privacidad
-        description: Donamos regularmente a organizaciones que luchan por el derecho a la privacidad como EFF, Open Rights Group y el proyecto Tor.
-      - name: Transparencia
-        description: Nuestro modelo de negocio se basa exclusivamente en suscripciones pagas. No somos propietarios de ningún otro servicio VPN ni sitios de revisión de VPN. Revise [el equipo](/equipo/) que opera IVPN y la propiedad de la empresa.
+      - name: No logs
+        description: We do not log any user activity relating to the use of the VPN service, as explained in our clear [privacy policy](/privacy).
+      - name: No customer data
+        description: We're a privacy service, so we don't collect or store any personal data on sign-up, not even your email. We also
+          accept cash, monero and bitcoin.
+      - name: Open-source apps and website
+        description: This website and the IVPN app for all platforms are
+          open-source for additional transparency and security.
+      - name: No cloud services or data storage
+        description: All servers managing the IVPN service are self-hosted
+          and operated by IVPN, including email and customer service.
+      - name: Independent security audits
+        description: We commit to [annual security audits](/blog/tags/audit/) to improve our security
+          practices and transparency.
+      - name: No fake reviews
+        description: We never pay for reviews and do not have an affiliate program, so
+          you won’t find us on the 'top 10 best VPN' lists.
+      - name: No false promises or fluff
+        description: We don’t promise anonymity or 'military grade encryption'. We publish extensive [privacy guides](/privacy-guides/) and educate our customers on what a VPN can realistically achieve.
+      - name: Privacy advocates
+        description: We donate regularly to organizations fighting for the right to
+          privacy like the EFF, Open Rights Group, and the Tor project.
+      - name: Transparency
+        description: Our business model is exclusively based on paid subscriptions. We
+          do not own any other VPN services or VPN review sites. Review [the team](/team/)
+          operating IVPN and the company ownership.
   - type: heading_text_one_column
-    content: "## Características"
+    content: "## Features"
   - type: features_image_three_column
     light_image: /images-static/uploads/home-app-light.png
     light_image_retina: /images-static/uploads/home-app-light-2x.png

From 49d0ccce5f6abf48d774afc3d1b591352396a8af Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Thu, 16 May 2024 16:01:19 +0200
Subject: [PATCH 12/98] Update transparency-report.md

---
 src/content/es/pages/transparency-report.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/content/es/pages/transparency-report.md b/src/content/es/pages/transparency-report.md
index 7c003c0a8..827ddadf4 100644
--- a/src/content/es/pages/transparency-report.md
+++ b/src/content/es/pages/transparency-report.md
@@ -1,13 +1,13 @@
 ---
 title: Informe de transparencia de IVPN
-description: Es importante que nuestros clientes comprendan completamente qué información privada recopilamos, almacenamos y procesamos. Lea nuestra política clara y sencilla para obtener la información que necesita.
+description: Es importante que nuestros clientes comprendan completamente qué información privada recopilamos, almacenamos y procesamos. Lee nuestra política clara y sencilla para obtener la información que necesitas.
 url: transparency-report/
 ---
 # Informe de transparencia
 
-La siguiente tabla muestra la cantidad de solicitudes legales válidas recibidas del gobierno o agencias encargadas de hacer cumplir la ley.
+La siguiente tabla muestra la cantidad de solicitudes legales válidas recibidas de agencias gubernamentales o agencias encargadas de hacer cumplir la ley.
 
-Para obtener más información sobre cómo se procesan las solicitudes, consulte las [directrices de proceso legal para el cumplimiento de la ley](/legal-process-guidelines/).
+Para obtener más información sobre cómo se procesan las solicitudes, consulta las [directrices de proceso legal para el cumplimiento de la ley](/legal-process-guidelines/).
 
 |   | # Solicitudes recibidas| # Solicitudes válidas recibidas | # Solicitudes válidas recibidas donde se proporcionaron datos |
 |---|---|---|---|

From e089ffdf0c87f86dc984fab7665002de8fb8be5b Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Thu, 16 May 2024 16:21:44 +0200
Subject: [PATCH 13/98] Update what-is-vpn.md

---
 src/content/es/pages/what-is-vpn.md | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/content/es/pages/what-is-vpn.md b/src/content/es/pages/what-is-vpn.md
index c5c8d6464..938a66dea 100644
--- a/src/content/es/pages/what-is-vpn.md
+++ b/src/content/es/pages/what-is-vpn.md
@@ -1,28 +1,28 @@
 ---
 title: ¿Qué es una VPN?
-description: ¿Qué es una VPN? Una VPN o red privada virtual cifra los datos enviados entre computadoras en Internet. Cuando utiliza una VPN por motivos de privacidad, sus datos se cifran para que su ISP o proveedor de red móvil no pueda monitorear su actividad en Internet.
+description: ¿Qué es una VPN? Una VPN o red privada virtual cifra los datos enviados entre ordenadores en Internet. Cuando utilizas una VPN por motivos de privacidad, tus datos se cifran para que tu ISP o proveedor de red móvil no pueda monitorear tu actividad en Internet.
 url: what-is-a-vpn/
 ---
 # ¿Qué es una VPN?
 
-Una VPN o red privada virtual cifra los datos enviados entre computadoras en Internet. Cuando utilizas una VPN por motivos de privacidad, tus datos se cifran para que tu ISP o proveedor de red móvil no pueda monitorear tu actividad en Internet.
+Una VPN o red privada virtual cifra los datos enviados entre ordenadores en Internet. Cuando utilizas una VPN por motivos de privacidad, tus datos se cifran para que tu ISP o proveedor de red móvil no pueda monitorear tu actividad en Internet.
 
-### El ISP de Alice puede rastrear cada sitio que visita, y el suyo también.
+### El ISP de Alice puede rastrear cada sitio que visita, y el tuyo también.
 
 {{< figure class="features__image--light" src="/images-static/uploads/what-is-a-vpn-alice.svg" alt="What is a VPN - Alice ISP" >}}
 {{< figure class="features__image--dark" src="/images-static/uploads/what-is-a-vpn-alice-dark.svg" alt="What is a VPN - Alice ISP" >}}
 
-Sin una VPN, te conectas a Internet a través de tu proveedor de servicios de Internet (ISP) y corres el riesgo de exponer tu actividad privada en Internet. Si no utilizas HTTPS, tu ISP puede rastrear cada sitio que visites y el contenido que veas o descargues. Es como enviar mensajes confidenciales mediante postales, excepto que, a diferencia de su oficina de correos, tu ISP puede grabar y almacenar cada mensaje con casi cero esfuerzo y costo. Incluso si utilizas HTTPS, el ISP aún puede rastrear la dirección IP o el dominio que se está visitando.
+Sin una VPN, te conectas a Internet a través de tu proveedor de servicios de Internet (ISP) y corres el riesgo de exponer tu actividad privada en Internet. Si no utilizas HTTPS, tu ISP puede rastrear cada sitio que visites y el contenido que veas o descargues. Es como enviar mensajes confidenciales mediante postales, excepto que, a diferencia de tu oficina de correos, tu ISP puede grabar y almacenar cada mensaje con el mínimo esfuerzo y coste. Incluso si utilizas HTTPS, tu ISP aún puede rastrear la dirección IP o el dominio que estás visitando.
 
-Incluso en redes Wi-Fi públicas, tus datos pueden ser interceptados por espías o piratas informáticos. Tu actividad o tus datos personales pueden ser interceptados sin tu conocimiento, dejándolo expuesto.
+Incluso en redes Wi-Fi públicas, tus datos pueden ser interceptados por espías o piratas informáticos. Tu actividad o tus datos personales pueden ser interceptados sin tu conocimiento, dejándote expuesto.
 
-Echa un vistazo al caso de Alice, como se muestra en el diagrama. Su tráfico fluye a través del ISP sin ningún cifrado, por lo que su ISP puede registrar exactamente dónde está conectada. Además, los servidores a los que está conectada también registran su dirección IP privada, lo que no le brinda privacidad.
+Echa un vistazo al caso de Alice, como se muestra en el diagrama. Su tráfico fluye a través del ISP sin ningún cifrado, por lo que su ISP puede registrar exactamente dónde está conectada. Además, los servidores a los que está conectada también registran su dirección IP privada, lo cual no le brinda privacidad.
 
 ### Bob usa IVPN para proteger su privacidad.
 
 {{< figure class="features__image--light" src="/images-static/uploads/what-is-a-vpn-bob-ivpn.svg" alt="What is a VPN - Bob IVPN" >}}
 {{< figure class="features__image--dark" src="/images-static/uploads/what-is-a-vpn-bob-ivpn-dark.svg" alt="What is a VPN - Bob IVPN" >}}
 
-Con IVPN, primero se conecta a uno de nuestros servidores seguros a través de tu ISP. Una vez conectado, toda su actividad en línea está cifrada y su ISP no puede monitorearla ni registrarla. Además, sus datos están protegidos contra espías o piratas informáticos ubicados entre su computadora y el ISP.
+Con IVPN, primero te conectas a uno de nuestros servidores seguros a través de tu ISP. Una vez conectado, toda tu actividad en línea está cifrada y tu ISP no puede monitorearla ni registrarla. Además, tus datos están protegidos contra espías o piratas informáticos ubicados entre tu ordenador y el ISP.
 
-En el caso de Bob, está conectado a un servidor IVPN y, por tanto, todo el tráfico que pasa por su ISP está cifrado. El ISP sólo puede registrar que Bob está conectado a un servidor IVPN, nada más. Los servidores a los que está conectado solo ven que el servidor IVPN está conectado a ellos y, por lo tanto, solo pueden registrar la dirección IP del servidor IVPN en sus registros. Los mejores servicios de VPN se asegurarán diligentemente de no registrar ningún dato de conexión del usuario, garantizando la privacidad de sus clientes.
\ No newline at end of file
+En el caso de Bob, está conectado a un servidor IVPN y, por tanto, todo el tráfico que pasa por su ISP está cifrado. El ISP sólo puede registrar que Bob está conectado a un servidor IVPN, nada más. Los servidores a los que está conectado solo ven que el servidor IVPN está conectado a ellos y, por lo tanto, solo pueden registrar la dirección IP del servidor IVPN en sus registros. Los mejores servicios de VPN se asegurarán diligentemente de no registrar ningún dato de conexión del usuario, garantizando la privacidad de sus clientes.

From 8c837f0c2f09b3cf741552eb1ac832b8e97fa845 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Fri, 17 May 2024 12:59:29 +0200
Subject: [PATCH 14/98] Update home.md

---
 src/content/es/pages/home.md | 131 +++++++++++++++++------------------
 1 file changed, 65 insertions(+), 66 deletions(-)

diff --git a/src/content/es/pages/home.md b/src/content/es/pages/home.md
index c1461bf3f..534e7cc9f 100644
--- a/src/content/es/pages/home.md
+++ b/src/content/es/pages/home.md
@@ -1,6 +1,6 @@
 ---
-title: VPN for Privacy & Security | IVPN | Resist Online Surveillance
-description: Audited, open-source VPN service with WireGuard, killswitch and tracker blocker. No logs, no false promises. Anonymous signup with 30 day money back guarantee.
+title: VPN para privacidad y seguridad | IVPN | Resiste la vigilancia en línea
+description: Servicio VPN de código abierto, auditado, con WireGuard, killswitch y bloqueador de rastreadores. Sin registros, sin falsas promesas. Inscripción anónima con garantía de reembolso de 30 días.
 url: /es
 isMenuCta: false
 hasSeperator: false
@@ -11,100 +11,99 @@ sections:
     dark_image: /images-static/uploads/ivpn-home-dark.png
     dark_image_retina: /images-static/uploads/ivpn-home-dark@2x.png
     content: >-
-      # Resist Online Surveillance 
-
-      What you do online can be tracked by organizations you may not know or trust and become part of a permanent record. A VPN can’t solve this on its own, but can prevent your ISP from being able to share or sell your data.
-    cta_one_label: Generate IVPN account
+      # Resiste la vigilancia en línea
+      Lo que haces en línea puede ser rastreado por organizaciones que quizás no conozcas y pases a formar parte de un registro permanente. Una VPN no puede resolver esto por sí sola, pero puede evitar que tu ISP pueda compartir o vender tus datos.
+    cta_one_label: Generar cuenta IVPN
     cta_one_is_blue: true
     cta_one_url: /signup/
-    cta_one_note: no email required
-    cta_two_label: IVPN on GitHub
+    cta_one_note: no se requiere email
+    cta_two_label: IVPN en GitHub
     cta_two_is_blue: false
     cta_two_url: https://github.com/ivpn
   - type: usps_three_column_home
     usps:
-      - name: No logs
-        description: We do not log any user activity relating to the use of the VPN service, as explained in our clear [privacy policy](/privacy).
-      - name: No customer data
-        description: We're a privacy service, so we don't collect or store any personal data on sign-up, not even your email. We also
-          accept cash, monero and bitcoin.
-      - name: Open-source apps and website
-        description: This website and the IVPN app for all platforms are
-          open-source for additional transparency and security.
-      - name: No cloud services or data storage
-        description: All servers managing the IVPN service are self-hosted
-          and operated by IVPN, including email and customer service.
-      - name: Independent security audits
-        description: We commit to [annual security audits](/blog/tags/audit/) to improve our security
-          practices and transparency.
-      - name: No fake reviews
-        description: We never pay for reviews and do not have an affiliate program, so
-          you won’t find us on the 'top 10 best VPN' lists.
-      - name: No false promises or fluff
-        description: We don’t promise anonymity or 'military grade encryption'. We publish extensive [privacy guides](/privacy-guides/) and educate our customers on what a VPN can realistically achieve.
-      - name: Privacy advocates
-        description: We donate regularly to organizations fighting for the right to
-          privacy like the EFF, Open Rights Group, and the Tor project.
-      - name: Transparency
-        description: Our business model is exclusively based on paid subscriptions. We
-          do not own any other VPN services or VPN review sites. Review [the team](/team/)
-          operating IVPN and the company ownership.
+      - name: Sin registros
+        description: No registramos ninguna actividad de usuario relacionada con el uso del servicio VPN, como se explica en nuestra clara [política de privacidad](/privacy).
+      - name: Sin datos del cliente
+        description: Somos un servicio de privacidad, por lo que no recopilamos ni almacenamos ningún dato personal al registrarse, ni siquiera
+          tu correo electrónico. También aceptamos efectivo, Monero y Bitcoin.
+      - name: Página web y aplicaciones de código abierto
+        description: Esta página web y la aplicaciones IVPN son de
+          código abierto para mayor transparencia y seguridad.
+      - name: Sin servicios en la nube ni almacenamiento de datos
+        description: Todos los servidores que gestionan los servicios de IVPN
+           están autoalojados y operados por IVPN, incluido el correo electrónico y atencion al cliente.
+      - name: Auditorías de seguridad independientes
+        description: Nos comprometemos a realizar [auditorías de seguridad anuales](/blog/tags/audit/) para mejorar nuestras
+           prácticas de seguridad y transparencia.
+      - name: Sin reseñas falsas
+        description: Nunca pagamos por reseñas y no tenemos un programa de afiliados, por lo que
+          no nos encontrarás en las listas de las '10 mejores VPN'.
+      - name: Sin falsas promesas
+        description: No prometemos anonimato ni "cifrado de grado militar". Publicamos extensas [guías de privacidad](/privacy-guides/) y educamos a nuestros clientes sobre lo que una VPN puede lograr de manera realista.
+      - name: Defensores de la privacidad
+        description: Donamos regularmente a organizaciones que luchan por el derecho a
+          la privacidad como la EFF, Open Rights Group y el proyecto Tor.
+      - name: Transparencia
+        description: Nuestro modelo de negocio se basa exclusivamente en suscripciones de pago. No
+          poseemeos ningún otro servicio VPN ni páginas de reseñas de VPN. Revisa [el equipo](/team/)
+          que dirige IVPN y la propiedad de la empresa.
   - type: heading_text_one_column
-    content: "## Features"
+    content: "## Funciones"
   - type: features_image_three_column
     light_image: /images-static/uploads/home-app-light.png
     light_image_retina: /images-static/uploads/home-app-light-2x.png
     dark_image: /images-static/uploads/home-app-dark.png
     dark_image_retina: /images-static/uploads/home-app-dark-2x.png
     features_col_one:
-      - description: "Choice of **WireGuard, OpenVPN or IPSec** protocols using either the IVPN apps or any other compatible VPN client."
-      - description: "**WireGuard privacy controls** - Define a custom schedule for automatic key and IP address rotation."
-      - description: "**AntiTracker** that blocks ads, adware, malicious websites and data harvesting trackers."
-      - description: "**Killswitch / Firewall** option on macOS, Windows, Linux, Android and using the built-in On-demand feature on iOS. Offers protection against DNS, IPv6, disconnection and WebRTC leaks."
-      - description: "Private non-logging **DNS servers** accessible through our VPN."
+      - description: "Elección de protocolos **WireGuard, OpenVPN o IPSec** utilizando las aplicaciones IVPN o cualquier otro cliente VPN compatible".
+      - description: "**Controles de privacidad de WireGuard** - Define una programación personalizada para la rotación automática de claves y direcciones IP".
+      - description: "**AntiTracker** que bloquea anuncios, adware, sitios web maliciosos y rastreadores de recopilación de datos".
+      - description: "Opción **Killswitch/Firewall** en macOS, Windows, Linux, Android y la función On-demand incorporada en iOS. Ofrece protección contra filtraciones DNS, IPv6, WebRTC y desconexiones".
+      - description: "**Servidores DNS** privados sin registro, accesibles a través de nuestra VPN".
     features_col_two:
-      - description: "**Multi-hop VPN routes**. Connect through multiple servers in separate jurisdictions for enhanced privacy."
-      - description: "Define **trusted Wi-Fi networks** and create rules for automatic connection / disconnection."
-      - description: "**Pause VPN** for when you need to disable the VPN temporarily after which connection is automatically restored (except iOS)."
-      - description: "**Obfsproxy** to circumvent censorship (Windows, macOS and Linux clients)."
+      - description: "**Rutas VPN Multi-hop**. Conéctate a través de múltiples servidores en jurisdicciones diferentes para mejorar la privacidad".
+      - description: "Define **redes Wi-Fi de confianza** y crea reglas para la conexión/desconexión automática".
+      - description: "**Función de pausado** para cuando necesites desactivar la VPN temporalmente, tras lo cual la conexión se restablece automáticamente (excepto iOS)".
+      - description: "**Obfsproxy** para eludir la censura (clientes Windows, macOS y Linux)".
   - type: heading_text_one_column
-    content: "## Do you really need a VPN?"
+    content: "## ¿Realmente necesitas una VPN?"
   - type: text_two_column
     content_column_1: |-
-      ### Despite what many VPN providers advertise VPNs are useless (at best ineffective) at:
+      ### A pesar de lo que anuncian muchos proveedores de VPN, las VPN son inútiles (en el mejor de los casos, ineficaces) en:
 
       <ul class="list--is-red">
-      <li>Achieving anonymity.</li>
-      <li>Preventing Google or Facebook from collecting your private data.</li>
-      <li>Preventing unwanted profiling by social networks or search engines.</li>
-      <li>Providing better security when ‘working from home’.</li>
-      <li>Protecting your passwords.</li>
-      <li>Hiding your mobile phone location (GPS).</li>
-      <li>Helping you avoid data breaches on services you use online.</li>
-      <li>Defending against “cyber threats” and identity theft.</li>
+      <li>Lograr el anonimato.</li>
+      <li>Evitar que Google o Facebook recopilen tus datos privados.</li>
+      <li>Prevenir la creación de perfiles no deseados por parte de redes sociales o motores de búsqueda.</li>
+      <li>Proporcionar mayor seguridad al "trabajar desde casa".</li>
+      <li>Proteger tus contraseñas</li>
+      <li>Ocultar la ubicación de tu teléfono móvil (GPS).</li>
+      <li>Ayudarte a evitar filtraciones de datos en lo servicios que utilizas en línea.</li>
+      <li>Defensa contra “amenazas cibernéticas” y robo de identidad.</li>
 
       </ul>
 
-      ### Do not rely on a VPN to protect you in any of the above scenarios. 
-
+      ### No confíes en una VPN para protegerte en ninguno de los escenarios anteriores.
+    
     content_column_2: >
-      ### However, a trustworthy VPN can be very effective at:
-
+      ### Sin embargo, una VPN de confianza puede ser muy efectiva para:
 
-      * Encrypting your data so your ISP or mobile network provider cannot monitor or log your online activity. Without a VPN, HTTPS still exposes the domain name or IP address you are visiting to the ISP.
 
-      * Encrypting your DNS requests so your ISP or mobile network provider cannot monitor or log the domains you visit. 
+      * Cifrar tus datos para que tu ISP o proveedor de red móvil no pueda vigilar ni registrar tu actividad en línea. Sin una VPN, conexiones HTTPS aún exponen a tu ISP el nombre del dominio o la dirección IP que está visitando.
 
-      * Increasing your security on untrusted public networks by preventing MITM attacks.
+      * Cifrar tu peticiones de DNS para que tu ISP o proveedor de red móvil no pueda vigilar ni registrar los dominios que visitas.
 
-      * Masking your IP address from websites and servers you connect to.
+      * Aumentar tu seguridad en redes públicas no fiables al prevenir ataques MITM.
+        
+      * Ocultar tu dirección IP de los sitios web y servidores a los que te conectas.
 
-      * Circumventing censorship or geographical blocks on websites and content. 
+      * Eludir la censura o bloqueos geográficos en sitios web y contenidos en línea. 
   - type: heading_text_cta_one_column
     content: >-
-      Using a VPN should be part of an overall strategy to protect your privacy - **but only if you trust the VPN provider more than your ISP**.
-    cta_label: Generate IVPN account
+      El uso de una VPN debe ser parte de una estrategia general para proteger tu privacidad, **pero solo si confías más en el proveedor de VPN que en tu ISP**.
+    cta_label: Generar cuenta IVPN
     cta_is_blue: true
     cta_url: /signup/
-    cta_note: no email required
+    cta_note: no se require email
 ---

From 3dff6531ec0fd2ee6ede028bcb568e7c8c000829 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Fri, 17 May 2024 13:15:31 +0200
Subject: [PATCH 15/98] Update home.md

---
 src/content/es/pages/home.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/content/es/pages/home.md b/src/content/es/pages/home.md
index 534e7cc9f..3179eec9a 100644
--- a/src/content/es/pages/home.md
+++ b/src/content/es/pages/home.md
@@ -12,6 +12,7 @@ sections:
     dark_image_retina: /images-static/uploads/ivpn-home-dark@2x.png
     content: >-
       # Resiste la vigilancia en línea
+    
       Lo que haces en línea puede ser rastreado por organizaciones que quizás no conozcas y pases a formar parte de un registro permanente. Una VPN no puede resolver esto por sí sola, pero puede evitar que tu ISP pueda compartir o vender tus datos.
     cta_one_label: Generar cuenta IVPN
     cta_one_is_blue: true

From f7f0038b3b2ba3e284123c54bb634345d81bbd6c Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Fri, 17 May 2024 13:40:49 +0200
Subject: [PATCH 16/98] Update home.md


From fc926fa133059b65e6bcfaaa3396f4950a423c6b Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Fri, 17 May 2024 23:01:36 +0100
Subject: [PATCH 17/98] Update home.md

---
 src/content/en/pages/home.md | 2 +-
 src/content/es/pages/home.md | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/content/en/pages/home.md b/src/content/en/pages/home.md
index 1e71f0b8b..d4001e624 100644
--- a/src/content/en/pages/home.md
+++ b/src/content/en/pages/home.md
@@ -1,7 +1,7 @@
 ---
 title: VPN for Privacy & Security | IVPN | Resist Online Surveillance
 description: Audited, open-source VPN service with WireGuard, killswitch and tracker blocker. No logs, no false promises. Anonymous signup with 30 day money back guarantee.
-url: /en
+url: /en/
 isMenuCta: false
 hasSeperator: false
 sections:
diff --git a/src/content/es/pages/home.md b/src/content/es/pages/home.md
index 3179eec9a..60bb3a6b1 100644
--- a/src/content/es/pages/home.md
+++ b/src/content/es/pages/home.md
@@ -1,7 +1,7 @@
 ---
 title: VPN para privacidad y seguridad | IVPN | Resiste la vigilancia en línea
 description: Servicio VPN de código abierto, auditado, con WireGuard, killswitch y bloqueador de rastreadores. Sin registros, sin falsas promesas. Inscripción anónima con garantía de reembolso de 30 días.
-url: /es
+url: /es/
 isMenuCta: false
 hasSeperator: false
 sections:

From a8eb1916f913ecfbb99a2405263813859d7af971 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Mon, 20 May 2024 12:54:09 +0100
Subject: [PATCH 18/98] Update home.md

---
 src/content/es/pages/home.md | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/src/content/es/pages/home.md b/src/content/es/pages/home.md
index 60bb3a6b1..892029a96 100644
--- a/src/content/es/pages/home.md
+++ b/src/content/es/pages/home.md
@@ -11,7 +11,7 @@ sections:
     dark_image: /images-static/uploads/ivpn-home-dark.png
     dark_image_retina: /images-static/uploads/ivpn-home-dark@2x.png
     content: >-
-      # Resiste la vigilancia en línea
+     # Resiste la vigilancia en línea
     
       Lo que haces en línea puede ser rastreado por organizaciones que quizás no conozcas y pases a formar parte de un registro permanente. Una VPN no puede resolver esto por sí sola, pero puede evitar que tu ISP pueda compartir o vender tus datos.
     cta_one_label: Generar cuenta IVPN
@@ -57,16 +57,16 @@ sections:
     dark_image: /images-static/uploads/home-app-dark.png
     dark_image_retina: /images-static/uploads/home-app-dark-2x.png
     features_col_one:
-      - description: "Elección de protocolos **WireGuard, OpenVPN o IPSec** utilizando las aplicaciones IVPN o cualquier otro cliente VPN compatible".
-      - description: "**Controles de privacidad de WireGuard** - Define una programación personalizada para la rotación automática de claves y direcciones IP".
-      - description: "**AntiTracker** que bloquea anuncios, adware, sitios web maliciosos y rastreadores de recopilación de datos".
-      - description: "Opción **Killswitch/Firewall** en macOS, Windows, Linux, Android y la función On-demand incorporada en iOS. Ofrece protección contra filtraciones DNS, IPv6, WebRTC y desconexiones".
-      - description: "**Servidores DNS** privados sin registro, accesibles a través de nuestra VPN".
+      - description: "Elección de protocolos **WireGuard, OpenVPN o IPSec** utilizando las aplicaciones IVPN o cualquier otro cliente VPN compatible."
+      - description: "**Controles de privacidad de WireGuard** - Define una programación personalizada para la rotación automática de claves y direcciones IP."
+      - description: "**AntiTracker** que bloquea anuncios, adware, sitios web maliciosos y rastreadores de recopilación de datos."
+      - description: "Opción **Killswitch/Firewall** en macOS, Windows, Linux, Android y la función On-demand incorporada en iOS. Ofrece protección contra filtraciones DNS, IPv6, WebRTC y desconexiones."
+      - description: "**Servidores DNS** privados sin registro, accesibles a través de nuestra VPN."
     features_col_two:
-      - description: "**Rutas VPN Multi-hop**. Conéctate a través de múltiples servidores en jurisdicciones diferentes para mejorar la privacidad".
-      - description: "Define **redes Wi-Fi de confianza** y crea reglas para la conexión/desconexión automática".
-      - description: "**Función de pausado** para cuando necesites desactivar la VPN temporalmente, tras lo cual la conexión se restablece automáticamente (excepto iOS)".
-      - description: "**Obfsproxy** para eludir la censura (clientes Windows, macOS y Linux)".
+      - description: "**Rutas VPN Multi-hop**. Conéctate a través de múltiples servidores en jurisdicciones diferentes para mejorar la privacidad."
+      - description: "Define **redes Wi-Fi de confianza** y crea reglas para la conexión/desconexión automática."
+      - description: "**Función de pausado** para cuando necesites desactivar la VPN temporalmente, tras lo cual la conexión se restablece automáticamente (excepto iOS)."
+      - description: "**Obfsproxy** para eludir la censura (clientes Windows, macOS y Linux)."
   - type: heading_text_one_column
     content: "## ¿Realmente necesitas una VPN?"
   - type: text_two_column

From 5a2e3daf555f1a767903b0fad63703070086fa32 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Mon, 20 May 2024 12:56:12 +0100
Subject: [PATCH 19/98] Update home.md

---
 src/content/es/pages/home.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/es/pages/home.md b/src/content/es/pages/home.md
index 892029a96..3df8178e0 100644
--- a/src/content/es/pages/home.md
+++ b/src/content/es/pages/home.md
@@ -11,7 +11,7 @@ sections:
     dark_image: /images-static/uploads/ivpn-home-dark.png
     dark_image_retina: /images-static/uploads/ivpn-home-dark@2x.png
     content: >-
-     # Resiste la vigilancia en línea
+      # Resiste la vigilancia en línea
     
       Lo que haces en línea puede ser rastreado por organizaciones que quizás no conozcas y pases a formar parte de un registro permanente. Una VPN no puede resolver esto por sí sola, pero puede evitar que tu ISP pueda compartir o vender tus datos.
     cta_one_label: Generar cuenta IVPN

From 934eaebd70aeaf704d7fba2317de05681757b57b Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Tue, 21 May 2024 11:32:58 +0100
Subject: [PATCH 20/98] Localization: Update footer dynamic links

---
 src/config/_default/menus/menus.en.toml         | 8 +-------
 src/config/_default/menus/menus.es.toml         | 8 +-------
 src/themes/ivpn-v3/layouts/partials/footer.html | 9 +++++++++
 3 files changed, 11 insertions(+), 14 deletions(-)

diff --git a/src/config/_default/menus/menus.en.toml b/src/config/_default/menus/menus.en.toml
index 6b7299e2f..695acd9ef 100644
--- a/src/config/_default/menus/menus.en.toml
+++ b/src/config/_default/menus/menus.en.toml
@@ -1,7 +1,7 @@
 [[main]]
     identifier = "team"
     name = "Team"
-    url = "/team/"
+    url = "/en/team/"
     weight = 10
 
   [[main]]
@@ -83,12 +83,6 @@
     url = "/pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard/"
     weight = 70
 
-  [[footercolone]]
-    identifier = "change-language"
-    name = "Versión española"
-    url = "/es"
-    weight = 71
-
   [[footercoltwo]]
     identifier = "manifesto"
     name = "Our Manifesto"
diff --git a/src/config/_default/menus/menus.es.toml b/src/config/_default/menus/menus.es.toml
index 75a7eb16b..d14d6da96 100644
--- a/src/config/_default/menus/menus.es.toml
+++ b/src/config/_default/menus/menus.es.toml
@@ -1,7 +1,7 @@
 [[main]]
     identifier = "team"
     name = "Team"
-    url = "/team/"
+    url = "/es/team/"
     weight = 10
 
   [[main]]
@@ -83,12 +83,6 @@
     url = "/pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard/"
     weight = 70
 
-  [[footercolone]]
-    identifier = "change-language"
-    name = "English version"
-    url = "/en"
-    weight = 71
-
   [[footercoltwo]]
     identifier = "manifesto"
     name = "Our Manifesto"
diff --git a/src/themes/ivpn-v3/layouts/partials/footer.html b/src/themes/ivpn-v3/layouts/partials/footer.html
index a7c375eff..74fc0cc88 100644
--- a/src/themes/ivpn-v3/layouts/partials/footer.html
+++ b/src/themes/ivpn-v3/layouts/partials/footer.html
@@ -13,6 +13,15 @@
                     <a href="{{ .URL }}">{{ .Name }}</a>
                 </li>
                 {{ end }}
+                {{ if eq site.Language.Lang "en" }}
+                <li>
+                    <a href="{{ replace .Page.RelPermalink "/en/" "/es/" }}">Versión española</a>
+                </li>
+                {{ else }}
+                <li>
+                    <a href="{{ replace .Page.RelPermalink "/es/" "/en/" }}">English version</a>
+                </li>
+                {{ end }}
             </ul>
         </div>
         <div class="footer__column">

From ec27e818cf69ddc342c702fbc168e9ebf7a4a4b8 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Tue, 21 May 2024 14:09:20 +0200
Subject: [PATCH 21/98] Update home.md

---
 src/content/es/pages/home.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/content/es/pages/home.md b/src/content/es/pages/home.md
index 3df8178e0..76ae7c7a2 100644
--- a/src/content/es/pages/home.md
+++ b/src/content/es/pages/home.md
@@ -13,7 +13,7 @@ sections:
     content: >-
       # Resiste la vigilancia en línea
     
-      Lo que haces en línea puede ser rastreado por organizaciones que quizás no conozcas y pases a formar parte de un registro permanente. Una VPN no puede resolver esto por sí sola, pero puede evitar que tu ISP pueda compartir o vender tus datos.
+      Lo que haces en línea puede ser rastreado por organizaciones que quizás no conozcas y pase a formar parte de un registro permanente. Una VPN no puede resolver esto por sí sola, pero puede evitar que tu ISP pueda compartir o vender tus datos.
     cta_one_label: Generar cuenta IVPN
     cta_one_is_blue: true
     cta_one_url: /signup/
@@ -91,7 +91,7 @@ sections:
       ### Sin embargo, una VPN de confianza puede ser muy efectiva para:
 
 
-      * Cifrar tus datos para que tu ISP o proveedor de red móvil no pueda vigilar ni registrar tu actividad en línea. Sin una VPN, conexiones HTTPS aún exponen a tu ISP el nombre del dominio o la dirección IP que está visitando.
+      * Cifrar tus datos para que tu ISP o proveedor de red móvil no pueda vigilar ni registrar tu actividad en línea. Sin una VPN, conexiones HTTPS aún exponen a tu ISP el nombre del dominio o la dirección IP que estás visitando.
 
       * Cifrar tu peticiones de DNS para que tu ISP o proveedor de red móvil no pueda vigilar ni registrar los dominios que visitas.
 

From 2105761a84f87d361fb6c8500e63b11383c44788 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Tue, 21 May 2024 15:08:09 +0100
Subject: [PATCH 22/98] Localization:  Fix broken links

---
 src/config/_default/config.toml               |   6 +-
 src/config/_default/menus/menus.en.toml       |   2 +-
 src/config/_default/menus/menus.es.toml       |   2 +-
 src/content/en/pages/antitracker.md           |   5 +-
 src/content/en/pages/ethics.md                |   2 +-
 src/content/en/pages/home.md                  |   4 +-
 src/content/en/pages/privacy-policy.md        |   2 +-
 src/content/en/pages/team.md                  |   4 +-
 src/content/en/pages/transparency-report.md   |   5 +-
 src/content/en/pages/trust.md                 |   2 +-
 src/content/en/pages/what-is-vpn.md           |   5 +-
 .../authors/alexandr-stelnykovych/_index.md   |   3 -
 src/content/es/authors/iain-douglas/_index.md |   3 -
 src/content/es/authors/juraj-hilje/_index.md  |   3 -
 src/content/es/authors/mirimir/_index.md      |   3 -
 src/content/es/authors/nick-pestell/_index.md |   3 -
 .../es/authors/viktor-vecsei/_index.md        |   3 -
 .../2010-08-08-the-importance-of-privacy.md   |  45 -
 .../blog/2010-09-22-the-right-to-privacy.md   |  72 --
 ...through-controversial-three-strikes-law.md |  19 -
 ...7-fbi-gives-agents-ok-to-invade-privacy.md |  23 -
 ...-a-foreign-countrys-online-content-laws.md |  50 -
 ...-bills-spy-on-individual-surfing-habits.md |  31 -
 ...fbi-wants-to-criminalise-online-privacy.md |  45 -
 .../2012-02-11-europeans-rage-against-acta.md |  41 -
 ...ns-face-police-attack-on-online-privacy.md |  27 -
 ...19-google-caught-spying-on-safari-users.md |  49 -
 ...2012-02-26-iranians-face-halal-internet.md |  41 -
 .../2012-03-03-ireland-passes-sopa-law.md     |  39 -
 ...3-09-uk-isps-forced-to-spy-on-customers.md |  38 -
 ...ebate-rages-over-ad-tracking-regulation.md |  42 -
 ...ive-ways-to-protect-your-online-privacy.md |  47 -
 .../2012-04-02-can-duckduckgo-kill-google.md  |  54 -
 ...4-06-uk-online-spying-law-how-to-resist.md |  93 --
 ...of-a-threat-to-online-privacy-than-sopa.md |  43 -
 ...guide-to-current-online-privacy-threats.md | 113 ---
 ...nger-esclates-as-bill-receives-approval.md |  48 -
 ...ngerous-anti-online-privacy-politicians.md |  83 --
 ...nline-privacy-the-uk-is-already-screwed.md |  58 --
 ...es-the-biggest-threat-to-online-privacy.md |  49 -
 ...ment-knocks-on-a-vpns-door-what-happens.md |  57 --
 ...-parties-dont-care-about-online-privacy.md |  39 -
 ...ine-privacy-who-are-the-worst-offenders.md |  55 --
 ...pdate-current-threats-to-online-privacy.md |  50 -
 ...-07-12-acta-and-sopa-back-from-the-dead.md |  37 -
 ...-top-five-worst-online-privacy-breaches.md |  44 -
 ...ing-your-online-privacy-on-a-smartphone.md |  45 -
 ...a-prepares-for-new-online-privacy-fight.md |  45 -
 ...-the-biggest-defender-of-online-privacy.md |  49 -
 ...ever-be-trusted-to-protect-your-privacy.md |  47 -
 ...is-a-trojan-horse-just-follow-the-money.md |  55 --
 ...-partnership-sopa-through-the-back-door.md |  44 -
 ...ree-days-left-to-protest-uk-porn-filter.md | 270 -----
 ...ress-to-vote-on-secret-spying-act-today.md |  57 --
 ...ues-gallery-of-online-privacy-violators.md |  63 --
 ...privacy-concerns-limit-facebooks-growth.md |  52 -
 ...stralian-data-retention-debate-heats-up.md |  67 --
 ...-13-top-5-online-privacy-misconceptions.md |  47 -
 ...under-pressure-to-change-privacy-policy.md |  52 -
 ...0-28-top-five-free-online-privacy-tools.md | 114 ---
 ...ust-governments-new-cyber-security-bill.md |  56 --
 ...much-your-personal-data-is-really-worth.md |  37 -
 ...mmunications-crackdown-a-brief-round-up.md |  47 -
 ...ned-about-online-privacy-than-canadians.md |  35 -
 ...ying-bill-youre-siding-with-paedophiles.md |  47 -
 ...c-data-under-threat-from-us-patriot-act.md |  41 -
 ...eople-affected-by-data-breaches-in-2012.md |  51 -
 ...vacy-law-but-facebook-gets-off-the-hook.md |  42 -
 ...-26-top-5-online-privacy-trends-in-2013.md |  59 --
 ...ks-top-5-anti-online-privacy-politicans.md |  67 --
 ...iggest-threats-to-global-online-privacy.md |  49 -
 ...hts-of-citizens-and-residents-in-the-eu.md |  23 -
 ...01-top-five-defenders-of-online-privacy.md |  66 --
 ...ook-vs-google-the-loser-is-your-privacy.md |  62 --
 ...13-04-18-is-cispa-a-threat-to-vpn-users.md |  40 -
 ...google-who-better-protects-your-privacy.md |  84 --
 ...privacy-debate-understanding-the-basics.md |  58 --
 ...29-introducing-ivpns-new-privacy-guides.md |  48 -
 ...pn-privacy-policies-decoded-hide-my-ass.md | 114 ---
 ...2013-06-06-vpn-privacy-policies-decoded.md |  71 --
 ...king-the-entire-global-online-community.md |  34 -
 ...-vpn-privacy-policies-decoded-strongvpn.md |  52 -
 ...-21-vpn-privacy-policies-decoded-airvpn.md | 234 -----
 ...28-vpn-privacy-policies-decoded-witopia.md |  66 --
 ...ns-least-concerned-about-online-privacy.md |  57 --
 ...shes-whitewash-investigation-into-prism.md |  49 -
 ...7-28-vpn-privacy-policies-decoded-boxpn.md |  60 --
 ...s-the-biggest-influence-on-vpn-sign-ups.md |  60 --
 .../2013-09-18-the-onion-router-under-fire.md |  35 -
 ...top-five-threats-to-online-privacy-2013.md |  38 -
 ...23-vpn-privacy-policies-decoded-vyprvpn.md |  61 --
 ...-11-07-ivpn-launches-new-privacy-guides.md |  32 -
 ...hts-of-citizens-and-residents-in-the-eu.md |  29 -
 .../blog/2013-11-21-new-windows-vpn-client.md |  40 -
 ...ve-reasons-uk-politicians-hate-internet.md |  93 --
 ...uropeans-really-set-free-data-retention.md |  42 -
 ...heres-five-us-politicians-keep-eye-2014.md |  65 --
 ...30-will-us-government-try-ban-vpns-2014.md |  33 -
 ...s-conscious-home-to-keep-things-private.md |  43 -
 ...-online-privacy-governments-says-survey.md |  35 -
 .../2014-04-10-heartbleed-passwords-change.md |  53 -
 ...-quick-guide-fcc-corruption-infographic.md |  32 -
 ...line-privacy-24-hours-two-simple-things.md |  68 --
 ...18-internet-censorship-around-the-world.md |  28 -
 ...s-worst-anti-online-privacy-politicians.md |  65 --
 ...2015-01-27-new-ivpn-client-v2-0-windows.md | 100 --
 ...-scheduled-server-maintenance-june-2015.md |  28 -
 ...-08-26-20-faster-windows-10-less-secure.md |  73 --
 ...t-forwarding-reservations-now-available.md |  32 -
 ...ng-the-ivpn-client-v2-4-for-windows-osx.md |  93 --
 ...11-26-multihop-v2-network-now-available.md |  44 -
 ...d-as-a-member-of-the-five-eyes-alliance.md | 129 ---
 .../2016-09-23-closed-affiliate-program.md    | 102 --
 .../es/blog/2017-03-15-new-ivpn-app-ios.md    |  37 -
 ...re-products-uploading-your-private-data.md | 142 ---
 ...ated-desktop-apps-for-windows-and-macos.md |  59 --
 ...roviders-and-sharing-with-third-parties.md | 105 --
 ...flict-between-lawful-access-and-privacy.md | 117 ---
 ...ed-wi-fi-networks-feature-for-ivpn-apps.md |  30 -
 ...-28-new-pause-vpn-feature-for-ivpn-apps.md |  25 -
 ...1-introducing-wireguard-fully-automated.md |  45 -
 ...18-ivpn-is-now-a-tracking-free-provider.md |  45 -
 ...ing-claim-verified-by-independent-audit.md |  57 --
 ...ata-surveillance-with-ivpns-antitracker.md | 116 ---
 ...-and-privacy-improvements-for-wireguard.md |  55 --
 ...vpn-to-undergo-extensive-security-audit.md |  31 -
 ...ntroducing-a-new-ivpn-subscription-plan.md |  52 -
 ...-12-12-password-less-vpn-authentication.md |  30 -
 ...23-independent-security-audit-concluded.md | 107 --
 ...0-ivpn-applications-are-now-open-source.md |  37 -
 ...for-android-is-now-available-on-f-droid.md |  38 -
 ...mmercial-vpn-to-work-from-home-securely.md |  30 -
 ...2020-04-22-beta-ivpn-linux-app-released.md |  48 -
 ...updating-the-ivpn-certificate-authority.md |  46 -
 ...all-platforms-to-undergo-security-audit.md |  21 -
 ...-15-ivpn-infrastructure-audit-concluded.md |  35 -
 ...6-29-gradual-removal-of-port-forwarding.md |  44 -
 ...me-change-from-privatus-to-ivpn-limited.md |  32 -
 ...ttery-life-apple-silicon-build-ivpn-app.md |  74 --
 ...blocking-controls-with-antitracker-plus.md |  73 --
 ...ommand-line-interface-for-ivpn-released.md |  58 --
 .../device-management-for-better-control.md   |  46 -
 .../dns-over-https-doh-macos-linux-windows.md |  28 -
 ...-two-factor-authentication-to-ivpn-apps.md |  26 -
 ...e-if-they-need-a-vpn-doineedavpn-launch.md |  33 -
 src/content/es/blog/in-support-of-ukraine.md  |  33 -
 ...bout-apple-app-store-rules-for-vpn-apps.md | 103 --
 ...troducing-a-redesigned-ivpn-for-android.md |  42 -
 ...ng-split-tunnelling-to-ivpn-for-windows.md |  26 -
 .../ipv6-over-ipv4-available-for-testing.md   |  23 -
 ...all-platforms-to-undergo-security-audit.md |  23 -
 ...ivpn-apps-security-audit-2022-concluded.md |  43 -
 .../ivpn-apps-security-audit-concluded.md     |  31 -
 .../ivpn-for-ios-now-offers-dns-over-https.md |  35 -
 ...infrastructure-fifth-audit-announcement.md |  30 -
 ...-accepts-monero-payments-runs-full-node.md |  38 -
 .../ivpn-preparing-sixth-security-audit.md    |  31 -
 .../ivpn-sixth-security-audit-concluded.md    |  45 -
 ...pn-tunnelcrack-vulnerability-assessment.md |  70 --
 ...reguard-multi-hop-added-to-ivpn-for-ios.md |  22 -
 .../blog/kill-switch-changes-ivpn-android.md  |  32 -
 ...light-short-term-vpn-paid-btc-lightning.md |  37 -
 ...s-fastest-anonymous-military-grade-vpns.md | 163 ----
 .../new-ivpn-apps-for-macos-and-windows.md    |  54 -
 ...th-bypass-vpn-and-mock-location-options.md |  36 -
 ...w-ivpn-linux-app-with-gui-now-available.md |  48 -
 ...-subscribe-without-providing-your-email.md |  52 -
 ...acy-issue-real-vpns-alone-cant-solve-it.md | 140 ---
 ...sistant-wireguard-connections-ivpn-apps.md |  35 -
 ...revamped-ivpn-app-for-iphones-and-ipads.md |  50 -
 ...-our-ios-app-due-to-apple-ip-leak-issue.md |  37 -
 src/content/es/blog/socks5-proxy.md           |  35 -
 ...new-ivpn-apps-in-our-first-beta-program.md |  57 --
 ...t-but-necessary-privacy-enhancing-tools.md |  55 --
 .../who-owns-your-vpn-you-should-find-out.md  |  54 -
 .../es/blog/why-we-refuse-modern-marketing.md |  57 --
 .../es/blog/why-you-dont-need-a-vpn.md        |  94 --
 .../blog/wireguard-port-forwarding-enabled.md |  31 -
 ...ur-vpn-provider-wont-go-to-jail-for-you.md |  66 --
 .../es/categories/industry-insights/_index.md |   8 -
 src/content/es/categories/ivpn-news/_index.md |   8 -
 .../es/categories/privacy-security/_index.md  |   8 -
 src/content/es/categories/releases/_index.md  |   7 -
 .../es/categories/under-the-hood/_index.md    |   7 -
 src/content/es/pages/account.md               |  11 -
 src/content/es/pages/antitracker.md           |   4 +-
 src/content/es/pages/apps-android.md          |  62 --
 src/content/es/pages/apps-ios.md              |  32 -
 src/content/es/pages/apps-linux-legacy.md     |  97 --
 src/content/es/pages/apps-linux.md            | 266 -----
 src/content/es/pages/apps-macos.md            |  63 --
 src/content/es/pages/apps-windows.md          |  55 --
 src/content/es/pages/apps.md                  |   7 -
 src/content/es/pages/contactus.md             |  20 -
 src/content/es/pages/ethics.md                | 113 ---
 src/content/es/pages/headless.md              |   5 -
 src/content/es/pages/home.md                  |   4 +-
 .../es/pages/knowledgebase/android/_index.md  |   7 -
 .../developer-options-on-the-android-phone.md |  34 -
 .../android/error 424 public key not found.md |  19 -
 .../ivpn-doesnandsharp039t-start-on-boot.md   |  17 -
 .../android/mock-location-option.md           |  35 -
 ...39-on-the-connection-request-prompt-why.md |  19 -
 ...rmissions-does-your-app-require-and-why.md |  23 -
 .../es/pages/knowledgebase/billing/_index.md  |   7 -
 .../billing/does-ivpn-offer-a-free-trial.md   |  14 -
 .../how-can-i-cancel-my-ivpn-subscription.md  |  17 -
 .../how-can-i-delete-my-ivpn-account.md       |  21 -
 .../billing/how-can-i-pay-with-cash.md        |  25 -
 .../how-can-i-reactivate-my-account.md        |  17 -
 ...oin-but-the-invoice-is-still-unpaid-why.md |  17 -
 ...pal-but-my-account-is-still-pending-why.md |  13 -
 ...s-still-in-pendingorsuspended-state-why.md |  17 -
 ...me-pay-with-my-credit-card-can-you-help.md |  15 -
 .../billing/voucher-cards-faq.md              |  49 -
 .../es/pages/knowledgebase/general/_index.md  |   7 -
 ...stions-to-ask-your-vpn-service-provider.md |  62 --
 .../knowledgebase/general/antitracker-faq.md  |  64 --
 .../antitracker-plus-lists-explained.md       |  86 --
 ...tects-malware-in-the-ivpn-installer-why.md |  67 --
 ...lu-or-netflix-or-bbc-iplayer-using-ivpn.md |  28 -
 .../general/command-line-client-faq.md        | 153 ---
 ...configuring-the-ivpn-app-to-autoconnect.md |  29 -
 .../pages/knowledgebase/general/custom-dns.md |  54 -
 .../general/device-management-faq.md          |  70 --
 ...p-or-bittorrent-or-torrents-downloading.md |  13 -
 ...low-smtp-email-whilst-connected-to-ivpn.md |  15 -
 .../do-you-have-advanced-privacy-guides.md    |  15 -
 .../do-you-have-an-affiliate-program.md       |  13 -
 ...you-offer-a-kill-switch-or-vpn-firewall.md |  74 --
 ...-offer-dedicated-or-static-ip-addresses.md |  13 -
 .../general/do-you-offer-ipv6.md              |  15 -
 ...ou-offer-openvpn-wireguard-config-files.md |  15 -
 .../do-you-offer-two-factor-authentication.md |  27 -
 ...oot-servers-during-a-maintenance-window.md |  13 -
 .../general/do-you-support-blackberry.md      |  15 -
 .../general/do-you-support-chromebook.md      |  19 -
 .../general/do-you-support-port-forwarding.md |  31 -
 ...do-you-support-tunnelblick-or-viscosity.md |  19 -
 .../does-ivpn-protect-ssh-connections.md      |  13 -
 .../does-ivpn-support-pfsense-firewall.md     |  15 -
 .../does-ivpn-support-roku-media-players.md   |  15 -
 .../general/does-ivpn-support-synology-nas.md |  13 -
 .../general/does-ivpn-support-windows-10.md   |  15 -
 .../general/does-voip-work-with-ivpn.md       |  15 -
 .../general/firewall-exceptions.md            | 104 --
 ...w-can-i-connect-to-the-multihop-network.md |  67 --
 ...m-or-services-behind-the-vpn-connection.md |  21 -
 ...nd-a-secure-pgp-encrypted-email-to-ivpn.md |  15 -
 ...ltaneous-connections-can-i-have-to-ivpn.md |  19 -
 ...-ips-do-you-have-in-total-or-per-server.md |  13 -
 .../general/how-much-does-ivpn-cost.md        |  15 -
 .../how-to-verify-warrant-canary-signature.md |  35 -
 ...rvers-or-where-are-your-servers-located.md |  13 -
 ...sec-with-a-public-pre-shared-key-secure.md |  25 -
 ...ng-leaked-by-webrtc-how-do-i-disable-it.md |  37 -
 .../general/quantum-resistance-faq.md         |  65 --
 .../quantum-resistant-vpn-connections.md      | 141 ---
 .../general/socks5-proxy-service.md           | 163 ----
 .../knowledgebase/general/split-tunnel-faq.md |  62 --
 .../split-tunnel-uses-and-limitations.md      |  53 -
 .../general/tcp-and-udp-connections.md        |  21 -
 .../using-wireguard-for-privacy-protection.md | 172 ----
 .../general/what-are-tcp-connections.md       |  20 -
 .../general/what-is-a-multihop-vpn-service.md |  15 -
 ...t-encryption-cipher-for-vpn-connections.md |  15 -
 .../general/what-makes-ivpn-so-fast.md        |  25 -
 .../what-payment-methods-do-you-accept.md     |  23 -
 ...-speed-can-i-expect-or-how-fast-is-ivpn.md |  19 -
 .../what-technologies-do-you-use-at-ivpn.md   |  33 -
 .../what-vpn-protocols-do-you-offer.md        |  21 -
 ...wnload-the-vpn-software-for-my-computer.md |  13 -
 ...the-location-of-the-server-not-accurate.md |  15 -
 .../knowledgebase/general/wireguard-faq.md    |  77 --
 .../es/pages/knowledgebase/ios/_index.md      |   7 -
 .../ios/ios-how-to-enable-multihop.md         |  22 -
 ...onfigurations-why-do-i-see-this-message.md |  17 -
 .../native-ios-kill-switch-known-issues.md    |  23 -
 .../es/pages/knowledgebase/ios/v2ray.md       |  48 -
 .../es/pages/knowledgebase/linux/_index.md    |   7 -
 ...-cli-client-for-linux-on-a-raspberry-pi.md |  98 --
 .../knowledgebase/linux/fedora-silverblue.md  |  68 --
 .../knowledgebase/linux/ivpn-on-qubes-os.md   | 158 ---
 ...nux-autostart-openvpn-in-systemd-fedora.md |  75 --
 ...nux-autostart-openvpn-in-systemd-ubuntu.md |  92 --
 .../linux-autostart-wireguard-in-systemd.md   |  50 -
 .../linux/linux-avc-denial-with-selinux.md    |  18 -
 .../linux-cannot-import-ovpn-config-file.md   |  25 -
 ...w-do-i-prevent-vpn-leaks-using-iptables.md | 142 ---
 ...nt-vpn-leaks-using-nftables-and-openvpn.md | 182 ----
 ...ch-using-the-uncomplicated-firewall-ufw.md |  85 --
 ...with-obfsproxy-to-circumvent-censorship.md | 176 ----
 .../linux-tray-icon-is-missing-in-gnome.md    |  20 -
 ...eaks-when-connecting-via-networkmanager.md | 109 ---
 .../linux/linux-wireguard-kill-switch.md      |  57 --
 ...netlink-answers-operation-not-supported.md |  29 -
 ...ng-the-ivpn-linux-client-at-system-boot.md | 142 ---
 .../es/pages/knowledgebase/macos/_index.md    |   7 -
 ...pletely-uninstall-or-remove-tunnelblick.md |  14 -
 ...ivpnapp-is-damaged-and-cannot-be-opened.md |  22 -
 ...system-events-why-do-i-see-this-warning.md |  21 -
 .../macos/macos-disposable-emails.md          |  46 -
 ...d-keys-private-key-generation-error-133.md |  15 -
 ...ninstall-or-remove-the-ivpn-application.md |  20 -
 ...macos-ivpn-helper-agent-is-not-starting.md |  27 -
 .../macos-launch-at-login-is-not-available.md |  17 -
 ...r-agent-portion-of-the-ivpn-app-install.md |  15 -
 ...k-how-do-i-edit-the-openvpn-config-file.md |  16 -
 ...k-how-to-submit-diagnostic-data-to-ivpn.md |  19 -
 ...-opening-utun-no-buffer-space-available.md |  18 -
 ...lick-password-or-authentication-failure.md |  22 -
 ...t-does-not-appear-to-be-reachable-error.md |  18 -
 ...e-to-load-nettunnelblicktap-kexts-error.md |  14 -
 ...elblick-why-is-the-dns-server-incorrect.md |  16 -
 ...cos-version-is-required-for-ivpn-client.md |  15 -
 ...why-is-ivpn-agent-daemon-always-running.md |  28 -
 .../es/pages/knowledgebase/mp/_index.md       |   8 -
 .../connecting-to-ivpn-on-amazon-fire-tv.md   |  36 -
 ...ow-do-i-connect-my-nvidia-shield-device.md |  25 -
 .../how-to-use-ivpn-on-kodi-media-player.md   |  18 -
 .../mp/is-ivpn-compatible-with-appletv.md     |  29 -
 .../pages/knowledgebase/passwords/_index.md   |   7 -
 .../passwords/how-do-i-change-my-password.md  |  18 -
 ...got-my-ivpn-account-id-what-should-i-do.md |  33 -
 .../i-forgot-my-password-what-should-i-do.md  |  20 -
 .../es/pages/knowledgebase/privacy/_index.md  |   7 -
 ...tats-information-relating-to-an-account.md |  14 -
 ...at-could-be-used-to-identify-a-customer.md |  14 -
 ...-ivpn-offer-perfect-forward-secrecy-pfs.md |  16 -
 ...ow-when-iandsharp039m-protected-by-ivpn.md |  16 -
 ...-for-information-relating-to-a-customer.md |  16 -
 ...n-to-compromise-their-customers-privacy.md |  14 -
 ...pyright-material-that-i-have-downloaded.md |  14 -
 ...nd-store-when-i-signup-for-your-service.md |  22 -
 ...ored-about-all-visitors-to-your-website.md |  14 -
 ...s-stored-when-i-stop-using-your-service.md |  20 -
 .../es/pages/knowledgebase/routers/_index.md  |   8 -
 ...do-i-exclude-hosts-or-bypass-vpn-tunnel.md |  64 --
 ...rrors-incoming-plaintext-read-error-etc.md |  20 -
 ...andsharp039-in-my-dd-wrtortomato-router.md |  59 --
 .../knowledgebase/troubleshooting/_index.md   |   7 -
 .../error-connecting-to-ivpn-daemon.md        |  50 -
 .../how-can-i-reset-my-dns-settings.md        |  44 -
 ...ge-the-port-or-protocol-used-to-connect.md |  48 -
 .../how-do-i-clear-or-flush-my-dns-cache.md   |  39 -
 ...connect-to-the-vpn-from-a-remote-server.md |  25 -
 .../how-do-i-use-the-ping-command.md          |  28 -
 .../how-do-i-verify-the-location-of-server.md |  52 -
 ...disable-enhanced-app-authentication-eaa.md |  37 -
 ...w-to-submit-vpn-diagnostic-logs-to-ivpn.md |  81 --
 ...-access-devices-on-my-local-network-why.md |  21 -
 ...nam-or-iran-or-russia-etc-what-can-i-do.md |  76 --
 ...cannot-connect-to-the-vpn-what-can-i-do.md |  29 -
 ...nection-when-i-disconnect-from-ivpn-why.md |  17 -
 ...ailureandsharp039-message-what-can-i-do.md |  18 -
 ...ected-to-vpn-how-to-disable-geolocation.md |  71 --
 ...is-randomly-disconnecting-what-can-i-do.md |  29 -
 ...ed-but-i-cannot-browse-the-internet-why.md |  27 -
 ...is-slow-what-can-i-do-to-make-it-faster.md |  53 -
 .../replay-window-backtrack-occurred-error.md |  15 -
 ...ne-drains-too-fast-while-using-ivpn-why.md |  26 -
 ...able-control-packet-received-how-to-fix.md |  49 -
 ...-negotiation-failed-to-occur-how-to-fix.md |  13 -
 ...t-is-the-ip-address-of-your-dns-servers.md |  91 --
 .../es/pages/knowledgebase/windows/_index.md  |   7 -
 ...indows-10-set-ivpn-dns-servers-manually.md |  38 -
 ...ows-all-tap-win32-adapters-in-use-error.md |  29 -
 ...events-the-installation-of-ivpn-app-why.md |  27 -
 .../windows/windows-dns-cannot-be-resolved.md |  19 -
 ...onfigure-openvpn-to-save-my-credentials.md |  37 -
 ...onfigure-openvpn-to-start-automatically.md |  40 -
 ...nandsharp039t-change-when-connected-why.md |  25 -
 ...-warning-route-gateway-is-not-reachable.md |  41 -
 .../es/pages/legal-process-guidelines.md      |  53 -
 src/content/es/pages/light.md                 |   6 -
 src/content/es/pages/manifesto.md             |  38 -
 src/content/es/pages/openvpn-configuration.md |   5 -
 ...-vs-ipsec-ikev2-vs-openvpn-vs-wireguard.md | 384 --------
 src/content/es/pages/pricing-teams.md         | 109 ---
 src/content/es/pages/pricing.md               |   6 -
 ...stions-to-ask-your-vpn-service-provider.md | 162 ---
 src/content/es/pages/privacy-guides/_index.md |   6 -
 .../advanced-privacy-and-anonymity-part-1.md  | 217 -----
 .../advanced-privacy-and-anonymity-part-2.md  | 183 ----
 .../advanced-privacy-and-anonymity-part-3.md  | 199 ----
 .../advanced-privacy-and-anonymity-part-4.md  | 369 -------
 .../advanced-privacy-and-anonymity-part-5.md  | 105 --
 .../advanced-privacy-and-anonymity-part-6.md  | 456 ---------
 .../advanced-privacy-and-anonymity-part-7.md  | 153 ---
 .../advanced-privacy-and-anonymity-part-8.md  | 215 ----
 ...saries-and-anonymity-systems-the-basics.md | 128 ---
 .../an-introduction-to-privacy-anonymity.md   |  53 -
 .../an-introduction-to-tor-vs-i2p.md          |  48 -
 .../applying-risk-management-to-privacy.md    |  83 --
 ...pns-centralized-vpns-privacy-protection.md | 130 ---
 ...-vm-within-a-hidden-truecrypt-partition.md | 122 ---
 .../how-to-perform-a-vpn-leak-test.md         | 152 ---
 ...-physical-locations-of-internet-servers.md | 922 ------------------
 .../isp-netflow-surveillance-and-vpn.md       | 122 ---
 .../es/pages/privacy-guides/mac-address.md    | 147 ---
 .../onion-ssh-hosts-for-login-chaining.md     | 163 ----
 ...h-opsec-and-compartmentalization-part-1.md |  85 --
 ...h-opsec-and-compartmentalization-part-2.md | 179 ----
 ...h-opsec-and-compartmentalization-part-3.md | 199 ----
 ...h-opsec-and-compartmentalization-part-4.md | 291 ------
 .../raspberry-pi-2-ivpn-gateway.md            | 544 -----------
 .../privacy-guides/vpn-latency-explained.md   | 180 ----
 .../es/pages/privacy-guides/vpn-vs-tor.md     | 213 ----
 .../es/pages/privacy-guides/what-is-a-vpn.md  | 195 ----
 .../why-use-tor-with-a-vpn-service.md         |  46 -
 .../privacy-guides/will-a-vpn-protect-me.md   | 114 ---
 src/content/es/pages/privacy-policy.md        | 224 -----
 src/content/es/pages/refunds.md               |  49 -
 src/content/es/pages/report-vulnerability.md  |  17 -
 src/content/es/pages/servers.md               |   5 -
 .../pages/setup/android-ipsec-with-ikev2.md   |  26 -
 .../setup/android-openvpn-for-android.md      |  53 -
 .../es/pages/setup/android-wireguard.md       |  26 -
 src/content/es/pages/setup/ios-ipsec-ikev2.md |  29 -
 .../es/pages/setup/ios-openvpn-connect.md     |  43 -
 src/content/es/pages/setup/ios-wireguard.md   |  26 -
 .../es/pages/setup/linux-ipsec-with-ikev2.md  |  44 -
 src/content/es/pages/setup/linux-netman.md    |  51 -
 src/content/es/pages/setup/linux-terminal.md  | 165 ----
 .../es/pages/setup/linux-wireguard-netman.md  | 100 --
 src/content/es/pages/setup/linux-wireguard.md | 160 ---
 .../es/pages/setup/macos-ipsec-with-ikev2.md  |  41 -
 .../pages/setup/macos-openvpn-tunnelblick.md  |  27 -
 src/content/es/pages/setup/macos-wireguard.md |  24 -
 src/content/es/pages/setup/nas/_index.md      |   8 -
 src/content/es/pages/setup/nas/qnap.md        |  72 --
 src/content/es/pages/setup/nas/synology-6.md  |  50 -
 src/content/es/pages/setup/router/_index.md   |  20 -
 .../setup/router/asuswrt-merlin-openvpn.md    |  42 -
 .../setup/router/asuswrt-merlin-wireguard.md  |  53 -
 .../es/pages/setup/router/asuswrt-openvpn.md  |  56 --
 .../pages/setup/router/asuswrt-wireguard.md   |  46 -
 .../es/pages/setup/router/ddwrt-auto.md       |  26 -
 .../es/pages/setup/router/ddwrt-manual.md     | 112 ---
 .../es/pages/setup/router/ddwrt-wireguard.md  |  89 --
 src/content/es/pages/setup/router/ddwrt.md    |  25 -
 .../setup/router/openwrt-wireguard-legacy.md  | 129 ---
 .../pages/setup/router/openwrt-wireguard.md   |  87 --
 src/content/es/pages/setup/router/openwrt.md  | 108 --
 .../router/opnsense-openvpn-instances.md      |  93 --
 .../es/pages/setup/router/opnsense-openvpn.md |  93 --
 .../pages/setup/router/opnsense-wireguard.md  |  92 --
 src/content/es/pages/setup/router/opnsense.md |  90 --
 .../pages/setup/router/pfsense-wireguard.md   | 206 ----
 src/content/es/pages/setup/router/pfsense.md  | 164 ----
 .../es/pages/setup/router/tomato-manual.md    | 106 --
 .../setup/windows-10-ipsec-with-ikev2.md      |  90 --
 .../setup/windows-10-openvpn-community.md     |  33 -
 .../es/pages/setup/windows-10-wireguard.md    |  24 -
 .../setup/windows-8-openvpn-community.md      |  33 -
 src/content/es/pages/supported-projects.md    |  32 -
 src/content/es/pages/supportua-ru.md          |  22 -
 src/content/es/pages/supportua.md             |  22 -
 src/content/es/pages/team.md                  |   4 +-
 src/content/es/pages/terms-of-service.md      |  63 --
 src/content/es/pages/test.md                  |   6 -
 src/content/es/pages/thank-you-light.md       |   6 -
 src/content/es/pages/transparency-report.md   |   4 +-
 src/content/es/pages/trust.md                 |  75 --
 src/content/es/pages/what-is-vpn.md           |   4 +-
 src/content/es/pages/wireguard-vpn.md         |  85 --
 .../ivpn-v3/layouts/partials/footer.html      |   2 +-
 467 files changed, 42 insertions(+), 26374 deletions(-)
 delete mode 100644 src/content/es/authors/alexandr-stelnykovych/_index.md
 delete mode 100644 src/content/es/authors/iain-douglas/_index.md
 delete mode 100644 src/content/es/authors/juraj-hilje/_index.md
 delete mode 100644 src/content/es/authors/mirimir/_index.md
 delete mode 100644 src/content/es/authors/nick-pestell/_index.md
 delete mode 100644 src/content/es/authors/viktor-vecsei/_index.md
 delete mode 100644 src/content/es/blog/2010-08-08-the-importance-of-privacy.md
 delete mode 100644 src/content/es/blog/2010-09-22-the-right-to-privacy.md
 delete mode 100644 src/content/es/blog/2011-04-13-new-zealand-about-to-push-through-controversial-three-strikes-law.md
 delete mode 100644 src/content/es/blog/2011-06-27-fbi-gives-agents-ok-to-invade-privacy.md
 delete mode 100644 src/content/es/blog/2012-01-26-could-you-be-prosecuted-under-a-foreign-countrys-online-content-laws.md
 delete mode 100644 src/content/es/blog/2012-02-01-government-bills-spy-on-individual-surfing-habits.md
 delete mode 100644 src/content/es/blog/2012-02-04-the-fbi-wants-to-criminalise-online-privacy.md
 delete mode 100644 src/content/es/blog/2012-02-11-europeans-rage-against-acta.md
 delete mode 100644 src/content/es/blog/2012-02-19-canadians-face-police-attack-on-online-privacy.md
 delete mode 100644 src/content/es/blog/2012-02-19-google-caught-spying-on-safari-users.md
 delete mode 100644 src/content/es/blog/2012-02-26-iranians-face-halal-internet.md
 delete mode 100644 src/content/es/blog/2012-03-03-ireland-passes-sopa-law.md
 delete mode 100644 src/content/es/blog/2012-03-09-uk-isps-forced-to-spy-on-customers.md
 delete mode 100644 src/content/es/blog/2012-03-15-internet-privacy-concerns-rise-as-debate-rages-over-ad-tracking-regulation.md
 delete mode 100644 src/content/es/blog/2012-03-26-top-five-ways-to-protect-your-online-privacy.md
 delete mode 100644 src/content/es/blog/2012-04-02-can-duckduckgo-kill-google.md
 delete mode 100644 src/content/es/blog/2012-04-06-uk-online-spying-law-how-to-resist.md
 delete mode 100644 src/content/es/blog/2012-04-14-cispa-more-of-a-threat-to-online-privacy-than-sopa.md
 delete mode 100644 src/content/es/blog/2012-04-24-a-quick-guide-to-current-online-privacy-threats.md
 delete mode 100644 src/content/es/blog/2012-04-27-cispa-danger-esclates-as-bill-receives-approval.md
 delete mode 100644 src/content/es/blog/2012-05-07-americas-most-dangerous-anti-online-privacy-politicians.md
 delete mode 100644 src/content/es/blog/2012-05-16-when-it-comes-to-online-privacy-the-uk-is-already-screwed.md
 delete mode 100644 src/content/es/blog/2012-05-26-nations-or-corporations-who-poses-the-biggest-threat-to-online-privacy.md
 delete mode 100644 src/content/es/blog/2012-06-08-when-law-enforcement-knocks-on-a-vpns-door-what-happens.md
 delete mode 100644 src/content/es/blog/2012-06-19-the-uks-political-parties-dont-care-about-online-privacy.md
 delete mode 100644 src/content/es/blog/2012-06-27-governments-and-online-privacy-who-are-the-worst-offenders.md
 delete mode 100644 src/content/es/blog/2012-07-02-status-update-current-threats-to-online-privacy.md
 delete mode 100644 src/content/es/blog/2012-07-12-acta-and-sopa-back-from-the-dead.md
 delete mode 100644 src/content/es/blog/2012-07-18-top-five-worst-online-privacy-breaches.md
 delete mode 100644 src/content/es/blog/2012-07-25-protecting-your-online-privacy-on-a-smartphone.md
 delete mode 100644 src/content/es/blog/2012-08-02-australia-prepares-for-new-online-privacy-fight.md
 delete mode 100644 src/content/es/blog/2012-08-08-germany-the-biggest-defender-of-online-privacy.md
 delete mode 100644 src/content/es/blog/2012-08-17-google-can-never-be-trusted-to-protect-your-privacy.md
 delete mode 100644 src/content/es/blog/2012-08-24-android-is-a-trojan-horse-just-follow-the-money.md
 delete mode 100644 src/content/es/blog/2012-08-29-trans-pacific-partnership-sopa-through-the-back-door.md
 delete mode 100644 src/content/es/blog/2012-09-04-only-three-days-left-to-protest-uk-porn-filter.md
 delete mode 100644 src/content/es/blog/2012-09-12-congress-to-vote-on-secret-spying-act-today.md
 delete mode 100644 src/content/es/blog/2012-09-22-the-internet-association-a-rogues-gallery-of-online-privacy-violators.md
 delete mode 100644 src/content/es/blog/2012-09-29-will-privacy-concerns-limit-facebooks-growth.md
 delete mode 100644 src/content/es/blog/2012-10-05-australian-data-retention-debate-heats-up.md
 delete mode 100644 src/content/es/blog/2012-10-13-top-5-online-privacy-misconceptions.md
 delete mode 100644 src/content/es/blog/2012-10-18-google-under-pressure-to-change-privacy-policy.md
 delete mode 100644 src/content/es/blog/2012-10-28-top-five-free-online-privacy-tools.md
 delete mode 100644 src/content/es/blog/2012-11-03-71-of-brits-dont-trust-governments-new-cyber-security-bill.md
 delete mode 100644 src/content/es/blog/2012-11-09-want-to-know-how-much-your-personal-data-is-really-worth.md
 delete mode 100644 src/content/es/blog/2012-11-19-uk-online-communications-crackdown-a-brief-round-up.md
 delete mode 100644 src/content/es/blog/2012-11-25-europeans-more-concerned-about-online-privacy-than-canadians.md
 delete mode 100644 src/content/es/blog/2012-12-03-oppose-the-uks-spying-bill-youre-siding-with-paedophiles.md
 delete mode 100644 src/content/es/blog/2012-12-07-uk-public-data-under-threat-from-us-patriot-act.md
 delete mode 100644 src/content/es/blog/2012-12-13-160-million-people-affected-by-data-breaches-in-2012.md
 delete mode 100644 src/content/es/blog/2012-12-20-us-boosts-child-online-privacy-law-but-facebook-gets-off-the-hook.md
 delete mode 100644 src/content/es/blog/2012-12-26-top-5-online-privacy-trends-in-2013.md
 delete mode 100644 src/content/es/blog/2013-01-21-the-uks-top-5-anti-online-privacy-politicans.md
 delete mode 100644 src/content/es/blog/2013-02-08-the-five-biggest-threats-to-global-online-privacy.md
 delete mode 100644 src/content/es/blog/2013-04-01-european-parliament-eu-surveillance-programmes-are-incompatible-with-the-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md
 delete mode 100644 src/content/es/blog/2013-04-01-top-five-defenders-of-online-privacy.md
 delete mode 100644 src/content/es/blog/2013-04-14-facebook-vs-google-the-loser-is-your-privacy.md
 delete mode 100644 src/content/es/blog/2013-04-18-is-cispa-a-threat-to-vpn-users.md
 delete mode 100644 src/content/es/blog/2013-05-08-apple-vs-google-who-better-protects-your-privacy.md
 delete mode 100644 src/content/es/blog/2013-05-17-the-online-privacy-debate-understanding-the-basics.md
 delete mode 100644 src/content/es/blog/2013-05-29-introducing-ivpns-new-privacy-guides.md
 delete mode 100644 src/content/es/blog/2013-06-06-vpn-privacy-policies-decoded-hide-my-ass.md
 delete mode 100644 src/content/es/blog/2013-06-06-vpn-privacy-policies-decoded.md
 delete mode 100644 src/content/es/blog/2013-06-07-prism-the-us-government-is-attacking-the-entire-global-online-community.md
 delete mode 100644 src/content/es/blog/2013-06-14-vpn-privacy-policies-decoded-strongvpn.md
 delete mode 100644 src/content/es/blog/2013-06-21-vpn-privacy-policies-decoded-airvpn.md
 delete mode 100644 src/content/es/blog/2013-06-28-vpn-privacy-policies-decoded-witopia.md
 delete mode 100644 src/content/es/blog/2013-07-07-global-privacy-poll-germans-least-concerned-about-online-privacy.md
 delete mode 100644 src/content/es/blog/2013-07-19-uk-gov-publishes-whitewash-investigation-into-prism.md
 delete mode 100644 src/content/es/blog/2013-07-28-vpn-privacy-policies-decoded-boxpn.md
 delete mode 100644 src/content/es/blog/2013-08-20-prism-is-the-biggest-influence-on-vpn-sign-ups.md
 delete mode 100644 src/content/es/blog/2013-09-18-the-onion-router-under-fire.md
 delete mode 100644 src/content/es/blog/2013-09-28-top-five-threats-to-online-privacy-2013.md
 delete mode 100644 src/content/es/blog/2013-10-23-vpn-privacy-policies-decoded-vyprvpn.md
 delete mode 100644 src/content/es/blog/2013-11-07-ivpn-launches-new-privacy-guides.md
 delete mode 100644 src/content/es/blog/2013-11-15-european-parliament-eu-surveillance-programmes-are-incompatible-with-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md
 delete mode 100644 src/content/es/blog/2013-11-21-new-windows-vpn-client.md
 delete mode 100644 src/content/es/blog/2013-11-30-five-reasons-uk-politicians-hate-internet.md
 delete mode 100644 src/content/es/blog/2013-12-15-will-europeans-really-set-free-data-retention.md
 delete mode 100644 src/content/es/blog/2013-12-24-concerned-online-privacy-heres-five-us-politicians-keep-eye-2014.md
 delete mode 100644 src/content/es/blog/2013-12-30-will-us-government-try-ban-vpns-2014.md
 delete mode 100644 src/content/es/blog/2014-01-14-dont-expect-googles-conscious-home-to-keep-things-private.md
 delete mode 100644 src/content/es/blog/2014-01-28-individuals-responsible-online-privacy-governments-says-survey.md
 delete mode 100644 src/content/es/blog/2014-04-10-heartbleed-passwords-change.md
 delete mode 100644 src/content/es/blog/2014-06-18-quick-guide-fcc-corruption-infographic.md
 delete mode 100644 src/content/es/blog/2014-07-15-uk-citizens-care-online-privacy-24-hours-two-simple-things.md
 delete mode 100644 src/content/es/blog/2014-08-18-internet-censorship-around-the-world.md
 delete mode 100644 src/content/es/blog/2014-09-09-americas-worst-anti-online-privacy-politicians.md
 delete mode 100644 src/content/es/blog/2015-01-27-new-ivpn-client-v2-0-windows.md
 delete mode 100644 src/content/es/blog/2015-05-26-scheduled-server-maintenance-june-2015.md
 delete mode 100644 src/content/es/blog/2015-08-26-20-faster-windows-10-less-secure.md
 delete mode 100644 src/content/es/blog/2015-10-28-port-forwarding-reservations-now-available.md
 delete mode 100644 src/content/es/blog/2015-11-26-introducing-the-ivpn-client-v2-4-for-windows-osx.md
 delete mode 100644 src/content/es/blog/2015-11-26-multihop-v2-network-now-available.md
 delete mode 100644 src/content/es/blog/2016-01-21-should-gibraltar-be-classified-as-a-member-of-the-five-eyes-alliance.md
 delete mode 100644 src/content/es/blog/2016-09-23-closed-affiliate-program.md
 delete mode 100644 src/content/es/blog/2017-03-15-new-ivpn-app-ios.md
 delete mode 100644 src/content/es/blog/2017-07-14-are-anti-malware-products-uploading-your-private-data.md
 delete mode 100644 src/content/es/blog/2018-02-13-updated-desktop-apps-for-windows-and-macos.md
 delete mode 100644 src/content/es/blog/2018-03-15-collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties.md
 delete mode 100644 src/content/es/blog/2018-04-19-you-cant-always-get-what-you-want-the-eternal-conflict-between-lawful-access-and-privacy.md
 delete mode 100644 src/content/es/blog/2018-07-23-new-trusted-wi-fi-networks-feature-for-ivpn-apps.md
 delete mode 100644 src/content/es/blog/2018-08-28-new-pause-vpn-feature-for-ivpn-apps.md
 delete mode 100644 src/content/es/blog/2018-12-11-introducing-wireguard-fully-automated.md
 delete mode 100644 src/content/es/blog/2019-02-18-ivpn-is-now-a-tracking-free-provider.md
 delete mode 100644 src/content/es/blog/2019-03-21-ivpn-no-logging-claim-verified-by-independent-audit.md
 delete mode 100644 src/content/es/blog/2019-06-11-block-ads-and-beat-data-surveillance-with-ivpns-antitracker.md
 delete mode 100644 src/content/es/blog/2019-07-11-windows-support-and-privacy-improvements-for-wireguard.md
 delete mode 100644 src/content/es/blog/2019-10-09-ivpn-to-undergo-extensive-security-audit.md
 delete mode 100644 src/content/es/blog/2019-11-29-introducing-a-new-ivpn-subscription-plan.md
 delete mode 100644 src/content/es/blog/2019-12-12-password-less-vpn-authentication.md
 delete mode 100644 src/content/es/blog/2020-01-23-independent-security-audit-concluded.md
 delete mode 100644 src/content/es/blog/2020-02-10-ivpn-applications-are-now-open-source.md
 delete mode 100644 src/content/es/blog/2020-04-06-ivpn-for-android-is-now-available-on-f-droid.md
 delete mode 100644 src/content/es/blog/2020-04-07-most-people-dont-need-a-commercial-vpn-to-work-from-home-securely.md
 delete mode 100644 src/content/es/blog/2020-04-22-beta-ivpn-linux-app-released.md
 delete mode 100644 src/content/es/blog/2020-04-22-updating-the-ivpn-certificate-authority.md
 delete mode 100644 src/content/es/blog/2022-01-31-ivpn-apps-on-all-platforms-to-undergo-security-audit.md
 delete mode 100644 src/content/es/blog/2023-03-15-ivpn-infrastructure-audit-concluded.md
 delete mode 100644 src/content/es/blog/2023-06-29-gradual-removal-of-port-forwarding.md
 delete mode 100644 src/content/es/blog/2023-08-10-name-change-from-privatus-to-ivpn-limited.md
 delete mode 100644 src/content/es/blog/battery-life-apple-silicon-build-ivpn-app.md
 delete mode 100644 src/content/es/blog/better-tracker-blocking-controls-with-antitracker-plus.md
 delete mode 100644 src/content/es/blog/command-line-interface-for-ivpn-released.md
 delete mode 100644 src/content/es/blog/device-management-for-better-control.md
 delete mode 100644 src/content/es/blog/dns-over-https-doh-macos-linux-windows.md
 delete mode 100644 src/content/es/blog/extending-two-factor-authentication-to-ivpn-apps.md
 delete mode 100644 src/content/es/blog/helping-people-decide-if-they-need-a-vpn-doineedavpn-launch.md
 delete mode 100644 src/content/es/blog/in-support-of-ukraine.md
 delete mode 100644 src/content/es/blog/insights-about-apple-app-store-rules-for-vpn-apps.md
 delete mode 100644 src/content/es/blog/introducing-a-redesigned-ivpn-for-android.md
 delete mode 100644 src/content/es/blog/introducing-split-tunnelling-to-ivpn-for-windows.md
 delete mode 100644 src/content/es/blog/ipv6-over-ipv4-available-for-testing.md
 delete mode 100644 src/content/es/blog/ivpn-apps-on-all-platforms-to-undergo-security-audit.md
 delete mode 100644 src/content/es/blog/ivpn-apps-security-audit-2022-concluded.md
 delete mode 100644 src/content/es/blog/ivpn-apps-security-audit-concluded.md
 delete mode 100644 src/content/es/blog/ivpn-for-ios-now-offers-dns-over-https.md
 delete mode 100644 src/content/es/blog/ivpn-infrastructure-fifth-audit-announcement.md
 delete mode 100644 src/content/es/blog/ivpn-now-accepts-monero-payments-runs-full-node.md
 delete mode 100644 src/content/es/blog/ivpn-preparing-sixth-security-audit.md
 delete mode 100644 src/content/es/blog/ivpn-sixth-security-audit-concluded.md
 delete mode 100644 src/content/es/blog/ivpn-tunnelcrack-vulnerability-assessment.md
 delete mode 100644 src/content/es/blog/kill-switch-and-wireguard-multi-hop-added-to-ivpn-for-ios.md
 delete mode 100644 src/content/es/blog/kill-switch-changes-ivpn-android.md
 delete mode 100644 src/content/es/blog/launch-ivpn-light-short-term-vpn-paid-btc-lightning.md
 delete mode 100644 src/content/es/blog/misleading-promises-of-the-worlds-fastest-anonymous-military-grade-vpns.md
 delete mode 100644 src/content/es/blog/new-ivpn-apps-for-macos-and-windows.md
 delete mode 100644 src/content/es/blog/new-ivpn-for-android-version-v2.4.0-with-bypass-vpn-and-mock-location-options.md
 delete mode 100644 src/content/es/blog/new-ivpn-linux-app-with-gui-now-available.md
 delete mode 100644 src/content/es/blog/new-open-source-ivpn-website-subscribe-without-providing-your-email.md
 delete mode 100644 src/content/es/blog/privacy-issue-real-vpns-alone-cant-solve-it.md
 delete mode 100644 src/content/es/blog/quantum-resistant-wireguard-connections-ivpn-apps.md
 delete mode 100644 src/content/es/blog/release-of-revamped-ivpn-app-for-iphones-and-ipads.md
 delete mode 100644 src/content/es/blog/removal-of-kill-switch-from-our-ios-app-due-to-apple-ip-leak-issue.md
 delete mode 100644 src/content/es/blog/socks5-proxy.md
 delete mode 100644 src/content/es/blog/test-the-new-ivpn-apps-in-our-first-beta-program.md
 delete mode 100644 src/content/es/blog/vpns-are-imperfect-but-necessary-privacy-enhancing-tools.md
 delete mode 100644 src/content/es/blog/who-owns-your-vpn-you-should-find-out.md
 delete mode 100644 src/content/es/blog/why-we-refuse-modern-marketing.md
 delete mode 100644 src/content/es/blog/why-you-dont-need-a-vpn.md
 delete mode 100644 src/content/es/blog/wireguard-port-forwarding-enabled.md
 delete mode 100644 src/content/es/blog/your-vpn-provider-wont-go-to-jail-for-you.md
 delete mode 100644 src/content/es/categories/industry-insights/_index.md
 delete mode 100644 src/content/es/categories/ivpn-news/_index.md
 delete mode 100644 src/content/es/categories/privacy-security/_index.md
 delete mode 100644 src/content/es/categories/releases/_index.md
 delete mode 100644 src/content/es/categories/under-the-hood/_index.md
 delete mode 100644 src/content/es/pages/account.md
 delete mode 100644 src/content/es/pages/apps-android.md
 delete mode 100644 src/content/es/pages/apps-ios.md
 delete mode 100644 src/content/es/pages/apps-linux-legacy.md
 delete mode 100644 src/content/es/pages/apps-linux.md
 delete mode 100644 src/content/es/pages/apps-macos.md
 delete mode 100644 src/content/es/pages/apps-windows.md
 delete mode 100644 src/content/es/pages/apps.md
 delete mode 100644 src/content/es/pages/contactus.md
 delete mode 100644 src/content/es/pages/ethics.md
 delete mode 100644 src/content/es/pages/headless.md
 delete mode 100644 src/content/es/pages/knowledgebase/android/_index.md
 delete mode 100644 src/content/es/pages/knowledgebase/android/developer-options-on-the-android-phone.md
 delete mode 100644 src/content/es/pages/knowledgebase/android/error 424 public key not found.md
 delete mode 100644 src/content/es/pages/knowledgebase/android/ivpn-doesnandsharp039t-start-on-boot.md
 delete mode 100644 src/content/es/pages/knowledgebase/android/mock-location-option.md
 delete mode 100644 src/content/es/pages/knowledgebase/android/unable-to-click-andsharp039okandsharp039-on-the-connection-request-prompt-why.md
 delete mode 100644 src/content/es/pages/knowledgebase/android/what-permissions-does-your-app-require-and-why.md
 delete mode 100644 src/content/es/pages/knowledgebase/billing/_index.md
 delete mode 100644 src/content/es/pages/knowledgebase/billing/does-ivpn-offer-a-free-trial.md
 delete mode 100644 src/content/es/pages/knowledgebase/billing/how-can-i-cancel-my-ivpn-subscription.md
 delete mode 100644 src/content/es/pages/knowledgebase/billing/how-can-i-delete-my-ivpn-account.md
 delete mode 100644 src/content/es/pages/knowledgebase/billing/how-can-i-pay-with-cash.md
 delete mode 100644 src/content/es/pages/knowledgebase/billing/how-can-i-reactivate-my-account.md
 delete mode 100644 src/content/es/pages/knowledgebase/billing/i-paid-with-bitcoin-but-the-invoice-is-still-unpaid-why.md
 delete mode 100644 src/content/es/pages/knowledgebase/billing/i-paid-with-paypal-but-my-account-is-still-pending-why.md
 delete mode 100644 src/content/es/pages/knowledgebase/billing/paid-with-paypal-using-echeck-but-ivpn-account-is-still-in-pendingorsuspended-state-why.md
 delete mode 100644 src/content/es/pages/knowledgebase/billing/paypal-wonandsharp039t-let-me-pay-with-my-credit-card-can-you-help.md
 delete mode 100644 src/content/es/pages/knowledgebase/billing/voucher-cards-faq.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/_index.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/answers-for-18-questions-to-ask-your-vpn-service-provider.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/antitracker-faq.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/antitracker-plus-lists-explained.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/antivirus-detects-malware-in-the-ivpn-installer-why.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/can-i-access-hulu-or-netflix-or-bbc-iplayer-using-ivpn.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/command-line-client-faq.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/configuring-the-ivpn-app-to-autoconnect.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/custom-dns.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/device-management-faq.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/do-you-allow-p2p-or-bittorrent-or-torrents-downloading.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/do-you-allow-smtp-email-whilst-connected-to-ivpn.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/do-you-have-advanced-privacy-guides.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/do-you-have-an-affiliate-program.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/do-you-offer-dedicated-or-static-ip-addresses.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/do-you-offer-ipv6.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/do-you-offer-openvpn-wireguard-config-files.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/do-you-offer-two-factor-authentication.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/do-you-reboot-servers-during-a-maintenance-window.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/do-you-support-blackberry.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/do-you-support-chromebook.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/do-you-support-port-forwarding.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/do-you-support-tunnelblick-or-viscosity.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/does-ivpn-protect-ssh-connections.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/does-ivpn-support-pfsense-firewall.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/does-ivpn-support-roku-media-players.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/does-ivpn-support-synology-nas.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/does-ivpn-support-windows-10.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/does-voip-work-with-ivpn.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/firewall-exceptions.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/how-can-i-connect-to-the-multihop-network.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/how-do-i-remotely-connect-to-my-home-system-or-services-behind-the-vpn-connection.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/how-do-i-send-a-secure-pgp-encrypted-email-to-ivpn.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/how-many-devices-or-simultaneous-connections-can-i-have-to-ivpn.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/how-many-ips-do-you-have-in-total-or-per-server.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/how-much-does-ivpn-cost.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/how-to-verify-warrant-canary-signature.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/in-which-countries-do-you-have-servers-or-where-are-your-servers-located.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/is-using-l2tporipsec-with-a-public-pre-shared-key-secure.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/my-ip-is-being-leaked-by-webrtc-how-do-i-disable-it.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/quantum-resistance-faq.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/quantum-resistant-vpn-connections.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/socks5-proxy-service.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/split-tunnel-faq.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/split-tunnel-uses-and-limitations.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/tcp-and-udp-connections.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/using-wireguard-for-privacy-protection.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/what-are-tcp-connections.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/what-is-a-multihop-vpn-service.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/what-is-the-default-encryption-cipher-for-vpn-connections.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/what-makes-ivpn-so-fast.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/what-payment-methods-do-you-accept.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/what-speed-can-i-expect-or-how-fast-is-ivpn.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/what-technologies-do-you-use-at-ivpn.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/what-vpn-protocols-do-you-offer.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/where-can-i-download-the-vpn-software-for-my-computer.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/why-is-the-location-of-the-server-not-accurate.md
 delete mode 100644 src/content/es/pages/knowledgebase/general/wireguard-faq.md
 delete mode 100644 src/content/es/pages/knowledgebase/ios/_index.md
 delete mode 100644 src/content/es/pages/knowledgebase/ios/ios-how-to-enable-multihop.md
 delete mode 100644 src/content/es/pages/knowledgebase/ios/ivpn-would-like-to-add-vpn-configurations-why-do-i-see-this-message.md
 delete mode 100644 src/content/es/pages/knowledgebase/ios/native-ios-kill-switch-known-issues.md
 delete mode 100644 src/content/es/pages/knowledgebase/ios/v2ray.md
 delete mode 100644 src/content/es/pages/knowledgebase/linux/_index.md
 delete mode 100644 src/content/es/pages/knowledgebase/linux/building-the-ivpn-cli-client-for-linux-on-a-raspberry-pi.md
 delete mode 100644 src/content/es/pages/knowledgebase/linux/fedora-silverblue.md
 delete mode 100644 src/content/es/pages/knowledgebase/linux/ivpn-on-qubes-os.md
 delete mode 100644 src/content/es/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-fedora.md
 delete mode 100644 src/content/es/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-ubuntu.md
 delete mode 100644 src/content/es/pages/knowledgebase/linux/linux-autostart-wireguard-in-systemd.md
 delete mode 100644 src/content/es/pages/knowledgebase/linux/linux-avc-denial-with-selinux.md
 delete mode 100644 src/content/es/pages/knowledgebase/linux/linux-cannot-import-ovpn-config-file.md
 delete mode 100644 src/content/es/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables.md
 delete mode 100644 src/content/es/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-nftables-and-openvpn.md
 delete mode 100644 src/content/es/pages/knowledgebase/linux/linux-kill-switch-using-the-uncomplicated-firewall-ufw.md
 delete mode 100644 src/content/es/pages/knowledgebase/linux/linux-obfs3-and-obfs4-obfuscation-with-obfsproxy-to-circumvent-censorship.md
 delete mode 100644 src/content/es/pages/knowledgebase/linux/linux-tray-icon-is-missing-in-gnome.md
 delete mode 100644 src/content/es/pages/knowledgebase/linux/linux-webpages-do-not-load-or-dns-leaks-when-connecting-via-networkmanager.md
 delete mode 100644 src/content/es/pages/knowledgebase/linux/linux-wireguard-kill-switch.md
 delete mode 100644 src/content/es/pages/knowledgebase/linux/linux-wireguard-rtnetlink-answers-operation-not-supported.md
 delete mode 100644 src/content/es/pages/knowledgebase/linux/managing-the-ivpn-linux-client-at-system-boot.md
 delete mode 100644 src/content/es/pages/knowledgebase/macos/_index.md
 delete mode 100644 src/content/es/pages/knowledgebase/macos/how-do-i-completely-uninstall-or-remove-tunnelblick.md
 delete mode 100644 src/content/es/pages/knowledgebase/macos/how-to-resolve-error-ivpnapp-is-damaged-and-cannot-be-opened.md
 delete mode 100644 src/content/es/pages/knowledgebase/macos/ivpnapp-wants-to-control-system-events-why-do-i-see-this-warning.md
 delete mode 100644 src/content/es/pages/knowledgebase/macos/macos-disposable-emails.md
 delete mode 100644 src/content/es/pages/knowledgebase/macos/macos-failed-to-regenerate-wireguard-keys-private-key-generation-error-133.md
 delete mode 100644 src/content/es/pages/knowledgebase/macos/macos-how-do-i-completely-uninstall-or-remove-the-ivpn-application.md
 delete mode 100644 src/content/es/pages/knowledgebase/macos/macos-ivpn-helper-agent-is-not-starting.md
 delete mode 100644 src/content/es/pages/knowledgebase/macos/macos-launch-at-login-is-not-available.md
 delete mode 100644 src/content/es/pages/knowledgebase/macos/macos-what-credentials-are-required-for-the-helper-agent-portion-of-the-ivpn-app-install.md
 delete mode 100644 src/content/es/pages/knowledgebase/macos/tunnelblick-how-do-i-edit-the-openvpn-config-file.md
 delete mode 100644 src/content/es/pages/knowledgebase/macos/tunnelblick-how-to-submit-diagnostic-data-to-ivpn.md
 delete mode 100644 src/content/es/pages/knowledgebase/macos/tunnelblick-opening-utun-no-buffer-space-available.md
 delete mode 100644 src/content/es/pages/knowledgebase/macos/tunnelblick-password-or-authentication-failure.md
 delete mode 100644 src/content/es/pages/knowledgebase/macos/tunnelblick-the-internet-does-not-appear-to-be-reachable-error.md
 delete mode 100644 src/content/es/pages/knowledgebase/macos/tunnelblick-unable-to-load-nettunnelblicktap-kexts-error.md
 delete mode 100644 src/content/es/pages/knowledgebase/macos/tunnelblick-why-is-the-dns-server-incorrect.md
 delete mode 100644 src/content/es/pages/knowledgebase/macos/what-macos-version-is-required-for-ivpn-client.md
 delete mode 100644 src/content/es/pages/knowledgebase/macos/why-is-ivpn-agent-daemon-always-running.md
 delete mode 100644 src/content/es/pages/knowledgebase/mp/_index.md
 delete mode 100644 src/content/es/pages/knowledgebase/mp/connecting-to-ivpn-on-amazon-fire-tv.md
 delete mode 100644 src/content/es/pages/knowledgebase/mp/how-do-i-connect-my-nvidia-shield-device.md
 delete mode 100644 src/content/es/pages/knowledgebase/mp/how-to-use-ivpn-on-kodi-media-player.md
 delete mode 100644 src/content/es/pages/knowledgebase/mp/is-ivpn-compatible-with-appletv.md
 delete mode 100644 src/content/es/pages/knowledgebase/passwords/_index.md
 delete mode 100644 src/content/es/pages/knowledgebase/passwords/how-do-i-change-my-password.md
 delete mode 100644 src/content/es/pages/knowledgebase/passwords/i-forgot-my-ivpn-account-id-what-should-i-do.md
 delete mode 100644 src/content/es/pages/knowledgebase/passwords/i-forgot-my-password-what-should-i-do.md
 delete mode 100644 src/content/es/pages/knowledgebase/privacy/_index.md
 delete mode 100644 src/content/es/pages/knowledgebase/privacy/do-you-collect-or-store-any-usageorstats-information-relating-to-an-account.md
 delete mode 100644 src/content/es/pages/knowledgebase/privacy/do-you-store-any-logs-that-could-be-used-to-identify-a-customer.md
 delete mode 100644 src/content/es/pages/knowledgebase/privacy/does-ivpn-offer-perfect-forward-secrecy-pfs.md
 delete mode 100644 src/content/es/pages/knowledgebase/privacy/how-do-i-know-when-iandsharp039m-protected-by-ivpn.md
 delete mode 100644 src/content/es/pages/knowledgebase/privacy/how-do-we-react-when-requested-by-an-authority-for-information-relating-to-a-customer.md
 delete mode 100644 src/content/es/pages/knowledgebase/privacy/what-happens-if-laws-change-forcing-ivpn-to-compromise-their-customers-privacy.md
 delete mode 100644 src/content/es/pages/knowledgebase/privacy/what-happens-if-you-receive-a-legal-notice-such-as-a-dmca-for-copyright-material-that-i-have-downloaded.md
 delete mode 100644 src/content/es/pages/knowledgebase/privacy/what-information-do-you-collect-and-store-when-i-signup-for-your-service.md
 delete mode 100644 src/content/es/pages/knowledgebase/privacy/what-information-is-collected-and-stored-about-all-visitors-to-your-website.md
 delete mode 100644 src/content/es/pages/knowledgebase/privacy/what-information-is-stored-when-i-stop-using-your-service.md
 delete mode 100644 src/content/es/pages/knowledgebase/routers/_index.md
 delete mode 100644 src/content/es/pages/knowledgebase/routers/dd-wrt-how-do-i-exclude-hosts-or-bypass-vpn-tunnel.md
 delete mode 100644 src/content/es/pages/knowledgebase/routers/dd-wrt-tls-errors-incoming-plaintext-read-error-etc.md
 delete mode 100644 src/content/es/pages/knowledgebase/routers/how-to-enable-a-andsharp039kill-switchandsharp039-in-my-dd-wrtortomato-router.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/_index.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/error-connecting-to-ivpn-daemon.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/how-can-i-reset-my-dns-settings.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/how-do-i-connect-to-the-vpn-from-a-remote-server.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/how-do-i-use-the-ping-command.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/how-do-i-verify-the-location-of-server.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/how-to-disable-enhanced-app-authentication-eaa.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/how-to-submit-vpn-diagnostic-logs-to-ivpn.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/i-cannot-access-devices-on-my-local-network-why.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/i-cannot-connect-to-the-vpn-what-can-i-do.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/i-lose-internet-connection-when-i-disconnect-from-ivpn-why.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/i-receive-an-andsharp039authentication-failureandsharp039-message-what-can-i-do.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/my-real-location-is-detected-when-connected-to-vpn-how-to-disable-geolocation.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/my-vpn-connection-is-randomly-disconnecting-what-can-i-do.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/my-vpn-is-connected-but-i-cannot-browse-the-internet-why.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/my-vpn-is-slow-what-can-i-do-to-make-it-faster.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/replay-window-backtrack-occurred-error.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/the-battery-on-my-phone-drains-too-fast-while-using-ivpn-why.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/tls-error-unroutable-control-packet-received-how-to-fix.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/tls-key-negotiation-failed-to-occur-how-to-fix.md
 delete mode 100644 src/content/es/pages/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers.md
 delete mode 100644 src/content/es/pages/knowledgebase/windows/_index.md
 delete mode 100644 src/content/es/pages/knowledgebase/windows/windows-10-set-ivpn-dns-servers-manually.md
 delete mode 100644 src/content/es/pages/knowledgebase/windows/windows-all-tap-win32-adapters-in-use-error.md
 delete mode 100644 src/content/es/pages/knowledgebase/windows/windows-defender-smartscreen-prevents-the-installation-of-ivpn-app-why.md
 delete mode 100644 src/content/es/pages/knowledgebase/windows/windows-dns-cannot-be-resolved.md
 delete mode 100644 src/content/es/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-save-my-credentials.md
 delete mode 100644 src/content/es/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-start-automatically.md
 delete mode 100644 src/content/es/pages/knowledgebase/windows/windows-my-ip-address-doesnandsharp039t-change-when-connected-why.md
 delete mode 100644 src/content/es/pages/knowledgebase/windows/windows-warning-route-gateway-is-not-reachable.md
 delete mode 100644 src/content/es/pages/legal-process-guidelines.md
 delete mode 100644 src/content/es/pages/light.md
 delete mode 100644 src/content/es/pages/manifesto.md
 delete mode 100644 src/content/es/pages/openvpn-configuration.md
 delete mode 100644 src/content/es/pages/pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard.md
 delete mode 100644 src/content/es/pages/pricing-teams.md
 delete mode 100644 src/content/es/pages/pricing.md
 delete mode 100644 src/content/es/pages/privacy-guides/18-questions-to-ask-your-vpn-service-provider.md
 delete mode 100644 src/content/es/pages/privacy-guides/_index.md
 delete mode 100644 src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-1.md
 delete mode 100644 src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-2.md
 delete mode 100644 src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-3.md
 delete mode 100644 src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-4.md
 delete mode 100644 src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-5.md
 delete mode 100644 src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-6.md
 delete mode 100644 src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-7.md
 delete mode 100644 src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-8.md
 delete mode 100644 src/content/es/pages/privacy-guides/adversaries-and-anonymity-systems-the-basics.md
 delete mode 100644 src/content/es/pages/privacy-guides/an-introduction-to-privacy-anonymity.md
 delete mode 100644 src/content/es/pages/privacy-guides/an-introduction-to-tor-vs-i2p.md
 delete mode 100644 src/content/es/pages/privacy-guides/applying-risk-management-to-privacy.md
 delete mode 100644 src/content/es/pages/privacy-guides/comparing-dvpns-centralized-vpns-privacy-protection.md
 delete mode 100644 src/content/es/pages/privacy-guides/creating-a-vm-within-a-hidden-truecrypt-partition.md
 delete mode 100644 src/content/es/pages/privacy-guides/how-to-perform-a-vpn-leak-test.md
 delete mode 100644 src/content/es/pages/privacy-guides/how-to-verify-physical-locations-of-internet-servers.md
 delete mode 100644 src/content/es/pages/privacy-guides/isp-netflow-surveillance-and-vpn.md
 delete mode 100755 src/content/es/pages/privacy-guides/mac-address.md
 delete mode 100644 src/content/es/pages/privacy-guides/onion-ssh-hosts-for-login-chaining.md
 delete mode 100644 src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-1.md
 delete mode 100644 src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-2.md
 delete mode 100644 src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3.md
 delete mode 100644 src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4.md
 delete mode 100644 src/content/es/pages/privacy-guides/raspberry-pi-2-ivpn-gateway.md
 delete mode 100644 src/content/es/pages/privacy-guides/vpn-latency-explained.md
 delete mode 100644 src/content/es/pages/privacy-guides/vpn-vs-tor.md
 delete mode 100644 src/content/es/pages/privacy-guides/what-is-a-vpn.md
 delete mode 100644 src/content/es/pages/privacy-guides/why-use-tor-with-a-vpn-service.md
 delete mode 100644 src/content/es/pages/privacy-guides/will-a-vpn-protect-me.md
 delete mode 100644 src/content/es/pages/privacy-policy.md
 delete mode 100644 src/content/es/pages/refunds.md
 delete mode 100644 src/content/es/pages/report-vulnerability.md
 delete mode 100644 src/content/es/pages/servers.md
 delete mode 100644 src/content/es/pages/setup/android-ipsec-with-ikev2.md
 delete mode 100644 src/content/es/pages/setup/android-openvpn-for-android.md
 delete mode 100644 src/content/es/pages/setup/android-wireguard.md
 delete mode 100644 src/content/es/pages/setup/ios-ipsec-ikev2.md
 delete mode 100644 src/content/es/pages/setup/ios-openvpn-connect.md
 delete mode 100644 src/content/es/pages/setup/ios-wireguard.md
 delete mode 100644 src/content/es/pages/setup/linux-ipsec-with-ikev2.md
 delete mode 100644 src/content/es/pages/setup/linux-netman.md
 delete mode 100644 src/content/es/pages/setup/linux-terminal.md
 delete mode 100644 src/content/es/pages/setup/linux-wireguard-netman.md
 delete mode 100644 src/content/es/pages/setup/linux-wireguard.md
 delete mode 100644 src/content/es/pages/setup/macos-ipsec-with-ikev2.md
 delete mode 100644 src/content/es/pages/setup/macos-openvpn-tunnelblick.md
 delete mode 100644 src/content/es/pages/setup/macos-wireguard.md
 delete mode 100644 src/content/es/pages/setup/nas/_index.md
 delete mode 100644 src/content/es/pages/setup/nas/qnap.md
 delete mode 100644 src/content/es/pages/setup/nas/synology-6.md
 delete mode 100644 src/content/es/pages/setup/router/_index.md
 delete mode 100644 src/content/es/pages/setup/router/asuswrt-merlin-openvpn.md
 delete mode 100644 src/content/es/pages/setup/router/asuswrt-merlin-wireguard.md
 delete mode 100644 src/content/es/pages/setup/router/asuswrt-openvpn.md
 delete mode 100644 src/content/es/pages/setup/router/asuswrt-wireguard.md
 delete mode 100644 src/content/es/pages/setup/router/ddwrt-auto.md
 delete mode 100644 src/content/es/pages/setup/router/ddwrt-manual.md
 delete mode 100644 src/content/es/pages/setup/router/ddwrt-wireguard.md
 delete mode 100644 src/content/es/pages/setup/router/ddwrt.md
 delete mode 100644 src/content/es/pages/setup/router/openwrt-wireguard-legacy.md
 delete mode 100644 src/content/es/pages/setup/router/openwrt-wireguard.md
 delete mode 100644 src/content/es/pages/setup/router/openwrt.md
 delete mode 100644 src/content/es/pages/setup/router/opnsense-openvpn-instances.md
 delete mode 100644 src/content/es/pages/setup/router/opnsense-openvpn.md
 delete mode 100644 src/content/es/pages/setup/router/opnsense-wireguard.md
 delete mode 100644 src/content/es/pages/setup/router/opnsense.md
 delete mode 100644 src/content/es/pages/setup/router/pfsense-wireguard.md
 delete mode 100644 src/content/es/pages/setup/router/pfsense.md
 delete mode 100644 src/content/es/pages/setup/router/tomato-manual.md
 delete mode 100644 src/content/es/pages/setup/windows-10-ipsec-with-ikev2.md
 delete mode 100644 src/content/es/pages/setup/windows-10-openvpn-community.md
 delete mode 100644 src/content/es/pages/setup/windows-10-wireguard.md
 delete mode 100644 src/content/es/pages/setup/windows-8-openvpn-community.md
 delete mode 100644 src/content/es/pages/supported-projects.md
 delete mode 100644 src/content/es/pages/supportua-ru.md
 delete mode 100644 src/content/es/pages/supportua.md
 delete mode 100644 src/content/es/pages/terms-of-service.md
 delete mode 100644 src/content/es/pages/test.md
 delete mode 100644 src/content/es/pages/thank-you-light.md
 delete mode 100644 src/content/es/pages/trust.md
 delete mode 100644 src/content/es/pages/wireguard-vpn.md

diff --git a/src/config/_default/config.toml b/src/config/_default/config.toml
index c13ea488e..1262fa315 100644
--- a/src/config/_default/config.toml
+++ b/src/config/_default/config.toml
@@ -46,9 +46,9 @@ defaultContentLanguageInSubdir = true
   authors = "authors"
 
 [permalinks]
-  categories = "/blog/categories/:slug/"
-  tags = "/blog/tags/:slug/"
-  authors = "/blog/authors/:slug/"
+  categories = "blog/categories/:slug/"
+  tags = "blog/tags/:slug/"
+  authors = "blog/authors/:slug/"
 
 [related]
   threshold = 80
diff --git a/src/config/_default/menus/menus.en.toml b/src/config/_default/menus/menus.en.toml
index 695acd9ef..7d6f92151 100644
--- a/src/config/_default/menus/menus.en.toml
+++ b/src/config/_default/menus/menus.en.toml
@@ -19,7 +19,7 @@
   [[main]]
     identifier = "blog"
     name = "Blog"
-    url = "/blog/"
+    url = "/en/blog/"
     weight = 40
 
   [[main]]
diff --git a/src/config/_default/menus/menus.es.toml b/src/config/_default/menus/menus.es.toml
index d14d6da96..604e55ccb 100644
--- a/src/config/_default/menus/menus.es.toml
+++ b/src/config/_default/menus/menus.es.toml
@@ -19,7 +19,7 @@
   [[main]]
     identifier = "blog"
     name = "Blog"
-    url = "/blog/"
+    url = "/en/blog/"
     weight = 40
 
   [[main]]
diff --git a/src/content/en/pages/antitracker.md b/src/content/en/pages/antitracker.md
index ca823d6ab..15e3c8722 100644
--- a/src/content/en/pages/antitracker.md
+++ b/src/content/en/pages/antitracker.md
@@ -1,7 +1,10 @@
 ---
 title: VPN with Ad block and Anti-Tracking
 description: Increase your privacy protection by using IVPN with built-in tracking protection. We block requests from advertising and data harvesting companies to make your browsing experience lighter and more private.
-url: antitracker/
+url: /en/antitracker/
+aliases: ['/antitracker/']
+params:
+  translated: true
 ---
 # AntiTracker
 
diff --git a/src/content/en/pages/ethics.md b/src/content/en/pages/ethics.md
index b561a59d4..95af7c73b 100644
--- a/src/content/en/pages/ethics.md
+++ b/src/content/en/pages/ethics.md
@@ -28,7 +28,7 @@ sections:
 
       #### No secrets
 
-      IVPN’s [ownership, company structure and team](https://www.ivpn.net/team/) is public, so you know who is responsible for protecting your privacy.
+      IVPN’s [ownership, company structure and team](team/) is public, so you know who is responsible for protecting your privacy.
 
       #### No false promises
 
diff --git a/src/content/en/pages/home.md b/src/content/en/pages/home.md
index d4001e624..812a2caf0 100644
--- a/src/content/en/pages/home.md
+++ b/src/content/en/pages/home.md
@@ -2,6 +2,8 @@
 title: VPN for Privacy & Security | IVPN | Resist Online Surveillance
 description: Audited, open-source VPN service with WireGuard, killswitch and tracker blocker. No logs, no false promises. Anonymous signup with 30 day money back guarantee.
 url: /en/
+params:
+  translated: true
 isMenuCta: false
 hasSeperator: false
 sections:
@@ -47,7 +49,7 @@ sections:
           privacy like the EFF, Open Rights Group, and the Tor project.
       - name: Transparency
         description: Our business model is exclusively based on paid subscriptions. We
-          do not own any other VPN services or VPN review sites. Review [the team](/team/)
+          do not own any other VPN services or VPN review sites. Review [the team](team/)
           operating IVPN and the company ownership.
   - type: heading_text_one_column
     content: "## Features"
diff --git a/src/content/en/pages/privacy-policy.md b/src/content/en/pages/privacy-policy.md
index 81205ffc6..88a3a35f3 100644
--- a/src/content/en/pages/privacy-policy.md
+++ b/src/content/en/pages/privacy-policy.md
@@ -7,7 +7,7 @@ canonical:
 ---
 # Privacy Policy
 
-We're built for privacy. Internally, we know what exactly that means; we use privacy as a filter for decision-making. If a choice needs to be made between one practice that deepens a user's privacy, and another that would diminish it but accelerate our growth, we'll always take the slower, more private option. If you'd like to know more about our principles and beliefs that drive our choices, please see our [team](/team/) and [ethics](/ethics/) pages.
+We're built for privacy. Internally, we know what exactly that means; we use privacy as a filter for decision-making. If a choice needs to be made between one practice that deepens a user's privacy, and another that would diminish it but accelerate our growth, we'll always take the slower, more private option. If you'd like to know more about our principles and beliefs that drive our choices, please see our [team](team/) and [ethics](/ethics/) pages.
 
 We realize how important it is that our customers fully understand what we
 mean by privacy. This policy gives you an overview of;
diff --git a/src/content/en/pages/team.md b/src/content/en/pages/team.md
index 4d24f162c..dcb09d24a 100644
--- a/src/content/en/pages/team.md
+++ b/src/content/en/pages/team.md
@@ -1,6 +1,8 @@
 ---
 title: IVPN Team
-url: team/
+url: /en/team/
+params:
+  translated: true
 sections:
   - type: heading_text_cta_one_column
     content: >-
diff --git a/src/content/en/pages/transparency-report.md b/src/content/en/pages/transparency-report.md
index 92e79cfc6..14ffbac8a 100644
--- a/src/content/en/pages/transparency-report.md
+++ b/src/content/en/pages/transparency-report.md
@@ -1,7 +1,10 @@
 ---
 title: IVPN Transparency report
 description: Its important our customers fully understand what private information we collect, store and process. Read our clear and simple policy to get the facts you need.
-url: transparency-report/
+url: /en/transparency-report/
+aliases: ['/transparency-report/']
+params:
+  translated: true
 ---
 # Transparency Report
 
diff --git a/src/content/en/pages/trust.md b/src/content/en/pages/trust.md
index 0240a2448..16067570d 100644
--- a/src/content/en/pages/trust.md
+++ b/src/content/en/pages/trust.md
@@ -71,5 +71,5 @@ url: /trust/
     * All VPN servers are built using Open Source software e.g. CentOS, OpenVPN, StrongSWAN etc.
     * [Vulnerability disclosure](/vulnerability-reporting/) process.
     * [Warrant canary](/resources/canary.txt).
-    * IVPN is a transparent organisation with published information [about staff](/team/) on the website and Linkedin profiles.
+    * IVPN is a transparent organisation with published information [about staff](team/) on the website and Linkedin profiles.
     * In-depth [privacy guides](/privacy-guides/) for IVPN customers.
diff --git a/src/content/en/pages/what-is-vpn.md b/src/content/en/pages/what-is-vpn.md
index 00fe92a97..73c3bcfe9 100644
--- a/src/content/en/pages/what-is-vpn.md
+++ b/src/content/en/pages/what-is-vpn.md
@@ -1,7 +1,10 @@
 ---
 title: What is a VPN?
 description: What is a VPN? A VPN or Virtual Private Network encrypts data sent between computers on the Internet. When using a VPN for privacy, your data is encrypted so your ISP or mobile network provider cannot surveil your internet activity.
-url: what-is-a-vpn/
+url: /en/what-is-a-vpn/
+aliases: ['/what-is-a-vpn/']
+params:
+  translated: true
 ---
 # What is a VPN?
 
diff --git a/src/content/es/authors/alexandr-stelnykovych/_index.md b/src/content/es/authors/alexandr-stelnykovych/_index.md
deleted file mode 100644
index 749ff32ed..000000000
--- a/src/content/es/authors/alexandr-stelnykovych/_index.md
+++ /dev/null
@@ -1,3 +0,0 @@
----
-title: Alexandr Stelnykovych
----
diff --git a/src/content/es/authors/iain-douglas/_index.md b/src/content/es/authors/iain-douglas/_index.md
deleted file mode 100644
index d757a91db..000000000
--- a/src/content/es/authors/iain-douglas/_index.md
+++ /dev/null
@@ -1,3 +0,0 @@
----
-title: "Iain Douglas"
----
diff --git a/src/content/es/authors/juraj-hilje/_index.md b/src/content/es/authors/juraj-hilje/_index.md
deleted file mode 100644
index 35700f394..000000000
--- a/src/content/es/authors/juraj-hilje/_index.md
+++ /dev/null
@@ -1,3 +0,0 @@
----
-title: "Juraj Hilje"
----
diff --git a/src/content/es/authors/mirimir/_index.md b/src/content/es/authors/mirimir/_index.md
deleted file mode 100644
index 2f5b4993f..000000000
--- a/src/content/es/authors/mirimir/_index.md
+++ /dev/null
@@ -1,3 +0,0 @@
----
-title: "mirimir"
----
diff --git a/src/content/es/authors/nick-pestell/_index.md b/src/content/es/authors/nick-pestell/_index.md
deleted file mode 100644
index 716a55b33..000000000
--- a/src/content/es/authors/nick-pestell/_index.md
+++ /dev/null
@@ -1,3 +0,0 @@
----
-title: Nick Pestell
----
diff --git a/src/content/es/authors/viktor-vecsei/_index.md b/src/content/es/authors/viktor-vecsei/_index.md
deleted file mode 100644
index 37af0390e..000000000
--- a/src/content/es/authors/viktor-vecsei/_index.md
+++ /dev/null
@@ -1,3 +0,0 @@
----
-title: Viktor Vecsei
----
diff --git a/src/content/es/blog/2010-08-08-the-importance-of-privacy.md b/src/content/es/blog/2010-08-08-the-importance-of-privacy.md
deleted file mode 100644
index 3d562079f..000000000
--- a/src/content/es/blog/2010-08-08-the-importance-of-privacy.md
+++ /dev/null
@@ -1,45 +0,0 @@
----
-title: The Importance of Privacy
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2010-08-08T11:03:05+00:00
-url: /blog/the-importance-of-privacy/
-
----
-A man sits down to dinner. He proceeds to discuss his work and his opinion of his colleagues. He moves on to reveal personal secrets he has gleaned from intimate conversations with these same coworkers. His wife is intrigued and urges him to continue. He delves further and, at great length, shifts his monologue to his opinions of the personal lives of his friends and neighbors before candidly unveiling an embarrassing indiscretion involving a female friend that he himself recently committed. The wife is aghast, he reassures her and the conversation is abruptly halted when, at last, he informs her of the unfortunate news that he received on his most recent visit from his doctor. They hold hands and whisper words of affection. Tears are shed.
-
-They are at home, alone and no one is privy to his words.
-
-Were this discussion to take place in a popular (or even unpopular) restaurant, not only would unknown and uninvited ears catch all that was said but in this day and age, cameras (both surveillance and personal)), telephones, recorders and various electronic devices of unknown ownership would likely be within earshot and could easily capture all that was shared in this dialogue between two loved ones, a dialogue that almost certainly was not intended to be shared by anyone other than the woman sitting across the table from him and only reluctantly with her.
-
-Were this conversation to take place on the train it would be the source of discomfort, shock, jaw-dropping disbelief and text messaging.   
-Were it to be aired in a shopping mall it would surely mutate into a nightmare of public gossip and innuendo.   
-Were it to be held at the workplace it would certainly be perilous and likely lead to the loss of livelihood as well as extinguish any hope of a career.
-
-This is the nature of intimacy and the often overlooked principal of privacy.
-
-It is, as well, a few simple but unfortunately realistic scenarios of the slow but steady erosion of our personal privacy in this high-speed, instant messaging, universally connected, digital age. As the prevalence of electronic security expands ever deeper into every aspect of our waking lives the very nature of a "private life" comes into question.
-
-When can we expect privacy?   
-When should we expect privacy?   
-When must we expect privacy?
-
-These are the questions which universally challenge us as the ever surging wave of cyber-communication/information/transmission gains ground just as we furiously struggle to keep our heads above the electronic water. As a society we have clearly ceded the "Public" forum and Private/State surveillance is simply a matter of fact, whether being watched by hired Store security or by sworn Police authority, there are clearly very few places where one can walk among our fellow men and still maintain a "reasonable expectation of privacy" or even the basic freedom of an unobserved life.
-
-But if you're not guilty, why would it bother you to be watched?
-
-This is the regressive question asked by many, who perhaps don't think too deeply, clearly or often, as they walk through the world on eggshells of ignorance, blissfully unaware of the pervasive dangers that lurk around every corner of our lives even for those extremely rare and naively trusting innocents.
-
-Regardless of the fact that this naïve approach to an inherently perilous world is, at best, specious reasoning this line of thinking (or not thinking if you will) leads to the inevitable destruction of the Basic Rights and Human privileges that make us free and independent individuals.
-
-Why should we fight for our privacy?
-
-Because it is ours.
-
-Because with every breath we take we deserve the Right to share or retain our carefree thoughts, our odd observations, our candid opinions, our solemn beliefs and our intimate affections. Not only do we deserve this Right but we must reserve this Right in order to maintain a successful, cooperative, progressive, free society unhindered by the pressures of the State or by the lockstep mentality to conform to a way of life that may not be of one's own choice or inclination. Any quick study of human history can certainly inform the unconcerned, the misinformed or those willfully oblivious as to the pain and degradations that can and often do occur when Human Beings willingly or unwillingly surrender or are stripped of this Right. Illegal Search and Seizure, False imprisonment, Trial without Jury, Slavery- all of these brutal examples of inhumanity can certainly trace their origins to the basic loss of privacy, and thus, freedom as one action, or loss thereof, clearly goes hand-in-hand with the other. This basic practice of our autonomy is at the core of our humanity and it is a Right which men from every society have fought and died for since Eve shared the Apple with Adam and it certainly is absolutely one which we must continue to respect and aggressively preserve with every fiber of our strength and through every moment of our existence, ever vigilant to those who might attempt to chip away at the foundations of our freedoms and the structure of our societies. Consequently it is our duty to uphold the principles of privacy and vigorously maintain our right to a "Private Life" even as we fall back in this battle further and further as we, perhaps heedlessly, give ground to the digital forces of comfort and accessibility.
-
-Our "private life" is our real life.
-
-The one that we share with those we love and sometimes lose, those we live with and occasionally live without, those we build families with as we wait for our nests to empty, those we share community with as we hammer together our great fences and those few and blessed individuals that we choose to let into our lives in the sincere and hopeful belief that our fortuitous unions may create something greater than our inevitable solitude, something that will live on for future generations so that they may have the opportunity to build a more fulfilling life as they carefully choose from their multitude of paths and gratefully navigate through their wonderful worlds.
\ No newline at end of file
diff --git a/src/content/es/blog/2010-09-22-the-right-to-privacy.md b/src/content/es/blog/2010-09-22-the-right-to-privacy.md
deleted file mode 100644
index 3dc671672..000000000
--- a/src/content/es/blog/2010-09-22-the-right-to-privacy.md
+++ /dev/null
@@ -1,72 +0,0 @@
----
-title: The Right to Privacy
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2010-09-22T13:37:33+00:00
-url: /blog/the-right-to-privacy/
-
----
-One of the most abused and least exercised of human rights is the right to privacy.
-
-This fundamental freedom is slowly being etched away by the constant encroachment from government and corporate entities, countless databases with personal information and questionable security, as well as our own unwillingness to take a stand against this abuse.
-
-This article presents a brief explanation to freedom lovers of the philosophical concept of privacy, our rights as human beings, and what we can do to exercise them.
-
-## What is Privacy?
-
-Privacy as a philosophical concept is broad and complex. It covers everything from the difference between public and private life, to autonomous self regulation.
-
-Privacy as defined by the Random House Dictionary is defined as: "the state of being free from the intrusion or disturbance in ones private life or affairs."
-
-Although considered synonymous with secrecy, privacy usually relates to living outside of public life or political work where the details of one's day to day life can be observed by everyone.
-
-While the term privacy means different things to different people, the concept of privacy is usually a personal concern, one that cannot be determined for one individual by another.
-
-This concept of privacy extends to individuals and groups alike, and usually includes other sub-concepts such as personal security or the protection and appropriate use of information.
-
-Although various cultures throughout history have demonstrated methods to protect privacy through concealment, seclusion, and restriction of information or property, the right to privacy as understood by Western civilization sets our culture and society apart from the rest of the world.
-
-## Legal Recognition of the Right to Privacy
-
-The right to privacy is recognized in many countries as a fundamental human right, particularly in the West. In fact, the importance of privacy to European nations as well as those in North America is one of the primary distinguishing characteristics of Western social norms.
-
-Therefore, many of these western governments have recognized the importance of protecting privacy rights from intrusion by government and other entities, as well as drawing the line between where one individual's privacy rights begin, and another one's ends. This recognition can be seen in the various laws, regulations, and treaties drafted and signed by members of these societies.
-
-For instance, in the United States, freedom from government intrusion is the basis for many of the rights, also known as the "bill of Rights" which make up the first ten amendments to the Constitution.
-
-The fourth amendment, relating to an individual's right to privacy states:
-
-"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."
-
-The United Nations also recognized the right to privacy in 1948 when the General Assembly signed an agreement known as the Universal Declaration of Human Rights. This document recognized all rights and freedoms that are considered unalienable as a member of the human race.
-
-Article 12 of the declaration relates to the right to privacy, which states:   
-"No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honor and reputation. Everyone has the right to the protection of the law against such interference or attacks."   
-The UN also recognizes this right in Article 17 of the Covenant on Civil and Political Rights
-
-  1. No one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence, or to unlawful attacks on his honor and reputation.
-  2. Everyone has the right to the protection of the law against such interference or attacks.
-
-## Areas of Privacy
-
-Privacy is usually broken down into two subgroups: information privacy and physical security.
-
-Information privacy is the right to control access to sensitive or personal information that may be trademarked, confidential, or embarrassing to the owner of such information. This information in the wrong hands may allow for criminal or terrorist activities such as financial fraud, blackmail, or physical assault.
-
-Physical security falls under privacy from the right to lock and secure personal possession such as your car, home, or office without fear of intrusion from government or criminal entities attempting to steal your property.
-
-However, the line between information privacy and physical security is blurry, and may be considered by most to be one and the same. This again shows how large and complex the concept of privacy rights can be when including self regulation of personal security as well as concern with how information is stored, transferred, and used by an organization or individual.
-
-More specific privacy rights can include:
-
-  * Medical privacy which is overseen by organizations such as HIPAA in the United States protects patients' medical insurance information. Patient/doctor confidentiality is often considered one of the basic forms of medical privacy.
-
-  * Financial privacy allows a person to conceal confidential financial information such as bank account numbers, account balances, and passwords to prevent possible financial fraud or identity theft. Financial privacy can also include information concerning personal income, debts, and credit ratings, although depending on your country's laws, much of this is may be available to government for tax purposes.
-
-  * Personal privacy, which can also include physical security, could be as simple as closing the blinds in your house, and allowing one to pursue their own interests and business without the prying eyes of the public, or government. Physical privacy may be a matter of cultural sensitivity, personal dignity, or shyness. There may also be concerns about safety, or becoming a victim of a crime such as robbery or stalking.
-
-## Securing Your Privacy Rights
-
-The best way to secure one's rights is to take advantage of them at all times. If you have an opportunity to be private about a transaction then do so. Supporting human rights organizations that focus on the right to privacy is another way to voice your concerns for the encroachment of government, corporate organizations, and criminal entities on your right to self regulation, physical security, and protection of information vital to being a free and independent member of the human race.
\ No newline at end of file
diff --git a/src/content/es/blog/2011-04-13-new-zealand-about-to-push-through-controversial-three-strikes-law.md b/src/content/es/blog/2011-04-13-new-zealand-about-to-push-through-controversial-three-strikes-law.md
deleted file mode 100644
index d3ad5dbe6..000000000
--- a/src/content/es/blog/2011-04-13-new-zealand-about-to-push-through-controversial-three-strikes-law.md
+++ /dev/null
@@ -1,19 +0,0 @@
----
-title: New Zealand Pushes Controversial 3 Strikes Law
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2011-04-13T14:08:16+00:00
-url: /blog/new-zealand-about-to-push-through-controversial-three-strikes-law/
-
----
-According to news released today by [torrentfreak.com][1], New Zealand looks set to pass the controversial Copyright (Infringing File Sharing) Amendment Bill for its second reading in just a few hours. The Bill originally passed its first reading in April 2010. Most surprisingly, a green party MP, Gareth Hughes was unaware of the bill even being raised today. This legilation is being rushed through in a similar fashion to the UK digital econmy act and has many people in protest on various social networks.
-
-According to the 3 strikes rule, when copyright holders first detect online copyright infringement, they must send a warning notice to the responsible ISP. This notice must then be forwarded on to the subscriber responsible for the infringement. If infringement continues, the copyright holders may then forward a 'cease and desist' notice to the ISP. All the while, the copyright holders do not know the identity of the infringer. The subscriber is given an opportunity to contest, and the ISP is given the authority to make judgment on whether they have merit.
-
-If infringement then continues after the 'cease and desist', the copyright holders can then request personal identifying information for the subscriber in question from the new Copyright Tribunal. (taking the place of filing an infringement lawsuit and requesting a subpoena from court.) The copyright holder at the stage can contact alleged infringers directly, informing them that an allegation of 'repeat copyright infringement' has been filed with the Copyright Tribunal. The accused subscriber can then request mediation if he/she wishes, otherwise the Tribunal will rule and can disconnect the user from the Internet or enforce a fine up to a maximum of $15,000 (NZD).
-
-<a href="http://www.legislation.govt.nz/bill/government/2010/0119/latest/DLM2764327.html" target="_blank" rel="noopener noreferrer">Click here</a> for the relevant part of the bill about to be passed.
-
- [1]: http://torrentfreak.com/new-zealand-government-rushes-through-controversial-anti-piracy-law-110413/ "Torrentfreak.com"
\ No newline at end of file
diff --git a/src/content/es/blog/2011-06-27-fbi-gives-agents-ok-to-invade-privacy.md b/src/content/es/blog/2011-06-27-fbi-gives-agents-ok-to-invade-privacy.md
deleted file mode 100644
index 5d595795c..000000000
--- a/src/content/es/blog/2011-06-27-fbi-gives-agents-ok-to-invade-privacy.md
+++ /dev/null
@@ -1,23 +0,0 @@
----
-title: FBI Gives Agents OK To Invade Privacy
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2011-06-27T07:32:12+00:00
-url: /blog/fbi-gives-agents-ok-to-invade-privacy/
-
----
-The Federal Bureau of Investigation has recently approved the use of broader powers by approximately 14,000 agents involved in observing criminal and terrorist activities. These increased powers allow them greater freedom to search databases, rummage through household garbage and even deploy surveillance teams to spy on the daily lives of those who are unfortunate enough to have attracted Big Brother's attention.
-
-The new rules granting FBI agents greater leeway in their investigations are to be outlined in the newest edition of their operation manual, namely the "Domestic Investigations and Operations Guide." This guide, purportedly designed to outline the measures agents may take when investigating private citizens, is available for download at the [following website][1].
-
-This redacted copy was made available to the public after the FBI was threatened by a Freedom of Information lawsuit. According to the current rules, FBI agents must initiate a formal inquiry before they may search commercial or law enforcement databases for details on an individual. This formal inquiry, known as an "assessment," would be eliminated under the new rules, allowing agents to proactively inquire about anyone without the need to make a record about their decisions.
-
-The new rules also give agents greater leeway in conducting lie-detector tests and trash searching. The current rules require agents to open a "preliminary investigation" prior to engaging in these activities. Unlike an assessment, a preliminary investigation requires factual basis of any wrongdoing a suspect is believed to have committed. This will change under the new rules, allowing agents to also use lie-detector tests and trash searching in order to evaluate and identify individuals as potential informants. Current rules restrict the use of surveillance squads trained to follow targets to just one use per assessment. The new rules will relax this requirement, allowing them to be used repeatedly.
-
-Privacy advocates like the American Civil Liberties Union (ACLU) are completely against easing restrictions on what agents are allowed to do during their investigations, claiming that the potential for abuse would only worsen. Reducing the requirements to conduct low-level investigations like assessments would allow agents to spy on any private citizen for virtually any reason whatsoever, regardless if they have firm reason to believe that citizen has committed any crimes.
-
-It is a clear sign that privacy rights are diminishing when every man, woman and child is a potential target for an investigation. What does that say about America when the very lives of private citizens are open to complete scrutiny by the authorities who have no writ, no warrant, and not even probable cause to begin investigating? Citizens truly disgusted by these draconian measures should take back their personal privacy by exercising a bit of due diligence in their daily lives. It is highly advisable to use cash when making purchases, refusing to give out personal details that can be added to a merchant's customer database. These databases collect purchase history that can be used to track and analyze customer spending habits. If credit cards are necessary, use a pre-paid one sparingly. Shred all sensitive documents prior to disposal, making sure to use a "cross cut" shredder instead of a straight cut model. It may be inconvenient, but disposing of sensitive items a t a municipal disposal site may offer more security than leaving one's trash on the curbside. When it comes to maintaining electronic privacy, sign up for a Virtual Private Networking service. A VPN service acts a secure tunnel between a user's computer and the Internet. Data transmitted to and from the VPN service is encrypted, thus preventing hackers, criminals and other prying eyes from spying on your data without your consent. While the FBI may be making it easier for their agents to spy on private citizens, it doesn't mean citizens have to follow suit.
-
- [1]: http://www.nytimes.com/2011/06/13/us/13fbi.html?_r=0
\ No newline at end of file
diff --git a/src/content/es/blog/2012-01-26-could-you-be-prosecuted-under-a-foreign-countrys-online-content-laws.md b/src/content/es/blog/2012-01-26-could-you-be-prosecuted-under-a-foreign-countrys-online-content-laws.md
deleted file mode 100644
index ef78f81d3..000000000
--- a/src/content/es/blog/2012-01-26-could-you-be-prosecuted-under-a-foreign-countrys-online-content-laws.md
+++ /dev/null
@@ -1,50 +0,0 @@
----
-title: Could You Be Prosecuted Under a Foreign Country's Online Content Laws?
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-01-26T19:03:56+00:00
-url: /blog/could-you-be-prosecuted-under-a-foreign-countrys-online-content-laws/
-comments:
-  - author: Armadeo K.
-    date: 2012-01-29T23:08:05+01:00
-    content: |
-      Great article which poses a lot of thought provoking questions. Will we be subject to foreign laws across all spheres in our own cities/countries? I really hope Richard wins the case, his story is an example of how foreign laws regarding copyrighted content have victimised him when the law in his own country should soley be dealing with it. The whole course of his life will change because of this !
-  - author: Micheal Rogers
-    date: 2012-01-30T10:33:03+01:00
-    content: |
-      Law enforcement agencies should be putting their efforts elsewhere; to good causes in this world, trying to make this world a better place, fighting violent crimes rather than trying to save multi-billion entertainment companies from going under!
-  - author: G Duncan
-    date: 2017-04-24T09:00:53+02:00
-    content: |
-      Perhaps.. this is the reason why responsible usage of online resources is important. If you are using vpn to browse block sites, make sure that those blocked sites are not illegal sites and for your added security, use vpn like Astrill to keep your identity thoroughly secure.
-
----
-It's fast becoming clear that using an anonymous IP address is going to be vital if you want to protect yourself, not only from being wrongly prosecuted by your own country's vague laws concerning online content, but also the laws from other countries.
-
-You may already know that the law is full of grey areas when it comes to accessing online content. Different countries have various laws concerning file sharing, what content is deemed illegal to possess, and what actually counts as 'possession' of content.
-
-## Tiger, tiger&#8230;
-
-This can be problematic when it comes to assessing what you can and can't view online. For instance, last year a law was passed in the UK concerning 'extreme pornographic content'. However the law was very fuzzy when it came to defining what "extreme pornography" actually is. This has since led to some bizarre prosecutions. One of the most famous is the [case of Andrew Holland][1], who downloaded a video clip of a women apparently having sex with an animated tiger. After the police discovered the clip on his PC, Holland was promptly arrested, prevented from contacting his daughter, and put on trial.
-
-However, half-way through the trial the police turned up the volume on the 'illegal' clip and discovered that the talking tiger was making jokes about Frosties - a popular breakfast cereal that features a tiger mascot. The clip was therefore deemed unrealistic and satirical, rather than pornographic, and Holland – who always claimed the clip was sent to him as a joke – had the charge against him dropped.
-
-Given the UK's vague laws surrounding how IP addresses can be monitored by law enforcement officials, Holland's case should set alarm bells ringing. The only thing that stands between 'extreme pornography' and legitimate satire, seems to be the perspective of a few police officers. But this issue is complicated even further when you consider the news that's recently dominated headlines concerning the file-sharing sites Mega Upload and TV Shack.
-
-## Import law
-
-The owners of both Mega Upload and TV Shack are being tried for extradition to the United States for allegedly facilitating copyright theft. The debate over file sharing is an emotive one, and both pro-file sharing and anti-file sharing camps make valid arguments, but the real issue is how US law is being used to prosecute individuals who are technically outside of its jurisdiction.
-
-Take TV Shack's owner, Richard O'Dwyer. Many UK law experts believe that O'Dwyer, who was 19 when he set up TV Shack, did not break any UK laws by linking to other sites that hosted copyrighted content. Because O'Dwyer would likely be found innocent in a UK court, copyright owners want him [extradited to the US][2], where a conviction and long jail sentence would be likely. It looks like the copyright owners are now getting their way. Last week O'Dwyer lost an appeal in UK courts to prevent his extradition.
-
-## It's only going to get worse&#8230;
-
-This brings us to the much maligned pieces of legislation, SOPA and PIPA. One of focuses of the Stop Online Piracy Act was to make it even easier for the US entertainment industry to pursue and extradite individuals who they deem are guilty of sharing copyrighted material. SOPA now looks unlikely to pass. But it's worth paying attention to the reasons why SOPA hit the rocks. The senators who withdrew their support for the bill were mainly concerned with the effect it would have on the US economy, not on the injustice of forcing US law onto non-US citizens.
-
-[SOPA][3] may be defeated, but it's almost certain that copyright hawks are already drafting another bill that aims to give as much power as possible to those who want to prevent file sharing no matter where it takes place. As Andrew Holland's case demonstrated, users already have to be wary of their own country's fuzzy laws concerning what they can access on the internet. However, they may soon have to contend with the laws of an entirely different country. Will this stop at copyrighted material? Or will individuals be subject to foreign laws on other types of content that they access online? It won't be long before we find out.
-
- [1]: http://www.theregister.co.uk/2010/08/06/tiger_freed/
- [2]: http://www.guardian.co.uk/law/2012/jan/13/tvshack-student-founder-extradition
- [3]: http://en.wikipedia.org/wiki/Stop_Online_Piracy_Act "Stop Online Piracy Act"
diff --git a/src/content/es/blog/2012-02-01-government-bills-spy-on-individual-surfing-habits.md b/src/content/es/blog/2012-02-01-government-bills-spy-on-individual-surfing-habits.md
deleted file mode 100644
index 85e7fa8a9..000000000
--- a/src/content/es/blog/2012-02-01-government-bills-spy-on-individual-surfing-habits.md
+++ /dev/null
@@ -1,31 +0,0 @@
----
-title: Government Bills Spy on Individual Surfing Habits
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-02-01T08:14:23+00:00
-url: /blog/government-bills-spy-on-individual-surfing-habits/
-
----
-This week has seen an enormous rise in awareness of internet censorship bills such as SOPA and PIPA, which is good news for anti-censorship advocates. Whilst many within the technology industry were aware of these bills, others were not until last week's internet blackout campaign which included large companies such as Wikipedia and Google.
-
-However, many people remain unaware of government directives which insist upon ISPs retaining all customer data for a period of anywhere between 6 and 24 months. A survey carried out this week in the UK showed that 54% of respondents had never heard of the existing EU directive, which allows authorities to force ISPs to retain data so that it is traceable in the event of a crime.
-
-Of course, many people object to this, whilst it seems understandable that there may be a need to address online crime, this approach has been described by some experts as a "[whack a mole][1]" solution to the problem.
-
-In the US, a similar bill, H.R. 1981 is under consideration which purports to address the problem of child pornography and online exploitation. Of course, such an emotive issue is bound to gain support – but is this just a cover which gives authorities the right to access the information of any citizen without just cause? The bill, if passed through congress, is a direct violation of the right of an individual to privacy.
-
-The reality of the situation is, although the US bill states that its only intentions are to address cybercrime, this bill actually won't be that effective if passed. Child pornography rings have been successfully tracked down without the bill and cybercriminals don't simply sit at home randomly hacking individuals without ensuring they have a lot of protection in place.
-
-Whilst H.R. 1981 discusses the need to protect citizens from cybercrime originating from outside the US; it is difficult to see how it will achieve this by invading the privacy of its own citizens. For the average person, protecting their data is something that they have only given thought to when tinkering with privacy settings on social media sites – how are they expected to protect themselves from government directives?
-
-Obviously a trusted [VPN service][2] can help individuals reclaim control of their personal data and surfing habits but it's also a good idea to oppose the bill by writing to a representative; The [Electronic Freedom Frontier][3] can help with this.
-
-SOPA and PIPA have done a lot to raise awareness of bills which governments are attempting to pass through in order to protect the less than innocent (large movie corporations to be more precise). In the UK, the Digital Economy Act was passed in 2010 and contains similar legislation to SOPA and PIPA. However, a survey carried out this week showed that 100% of respondents had not heard of the bill; this goes some way to proving how much bills such as this are pushed through as quietly as possible.
-
-The free web and an individual's personal right to privacy must be maintained, awareness is rising but many still don't recognise that spying on surfing habits should have no place in a democratic society. In the meantime, a decent VPN will protect surfers and is recommended for those in the US as well as the EU as governments attempt to push through more bills which do little to protect citizens and are designed instead to protect large corporations from Intellectual Property Theft.
-
- [1]: http://www.webpronews.com/h-r-1981-is-a-turd-wrapped-in-cotton-candy-2012-01
- [2]: / "VPN service"
- [3]: https://wfc2.wiredforchange.com/o/9042/p/dia/action/public/?action_KEY=8175
\ No newline at end of file
diff --git a/src/content/es/blog/2012-02-04-the-fbi-wants-to-criminalise-online-privacy.md b/src/content/es/blog/2012-02-04-the-fbi-wants-to-criminalise-online-privacy.md
deleted file mode 100644
index f359eefcb..000000000
--- a/src/content/es/blog/2012-02-04-the-fbi-wants-to-criminalise-online-privacy.md
+++ /dev/null
@@ -1,45 +0,0 @@
----
-title: The FBI wants to criminalise online privacy
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-02-04T13:24:13+00:00
-url: /blog/the-fbi-wants-to-criminalise-online-privacy/
-
----
-The FBI and US Department of Justice is now encouraging internet cafe users to spy on the online activities of their fellow citizens.
-
-The FBI's "Communities Against Terrorism" notice lists a whole host of activities that the agency classifies as "suspicious" and a "potential indicator of terrorism". You can read the [full notice right here][1], but below is a list of some of the more innocuous activities that the FBI is concerned about
-
-  * People who switch SIM cards in cell phones
-  * Those who use anonymizers, portals or other means to shield IP address
-  * Anyone making "suspicious communications" using VOIP or communicating through a PC game
-
-If you spot any of these activities taking place in an internet cafe, the FBI recommends that you "gather information about individuals without drawing attention to yourself", which includes "license plates, vehicle description, languages spoken and ethnicity."
-
-**Criminalising privacy**
-
-Leaving aside perfectly innocent online activities such as "speaking to someone within a PC game", the FBI's list is particularly worrying in that it targets [VPNs][2] and other 'anonymizers' that help users shield their IP address. It seems that the US government is now making a concerted effort to criminalise – or at least create suspicion around – anyone who is legitimately concerned with online privacy.
-
-This attempt by the FBI to demonise those who wish to protect their privacy is a bold move. However, it is sadly not unexpected. Attempts to undemocratically erode online privacy by US government agencies has been only escalating over the last two years.
-
-**The privacy war is surges ahead**
-
-Perhaps the most worrying development is the the FBI's efforts to [amend the US' Electronic Communications Privacy Act][3]. If the amendment is approved the FBI will have the power to demand internet service providers "report the activity of any user thought to be implicated in intelligence investigations." The FBI wants to be able to request emails, and other confidential information, from ISPs and hold that data for up to 2 years, and it doesn't want to be held accountable in its pursuit of such information.
-
-If the FBI gets its way, any agent requesting user information does not need proof that the user is engaging in wrongdoing, nor does the agent need judges' approval, all he needs is to believe the information would be beneficial to counter-intelligence operations. In other words, all that stands between the government and your personal information is the suspicions of individual FBI agents.
-
-And it's not just your emails that the FBI wants, the agency also wants to know what you're doing when you're on the move. It was revealed last month that the [FBI agents had been in contact with Carrier IQ][4] a technology company whose smartphone spyware caused a furore after being secretly installed on over 100 million devices by telecoms companies. Even worse, the FBI lied about having ever contacted Carrier IQ and still won't reveal the nature of its correspondence with the company.
-
-** An eye on Twitter **
-
-Now, it's easy to think that none of this stuff will affect you. You're not a terrorist, you don't engage in suspicious activity, why would any government agency want to monitor you? Well the sad truth is you're already being monitored by the US government to some extent, especially if you use a social network such as Twitter. Just ask UK citizen Leigh Van Bryan, who last week flew to Los Angeles for a vacation.
-
-Upon arrival Mr Van Bryan was [taken away and questioned for five hours][5] by US Homeland Security, before being deported back to the UK. His crime? He posted the following joke message on Twitter: "Free this week, for quick gossip/prep before I go and destroy America." Make no mistake, big brother is watching, and they want your fellow citizens to watch you too!
-
- [1]: http://publicintelligence.net/fbi-suspicious-activity-reporting-flyers/
- [2]: /
- [3]: http://www.usatoday.com/tech/news/internetprivacy/2010-08-02-FBI-email-access_N.htm
- [4]: http://www.businessweek.com/ap/financialnews/D9RL82AO0.htm
- [5]: http://www.bbc.co.uk/news/technology-16810312
\ No newline at end of file
diff --git a/src/content/es/blog/2012-02-11-europeans-rage-against-acta.md b/src/content/es/blog/2012-02-11-europeans-rage-against-acta.md
deleted file mode 100644
index 57c5d0141..000000000
--- a/src/content/es/blog/2012-02-11-europeans-rage-against-acta.md
+++ /dev/null
@@ -1,41 +0,0 @@
----
-title: Europeans rage against ACTA
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-02-11T15:08:08+00:00
-url: /blog/europeans-rage-against-acta/
-heroImage: /images-static/uploads/acta-protests.jpg
-thumbnailImage: /images-static/uploads/acta-protests.jpg
-
----
-Thousands of European citizens are taking to the streets today to protest against the EU's Anti-Counterfeiting Trade Agreement, otherwise known as ACTA, which severely threatens European online privacy and civil liberties in the name of protecting copyright.
-
-Protesters in over 200 European cities have braved the current cold snap to pressure their governments into abandoning its agreement to pass ACTA into law, which was signed by 22 of the EU's 27 countries on January 26th. Final signing of the law will take place in June.
-
-**Winning the battle**
-
-Protests over the last four weeks have already had a huge effect on hindering ACTA's march into the EU law books. In January Poland saw some of the biggest demonstrations in its post-communist history, which included [members of its own parliament][1], which has now forced the Polish government to refuse to sign the bill and officially withdraw its support. Following protests in Berlin and Prague, Poland was swiftly joined by Germany and The Czech Republic, who are also now [withdrawing their support][2] for ACTA.
-
-Even more surprising was the refreshing display of humility displayed by Slovenia's ambassador to Japan, Helena Drnovsek Zorko, who apologised for not grasping the grave threat that ACTA poses to the internet. Zorko was one of the committee members who signed ACTA on behalf of Slovenia last month. She is now calling on people to take to the streets and on governments to abandon the bill.
-
-"I signed ACTA out of civic carelessness, because I did not pay enough attention," [wrote Zorko][3]. "Quite simply, I did not clearly connect the agreement I had been instructed to sign with the agreement that, according to my own civic conviction, limits and withholds the freedom of engagement on the largest and most significant network in human history, and thus limits particularly the future of our children."
-
-**Internet Spy Provider**
-
-But hang on, didn't Americans manage to kill the Stop Online Privacy Act last month? Isn't the internet saved? What's ACTA and what exactly are Europeans getting angry about?
-
-Well ACTA is potentially even worse than SOPA. Chief among concerns is the bill's insistence that Internet Service Providers effectively police the actions of their customers. ACTA makes sure that ISPs are put under pressure to monitor exactly what internet users are browsing and downloading and then report them to law officials should they believe copyrighted content has been accessed illegally. If ACTA passes then Europeans can wave goodbye to their online privacy. ISPs would be forced to spy on users and the only way to get around this would be to use an anonymisation service such IVPN.
-
-**Cloak and dagger**
-
-Given its sinister ramifications, it's therefore no surprise that ACTA was drafted almost entirely in secret between EU officials and entertainment industry copyright lawyers. In fact, Kader Arif, the very person the European Parliament put in charge to oversee ACTA, [quit his position][4] in disgust, saying that he wants to "denounce in the strongest possible manner the entire process that led to the signature of this agreement."
-
-Make no mistake, ACTA is a nasty piece of work  and if you want to protect online privacy and fight for a free internet then you should support those Europeans protesting on the streets today. For more information on ACTA and for ways to pressure your local Member of the European Parliament, [visit Kill ACTA][5].
-
- [1]: http://www.washingtonpost.com/blogs/blogpost/post/poland-protests-erupt-over-acta-law-debate/2012/01/27/gIQAt6UOVQ_blog.html
- [2]: http://www.techspot.com/news/47415-acta-faces-another-setback-in-europe-as-germany-delays-signing.html
- [3]: http://www.techdirt.com/blog/?tag=helena+drnovsek+zorko
- [4]: http://www.bbc.co.uk/news/technology-16757142
- [5]: http://killacta.org/
\ No newline at end of file
diff --git a/src/content/es/blog/2012-02-19-canadians-face-police-attack-on-online-privacy.md b/src/content/es/blog/2012-02-19-canadians-face-police-attack-on-online-privacy.md
deleted file mode 100644
index 129f9428b..000000000
--- a/src/content/es/blog/2012-02-19-canadians-face-police-attack-on-online-privacy.md
+++ /dev/null
@@ -1,27 +0,0 @@
----
-title: Canadians face police attack on online privacy
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-02-19T16:35:01+00:00
-url: /blog/canadians-face-police-attack-on-online-privacy/
-heroImage: /images-static/uploads/Flag_of_Canada.svg_.png
-thumbnailImage: /images-static/uploads/Flag_of_Canada.svg_.png
-
----
-Canada is close to passing a new law that allows police to access user IP addresses, names, addresses and telephone numbers, without need for a warrant or any evidence of wrongdoing.
-
-Unlike recent headline-grabbing bills such as ACTA and SOPA, the "Protecting Children From Internet Predators Act" was not devised by the entertainment industry and copyright lawyers. This bill comes directly from the Canadian police force under the guise of helping law enforcement officials catch paedophiles and prevent online suicides.
-
-However, the bill is facing strong opposition within Canada, as it gives the police unprecedented access to private online user data and new powers of online surveillance. Under the act ISPs must provide a "back door" to allow police to monitor user communications. Furthermore, telecommunication providers have 18 months to equip their networks with the technology to allow police to intercept communications. ISPs also have to provide user information, such as IP address, telephone number, name and address to police "quickly" - in case of an emergency - and hold on to private user data for up to 90 days.
-
-Online privacy activists in Canada have said that the new law risks criminalising innocent internet users and puts every internet user's privacy at risk for the sake of catching a few criminals.
-
-Canadian internet security expert and University of Calgary professor, Tom Keenan, [told CBC News][1] that the bill is based on a culture of suspicion. "I think our police have a lot of tools and they know how to use them," said Keenen. "This bill takes it completely out of balance putting the onus on everybody, that all of our surfing history should be preserved and that's just not a good thing."
-
-Numerous law experts have also said that the Protecting Children From Internet Predators act may violate section 8 of Canada's charter and will be challenged in the courts for being unconstitutional.
-
-In response to criticisms of the bill, Vic Towes, Canada's public safety minister, made the following ridiculous statement to reporters - "either you stand with us or with child pornographers". Such a skewed mentality amongst policy makers demonstrates just how important it is to remain vigilant anytime government tries to interfere with online privacy laws.
-
- [1]: http://www.cbc.ca/news/canada/calgary/story/2012/02/14/calgary-bill-internet-privacy-surveillance-security.html
\ No newline at end of file
diff --git a/src/content/es/blog/2012-02-19-google-caught-spying-on-safari-users.md b/src/content/es/blog/2012-02-19-google-caught-spying-on-safari-users.md
deleted file mode 100644
index 20e9034d4..000000000
--- a/src/content/es/blog/2012-02-19-google-caught-spying-on-safari-users.md
+++ /dev/null
@@ -1,49 +0,0 @@
----
-title: Google caught spying on Safari users
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-02-19T16:42:16+00:00
-url: /blog/google-caught-spying-on-safari-users/
-heroImage: /images-static/uploads/apple-vs-google_3.jpg
-thumbnailImage: /images-static/uploads/apple-vs-google_3.jpg
-comments:
-  - author: Daniel R Colgan
-    date: 2012-03-17T02:52:39+01:00
-    content: |
-      Whotookmycivilrights - 
-
-      It occurs to myself with so many claims of spying by browser suppliers, communication giants, etc that to assume that it is not happening is like sticking your head in the sand hoping the lion wont eat you.
-    
-      The answer at least a partial one is an app that you can install on your computer and or phone that installs at both ends of a communication setup, for companies – comunications between itself worldwide and its employees, or for the average Joe the same app shared between friends for secure communications, the app Encrypts the data to be sent via a password that has to be entered at the receiving end to unencrypt the data, basically setting up a secure "Encryption Tunnel" communication.
-    
-      Supposedly all data is already encrypted when sent if true then the app would let you encrypt your own information as well technically it is then being encrypted twice!
-    
-      as i said it should be assumed that all data "IS BEING SPYED ON" and take precations regardless since if its not then it probably will be in the future,
-    
-      "Those with power become corrupted by that power, very few resist the temptation!"
-    
-      IdeasManDan!
-    
-      aka "Whotookmycivilrights"
-  - author: Sachin kumar
-    date: 2012-04-21T09:17:01+02:00
-    content: |
-      Apple+google is coooool&#8230;&#8230;
-
----
-Google stands accused of deliberately hacking Apple's Safari browser, in order to circumvent security barriers and install user-tracking cookies.
-
-Google's activities were reported to the [Wall Street Journal][1] by a Stanford researcher. The researcher found that Google had installed dodgy web forms inside online ads with Google's +1 button. Once a user clicked on the button, the form tricked Safari into thinking that the user had approved cookies to be installed, which allowed Google to install their tracking code.
-
-Even worse, this form also allowed third party advertisers [Vibrant Media and WPP][2], to install their own advertising cookies into Safari (which had previously been blocked), allowing the advertisers to track users and serve them ads based on what websites they had visited.
-
-In its defence, Google argues that it wasn't tracking users on purpose and only wanted to know if a user was logged into a Google account. The company also says that it did not realise its exploit allowed third party advertisers to install cookies.
-
-After [being contacted by the Wall Street Journal][1], Google promptly disabled the code and issued the following statement: "The Journal mischaracterizes what happened and why. We used known Safari functionality to provide features that signed-in Google users had enabled. It's important to stress that these advertising cookies do not collect personal information."
-
-Does anyone remember Google's old catchphrase "don't be evil"? Because Google clearly doesn't&#8230;
-
- [1]: http://online.wsj.com/article_email/SB10001424052970204880404577225380456599176-lMyQjAxMTAyMDEwNjExNDYyWj.html
- [2]: http://www.washingtonpost.com/who-are-vibrant-media-wpp-and-pointroll/2012/02/17/gIQAh0NRKR_story.html
diff --git a/src/content/es/blog/2012-02-26-iranians-face-halal-internet.md b/src/content/es/blog/2012-02-26-iranians-face-halal-internet.md
deleted file mode 100644
index 67282039a..000000000
--- a/src/content/es/blog/2012-02-26-iranians-face-halal-internet.md
+++ /dev/null
@@ -1,41 +0,0 @@
----
-title: Iranians face 'halal internet'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-02-26T17:58:07+00:00
-url: /blog/iranians-face-halal-internet/
-heroImage: /images-static/uploads/iranian_protesters.jpg
-thumbnailImage: /images-static/uploads/iranian_protesters.jpg
-comments:
-  - author: A Forest
-    date: 2017-02-21T03:52:54+01:00
-    content: |
-      VPN users need not to worry. There had been a lot of attempts to control internet usage and vpn access yet vpn providers continued to be better as well. I have been using Astrill for the last five years since I travel a lot and it always work fine even in the Middle East.
-
----
-Two thousand, five hundred, years ago Iran connected the world with the [first ever global empire][1], but fast-forward to 2012 and it looks like the Iranian government is about to take a dramatic step in isolating its own population. Iranians are currently facing widespread disruption of internet services, which many experts believe is linked to government plans to introduce a heavily regulated 'clean internet'.
-
-The Iranian government, which already implements a national firewall, has been deploying multiple strategies to restrict internet access over the last few days. Many Iranian internet users rely on VPN services to access blocked sites that the government believes are pro-western or anti-Islamic. Iranians account for 15% of all Tor users, making Iran the second largest user of anonymisation tools in the world, behind only the USA.
-
-**Deep packet inspection**
-
-But by using increasingly sophisticated deep packet inspection of SSL traffic, as well as IP address blocking and keyword filtering, the Iranian government has recently been able to block Tor traffic, VPNs and other techniques used to circumvent its firewall.
-
-Many sites use encrypted traffic via Secure Sockets Layer, or SSL, protocols, for basic security. The fact that the Iranian government is willing to go to such extreme lengths to block all SSL traffic, doesn't bode well. Social networking sites such as Twitter and Facebook, and email services such as Gmail and Hotmail have also now been blocked.
-
-For its part, the Iranian government actually denies interfering with internet traffic. There are many voices within the Iranian parliament itself that believes heavy censorship of the internet is damaging Iran's economy and making social tensions even worse in the country. But according to most experts, government involvement is almost certain and there are two main explanations.
-
-**'Halal' internet**
-
-The first is that the regime is trying to disrupt communications between political activists ahead of the upcoming elections, due to take place in March, and the anniversary of the 'Green Protests' that occurred in 2009. This would make a lot of sense as – like with Egypt's revolution - Facebook and Twitter has played a big role in Iranian protests.
-
-The other explanation is related to [plans for a so called 'clean internet'][2], which Iranian officials claimed would be launch in May or June.
-
-If Iran manages to pull this off it would be a huge blow to online freedom of speech across the world. Other regimes that seek to control the web, from China to North Korea, will no doubt be watching Iran's project very keenly. It may not be unreasonable to expect western nations with tough internet censorship laws, such as Australia, to also sit-up and take notice (and let's not forget the entertainment industry).
-
-Hopefully the resourcefulness of Iranians – a young and highly educated population – and the development of increasingly sophisticated VPN and circumvention tools, will ensure that Iran remains connected to the rest of the world despite the efforts of its repressive government. Given the increasing likelihood of a US and Israeli attack on Iran, it's never been more important for Iranians to have a voice online.
-
- [1]: http://en.wikipedia.org/wiki/Cyrus_the_Great
- [2]: http://www.fastcompany.com/1819375/why-irans-building-a-second-internet?partner=gnews
diff --git a/src/content/es/blog/2012-03-03-ireland-passes-sopa-law.md b/src/content/es/blog/2012-03-03-ireland-passes-sopa-law.md
deleted file mode 100644
index 3b8e014ec..000000000
--- a/src/content/es/blog/2012-03-03-ireland-passes-sopa-law.md
+++ /dev/null
@@ -1,39 +0,0 @@
----
-title: Ireland passes "SOPA" law
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-03-03T17:31:54+00:00
-url: /blog/ireland-passes-sopa-law/
-heroImage: /images-static/uploads/ireland-sopa-law.jpg
-thumbnailImage: /images-static/uploads/ireland-sopa-law.jpg
-
----
-The entertainment industry may have suffered a defeat in the USA with SOPA, and a potential defeat in the wider EU with ACTA, but in Ireland it's finally finding some success, after the Irish government passed a SOPA-esque bill into law on Friday.
-
-The newly stamped bill, dubbed the Copyrighted and Related Rights Regulation, allows the entertainment industry to force ISPs to block any websites that it believes hosts or links to copyrighted content. ****
-
-**The government isn't listening**
-
-Although it doesn't go quite [as far as SOPA][1] and demand that ISPs hand over user data, the new bill was nevertheless strongly opposed within Ireland, motivating over 80,000 Irish citizens to petition their members of parliament against its ratification. Protesters warned that the legislation gives the entertainment industry the legal leverage to force Irish ISPs into blocking major websites such as Facebook, YouTube and Twitter, as well as any other website that has the audacity to permit user generated links and content.
-
-"It is a disgraceful decision," said a spokesperson for the protest group [Stop SOPA Ireland][2]. "Not only because an unprecedented 80,419 people mobilised in the space of a few days and told Ministers Bruton and Sherlock that they were wrong to take this action. It is a shameful decision because the Government knows that those 80,419 people were right, and have done the wrong thing anyway."
-
-The Irish government has been under intense pressure from the entertainment industry to change its online copyright laws. Last year EMI, Warner, Universal and Sony attempted to force a local Irish ISP to block access to pirate sites, but were prevented from doing so in the Irish courts. This then led last month to EMI [filing a law suit against Ireland][3], alleging that the government was dragging its feet in implementing copyright law reforms. Even worse, despite Ireland implementing the new legislation, it appears that EMI still intends to sue the government.
-
-**A confused message**
-
-The man responsible for passing the bill, Irish minister Sean Sherlock, said that he now hopes Ireland can become a ["model of best practice"][4] when it comes to internet copyright law. "This is a very complex area of law," said Sherlock in a statement. "My ambition to make Ireland a model of international best practice in this area will not be easily achieved, and as this debate develops I urge all interested parties on all sides to come together and work in a constructive and realistic way to the benefit of all."
-
-However, Sherlock seems to be somewhat confused on whether or not he wants to protect copyright, or promote innovation. In the very same statement he adds, "The challenge now is to examine what measures we can take to develop Ireland's laws in this area in such a way as to provide the greatest possible encouragement for innovation in the creative and digital industries to take place here."
-
-**Stay vigilant**
-
-Someone needs to tell the Irish government that you can't promote innovation while passing laws that force service providers to police online content, as well as giving lawyers to power to cut-off a democratic nation from some of the internet's biggest websites. What happened in Ireland on Friday demonstrates that we must be more vigilant and more vociferous than ever in our opposition to draconian copyright laws. The entertainment industry may have won the battle in The Emerald Isles, [but with ACTA][5] and PIPA currently on the ropes, the war isn't over yet.
-
- [1]: /blog/could-you-be-prosecuted-under-a-foreign-countrys-online-content-laws/
- [2]: http://stopsopaireland.com/#4
- [3]: http://www.pcmag.com/article2/0,2817,2398824,00.asp
- [4]: http://www.thejournal.ie/sherlock-confirms-that-%E2%80%98irish-sopa%E2%80%99-has-been-signed-into-law-369634-Feb2012/
- [5]: /blog/europeans-rage-against-acta/
\ No newline at end of file
diff --git a/src/content/es/blog/2012-03-09-uk-isps-forced-to-spy-on-customers.md b/src/content/es/blog/2012-03-09-uk-isps-forced-to-spy-on-customers.md
deleted file mode 100644
index ceac1a56b..000000000
--- a/src/content/es/blog/2012-03-09-uk-isps-forced-to-spy-on-customers.md
+++ /dev/null
@@ -1,38 +0,0 @@
----
-title: UK ISPs forced to spy on customers
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-03-09T20:21:04+00:00
-url: /blog/uk-isps-forced-to-spy-on-customers/
-heroImage: /images-static/uploads/digital-britain_1530933c.jpg
-thumbnailImage: /images-static/uploads/digital-britain_1530933c.jpg
-
----
-UK internet users may soon face an unprecedented attack on their online privacy, after two of the country's biggest ISP's lost their latest court appeal against a government law that forces them to spy on customers on behalf of copyright holders.
-
-After almost two years of legal battles the UK's controversial Digital Economies Act is about to be given the green light. On Tuesday TalkTalk and BT, the UK's two biggest ISPs, [failed in their latest attempt][1] to appeal against the law and though they still have the option of taking their case to the Supreme Court, success is not looking likely. Once the law is fully implemented anyone suspected of illegal filesharing in the UK will be sent warning letters from their ISP. If these letters go unheeded then users face the prospect of being banned from accessing the internet altogether.
-
-[Like SOPA][2], The Digital Economies Act allows copyright holders to flag and ban a URL that contains copyrighted material, effectively creating a 'copyright firewall' around the UK. Given that ISP's must intercept and examine outgoing internet connections, in order to determine if a user is accessing a copyright-infringing website, the enactment of The DEA means that UK internet users will face severe erosion of their online privacy. The only way to for Brits to avoid ISP intrusion into their web surfing would be to use TOR or a VPN. ****
-
-**Basic rights and freedoms**
-
-BT and TalkTalk were strongly opposed to the Digital Economies Act and have spent millions in court battles since the law was passed. The ISPs, as well as anti-copyright activists, argued that the act violated European Laws, clashing with European Union directives on technical standards, authorisation, e-commerce, as well as privacy and electronic communications. BT and TalkTalk also said that the act infringed internet users' "basic rights and freedoms", and did not receive sufficient parliamentary scrutiny when it was "rushed through", under much secrecy, during the final days of the Labour government.
-
-Of course, all of those objections were somewhat a side-show to the ISPs' real grievance. Tracking all those users, sending out all those letters and blocking all those URLs, will cost BT and TalkTalk a great deal of time, money and resources - these companies will be effectively policing the browsing habits of UK internet users.
-
-"We're disappointed that our appeal was unsuccessful though we welcome the additional legal clarity that has been provided for all parties," a TalkTalk representative [told the The Register][3]. "We are reviewing this long and complex judgement and considering our options. Though we have lost this appeal we will continue fighting to defend our customers' rights against this ill-judged legislation." ****
-
-**Criminals or customers?** 
-
-The music industry is – surprise, surprise – very happy with the ruling and wasted no time pressuring TalkTalk and BT to give-up fighting the legislation and to start enforcing it against their users. "The ISPs' failed legal challenge has meant another year of harm to British musicians and creators from illegal filesharing," said BPI chief, Geoff Taylor. "The ISPs now need to work constructively with Government and rights holders to implement the Act."
-
-As [TechDirt points out][4], there is no real evidence to Taylor's claim that British musicians and creators are being hurt by illegal filesharing and the new legislation is unlikely to result in users paying more for music than they already do.
-
-The most likely result from the Digital Economies Act – particularly the practice of spying on internet users and threatening them with disconnection - is that more and more young people will grow-up hating the entertainment industry. When the first letters are posted, ISPs will ensure that the inevitable public relations fallout rests entirely on the shoulders of copyright holders. The only viable, long-term, solution left to the entertainment industry is to adapt to new business models and work with ISPs to monetise their content in new ways, otherwise they will be facing-down a generation of angry, victimised, customers.
-
- [1]: http://www.guardian.co.uk/technology/2012/mar/06/internet-provider-lose-challenge-digital-economy-act?INTCMP=SRCH
- [2]: /blog/could-you-be-prosecuted-under-a-foreign-countrys-online-content-laws/
- [3]: http://www.theregister.co.uk/2012/03/06/bt_talktalk_lose_final_appeal_against_digital_economy_act/
- [4]: http://www.techdirt.com/articles/20120306/18075618006/uk-isps-lose-their-challenge-to-digital-economy-act-entertainment-industry-responds-condescendingly.shtml
\ No newline at end of file
diff --git a/src/content/es/blog/2012-03-15-internet-privacy-concerns-rise-as-debate-rages-over-ad-tracking-regulation.md b/src/content/es/blog/2012-03-15-internet-privacy-concerns-rise-as-debate-rages-over-ad-tracking-regulation.md
deleted file mode 100644
index 19e72f6e0..000000000
--- a/src/content/es/blog/2012-03-15-internet-privacy-concerns-rise-as-debate-rages-over-ad-tracking-regulation.md
+++ /dev/null
@@ -1,42 +0,0 @@
----
-title: Internet privacy concerns rise, as debate rages over ad-tracking regulation
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-03-15T15:25:25+00:00
-url: /blog/internet-privacy-concerns-rise-as-debate-rages-over-ad-tracking-regulation/
-heroImage: /images-static/uploads/onlineads.jpg
-thumbnailImage: /images-static/uploads/onlineads.jpg
-
----
-Two surveys released this week have revealed that internet users are becoming more and more concerned about their online privacy, as debate rages between regulators and activists over how much control we should have over advertisers seeking to collect our personal data.
-
-Surveys recently released by the University of Queensland in Australia and the Pew Internet and American Life Project in the United States, both found that a majority of internet users are not comfortable with targeted advertisements and data collection. [The Queensland survey][1] found that 56% of Australians are not comfortable with online advertising companies and websites tracking their online behavior and collecting anonymous data, while [the Pew survey][2] found the 68% of Americans did not want targeted ads if meant they would be tracked online.
-
-The University of Queensland also found that 90% of users wanted to be able to control how their data is collected online by advertisers, and that 75% wanted to find out more about how advertisers capture that data. The survey further discovered that 97% of Australians want the ability to take legal action if their privacy is breached.
-
-"Companies know more and more about us, but we know very little about what they're doing with that information," said the University of Queensland's Dr Andrejevic. "The more they collect, the less we know. As the level of information collection increase in the digital era, democracy and personal autonomy need to be protected."
-
-**The meaning of "Do Not Track"**
-
-The two surveys comes as [tensions rise between the online advertising industry and privacy advocates][3], over plans to introduce an opt-out mechanism for consumers who do not want to be tracked by ad agencies. The 'Do Not Track' initiative has seen the Digital Advertising Alliance, US federal regulators and privacy activists unable to even reach a consensus over what "Do Not Track" actually means.
-
-Privacy watchdogs argue that a 'Do Not Track' opt-out should allow users to prevent any data collection from advertisers, full stop. While the DAA argues that users should only have the right to opt-out of seeing targeted ads, with advertisers still permitted to collect anonymous data. The DAA also argues that Do Not Track should only refer to third party advertisers and not the first party websites that the users actually visit.
-
-[Google has already added][4] a 'Do Not Track' button to its Chrome browser (which blocks targeted ads, but allows data collection), but the issue is far from resolved. The World Wide Web Consortium (W3C) convenes later in the year to create its own Do Not Track standards – a process that is expected to generate even more debate - and the US Federal Trade Commission says it will release a report soon detailing its own conclusions on the issue.
-
-"I believe currently we are in a pitched negotiation over exactly how powerful a choice users will have when it comes to online tracking," said Rainey Reitman, an activist at the Electronic Frontier Foundation. "The next few months are going to be a decision-making time for whether Do Not Track is a truly powerful mechanism."
-
-**Privacy vs free content?**
-
-While it's very tempting to automatically side with the activists over user privacy concerns, the issue is a complex one. Advertising revenue [is what keeps so much internet content free][5] to access and the online advertising industry relies immensely on collecting user data and tracking what users do after they've clicked on an ad.
-
-As the surveys mentioned above indicate, the majority of internet users – given the choice – will opt out of data tracking, which leaves content producers (everyone from The New York Times to YouTube) facing an uphill struggle in terms of staying profitable. On the other hand, the sheer number of internet advertising firms collecting user data [is astonishing][6] and none of these firms appear accountable to anyone. Sure, they may not have any malicious intentions but, with the internet permeating nearly all aspects of our life, are we comfortable with being watched so closely? And can we really trust these companies to protect the data they collect ?
-
- [1]: http://www.uq.edu.au/news/?article=24504
- [2]: http://www.technewsdaily.com/3971-internet-privacy-concerns-grow-survey-finds.html
- [3]: http://www.politico.com/news/stories/0312/73976.html
- [4]: http://www.theregister.co.uk/2012/02/24/google_chrome_do_not_track/
- [5]: http://mybroadband.co.za/news/internet/45397-online-privacy-strategies-face-hard-sell.html
- [6]: http://www.theatlantic.com/technology/archive/2012/02/im-being-followed-how-google-151-and-104-other-companies-151-are-tracking-me-on-the-web/253758/
diff --git a/src/content/es/blog/2012-03-26-top-five-ways-to-protect-your-online-privacy.md b/src/content/es/blog/2012-03-26-top-five-ways-to-protect-your-online-privacy.md
deleted file mode 100644
index 3e4826028..000000000
--- a/src/content/es/blog/2012-03-26-top-five-ways-to-protect-your-online-privacy.md
+++ /dev/null
@@ -1,47 +0,0 @@
----
-title: Top five ways to protect your online privacy
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-03-26T14:29:00+00:00
-url: /blog/top-five-ways-to-protect-your-online-privacy/
-heroImage: /images-static/uploads/online-privacy.jpg
-thumbnailImage: /images-static/uploads/online-privacy.jpg
-
----
-The issue of online privacy has never been more urgent. Over the last year we've seen a combination of governments, advertisers, and the entertainment industry, all trying to increase their power to monitor what you do in cyberspace.
-
-Whether it's trying to [force radical and unpopular legislation][1] through the courts, [spying on what you browse][2] and buy online, or [encouraging fellow citizens to monitor your online behavior][3], it's clear that there is now a concerted effort to undermine the principal of online anonymity, which most of us believe should be upheld.
-
-So with all that doom and gloom in mind, what are the most effective measures you can take to protect your privacy while on the web? Our round-up below is by no means exhaustive, but it should get you on the right track.
-
-## Top five ways to protect online privacy
-
-**Invest in an VPN**
-
-Ok, obviously we have a vested interest in pushing for the use of Virtual Private Networks (VPNs), but if you want to make sure your IP address won't be tracked, then a [VPN][4] is your best bet. Using a VPN basically means that your internet traffic is re-routed via servers located in different countries, making it almost impossible for your real world location to be identified. However, using a VPN won't protect you from stuff like ad-tracking, because this isn't tied to your IP address, it's tied primarily to the cookies that get installed in your browser (we'll address this later). But it does mean that nothing can be traced back to your real-world identity. For more about how VPNs work, [check out our FAQ section][5].
-
-**Use TOR**
-
-[TOR][6] is, essentially, a free-to-use VPN service (see above) that protects your IP address. It is used by many people around the world, usually those who suffer under oppressive regimes that seek to heavily control the web, but also people in western democracies. TOR is generally a good way to protect yourself online, but it has a couple of downsides compared to a paid VPN service, such as [IVPN][4]. The main problem is that TOR allows anyone to set-up 'entry' and 'exit' nodes, through which your data travels. Most of the time the people setting up the nodes have good intentions, but if you don't know who these people are then how can you trust them not to spy on your traffic? The other problem with TOR is that it generally offers slower speeds than a privately run VPN.
-
-**Multiple accounts**
-
-When it comes to protecting your online identity (and not necessarily your real world identity), it pays to be smart when signing-up to online services. Don't rely on a single email account to sign-up to forums, shopping sites, social networks etc. Create multiple accounts to fragment your online identity. Also, it may be obvious, but avoid giving away too much personal information while signing up to services (such as real address, phone number etc). Thirdly, remember Google keeps a log of everything you search for and tailors your search results to those requirements. If you're not comfortable with this then don't search Google while logged into a Google account, use different browsers, clear cookies (see below), or just use a different search engine entirely such as DuckDuckGo, which doesn't track you.
-
-**Cookie blocker**
-
-It's difficult to entirely avoid being tracked by online ad companies. Many of these companies have no real interest in knowing who you are, they just want to target ads according to your browsing habits. But nonetheless, it pays to be vigilant, as you have no idea who these ad companies are and how protected your data is. You can run add-ons on Firefox such as Ghostery, NoScript, BetterPrivacy and CookieMonster, to help avoid tracking. You can also regularly delete your cookies and browsing history manually, or with a program such as ComboFix. If you ever get infiltrated by very resilient spyware or adware then you can always pop over to the [TechSupport adware forums][7] and ask for help removing it.
-
-**Smart social network usage**
-
-Obviously the best way to avoid revealing too much information on social networks is to cease using them altogether. But nowadays it's hard to avoid using Facebook and LinkedIn if you want to stay in touch with friends and colleagues. Remember to check Facebook's privacy settings and ensure that you only share information with friends. Don't hand over your birthday, or any other personal information. Consider changing your name to a pseudonym. Register as a resident of a different country. Don't post any pictures of yourself. Don't install any 'apps'. Also avoid 'Liking' any pages or posts (the 'Like' button is one of the biggest tracking elements that Facebook uses to target ads and get information) and avoid discussing personal information with others.
-
- [1]: /blog/europeans-rage-against-acta/
- [2]: /blog/internet-privacy-concerns-rise-as-debate-rages-over-ad-tracking-regulation/
- [3]: /blog/the-fbi-wants-to-criminalise-online-privacy/
- [4]: /
- [5]: /knowledgebase/1/General-FAQ
- [6]: https://www.torproject.org/
- [7]: http://www.techsupportforum.com/forums/f50/
diff --git a/src/content/es/blog/2012-04-02-can-duckduckgo-kill-google.md b/src/content/es/blog/2012-04-02-can-duckduckgo-kill-google.md
deleted file mode 100644
index d4723bcbc..000000000
--- a/src/content/es/blog/2012-04-02-can-duckduckgo-kill-google.md
+++ /dev/null
@@ -1,54 +0,0 @@
----
-title: Can DuckDuckGo kill Google?
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-04-02T13:18:49+00:00
-url: /blog/can-duckduckgo-kill-google/
-heroImage: /images-static/uploads/DuckDuckGo.jpg
-thumbnailImage: /images-static/uploads/DuckDuckGo.jpg
-comments:
-  - author: Misuse
-    date: 2012-04-15T01:00:50+02:00
-    content: |
-      DuckDuckGo is great, especially the ! command line. I hope that duckduckgo can at least give google some strong competition.
-
----
-Could the growing furor over online privacy spell the end of Google's dominance over search? Granted, it's an almost unthinkable proposition today, but with the rapid rise of privacy-conscious alternative DuckGoGo, Google may have a real fight on its hands over the next few years.
-
-Google's online empire has been unshakable since 2009. The only real contender to emerge - following the terminal decline of Yahoo - has been Bing, which despite the clout of Microsoft, has captured just [4% of the global search market][1], as it struggles to differentiate itself.
-
-[Enter DuckDuckGo][2], a stripped down, partially open-sourced, search engine that has a key unique selling point, one that none of its rivals possesses: it stores zero data on its users. Yep, there are no targeted ads (indeed there are no ads whatsoever), no user accounts and no cookies. DuckDuckGo also doesn't 'bubble' its users, meaning that it doesn't individually tailor search results based on what you've previously searched for.
-
-**DuckDuck Going Up**
-
-Over the last few days, coinciding with the negative press over Google's new privacy policy, as well as [increasing concerns over the amount of data being collected][3] by online ad agencies, DuckDuckGo has seen its internet search queries more than double. Prior to Google changing its privacy policy DuckDuckGo was claiming around 400-600 thousand search queries a day. On the same day the privacy changes were announced the new search engine clocked a record 848,468 searches.
-
-Then in the middle of February, one month after the privacy change, DuckDuckGo began to pass the one million queries a day milestone. A couple of weeks later that figure grew by 320 thousand [before hitting 1,518,581 direct queries on March 28th last week][4]. That's more than double the amount of queries within just two months.
-
-Granted, in the wider scheme of things, DuckDuckGo's share of the search market is still pretty tiny – less than one per-cent. But it's founder Gabriel Weinberg is starting to grab the attention of venture capitalist investors. Here's what Union Square Ventures' [Brad Burnham said about its decision to back DuckDuckGo][5] in October.
-
-"When I first got into the venture capital business in the early 90s, it seemed to me that half of the deals I brought to the partnership were dismissed with the line "sure it's cool but what the heck do they do if Microsoft decides to enter this business." Today the role of the dominant player is played by Google (and increasingly Facebook). So as an investor, one has to consider how a potential portfolio company can thrive in the shadow of Google. No where is this more true than in Search.
-
-….The way to compete with Microsoft was to change the basis of competition. We invested in DuckDuckGo because we became convinced that it was not only possible to change the basis of competition in search, it was time to do it."
-
-**A crumbling empire?**
-
-Obviously DuckDuckGo has a long way to go before anyone considers it a rival to Google's crown. But remember, this is the internet we're talking about, an arena where MySpace can go from being the [biggest social network and most visited site in the US in 2006][6], before dropping to second place behind Facebook in 2008, and then three years later being [degraded to the butt of many an online joke][7].
-
-Recently Google has faced backlashes on numerous fronts. The biggest one being privacy concerns, but industry analysts and bloggers have also started to wonder [if Google is over-stretching itself][8] and is taking a wrong approach toward search. Google's biggest potential miss-step is delivering personalised search results to users (the aforementioned 'bubbling'), meaning that you only get to see what Google thinks you want to see. Many have [pointed-out the conceptual problems][9] with such a service. Furthermore, this idea of a personalised web is closely tied-up with Google's social network Google+, which has already been [declared a failure by some][10].
-
-Let's hope DuckDuckGo's success continues. If it does then not only will Google have to think twice about infringing on user privacy, but so will nearly every service on the web. Once users start voting with their feet (or fingers), then the rampant online personal data mining business model, used by everyone from Facebook to The New York Times, will have to start reining itself in.
-
- [1]: http://www.forbes.com/sites/greatspeculations/2012/01/17/bings-market-share-squeaks-higher-google-still-gorilla-of-search/
- [2]: http://duckduckgo.com/
- [3]: /blog/internet-privacy-concerns-rise-as-debate-rages-over-ad-tracking-regulation/
- [4]: http://www.theatlantic.com/technology/archive/2012/03/here-is-a-chart-of-people-freaking-out-about-online-privacy/255234/
- [5]: http://www.webpronews.com/duckduckgo-ready-to-go-to-the-next-level-gets-new-funding-2011-10
- [6]: http://en.wikipedia.org/wiki/Myspace
- [7]: http://www.huffingtonpost.com/henry-blodget/murdochs-myspace-is-proba_b_318919.html
- [8]: http://techcrunch.com/2011/01/08/google-mojo/
- [9]: http://www.ted.com/talks/eli_pariser_beware_online_filter_bubbles.html
- [10]: http://www.forbes.com/sites/insertcoin/2011/08/15/a-eulogy-for-google-plus/
- 
\ No newline at end of file
diff --git a/src/content/es/blog/2012-04-06-uk-online-spying-law-how-to-resist.md b/src/content/es/blog/2012-04-06-uk-online-spying-law-how-to-resist.md
deleted file mode 100644
index 86301588d..000000000
--- a/src/content/es/blog/2012-04-06-uk-online-spying-law-how-to-resist.md
+++ /dev/null
@@ -1,93 +0,0 @@
----
-title: UK online spying law – How to resist
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-04-06T12:32:14+00:00
-url: /blog/uk-online-spying-law-how-to-resist/
-heroImage: /images-static/uploads/theresa-may-uk-online-spying-ccdp.jpg
-thumbnailImage: /images-static/uploads/theresa-may-uk-online-spying-ccdp.jpg
-comments:
-  - author: Richard
-    date: 2012-04-25T13:55:44+02:00
-    content: |
-      Small typo: In the second paragraph under "Collusion of interests", you refer to the "DDCP", whereas every other reference is to the "CCDP".
-
-      Not only is there a strong likelihood that the government will ignore protests and pass the CCDP, but a strong likelihood that anyone who's signed a petition or emailed their MP in protest will be first on the list for warrantless surveillance. After all, as we're repeatedly told, only people with something to hide want privacy.
-  - author: Dennis Kügler
-    date: 2012-04-25T14:13:51+02:00
-    content: |
-      Thanks Richard, corrected. You could be right, but I wouldn't want that possibility to deter people from emailing MPs, especially if you have a LibDem MP. Sure, chances the law will be passed are high. The only substantial political opposition to CCDP would have come from the LibDems - given their libertarian leanings - but now they're a part of the coalition. However this could work to protestors advantage. If LibDem MPs realise this is a huge issue for their own constituents then the party could put pressure on the government from the inside, and that could make a difference.
-
----
-The UK's coalition government is planning to give law enforcement agencies unprecedented powers to monitor and spy on the web-browsing of British citizens. In this post we'll be explaining what this proposed new law means, and what you can do to fight it.
-
-The new legislation, dubbed the Communications Capabilities Development Programme (CCDP), threatens to drag the UK's online surveillance laws down to the level of authoritarian states such as China and [Iran][1]. Under the CCDP the government agency responsible for monitoring communications (GCHQ) [will be able to demand that ISPs hand over details on what websites you're visiting and who you're sending emails to][2], without any court orders or warrants. Under this law, all that stands between you and your online privacy is the idle suspicions of a civil service bureaucrat, who doesn't have to go through a single independent check in order to look at your web-browsing history.
-
-What's more the UK government wants all this internet snooping to take place "in real time", which means that GCHQ will install its own physical monitoring equipment on networks, so it can access your data and watch what you are doing within minutes of suspicions being aroused.
-
-**Collusion of interests**
-
-If this sounds slightly familiar, then its for a good reason. Most of these surveillance powers were included in recent pieces of legislation introduced by the entertainment industry in their global fight against online privacy (sorry, 'piracy'). SOPA tried to fight for these radical powers in the USA, ACTA was the legislation that attempted to [introduce it into the EU][3] and the [Digital Economies Act][4] did the same in the UK.
-
-However, all of these bills either hit the rocks and failed (SOPA and ACTA), or are currently fighting public discontent and legal challenges from ISPs (DEA). The existence of the CCDP (which was leaked by The Sunday Times) reveals that the UK government was in-bed with the entertainment industry all along, because it wants the same powers of surveillance that the copyright lawyers want.
-
-**'Protection money'**
-
-However, instead of threatening the population with accusations of copyright theft, the Conservation and Liberal coalition is now scaring people with terrorists and paedophiles - and they're not even being subtle about it. On Tuesday the Home Secretary Theresa May came out to justify the government's plans by cynically waving around the case of convicted child killer [Ian Huntley][5] – [even though the proposed legislation wouldn't have helped prevent his crimes][6].
-
-Like the online privacy assault from the entertainment industry, this latest piece of law is facing virtually no politically opposition in the UK parliament. In fact, the ruling Conservative party and Liberal Democrats, opposed similar (actually worse) [surveillance legislation from the Labour government][7], during their 13-year reign. Now the coalition are cravenly introducing almost the same thing, knowing that Labour is hardly in a position to criticise them.
-
-**How to resist**
-
-So what can you do about it? Well firstly, the law hasn't passed yet. But it does look like the coalition will try and include the bill in the Queen's Speech next month, which means the law could come into effect before the end of the 2012. So the first step is to join protests and voice opposition against the CCDP. Public outrage caused Labour to scrap its surveillance bill in 2009, so protest can work.
-
-**Petitions/Online protests**
-
-[38 Degrees][8]
-
-[UK Government e-petition][9]
-
-[National "cc all your e-mails to Theresa May" Day (Facebook)][10]
-
-[Open Rights Group][11]
-
-**Blogs to follow for further news on protests**
-
-[IVPN][12]
-
-[Big Brother Watch][13]
-
-[Privacy International][14]
-
-Obviously, there is a strong likelihood that the government will ignore protests and pass the CCDP. In this event there are still options to protect your privacy.
-
-**Sign up to VPN**
-
-A Virtual Private Network, such as our own IVPN service, anonymises your data by routing your traffic to servers around the world, effectively masking your IP address. You can read more about [IVPN's product right here][15], or you can search for other VPNs online.
-
-**TOR**
-
-[The Onion Router][16] (TOR) is another way to anonymise yourself online. TOR is a free anonymisation tool used by many people in repressive states to circumvent nationwide firewalls and works in a similar way to VPNs. The main downside to TOR is that the service is slightly more vulnerable to spying (you don't know who controls the servers) and won't offer quite as good speeds as a paid VPN.
-
-**If you live in the UK [email your local MP][17] and express your disgust at this law. For more information on protecting your online privacy read our [top five tips here][18] and check back on our blog for updates. If you are organising, or know of, any protest/e-petitions that you think we should feature please drop us a line in the comments below.**
-
- [1]: /blog/iranians-face-halal-internet/
- [2]: http://www.bbc.co.uk/news/uk-politics-17590363
- [3]: /blog/europeans-rage-against-acta/
- [4]: /blog/uk-isps-forced-to-spy-on-customers/
- [5]: http://en.wikipedia.org/wiki/Ian_Huntley#Ian_Huntley
- [6]: http://www.bbc.co.uk/news/uk-politics-17576745
- [7]: http://news.bbc.co.uk/1/hi/uk_politics/8020039.stm
- [8]: https://secure.38degrees.org.uk/page/s/stop-government-snooping#petition
- [9]: http://epetitions.direct.gov.uk/petitions/32400
- [10]: https://www.facebook.com/pages/National-cc-all-your-e-mails-to-Theresa-May-Day/155277607840980?ref=ts&__adt=5&__att=iframe
- [11]: http://action.openrightsgroup.org/ea-campaign/clientcampaign.do?ea.client.id=1422&ea.campaign.id=8227
- [12]: /blog/
- [13]: http://www.bigbrotherwatch.org.uk/
- [14]: https://www.privacyinternational.org/
- [15]: /why-ivpn
- [16]: https://www.torproject.org/
- [17]: http://www.parliament.uk/mps-lords-and-offices/mps/
- [18]: /blog/top-five-ways-to-protect-your-online-privacy/
diff --git a/src/content/es/blog/2012-04-14-cispa-more-of-a-threat-to-online-privacy-than-sopa.md b/src/content/es/blog/2012-04-14-cispa-more-of-a-threat-to-online-privacy-than-sopa.md
deleted file mode 100644
index 9c5be13d5..000000000
--- a/src/content/es/blog/2012-04-14-cispa-more-of-a-threat-to-online-privacy-than-sopa.md
+++ /dev/null
@@ -1,43 +0,0 @@
----
-title: 'CISPA: More of a threat to online privacy than SOPA?'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-04-14T15:36:00+00:00
-url: /blog/cispa-more-of-a-threat-to-online-privacy-than-sopa/
-heroImage: /images-static/uploads/cispa.jpg
-thumbnailImage: /images-static/uploads/cispa.jpg
-
----
-Another day, another new piece of legislation that threatens the online privacy of web citizens around the world. Last week it was the draconian new spying powers of the UK's CCDP act, this week it's the turn of the US congress' to stir-up online protest with a piece of legislation that once again threatens to give government agencies new powers to spy on users. Worst of all, most of the online industry supports it.
-
-**'Cyber security-threat'**
-
-CISPA, which stands for the [Cyber Intelligence Sharing and Protection Act][1], is - on the face of it - a bill designed to allow the US government and private web-corporations to share information more effectively in order to better prosecute "cyber security-threats". Here's what co-author of the bill, Republican Mike Rogers, says CISPA is designed for.
-
-"Every day US businesses are targeted by nation-state actors like China for cyber exploitation and theft," argues Rogers. "This consistent and extensive cyber looting results in huge losses of valuable intellectual property, sensitive information and American jobs. The broad base of support for this bill shows that Congress recognizes the urgent need to help our private sector better defend itself from these insidious attacks."
-
-Like the UK government's attempts last week at [blaming paedophiles for the necessity of online state spying][2], the US government is trying to whip its population into an irrational fear of international cyber-espionage in order curtail online freedoms. Sure, China and other entities may pose some threat to US interests in the online space. But as it [did with SOPA][3], the US government has decided to address this problem by introducing a clumsy, ill-defined, bill that will do far more harm than good, threatening personal liberties and damaging the online ecology.
-
-**Just what is a 'cyber-threat'?**
-
-So what powers does CISPA give the US government? The bill is mainly about information sharing, so it means ISPs and services such as Google and Facebook, will be obligated to share information about you with government agencies. [The bill's vagueness][4] means that this information could be anything from your personal emails and Facebook messages, to your browsing history. While CISPA's authors argue that the legislation would not directly give governments the power to block websites, the bills lack of clarity means that governments could use information shared under CISPA to block access.
-
-All of these powers are designed to combat "cyber-security threats". But, far from concentrating on Chinese and Iranian espionage, CISPA's definition of 'cyber security-threat' is very broad indeed. The bill's authors defines it as "theft or misappropriation of private or government information, intellectual property, or personally identifiable information."
-
-Under those definitions CISPA isn't much different to SOPA. "Theft of&#8230;Intellectual property" covers exactly the kind of activity that SOPA used to justify shutting down entire websites because of unlicensed copyrighted material. If you wanted to be cynical about it, you could argue that CISPA is simply an attempt to hoodwink the population into accepting SOPA-like legislation under a different name.
-
-**The big difference**
-
-However, there is one key – and rather scary – difference between SOPA  and CISPA. Whereas SOPA demise was brought about through a combination of grass roots activism and strong opposition from big online entities (such as Google and Wikipedia), [CISPA has the support of much of Silicon Valley][5] - Google and Facebook both back the bill. Why would Google be anti-SOPA but pro-CISPA? Essentially because CISPA makes life easier for search engines, social networks and other web services. Under SOPA, Google would have to spend much more money policing content to ensure no copyrighted material was being pirated. But with CISPA all Google and Facebook have to do is share information about suspected "cyber-threats" with the government, then government agencies would deal with the problem, without angry copyright holders banging on the door with lawsuits.
-
-This is why CISPA is a potentially bigger threat than SOPA. The act may not be quite as damaging , in the sense that it won't directly force websites to shut-down, but it has the support of key internet players, which blunts the opposition's voice. In order to defeat CISPA the public has to mobilise online and offline in order to put pressure on congress. Hacktivist groups like Anonymous have [already begun their fight][6], social networks like Reddit are also keeping-up the pressure, and pretty much every journalist who opposed SOPA is also opposing CISPA. If you are based in the US then [email your congressman today][7], to make your voice heard.
-
- [1]: http://en.wikipedia.org/wiki/Cyber_Intelligence_Sharing_and_Protection_Act
- [2]: /blog/uk-online-spying-law-how-to-resist/
- [3]: /blog/government-bills-spy-on-individual-surfing-habits/
- [4]: https://www.eff.org/deeplinks/2012/03/rogers-cybersecurity-bill-broad-enough-use-against-wikileaks-and-pirate-bay
- [5]: http://www.digitaltrends.com/opinion/cispa-is-not-the-new-sopa-heres-why/
- [6]: http://www.theinquirer.net/inquirer/news/2166994/anonymous-starts-anti-cispa-protests
- [7]: https://wfc2.wiredforchange.com/o/9042/p/dia/action/public/?action_KEY=8444
\ No newline at end of file
diff --git a/src/content/es/blog/2012-04-24-a-quick-guide-to-current-online-privacy-threats.md b/src/content/es/blog/2012-04-24-a-quick-guide-to-current-online-privacy-threats.md
deleted file mode 100644
index bfc06b976..000000000
--- a/src/content/es/blog/2012-04-24-a-quick-guide-to-current-online-privacy-threats.md
+++ /dev/null
@@ -1,113 +0,0 @@
----
-title: A Quick Guide To Current Online Privacy Threats
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-04-24T13:53:16+00:00
-url: /blog/a-quick-guide-to-current-online-privacy-threats/
-heroImage: /images-static/uploads/3anonymous.png
-thumbnailImage: /images-static/uploads/3anonymous.png
-comments:
-  - author: Dina G
-    date: 2012-04-24T20:36:35+02:00
-    content: |
-      Good list. Our government is the biggest actual threat to privacy, but as a practical matter, most people are their worst own enemy - friending people on Facebook that they don't know, posting drunk pics of themselves online that come back to bit them, not using privacy settings, etc. Most online privacy issues can be prevented by common sense. Particularly problematic for many people is seeing how they post personal information on social media, neglect to use privacy settings, and are surprised when their personal information is stolen weeks later. While you can be careful about what you post about yourself, you can't prevent other people from posting about you. Also problematic for people is how there are sites like <a href="http://www.dirtyphonebook.com" rel="nofollow">DirtyPhoneBook</a> where people post personal information about each that can't be removed. With Google making all of this information widely available, being vigilant about seeing what people can find out you is critical to maintaining your online reputation. Facebook can do a bit more to prevent people from accidentally messing up their own lives by encouraging more sensible defaults, but in the end people have to be smart about what they post about themselves online, and this doesn't solve all potential problems. A lot of the government abuses can't be stopped, but at least you can control your own behavior and minimize the damage that you can do to yourself.
-  - author: Jack
-    date: 2012-04-24T23:51:31+02:00
-    content: |
-      Good post, Dennis - thanks.
-  
-      SOPA of course is the Stop Online Piracy (not, Privacy) Act.
-    
-      Good Freudian slip though. :-)
-  - author: anonymous
-    date: 2012-04-25T11:27:26+02:00
-    content: |
-      Good post, thanks.
-  - author: Dennis Kügler
-    date: 2012-04-25T12:27:02+02:00
-    content: |
-      Lol, thanks for pointing that out! It was indeed totally Freudian.
-  - author: Dennis Kügler
-    date: 2012-04-25T12:33:18+02:00
-    content: |
-      Thanks for the comment Dina. What you say is very true. I think many people - especially young kids - have no idea about how damaging some of information they post to social networks can be. Everyone does and says stupid things when they're teenagers, but now it is documented and - in some cases - out there in the public domain for others to see. We did a little roundup of tips to protect privacy here - <a href="/blog/top-five-ways-to-protect-your-online-privacy/" rel="nofollow ugc">blog/top-five-ways-to-protect-your-online-privacy</a>
-  - author: "....."
-    date: 2012-04-25T12:33:18+02:00
-    content: |
-      Relying on the government to protect your privacy is like asking a peeping tom to install your window blinds. - John Perry Barlow
-  - author: Jason
-    date: 2012-04-25T15:13:53+02:00
-    content: |
-      Here's another one, this time in New Zealand: <a href="http://www.stuff.co.nz/national/politics/6625136/Search-and-Surveillance-Bill-passes" rel="nofollow ugc">http://www.stuff.co.nz/national/politics/6625136/Search-and-Surveillance-Bill-passes</a>
-  - author: Dennis Kügler
-    date: 2012-04-25T15:47:40+02:00
-    content: |
-      Thanks, I'll stick this into the post when I've got a minute. If anyone else has suggestions to add, post them here and we'll try to make this list more comprehensive.
-  - author: Chris Cody
-    date: 2012-04-25T19:38:02+02:00
-    content: |
-      Excellent post! Tbank you. I wonder if intellectual property rights are going to need to be enforced soley by the property owners from now on. Think of a digital 'Stand Your Ground' approach.
-  - author: Stu
-    date: 2012-04-26T03:29:01+02:00
-    content: |
-      I think the governments are playing a sort of over-reaction catch up game. But it is understandable when Mark Zuckerberg probably owns more valuable information about people in the world than most law enforcement agencies. While the governments may introduce some stupid bills to try and claw back some of the power, or support their powerful music-industry friends - why is no-one worried about the power that Facebook and Google have? At least democratic governments are elected and are supposed to represent/support the people. What is Facebook's motiviation? Money? Mark originally wanted to pick up girls on campus - is this the guy we want to own all the world's information? Now with open graph that's exactly what Facebook wants to do. At least Google have occasionally pretended to want to "do no evil" - but Facebook don't event pretend.
-  - author: an independent musician
-    date: 2012-04-26T04:32:20+02:00
-    content: |
-      Just a reminder that it's not only big media corporations who are concerned about copyrights - lots of musicians who paid a few thousand dollars to record their album ( not to mention years of practice) want to be paid for their music, too.
-  - author: Jon H
-    date: 2012-04-26T15:11:43+02:00
-    content: |
-      Very reasonable viewpoint - but how much of the money extracted by these copyright agencies actually gets back to the small artists, or any artist for that matter. I've heard that they keep all the money for their costs&#8230;
-  - author: Dennis Kügler
-    date: 2012-04-26T18:54:03+02:00
-    content: |
-      The current business model of the recording industry is broken. If the industry had any sense they would have come up with iTunes themselves rather than persecuting their own customers and allowing a software company like Apple to completely pull the rug from under their feet. Luckily the record industry was never that good for regular artists anyway (only the tiny minority that struck it big). Now that the internet has put the means of distribution into everyone's hands and PCs mean you can record an album in your bedroom, there isn't much use for the bloated record industry and all its middlemen sucking the artists dry. Sure, the new monetisation models are still finding their feet, because its very early days and the incumbents are still fighting tooth and claw to retain their position. But there are other ways. This techdirt report into how the music industry is actually making more money than ever is pretty interesting - <a href="http://www.techdirt.com/skyisrising/" rel="nofollow ugc">http://www.techdirt.com/skyisrising/</a>
-
-
----
-It may only be April, but 2012 has already seen a worrying number of legislative acts hit the headlines that threaten online privacy. From the entertainment industry-backed SOPA in the USA, to the UK's surveillance state-issued CCDP, 2012 has seen governments and industries across the western world try to put the brakes on the vibrant, free-thinking, online ecology that has grown over the last decade.
-
-Given our vested interest in securing online anonymity and privacy, the IVPN blog has followed all these threats closely. So we thought it was about time to pause and have a little recap of which pieces of online legislation still pose a threat to the web as we know it, and which have been successfully challenged by public opposition.
-
-# A Quick Guide To Online Privacy Legislation
-
-**SOPA**
-
-[The Stop Online Piracy Act][1] was introduced to the United States House of Representatives last October and will probably be remembered as the first major piece of legislation to embed the issue of online privacy firmly in the public consciousness. SOPA was a bill designed to protect the interest of incumbents in the entertainment industry, who have watched their monopolies crumble around them as the internet disrupted traditional business models (and would rather persecute customers than adapt to new technology). However, SOPA's broad and ill-thought-out drafting would have effectively given copyright holders the power to shut down major sites such as YouTube and Facebook if users posted copyrighted material.
-
-Luckily SOPA will also go down in history as the first attack on online privacy that was successfully defeated by a combination of grass roots activism, new online 'hactivist' protests and opposition from big industry players such as Google and Wikipedia. The bill is currently in a state of suspension, but the 'SOPA' name is now so tainted that it's unlikely to surface again.
-
-**PIPA**
-
-The Protect IP Act is SOPA's corresponding US Senate bill that aims to give copyright holders the power to shut down websites that it believes infringes on its copyrights. Although PIPA would have essentially [given copyright holders the same powers as SOPA][2], it's wording was not as extreme and it didn't directly attack legal services such as YouTube and Facebook. Many journalists and activists therefore believed that SOPA was something of a distraction or a ploy to divert attention away from PIPA. However, outrage over SOPA eventually spread to PIPA also, and in late January Senator Harry Reid said a vote on the bill is postponed – though possible, it doesn't look like PIPA will be making a return.
-
-**ACTA**
-
-The Anti-Counterfeiting Trade Agreement is a global trade agreement that, like SOPA, puts the interests of copyright holders before the interests of a free and open web. If ratified, it would result a huge invasion of privacy as ISPs would have to track user browsing. The act was passed in the USA back in 2009, but it only made headlines at the beginning of this year when EU countries began voting on it. ACTA was labelled as the EU version of SOPA and [sparked protests right across the continent][3]. ACTA was passed in a number of EU states but 6 states – including Germany and Poland – were forced by popular protest to suspend voting.  EU nations still have until March 2013 to ratify ACTA.
-
-However, Poland has categorically said it will not sign the act and Germany doesn't look likely to either. Furthermore the EU official who was overseeing ACTA, Kader Arif, resigned from his post, calling the bill "unacceptable", and attacked the secrecy behind its drafting. The man who replaced him – British MEP David Martin – has also said that ACTA poses [too much of a risk to online freedoms to ratify][4]. Hopefully, this opposition means ACTA won't pass in the EU.
-
-**DEA**
-
-The UK government's Digital Economies Act  - rushed through in the dying hours of the Labour government in 2010 - was yet another bill designed to prop-up the ailing businesses of copyright holders in the music and entertainment industries, by forcing internet service providers to spy on potential file sharers. If the users are caught file-sharing more than three times after being warned, then the ISPs will be forced to ban them from the internet. UK ISPs, understandably, didn't like the idea of becoming an internet police force, and therefore dragged the DEA through the UK courts for two years. Because of protests, two sections of the act, which required ISPs to block copyright-infringing websites, have been removed. But in March, [the ISPs battle against the DEA suffered a big defeat][5], when its court appeal to prevent the bill from entering into law was denied. Barring any further government reviews, the DEA looks set to enter British law.
-
-**CCDP**
-
-Unlike SOPA, ACTA and the DEA, the Communications Capabilities Development Programme was not the brain child of the entertainment industry, but a UK government initiative to create a mass surveillance scheme to benefit law enforcement. The CCDP basically removes an important layer of judicial oversight between your private emails and any law enforcement agent who wants to spy on them. If it were not for The Times newspaper leaking details about the bill, then we probably wouldn't even know about it. The CCDP would also mean ISPs have to retain all of your personal data and then hand them over to government without any court order – all it would take is idle suspicion. The CCDP has not yet been passed and since it was leaked there's been an outcry from the UK public and the press. What happens next depends on how much pressure protesters place on the UK government and whether or not the surveillance plans are technically feasible. For more information on [protesting against CCDP check out our guide][6].
-
-**CISPA**
-
-The Cyber Intelligence Sharing and Protection Act is the latest threat to emerge from the state lawmakers in the US. But after the failure of SOPA, the US government is re-branding its clamp-down on internet freedoms by invoking the spectre of Chinese cyber terrorism – far more scary than file-sharers. [CISPA][7] is slightly less worse than SOPA as it doesn't give law enforcement the powers to directly shut down websites, but it's a very vaguely-written piece of legislation that lumps cyber-terrorism together with theft of intellectual property (i.e. file-sharing). So the outcome – internet users being spied on for violating copyright – is essentially the same. The most dangerous aspect of CISPA is that big internet players such as Google and Facebook support the bill, as it takes the weight of policing copyrighted content off their shoulders and hands it to law enforcement agencies. CISPA has not yet been approved and the protest against it is well under-way. Whether or not the protests succeed, like they did against SOPA, is down to the amount of pressure put on politicians, [so get involved!][8]
-
- [1]: http://en.wikipedia.org/wiki/Stop_Online_Piracy_Act
- [2]: http://en.wikipedia.org/wiki/PROTECT_IP_Act
- [3]: /blog/europeans-rage-against-acta/
- [4]: http://en.wikipedia.org/wiki/Anti-Counterfeiting_Trade_Agreement
- [5]: /blog/uk-isps-forced-to-spy-on-customers/
- [6]: /blog/uk-online-spying-law-how-to-resist/
- [7]: /blog/cispa-more-of-a-threat-to-online-privacy-than-sopa/
- [8]: http://cyberspying.eff.org/
- 
\ No newline at end of file
diff --git a/src/content/es/blog/2012-04-27-cispa-danger-esclates-as-bill-receives-approval.md b/src/content/es/blog/2012-04-27-cispa-danger-esclates-as-bill-receives-approval.md
deleted file mode 100644
index 7f794d68f..000000000
--- a/src/content/es/blog/2012-04-27-cispa-danger-esclates-as-bill-receives-approval.md
+++ /dev/null
@@ -1,48 +0,0 @@
----
-title: CISPA danger escalates as bill receives approval
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-04-27T15:42:48+00:00
-url: /blog/cispa-danger-esclates-as-bill-receives-approval/
-heroImage: /images-static/uploads/cispa-bill.jpg
-thumbnailImage: /images-static/uploads/cispa-bill.jpg
-
----
-[The Cyber Intelligence Sharing and Protection Act][1] (CISPA) was yesterday approved by the US House of Representatives, in a vote that brings the US one step closer to eradicating the very principle of user anonymity and privacy in the online space.
-
-Having been rushed through a day earlier than expected, the House voted in favor of the bill with a bipartisan vote of 248 to 168. The bill will now go onto the Senate.
-
-Mike Rogers (Rep), the author of the bill, said any organisations that opposed CISPA (which includes the American Civil Liberties Union and Electronic Frontier Foundation) [were engaging in "obfuscation"][2]. Rogers called on fellow congressmen to "stand up for America. Support this bill". He added that CISPA was "the last bastion of things we need to do to protect this country."
-
-**Unhelpful amendments**
-
-If you need a recap, [CISPA essentially gives new powers to internet service providers][1], allowing them to bypass existing privacy laws and spy on the personal data (i.e. emails, web browsing history, Facebook activity, you name it) of their users and pass it on to government law enforcement agencies. The bill also allows ISPs and companies such as Facebook and Google, to share user information with each other about any potential, and ill-defined, 'cyber security threats' – while protecting them from any privacy lawsuits. It's essentially a bill that invokes the spectre of state-sponsored cyber-terrorism to crack down on free-speech and online civil liberties.
-
-Even worse, due to yesterday's last minute amendments, CISPA has now become even more of a threat to online freedoms. [According to TechDirt][3], the bill now encompasses three more uses – the protection of children, the protection of individuals and the prosecution of cyber-security crime.
-
-"Basically this means CISPA can no longer be called a cybersecurity bill at all," argues TechDirt. "The government would be able to search information it collects under CISPA for the purposes of investigating American citizens with complete immunity from all privacy protections as long as they can claim someone committed a "cybersecurity crime". Basically it says the 4th Amendment does not apply online, at all."
-
-**Presidential opposition**
-
-CISPA now allows the government to use CISPA for five specific purposes - cybersecurity; investigation and prosecution of cybersecurity crimes; protection of individuals from death or serious bodily harm; protection of minors from child pornography; and the protection of national security. But as the [Electronics Frontier Foundation points out][4], "cybersecurity" and "national security" are terms that are incredibly vague and could encompass everything from posting copyrighted content, to circumventing digital rights management security on a DVD.
-
-However, CISPA may not have a smooth ride ahead and there is still time to pressure US senators into opposing the bill. In fact, the opposition already has a pretty big player on their side – none other than President Obama himself. The Obama administration is wholly opposed to CISPA in its current form (though whether or not the Obama's own proposed bill to address cybersecruity issues is any better remains to be seen.). A statement issued on Wednesday went as far to say The President would veto CISPA as it stands.
-
-"Legislation should address core critical infrastructure vulnerabilities without sacrificing the fundamental values of privacy and civil liberties for our citizens," [read the White House statement][5]. "Especially at a time our Nation is facing challenges to our economic well-being and national security&#8230;if H.R. 3523 were presented to the President, his senior advisors would recommend that he veto the bill."
-
-**Still time to fight**
-
-Other politicians, from both the Republican and Democratic sides, also expressed their opposition to CISPA.
-
-"In an effort to foster information sharing, this bill would erode the privacy protections of every single American using the internet. It would create a 'wild west' of information sharing," said Republican Bennie Thompson of Mississippi. Republican Joe Barton added "until we protect the privacy rights of our citizens, the solution is worse than the problem."
-
-CISPA advocates may have won an important battle, but the war isn't quite over. There's still plenty of political opposition to make sure the bill stalls. However, given that online companies, such as Facebook, support CISPA, the US and global public need to continue to pile on the pressure and keep up the protests. More information on how to add your voice to the CISPA opposition can be [found over at the EFF][6].
-
- [1]: /blog/cispa-more-of-a-threat-to-online-privacy-than-sopa/
- [2]: http://www.guardian.co.uk/technology/2012/apr/24/cispa-cybersecurity-bill-opposed-obama
- [3]: http://www.techdirt.com/articles/20120426/14505718671/insanity-cispa-just-got-way-worse-then-passed-rushed-vote.shtml
- [4]: https://www.eff.org/deeplinks/2012/04/even-rogers-amendments-cispa-still-surveillance-bill
- [5]: http://www.whitehouse.gov/sites/default/files/omb/legislative/sap/112/saphr3523r_20120425.pdf
- [6]: https://www.eff.org/action
diff --git a/src/content/es/blog/2012-05-07-americas-most-dangerous-anti-online-privacy-politicians.md b/src/content/es/blog/2012-05-07-americas-most-dangerous-anti-online-privacy-politicians.md
deleted file mode 100644
index c96dbda11..000000000
--- a/src/content/es/blog/2012-05-07-americas-most-dangerous-anti-online-privacy-politicians.md
+++ /dev/null
@@ -1,83 +0,0 @@
----
-title: America's Most Dangerous 'Anti-Online Privacy' Politicians
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-05-07T15:32:24+00:00
-url: /blog/americas-most-dangerous-anti-online-privacy-politicians/
-heroImage: /images-static/uploads/Lamar-Smith-online-privacy-threat-politician.jpg
-thumbnailImage: /images-static/uploads/Lamar-Smith-online-privacy-threat-politician.jpg
-comments:
-  - author: Alejandra
-    date: 2016-11-16T10:08:22+01:00
-    content: |
-      They'll accomplish that, if they pays anyone to do something for them. Maybe you wonder where people find those online coupons.
-  
-      The new dome is known as a diminished marine riser package, usually know as an LMRP.
-  
-      <a href="http://Hypeur.com/10146" rel="nofollow ugc">http://Hypeur.com/10146</a>
-
----
-With politicians Mike Rogers and 'Dutch' Ruppersberger trying desperately to push the [CISPA][1] surveillance bill through the US Senate, facing opposition from thousands of concerned citizens and president Obama himself, we though it was about time to take a closer look at the men behind these half-cocked pieces of legislation. Because when it comes to controlling the web and screwing with online freedoms, it seems that the same old faces just keep on cropping up. So, who are the biggest political enemies of online privacy in the US? Read on to find out.
-
-## Lemar S. Smith - Republican,Texas
-
-******Assumed office: 1987**
-
-(Pictured above)
-
-When it comes to introducing laws that curtail internet freedoms, [Lemar S. Smith][2] has an impressive pedigree. Smith was the primary advocate behind the Stop Online Privacy Act (SOPA) that kicked off worldwide protests last year. In 2011 he also tried to introduce [Protecting Children from Internet Pornographers Act][3] (PCIP). Although PCIP sounds noble enough, it requires that ISPs retain your data such as IP, credit card details and bank account details for up to a year after you leave their service. PCIP is likely to be debated in the House of Representatives later this year.
-
-Oh but it doesn't stop there. Smith, along with so called 'internet-friendly' [Bob Goodlatte][4], also played a major role in passing the [Leahy-Smith American Invents Act][5], a major reform of America's patent laws that opponents argue puts more power in the hands of market incumbents and stifles innovation. In 2006 Smith also tried to [expand the Digital Millennium Copyright Act][6] (while everyone else was trying to reduce its power) in order to make it easier for federal police to engage in wiretapping over suspected breaches of copyrighted. Make no mistake, Lemar Smith is a threat to online privacy.
-
-## Howard Coble - Republican, North Carolina
-
-**Assumed office: 1985**
-
-![Howard Coble](/images-static/uploads/Howard-coble-400x287.jpg)
-
-[Howard Coble's][7] attack on online privacy goes back a long way and encompasses some of the earliest legislation that restricts what you can and can't do with your own computer. The 81-year old Coble was the man that introduced the much maligned [Digital Millennium Copyright Act][8] to the House of Representatives back in 1997. The DMCA has since been used to crack down heavily on file-sharers and shut down websites that are allegedly in-breach of copyright. The DMCA has been lambasted for restricting free expression and interfering with computer intrusion laws. Coble also played a role in passing the Bob Goodlatte's [NET Act][9] in 1997, which made it easier to prosecute individuals over copyright theft.
-
-## Orrin Hatch - Republican, Utah
-
-**Assumed office: 1977**
-
-![Orrin Hatch](/images-static/uploads/orrin-hatch-400x300.jpg)
-
-Orrin Hatch is a man who once said that copyright holders should be able to [come into your house and smash up your computer][10]. The 78-year old Republican tried to introduce the [INDUCE Act][11] to the US Senate , which was so clumsy in its attack on copyright infringement that it would have likely led to prosecuting people making home VCR recordings, or recording off the radio. Hatch also, along with Patrick Leahy, tried to introduce the much-criticised [Combating Online Infringement and Counterfeits Act][12], which would have required ISPs and domain registrars to block access to web sites suspected of copyright infringement. Luckily COICA faced heavy opposition and disappeared.
-
-## Patrick Leahy - Democrat, Vermont
-
-**Assumed office: 1975**
-
-![Pat Leahy](/images-static/uploads/pat-leahy-400x276.jpg)
-
-Although [Patrick Leahy][13] is a progressive and has been recognised as an advocate of open government and online freedoms, the fact is his track record is pretty bad. Along with Orrin Hatch, the 72-year old Leahy introduced the INDUCE Act, the [Pirate Act][14] and COICA – three bills that would have had negative effect on online freedoms. Leahy was also the man who introduced [PIPA][15], the brother of SOPA, to the US Senate.
-
-## Mike Rogers - Republican, Michigan
-
-**Assumed office: 2011**
-
-![Mike Rogers](/images-static/uploads/mike-rogers-400x305.jpg)
-
-[Mike Rogers][16], along with Democrat Dutch Ruppersberger, is main architect behind the latest threat to online privacy winding its way through congress - the Cyber Intelligence Sharing and Protection Act (CISPA). We've written [enough about CISPA's ills][17], so we won't go over it again. Unlike the other politicians on this list, Rogers is a relative newcomer (assumed office in 2001), so keep an eye on him. He may be a rising star amongst the interest groups looking to curtail online privacy and exert more control over the web.
-
- [1]: /blog/cispa-more-of-a-threat-to-online-privacy-than-sopa/
- [2]: http://en.wikipedia.org/wiki/Lamar_S._Smith
- [3]: http://en.wikipedia.org/wiki/Protecting_Children_from_Internet_Pornographers_Act_of_2011
- [4]: http://en.wikipedia.org/wiki/Bob_Goodlatte
- [5]: http://en.wikipedia.org/wiki/Leahy-Smith_America_Invents_Act
- [6]: http://news.cnet.com/2100-1028_3-6064016.html?part=rss&tag=6064016&subj=news
- [7]: http://en.wikipedia.org/wiki/Howard_Coble
- [8]: http://en.wikipedia.org/wiki/Digital_Millennium_Copyright_Act
- [9]: http://en.wikipedia.org/wiki/NET_Act
- [10]: http://www.computerweekly.com/news/2240051341/US-senator-backs-away-from-smash-PC-remarks
- [11]: http://en.wikipedia.org/wiki/INDUCE_Act
- [12]: http://en.wikipedia.org/wiki/Combating_Online_Infringement_and_Counterfeits_Act
- [13]: http://en.wikipedia.org/wiki/Patrick_Leahy
- [14]: http://en.wikipedia.org/wiki/Pirate_Act
- [15]: http://en.wikipedia.org/wiki/PROTECT_IP_Act
- [16]: http://en.wikipedia.org/wiki/Mike_Rogers_%28Michigan_politician%29
- [17]: /blog/cispa-danger-esclates-as-bill-receives-approval/
-
diff --git a/src/content/es/blog/2012-05-16-when-it-comes-to-online-privacy-the-uk-is-already-screwed.md b/src/content/es/blog/2012-05-16-when-it-comes-to-online-privacy-the-uk-is-already-screwed.md
deleted file mode 100644
index 94614d70a..000000000
--- a/src/content/es/blog/2012-05-16-when-it-comes-to-online-privacy-the-uk-is-already-screwed.md
+++ /dev/null
@@ -1,58 +0,0 @@
----
-title: When it comes to online privacy, the UK is already screwed
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-05-16T15:14:44+00:00
-url: /blog/when-it-comes-to-online-privacy-the-uk-is-already-screwed/
-heroImage: /images-static/uploads/uk-flag.jpg
-thumbnailImage: /images-static/uploads/uk-flag.jpg
-comments:
-  - author: Winston Smith
-    date: 2012-05-16T22:18:15+02:00
-    content: |
-      Except that under the "Protection of Freedoms Bill (HC Bill 146)" which received royal assent at the beginning of this month, the Regulation of Investigatory Powers Act 2000 was amended to include this clause:
-
-      "The authorisation or notice is not to take effect until such time (if any) as the relevant judicial authority has made an order approving the grant or renewal of the authorisation or (as the case may be) the giving or renewal of the notice."
-
-      <a href="http://www.publications.parliament.uk/pa/bills/cbill/2010-2011/0146/cbill_2010-20110146_en_5.htm#pt2-ch2-l1g37" rel="nofollow ugc">http://www.publications.parliament.uk/pa/bills/cbill/2010-2011/0146/cbill_2010-20110146_en_5.htm#pt2-ch2-l1g37</a>
-  - author: Grunt
-    date: 2012-05-18T22:44:46+02:00
-    content: |
-      V for Vendetta!
-  - author: Anon
-    date: 2012-05-19T16:25:32+02:00
-    content: |
-      In Time It Might Just Come To That&#8230;
-
----
-Last week's formal announcement of the UK government's CCDP surveillance plans, may be the last nail in the coffin when comes to the online privacy of UK citizens, but it certainly isn't the first. The UK has for some time led the way in Europe when it comes to a complete disregard for the privacy of internet users across the country.
-
-If you haven't heard about the CCDP and what a frightening, needless and downright criminal piece of legislation it is, then you can check out [our blog right here][1], from when The Sunday Times broke the story in March. It's worth noting that, despite the formal announcement, the UK coalition government has continued to remain tight-lipped on the details and refused to answer any real questions on the matter. So there's still time to protest and pile on the pressure (more information on how to do that is in the linked article), especially since the coalition is lurching from one political disaster to another.
-
-**Data retention**
-
-But while we have the CCDP to look forward to, why don't we remind ourselves of the online snooping and spying that already goes on in the UK.
-
-The UK government is a fully signed-up member of the [EU Data Retention Directive][2]. This means that all UK ISPs must track and record what websites you are visiting, when you visit them, when you send emails, who you send them to, your login times and a whole host of other related data. UK ISPs must then store this information for a minimum of 1 year until after you cancel your account.
-
-Sure, this directive comes from the EU and other countries have also signed-up. But not all of them. [Germany refuses to implement the law][3], because it considers it unconstitutional. Sweden and Romania have also refused to implement the law. And before you curse the EU for mandating such a horrible directive, the UK already had its [own data retention law][4] in place – part of the Terrorism Act - which was pretty much the same deal.
-
-**Lack of oversight**
-
-What makes the UK's approach to data retention particularly frightening is the ease at which your personal data can be accessed. Most of the EU countries require some sort of judicial oversight before authorities get to snoop on what you've been up to online. Not much oversight appears to be required in the UK.
-
-There are over 200 agencies and 474 local authorities in the UK [who are allowed to access stored communications data][5] from your ISP, in secret. There were over 500,000 requests for communication data, under the controversial RIPA act, in 2009 alone. These requests aren't all aimed at catching out terrorists or criminal masterminds. In 2008 it emerged that a couple in Dorset were [spied on 21 times by their local education authority][6], under RIPA. to find out if they live in a school catchment area (though it's not clear if internet data was accessed in this particular case).
-
-**Orwell, anyone?**
-
-So, not content with the 2-4 million CCTV cameras spread across Britain ([no one seems to know the exact figure][7]), the UK government evidently seems hell-bent on monitoring what you do in the privacy of your own home. Sure things are bad now, but the CCDP will make this situation even worse. So if you care about privacy in the UK, now is the time to [get involved][1] and make your voice heard.
-
- [1]: /blog/uk-online-spying-law-how-to-resist/
- [2]: http://en.wikipedia.org/wiki/Telecommunications_data_retention#European_Union
- [3]: http://www.pcworld.com/businesscenter/article/254614/germany_misses_eu_data_retention_deadline_could_face_court_action.html
- [4]: http://en.wikipedia.org/wiki/Anti-terrorism,_Crime_and_Security_Act_2001#Part_11_.28Retention_of_communications_data.29
- [5]: https://www.privacyinternational.org/reports/united-kingdom/ii-surveillance-policies
- [6]: http://news.bbc.co.uk/2/hi/uk_news/england/dorset/7343445.stm
- [7]: http://www.wired.co.uk/magazine/archive/2010/05/start/investigation-a-sharp-focus-on-cctv?page=all
diff --git a/src/content/es/blog/2012-05-26-nations-or-corporations-who-poses-the-biggest-threat-to-online-privacy.md b/src/content/es/blog/2012-05-26-nations-or-corporations-who-poses-the-biggest-threat-to-online-privacy.md
deleted file mode 100644
index 72b8f9c00..000000000
--- a/src/content/es/blog/2012-05-26-nations-or-corporations-who-poses-the-biggest-threat-to-online-privacy.md
+++ /dev/null
@@ -1,49 +0,0 @@
----
-title: Nations or corporations – Who poses the biggest threat to online privacy?
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-05-26T13:05:29+00:00
-url: /blog/nations-or-corporations-who-poses-the-biggest-threat-to-online-privacy/
-heroImage: /images-static/uploads/fbi-logo.jpg
-thumbnailImage: /images-static/uploads/fbi-logo.jpg
-comments:
-  - author: H Munster 
-    date: 2016-01-04T01:18:30+01:00
-    content: |
-      Corporations pose a much greater threat to privacy. They are actively tracking everyone they can. Frequently, losing sensitive data to hackers or through plain carelessness. The problem is, there is not downside for corporations for losing your information. There is not punishment.
-  
-      In the past year, my data was stolen from target and now by chase. Both resulted in large fraudulent charges on my credit cards.
-  - author: Bula
-    date: 2017-01-22T04:53:34+01:00
-    content: |
-      Well when everything is used against you and they target you then you know kiss your ass goodbye. I was in government informant working undercover with pizza Hut. I retired in 2003. I no longer could work I had a heart attack. And just got out of Surgery. I was in coma in Makiki for about five months. I was setup by people that I thought were my friends. I had tens years to live. I was diagnosed as paranoid schizophrenic and ptsd and was diagnosed at Tripler Army hospital. I could no longer do mine sweeping. I came across old floating red mine in Kailua a long time ago..
-  
-      My mother and other people had set me up. I was diagnosed with terminal bone marrow cancer. I was never a sex offender. I never raped children or wanted to be gay. They put me ina brainwash program.. I was retired agent.. I was suppose to go back home and stay in the witness protection. I have never raped a child or a women in my life. I was diagnosed with terminal bone marrow cancer. I did not donate my organs. I wanted to get married and move to Austrilia with my wife and kids. And I was suppose to have ten years to live. I was in the Witness protection.. I have never raped a child or anyone in my life&#8230; I was fucked over by everyone&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;MKULTRA is an illegal program. Donna M Pennino and friends fuck you.. Fuck the CIA and NSA FBI Straub and Ronald Landrio that stoled my witness protection paperwork and stoled my money and apartment.. I was diagnosed with Multischerosis and paranoid schizophrenic and not gay or bisexual WHY&#8230;&#8230;&#8230;&#8230;&#8230;..I never raped anyone Matthew Kennedy Howard
-
----
-This week has reminded us of the twin threats online privacy currently faces from both the public and private arenas, with news of a new FBI surveillance unit designed to crack emerging technologies, and the revelation that Apple may be storing every word you say to the iPhone 4S voice assistant Siri.
-
-So where do we start? How about on Wednesday, when ex Google boss Eric Schimdt [took to the stage at the London Science Museum][1] to warn that governments posed the biggest threat to online privacy and indeed the very future of the internet. It didn't take long for Schmidt's warning ring true, with news emerging on the same day that the FBI has been busy staffing the Domestic Communications Assistance Center, a new unit designed to create technologies that will help the FBI monitor "emerging technologies" such as VoIP.
-
-**Backdoor access**
-
-According to CNET, [which broke the story][2], the DCAC has been flying very much under the radar in order to avoid creating too much of a footprint. There's no website, no public debate and hardly any political debate over the new agency, despite having already been allocated $54 million by the Senate. Nevertheless, CNET pieced together information from interviews, internal government documents and job postings to conclude the DCAC has a mandate covering everything from intercepting Skype conversations, to analysing data from social networks like Facebook and Twitter.
-
-The revelations came just weeks after it emerged that the FBI is trying to [set-up backdoor access points][3] to a wide range of social sites and communications services, including VoIP providers like Skype, social networks and email providers. The FBI wants amendments to the [CLEA law][4] that allows them to implement these surveillance backdoors and is pressuring internet companies not to oppose them.
-
-**Siri is listening..**
-
-But while American citizens fret over government surveillance plans, it was revealed that one of the country's most famous corporations is worried about privacy threats from Apple. Reports emerged on Thursday that [IBM bans employees][5] from using the iPhone 4S' voice activated Siri feature, which subsequently shone a spotlight on Apple's less than transparent privacy policy around the service.
-
-IBM's decision to ban Siri is because Apple records and stores its users' data. This can potentially include any requests made to Siri (such as find me the nearest sexual health clinic), and even personal messages and emails that have been voice-dictated. [As ACLU's blog pointed out back in March][6], Apple's privacy policy doesn't make clear who has access to this data and where it's stored. But it does say that Apple reserves the right to share the data with "Apple's partners who are providing related services to Apple." This has obviously got IBM spooked over what access Apple might have to sensitive company secrets. And if it's got IBM spooked, then it should probably get you spooked too!
-
-Eric Schmidt was right this week to point out the threat that governments pose to online privacy, but he should probably admit that private companies such as Apple, and of course Google, are not that far behind.
-
- [1]: http://www.guardian.co.uk/technology/2012/may/23/google-fund-teachers-computer-science-uk
- [2]: http://news.cnet.com/8301-1009_3-57439734-83/fbi-quietly-forms-secretive-net-surveillance-unit/
- [3]: http://news.cnet.com/8301-1009_3-57428067-83/fbi-we-need-wiretap-ready-web-sites-now/?tag=mncol;txt
- [4]: http://en.wikipedia.org/wiki/Communications_Assistance_for_Law_Enforcement_Act
- [5]: http://arstechnica.com/apple/2012/05/ibms-siri-ban-highlights-companies-privacy-trade-secret-challenges/
- [6]: https://www.aclunc.org/issues/technology/blog/note_to_self_siri_not_just_working_for_me,_working_full-time_for_apple,_too.shtml
diff --git a/src/content/es/blog/2012-06-08-when-law-enforcement-knocks-on-a-vpns-door-what-happens.md b/src/content/es/blog/2012-06-08-when-law-enforcement-knocks-on-a-vpns-door-what-happens.md
deleted file mode 100644
index 5373a6a6c..000000000
--- a/src/content/es/blog/2012-06-08-when-law-enforcement-knocks-on-a-vpns-door-what-happens.md
+++ /dev/null
@@ -1,57 +0,0 @@
----
-title: When law enforcement knocks on a VPN's door, what happens?
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-06-08T12:49:27+00:00
-url: /blog/when-law-enforcement-knocks-on-a-vpns-door-what-happens/
-heroImage: /images-static/uploads/home-server-map.png
-thumbnailImage: /images-static/uploads/home-server-map.png
-comments:
-  - author: john weston
-    date: 2013-11-18T07:54:43+01:00
-    content: |
-      What has happened to Focus VPN? We are not able to view or contact the company, since last weekend.
-  - author: Asus Router Support
-    date: 2018-04-01T01:25:03+02:00
-    content: |
-      Sometimes we need to protect yourself then we need to hide our identity like same when we need to hide our digital identity so we can hide our digital identity on the internet by using the VPN.
-  - author: KJ Peterson
-    date: 2019-07-13T09:17:25+02:00
-    content: |
-      But what if that person has committed a crime, and using a VPN to help cover up their activities. VPN services should be required to retain user information which can be given to any court in the event that a VPN is being used to help cover up a users illicit activities.
-  - author: Mildred D. Amaral
-    date: 2019-07-22T00:51:48+02:00
-    content: |
-      VPN always secure our connection through encryption module security and protection you don't want to someone watching you or spying your log or data. Fastest VPN Help the people's and they will feel free to surf in the internet.
-
----
-Virtual Private Networks (VPNs) are fast becoming one of the last refuges for internet users who want to ensure their web browsing is kept private. This year barely a week has gone by without [unpopular, anti-online privacy, legislation][1], pushed by powerful entertainment industry lobbies, making headlines. Either that or leaks on government plans for [increased surveillance of citizens][2], defended by sexed-up threats from pedophiles and terrorists. If current trends continue, it's looking more and more likely that VPN usage will break out from its current niche and start to capture the attention of more mainstream spheres.
-
-However, the security of your privacy and personal data rests solely on the privacy policy of your VPN – and not all VPN privacy policies are created equally. In fact, many VPNs leave your personal data exposed to governments, law enforcement and copyright lawyers in exactly the same way as your ISP does.
-
-**Data retention**
-
-This was brought into sharp focus around a year ago when a member of hacking group Lulzsec was handed over to the authorities. Lulzsec member 'Recursion' [used UK-based VPN HideMyAss][3] to hack News Corp and Sony, among others. What Recursion didn't know was that HideMyAss keeps logs of IP addresses and timestamps. All it took was a UK court order to compel HideMyAss to hand over the data and Recursion (real name Cody Kretsinger) was delivered to the FBI.
-
-Obviously no VPN wants criminal activity to take place on its service. But what's the point of using a VPN if they retain enough of your personal data to facilitate your identification in the real world? What's the difference between a copyright holder forcing an ISP to identify you based on unsubstantiated allegations of copyright theft, and that same court order being applied to a VPN? Yet that's exactly the kind of threat many big name VPNs expose their customers to. Last year TorrentFreak [posted a great round-up of VPNs][4] who retain customer data and those who don't. If a VPN retains your data then it has no option other than to comply with court orders to hand it over.
-
-**When the authorities come knocking**
-
-Here at IVPN we have a vested interest in highlighting this issue and obviously we wouldn't be writing about it if we weren't confident in our own privacy policy. So what happens if the authorities come knocking at our door looking to identify an individual? Well typically law enforcement would serve us a subpoena, demanding that we trace the identity of an individual connected to our network based on a timestamp and the IP address of one of our servers.
-
-All VPNs have the ability to track users and log their data. We don't keep any connection logs, this reduces our liability and ensures your absolute privacy. Make sure you are very clear on your VPN providers logging policy as many do log which can be a major risk for you, even if for short periods.
-
-What about stuff like billing and customer registration details? We don't require your name or physical address, just an email address– nothing else. If you pay with PayPal then we have to store your PayPal subscription ID but there's no way of linking any of your connection related data to your payment details because it doesn't exist. So in effect, your privacy is ensured and there's no way that anyone can find out what you do online. At the very most you can only be identified as a customer through your email address or PayPal subscription ID.
-
-If you're thinking of signing-up to a VPN make sure that you read its privacy policy and terms of conditions very closely. Because you may not be buying the level of protection and anonymity you think you are.
-
-**For more information, take a look at our [own privacy policy][5]. To learn more about how VPNs work, [read our FAQs][6].**
-
- [1]: /blog/americas-most-dangerous-anti-online-privacy-politicians/
- [2]: /blog/cispa-danger-esclates-as-bill-receives-approval/
- [3]: http://www.techweekeurope.co.uk/news/hidemyass-anonymity-service-exposes-alleged-lulzsec-hackers-40663
- [4]: http://torrentfreak.com/which-vpn-providers-really-take-anonymity-seriously-111007/
- [5]: /privacy/
- [6]: /knowledgebase/1/General-FAQ
diff --git a/src/content/es/blog/2012-06-19-the-uks-political-parties-dont-care-about-online-privacy.md b/src/content/es/blog/2012-06-19-the-uks-political-parties-dont-care-about-online-privacy.md
deleted file mode 100644
index 05a6bd27e..000000000
--- a/src/content/es/blog/2012-06-19-the-uks-political-parties-dont-care-about-online-privacy.md
+++ /dev/null
@@ -1,39 +0,0 @@
----
-title: The UK's political parties don't care about online privacy
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-06-19T16:21:53+00:00
-url: /blog/the-uks-political-parties-dont-care-about-online-privacy/
-heroImage: /images-static/uploads/uk-flag.jpg
-thumbnailImage: /images-static/uploads/uk-flag.jpg
-
----
-The propaganda machine around the UK coalition government's new online surveillance bill, designed to help law enforcement agencies [spy on UK citizens without judicial oversight][1], is in full flow. The last two weeks have seen advocates from the Conservative party take to the airwaves, putting their views across TV and radio shows in attempt to convince the British public that the bill will help keep children safe from peadophiles and the general public safe from terrorists.
-
-If you're unfamiliar with what's been dubbed the 'snoopers charter' (or the Communications Capabilities Development Program, more formally) you can read our previous [CCDP coverage here][1]. The fact the bill erodes online privacy is indisputable. What's more interesting (and depressing), is the distinct lack of opposition from the UK's main political parties.
-
-**Flip flops all round**
-
-The Liberal Democrats, given their libertarian leanings in the past, should be the ones leading the charge against the CCDP. But now they're part of the coalition, their hands are tied. Cast your minds back to pre-2010. Throughout the Labour government's 13-year reign the Liberal Democracts opposed nearly every proposal by the government to increase police powers to monitor online behaviour. Here's what the Liberal Democrat leader Nick Clegg said in 2008 about Labour's aborted Interception Modernisation Programme – the precursor to the CCDP:
-
-<span style="font-size: small;">"It is this government that has turned the British public into the most spied upon the planet," <a href="http://news.bbc.co.uk/2/hi/uk_news/politics/7230487.stm">said Clegg during Prime Ministers questions</a>. "1,000 surveillance requests every day, one million innocent people on the DNA database and 5,000 schools now fingerprinting our children. You are creating a surveillance state."</span>
-
-<span style="font-size: small;">Is Clegg and his Lib Dems colleagues defending the privacy of UK citizens now that he is in power? Of course not. Apart from a token gesture to seek amendments to bill, ensuring "safeguards are in place", Clegg has been virtually silent, as has nearly every key Lib Dem politician. In an attempt to avoid avoid rocking the coalition boat, the Lib Dems are once again betraying those who voted for them. </span>
-
-**<span style="font-size: small;">Silent Labour</span>**
-
-<span style="font-size: small;">That the Liberal Democrats have flipped flopped on yet another issue shouldn't come as a surprise. Nor should it be surprising that the country's main opposition party, The Labour Party, has also remained silent. Afterall they proposed <a href="http://wiki.openrightsgroup.org/wiki/Communications_Capabilities_Development_Programme#IMP_under_Labour_2006-2010">pretty much the same bill</a> when they were power, and wanted to take it even further with a national database. But Labour's inaction is still disappointing. The party's leader Ed Miliband has tried to break with some of the more unpopular Labour policies of the past, such as the Iraq war, and even <a href="http://www.bigbrotherwatch.org.uk/home/2010/09/ed-milibands-labour-party-conference-speech.html#.T-CjrxTft0x">declared during a party conference</a> that: </span>_"I won't let the Tories or the Liberals take ownership of the British tradition of liberty. I want our party to reclaim that tradition."_ <span style="font-size: small;">Go on then Ed – here's your chance.</span>
-
-<span style="font-size: small;">No, rather the biggest surprise is that the Conservatives are the ones proposing the CCDP. The same Conservatives that opposed Labour's Information Modernisation Programme on the grounds of civil liberties, and the same David Cameron who <a href="http://www.independent.co.uk/news/uk/home-news/police-and-mi5-get-power-to-watch-you-on-the-web-7606788.html">in June 2009, when he wasn't Prime Minister, said</a>: "Today we are in danger of living in a control state. Every month over 1,000 surveillance operations are carried out. The tentacles of the state can even rifle through your bins for juicy information." </span>
-
-**<span style="font-size: small;">What do they know that we don't?</span>**
-
-<span style="font-size: small;">I'm not a supporter of conspiracy theories, but it does make you wonder exactly what's caused parties like the Conservatives and Liberal Democrats to pivot so dramatically on this issue once they've entered the corridors of power. Does David Cameron now have convincing data from the police that's caused him to change his mind so enthusiastically? And if so, can we have a look at it too?</span>
-
-<span style="font-size: small;">There is one politician who still has the balls to stand-up for what he believes in. Conservative David Davis was tireless in his opposition to the erosion of civil liberties during Labour's reign and - all credit to him - <a href="http://www.bbc.co.uk/news/uk-politics-18434112">he's continued to voice his opinion</a> despite his own party's u-turn on the issue. </span>
-
-<span style="font-size: small;">If the CCDP is implemented it will be to the detriment of British democracy. No one voted for this bill. New online surveillance legislation was not either of the coalition parties' election manifestos - in fact, they both preached against such measures. Plus the system that's needed to carry out the government's surveillance <a href="http://www.dailymail.co.uk/news/article-2124251/GCHQ-Big-Brother-plans-let-state-spy-websites-emails-texts-cost-YOU-2bn.html">will cost in excess for £2bn</a> (so much for austerity!). David Davis is the one mainstream politician who has presented the case against the CCDP. But while this personal stand is admirable, the problem still remains that the UK public has been hoodwinked by the Conservative party, disregarded by Labour and abandoned by the Lib Dems. <br /></span>
-
- [1]: /blog/uk-online-spying-law-how-to-resist/
\ No newline at end of file
diff --git a/src/content/es/blog/2012-06-27-governments-and-online-privacy-who-are-the-worst-offenders.md b/src/content/es/blog/2012-06-27-governments-and-online-privacy-who-are-the-worst-offenders.md
deleted file mode 100644
index 65c816c3d..000000000
--- a/src/content/es/blog/2012-06-27-governments-and-online-privacy-who-are-the-worst-offenders.md
+++ /dev/null
@@ -1,55 +0,0 @@
----
-title: 'Governments and online privacy: Who are the worst offenders?'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-06-27T12:49:39+00:00
-url: /blog/governments-and-online-privacy-who-are-the-worst-offenders/
-heroImage: /images-static/uploads/flag-world-euro-countries.gif
-thumbnailImage: /images-static/uploads/flag-world-euro-countries.gif
-
----
-In this article we take a quick look at the track records of western democratic governments when it comes to online privacy and data retention, rounding up the three best cases and the three worst cases. Obviously this isn't a comprehensive list and you may (re: probably will!) disagree with our entries - so why not let us know what you think in the comments below?
-
-## __The good (relatively)__
-
-**Germany**
-
-Germany has generally been good at resisting EU legislation that impacts on its citizens privacy and the Germans have shown themselves to be quite active in protesting anti-privacy legislation. Germany is still [refusing to implement the EU's Data Retention Directive][1] over privacy concerns and may suffer disciplinary action because of it. Germany played a big role [in defeating ACTA][2], after widespread protests throughout the country. The German government also famously forced Google to allow its citizens to [opt-out of Google Street View][3] – although this eventually resulting in Google opting out of expanding the service in the country.
-
-**USA**
-
-It's no secret that the US government has been the source of many pieces of controversial legislation that would negatively impact online privacy if implemented (think SOPA, PIPA and [CISPA][4]). However, as it stands, you may be surprised to hear the US is better than many other western countries when it comes to online privacy. There is no state mandated data retention laws in the US, like there is in Europe. Rather ISPs are free to set their own data retention policies. And while SOPA and PIPA were frightening, they were ultimately defeated after popular protest saw political opposition [grow across both Democrat and Republican parties][5]. However, whether or not the status quo in the US will survive for much longer is another matter entirely.
-
-**Canada**
-
-Like the US, Canada does not require ISPs to retain data on its users. The Canadian government does require ISPs to track individual users and retain data, but only if a court order has been issued ([there are reports][6] suggesting law enforcement often circumvents this requirement). Canadians can also take heart over what happened to the 'Protecting Children From Internet Predators Act'. PCIPA began life as a pretty nasty piece of legislation, zealous in its protection of copyright, which would have had dire consequences for online privacy. But popular protest actually forced the Canadian government to take a scalpel to the act and carve out [a much more reasonable and even handed law][7]. It's still not perfect, but it's a good example of governments and activists reaching a compromise.
-
-## __The bad__
-
-**United Kingdom**
-
-The UK government wasted no time signing-up to the EU's Data Retention Directive and currently requires all ISPs to retain the personal data of their customers for at least one year after you cancel your subscription. Your data must be handed over to police if they have a court order. There are [over 200 agencies in the UK][8] that are authorised to access your personal data and in 2009 there were over 1,700 requests for court orders to intercept communications data. The UK government recently announced its plans to introduce a new bill dubbed the [Communications Capabilities Development Programme][9] (CCDP), which intends to give UK law enforcement enhanced powers to monitor your web browsing without the need for judicial oversight. Given the lack of political opposition to the CCDP, it seems likely that the bill will pass.
-
-**France**
-
-As with the UK and other EU countries France requires all ISPs to retain your data for at least one year until after you cancel your subscription. But while EU countries such Germany and Romania have fought the Data Retention Act, the French government has actually taken it one step further with the ['Legal Regime for E-Commerce Trust' directive][10]. This directive requires that all internet access and hosting providers – i.e. any internet-based service, such as e-commerce companies and social networks – must retain financial transaction details, data logs, usernames, passwords, pseudonyms, email addresses and phone numbers of users. France requires these companies to then share this information with government agencies at their request. High profile web companies such as Facebook, eBay and Google are currently trying to petition the French government to repeal the law.
-
-**Sweden**
-
-The Swedish government initially resisted implementing the EU's Data Retention Directive due to privacy concerns. However, in March 2012 it caved to the pressure, opting for the lesser retention period of 6 months. Beyond that Sweden has come under fire from privacy campaigners due to the [FRA aw it passed in 2008][11]. This legislation, brought in under terrorism concerns, requires around 20 surveillance hubs to be installed around the country, monitoring all traffic that comes in and out of Sweden. In 2010 the project ran into technical difficulties, as well as pressure from activist groups, but its unclear whether it's still being carried out (I've not been able to uncover any info post 2010, so if anyone reading knows more let us know in the comments). Following Sweden's IPRED legislation, which requires ISPs to [reveal the personal info of file sharers][12], a number of news outlets have reported a [spike in Swedish VPN usage][13].
-
- [1]: http://europa.eu/rapid/pressReleasesAction.do?reference=IP/11/1248&type=HTML
- [2]: http://www.bbc.co.uk/news/technology-16980451
- [3]: http://www.bbc.co.uk/news/technology-11673117
- [4]: /blog/cispa-danger-esclates-as-bill-receives-approval/
- [5]: http://www.cbsnews.com/8301-503544_162-57361156-503544/sopa-pipa-protests-spur-congress-to-rethink-bills/
- [6]: http://live.theglobeandmail.com/Event/Online_privacy_what_can_police_know_about_you
- [7]: http://www.techdirt.com/articles/20120620/16450119408/postgame-canadas-copyright-reform.shtml
- [8]: /blog/when-it-comes-to-online-privacy-the-uk-is-already-screwed/
- [9]: /blog/uk-online-spying-law-how-to-resist/
- [10]: http://www.informationweek.com/news/security/privacy/229401245
- [11]: http://www.stockholmnews.com/more.aspx?NID=1756
- [12]: https://www.privacyinternational.org/reports/sweden/ii-surveillance-policies
- [13]: http://www.thelocal.se/40572/20120501/
\ No newline at end of file
diff --git a/src/content/es/blog/2012-07-02-status-update-current-threats-to-online-privacy.md b/src/content/es/blog/2012-07-02-status-update-current-threats-to-online-privacy.md
deleted file mode 100644
index 9440dc0bd..000000000
--- a/src/content/es/blog/2012-07-02-status-update-current-threats-to-online-privacy.md
+++ /dev/null
@@ -1,50 +0,0 @@
----
-title: 'Status Update: Current Threats To Online Privacy'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-07-02T20:32:32+00:00
-url: /blog/status-update-current-threats-to-online-privacy/
-heroImage: /images-static/uploads/cispa-bill.jpg
-thumbnailImage: /images-static/uploads/cispa-bill.jpg
-
----
-Back in April we rounded up six major pieces of legislation that [posed a threat to online privacy][1] and online freedoms in the western world. In the last few months since that post there have been a few developments, with some bills winding their way further through state legal systems, and others wilting in the face of popular protest. So we thought it might be handy to give you a quick update on the current status of these bills and whether or not they still pose a threat.
-
-**CISPA**
-
-When we last covered CISPA it was poised for a debate and vote in the House of Representatives. What happened next took many by surprise, with the voting brought forward by a day and then voted in favor of passage by 248 to 168. This was 'complemented' by a series of amendments that allows the US government [to do whatever it likes with the data collected under CISPA][2] as long as they can claim a 'cyber-security' crime had been committed. However, despite the enthusiastically positive vote, the bill has once again hit the rocks. The White House has since stepped in and threatened to veto CISPA. The bill is [again facing down political deadlock][3], with Republicans concerned that it invites too much state regulation and Democrats beginning to listen to privacy campaigners. It's not clear when CISPA will reach the Senate. But then it's also not clear what Obama's alternative to CISPA will be.
-
-**ACTA**
-
-Europe's Anti Counterfeit Trade Agreement was already looking shaky back in April, after popular protest in countries such as Germany and Poland, as well as discontent within the EU regulatory framework itself, forced governments to review the bill. Now it looks like ACTA has been permanently put to rest. The EU's committees on legal affairs, industry and international development and civil liberties all recommended rejecting the bill. Then just last week, the [final nail was drilled into ACTA's coffin][4], with a fifth parliamentary committee – the international trade committee – recommending rejection. The defeat of ACTA is a major coup in the fight against unreasonable copyright laws and proof that popular protest and activism in this area can work.
-
-**SOPA/PIPA**
-
- Back in April we reported that SOPA/PIPA were pretty much dead in the water, and there's been virtually no progress on these two bills since then.
-
-**CCDP**
-
-The UK government's Communications Capabilities Development Programme has been in the headlines quite a bit over the last two months. The bill was formally announced in the Queen's speech and since then we've seen a media blitz, with the coalition government trying in earnest to convince the UK population of the bill's necessity. As we discussed last week, there's virtually [no mainstream political opposition to the CCDP][5], and while activist groups have been mobilising, there's sadly been very little protest in the UK. There are still issues over the CCDP's compatibility with EU law and its technical feasibility, so its enactment is not 100% certain, but with the lack of opposition from the Labour party and the lack of popular protest, the outlook doesn't look good.
-
-**Digital Economies Act**
-
-Back in April UK broadband ISPs had lost their final appeal against the UK's Digital Economies Acts, which requires them to track copyright violators and implement a three strikes warning system. Now the DEA is moving toward implementation, with regulator Ofcom announcing last month that the laws will come into effect in 2014. However, [as ZDnet points out][6], that date roughly coincides with the next general election, so there could be some more developments in this story (though given that it was the Labour government that originally introduced the bill, we have our doubts).
-
-**C-11**
-
-Canada's C-11 law started off almost as bad as SOPA and PIPA, taking draconian measures to protect copyright. But popular protest actually forced the Canadian government to make significant amendments to the act and in June they carved out [a much more reasonable and even handed law][7]. It's still not perfect, but it's a good example of governments and activists reaching a compromise.
-
-**Protecting Children from Internet Predators Act**
-
-We neglected to cover Canada's Protecting Children from Internet Predators Act in our original round-up. PCIPA poses a huge threat to online freedoms and received a cynical name change from the 'Lawful Access Act' in order to hoodwink Canadians into supporting it. Due to opposition from activists, the bill was referred back to the House Standing committee on Justice and Human Rights for possible amendments and looked like it was stuck in a rut. But as [Michael Geist points out][8], $2.1 million has since been earmarked to advance lawful access legislation, indicating that the PCIPA is still a threat.
-
- [1]: /blog/a-quick-guide-to-current-online-privacy-threats/
- [2]: http://www.techdirt.com/articles/20120426/14505718671/insanity-cispa-just-got-way-worse-then-passed-rushed-vote.shtml
- [3]: http://www.nationaljournal.com/tech/back-to-the-drawing-board-for-cyber-bill-20120529
- [4]: http://www.techdirt.com/articles/20120621/03442219413/fifth-eu-committee-recommends-rejection-acta-european-parliament.shtml
- [5]: /blog/the-uks-political-parties-dont-care-about-online-privacy/
- [6]: http://www.zdnet.com/digital-economy-act-what-will-granny-think-4010026508/
- [7]: http://www.techdirt.com/articles/20120620/16450119408/postgame-canadas-copyright-reform.shtml
- [8]: http://www.michaelgeist.ca/content/view/6471/196/
diff --git a/src/content/es/blog/2012-07-12-acta-and-sopa-back-from-the-dead.md b/src/content/es/blog/2012-07-12-acta-and-sopa-back-from-the-dead.md
deleted file mode 100644
index 2d3dac4a7..000000000
--- a/src/content/es/blog/2012-07-12-acta-and-sopa-back-from-the-dead.md
+++ /dev/null
@@ -1,37 +0,0 @@
----
-title: 'ACTA and SOPA: Back from the dead'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-07-12T13:00:54+00:00
-url: /blog/acta-and-sopa-back-from-the-dead/
-heroImage: /images-static/uploads/blanc.jpg
-thumbnailImage: /images-static/uploads/blanc.jpg
-
----
-Last week [we revisited our round-up of threats to online privacy][1] and scoured the internet for updates on their current status. Well, we probably should have waited for this week to undertake such an endeavour, because two of the internet's biggest bogeymen (or is it bogeybills?) ACTA and SOPA, have staged something of a comeback – despite looking dead in the water just a few days ago.
-
-**SOPA reborn**
-
-Lets start off with SOPA. Cast your minds back to late 2011 when the SOPA protests were at their zenith and the name Lamar Smith might ring a bell. He's [one of the key US congressman behind SOPA][2] and he's currently trying to drum up support for his new bill, the 'Intellectual Property Attache Act', which - 'surprise, surprise' – looks similar to SOPA.
-
-More accurately, with the IPAA it looks like Lamar Smith is trying to push through SOPA but in separate pieces. [According to TechDirt][3] the bill focuses mainly on one element of SOPA – the expansion of 'IP attaches'. These are essentially diplomats whose aim is to push pro-copyright legislation in foreign governments. The presumed aim being that if foreign governments and trade bodies implement SOPA-like legislation then it makes it much easier for the US government to simply "fall in line" with global standards. Lamar Smith's new bill takes the initiative even further, as it calls for the creation of an assistant secretary of Commerce for Intellectual Property.
-
-The IPAA has not yet been introduced, but it looks like Lamar Smith is once again trying to push through a bill that is entirely geared toward the interests of the copyright industry without even consulting public opinion in the US. You would have thought he'd learned his lesson from SOPAs failure and realised the public does not want copyright protection at the cost of their online freedoms. Instead he's ignored all that and is trying to create a framework that will better allow bills like SOPA to get passed into law. Full marks for being an evil genius!
-
-**ACTA – down but not out**
-
-But over in Europe things are looking just as bad. Everyone celebrated a couple of weeks ago when it appeared that the [final nail had been hammered into ACTA's coffin][4]. Five EU committees had rejected the bill and the EU Parliament voted overwhelmingly against it. But now the unelected EU Commission is trying to put ACTA back on the agenda. [Michael Geist writes][5] that the EU Commission – which negotiates trade deals on behalf of the EU – is trying to get the European Court of Justice to rule that ACTA is compatible with European freedoms and rights. If this appeal is won, then ACTA could be reconsidered.
-
-Geist also argues that the EU plans to use Canada's EU Trade agreement to push through ACTA-esque measures. As we mentioned above regarding SOPA, the EU can put pressure on its parliament to comply with ACTA-style regulations if a trade partner, like Canada, requests it. Geist says that parts of the trade agreement, which were leaked online, are copied word-for-word from ACTA.
-
-**Is anyone listening?**
-
-So, instead of taking their defeats with dignity, and instead of respecting the wishes of the people, technocrats, politicians and the copyright lobby will simply try every trick in the book to get their way. It certainly paints a depressing picture, where activists must maintain constant vigilance to keep such complex machinations in the public eye. Will they succeed? Who knows but  expect more of this to come.
-
- [1]: /blog/status-update-current-threats-to-online-privacy/
- [2]: /blog/americas-most-dangerous-anti-online-privacy-politicians/
- [3]: http://www.techdirt.com/articles/20120709/12574819634/lamar-smith-looking-to-sneak-through-sopa-bits-pieces-starting-with-expanding-hollywoods-global-police-force.shtml
- [4]: http://www.techdirt.com/articles/20120621/03442219413/fifth-eu-committee-recommends-rejection-acta-european-parliament.shtml
- [5]: http://www.michaelgeist.ca/content/view/6580/135/
\ No newline at end of file
diff --git a/src/content/es/blog/2012-07-18-top-five-worst-online-privacy-breaches.md b/src/content/es/blog/2012-07-18-top-five-worst-online-privacy-breaches.md
deleted file mode 100644
index 71357a454..000000000
--- a/src/content/es/blog/2012-07-18-top-five-worst-online-privacy-breaches.md
+++ /dev/null
@@ -1,44 +0,0 @@
----
-title: Top five worst online privacy breaches
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-07-18T13:04:44+00:00
-url: /blog/top-five-worst-online-privacy-breaches/
-heroImage: /images-static/uploads/PSNetwork.png
-thumbnailImage: /images-static/uploads/PSNetwork.png
-
----
-If there's one thing the world wide web has taught us it's to expect a degree of incompetence when it comes to companies protecting your online privacy. Over the last decade or so there's been numerous serious online data breaches from major corporations - whether it's companies such as AOL displaying a bewildering lack of regard for their customers private search data, or Google outright spying on people within their own homes.
-
-We've rounded-up five of the worst online privacy breaches below. So sit back and prepare to get outraged!
-
-**Sony PSN hack**
-
-The [attack on Sony's PlayStation Network gaming platform][1] in April 2011 is widely regarded as one of the biggest and most costly data breaches ever recorded. Approximately 77 million accounts were compromised, with unencrypted data such as passwords and addresses accessed by the hackers. Sony estimated around 12 million account holders had credit card details stored on their system but, after much confusion, it turned out these details were encrypted. So far there's been no concrete evidence of credit fraud stemming from the attack. Nevertheless this breach of online privacy was hugely costly to Sony ($170 million according to the company), taking the PSN offline for weeks and drawing criticism from governments around the world.
-
-**iPhone user tracking**
-
-In April 2011 two researchers discovered a file in Apple's iOS operating system that appeared to reveal all the locations their iPhones had visited in the last 12 months. The revelation caused an uproar, with European governments and the US government demanding explanations. Eventually Steve Jobs offered a personal apology and [categorically denied that Apple were tracking iPhone users][2]. According to Apple, the file was used to help speed up GPS functions and wasn't supposed to store information for such a long period. To its credit, Apple fixed the issue pretty quickly, earning some respect amongst privacy advocates. Since then Apple has been notably cautious in its approach to privacy-related issues such as mobile ad tracking. Nevertheless, the incident just shows how easy it is for companies to track smartphone users – especially if they don't have a respected brand to protect.
-
-**Google Street View data theft**
-
-This is one online privacy scandal that's still very much in play and could blow-up in Google's face pretty badly. Back in October 2010 Google admitted that its Street View cars, which traveled across the globe taking pictures for the Street View service, collected passwords, emails and web logs from private Wi-Fi connections. Google told the FCC that the data capture was unintentional and no "real harm" had been done. So the FCC decided nothing illegal had happened.
-
-However, fast forward to June 2012 and it's emerged that the data collection was not unintentional. In fact, the code that stole the private information was written to do just that by a Google engineer. Plus this engineer told his superiors and his colleagues exactly what the code did. Google [now faces a renewed investigation into the matter][3] in the UK. Did it knowingly steal private data? Did it then try to cover the whole thing up? Google has some serious questions to answer.
-
-**AOL search data posting**
-
-In 2006 [AOL released more than 20 million search terms][4] connected to 650,000 of its subscribers. Although subscriber names were thankfully replaced by numerical codes, the search details revealed enough private information such as banking data, health related data and other information to make individuals identifiable. In fact, The New York Times managed to locate individuals by cross-referencing data with phone book entries. The scary thing is the leak wasn't accidental. AOL released the data for research purposes and just failed to grasp the privacy implications.
-
-**Fortuny Craigslist Experiment**
-
-Ok this one is a little different from the above, as it doesn't highlight the abuse of customer privacy by corporations, but rather (if you ask us) the stupidity of individuals on the internet when it comes to their own privacy. In September 2006 a graphic designer called [Jason Fortuny posted a fake ad on Craigslist][5], posing as a woman looking for kinky sex. The explicit ad generated even more explicit email responses from hundreds of men. Fortuny then published all these responses along with emailed pictures of the men on the [Encyclopedia Dramatica][6]. The story was picked up by major news outlets such as The New York Times and CNN, and before long many of the respondents were identified. Fortuny claims at least two people he knows of were fired from their jobs. In 2009 a lawsuit filed by one of the respondents saw Fortuny pay damages of more than $74k.
-
- [1]: http://en.wikipedia.org/wiki/PSN_breach
- [2]: http://www.nytimes.com/2011/04/28/technology/28apple.html?_r=2
- [3]: http://www.cbsnews.com/8301-205_162-57452138/u.k-to-reopen-probe-of-google-street-view-data-collection/
- [4]: http://en.wikipedia.org/wiki/AOL_search_data_leak
- [5]: http://en.wikipedia.org/wiki/Jason_Fortuny#cite_note-1
- [6]: http://www.encyclopediadramatica.se
diff --git a/src/content/es/blog/2012-07-25-protecting-your-online-privacy-on-a-smartphone.md b/src/content/es/blog/2012-07-25-protecting-your-online-privacy-on-a-smartphone.md
deleted file mode 100644
index 9bbda1370..000000000
--- a/src/content/es/blog/2012-07-25-protecting-your-online-privacy-on-a-smartphone.md
+++ /dev/null
@@ -1,45 +0,0 @@
----
-title: Protecting your online privacy on a smartphone
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-07-25T10:22:35+00:00
-url: /blog/protecting-your-online-privacy-on-a-smartphone/
-heroImage: /images-static/uploads/smartphone-virus.jpeg
-thumbnailImage: /images-static/uploads/smartphone-virus.jpeg
-
----
-Smartphones present a whole new arena of privacy concerns to anyone looking to protect their anonymity online. If you're a very privacy conscious individual then you've probably already opted to avoid using an internet-enabled phone all together. But, for the rest of us, there are a few simple things you can do to help protect your personal data and strike the right balance between privacy and functionality.
-
-**Web browsing**
-
-If you browsing the internet on your phone over your home Wi-Fi connection then you're subject to almost all the same online privacy issues as you would be on a desktop PC, such as ISP data retention policies and IP tracking. Luckily there's  a number of VPN services that can protect your IP address while browsing on your smartphone, [including IVPN][1].
-
-**App permissions**
-
-If you're an Android user then you'll already know about app permissions, which you're asked to approve every time you download an app on Google Play. App permissions are a tricky area, because even those that look alarming often have benign applications in reality. The main permissions you need to be careful about are 'Full internet access', 'Services that cost you money', 'Modify/delete SD card contents', 'Your Personal information', 'You location' and 'Retrieve running applications'.
-
-Again, plenty of completely legit apps require these permissions. But you need to use your common sense. For instance, a file manager app like Astro will need to 'Retrieve running applications', but if a collection of wallpapers, or a videogame, wants to access that information then its probably up to something fishy.
-
-**Downloading apps outside official store**
-
-One of the appeals of Android is the ability to download apps outside of Google Play. However, millions of people use the opportunity to download pirated versions of apps and games. This is [a common way that trojan viruses get onto smartphones][2], so exercise caution. TechnoBuffalo [also has some pretty good tips][3] on stopping Android viruses.
-
-**EXIF data**
-
-Many smartphones will attach [EXIF data tags][4] to images taken with the phone's camera. EXIF data includes info on all sorts of different things, but it has attracted controversy for including geo-specific data. This data can be gleaned from either the GPS, Wi-Fi connection or even triangulation (via mobile phone masts) – it really depends on your phone. Turning off your GPS and Wi-Fi is one option, but this won't stop data collected from triangulation. You can view EXIF data from your pictures by simply right clicking on a photo in Windows and checking the properties. You can also remove EXIF data either by deleting it within Windows or using a tool such as QuickFix.
-
-**Wi-Fi and Bluetooth**
-
-Although it's pretty unlikely to happen, leaving your Bluetooth and Wi-Fi on while out in public, or on public connections, does leave yourself open to malicious attacks. So make sure you turn off Bluetooth and Wi-Fi connections when not using them – this will significantly save on your battery life too!
-
-**Address book sharing**
-
-A number of social apps such as Facebook, Foursquare, Path and Instagram [came under heavy fire earlier in the year][5] for uploading user address books to their servers, ostensibly to help you add contacts to your network. The issue got so heated that two members of the US congress wrote to Apple to complain. Most apps, including Facebook and Path, now ask your permission before they access your contacts and Apple has pledged to stop this practice occurring without a user's permission. But who knows what other information is being shared and what the situation is on less-regulated platforms such as Android. If you're really concerned about privacy it's best to avoid using social networking apps altogether.
-
- [1]: /
- [2]: http://www.androidpit.com/angry-birds-space-virus
- [3]: http://www.technobuffalo.com/companies/google/android/why-android-viruses-are-growing-and-how-to-stop-them/
- [4]: http://en.wikipedia.org/wiki/Exchangeable_image_file_format
- [5]: http://venturebeat.com/2012/02/14/iphone-address-book/
diff --git a/src/content/es/blog/2012-08-02-australia-prepares-for-new-online-privacy-fight.md b/src/content/es/blog/2012-08-02-australia-prepares-for-new-online-privacy-fight.md
deleted file mode 100644
index 568e9b002..000000000
--- a/src/content/es/blog/2012-08-02-australia-prepares-for-new-online-privacy-fight.md
+++ /dev/null
@@ -1,45 +0,0 @@
----
-title: Australia prepares for new online privacy fight
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-08-02T14:59:18+00:00
-url: /blog/australia-prepares-for-new-online-privacy-fight/
-heroImage: /images-static/uploads/AustFlag3.jpg
-thumbnailImage: /images-static/uploads/AustFlag3.jpg
-
----
-The Australian government is proposing a new set of sweeping online surveillance powers as a part of a National Security Inquiry. If implemented, the new powers would see Australian ssuffer some of the most extreme online surveillance policies yet implemented in western democracies.
-
-In a [60-page discussion paper,][1] Attorney General Nicola Roxon suggests a range of new powers that Australian law enforcement agencies want to get their hands on. As the [Electronic Frontier Foundation][2] points out, these proposals are pretty much a wish list. But, if approved, The Sydney Herald says the new laws would be the "most significant expansion of the Australian intelligence community powers&#8230; since reforms following the terrorists attacks of 2001".
-
-**Data retention**
-
-So what are the proposals? First and foremost Roxon wants to make it mandatory for Australian ISPs to retain customer data for two years. That means information, such as who you've emailed and web history logs, will be stored for two years after cancellation of your service. Data retention has been a hot topic for many countries in Europe due to the [EU Data Retention Directive][3], which requires ISPs to store data from between 6 and 12 months. A number of EU countries, such as Germany, have still not implemented the law because of privacy fears.
-
-Roxon also wants "urgent reform" to allow security agencies in Australia to intercept new communication platforms, such as social networks and VoIP providers like Skype. The Attorney General also wants to criminalise any Australian who fails to assist law enforcement with decrypting information. So if you don't give-up your passwords you could be thrown in jail. As many commentators have pointed out, such laws concerning decryption rely on the police knowing whether or not information has been encrypted in the first place, [which could prove problematic][4].
-
-**Guilty by association**
-
-Perhaps the most alarming proposal is that Australians are not required to be under suspicion of a crime to be spied on. The proposals say that law enforcement can tamper with any computer it wants, and spy on any citizen, in order to access a computer that may have been involved in illegal activity. So if you happened to have received an email from, or been Facebook friends with, someone under suspicion, then you're fair game.
-
-"These proposals are one of the biggest threats to the privacy of all Australians for many years," said Nigel Waters, of the [Australian Privacy Foundation][5] and [Privacy International][6]. "Governments seem to have an insatiable appetite for more and more information about us all that is none of their business, and when history shows that they can't make effective use of the intelligence they already collect."
-
-**Worrying trend**
-
-Of course, as we said, these are just proposals that government is currently considering. But they fit very nicely with the [current trend of internet surveillance bills][7] being proposed an implemented in western democracies. Roxon's suggestions mirror what's happening in the [UK with the Communications Data Bill][8], which drastically increases law enforcements ability to spy on citizens. Canada too has to contend with the C-30 surveillance bill, which although diluted from its original state, has been passed into law. The US is also trying to force through the [Communications Assistance for Law Enforcement Act][9] that makes it mandatory for social networks and VoIP services to make their platforms more friendly to wire-tapping.
-
-So, it looks like Australian privacy advocates and concerned citizens have a fight on their hands. The country's Green political party has already condemned the proposals and, in a compelling demonstration of why data retention is a bad idea, hacktavist group Anonymous [stole 40GB of customer data from Australian ISP AAPT][10]. If you want to get involved in fighting these proposals a good place to start is the [Protect Us But Respect Us campaign][11] on GetUp.
-
- [1]: http://t.co/hDzMxr4h
- [2]: https://www.eff.org/deeplinks/2012/07/australian-government-moves-expand-surveillance-powers
- [3]: http://en.wikipedia.org/wiki/Data_Retention_Directive
- [4]: http://falkvinge.net/2012/07/12/in-the-uk-you-will-go-to-jail-not-just-for-encryption-but-for-astronomical-noise-too/
- [5]: http://www.privacy.org.au/
- [6]: https://www.privacyinternational.org/people/nigel-waters
- [7]: /blog/status-update-current-threats-to-online-privacy/
- [8]: /blog/the-uks-political-parties-dont-care-about-online-privacy/
- [9]: http://www.slate.com/blogs/future_tense/2012/05/08/communications_assistance_law_enforcement_act_fbi_hopes_to_wiretap_online_communications_.html
- [10]: http://www.techdirt.com/articles/20120729/06470519868/hacktivism-anonymous-breaches-australian-isp-to-protests-data-retention.shtml
- [11]: http://www.getup.org.au/campaigns/privacy/protect-us-but-respect-us/your-privacy-at-risk
\ No newline at end of file
diff --git a/src/content/es/blog/2012-08-08-germany-the-biggest-defender-of-online-privacy.md b/src/content/es/blog/2012-08-08-germany-the-biggest-defender-of-online-privacy.md
deleted file mode 100644
index f0dcc9bba..000000000
--- a/src/content/es/blog/2012-08-08-germany-the-biggest-defender-of-online-privacy.md
+++ /dev/null
@@ -1,49 +0,0 @@
----
-title: 'Germany: A defender of online privacy?'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-08-08T15:44:28+00:00
-url: /blog/germany-the-biggest-defender-of-online-privacy/
-heroImage: /images-static/uploads/delarge.gif
-thumbnailImage: /images-static/uploads/delarge.gif
-comments:
-  - author: Caitlin Roberts
-    date: 2012-08-15T02:03:31+02:00
-    content: |
-      Maybe they are not the biggest defender of online privacy, some Caribbean islands have even better privacy policies, or not policies/regulations at all which leaves a void that stops lawsuits, but I would not mind if ivpn adds a German server when there are enough customers to justify adding more locations, Germany has reliable and reasonable priced data centres.
-  - author: Dennis Kügler
-    date: 2012-08-16T16:10:55+02:00
-    content: |
-      Thanks for the suggestion Caitlin, we'll look into it :)
-
----
-When it comes to defending online privacy not all governments, and indeed not all populations, are born equal. Nowhere is this most apparent than when looking at Germany and other European Union countries. Despite Germany's role at the very heart of the EU, and despite the EU continually trying erode online freedoms, Germany's government and legal system has taken a defiant stand on a number of online privacy issues, while the German people have been vociferous in their opposition to online privacy violation. So is Germany the most online privacy-conscious country in the western world? We've rounded-up five examples of why they might be considered so.
-
-**Data retention block**
-
-Germany has steadfastly refused to implement the European Union's Data Retention Directive. The directive requires all ISPs to store customer data – including information such email logs and what websites you've visited – for between 6-12 months after you cancel your subscription. The vast majority of the EU countries have already implemented the law. However, the German Constitutional Court deemed the directive unconstitutional. The European Commission is now [taking the German government to court][1] and is threatening to impose fines. Romania and the Czech Republic have also refused to implement the laws.
-
-**Vodafone lawsuit**
-
-Despite Germany refusing to implement the above Data Retention Direction, it's been recently alleged that the German arm of UK telco Vodafone has been retaining customer data. Rather than take this lying down, German Vodafone customers [are now suing the ISP][2]. Lawyer Meinhard Starostik has already sent a cease and desist letter on behalf of his client, and says other ISPs may face similar lawsuits. The action was taken after the Working Group on Data Retention issued a call to action, seeking users who want to complain about the practice. For its part, Vodafone say that its data storage practices are not illegal, because they're needed for billing purposes.
-
-**Facebook lawsuit**
-
-Back in March a [German regional court ruled][3] that Facebook's use of user content and its Friend Finder feature violate privacy laws. German consumer rights groups brought the case to court back in 2010, arguing that users should retain ownership of their personal data. Under current rules, Facebook has the right to use personal data for purposes other than those intended by the user. The group also said Facebook needs to make it clear that using Friend Finder means you'll import your entire address book from another service. The judge ruled in favor of the consumer rights group on all counts, requesting Facebook change its terms and conditions and comply with German data protection rules. Facebook has a month to comply with the ruling.
-
-**Google Streetview**
-
-When Google Streetview announced its intention to document Germany's streets there was something of an outcry from privacy conscious citizens. The furore led to the German government forcing Google into negotiations, which resulted in 244,240 German home owners being given the right to [have their property removed from Streetview.][4] Some citizens also tried to pre-emptively sue Google to stop the search giant photographing their houses, but the lawsuits were unsuccessful.
-
-**ACTA**
-
-Germans were not the only EU citizens to protest ACTA, but they were some of most vocal. Germany also wasn't the first government to oppose the act. Both Latvia and Poland refused to sign ACTA before Germany. But it wasn't until the [German government put its foot down][5] that European Commission took serious notice. Given that it's the largest EU economy, Germany's decision was effectively a veto and left ACTA in tatters. Although that's not to say the legislation [won't make a comeback.][6]
-
- [1]: http://arstechnica.com/tech-policy/2012/05/germany-in-trouble-with-ec-over-lack-of-isp-telecom-data-retention/
- [2]: http://www.pcworld.com/businesscenter/article/259764/vodafone_germany_sued_for_storing_customers_mobile_traffic_data.html
- [3]: http://www.pcworld.com/businesscenter/article/251430/facebook_loses_german_privacy_lawsuit_over_friend_finder_personal_data.html
- [4]: http://news.cnet.com/8301-13506_3-20020282-17.html
- [5]: http://www.forbes.com/sites/erikkain/2012/02/10/germany-wont-sign-acta-at-least-not-yet/
- [6]: /blog/acta-and-sopa-back-from-the-dead/
diff --git a/src/content/es/blog/2012-08-17-google-can-never-be-trusted-to-protect-your-privacy.md b/src/content/es/blog/2012-08-17-google-can-never-be-trusted-to-protect-your-privacy.md
deleted file mode 100644
index 45ac2f083..000000000
--- a/src/content/es/blog/2012-08-17-google-can-never-be-trusted-to-protect-your-privacy.md
+++ /dev/null
@@ -1,47 +0,0 @@
----
-title: Google can never be trusted to protect your privacy
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-08-17T12:26:29+00:00
-url: /blog/google-can-never-be-trusted-to-protect-your-privacy/
-heroImage: /images-static/uploads/Google-privacy.jpg
-thumbnailImage: /images-static/uploads/Google-privacy.jpg
-
----
-Last week saw Google slapped with a $22.5 million fine by the US Federal Trade Commission, in order to settle allegations that the search giant broke its privacy policy, by secretly tracking the browsing habits of millions of people who use Apple's Safari browser.
-
-The fine represents the [biggest penalty every imposed by the FTC][1], but is a drop in the ocean when you consider that Google's profits for Q2 2012 alone were $12.21 billion. Furthermore, the punishment was not actually due to Google's data tracking - Google still admits no wrongdoing - but rather because Google "misrepresented" (re: lied) about what was occurring.
-
-"The Commission has allowed Google to buy its way out of trouble for an amount that probably is less than the company spends on lunches for its employees and with no admission it did anything wrong," said John Simpson, privacy project director for the nonprofit Consumer Watchdog.
-
-It all begs the question. Is Google capable of protecting user privacy? Or will the company's business model continually push it toward privacy violations?
-
-**Compulsive liar**
-
-Last week's FTC ruling, wasn't the first time Google's been wrist-slapped around privacy violations. In March 2011 Google was found [guilty of deceiving users and violating its own privacy policy][2] when it launched Buzz in 2010. Buzz – a geo-location social network similar to Foursquare – harvested personal information from Gmail users without permission and exposed private data.
-
-The FTC's ruling on Buzz, resulted in a settlement that forced Google to submit to independent privacy audits for the next 20-years. It also stipulated that Google cannot make privacy misrepresentations. But Google's inability to adhere to this last point is precisely what caused the FTC to impose its record fine last week, which hardly inspires confidence.
-
-But the biggest privacy scandal concerning Google concerns Google Streetview. In 2010 [German regulators forced Google to reveal][3] its Streetview cars were collecting personal data from private Wi-Fi connections, as they roamed across the country. The data included personal emails, passwords and images. Google said the data collection was unintentional and not intended for any Google products.
-
-However, it turns out – surprise surprise – [that Google lied][4]. In fact, an engineer at Google designed the software included in the Streetview cars to specifically to collect data. This engineer even shared his plans and documents with the rest of the Streetview team. The FCC therefore concluded that Google "intended to collect, store and review" the data. The FCC also concluded that this data was probably intended to be used in other Google products.
-
-Did you get that? Google deployed cars around the country to spy on private Wi-Fi connections and collect your personal emails, messages and images, with the probable intention of profiting from such information.
-
-**Nature of the beast**
-
-All the FCC did in the above case was impose a laughable $25,000 fine on Google for obstructing the investigation. Apparently Google's data collection was not breaking any specific laws. However, the case [has been reopened in the UK][5] because – guess what – yep, Google lied to UK regulators too.
-
-So what can we conclude about all this? Well, I'd say Google has proven itself to be a company willing to lie and steal in order to get its way. Now, that may not be too surprising, many companies do the same. But unlike other companies, Google has a vested interest in eroding our online privacy.
-
-When Eric Schmidt says [only people who have something to hide are concerned about online privacy][6], he is doing it for purely commercial reasons – not because of any real belief. Like Facebook, [Google trades in personal data][7], and as long as it wants to remain competitive and profitable, it will always try to milk its user base for as much information as possible. That's the company's business model. And that's why Google keeps on proving that it can never be trusted to protect your privacy.
-
- [1]: http://abcnews.go.com/Technology/wireStory/google-agrees-record-225m-fine-privacy-16968011#.UCz_ixTft0w
- [2]: http://www.pcworld.com/article/242476/ftc_approves_google_buzz_settlement.html
- [3]: http://www.nytimes.com/2012/05/23/technology/google-privacy-inquiries-get-little-cooperation.html?pagewanted=all
- [4]: http://www.dailymail.co.uk/news/article-2158307/Google-facing-new-privacy-probe-Street-View-cars-data-theft-alleged-misled-watchdog.html
- [5]: http://www.cbsnews.com/8301-205_162-57452138/u.k-to-reopen-probe-of-google-street-view-data-collection/
- [6]: http://blogs.computerworld.com/15234/google_ceo_if_you_want_privacy_do_you_have_something_to_hide
- [7]: http://venturebeat.com/2012/01/29/google-advertising/
diff --git a/src/content/es/blog/2012-08-24-android-is-a-trojan-horse-just-follow-the-money.md b/src/content/es/blog/2012-08-24-android-is-a-trojan-horse-just-follow-the-money.md
deleted file mode 100644
index a5e249c36..000000000
--- a/src/content/es/blog/2012-08-24-android-is-a-trojan-horse-just-follow-the-money.md
+++ /dev/null
@@ -1,55 +0,0 @@
----
-title: Android is a trojan horse, just follow the money
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-08-24T13:03:54+00:00
-url: /blog/android-is-a-trojan-horse-just-follow-the-money/
-heroImage: /images-static/uploads/android.jpg
-thumbnailImage: /images-static/uploads/android.jpg
-comments:
-  - author: JP
-    date: 2012-09-05T14:45:13+02:00
-    content: |
-      Everyone sells their customers details. Its apart of data-mining. Silly man
-  - author: Dennis Kügler
-    date: 2012-09-05T15:08:33+02:00
-    content: |
-      If you think Google is like every other company when it comes to personal data, advertising and data mining then I'm afraid you're the "silly man".
-  - author: al
-    date: 2012-09-24T05:28:56+02:00
-    content: |
-      the problem is, google is everywhere. if you try to avoid their search engine they still have google analytics and google adsense on millions of websites, tracking and coordinating on you.
-
----
-Google's Android mobile operating system is currently the most popular smartphone platform in the world. In the space of just three years, the OS rocketed from [9% of the global smartphone market share][1] to, [currently, 56%][2] ahead of Apple, Symbian, BlackBerry OS and Windows Phone. Android's growth has been nothing short of astounding, taking virtually everyone in the mobile industry – even Google - by surprise. There's now over [900,000 Android devices activations][3] per day.
-
-So what does this have to do with online privacy? Well, in case you didn't know already, Android is different from the other major mobile platforms. Unlike iOS or Windows Phone, Android is given away to any phone manufacturer for free. This has been the main driver behind the OS' success, allowing phone manufacturers to keep their overheads down and target the growing budget-end of the smartphone market. However, it also raises some questions, the main one being 'how is Android making money for it's owner – Google'?
-
-**Follow the money**
-
-Now you may think that owning the world's most popular smartphone operating system automatically means big bucks. But that's not necessarily the case. As shocking as it may seem, there's [no clear evidence that Android is making much money for Google][4]. In fact, the reluctance on Google's part to talk about Android's success in terms of revenue - rather than its insistence on device activations – suggests that the OS is not monetising very well.
-
-Furthermore - and not many people are aware of this - but Google [actually pays carriers and manufacturers to use Android][5]. How does it pay them? Via sharing search advertising revenue. The more search traffic sent via an Android device, the more money the manufacturer of that device, and the carrier whose network it runs over, pockets.
-
-**What's the strategy?**
-
-This raises questions about what Google's strategy is with regard to Android. For Apple's iOS, the strategy is clear. Apple controls its entire eco-system, from hardware to software, and it uses this to maximise its profits. This approach has turned Apple into the most valuable company in the world and it enjoys [huge margins on its products][6]. iOS may have a smaller market share, but it dwarfs Android in terms of how much money it makes.
-
-Google, on the other hand, is playing an entirely different game. It's intentions appears to involve getting Android into as many hands as possible. Now, you could look at this as a purely defensive strategy, designed to block competitors at all costs. Or you could see it as logical extension to Google's current business model, which is advertising-based, and works by leveraging the personal data and traffic generated by millions of users.
-
-**You're the product**
-
-As [I ranted about last week][7], Google is in the business of selling personal data to advertisers, and has a track record of lying to governments and breaking the law in order to collect data. Mobile advertising is seen as the holy grail for many ad companies, giving them visibility on where you travel and the ability to reach you wherever you are. It only makes sense for Google – the world's biggest advertiser – to aggressively colonise this space. Android has to be understood in this context.
-
-Remember there's no such thing as a free meal.  Google has a vested interest in mining your data for all it's worth and [Android is already coming under fire for violating data protection treaties][8].  If Google cannot monetise Android in a traditional sense – and there's not much evidence that it can - then it will monetise through marketing, analytics and advertising. When it comes to your mobile online privacy, that strategy is a race to the bottom.
-
- [1]: http://en.wikipedia.org/wiki/Android_%28operating_system%29
- [2]: http://www.technobuffalo.com/companies/google/android/android-has-56-1-of-global-os-market-share-gartner-says/
- [3]: http://www.guardian.co.uk/technology/blog/2012/jun/12/andy-rubin-google-android-activations
- [4]: http://www.asymco.com/2012/05/13/android-economics-an-introduction/
- [5]: http://gigaom.com/2010/03/25/419-androids-secret-sauce-googles-little-known-advertising-rev-share-deals/
- [6]: http://www.macworld.com/article/1166533/apple_nearly_doubles_its_profits_in_ipad_driven_quarter.html
- [7]: /blog/google-can-never-be-trusted-to-protect-your-privacy/
- [8]: http://www.telegraph.co.uk/technology/google/9117810/Google-sneaking-away-citizens-privacy-says-EU-commissioner.html
diff --git a/src/content/es/blog/2012-08-29-trans-pacific-partnership-sopa-through-the-back-door.md b/src/content/es/blog/2012-08-29-trans-pacific-partnership-sopa-through-the-back-door.md
deleted file mode 100644
index a33ee9d58..000000000
--- a/src/content/es/blog/2012-08-29-trans-pacific-partnership-sopa-through-the-back-door.md
+++ /dev/null
@@ -1,44 +0,0 @@
----
-title: 'Trans Pacific Partnership: SOPA through the back door?'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-08-29T12:59:04+00:00
-url: /blog/trans-pacific-partnership-sopa-through-the-back-door/
-heroImage: /images-static/uploads/TPP-banner.png
-thumbnailImage: /images-static/uploads/TPP-banner.png
-
----
-Heads-up people,  a new threat to online freedoms is on the horizon. The Trans-Pacific Partnership (TPP) looks set to be the latest trade agreement that seeks to infiltrate SOPA-like laws through the backdoor, with almost no public consultation or legal scrutiny.
-
-**TPP, here we go again**
-
-So what is the Trans-Pacific Partnership and who will it affect? The [TPP is multi-national trade agreement between nine nations][1] - specifically, the USA, Australia, Peru, Malaysia, New Zealand, Chile, Singapore and Brunei. Canada and Mexico have also been invited to join the negotiations and are likely to do so.
-
-Unlike recent bills such as CISPA and the UK's CCDP, the TPP isn't geared directly toward issues of online surveillance and security. But it does have is a chapter on intellectual property that is very similar to previous copyright-orientated bills, such as SOPA and ACTA, which were largely designed to protect the IP interests of the entertainment industry.
-
-All countries that sign the TPP will have to rewrite their domestic laws to accommodate the new trade agreement. According to a leaked US chapter from the TPP on intellectual property this will include a number of requirements that tighten current copyright laws and infringe on online privacy.
-
-**Increased ISP liability**
-
-The TPP goes beyond current standards set in the US' much maligned Digital Millennium Copyright Act and pushes more of the responsibility of copyright infringement onto your ISP. This potentially opens the door to the kind of 'Three Strikes' policies that we've seen implemented in the UK, whereby ISPs are forced to ban persistent copyright offenders from accessing the internet. 
-
-The increased liability faced by ISPs could also [require them to increase surveillance on internet communication][2]s in order to block potential copyright-infringing material, block access to websites that allegedly infringe on copyright, and force websites to disclose the identities of customers to IP rights holders, if suspected of copyright infringement.
-
-The TPP leaked draft also discusses an agreement that would introduce much stricter 'notice-and-takedown' procedures to enable copyright holders to force companies to take down offending material. The agreement, according to the Electronic Frontier Foundation, is virtually the same as the one Chile declined to implement in 2004 at the behest of the US.
-
-**No transparency**
-
-As is fast becoming standard in such 'trade agreements', the discussions around TPP are taking place with little transparency, public debate and legal scrutiny. ACTA was drafted under the same veil of secrecy that was condemned by the very institution – the EU – that was set-up to implement it. The TPP is going down the same murky route.
-
-ACTA, SOPA and PIPA crumbled when the public light of scrutiny was shined upon them. It's clear that same powers that helped draft those bills are now trying to fly even further under the radar. The TPP will impact countries beyond those that formally sign-up to the agreement and this is well understood by its entertainment industry backers. They know that the more countries who sign up for such draconian copyright protection laws, the more other countries will be pressured into complying and the easier it will be for other governments to implement similar laws.
-
-**Take Action**
-
-If you live in the USA head over to the [Electronic Frontier Foundation's website,][1] where you'll find more information on how to send a message to Congress members. Kiwis can check out [InternetNZ][3], which lets you send a personalised message to the Minister of Trade. While Chileans can head to [ONG Derechos Digitales][4].
-
- [1]: https://www.eff.org/issues/tpp
- [2]: http://boingboing.net/2012/08/25/leaked-tpp-the-son-of-acta-w.html
- [3]: http://internetnz.net.nz/
- [4]: http://www.derechosdigitales.org/
\ No newline at end of file
diff --git a/src/content/es/blog/2012-09-04-only-three-days-left-to-protest-uk-porn-filter.md b/src/content/es/blog/2012-09-04-only-three-days-left-to-protest-uk-porn-filter.md
deleted file mode 100644
index eed774cb4..000000000
--- a/src/content/es/blog/2012-09-04-only-three-days-left-to-protest-uk-porn-filter.md
+++ /dev/null
@@ -1,270 +0,0 @@
----
-title: Only three days left to protest UK porn filter
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-09-04T12:56:54+00:00
-url: /blog/only-three-days-left-to-protest-uk-porn-filter/
-heroImage: /images-static/uploads/uk-flag.jpg
-thumbnailImage: /images-static/uploads/uk-flag.jpg
-comments:
-  - author: Jeremy Hunt
-    date: 2012-09-04T15:33:51+02:00
-    content: |
-      Stop calling it a porn filter.
-  - author: Andrew Lansley
-    date: 2012-09-04T16:36:43+02:00
-    content: |
-      STFU Jeremy, They can call it whatever they like.
-  - author: Theresa May
-    date: 2012-09-04T17:26:26+02:00
-    content: |
-      Shut up, you're history, Lansley.
-  
-      We'll call it the the Children's Safety Shield. If you want it disabled, contact your ISP. Then the police will audit your computers.
-  - author: Jared Butler
-    date: 2012-09-04T20:36:07+02:00
-    content: |
-      But that's essentially what it is, isn't it? Call it what you want, but it is an internet filter, which will attempt tp implement a block that will stop porn from being able to reach your computer. It's essentially "soft" censorship backed by mainly religious groups.
-  - author: stephen pudney
-    date: 2012-09-04T20:43:01+02:00
-    content: |
-      stop taking our freedoms
-  - author: Ben Cook
-    date: 2012-09-04T21:23:28+02:00
-    content: |
-      It kind of \*is\* a porn filter. In fact, it seems to be a filter for the entire internet. I'd hazard a guess that about 50% of the things online are 'unsafe' for the innocent wee kiddies. So the most obvious solution is to embarrass fully grown adults by making them opt-in because technically incompetent parents can't install their own web filters? Belting idea, Clare. Forward thinking, too. What a corker. On second thought, you can do whatever you like - The Onion Router will ensure I can access anything I please on the internet, regardless of your draconian controls.
-  - author: Maryjane
-    date: 2012-09-04T21:29:28+02:00
-    content: |
-      All I can say is WTF&#8230;&#8230; how is this going to help anything?? Censorship is not the way the forward&#8230;
-  - author: Roman Waites
-    date: 2012-09-04T21:55:03+02:00
-    content: |
-      This isn't a porn filter.. Porn is just the excuse being used to stop you seeing anything that paints the government in a false light. Porn only makes up around 4% of websites with the most traffic on the internet, but you say porn and all the ignorant parents who dont want to teach their kids stuff get on the band wagon and start talking about things that they know nothing about. Enjoy the internet while it lasts you bunch of ignorant pink monkeys!
-  - author: john silverton
-    date: 2012-09-04T22:58:42+02:00
-    content: |
-      When you trie to block porn from the internet, there will be only one big website on the net:
-    
-      It will only contain one sentence that is: BRING BACK THE PORN
-  - author: Wyvern
-    date: 2012-09-04T23:01:44+02:00
-    content: |
-      What the fuck, it's absolutely normal for a teen to fap ! If he don't he'll ejaculate in his sleep anyway, it's a traumatic experience, for fuck sake nobody teached your government these things ?
-  - author: David Cameron
-    date: 2012-09-04T23:14:18+02:00
-    content: |
-      I'll support any proposal by a conservative group with 'christian' in the title. You have my sword
-  - author: David Cameron
-    date: 2012-09-04T23:15:19+02:00
-    content: |
-      I'll support any proposal by a conservative group with 'christian' in the title. You have my sword
-  - author: unidentified
-    date: 2012-09-04T23:19:42+02:00
-    content: |
-      It is the most insidious form of censorship, to remove information from the many based on what a few people deem to be acceptable and not. To call this anything else is to fail to understand and mislabel what is happening.
-  - author: Max
-    date: 2012-09-04T23:48:34+02:00
-    content: |
-      This is an excellent idea. Make it so.
-  - author: DaveTheDave
-    date: 2012-09-04T23:59:41+02:00
-    content: |
-      As if it matters. Easy work around by routing all local traffic through a VPN, adds an extra few quid to the monthly bill, so be it.
-  - author: Davie S
-    date: 2012-09-04T23:59:50+02:00
-    content: |
-      I tell you this, no porn filter will every stop the average 13 year old boy from accessing porn.. why?, because all it takes is one boy to access porn, who tells his friend, who tell their friends, who tell their friends&#8230; before you know it you'll have an arms race between the ISP's and a load of horny boys&#8230; that's a fight they'll never win
-  - author: Kale
-    date: 2012-09-05T00:47:59+02:00
-    content: |
-      Ban sex but not beheadings, torture or murder!!! Since when should censorship replace adult supervision? I wish these parents would start taking responsibility for their children instead of leaving them to surf away alone!
-  - author: Mr. Machandy
-    date: 2012-09-05T01:13:43+02:00
-    content: |
-      > make you're voice heard
-  
-      Make you are voice heard.
-  
-      ಠ_ಠ
-  - author: James
-    date: 2012-09-05T01:17:37+02:00
-    content: |
-      Why protest? It's not like the state cares what ordinary people think. Democracy is a sham.
-  - author: rebecca
-    date: 2012-09-05T01:23:49+02:00
-    content: |
-      Yeah I think we should try an Opt-Out system for Organ Donation first. 
-  
-      It doesn't even make sense to filter the internet for everyone in the UK when we're trying to protect Children which is only a small % of UK population and children under 5 basically can't use it and teenagers will get round it anyway. 
-
-      Not to mention look how well China, Syria, Egypt etc got on at censoring their internet you know just trying to "protect" the public by taking away their freedoms.
-
-      And Jeremy, you believe in homeopathy, you probably believe that censoring the internet will work but the rest of us who don't believe in magic water, don't agree with you.
-  - author: rebecca
-    date: 2012-09-05T01:25:26+02:00
-    content: |
-      Stop calling yourself Hunt.
-  - author: Paul
-    date: 2012-09-05T01:31:07+02:00
-    content: |
-      First its porn. But since they only loosely define porn, if at all, what happens next?
-  
-      Well, since the system would already be in place, its easy to start blocking the odd media super-injunction. Maybe a few sites which encourage civil unrest.
-
-      Before you know it, we have a fully censored internet, introduced by the back door.
-    
-      People need to be much more angry about this. 
-
-      I think Western governments are looking at places like China, and see how easy it is to control and censor without huge repercussions, and it all helps keep them in power, and prevents any threat to the rivers of dollars flowing in. 
-
-      Be very angry about this, people.
-    
-      You owe it to future generations of internet users.
-  - author: Martin Alexander
-    date: 2012-09-05T01:33:27+02:00
-    content: |
-      For those of us new to this kind of protesting would you mind giving us some guidelines on the manner in which we respond on the government's consultation page? I may not have read correctly but they don't seem particularly interested in having lay people tell them they're idiots (which is practically all I was going to do).
-
-      Do I simply write out in a word document why they're wrong and attach it in the submission page?
-  - author: John Wilson
-    date: 2012-09-05T01:57:27+02:00
-    content: |
-      Give arguments of why shouldn't be called "Internet Filter" even if that's what it does.
-  - author: Steve
-    date: 2012-09-05T02:08:41+02:00
-    content: |
-      What are they going to decide you don't need to see next?
-  - author: TQian
-    date: 2012-09-05T02:35:08+02:00
-    content: |
-      Great, now I'll have to have a VPN for when I'm in the UK as well as for when I'm in China! Thanks for making it easier to live in these two ever-more-similar countries, Tories!
-  - author: Lisa
-    date: 2012-09-05T02:43:57+02:00
-    content: |
-      So who oversees the standards by which these censors shut down normal adult search behavior? How much art will be censored as porn, for having tits shown? Tits are ubiquitous in Renaissance art - how many classic artworks will now be blocked as porn, so that kids can't know about the Birth of Venus, or countless other classic works? How many Roman and Greek sculptures will now be blocked? 
-
-      More important, why are we willing to give religious pearl-clutchers such control over the art and culture that our children experience? They are now censoring their own works, in addition to modern intellectual thoughts. How about we stop being politically correct, and just be straight up honest about not censoring art and intellectual thought?
-  - author: TurkeyBurgers
-    date: 2012-09-05T02:55:46+02:00
-    content: |
-      Oh you silly British toothless wankers. Once you lined up and willingly turned in your firearms to Big Brother you went from citizens to subjects. 
-  
-      Free people own guns.
-  
-      Slaves do not.
-  - author: Justin Kachel
-    date: 2012-09-05T03:58:20+02:00
-    content: |
-      I thought it was pretty obvious that these things don't work&#8230; I don't know why governments still insist on trying to push things like this. But you know, we still live in a society based off of ignorance rather then scientific and mathematical proof. But you know, being stuck in a tier 2 society is where it's at, screw innovation and freedom, we all need to read the bible and let it tell our bodies what to do.
-  - author: Cole Hudson
-    date: 2012-09-05T05:03:28+02:00
-    content: |
-      You said wee&#8230;
-  - author: Fletcher
-    date: 2012-09-05T05:07:15+02:00
-    content: |
-      Why should the entire nations internet be censored for the convenience of a few parents too lazy to install a block on their own computers? Next they'll be telling us we cant wear "objectionable clothing", or use "objectionable speech" in public.
-  - author: Michael
-    date: 2012-09-05T05:22:36+02:00
-    content: |
-      "porn filter" ? Its more like a disguised censorship tool to block websites all in the name of "protecting children". Are these parents gullible that they want their government on what their children want to watch Internet? 
-
-      How will this tool be really used? So for example, what about the fate of the image hosting websites like imageshack or imgur? They contain so many adult images as well as many personal user images. So they will block the whole website? What about websites like youtube or vimeo which also contain adult videos? They will block it too. 
-
-      And haven't these parents and the politicians supporting for this type of blocking ever heard of the the consequences of banning something? It creates more demand for it and inadvertently turn them in to the very thing they try to avoid. Ever heard of the prohibition in US? 
-
-      I am not in support of children watching porn of course but this sort of thing is a parents responsibly, not the government. 
-
-      I am mostly sure this will block will be most probably removed but if it is implemented, it will only create more problems in the long term.
-  - author: Chris
-    date: 2012-09-05T05:31:23+02:00
-    content: |
-      Anyone else notice the irony in this being championed by "Christian Media" to "protect the innocence of children" when the church has been quite active in taking childrens innocence away? Besides, shouldnt it be the parents monitoring their own kids? Don't make the rest of us suffer for your lifestyle choice (as in, having kids!)
-  - author: Ike Ramsey
-    date: 2012-09-05T06:18:20+02:00
-    content: |
-      My vote is 1) Protest Internet censorship. 2) If the protesting doesn't work, we take back our freedom using a free VPN like proxpn.com or hotspotshield.com! 2-note) Better download a VPN before it's too late because who knows&#8230; they might start blocking sites that offer this type of service too.
-  - author: RELIGION IS OBSOLETE!
-    date: 2012-09-05T12:13:32+02:00
-    content: |
-      RELIGION IS OBSOLETE!
-    
-      Don't like porn or anything that's against your religion. don't go into those places!!!!
-      
-      Keep your shitty beliefs to yourself!
-  - author: David Cameron
-    date: 2012-09-05T12:24:45+02:00
-    content: |
-      <a href="http://goo.gl/Hcaz7" rel="nofollow">FIIIIIIIIRRRREEEEEEEED!</a>
-  - author: Allen Vincent
-    date: 2012-09-05T13:55:44+02:00
-    content: |
-      Wow&#8230; just wow. This whole idea is the stupidest thing I've heard in a long time. The people behind this are not only pushing this for purely religious reasons but are obviously technologically illiterate. Do you know how long it would take most people with a modicum of computer knowledge to circumvent this? About 2 minutes. Do you know who has the best and most intuitive computer knowledge? Kids and young people. Do the people supporting this even have the vaguest concept that the whole idea will be impossible to implement in the real world? Do they have even the vaguest concept of the internet or how it works?
-
-      It is unworkable, unpoliceable and a huge waste of time and money. I'm proud that the UK government doesn't generally bow to religious nutjobs. Don't start now.
-  - author: JP
-    date: 2012-09-05T14:43:36+02:00
-    content: |
-      If porn is blocked, firstly there will be a lot of moody, horny teens. That aint good. Then, where does the censorship stop? Porn? YT? Facebook? Where?
-  - author: Ryan
-    date: 2012-09-05T15:30:09+02:00
-    content: |
-      What annoys me the most is that getting that word document set up to send via that online form is the most complicated thing I've ever seen. What's wrong with just a message box like this that I can say "No government, fuck off, you ruin our lives more than enough as it is, I don't want your stupid ass censorship in my internet."
-
-      Censorship is disgusting enough as it is, we can't have swear words on television before 9pm and certain 'more rude' swear words before 10pm because a few people complain about their kids seeing it and repeating the words, even though most of the time they learn those words from school from other kids who hear it off their parents. The internet is the last place of freedom people have to escape to when the real world restricts them in every possible fashion, and now there are people wanting to censor and control that too? Fuck off.
-
-      I wonder if I can get them to stop by threatening to kill myself if they go forward with it&#8230; Given the clear religious aspects of this, I'm sure they wouldn't want their actions causing a suicide, otherwise they'd be just as much to blame for the suicide in the eyes of their god as I am.
-  - author: Ryan
-    date: 2012-09-05T15:32:47+02:00
-    content: |
-      \*Looks at America's two party political race\* Yeah, very free over there buddy. Not that it's much better here with our three major ones&#8230;
-  
-      We're still all locked in this bullshit democracy that only appeases the 'majority' and oppresses the minority. Funny that the way it works here, the minorities can far outnumber the majority&#8230;
-  - author: Lisa
-    date: 2012-09-10T22:00:33+02:00
-    content: |
-      It only effects you if you want the filter. Stop whinging porn addicts and grow up. Want to be a loser behind a computer screen your whole life and you can. Don't want to have brain changing, addictive drugs that distort sexuality freely available in your home, and you don't have to. Now THAT IS freedom of choice. At the moment there is no choice. Like it or lump it, porn is everywhere. And no, I'm not religious, or a prude, or ugly, or fat, or whatever name you want to call me to try and control me or 'put me in my place'.
-  - author: Jace
-    date: 2013-10-05T19:56:54+02:00
-    content: |
-      Terrible idea hope it is revoked!
-
----
-The UK's Department of Education is currently holding a [public consultation on parental internet controls][1], the results of which will influence the coalition government's decision to implement an mandatory ISP-level content filter, designed to block pornography and other adult content. The consultation ends on Thursday, so there's only three days left for you to make your voice heard.
-
-The consultation follows Conservative MP [Clare Perry's report back in April][2], which advises that the government should control what UK internet users can and cannot see online. The report recommends a 12 months timeframe to roll-out an network-level filtering system, which is mandatory for all internet connections, and can only be opted out of by contacting the ISP directly.
-
-"A network-level 'Opt-In' system, maintained by ISPs, that delivered a clean internet feed to customers as standard but allowed them to choose to receive adult content, would preserve consumer choice but provide an additional content barrier that protected children from accessing age inappropriate material," [the report concluded][3].
-
-**Opposition and support**
-
-Perry's report failed to define what will actually constitutes pornography and also neglected to specify who would be in control of deciding what is deemed offensive and inoffensive. It also fails to address any of the technical issues around internet filtering and doesn't provide any assurances over privacy concerns raised by UK activist groups such as [BigBrotherWatch][4]_._
-
-ISPs are naturally against Perry's recommendation. The [Internet Service Providers' Association said][5] such content filters are: "easy to circumvent, reduce the degree of active interest and parental mediation and has clear implications for freedom of speech." The Conservative cabinet minster Francis Maude [also expressed concerns][6] over government intervention in the web. Even the prudish [MumsNet was convinced to back away][7] from supporting Perry's plans.
-
-Nevertheless, support for the content filter is well-organised. The biggest pressure group calling for Perry's recommendations to be implemented is Safety Net, an organisation run by the religious group ['Christian Media][8]'. Safety Net has amassed hundreds of thousands of signators to its campaign and [urging its members to join the public consultation][9] in order to "protect children's innocence online."
-
-**Ineffective protection**
-
-But in order to protect children, the filter has to work effectively. As many have pointed out, from The Open Rights Group to MumsNet, such systems rarely work. Anyone who wants to watch porn can easily find ways to circumvent the block. This raises the possibility that the whole scheme will ultimately prove counter-productive, as it lulls parents into a false sense of security and stops them from implementing more effective ways to prevent their kids watching porn.
-
-"Default filternets are awful. They block a wide range of innocent material; and nobody should be advocating broader and simpler censorship," [says Open Right's][10] Jim Killock. "All the independent evidence has pointed to giving parents simple tools and choices. There is no need to create network level censorship in the name of a porn opt-in."
-
-In fact, back in June, magazine PC Pro illustrated a [simple flaw in ISP TalkTalk's filtering system][11]. All the magazine had to do was use Google Images to access pornographic content. "Although the sites hosting the images were blocked, we were still able to click on the thumbnail images in search results to see enlarged photos," writes PC Pro. "Which ironically appear over the warning that the page has been blocked." PC Pro also points out that TalkTalk's filter is incredibly inconsistent, blocking sites like Flickr, but allowing access to sexual content on sites like Reddit.
-
-Given a degree of cross-party support for Perry's filter recommendations, and given the organised support from Christian groups such as Safety Net, there's a real chance that UK online citizens could soon find themselves behind a giant content filter by default. Are you comfortable with the government deciding what you're allowed to view online, even when they haven't defined what type of content they want to block? Do you want to have to contact your ISP in order to opt-out of such filtering? Head over to the [government's consultation page][1] and make your voice heard. You've got until Thursday!
-
- [1]: http://www.education.gov.uk/aboutdfe/departmentalinformation/consultations/a00211052/parental-internet-controls
- [2]: http://www.bigbrotherwatch.org.uk/home/2012/04/claire-perry-report.html#.UETXohTft0w
- [3]: http://www.claireperry.org.uk/downloads/independent-parliamentary-inquiry-into-online-child-protection.pdf
- [4]: http://www.bigbrotherwatch.org.uk/
- [5]: http://www.ispa.org.uk/ispa-statement-on-parliamentary-inquiry-into-online-child-protection/
- [6]: http://www.telegraph.co.uk/technology/internet/9241830/Francis-Maude-state-must-resist-urge-to-control-internet.html
- [7]: http://www.theregister.co.uk/2011/02/10/mumsnet_backtracks_support_for_net_filter/
- [8]: http://www.premier.org.uk/
- [9]: http://www.safetynet.org.uk/
- [10]: http://www.openrightsgroup.org/press/releases/cameron-wrong-on-porn-blocks
- [11]: http://www.pcpro.co.uk/news/375553/exposed-the-shocking-flaws-in-talktalks-porn-filter
diff --git a/src/content/es/blog/2012-09-12-congress-to-vote-on-secret-spying-act-today.md b/src/content/es/blog/2012-09-12-congress-to-vote-on-secret-spying-act-today.md
deleted file mode 100644
index 4ee63859a..000000000
--- a/src/content/es/blog/2012-09-12-congress-to-vote-on-secret-spying-act-today.md
+++ /dev/null
@@ -1,57 +0,0 @@
----
-title: Congress to vote on secretive spying act today
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-09-12T11:15:29+00:00
-url: /blog/congress-to-vote-on-secret-spying-act-today/
-heroImage: /images-static/uploads/blog_fixfisa_0.jpg
-thumbnailImage: /images-static/uploads/blog_fixfisa_0.jpg
-
----
-The US House of Representatives is scheduled today to vote on an five-year extension of the controversial FISA Amendments Acts, which was enacted in 2008 to legalise the Bush adminstration's wiretapping program.
-
-**What is FISA Amendments Act?**
-
-[The Foreign Intelligence Service Act of 1978 Amendments Act of 2008][1] (to give it the full title) was primarily a reaction to the revelations in 2005 that the NSA, under the Bush adminstration, had been conducting warrantless wiretapping. [The New York Times revealed][2] that the NSA was authorised under executive order to monitor, without search warrants, the phone calls, internet activity and text messages, of people within the United States.
-
-In case you didn't know, all wiretapping requires a warrant from a three-judge court to be legal. So the NSA was technically operating outside the law. Furthermore, while the Bush adminstration said the warrantless wiretapping was needed for anti-terrorism measures, critics claimed the government used the monitoring to silence its detractors. [Approximately 40 lawsuits have since been filed][3] by groups and individuals against telecommunications companies, alleging that the Bush adminstration illegally wiretapped their internet connection and phones.
-
-So in 2008, the government attempted to fix the issue and bring the NSA's activities under control. The result was the FISA Amendments Act, which has a number of provisions that seeks to protect the privacy of Americans.
-
-**Where did it go wrong?**
-
-However, while the FISA Amendments Act brought some welcome oversight to the issue of warrantless wiretapping, it essentially legalised the practice. As [the American Civil Liberties Union describes it][4]:
-
-<p style="padding-left: 30px;">
-  "[FISA] permits the government to get year-long orders from the secret Foreign Intelligence Surveillance Act (FISA) court to conduct dragnet surveillance of Americans' international communications—including phone calls, emails, and internet records—for the purpose of collecting foreign intelligence.
-</p>
-
-<p style="padding-left: 30px;">
-  The orders need not specify who is going to be spied on or even allege that the targets did anything wrong. The only guarantees that the FAA gives are that no specific American will be targeted for wiretapping and that some (classified) rules about the use of intercepted information will be followed."
-</p>
-
-**Loopholes and secrecy**
-
-Furthermore, US Senators Ron Wyden and Marc Udall both appear to suggest the FISA Amendments Act contains loopholes that allows the NSA to collect "massive amounts of data" on US citizens without warrants.
-
-The two Senators asked officials how many Americans had been spied on via the program and were not given an answer. In fact, multiple intelligence officials told them it was "not possible" to determine how many had been spied on under the act. This [led Wyden to conclude in August 2011][5] that _" there are important questions that need to be answered before the FISA Amendments Act is given a long-term extension."_ 
-
-"_..one of the central questions that Congress needs to ask is, are these procedures working as intended? Are they keeping the communications of law-abiding Americans from being swept up under this authority that was designed to apply to foreigners?_ 
-
-**Voting on it anyway&#8230;**
-
-But as [TechDirt reports][6], Congress seems "ready to push this extension through no matter what&#8230;without bothering to understand the massive loopholes and likely abuse by the feds under the law."
-
-It certainly seems bizarre that members of Congress would be prepared to vote on extending a piece of legislation when they do not have basic information about it, such as how it's enabling the warrantless spying on US citizens. Yet that's what they will be doing today.
-
-The ACLU has [an action page][7] that can provide more information on the FISA Amendments Act, including a submission form to voice your concerns to Congress.
-
- [1]: http://en.wikipedia.org/wiki/FISA_Amendments_Act
- [2]: http://www.commondreams.org/headlines05/1216-01.htm
- [3]: http://archive.truthout.org/article/judge-rejects-bushs-view-wiretaps
- [4]: http://www.aclu.org/blog/national-security/house-vote-fisa-amendments-act-wednesday/
- [5]: http://www.techdirt.com/articles/20110802/13125515364/ron-wyden-puts-hold-fisa-amendments-act-wants-answers-to-how-many-americans-have-been-spied.shtml
- [6]: http://www.techdirt.com/articles/20120611/16214719280/wyden-udall-block-fisa-amendments-act-until-us-admits-how-many-americans-are-being-spied.shtml
- [7]: https://ssl.capwiz.com/aclu/issues/alert/?alertid=61359346&type=CO?s_src=UNW120001C00&ms=web__ac
\ No newline at end of file
diff --git a/src/content/es/blog/2012-09-22-the-internet-association-a-rogues-gallery-of-online-privacy-violators.md b/src/content/es/blog/2012-09-22-the-internet-association-a-rogues-gallery-of-online-privacy-violators.md
deleted file mode 100644
index 630fe9f25..000000000
--- a/src/content/es/blog/2012-09-22-the-internet-association-a-rogues-gallery-of-online-privacy-violators.md
+++ /dev/null
@@ -1,63 +0,0 @@
----
-title: 'The Internet Association: A rogues gallery of online privacy violators'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-09-22T16:38:24+00:00
-url: /blog/the-internet-association-a-rogues-gallery-of-online-privacy-violators/
-heroImage: /images-static/uploads/ialogo_201535043360_640x360.jpg
-thumbnailImage: /images-static/uploads/ialogo_201535043360_640x360.jpg
-comments:
-  - author: al
-    date: 2012-09-24T05:22:39+02:00
-    content: |
-      Good blog. I am concerned about hardware, browser, and OS fingerprinting. Would be interesting you could post on how to use iVPN along with the privacy Live CD's like JonDoFox, TAILS and that Liberte one. Is it possible to use iVPN instead of TOR or perhaps in addition to TOR?
-
-      And you're right about Google. Google is noone's friend. Every "free" product they put out ther from their search engine to gmail to google docs, whatever, they're all out to track you and profile you as you travel the internet.
-
-      Thanks.
-
----
-A number of heavy weights in the online space have joined forces to form [The Internet Association][1], a new lobbying group that aims to protect the freedom of the internet and the rights of internet users. But when you look at its membership, and read its policy, it's pretty clear that protecting online privacy won't be on their agenda.
-
-**No mention of the 'P' word**
-
-Having formally launched on Wednesday, The Internet Association wasted no time announcing its values and objectives. Here's a quote from their press release:
-
-"The Internet Association's policy platform is based on three planks: protecting Internet freedom; fostering innovation and economic growth; and empowering users.The Internet Association and its member companies engage in direct advocacy, educating policymakers on the profound positive impacts of the Internet and Internet companies on jobs, economic growth, freedom, creativity, commerce, productivity, education, prosperity and the global economy."
-
-All very valiant goals, but did you notice the glaring omission in that list of online sacred cows? Yep, the word "privacy" is conspicously absent. It's strange, because the idea of "empowering users" and promoting "freedom" surely necessitates a measure of privacy&#8230;. Indeed, wasn't the concept of protecting privacy a significant element of the SOPA and ACTA protests (arguably the biggest internet-related protests in history)? I also checked [The Internet Association's website][1] I couldn't find a single mention of the word "privacy". Just more ambigous talk of "Internet freedom":
-
-"The Internet Association supports policies that protect and promote Internet freedom – information should flow freely across national borders, uninhibited by tariffs, regulations and government censorship that are fundamentally inconsistent with the transnational, free and decentralized nature of the Internet. To preserve the Internet's role as a conduit for free expression, Internet intermediaries must not be held liable for the speech and activity of Internet users."
-
-**Rogues' gallery**
-
-But it's not hard to see why The Internet Association is so reluctant to utter the 'P word', as many of its members have been accused, and in some cases convicted, of privacy violations. The full membership so far includes: Amazon.com, AOL, eBay, Expedia, Facebook, Google, IAC, LinkedIn, Monster Worldwide, Rackspace, salesforce.com, TripAdvisor, Yahoo!, and Zynga . Let's take a closer look at some of their track records.
-
-**Google:** Do I really need to tell you Google's attitude toward online privacy? This is the company whose former CEO said those concerned about online privacy [must have something to hide][2]! We [summarised Google's privacy violations][3] in a previous blog post, back when the search giant suffered the highest fine ever dished out by the FTC, for breaking its own privacy-related promises.
-
-**Yahoo!**: Yahoo! may be committed protect people from government censorship now, but where were its values when it handed over the personal details of [democracy activist Shi Tao][4] to the Chinese government? Tao is currently serving 10 years in prison. Yahoo!'s Hong Kong arm also played a role in the jailing of activists [Li Zhi][5], [Jiang Lijun][5] and [Wang Xiaoning][6]. I doubt they'll be getting any assistance from The Internet Association&#8230;
-
-**Facebook**: Barely a month goes by without Facebook's privacy policy coming under the spotlight. Wikipedia has [a nice summary][7] and here is [a few][8] [privacy concerns][9] raised [this year.][10] Of course, Facebook's entire business rests on selling your data to advertisers, so don't expect it to join an organisation that has any interest in protecting privacy.
-
-**Amazon**: Although Amazon's privacy missteps haven't attracted as much attention as Google or Facebook's, it's still – allegedly - been a naughty boy. Last March [a class action lawsuit][11] was filed against the online retailer, alleging that Amazon illegally circumvented cookie blockers on Internet Explorer and tracked users without consent. Users also allege that Amazon sold their data to third party advertisers without consent. Amazon tried to get the lawsuit dismissed in June, but [was rejected][12] by a federal judge.
-
-**Rackspace**: The Internet Association has pledged to "preserve the internet's role as a conduit for free expression" but back in 2004 Rackspace was involved in some very shady dealings with government agencies that saw them handing over servers belonging to the independent media group IndyMedia. The whole affair is shrouded in secrecy, with no agency taking responsibility for the seizure (the finger has been pointed at Italian, UK and US governments) and no explanation given by Rackspace. The company's UK branch was investigated for possible breach of the UK Data Protection Act and Rackspace was roundly criticised for not doing more to protect its customers' data. The EFF has a nice [summary of the affair here][13].
-
-I could mention the privacy lawsuits related Zynga and that [colossal user data screw-up by AOL][14] a few years back, but in the interest of brevity I'll stop here. Of course, I still wish The Internet Association the best of luck - many of its goals are admirable - but judging by its members, online privacy is far from its concern and without a focus on privacy "Internet freedom" will be hard to achieve.
-
- [1]: http://internetassociation.org/
- [2]: http://blogs.computerworld.com/15234/google_ceo_if_you_want_privacy_do_you_have_something_to_hide
- [3]: /blog/google-can-never-be-trusted-to-protect-your-privacy/
- [4]: http://en.wikipedia.org/wiki/Shi_Tao
- [5]: http://en.wikipedia.org/wiki/Li_Zhi_%28dissident%29
- [6]: http://en.wikipedia.org/wiki/Wang_Xiaoning
- [7]: http://en.wikipedia.org/wiki/Criticism_of_Facebook#Privacy_concerns
- [8]: http://technorati.com/business/article/new-facebook-privacy-violations-add-to/
- [9]: http://www.infosecisland.com/blogview/21386-Facebook-Like-Button--Privacy-Violation--Security-Risk.html
- [10]: http://www.theinquirer.net/inquirer/news/2198211/facebook-settles-with-the-ftc-over-privacy-violations
- [11]: http://www.infolawgroup.com/2011/03/articles/privacy-and-security-litigatio/add-amazoncom-to-the-list-classaction-lawsuit-alleges-data-privacy-violations/
- [12]: http://www.mediapost.com/publications/article/176077/judge-rejects-amazons-bid-to-dismiss-privacy-laws.html
- [13]: https://www.eff.org/cases/indymedia-server-takedown
- [14]: http://en.wikipedia.org/wiki/AOL_search_data_leak
diff --git a/src/content/es/blog/2012-09-29-will-privacy-concerns-limit-facebooks-growth.md b/src/content/es/blog/2012-09-29-will-privacy-concerns-limit-facebooks-growth.md
deleted file mode 100644
index e059f53f2..000000000
--- a/src/content/es/blog/2012-09-29-will-privacy-concerns-limit-facebooks-growth.md
+++ /dev/null
@@ -1,52 +0,0 @@
----
-title: Will privacy concerns limit Facebook's growth?
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-09-29T10:07:59+00:00
-url: /blog/will-privacy-concerns-limit-facebooks-growth/
-heroImage: /images-static/uploads/facebook-privacy.jpg
-thumbnailImage: /images-static/uploads/facebook-privacy.jpg
-
----
-The last week has been troublesome for the world's biggest social network Facebook, with (false) allegations of a timeline privacy flaw, worries over its new data-sharing partnership, and – most importantly – a dramatic dip in confidence from potential investors. The once mighty company is now looking somewhat vulnerable. It begs the question, to what extent will privacy concerns clip the wings of Facebook's future growth?
-
-**Privacy missteps**
-
-Facebook has faced three PR issues recently. The first was a story that [initially broke on TechCrunch][1] this Monday. The website began receiving a number of messages from concerned readers, who claimed that private Facebook messages, written in 2009 and earlier, were being displayed publicly on their timeline. Only it turned out that the private messages weren't actually private in the first place. According to Facebook, and TechCrunch's own investigation, they were in fact wall posts (although it must be noted that a number of the users involved disagree with Facebook's explanation).
-
-On the same day Facebook was forced to [switch-off its facial recognition technology][2] in Europe, following an investigation by the Irish Data Protection Commission. The IDPC found that while Facebook had implemented some its privacy recommendations, "full compliance has not yet been achieved" and that Facebook "still needs to be monitored going forward". Facebook, which has its European HQ in Dublin, says it wants to reinstate the feature once it meets the IDPC's guidelines.
-
-Then, a day later, news emerged that Facebook [has partnered with a controversial company Datalogix][3] - an online advertising company that tracks whether people viewing ads go on to buy products. The Financial Times says the partnership comes amid "growing pressure for the social networking site to prove the value of its advertising". While privacy advocates at The Centre for Digital Democracy say "We don't believe any of this online-offline data should be used without express consumer approval and an opt-in."
-
-**Wall St woes**
-
-Facebook has endured plenty of attacks over online privacy, so nothing about this is new. However, unlike the past PR disasters, we haven't been able to measure the impact on the one metric that really counts – Facebook's stock price.
-
-When Facebook embarked on its IPO this May it was greeted with fanfare. Mark Zuckerberg went on the road, soliciting high-profile investors. The company, with the help of Goldman Sachs, estimated its value at $38 dollars per share and had no problem [raising $16 billion from early investors][4]. In fact, responding to extraordinary demand, Facebook floated a further 84 million shares worth $3.2 billion and the stock [opened at $42.05 per share][5].
-
-Fast forward just four months and [Facebook shares this week plummeted to $20.83][6] with influential investment company Barron's stating the stock is worth just $15. The glowing headlines pre-IPO, have now turned into [navel gazing commiserations][7].  Now, the reasons for this are multi-faceted. But they largely rest on Facebook's inability to effectively monetise via advertising. More precisely, investors are worried that Facebook cannot make enough money from advertising [via its mobile app,][8] which is expected to be the most common way to access the social network over the coming years.
-
-**Mobile restrictions**
-
-Now you have to ask why is it harder for Facebook to make money from mobile advertising? Well it's not just Facebook's problem. It's hard to make money from mobile advertising across all platforms. This is because [advertisers are reluctant to spend money on mobile][9] due to their inability to track and target mobile users like they can target desktop online users. Why can't they target mobile users? [Chiefly because of privacy concerns][10].
-
-Despite a number of [high-profile screw-ups][11] – or perhaps because of them - Apple is sensitive to user concerns about privacy. Unlike Google, Apple does not have a vested interest in testing the limits of online privacy, because it makes the vast majority of its money through hardware sales and content sales (not advertising). This is why Apple had [no problem ditching UDIDs earlier in the year][12] (causing an uproar in the mobile ad industry). Apple has even gone as far as to introduce a [UDID alternative][13] that promises to protect privacy.
-
-But the facts are 1) Apple doesn't have to play ball with the advertisers and 2) Apple still controls a substantial amount of mobile and tablet connections 3) iDevice users are generally [seen as more valuable to advertisers than Android users][14]. This, combined with increasing sensitivities over mobile online privacy, will continue to make it problematic for the mobile ad industry to track users, and thus could very well continue to inhibit Facebook's growth and value. Facebook is therefore facing a big problem: it needs to develop more targeted advertising to grow its business, but it can only grow in a space (mobile) where consumers and powerful vendors like Apple are much more sensitive and sympathetic to online privacy.
-
- [1]: http://techcrunch.com/2012/09/24/reports-facebook-users-seeing-private-messages-pre-2009-showing-up-on-timelines-as-posted-by-friends/
- [2]: http://www.irishcentral.com/news/Facebook-suspends-facial-recognition---could-face-128000-fine-for-not-complying-with-Irish-regulations-171138071.html
- [3]: http://www.computerworld.com/s/article/9231662/FTC_should_examine_Facebook_Datalogix_partnership_privacy_group_says?taxonomyId=84
- [4]: http://www.forbes.com/sites/roberthof/2012/05/17/its-official-facebook-raises-16-billion-in-historic-ipo/
- [5]: http://money.cnn.com/2012/05/18/technology/facebook-ipo-trading/index.htm
- [6]: http://seekingalpha.com/article/889451-facebook-drops-on-barron-s-call
- [7]: http://www.businessinsider.com/facebook-lockup-release-2012-8
- [8]: http://www.latimes.com/business/technology/la-fi-tn-emarketer-facebook-wont-be-a-mobile-advertising-powerhouse-overnight-20120905,0,4158391.story
- [9]: http://techcrunch.com/2012/02/18/mobile-advertising-baby-huey/
- [10]: http://www.adweek.com/news/technology/survey-privacy-top-concern-mobile-app-users-143352
- [11]: http://www.bbc.com/news/technology-13145562
- [12]: http://www.mobyaffiliates.com/blog/the-end-of-udids-what-it-means-for-mobile-advertising/
- [13]: http://appleinsider.com/articles/12/06/08/apples_new_udid_free_tracking_tool_will_increase_user_privacy
- [14]: http://www.cultofmac.com/175840/ios-apps-retain-way-more-users-than-android-apps/
\ No newline at end of file
diff --git a/src/content/es/blog/2012-10-05-australian-data-retention-debate-heats-up.md b/src/content/es/blog/2012-10-05-australian-data-retention-debate-heats-up.md
deleted file mode 100644
index a0aafa668..000000000
--- a/src/content/es/blog/2012-10-05-australian-data-retention-debate-heats-up.md
+++ /dev/null
@@ -1,67 +0,0 @@
----
-title: Australian data retention debate heats up
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-10-05T10:14:07+00:00
-url: /blog/australian-data-retention-debate-heats-up/
-heroImage: /images-static/uploads/AustFlag3.jpg
-thumbnailImage: /images-static/uploads/AustFlag3.jpg
-comments:
-  - author: Gil.Macy
-    date: 2013-03-17T13:52:29+01:00
-    content: |
-      Sir/Ms,
-  
-      Your article "the 5 greatest threats to online privacy ' was very interesting.
-    
-      But as an Australian on this day Sunday 17 March,2013 the current socialist government, the Australian Labor Party, r about to by censorship and for control of the media for starters take the step taken by the likes of Hitler & Stalin etc by legislating against an journalists writing ANY columns that are critical of the government. They are dependant on 3 independents (as Labor is a minority government) voting with them to slam this bill through before Tuesday the 19th March,2013 which I believe is the latest date they r legally permitted to do so as their leader (former allied with the communist party & has never worked outside the union movement except a brief stint with a socialist Melbourne law firm, Slater & Gordon.Her departure from there is clouded in mystery as whilst she was employed by S & G she defended, whilst embroiled in a long term affair, with a man who was on trial for embezzlement. A large sum of money which purchased (she denies) a house for HER in HER name. She was then in her mid thirties & claimed she was 'conned' by this man who 'broke her heart' and claimed she was TOO young & TOO NAIVE to understand what was taking place.
-    
-      TOO young & naïve in ones MID thirties, a lawyer who had worked around, socialised with & represented some of the toughest union heavies in Australian at that time???? She is now in her early 50's) & is one of the most cunning actress's, liars,,diabolically fallacious politician in Australia's history.
-    
-      She has called an election for September this year, which according to various polls she cannot win.
-    
-      If this once wonderful country of ours is to survive economically, incorruptibility and free, our people from the eventual Big Brother Marxist police-state we, the masses, MUST realise that Communism is NOT dead, it lives alive & well here in Australia under the guise of the Australian Labor Party !!!!
-  - author: Gil.Macy
-    date: 2013-03-17T14:08:49+01:00
-    content: |
-      I do not believe that my contribution of a few minutes ago will be accepted for any type of publication because most print, electronic & all types of speaking one's mind in the way I have has already been censored not just here but in other Westernised so called 'fee' countries. No editor or moderator will take a chance of having the wrath of these governments come down on them. None at all,, once intrepid,, dauntless editors, journalists & columnists have lost their guts, they have taken the spineless way out.
-  
-      &#8230;.shut up & keep your jobs!!!
-
----
-Australia's National Security Proposals, which threaten to curtail the online freedoms of Aussie citizens, are currently being thrashed out in a series of joint parliamentary committees. The latest hearing, which took place last week, saw police officials call for new data retention laws and increased power to access Australian citizens' online personal data. However, ISPs and storage experts have said the proposed plans would be hugely costly and complicated to implement.
-
-**Two years not enough**
-
-When discussing how long ISPs should hold onto customer data, Australia's Federal Police Commissioner Tony Negus [told the inquiry in Sydney][1] he wants records of every website and email sent held indefinitely, so it could be accessed by police at any time. However, given the extremity of this request (not even China has implemented indefinite data retention policies), Mr Negus said that a two year data retention policy would be acceptable.
-
-"The two-year proposal &#8230; we could live with," he said. "It certainly wouldn't be ideal, but we could live with [it]."
-
-**Growing pressure to change laws**
-
-Unlike in Europe, currently Australian ISPs are under no obligation to retain the personal data of citizens for any length of time. But they are obliged to [give "necessary assistance"][2] to any law enforcement agency of the Commonwealth States and Territories.
-
-However, since July attorney-general Nicola Roxon has been steadily beating the drum [for a crackdown on online privacy][3] in the name of law enforcement and her proposals [have been controversial to say the least][4]. Roxon is not entirely clear what constitutes personal data, but she insists that the contents of emails will not be accessible. As with the [EU's Data Retention Directive][5], the data would likely consist of logs concerning who you've emailed, and when, as well as what websites you've visited and when you visited them. Roxon insists they are necessary for 21st century law enforcement ands points to the EU's laws as further justification.
-
-**Costly and ineffective**
-
-But ISPs say the plans would be highly expensive to implement and would not even give law enforcement the information they are seeking. Australian ISP [iiNet told the committee][6] that the costs of setting up data capture points would reach around $60 and would ultimately be passed down to consumers, with a rise of $5 per connection. [Rival ISP Telstra said][7] a great deal of the data sought by the police would be held by "over the top" services such as Skype and Gmail, not ISPs.
-
-"The other part that gets a little bit lost in all this is that some of the information that carriers may want is not something that carriers themselves can provide because it's information that's contained in applications that are used by over-the-top players," said Telstra's security spokesman Darren Kane.
-
-Meanwhile, Hitachi Data Systems told ZDnet.com that the iiNet's assessment is a "conservative estimate" of the costs involved in capturing such massive amounts of data. "There's no doubt that there is going to be huge logs that need to be maintained," [said Hitachi's Australian CTO][8]. "The ability to find an email that was around two years ago from, potentially, a customer that no longer is with them, how do you go and do that easily? High levels of automation and understanding the context of information is going to be critical."
-
-**Falling in line**
-
-It's clear that governments around the world are trying to turn ISP data retention into an accepted standard policy, despite the protests of both ISPs, the wider online industry and of course regular online citizens. What's worrying is that there's an obvious snowball effect taking place, whereby governments justify such anti-online privacy laws pointing to their implementation in other countries. These justifications are powered by the insistence of law enforcement agencies that such laws are necessary to protect society. But, as with any organisation, the police will always want to increase their powers, as is illustrated by Police Commissioner Tony Negus' comments that he wants "indefinite" data retention. They do not care about the privacy risks – it's not their problem. Australia is lucky that it currently remains free of data retention laws; for its sake – and for the sake of other western democracies – it needs to resist Roxon's proposed laws.
-
- [1]: http://www.theage.com.au/technology/technology-news/police-want-phone-web-data-kept-indefinitely-20120926-26kj2.html
- [2]: http://www.acma.gov.au/WEB/STANDARD..PC/pc=PC_100072
- [3]: /blog/australia-prepares-for-new-online-privacy-fight/#more-513
- [4]: https://www.efa.org.au/2012/09/14/data-retention-roxon-obfuscates/
- [5]: http://en.wikipedia.org/wiki/Data_Retention_Directive
- [6]: http://www.zdnet.com/au/iinet-tips-au5-monthly-data-retention-tax-7000004933/
- [7]: http://www.theaustralian.com.au/australian-it/data-retention-too-costly-says-telstra/story-e6frgakx-1226482655404
- [8]: http://www.zdnet.com/au/data-retention-will-require-massive-storage-re-architecture-7000005210/
diff --git a/src/content/es/blog/2012-10-13-top-5-online-privacy-misconceptions.md b/src/content/es/blog/2012-10-13-top-5-online-privacy-misconceptions.md
deleted file mode 100644
index 699fa6062..000000000
--- a/src/content/es/blog/2012-10-13-top-5-online-privacy-misconceptions.md
+++ /dev/null
@@ -1,47 +0,0 @@
----
-title: Top 5 online privacy misconceptions
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-10-13T13:33:47+00:00
-url: /blog/top-5-online-privacy-misconceptions/
-heroImage: /images-static/uploads/800px-Anti-ACTA_Demonstration_in_Aalborg_Denmark_2012-02-25_-ubt-141.jpg
-thumbnailImage: /images-static/uploads/800px-Anti-ACTA_Demonstration_in_Aalborg_Denmark_2012-02-25_-ubt-141.jpg
-
----
-Online privacy is a vast topic and for the average internet user it can be an uphill struggle keeping up with the facts. So we've rounded-up five of – what we think – are the most common misconceptions surrounding online privacy. If you can think of any better ones, let us know in the comments!
-
-**My ISP doesn't keep a record of the websites I visit&#8230;**
-
-Many people browsing the web believe that they are not being tracked by their ISP and that their ISP is not keeping a record of the websites they visit, as well as the people they email. It's a very reasonable belief, but in many countries it simply is not true. The vast majority of European countries have a data retention policy in place that adheres to the [EU Data Retention Directive][1]. This means ISPs are forced to keep logs of your web activity for up to 2 years after you cancel their service. The UK, Sweden, France, Italy and Holland all have a data retention law in place. Germany is one of [the few European countries that has resisted][2]. The US currently has no data retention law in place (lets hope it stays that way), but ISPs will certainly keep data for at least 30 days and possibly more (it's entirely down to the ISP in question). Australia is also in the clear for now, but the government is currently [considering implementing an EU-style data retention act.][3]
-
-**All VPNs protect your online privacy&#8230;**
-
-Despite the vast majority of VPNs marketing themselves as online privacy protectors, many simply aren't up to scratch in this area. A number of VPNs retain your personal data – just like an ISP would – and are subject to any laws of the land requiring them to hand data over to authorities. This can be easily cross-referenced with billing information to find out your identity. TorrentFreak posted a [good article on this subjec][4]t, and we wrote another one discussing exactly what happens when [law enforcement demands a VPN hand over customer data.][5]
-
-**'Private browsing' is anonymous&#8230;**
-
-This may seem obvious to many readers, but I'm willing to be most people who click on 'private browsing' options really do think they're being offered an extra level of privacy. In reality, you're simply browsing without cookies, it has no effect on whether or not your ISP can track your IP address.
-
-**Law enforcement needs a warrant to access my data&#8230;**
-
-Sure, technically warrants are needed in most countries to access customer data from ISPs, but it's not always so clear cut. In the UK any public authority (such as local council) can [access "communications data" from your ISP without a warrant or judicial oversight][6]. This includes partial URLs (the whole URL would require a warrant, but presumably they'd know the domain). In 2009 there were [500,000 requests][6] for this type of data. It's also worth noting that in the US The Fourth Amendment does not extend to your private data stored on servers outside your home. This led to the creation of the [Stored Communications Act][7], which has been [criticised for being confusing][8] and failing to sufficiently protect privacy. It's quite complicated (you can read [an analysis here][9]), but essentially law enforcement does not need probable cause and a search warrant in order to access your data, they just need a subpoena and can delay prior notice indefinitely.
-
-**SOPA and ACTA were defeated&#8230;**
-
-Online privacy activists quite rightly celebrated when the draconian copyright bill SOPA – and its Euro counterpart ACTA – were put to bed due to strong popular protest. But that doesn't mean the laws these bills tried to implement have gone away. Elements of SOPA have re-emerged in the [Intellectual Property Attache Act][10], which is authored by Lamar Smith, the same congressman who co-authored SOPA. While ACTA has been ratified in Japan and is being [considered for ratification in a number of non-EU countries][11], including the US, Canada and Australia.
-
-<span style="font-size: small;">Image copyright © 2012 by <strong>Tomasz Sienicki</strong> </span>
-
- [1]: http://en.wikipedia.org/wiki/Data_Retention_Directive
- [2]: /blog/germany-the-biggest-defender-of-online-privacy/
- [3]: /blog/australia-prepares-for-new-online-privacy-fight/
- [4]: http://torrentfreak.com/which-vpn-providers-really-take-anonymity-seriously-111007/
- [5]: /blog/when-law-enforcement-knocks-on-a-vpns-door-what-happens/
- [6]: https://www.privacyinternational.org/reports/united-kingdom/ii-surveillance-policies
- [7]: http://en.wikipedia.org/wiki/Stored_Communications_Act#cite_note-Kerr2-1
- [8]: http://digitaldueprocess.org/index.cfm?objectid=37940370-2551-11DF-8E02000C296BA163
- [9]: http://papers.ssrn.com/sol3/papers.cfm?abstract_id=421860
- [10]: http://techcrunch.com/2012/07/10/sopa-intellectual-property-attache-act/
- [11]: http://www.ip-watch.org/2012/09/13/acta-will-it-ever-become-a-valid-international-treaty/?utm_source=post&utm_medium=email&utm_campaign=alerts
\ No newline at end of file
diff --git a/src/content/es/blog/2012-10-18-google-under-pressure-to-change-privacy-policy.md b/src/content/es/blog/2012-10-18-google-under-pressure-to-change-privacy-policy.md
deleted file mode 100644
index bbf6d08b3..000000000
--- a/src/content/es/blog/2012-10-18-google-under-pressure-to-change-privacy-policy.md
+++ /dev/null
@@ -1,52 +0,0 @@
----
-title: Google under pressure to change privacy policy
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-10-18T15:22:00+00:00
-url: /blog/google-under-pressure-to-change-privacy-policy/
-heroImage: /images-static/uploads/Google-privacy.jpg
-thumbnailImage: /images-static/uploads/Google-privacy.jpg
-
----
-Google's new privacy policy may be in breach of EU law according to 30 European data protection commissioners.
-
-The EU has sent [a public letter to Google][1] saying its new privacy policy could be collecting too much data on users and holding that data for too long. Regulators say it's unlcear what Google new privacy policy even is and that it fails to take user privacy seriously at all.
-
-"Google's answers have not demonstrated that your company endorses the key data protection principles of purpose limitation, data quality, data minimization, proportionality and right to object," reads the letter. "Indeed, the Privacy policy suggests the absence of any limit concerning the scope of the collection and the potential uses of the personal data. We challenge you to commit publicly to these principles."
-
-**With great power&#8230;**
-
-The commissioners pointed specifically to Google's storing of cookies and data for between 18 months and two years as possibly being in breach of data protection laws. [The French data protection authority][2] – CNIL - has now requested Google provide users with more detailed control over their personal data. This involves splitting up data controls between different Google services, such as Gmail, YouTube and Google+, rather than lumping them all in together, which is exactly what Google's new privacy policy – [introduced in March][3] – set out to achieve.
-
-The EU paints a worrying picture of Google's increasing access to personal data from across numerous services. According to the CNIL, visits to sites that display a '1+' Google+ button will be stored for at least 18 months, while data collected via DoubleClick ad cookies is stored for two years and can be renewed without consent. The EU said such power and control over user data must be used responsibly.
-
-<p style="padding-left: 30px;">
-  "The new Privacy Policy allows Google to combine almost any data from any services for any purposes. Combination of data, like any other processing of personal data, requires an appropriate legal ground and should not be incompatible with the purpose for which these data were collected. For some of the purposes related to the combination of data and which are further elaborated in the appendix, Google does not collect the unambiguous consent of the user, the protection of the individual's fundamental rights and freedoms overrides Google's legitimate interests to collect such a large database, and no contract justifies this large combination of data. Google empowers itself to collect vast amounts of personal data about internet users, but Google has not demonstrated that this collection was proportionate to the purposes for which they are processed. Moreover, Google did not set any limits to the combination of data nor provide clear and comprehensive tools allowing its users to control it."
-</p>
-
-**Google retaliates**
-
-Yesterday Google co-founder [Larry Page went on the offensive][4], rebutting the EU's claims. Page said it was "sad" that regulators are trying to restrict types of online data collection and that certain Google products would not have been possible with data collection. The co-founder used the example of a potential Android feature that could prevent your phone from interrupting you during a scheduled meeting.
-
-"That's almost a trivial thing to know," said Page. "But for us, solving that problem requires changing our privacy policy, which we've now done," he said. "And now you'll see those kinds of things roll out."
-
-But according to [a New York Times source][4], Google execs "breathed a sigh of relief" at the EU response, as it expected the regulators to implement a much harsher penalty, such as fines and concrete charges that Google broke the law. As it stands the EU is giving Google a loose timeframe of 4 months to change its policy and explain more clearly what exactly it does with the data it collects.
-
-"Google bought some time," said Mark Rotenberg, president of the Electronic Privacy Information Center, adding that the message from European authorities was: "We've been through this before, with companies like Facebook, and they responded. If you choose not to respond, you do so at your own risk."
-
-**No stranger&#8230;**
-
-Of course, Google is no stranger to breaking the law and violating user privacy. As we [outlined a couple of months ago][5], Google has consistently shown complete disregard for user privacy, to the point where it even lied to the FTC about data collection via StreetView, earning itself the biggest fine the regulator has ever imposed. While the EU has made strong criticisms of Google new privacy policy, much of the requests outlined by the CNIL are posed as requests, rather than orders. Such requests are likely to be ignored, or fought against, if we take Google's past behavior into account. But as data protection lawyer [Marc Dautlich told The Guardian][6], Google may be playing with fire.
-
-"If Google's get-out is that it's only being told 'should' rather than 'must', then it becomes a question of trust," said Dautlich. "How does a company purport to be transparent and trusted if they're put to the test and use a legal nicety to avoid it?"
-
- Google is not invulnerable. The more a company proves itself untrustworthy, the more dangerous the PR fallout when things eventually go wrong.
-
- [1]: http://www.bigbrotherwatch.org.uk/files/Art29letter16Oct.pdf
- [2]: http://www.cnil.fr/english/news-and-events/news/article/googles-new-privacy-policy-incomplete-information-and-uncontrolled-combination-of-data-across-ser/
- [3]: http://www.guardian.co.uk/technology/2012/mar/01/google-privacy-policy-analysis?intcmp=239
- [4]: http://bits.blogs.nytimes.com/2012/10/17/larry-page-defends-googles-privacy-policy/
- [5]: /blog/google-can-never-be-trusted-to-protect-your-privacy/
- [6]: http://www.guardian.co.uk/technology/2012/oct/16/google-privacy-policies-eu-data-protection
diff --git a/src/content/es/blog/2012-10-28-top-five-free-online-privacy-tools.md b/src/content/es/blog/2012-10-28-top-five-free-online-privacy-tools.md
deleted file mode 100644
index 4c3b87c9f..000000000
--- a/src/content/es/blog/2012-10-28-top-five-free-online-privacy-tools.md
+++ /dev/null
@@ -1,114 +0,0 @@
----
-title: Top five free online privacy tools
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-10-28T21:22:44+00:00
-url: /blog/top-five-free-online-privacy-tools/
-heroImage: /images-static/uploads/DuckDuckGo.jpg
-thumbnailImage: /images-static/uploads/DuckDuckGo.jpg
-comments:
-  - author: Anonymous
-    date: 2012-10-29T15:42:32+01:00
-    content: |
-      Not seeing I2P on this list makes me wonder&#8230;&#8230;
-  - author: Oh The Shame
-    date: 2012-10-29T20:30:41+01:00
-    content: |
-      So, Hushmail isn't effective unless you, the user, encrypt your emails properly (and the receivers must do the same so they don't send a reply in text form). Otherwise you're putting your trust into hushmails private key, which is stored on their servers. I'm pretty sure they also gave up somebodies information before, too.
-
-      I2P isn't listed on here. Very weird. I2P is ridiculously strong for anonymity. People can also fileshare using I2P which is unlike Tor where filesharing is discouraged.
-
-      Diaspora is basically a dead project. How about bringing some attention to Tent.io? 
-
-      Also, Tor as a VPN? Really? Seriously? uhhuh&#8230;.
-
-      If you're trying to educate the masses on privacy and anonymity -> provide real information presented properly and elegantly explain the basics.
-
-      I wonder about this ivpn stuff. Very odd that you don't know much about privacy and yet host a vpn&#8230;&#8230;&#8230;&#8230; which is not free&#8230;&#8230;. 
-
-      Yikes.
-  - author: Dennis Kügler
-    date: 2012-10-29T21:56:21+01:00
-    content: |
-      Thanks for you suggestions. I've incorporated them into the article. You're right omitting I2P was a bit of an oversight. As you might know if you read this blog I tend to focus on legislative issues around online privacy, rather than privacy tools - so my knowledge may indeed be a little lacking. If anyone else has any ideas that we may have overlooked feel free to suggest them!
-  - author: nr2
-    date: 2012-10-29T22:43:31+01:00
-    content: |
-      Good Guy iVPN. Admits mistakes and corrects them! I usually find posts on here really informative actually
-  - author: UWNThesis
-    date: 2013-05-21T10:25:05+02:00
-    content: |
-      Totally agree with what you've got, but would add a couple of others.
-  
-      1. Search Engine
-    
-      Startpage.com (EU privacy award)
-    
-      Duckduckgo.com
-    
-      Or alternative between both search engines.
-
-      2. Block trackers
-    
-      PrivacyFix.com - PrivacyFix works against your Linkedin, Google and Facebook profiles
-    
-      Ghostery.com 
-
-      3. Easiest encryption for Windows users
-    
-      Kruptos - a free trial is possible, and it's licence by the person, so you can use at home or work
-  - author: uwnthesis
-    date: 2013-07-24T15:03:45+02:00
-    content: |
-      If anyone is interested in Privacy Tools, then an awesome starting place is Prism Break.
-  
-      It includes free private cloud, anti tracking, private email etc.
-  
-      <a href="https://prism-break.org/" rel="nofollow ugc">https://prism-break.org/</a>
-  - author: Burung Hantu
-    date: 2015-03-29T06:06:16+02:00
-    content: |
-      Hi Dennis, great article. This is definitely a good source of privacy related tools. But I wouldn't recommend Ghostery anymore, instead HTTPS Everywhere, Request Policy and NoScript. I've created a website a couple of days ago about privacy tools here: <a href="http://www.privacytools.io/" rel="nofollow ugc">http://www.privacytools.io/</a> and IVPN is also on the list. Bye
-
----
-Although maintaining complete anonymity on the internet is very difficult, there are plenty of tools and alternative services out there that can help protect your personal data. Below we've listed five of our favorite services and tools that are privacy conscious. Of course, using the below suggestions will not guarantee 100% protection from privacy intrusions, but they're a good place to start!
-
-
-**Duck Duck Go**
-
-If you want to get out of the Google eco-system then the first thing you'll want is a search engine alternative. You can find big brand alternatives such as Bing and Excite, but [DuckDuckGo][1] is one of the few search engines that takes user privacy seriously. DuckDuckGo promises that it won't track users or  employ filter bubbles - tailoring your search results based on your account history. This anti-Google attitude has been gaining DuckDuckGo a great deal of publicity and the search engine recent broke the million visitors per day milestone. DuckDuckGo also offers a bunch of handy tools such as metric conversions, common calculations and stock price info.
-
-**Ghostery**
-
-[Ghostery][2] is an add-on that originally launched on Mozilla's Firefox browser and is now available for Chrome, IE and Opera (as well as a standalone app for iOS). Along with [DoNotTrack][3], Ghostery is one of the best privacy-orientated add-ons available for browsers. Ghostery essentially blocks tracking from ad-companies via cookie blocking and cookie protection. The add-on also gives you a list of all the ad networks, data companies and publishers tracking your browser on any given page. It's a great tool, but it can cause some pages to load incorrectly and mess-up social sharing buttons (if you're into that kind of thing).
-
-**Hushmail**
-
-If you're looking for an email service that takes privacy seriously [HushMail][4] is a good option. However it's not perfect. Hushmail has to comply with court-ordered warrants from law enforcement, just like any other email provider (and it drew a lot of criticism for this). If you want more privacy over the content of your emails then you can use Mozilla Thunderbird in combination with an [encryption tool like Enigmail][5]. There's also [Lavabit][6], which promises a privacy-orientated email service, but its servers are located in the US, which some say has less-stringent requirements for law enforcement access than Canada, where Hushmail is located.
-
-**Diaspora**
-
-[Diaspora][7] was originally billed as a Facebook-killer back in 2010 when it first started out. That scenario is looking ever more unlikely, as the project was fraught with difficulties while Facebook has gone from strength-to-strength. Nevertheless, if you're looking for a social network that gives you control of your personal data – via a decentralised network - then Diaspora still a good choice. You could also [try Friendica][8] as another privacy-orientated social network. A user in the comments section also recommends the decentralised social network [Tent][9].
-
-**Tor**
-
-Of course, you're not really anonymous online unless you use a VPN of some sort to shield your IP address. [Tor is a free VPN][10] that's aimed at protecting people from state-level privacy intrusions. Tor is a great way to protect yourself online, but it isn't perfect. The main problem is it allows anyone to set-up 'entry' and 'exit' nodes, through which your data travels (most people setting up nodes have good intentions, but if you don't know who they are then how can you trust them not to spy on your traffic?). The other problem with TOR is that it generally offers slower speeds than a privately run VPN. Of course, we have to shamelessly toot our own horn here [and recommend IVPN][11] if you're looking for a paid privacy-orientated VPN, with no bandwidth restrictions.
-
-**I2P**
-
-Yes we know the headline says top 5, but as commentators have pointed out, omitting I2P is a bit of an oversight. [I2P is an overlay network][12] that allows other software to use it for anonymous communication, including web browsing, sending messages, blogging and file transfers. It's compatible with BitTorrent clients such as Vuze and the I2P instant messenger. I2P is currently in Beta, but the developers say the code is stable enough for use.
-
- [1]: http://duckduckgo.com/
- [2]: http://www.ghostery.com/
- [3]: http://donottrack.us/
- [4]: http://www.hushmail.com/
- [5]: http://www.enigmail.net/home/index.php
- [6]: http://lavabit.com/
- [7]: http://diasporaproject.org/
- [8]: http://friendica.com/
- [9]: https://tent.io/about
- [10]: https://www.torproject.org/
- [11]: /
- [12]: http://www.i2p2.de/
diff --git a/src/content/es/blog/2012-11-03-71-of-brits-dont-trust-governments-new-cyber-security-bill.md b/src/content/es/blog/2012-11-03-71-of-brits-dont-trust-governments-new-cyber-security-bill.md
deleted file mode 100644
index 63e7c4c38..000000000
--- a/src/content/es/blog/2012-11-03-71-of-brits-dont-trust-governments-new-cyber-security-bill.md
+++ /dev/null
@@ -1,56 +0,0 @@
----
-title: 71% of Brits don't trust government's new cyber security bill
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy", "Security"]
-draft: false
-date: 2012-11-03T12:37:15+00:00
-url: /blog/71-of-brits-dont-trust-governments-new-cyber-security-bill/
-heroImage: /images-static/uploads/uk-flag.jpg
-thumbnailImage: /images-static/uploads/uk-flag.jpg
-comments:
-  - author: Gerry O'Dowd
-    date: 2012-12-11T10:51:53+01:00
-    content: |
-      Re the UK Communications Capabilities Development Programme:-
-
-      There is now an official epetition site:-
-
-      <a href="https://petition.parliament.uk" rel="nofollow ugc">https://petition.parliament.uk</a>
-
----
-The UK government is edging ever closer to passing its draconian communications data bill, but new research from YouGov shows that the British public do not trust the coalition when it comes to keeping its private online data safe.
-
-According to research [published by YouGov and Big Brother Watch][1], 71% of people say they do not trust that their online data will be kept secure and just 6% think the government has made a "clear and compelling argument" for the bill.
-
-In case you haven't been paying attention, under the proposed Communications Capabilities Development Programme (CCDP) the government agency responsible for monitoring communications (the GCHQ) [will be able to demand that ISPs hand over details on what websites you're visiting and who you're sending emails to][2], without any court orders or warrants. Under this law, all that stands between you and your online privacy is the idle suspicions of a civil service bureaucrat, who doesn't have to go through a single independent check in order to look at your web-browsing history (although some say [this has always been the case in the UK anyway][3]).
-
-The bill will also allow law enforcement to monitor details of messages sent on social media and gaming platforms, such as Xbox Live and World of Warcraft. While the bill won't let agencies read the content of emails, it does let them monitor who they've been sent to and when.
-
-**Idle threats**
-
-The Home Office has gone through virtually every threat it can think of to try and convince the public that the CCDP is necessary. It started off back in April by saying the CCDP would help prevent peadophiles from carrying out crimes. In fact Home Secretary Theresa May, went as far as to [cite the case of convicted child killer Ian Huntley][4], despite the fact that her bill would not have prevented the Soham murders.
-
-May is trying to scare monger yet again. This time she's [saying that the CCDP will directly help save lives][5]. Appearing in front of a panel of MPs on Thursday, May said out of 30,000 estimated cases last year where the police made an urgent request for communications data, between 25% and 40% of them resulted in lives being saved.
-
-But as Big Brother Watch points out, these figures look inflated. Twenty five percent of 30,000 is 7,500, whereas the latest figures for murders between 2011 and 2012 was just 550. May didn't say where exactly she's got her data from.
-
-But the PR assault doesn't end there. On Tuesday the Chief Constable of Greater Manchester Police said the CCDP would [help police infiltrate criminal gangs and cut down on gang violence][6]: "Up to now we have been able to use the more readily available communications data but criminals are realising that and moving to new technology and platforms," said the Chief Constable. "We already have specific examples of them using new platforms to defeat us."
-
-**No debate**
-
-The problem is the police, by their very nature, will want to use every tool available to them to make their jobs easier, without regard for the privacy of the population. You only have to look at [the recent hearings in Australia concerning][7] their proposed communication reforms to see law enforcement isn't even satisfied with a 2 year data retention law (rather they want ISPs to hold onto your web browsing history indefinitely).
-
-The UK government doesn't even see room for negotiation on the CCDP. Theresa May told the committee the government is fully committed to the draft bill and – according to the BBC - it would only be prepared to "look at its wording in certain areas" so it doesn't lead to "misinterpretation".
-
-So there you have it. Despite the overwhelming public opposition to the CCDP, the government intends to plow ahead regardless, only stopping to tinker with the wording to make it more PR-friendly. Make your voice heard, [38 Degrees has a petition page right here][8] and [Avaaz has another going][9]. Better yet write a letter to your local MP and let them know in clear terms that the CCDP is an infringement upon your online privacy.
-
- [1]: http://www.bigbrotherwatch.org.uk/home/2012/10/public-dont-trust-snoopers-charter-and-say-its-a-waste-of-money.html#.UJULtBKP8xA
- [2]: http://www.bbc.co.uk/news/uk-politics-17590363
- [3]: http://www.bigbrotherwatch.org.uk/home/2012/06/communications-data-bill-misdirection.html#.UJULvxKP8xA
- [4]: http://www.bbc.co.uk/news/uk-politics-17576745
- [5]: http://www.bbc.co.uk/news/uk-politics-20157059
- [6]: http://www.bbc.co.uk/news/uk-politics-20141737
- [7]: /blog/australian-data-retention-debate-heats-up/
- [8]: https://secure.38degrees.org.uk/page/s/stop-government-snooping#petition
- [9]: http://www.avaaz.org/en/stop_the_big_brother_law_a/?vc
diff --git a/src/content/es/blog/2012-11-09-want-to-know-how-much-your-personal-data-is-really-worth.md b/src/content/es/blog/2012-11-09-want-to-know-how-much-your-personal-data-is-really-worth.md
deleted file mode 100644
index 5037aa084..000000000
--- a/src/content/es/blog/2012-11-09-want-to-know-how-much-your-personal-data-is-really-worth.md
+++ /dev/null
@@ -1,37 +0,0 @@
----
-title: Want to know how much your personal data is really worth?
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-11-09T15:17:06+00:00
-url: /blog/want-to-know-how-much-your-personal-data-is-really-worth/
-heroImage: /images-static/uploads/facebook-privacy.jpg
-thumbnailImage: /images-static/uploads/facebook-privacy.jpg
-
----
-A recent study from business strategists The Boston Consulting Group, has underscored the growing importance and value of online personal data for businesses. The report titled '[The Value of Our Digital Identity][1]', says the total value extracted from European consumers' personal data in 2011 was 315 billion euros and that figure is predicted to grow to a staggering 1 trillion euros annually by 2020.
-
-### Booming business
-
-Now this report isn't aimed at privacy advocates - it's been written in order to promote the personal data industry to business leaders - but it's well worth a read. The above figures are pretty startling and neatly demonstrate how the consumer is becoming the product in a rapidly booming market. Boston Consulting's senior researcher and report author, [John Rose, says that][2] "leveraging personal data" and digital identities can be a "key growth driver in an overall stagnant European economy." According to the consultants, personal data will be potentially worth up to 8% of Europe's total GDP by 2020.
-
-The report also found that the amount of available personal data is growing rapidly. By 2015 Boston Group says there will be 7 zettabytes of data available to marketers, which is roughly 1,000 gigabytes for every person on the planet. This is aided by "rapidly improving" ability to process and analyse that data.
-
-While Rose identifies social media sites as the primary drivers of growth, he also notes that 'the internet of things' will play a big role in expanding the types of data collected, with over 75 million connected devices in Europe by 2015.
-
-The other trend leading to increased data variety is the "Internet of things,"" reads the report. "In-product sensors that can "call home" via the Internet and relay usage data are becoming increasingly prevalent. Automobiles, home appliances and energy meters are among the traditional product categories that have – or soon will have – integrated links to the Internet. Not including phones or PCs, we expect to see an additional 75 million devices with direct connections to the Internet in Europe by 2015.4 "
-
-Thankfully the report does mention the importance of establishing user trust and operating data collection policies in a transparent way. But it also found that of the 3,000 European consumers questioned, only 30% had "a relatively comprehensive understanding of which sectors were collecting and using their information. "
-
-### Data-mining equals growth
-
-As I've said many times before on this blog, companies such as Google and Facebook derive the majority of their revenue from your personal data. Ninety six per cent of [Google's 37.6 billion revenue in 2011 was from advertising][3]. So the sure-fire quick way for Google to expand its business and deliver value to share-holders is to increase its data-mining activities, in order to create more a more effective service for advertisers.
-
-This is compounded by the lack of competition against Google and Facebook. These companies are pretty much monopolies. Not only is there few privacy-orientated alternatives to Facebook, but there's also worrying signs that [there's no alternative to not join Facebook!][4] This creates an environment ripe for abuse and we don't even have to speculate. Just [take a look at Google's track record so far][5]. The company has illegally collected personal data and lied to governments about its activity. The personal data industry may represent a great opportunity for businesses as Boston Consulting points out, but it also represents a big threat to online anonymity and personal privacy.
-
- [1]: http://www.lgi.com/PDF/public-policy/The-Value-of-Our-Digital-Identity.pdf
- [2]: http://www.ft.com/intl/cms/s/0/5fd7d8a8-28e5-11e2-b92c-00144feabdc0.html#axzz2BjZlKp6N
- [3]: http://venturebeat.com/2012/01/29/google-advertising/
- [4]: http://www.forbes.com/sites/kashmirhill/2012/08/06/beware-tech-abandoners-people-without-facebook-accounts-are-suspicious/
- [5]: /blog/google-can-never-be-trusted-to-protect-your-privacy/
\ No newline at end of file
diff --git a/src/content/es/blog/2012-11-19-uk-online-communications-crackdown-a-brief-round-up.md b/src/content/es/blog/2012-11-19-uk-online-communications-crackdown-a-brief-round-up.md
deleted file mode 100644
index a71ae2c38..000000000
--- a/src/content/es/blog/2012-11-19-uk-online-communications-crackdown-a-brief-round-up.md
+++ /dev/null
@@ -1,47 +0,0 @@
----
-title: 'UK online communications crackdown: A brief round-up'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-11-19T20:55:58+00:00
-url: /blog/uk-online-communications-crackdown-a-brief-round-up/
-heroImage: /images-static/uploads/uk-flag.jpg
-thumbnailImage: /images-static/uploads/uk-flag.jpg
-
----
-Last week a man was arrested in the UK for [posting an image of a burning paper poppy][1] to Facebook, in just the latest incident of what appears to be a growing crackdown on free speech and internet freedoms in the UK. [Figures obtained by the Associated Press][2] through a freedom of information request show a steady rise in prosecutions for electronic communications deemed "grossly offensive or of an indecent, obscene or menacing character". There were 1,263 prosecutions in 2009, rising to 1,843 in 2011.
-
-Convinctions rose from 873 in 2009 to 1,286 last year. Lawyers and activist groups – such Index on Censorship and Reform Section 5 – say the UK has serious problem trying to regulate 21st century communications with laws made during the 20th century, while the director of public prosecutions, Keir Starmer QC, [says he'll launch a public consultation][3] discussing guidelines on how to deal with abusive comments on social media sites.
-
-Below is a quick round-up of all the arrests that have been made over offensive online comments in the UK in 2012. Given the quoted stats above, the actual number of arrests is probably higher, but we can only mention the ones that have made headlines (if you think we've missed something, let us know in the comments). Obviously no one wants to defend offensive, racist or homophobic messages. All of the people below deserve to be ridiculed and in some cases reviled. But they shouldn't be silenced by the state. There's no point in defending free speech unless you apply it to everyone, regardless of whether or not you find what they say offensive, or not.
-
-** UK crackdown on internet freedoms: Arrests made in 2012**
-
-**Linford House** – 19 year-old Linford House from Kent [was arrested under the Malicious Communications ac][4]t for posting a picture of a burning poppy on Facebook, allegedly with the comment 'How about that you squadey \***s'. House was arrested on November 12 and spent at least two nights behind bars. I could not find any information on whether he's being prosecuted.
-
-**Daniel Thomas** – Back in July 28 year old footballer Daniel Thomas was [arrested for a making homophobic comment][5] about UK Olympic divers Tom Daley and Peter Waterfield. Thomas, who said the comments were a prank played on him by friends, was suspensed from his football club but escaped prosecution.
-
-**Reece Messer** – In August 17-year old [Reece Messer was arrested][6] for tweeting that Tom Daley had "let his father down" during the Olympics (Daley's father is deceased). Messer, whose father says suffers from behavior problems, was not prosecuted.
-
-**Liam Stacey** – Liam Stacey made a series of racist tweets in March against professional footballer Fabrice Muamba, moments after he had collapsed on pitch from a heart attack. [Stacey was arrested and charged][7] with breaching section 4A of the Public Order Act 1986. He spent 56 days in jail.
-
-**Joshua Cryer** – In March 21 year-old student Joshua Cryer was sentenced to 240 hours of community service for [sending racist tweets to footballer Stan Collymore][8]. Cryer was found to be in breach of section 127 of the Communications Act.
-
-**Matthew Woods** – 19-year old Matthew Woods was jailed for three months in October f[or posting jokes about missing child April Jones on Twitter][9]. One of the jokes read "Who in their right mind would abduct a ginger kid?"
-
-**Azhar Ahmed** – In March 20-year old Azhar Ahmed made a Facebook post demanding justice for dead Afghani civilians and saying all British soldiers should "die & go to hell". Ahmed apologised and deleted the message after receiving criticism over Facebook. [But he was later arrested and, last month, was sentenced to 240 hours of community service][10].
-
-**Neil Swinburne** – Last month 22 year-old [Neil Swinburne was arrested][11] for setting up a Facebook page praising the murderer of police officers Fiona Bone and Nicola Hughes. If found guilty under the Communications Act 2003, Swinburne faces a six month jail sentence.
-
- [1]: http://www.guardian.co.uk/uk/2012/nov/12/kent-man-arrested-burning-poppy
- [2]: http://news.yahoo.com/uk-twitter-facebook-rants-land-jail-081322573--finance.html
- [3]: http://www.guardian.co.uk/media/2012/sep/20/dpp-prosecutions-facebook-twitter-abuse
- [4]: http://www.nzherald.co.nz/world/news/article.cfm?c_id=2&objectid=10847187
- [5]: http://www.bbc.co.uk/news/uk-wales-19661950
- [6]: http://www.dailymail.co.uk/news/article-2183494/Tom-Daleys-Twitter-troll-Reece-Messer-lives-benefits-bedsit-father-11-children.html
- [7]: http://www.telegraph.co.uk/sport/football/9169038/Student-jailed-over-Fabrice-Muamba-tweet.html
- [8]: http://www.guardian.co.uk/technology/2012/mar/21/man-racially-abused-collymore-twitter-spared-prison
- [9]: http://www.guardian.co.uk/uk/2012/oct/08/april-jones-matthew-woods-jailed
- [10]: http://blog.indexoncensorship.org/2012/03/13/facebook-offence-azhar-ahmed/
- [11]: http://www.dailymail.co.uk/news/article-2206043/Neil-Swinburne-22-arrested-Dale-Cregan-Facebook-tribute-page.html
diff --git a/src/content/es/blog/2012-11-25-europeans-more-concerned-about-online-privacy-than-canadians.md b/src/content/es/blog/2012-11-25-europeans-more-concerned-about-online-privacy-than-canadians.md
deleted file mode 100644
index d204af6d4..000000000
--- a/src/content/es/blog/2012-11-25-europeans-more-concerned-about-online-privacy-than-canadians.md
+++ /dev/null
@@ -1,35 +0,0 @@
----
-title: Europeans more concerned about online privacy than Canadians?
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-11-25T21:14:17+00:00
-url: /blog/europeans-more-concerned-about-online-privacy-than-canadians/
-heroImage: /images-static/uploads/Flag_of_Canada.svg_.png
-thumbnailImage: /images-static/uploads/Flag_of_Canada.svg_.png
-
----
-Two interesting online privacy-related surveys were published earlier this week. One was conducted in Europe by data management company TRUSTe and the other in Canada by the Canadian Advertising Standards industry regulator. Although the two surveys covered slightly different topics, the way they were reported in the press suggested that Europeans are more concerned about online privacy and tracking than Canadians. But is that really the case?
-
-Lets start with the [TRUSTe survey conducted by Ipsos MORI][1] in France, Germany, UK and Netherlands. According to TRUSTe, EU companies are heavily tracking online behavior and, despite a relatively high awareness amongst EU consumers of this activity, only a minority of companies seek consent before dropping cookies into browsers. French companies were apparently the worst offenders with on average nine 3rd party cookies per homepage, followed by Great Britain with eight, Germany with six and Netherlands with five.
-
-The report also found that 71% of French respondents were very concerned about their privacy online compared with 69% in Great Britain, 62% in Germany and 48% in the Netherlands. 79% of Dutch respondents were aware that the EU Cookie Directive law requires companies to get permission to track you online, compared with 63% in Great Britain, 51% in Germany and 26% in France. 53% of French respondents expect companies to comply, yet 44% plan to only visit websites of companies who comply with the EU Cookie Directive.
-
-**Canadians willing to trade personal data**
-
-But [Canada's ad industry survey][2] appears to paint a much rosier picture of the relationship between online advertisers and internet users. The poll, compiled by research firm McCann Truth Central, found that 73% of Canadians were aware of online ad tracking, but a majority (53%) said they were willing to share personal data, including location data, to obtain a benefit. Furthermore, 79% of Canadians are happy to share their shopping data, which includes the websites they shop on and the items they buy. However, 56% of Canadians say one of the most important things is that a company does not pass information on to any third parties without specifying that it intends to do so. 48% want to know exactly how their data is going to be used.
-
-Here's what the author of the Canadian report, Laura Simpson, concludes: "Canadians are well aware of the various ways they trade data with brands and businesses, and even how this data is used. Consumers are increasingly willing to trade privacy for clear benefits and become what we call the 'savvy shopper'."
-
-Contrast this with a quote from TRUSTe's survey by managing director Danilo Labovic: ""This research shows that there is a significant gap between consumer expectations and the experience provided by most companies&#8230;. they have high levels of privacy concerns and across all four countries, an average of 83%* thought that companies should get their permission before tracking them online."
-
-**Real difference or just spin?**
-
-Now, if you ask me, there's not that much difference between the TRUSTe survey's findings and the Advertising Standards Canada findings. Both Canadians and Europeans are aware of ad tracking and they want to know how they're data is being used, but if transparency is in place then they don't mind companies using the data.
-
-But take a cursory look at the headlines generated from both surveys. On the one hand you've got the Calgary Herald saying "Canadians not worried about targeted ads" and the other you've got TRUSTe putting out press releases titled ["EU Companies out of step with consumer concerns"][3]. Why is this? Well, Canada's Advertising Standards is not an independent regulator, therefore it has a vested interest in suggesting Canadians don't care about online ads, whereas TRUSTe – as you may already know – is in the business of data privacy. So you've got two very similar sets of results coming out in the same week, but being spun by public relation departments in two different ways. When in actual fact, both Canadians and Europeans seem pretty uniform in their attitude to online tracking and targeted ads.
-
- [1]: http://www.truste.com/eu-compliance-tracking-awareness-index/
- [2]: http://www.adstandards.com/en/Events/201211TruthAboutPrivacyTorontoMontreal-archived.asp
- [3]: http://www.wallstreet-online.de/nachricht/5047805-eu-companies-out-of-step-with-consumer-concerns-over-online-tracking
diff --git a/src/content/es/blog/2012-12-03-oppose-the-uks-spying-bill-youre-siding-with-paedophiles.md b/src/content/es/blog/2012-12-03-oppose-the-uks-spying-bill-youre-siding-with-paedophiles.md
deleted file mode 100644
index cb7aeba7e..000000000
--- a/src/content/es/blog/2012-12-03-oppose-the-uks-spying-bill-youre-siding-with-paedophiles.md
+++ /dev/null
@@ -1,47 +0,0 @@
----
-title: Oppose the UK's spying bill? You're siding with paedophiles…
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-12-03T17:23:53+00:00
-url: /blog/oppose-the-uks-spying-bill-youre-siding-with-paedophiles/
-heroImage: /images-static/uploads/800px-Hdr_parliament.jpg
-thumbnailImage: /images-static/uploads/800px-Hdr_parliament.jpg
-comments:
-  - author: bitgal
-    date: 2012-12-05T06:34:42+01:00
-    content: |
-      You guys are kidding - you say "we care about privacy and go on and on about privacy" but then you only accept paypal - the most anti-privacy payment system available? What about bitcoin? What about some payment system that is not falling over itself to hand over your info to anyone official looking. Please address this fatal flaw in your business offering.
-
----
-The UK's home secretary, Theresa May, has made her most outrageous defense of the Communications Capabilites Development Programme yet, saying that anyone who opposes the bill - which allows police to monitor email communications and web browsing - is siding with "criminals, terrorists and paedophiles". May made the comments in this morning's edition of The Sun newspaper, which [ran a feature filled with scaremongering][1] and propaganda designed to counteract the bad publicity attracted by what's become dubbed the ['Snooper's Charter',][2] which was officially announced in spring. May told The Sun: "Criminals, terrorists and paedophiles will want MPs to vote against this bill. Victims of crime, police and the public will want them to vote for it. It's a question of whose side you're on."
-
-**Preventing terrorism**
-
-May again made completely unsubstantiated claims that the surveillance powers offered by the CCDP could've stopped the 7/7 terrorist attacks on the London Underground. She added that "anyone who is against this bill is putting politics before people's lives."
-
-But as it's been pointed out numerous times before, this is a complete fallacy. Here's what the [inquest said][3] about the phone communications between the terrorists, who carried out the suicide bombings back in 2007: "It is unlikely these could have been detected by surveillance given the large number of untraceable "operational" phones used by the bombers and only attributed to them once their identities and details were known."
-
-Theresa May went even further in her exploitation of national sentiment by saying the CCDP could have prevented the recent murders of police officers [Nicola Hughes and Fiona Bone][4].
-
-"The shootings of Nicola Hughes and Fiona Bone brought everybody up sharp to show the extent of the problem that can be caused by criminals," said Mat "&#8230;The people who say they're against this bill need to look victims of serious crime, terrorism and child sex offences in the eye and tell them why they're not prepared to give the police the powers they need to protect the public.
-
-But as [Big Brother Watch][5] points out, the slain officers were responding to a routine burglary. How could data on personal email communications or web logs help in such a case? "Are we now saying before responding to routine calls, police officers will be expected to check the website browsing, social media messages and emails of every individual in the vicinity?" It's utterly ridiculous.
-
-**Opposition mounts**
-
-May's comments come after one of the major UK political parties finally suggested serious opposition to the bill. According to reports, Liberal Democrat leader Nick Clegg - who is a coalition government with the Conservative party - [wants to distance himself from the CCDP][6]. Some Lib Dems [already said they would oppose the bill][7] in its current form, but without the support from the Labour party, which has remained silent on the issue (and has [pretty poor form][8] when it comes to online privacy), it would take a firm and united stand from the Lib Dems to kill the bill outright.
-
-But judging from Theresa May's comments today, this battle is going to get more and more ugly. Sadly simple-minded scare tactics, and labeling opponents as paedophile-sympathisers, is what passes for honest and open debate in the mind of the Home Office.
-
-_<span style="font-size: small;">Image credit: Graeme Maclean</span>_
-
- [1]: http://www.thesun.co.uk/sol/homepage/news/politics/4678082/Track-crime-on-net-or-well-see-more-people-die.html
- [2]: /blog/uk-online-spying-law-how-to-resist/
- [3]: http://image.guardian.co.uk/sys-files/Guardian/documents/2011/05/06/rule43-report.pdf
- [4]: http://en.wikipedia.org/wiki/Deaths_of_Nicola_Hughes_and_Fiona_Bone
- [5]: http://www.bigbrotherwatch.org.uk/
- [6]: http://www.guardian.co.uk/world/2012/nov/29/nick-clegg-distances-lib-dems-snooper-charter
- [7]: http://www.libdemvoice.org/tales-from-the-webinar-julian-huppert-on-civil-liberties-and-communications-data-30210.html
- [8]: http://news.bbc.co.uk/2/hi/uk_news/politics/8020039.stm
diff --git a/src/content/es/blog/2012-12-07-uk-public-data-under-threat-from-us-patriot-act.md b/src/content/es/blog/2012-12-07-uk-public-data-under-threat-from-us-patriot-act.md
deleted file mode 100644
index b893df445..000000000
--- a/src/content/es/blog/2012-12-07-uk-public-data-under-threat-from-us-patriot-act.md
+++ /dev/null
@@ -1,41 +0,0 @@
----
-title: UK public data under threat from US Patriot Act
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-12-07T16:01:04+00:00
-url: /blog/uk-public-data-under-threat-from-us-patriot-act/
-heroImage: /images-static/uploads/us-uk_flag_408x212.jpg
-thumbnailImage: /images-static/uploads/us-uk_flag_408x212.jpg
-
----
-The USA's controversial [Patriot Act][1] has just got, well, a lot more controversial. [A recent study][2] by The University of Amsterdam says US government agencies can secretly request US-based cloud storage companies to hand over data they have on foreign citizens. 
-
-**Go-Cloud**
-
-Now this is very interesting for Brits, as the UK government recently launched the [latest iteration of its Go-Cloud portal][3], which is designed to speed-up and facilitate the adoption of cloud services throughout government institutions. Go-Cloud's 'Cloud Store' lists all the government approved vendors who offer SaaS and cloud-storage to everyone from local councils to the Ministry of Defence. You can [head over here and check it out for yourself][4].
-
-After a quick search I managed to find a few US-based companies offering cloud storage solutions to UK institutions. These included big names such as Verizon and Dell, as well as lesser known US-companies with UK branches, such as [Sunguard Availability Services][5]. Both Amazon and Google will be included as service providers in the next phase of Go-Cloud, although interestingly they were denied entry into the programme last month.
-
-It's also worth mentioning [this press release][6], which details how Stratford-on-Avon council has archived over 12 million emails with US company Metalogix, and that US start-up CipherCloud is currently [working with an unnamed central government departmen][7]t. Perhaps more worrying is [PayPal's role delivering][8] a "secure online identity registration service" for the Department of Work and Pensions&#8230;
-
-**Real threat**
-
-The University of Amsterdam study says this information request can be made even if the service provider is subsidiary of a US company. [As TechDirt points out,][9] the revelation has caused a big stir in The Netherlands, where the Dutch Electronic Patient Database is implemented next month. The EPD database is run by a US-based company called CSC, causing Dutch citizens to worry over whether US agencies can now access their medical records.
-
-The Dutch government and CSC are convinced there isn't a problem, telling activists there's stringent data protection laws that guard patient data. But the researchers say that the threat is genuine and has global ramifications. Here's a quote, summarised by TechDirt, from the paper.
-
-_"When using a cloud service provider that is subject to U.S. jurisdiction, data may be requested directly from the company in question in the United States. […] From a legal point of view, access to such information cannot be denied and cloud service providers can give no guarantees in this respect. […] The possibility that foreign governments request information is a risk that cannot be eliminated by contractual guarantees. Nor do Dutch privacy laws offer any safeguards in this respect. […] It is a persistent misconception that U.S. jurisdiction does not apply if the data government requests for information do not apply to Dutch users of the cloud. […] legal protection under specific U.S. laws applies primarily to U.S. citizens and residents. […] Given the nature of intelligence work, it is not possible to gain insight into actual requests for information by the U.S. authorities […] Cloud providers will typically not be able to disclose whether such requests are made"_
-
-Perhaps the UK government has different safeguards than the Dutch government, or perhaps it's taken precautions not to entrust any really sensitive data to US companies. But nevertheless, as with SOPA, it appears that US legislation is once again having big ramifications for the rest of the world&#8230;.
-
- [1]: http://en.wikipedia.org/wiki/Patriot_Act
- [2]: http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2181534
- [3]: http://www.microscope.co.uk/news/2240169375/Government-launches-next-phase-of-G-Cloud-project
- [4]: http://gcloud.civilservice.gov.uk/cloudstore/
- [5]: http://www.sungardas.com/Pages/default.aspx
- [6]: http://www.prweb.com/releases/2012/12/prweb10206667.htm
- [7]: http://www.techweekeurope.co.uk/news/ciphercloud-cloud-security-uk-government-salesforce-101167
- [8]: http://www.techweekeurope.co.uk/news/paypal-universal-credit-government-security-99536
- [9]: http://www.techdirt.com/articles/20121201/12234021198/us-government-agencies-will-soon-be-able-to-access-foreign-medical-dossiers-due-to-patriot-act.shtml
\ No newline at end of file
diff --git a/src/content/es/blog/2012-12-13-160-million-people-affected-by-data-breaches-in-2012.md b/src/content/es/blog/2012-12-13-160-million-people-affected-by-data-breaches-in-2012.md
deleted file mode 100644
index 070fb2e14..000000000
--- a/src/content/es/blog/2012-12-13-160-million-people-affected-by-data-breaches-in-2012.md
+++ /dev/null
@@ -1,51 +0,0 @@
----
-title: 160 million people affected by data breaches in 2012
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Security"]
-draft: false
-date: 2012-12-13T18:51:24+00:00
-url: /blog/160-million-people-affected-by-data-breaches-in-2012/
-heroImage: /images-static/uploads/linkedin_logo.png
-thumbnailImage: /images-static/uploads/linkedin_logo.png
-
----
-Data breaches suffered by private companies and public institutions increased by more than 40% year-on-year in 2012, with over 160 million people having their personal information compromised, according to a new study. The auditing company KPMG says t[here was a total of 835 separate incidences][1] of data breaches this year and deliberate 'hacking' of companies accounted for 67% of the data loss. KPMG claims these figures depict a "shift" from the accidental loss of data to "deliberate theft".
-
-"Several of the world's largest companies have been targeted over recent months by hackers who have grown in sophistication," said a company rep. "It is now not just a lone hacker sitting in their bedroom but, in many cases, serious organisations backed by nation states who are leading this new phenomenon."
-
-KPMG says the biggest sector affected by data loss is media companies – both private and public – followed by bodies such as "clubs, unions and community centres" and then the retail sector. The biggest driver behind the data loss is the theft of "personally identifiable information" (46%), such as names and credit cards, followed by password theft (16%).
-
-Obviously, KPMG has a vested interest in promoting such information as it performs risk audits, but it still begs the question – just how safe is our data? Every year we entrust more and more personal information into the hands of private and public entities and governments are increasingly [gunning for large centralised databases][2].
-
-However, there's little debate in the media over the vulnerability of company and government security systems. Even after the spectacular data breaches carried out by the Lulsec group in 2011, the mainstream media debate remained focused on the criminality of the perpetrators, rather than the weak security of their targets. Are companies and institutions up to the task of providing us with adequate protection over the next few years? We'll have to wait and see. In the meantime check out below for our top five worst security breaches of the year.
-
-**2012's worst data breaches**
-
-**Utah Department of Technology Services**
-
-In March [780,000 individuals had medical information stolen][3] from the Utah Department of Technology Services. Names, medical diagnostic codes, addresses, social security numbers and other information was compromised. Officials believe the theft occurred somewhere in Eastern Europe.
-
-**Wisconsin Department of Revenue**
-
-In spring the Wisconsin Department of Revenue made public [more than 100,000 social security numbers and tax IDs of US citizens][4]. The embarrassing error occurred when an employee embedded the details in a real estate report, which was published on the department's website. The information was public for 3 months before anyone realised.
-
-**Global Payments**
-
-Credit card processing company Global Payments admitted [1.5 million card numbers and other personal information was stolen][5] in a security breach back in February. The Atlanta based company processes more than $120 billion in credit card transactions per year. Visa removed Global Payments from its list of processors following the breach.
-
-**South Carolina Department of Revenue**
-
-Over 3 million unencrypted bank account numbers, social security numbers, credit card details and tax returns [were stolen from the South Carolina Department of Revenue][6] in September. The department declined to say where the attack originated from.
-
-**LinkedIN and eHarmony**
-
-In an attack believed to carried out by the same individual, social network LinkedIn and dating site eHarmony had [millions of account passwords stolen and published online this summer][7]. LinkedIn's hack was the more serious, with 6.4 million passwords accessed, while eHarmony confirmed that 1.5 million user passwords were pinched. 
-
- [1]: http://www.kpmg.com/UK/en/IssuesAndInsights/ArticlesPublications/NewsReleases/Pages/Personal-data-threat-to-millions-as-company-hacking-reaches-new-high.aspx
- [2]: /blog/australian-data-retention-debate-heats-up/
- [3]: http://www.informationweek.com/healthcare/security-privacy/utahs-medicaid-data-breach-worse-than-ex/232900128
- [4]: http://www.huffingtonpost.com/adam-levin/wisconsin-leaks-taxpayer-id-numbers_b_1729239.html
- [5]: http://www.crn.com/news/security/232800136/global-payments-says-1-5-million-credit-card-numbers-stolen.htm
- [6]: http://www.pcworld.com/article/2013186/south-carolina-reveals-massive-data-breach.html
- [7]: http://articles.latimes.com/2012/jun/06/business/la-fi-tn-eharmony-hacked-linkedin-20120606
\ No newline at end of file
diff --git a/src/content/es/blog/2012-12-20-us-boosts-child-online-privacy-law-but-facebook-gets-off-the-hook.md b/src/content/es/blog/2012-12-20-us-boosts-child-online-privacy-law-but-facebook-gets-off-the-hook.md
deleted file mode 100644
index 08e0c9139..000000000
--- a/src/content/es/blog/2012-12-20-us-boosts-child-online-privacy-law-but-facebook-gets-off-the-hook.md
+++ /dev/null
@@ -1,42 +0,0 @@
----
-title: US boosts child online privacy law, but Facebook gets off the hook
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-12-20T15:16:38+00:00
-url: /blog/us-boosts-child-online-privacy-law-but-facebook-gets-off-the-hook/
-heroImage: /images-static/uploads/facebook-privacy.jpg
-thumbnailImage: /images-static/uploads/facebook-privacy.jpg
-
----
-US federal regulators have tightened legislation designed to safeguard children's online privacy. The new laws are designed to give parents more control over what types of data is collected online, and reflect the growing importance and spread of smartphone technology. However, Facebook, one of the biggest online advertisers around, appears to have lobbied its way out of responsibility.
-
-The new regulations cover a number of innovations such as voice recognition technology, GPS and targeted online advertising. [The 1998 Children's Online Privacy Protection Act][1] remains in place, requiring companies to obtain parental permission before sharing or collecting any personal data from under 13 year olds.
-
-[The new rules][2] basically expand the types of data to include location, photos and video and expand the list of service types that the act covers. They also dictate a new and "streamlined" approval process for getting parental consent and close a loophole that allowed child-focused apps and sites to permit third parties to collect personal information without consent. Third party ad companies must also comply with the new rules.
-
-"The Commission takes seriously its mandate to protect children's online privacy in this ever-changing technological landscape," said FTC Chairman Jon Leibowitz. "I am confident that the amendments to the COPPA Rule strike the right balance between protecting innovation that will provide rich and engaging content for children, and ensuring that parents are informed and involved in their children's online activities."
-
-**Third party consent**
-
-However the FTC's own opinion on its new child protection rules doesn't quite match up to the reality of the new laws. Due to heavy lobbying from the likes of Facebook, Disney and other companies with a vested interest in preventing data protection controls, the FTCs regulations have been watered down.
-
-The FTC originally wanted to pin the responsibility of seeking this consent with the services themselves, rather than third parties, such as ad networks and tracking companies. However, [after successful lobbying by Facebook and Verizon][3] among others, such services will only be liable if it can be proved they have "actual knowledge" of third party sites collecting information on children. Furthermore, app stores, such as Google Play and the iOS App Store will not be liable for the child protection practices of any apps sold.
-
-**Facebook's escape**
-
-While the above amendments are somewhat understandable, Facebook in particular appears to have been given a convenient loophole by the FTC to continue marketing at children without any parental consent. [As The Atlantic points out][4], the new rules plainly state that no parental permission is needed "for the sole purpose of supporting the website or online service's internal operations, such as contextual advertising, frequency capping, legal compliance, site analysis and network communications."
-
-For Facebook "[contextual advertising][5]" is basically ads that are tailored to users based on what shows-up in your News Feed. So if you post a status update about Rhianna or Lady Gaga, you may get an ad for the relevant pop star's Facebook page. This is essentially giving the Facebook the ability to create ad profiles on children through the backdoor. Of course, Facebook knows exactly what it's doing here, as back in September it specifically requested the FTC [omit so called "internal advertising" from its new rules][6].
-
-"The Commission should make that understanding explicit in the COPPA Rule by expressly including first-party advertising under the "internal operations" rubric," said Facebook. This clarification further supports the balance created between the Significant demand for free, advertising-supported services, and the expected tailoring of those services."
-
-So all it takes is a bit of lobbying power to escape FTC regulations. Facebook is one of the biggest and fastest growing advertising networks out there and is becoming increasingly embedded in the very mobile technology the FTC wants better regulated - so it seems hamfisted to create a bunch of new laws that largely ignores it. If parents want to opt their kids out of Facebook ads, they'll probably need to opt out of Facebook altogether.
-
- [1]: http://www.ftc.gov/ogc/coppa1.htm
- [2]: http://www.ftc.gov/opa/2012/12/coppa.shtm
- [3]: http://www.washingtonpost.com/business/technology/ftc-releases-landmark-update-to-child-online-privacy-laws/2012/12/19/6afbab30-494f-11e2-820e-17eefac2f939_story.html
- [4]: http://www.theatlanticwire.com/technology/2012/12/new-online-privacy-loophole-lets-facebook-advertise-kids/60195/
- [5]: http://www.insidefacebook.com/2011/03/22/related-adverts-wall-post-status-update-ads/
- [6]: http://mashable.com/2012/09/30/facebook-children-advertising/
\ No newline at end of file
diff --git a/src/content/es/blog/2012-12-26-top-5-online-privacy-trends-in-2013.md b/src/content/es/blog/2012-12-26-top-5-online-privacy-trends-in-2013.md
deleted file mode 100644
index 2738f4b8b..000000000
--- a/src/content/es/blog/2012-12-26-top-5-online-privacy-trends-in-2013.md
+++ /dev/null
@@ -1,59 +0,0 @@
----
-title: Top online privacy trends in 2013
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2012-12-26T18:00:33+00:00
-url: /blog/top-5-online-privacy-trends-in-2013/
-heroImage: /images-static/uploads/2013.jpg
-thumbnailImage: /images-static/uploads/2013.jpg
-comments:
-  - author: anon
-    date: 2012-12-29T16:04:05+01:00
-    content: |
-      As a developer of statistical analysis software I find myself disliking what the tubes are becoming more and more every day. Reports of md5 (or worse plaintext) DB dumps from simple injection exploits makes me feel extremely uneasy. Too many people use the same password everywhere and have no idea that one leaked md5 could destroy their entire online life (especially those who post images of themselves 'privately').
-
-      I do like what disconnect.me is doing with their 'Collusion' software but the problem is more than just cookies and weak / reused passwords. Just the other day I caught someone publicly tweeting 'Hey gimme a call ###-###-#### I'm boreeeeed' (I can verify the number posted was in fact hers)&#8230; I immediately sent a text suggesting to delete the tweet and never do that again. 
-
-      Another huge issue I find is that most social media users simply do not care / understand the possible repercussions of freely posting everything and anything online. After reading books such as 'We Are Anonymous' (Parmy Olson) and seeing the types of social engineering people do for kicks caused heavy concern for my less computer savvy friends and family.
-
-      The solution is educate, not legislate. People will always do things that are illegal, the very fact that it's illegal will entice them to do such things as exploiting weak systems to obtain lists of users / passwords. Educating computer users that : 1) once it's on the internet (private or not, including password protected content) it will be there forever somewhere and someone can find it eventually. 2) If it sounds to good to be true I guarantee it is. There is no place that will give you an iPad for filling out a form. 3) If something is free, YOU are the product - no exceptions. 4) SSL is easy to break (google sslstrip) - do not publish content / login to accounts over public Wi-Fi (wikipedia MITM). 5) Posting your real name / info anywhere is always risky - I somewhat trust Amazon and Google (though I shudder to think what Google has on me). Be careful guys, the internets are serious business.
-
----
-As 2012 draws to a close we take a look back at what we think will be the top five threats to online privacy over the coming year. Think we've missed something out? Let us know in the comments below. 
-
-**1. Backdoor copyright legislation**
-
-2012 was a pretty momentous year when it came to defeating copyright legislation that would've had a disastrous effect on online privacy and online freedoms. Both SOPA and ACTA sparked some of the biggest popular protests over internet issues ever seen.
-
-The result was a win for activists, but it also meant that – like common criminals – the copyright lobby and legislators were forced to 'go underground' and try to get their legislation [implemented through less conspicuous means][1]. A good example of this [is the Trans Pacific Partnership][2], which has shoehorned-in a great deal of SOPA-inspired legislation. Once one or two major economies implement such copyright laws, it will give lobbyists more leverage to get them implemented in other territories.
-
-**2. Data breaches**
-
-Given the spread of online data mining and increased value in online information, data breaches suffered by private and public entities are only going to become more common and more serious, until companies and governments alike take the issue seriously. Unfortunately that doesn't seem likely in 2013, given the r[ecord number of embarrassingly big data breaches in 2012][3], which compromised a range of personal data, from health records and social security numbers, to credit information.
-
-**3. Online security legislation**
-
-While online copyright lawyers will attempt to sneak their way through the back door, governments are using scare tactics to push through legislation designed to make it easier to spy and collect data on citizens. As we saw recently with the UK's [Communications Capabilities Development Programme][4], governments will go as far as [branding anyone concerned about online surveillance "paedophiles or terrorists"][5]. What happens in places like the UK over the coming months will surely have repercussions elsewhere. Many [other countries are coming under pressure from their law enforcement agencies][6] to update communications legislation that was designed for a different age. Such legislation definitely does need updating, but unless citizens remain vigilant, law enforcement will take this opportunity to increase their powers of surveillance on an unprecedented scale.
-
-**4. State cyber warfare**
-
-As online systems grow in strategic and economic importance for both private and government entities, online espionage will increase, with repercussions for individual online privacy. When it comes to espionage perpetrated by governments, we've already seen [operation 'The Olympic Games'][7] spawn viruses such as Stuxnet, Flame and Duqu and there's bound to be more where that came from. Away from the occidental, there's also the perceived [threat from major Chinese telcos ZTE and Huawei][8], which are busy winning communications infrastructure contracts in western countries. Whether such fears are justified, and what they mean for individual online privacy, remains to be seen.
-
-**5. Mobile platforms and advertising**
-
-The penetration of smartphones and the mobile internet subscriptions is only set to increase. Obviously, in a physical sense, the more connected devices you have the bigger the potential risk that your personal data will fall into the wrong hands. But perhaps a bigger issue to watch is the growing importance of mobile advertising. So far the mobile ad industry has been hamstrung by a number of [problems regarding tracking][9], but these problems are [fast becoming overcome][10]. Another sign of a possible boom in mobile advertising is [the positive results from Facebook's rollout of mobile ads earlier in the year.][11] Once advertisers decide to heavily invest in mobile, you can expect more pressure on services and platforms to leverage mobile's unique features – such as geo-location – in order to boost advertiser ROI. What effect this has on your privacy and personal data is up to regulators such as the FTC, who just a few days ago [showed how vulnerable they are to determined lobbying][12].
-
- [1]: /blog/acta-and-sopa-back-from-the-dead/
- [2]: http://www.salon.com/2012/10/23/everything_you_wanted_to_know_about_the_trans_pacific_partnership/
- [3]: /blog/160-million-people-affected-by-data-breaches-in-2012/
- [4]: /blog/uk-online-spying-law-how-to-resist/
- [5]: /blog/oppose-the-uks-spying-bill-youre-siding-with-paedophiles/
- [6]: /blog/australian-data-retention-debate-heats-up/
- [7]: http://www.forbes.com/sites/richardstiennon/2012/06/04/operation-olympic-game-project-x-and-the-assault-on-the-it-security-industry/
- [8]: http://www.bbc.co.uk/news/business-19867399
- [9]: http://www.mobyaffiliates.com/blog/the-end-of-udids-what-it-means-for-mobile-advertising/
- [10]: http://gigaom.com/2012/11/15/whats-working-in-mobile-advertising-and-what-might-work-in-the-future/
- [11]: http://techcrunch.com/2012/06/19/facebook-mobile-ads/
- [12]: /blog/us-boosts-child-online-privacy-law-but-facebook-gets-off-the-hook/
diff --git a/src/content/es/blog/2013-01-21-the-uks-top-5-anti-online-privacy-politicans.md b/src/content/es/blog/2013-01-21-the-uks-top-5-anti-online-privacy-politicans.md
deleted file mode 100644
index 723ea0519..000000000
--- a/src/content/es/blog/2013-01-21-the-uks-top-5-anti-online-privacy-politicans.md
+++ /dev/null
@@ -1,67 +0,0 @@
----
-title: UK's Top five Worst Anti-Online Privacy Politicians
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-01-21T22:13:46+00:00
-url: /blog/the-uks-top-5-anti-online-privacy-politicans/
-heroImage: /images-static/uploads/uk-flag.jpg
-thumbnailImage: /images-static/uploads/uk-flag.jpg
-
----
-The UK is currently facing one of the biggest threats to its online freedoms. The looming Communications Capabilities Development Programme gives law enforcement unprecedented powers when it comes to accessing citizens' online data. So we thought it might be fun to take a look back at which UK politicians have posed the biggest threat to online privacy and internet freedoms.
-
-The UK is currently facing one of the biggest threats to its online freedoms. The looming Communications Capabilities Development Programme gives law enforcement unprecedented powers when it comes to accessing citizens' online data. So we thought it might be fun to take a look back at which UK politicians have posed the biggest threat to online privacy and internet freedoms. If you're from the US, check out our post on [America's political enemies of online privacy here][1]. If you think we've missed someone out on this list please tell us in the comments below.
-
-**[Peter Mandelson][2], Labour, former First Secretary of  State**
-
-![Photo of Peter Mandelson](/images-static/uploads/Peter_Mandelson_-_WEF.jpg "Threats to the Global Trading System")
-
-While the UK's controversial [Digital Economy Act][3] sprung from research by Lord Carter, it was Secretary of State Peter Mandelson who was (allegedly) directly responsible for the more stringent copyright enforcement laws that got internet rights activists up in arms, especially the provision that required ISPs to cut off internet access for illegal file sharers. Mandelson was accused of caving into brazen lobbying attempts from the entertainment industry. [According to The Independent][4], the Labour peer wasn't that interested in the Digital Economy Act until he attended a dinner with DreamWorks co-founder David Geffen on the Greek island of Corfu. Mandelson returned from his trip and [immediately issued an edict demanding tougher copyright provisions][5] in the DEA. Of course, Mandelson denied the events were linked, but he's got [form with this sort of thing][6].
-
-**[David Blunkett][7], Labour, former Home Secretary**
-
-![Photo of David Blunkett](/images-static/uploads/David_Blunkett_-8April2010.jpg "Photo of David Blunkett")
-
-David Blunkett wasn't Home Secretary when the [Regulatory Investigative Powers Act][8] was introduced into the House of Commons in 2000, but he was responsible for the expanding the list of organisations that could access internet data collected by ISPs.  Blunkett's [initial attempt to expand the list of authorities][9] met strong opposition and he was forced to heavily water it down. Nevertheless, as of 2009, there were [50,000 requests per year to access citizens' email and phone data][10] (the government no longer makes the figures public). You can see the a list of some of the [organisations that can access data right here][11]. Blunkett was also responsible for f[orcing ISPs to retain data on customers][12] (email logs, web logs, names and addresses) for up 12 months after they leave the service. This was before the EU mandated data retention policy (and probably significantly helped the EU's policy on its way).
-
-**[Lord Bassam][13], Labour peer**
-
-Lord Bassam is not exactly a household name, but he did play a big role [in cheerleading RIPA through the House of Lords][14]. Bassam strongly defended RIPA against questioning from Lord Philips, one of the bill's few detractors. Many believe [that RIPA was not fully understood][15] by either the House of Commons or House of Lords when it was introduced, in that respect Bassam has a lot to answer for.
-
-**[Theresa May][16], Conservative, current Home Secretary**
-
-![Photo of Theresa May](/images-static/uploads/398px-Theresa_May_-_Home_Secretary_and_minister_for_women_and_equality.jpg "Photo of Theresa May")
-
-Despite The Conservatives saying they would do more to defend civil liberties during Labour's tenure, it didn't take long for them to launch probably the [worst online surveillance bill ever proposed][17]. As Home Secretary, Theresa May has spearheaded the implementation of the [Communications Capabilities Development Programme][18]. While May's record may not be quite as bad as Blunkett's, she has been utterly brazen in spewing populist rhetoric designed to cut down opposition to the CCDP. May says that if you [oppose her bill than "you are siding with peadophiles and terrorists."][19] Such hysterics should not be part of any rational policy debate, especially when it concerns such an important bill.
-
-**[Claire Perry][20], Conservative, advisor on childhood**
-
-![Photo of Claire Perry](/images-static/uploads/452px-Claire_Perry_MP.jpg "Photo of Claire Perry")
-
-MP Claire Perry is currently the Conservative 'advisor on childhood' and has [campaigned strongly for the last two years against online pornography][21]. Perry may not have the track record of other MP's on this list, but she's one to watch. Her activism came to a head late last year when the government considered taking a leaf out of China's book and [almost implemented a nationwide internet firewall][22], which would block anything deemed to be "pornographic". The only way to escape the porn filter would've been to opt out with your ISP. Thankfully, due to heavy campaigning [explaining the ineffectiveness of such a filter][23] and the implications it would have in terms of online censorship, the government dropped Perry's plans.
-
- [1]: /blog/americas-most-dangerous-anti-online-privacy-politicians/
- [2]: http://en.wikipedia.org/wiki/Peter_Mandelson
- [3]: http://en.wikipedia.org/wiki/Digital_Economy_Act_2010
- [4]: http://www.independent.co.uk/arts-entertainment/music/news/the-net-closes-in-on-internet-piracy-1772820.html
- [5]: http://www.dailymail.co.uk/news/article-1206901/Mandelson-launches-crackdown-file-sharing--just-days-meeting-record-producer.html
- [6]: http://www.independent.co.uk/news/uk/politics/a-final-favour-how-mandelsons-last-act-in-brussels-boosted-russian-oligarch-973813.html
- [7]: http://en.wikipedia.org/wiki/David_Blunkett
- [8]: http://en.wikipedia.org/wiki/Regulation_of_Investigatory_Powers_Act_2000
- [9]: http://www.guardian.co.uk/politics/2003/feb/26/freedomofinformation.digitalmedia
- [10]: http://www.telegraph.co.uk/news/uknews/law-and-order/6001357/A-request-to-snoop-on-public-every-60-seconds.html
- [11]: http://en.wikipedia.org/wiki/Regulation_of_Investigatory_Powers_Act_2000#Agencies_with_investigative_powers
- [12]: http://www.guardian.co.uk/technology/2003/sep/13/freespeech.politics
- [13]: http://en.wikipedia.org/wiki/Steve_Bassam,_Baron_Bassam_of_Brighton
- [14]: http://wiki.openrightsgroup.org/wiki/Lord_Bassam
- [15]: http://www.zdnet.com/parliament-didnt-understand-rip-act-3039117681/
- [16]: http://en.wikipedia.org/wiki/Theresa_May
- [17]: /blog/uk-online-spying-law-how-to-resist/
- [18]: http://en.wikipedia.org/wiki/Communications_Capabilities_Development_Programme
- [19]: /blog/oppose-the-uks-spying-bill-youre-siding-with-paedophiles/
- [20]: http://en.wikipedia.org/wiki/Claire_Perry
- [21]: http://www.bigbrotherwatch.org.uk/home/2012/04/claire-perry-report.html#.UETXohTft0w
- [22]: /blog/only-three-days-left-to-protest-uk-porn-filter/
- [23]: http://www.ispa.org.uk/ispa-statement-on-parliamentary-inquiry-into-online-child-protection/
\ No newline at end of file
diff --git a/src/content/es/blog/2013-02-08-the-five-biggest-threats-to-global-online-privacy.md b/src/content/es/blog/2013-02-08-the-five-biggest-threats-to-global-online-privacy.md
deleted file mode 100644
index 2e1c38f0b..000000000
--- a/src/content/es/blog/2013-02-08-the-five-biggest-threats-to-global-online-privacy.md
+++ /dev/null
@@ -1,49 +0,0 @@
----
-title: The biggest threats to global online privacy
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-02-08T15:01:52+00:00
-url: /blog/the-five-biggest-threats-to-global-online-privacy/
-heroImage: /images-static/uploads/World_map.png
-thumbnailImage: /images-static/uploads/World_map.png
-
----
-While the phrase "there's no privacy online" holds true in many respects, it's always worth remembering that there's a great deal of internet freedoms we currently enjoy that could be put at risk by cack-handed, or downright malicious,  legislation. Indeed, we appear to be in the midst of a state and corporate-level scramble to update laws in order to cope with the rapidly evolving communication and consumption habits, making this risk higher than ever.
-
-So let's take a brief look at five of the biggest threats to global internet freedoms, taking into account existing laws that are continuing to have ramifications and potential legislation that would be disastrous if implemented. You may think different of course. If there's something you think we've left out let us know in the comment section below.
-
-**EU Data Retention Directive**
-
-
-Europe's [Data Retention Directive][1] was passed in 2006 and is probably one of the most important pieces of legislation related to internet privacy (in the western world at least) currently in effect. The directive mandates that all EU ISPs record and store customer data – such as web logs, email logs, addresses, billing info – for 1 to 2 years after the individual has left the ISPs service. True, some EU countries, [like the UK][2], already implemented similar legislation before the Data Directive passed, but others, [such as Germany, are still fighting it][3]. After the US, the EU is the biggest and most important political entity in the west, so the standards it sets in the relatively new arena of online surveillance is a big deal indeed. All eyes are on US legislators to see if [they try to use the EU example to bring mandated data retention to US ISPs][4]. At the moment US ISPs are perfectly entitled to hold data for as long as they like, but there's no mandate from government. How long that will last is anybody's guess.
-
-**CCDP**
-
-
-With the internet becoming more and more integrated into people daily lives it's no wonder that law enforcement agencies across the world are collectively rushingto update surveillance legislation. It's true that some laws do need updating, but it's also true that law enforcement – [from Australia][5] to the UK – is seeing this as an ideal opportunity to gain new powers to make their lives easier. Unfortunately a lot of these new powers would have terrible consequences for our privacy. The UK is one of the first western countries that has really got the ball rolling with the [Communications Capabilities Development Programme][6]. This act [enhances surveillance power][7] beyond the already contentious Regulation of Investigatory Powers Act 2000 and gives police complete access to email and web logs with little judicial oversight. There's certainly a feeling that other western democracies are waiting to see how the CCDP fares in the UK before implementing similar laws. While UK public opinion appears to be against the bill, there's little opposition in mainstream UK politics.
-
-**TPP**
-
-The [Trans Pacific Partnership is multi-national trade agreement between nine nations][8] – specifically, the USA, Australia, Peru, Malaysia, New Zealand, Chile, Singapore and Brunei. Canada and Mexico have also been invited to join the negotiations and are likely to do so. The TPP has been billed by activists as an attempt to get the failed SOPA legislation passed through the back door. It contains a section dedicated to intellectual property, [which the EFF says][8] is "far more restrictive than currently required by international treaties, included the controversial ACTA" and "puts at risk some the most fundamental rights" that enable access to information. The biggest problem with the TPP is that it's a truly multinational piece of legislation that could be pressured onto other countries, outside of the group, and used to create a global standard of IP enforcement.
-
-**Great Firewall of China**
-
-Of course, while we tend to focus on threats to internet freedoms in the west we often ignore the huge censorship and oppression going on elsewhere. The [extent of China's internet surveillance is hard to assess exactly][9], as the government uses the threat of closure to ensure ISPs, and content platforms, employ internal staff who censor and monitor communications. Along with this, it's errected the so called 'Great Firewall of China', which scans data flowing across its section of the net for banned words or web addresses. It's probably the largest scale internet censorship programme currently operational in the world. China provides a template for other totalitarian regimes to look up to and, while it is often vilified in the west for its approach to the internet, its successes and failures are surely watched by western law enforcement agencies who want to tighten their grip - especially when much of the surveillance technology used [is being created by US and European corporations][10].
-
-**Iran's 'Halal Internet'**
-
-Iran has repeatedly mentioned plans to create a 'Halal' internet, cut off from the outside world, and in conformity with Islamic rules and morals. This nationwide intranet goes beyond China's firewall approach. It hasn't yet emerged, but there is evidence that it's being worked on. [As New Scientist reports][11], Iran appears to be allocating two IP addresses to every internet-ready machine, one which connects to the internet and an internal one only accessible from within the country. The idea is to "throttle" connections to the outside networks , rendering them too slow for use, and push people onto the internal network, where 'Halal' versions of email services, search engines, and even Facebook are speculated to exist. While such a creation would be pretty terrible for Iranians, it's also worrying for the wider Islamic world. If Iran manages to make a 'Halal Internet' work - and it's branded as somekind of 'muslim internet' - then many other Islamic countries may want to follow suit.
-
-  [1]: http://en.wikipedia.org/wiki/Data_Retention_Directive
-  [2]: http://en.wikipedia.org/wiki/Telecommunications_data_retention#United_Kingdom
-  [3]: http://europa.eu/rapid/press-release_IP-12-530_en.htm
-  [4]: http://news.cnet.com/8301-31921_3-20029423-281.html
-  [5]: /blog/australia-prepares-for-new-online-privacy-fight/
-  [6]: http://www.bbc.co.uk/news/uk-politics-17590363
-  [7]: /blog/uk-online-spying-law-how-to-resist/
-  [8]: https://www.eff.org/issues/tpp
-  [9]: http://topics.nytimes.com/topics/news/international/countriesandterritories/china/internet_censorship/index.html
-  [10]: https://www.eff.org/deeplinks/2011/09/government-internet-surveillance-starts-eyes-built
-  [11]: http://www.newscientist.com/article/mg21628865.700-first-evidence-for-irans-parallel-halal-internet.html
diff --git a/src/content/es/blog/2013-04-01-european-parliament-eu-surveillance-programmes-are-incompatible-with-the-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md b/src/content/es/blog/2013-04-01-european-parliament-eu-surveillance-programmes-are-incompatible-with-the-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md
deleted file mode 100644
index 6fd08fd8b..000000000
--- a/src/content/es/blog/2013-04-01-european-parliament-eu-surveillance-programmes-are-incompatible-with-the-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md
+++ /dev/null
@@ -1,23 +0,0 @@
----
-title: 'European Parliament: "EU surveillance programmes are incompatible with the fundamental human rights of citizens and residents in the EU."'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-04-01T09:24:00+00:00
-url: /blog/european-parliament-eu-surveillance-programmes-are-incompatible-with-the-fundamental-human-rights-of-citizens-and-residents-in-the-eu/
-
----
-A European Parliament study on state surveillance has concluded that surveillance programmes must be framed "in terms of collective freedoms and democracy" and current programmes are "incompatible" with the human rights of EU residents.
-
-The study, which was commissioned by the European Parliament's Committee on Civil Liberties, Justice and Home Affairs, says:
-
-"From a legal point of view, EU surveillance programmes are incompatible with minimum democratic rule of law standards and compromise the security and fundamental human rights of citizens and residents in the EU."
-
-The study also makes it clear that the recent PRISM revelations are markedly different from past security service "transgressions," as they involve "access to a much larger scale of data" than former programs.
-
-The authors go further to say the "purpose and scale" of any surveillance program is "at the core of what differentiates democratic regimes and police states." It adds that the "two key issues" that remain unclear over the PRISM revelations is: "what/who are the ultimate targets of this surveillance exercise, and how are data collected, processed, filtered and analysed?"
-
-The paper mainly focuses on the US' ability to compromise the privacy of EU citizens via mass surveillance of internet services such as Google and Facebook. It also highlights the UK's complicity in US spying. But interestingly the authors say very little about the EU's own mass surveillance programmes, namely the EU Data Retention Directive, which mandates that all European ISPs hold onto customer web logs, and other data, for the entirety of the subscription and up to two years after they leave the service.
-
-Obviously, we expect very little to change regarding the European Union's reaction to the NSA's revelations. So far, apart from some noise from EU leaders over the US' monitoring of phone calls, the EU has been completely supine in terms of doing its job and protecting its citizens from American spying.
\ No newline at end of file
diff --git a/src/content/es/blog/2013-04-01-top-five-defenders-of-online-privacy.md b/src/content/es/blog/2013-04-01-top-five-defenders-of-online-privacy.md
deleted file mode 100644
index bd0c21b71..000000000
--- a/src/content/es/blog/2013-04-01-top-five-defenders-of-online-privacy.md
+++ /dev/null
@@ -1,66 +0,0 @@
----
-title: Top five defenders of online privacy
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-04-01T13:49:47+00:00
-url: /blog/top-five-defenders-of-online-privacy/
-heroImage: /images-static/uploads/privacy-defenders.jpg
-thumbnailImage: /images-static/uploads/privacy-defenders.jpg
-comments:
-  - author: UWNThesis
-    date: 2013-04-04T10:10:37+02:00
-    content: |
-      Big Brother Watch.
-
-      <a href="http://www.bigbrotherwatch.org.uk/" rel="nofollow ugc">http://www.bigbrotherwatch.org.uk/</a>
-    
-      This organsation focus on surveillance and privacy - in many guises.
-
-      Currently they're investigating cloud computing - and whether the UK govt has put all it's civilians data at risk.
-    
-      Normally, if you're going to get massive privacy news out there - it's because Big Brother Watch have made it happen. They're awesome.
-  - author: Techmonster
-    date: 2013-05-07T21:47:13+02:00
-    content: |
-      Another company that makes anti-tracking and privacy tools available to internet users:
-
-      <a href="http://www.abine.com" rel="nofollow ugc">http://www.abine.com</a>
-
-      I personally use their "DeleteMe" and "DoNotTrackMe" tools
-
----
-The attempted crackdown on online freedoms over the last few years has been relentless. From [CISPA in the US][1], to [the CCDP][2] in the UK, governments around the world are ramping up efforts to increase internet surveillance, not to mention private corporations trying to impose draconian legislation such as SOPA and ACTA. Thankfully there are a number of charities, individuals and advocacy groups fighting to make sure anti-online privacy legislation is exposed to the wider public and given the scrutiny its backers would like to avoid.
-
-The below organisations are by no means the only ones fighting for online freedoms, but we believe they are among the most important, and do an amazing job at educating the public and raising awareness of policies that could have a dramatic effect on the internet. These organisations are a great resources if you want to learn more about around online privacy issues and they deserve your support. So without further ado, here's our top five defenders of online privacy.
-
-### [Electronic Frontier Foundation][3]
-
-Ok we have a slightly vested interested here, as IVPN is a member of the Electronic Frontier Foundation, but there's no doubt the EFF is one of the most voracious and active defenders of online freedoms. US based, but with an international outlook, the EFF has been campaigning on digital rights issues since 1990. The non-profit organisation was founded by Mitch Kapor (founder of Lotus), John Gilmore (major GNU contributor) and John Perry Barlow (political activist and former lyricist for the Grateful Dead). The EFF was one of the main activist groups behind the successful anti-SOPA and anti-ACTA campaigns and regularly provides assistance to defend technologies from legal threats in court.
-
-### [ACLU][4]
-
-The American Civil Liberties Union is not an internet-specific organisation, but its commitment to "defend and preserve the individual rights and liberties" of US citizens means its goals have frequently intersected with those of internet activists. The ACLU has been going since 1920 and has been relentless in its lobbying and community education. Because of its knowledge of US law the organisation lends much needed legal expertise and understanding to the changing issues where privacy and online surveillance meet. Although the ACLU is US-focused, it's work is relevant to everyone who uses and values the internet.
-
-### [European Digital Rights][5]
-
-You can be forgiven if you've never heard of European Digital Rights, as the organisation doesn't have a very high profile. Instead it acts as an umbrella organisation for a number of different privacy groups that are Europe-focused, such Chaos Computer Club, Bits of Freedom and Open Rights Group. The organisation has offices in 21 countries across the EU and help groups campaign on a range of digital rights issues such as copyright, online surveillance and cyber crime.
-
-### [Electronic Privacy Information Center][6]
-
-The Electronic Privacy Information Center is a US based public interest research group that advocates for strong privacy safeguards and campaigns on civil liberties issues. EPIC has been active on a range of fronts including drone surveillance, FBI Watchlists, and body scanners. The organisation campaigns heavily on a range of internet-related issues, especially privacy concerns around Facebook, cloud computing and Google Street View.
-
-### [Privacy International][7]
-
-Privacy International is a UK-based charity that promotes the right to privacy. The organisation claims to be the oldest international privacy organisation in the world, formed in 1990, and has a very global outlook, with partners in across Africa, South America and South East Asia. PI's focus on privacy protection extends to everything from CCTV cameras to DNA profiling, but much of its recent work has looked at government surveillance online. The organisation also releases reports covering privacy issues in specific countries, which are useful if you're looking for an overview of privacy laws in a certain jurisdiction.
-
-Is there another privacy organisation that you think deserves recognition? Let us know in the comments below.
-
- [1]: /blog/status-update-current-threats-to-online-privacy/
- [2]: /blog/uk-online-spying-law-how-to-resist/
- [3]: https://www.eff.org/
- [4]: http://www.aclu.org/
- [5]: http://www.edri.org/
- [6]: http://epic.org/
- [7]: https://www.privacyinternational.org/
diff --git a/src/content/es/blog/2013-04-14-facebook-vs-google-the-loser-is-your-privacy.md b/src/content/es/blog/2013-04-14-facebook-vs-google-the-loser-is-your-privacy.md
deleted file mode 100644
index 913c7cd00..000000000
--- a/src/content/es/blog/2013-04-14-facebook-vs-google-the-loser-is-your-privacy.md
+++ /dev/null
@@ -1,62 +0,0 @@
----
-title: 'Facebook vs Google: The loser is your privacy'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-04-14T17:44:48+00:00
-url: /blog/facebook-vs-google-the-loser-is-your-privacy/
-heroImage: /images-static/uploads/facebook-privacy.jpg
-thumbnailImage: /images-static/uploads/facebook-privacy.jpg
-comments:
-  - author: Tom Forter
-    date: 2013-09-04T06:06:17+02:00
-    content: |
-      I had to pass this along-
-  
-      Join F.O.G.
-
-      (F**k Off: Google!)
-
-      When Eric Schmidt isn't out screwing all his escorts in his Manhatten Shag-Pad he is out screwing you over by operating the biggest lie in American history: Google!
-
-      Never has so much been spent to screw over so many American's in such an insidious manner.
-
-      All of the news has finally disclosed that Google's business model is entirely based on intelligence gathering for marketing companies, hackers and secret programs. They use you like a sophmore uses an old sock. There is not a single thing that Google does that you can't get for free elsewhere and without compromising your soul. Even their search engine results are rigged.
-
-      1. Cancel your Google account.
-      2. Send an email to <info@google.com> that says, simply: "F.O.G."
-      3. Watch Craigslist and meetup.com for F.O.G. events at Google office locations (You can even organize them yourself)
-      4. Post every sighting of Eric Schmidt, every action he takes, every story about him, etc. on your social media under hashtage #f.o.g. Peel his privacy like he did to you.
-      5. Post the FOG Logo everywhere. (Black Helvetica caps "FU", red Google Cap "G")
-
-      PASS THIS AROUND AND POST IT IN ALL NEWS STORY COMMENTS SECTIONS
-
----
-The launch of Facebook Home last week was a significant escalation in the arms race between Facebook and Google; a battle that will only result in the continuing erosion of privacy - and the expectation of privacy – online.
-
-Since Facebook Home was announced, technology commentators have been queuing up to criticise its privacy implications. GigaOm's editor [Om Malik said the new app][1] "erodes any idea of privacy" and "is going to be able to track your every move ." On Tuesday Facebook [issued a Q&A][2] trying in vain to dispel any fears, but the damage had already been done.
-
-### Bigger picture
-
-What we're seeing is a fight between the two giants of online advertising to capture as much user data as possible. Facebook knows the major battleground for this fight will be on mobile devices and Facebook also knows 'user engagement' is the key metric. The focus therefore has to shift from apps and towards deeper integration into the very operating system itself. So Facebook needs an operating system in order to stay ahead of Google. Building one would be a costly and risky endeavor – especially given Facebook's [already turbulent IPO][3]. Therefore, [as Asymco points out][4], the next best thing is to hijack someone else's OS. Obviously Apple would never allow this and neither would Microsoft, but Android is open source and so Google can do little about it.
-
-Android has been wildly successful for Google, in terms of a defensive strategy to stop Apple dominating the mobile market. But as many commentators have pointed out, it's [profitability is in serious question][5]. Android's main benefit to the search giant is its ability to push Google's other services (which manufacturers [are increasingly complaining about][6]). By making sure Android owners use its apps, Google then can capture more data.
-
-This is why Facebook Home is an attack on Google, as it super-imposes the Facebook experience on-top of Android, in order to make sure users stay inside Facebook as long as possible (therefore potentially spending less time with Google's services). It won't be surprising if we soon see Android "fork", with different manufacturers creating different versions of Android in order to better protect their platforms. There was even rumours of Google [merging Android into its Chrome OS][7], although these were rebutted by Google.  
-
-### It's all about data
-
-If you spend any time at all in the online ad industry – especially the mobile ad industry – you'll know the two biggest concerns is tracking the effectiveness of online ads, to determine return on investment, and gathering data for better targeting. Issues around tracking and targeting have been the [main barriers to ad spend in the mobile market][8] and mostly stem [from privacy concerns][9] (largely accommodated to by Apple, which generates hardly any revenue from ads). Facebook and Google are first and foremost advertising companies, and the fastest and most effective way for them to satisfy shareholders and grow their business is to generate more ad revenue.
-
-This is basically what privacy advocates and technology writers have been pointing out for a long time. Now that Facebook is a publicly listed company, it's competitiveness against its main rival Google is only going to increase, as they both fight to capture user engagement and data. Both companies will only increase efforts at making the erosion of privacy an inevitable consequence of the proliferation of connected devices.
-
- [1]: http://gigaom.com/2013/04/04/why-facebook-home-bothers-me-it-destroys-any-notion-of-privacy/
- [2]: http://androidcommunity.com/facebook-home-privacy-concerns-are-addressed-in-qa-20130405/
- [3]: http://www.forbes.com/sites/rogerkay/2012/05/21/why-the-facebook-ipo-was-a-bad-deal-for-the-public/
- [4]: http://www.asymco.com/2013/04/10/making-rain/
- [5]: http://www.businessweek.com/articles/2012-09-12/after-500-million-android-activations-wheres-the-profit
- [6]: http://bgr.com/2013/04/09/microsoft-google-eu-antitrust-complaint-425702/
- [7]: http://techland.time.com/2013/03/18/the-coming-merger-of-google-chrome-and-android/
- [8]: http://www.mobyaffiliates.com/blog/buying-mobile-advertising-using-mobile-demand-side-platforms-dsps/
- [9]: http://techcrunch.com/2012/02/18/mobile-advertising-baby-huey/
diff --git a/src/content/es/blog/2013-04-18-is-cispa-a-threat-to-vpn-users.md b/src/content/es/blog/2013-04-18-is-cispa-a-threat-to-vpn-users.md
deleted file mode 100644
index 768390cbe..000000000
--- a/src/content/es/blog/2013-04-18-is-cispa-a-threat-to-vpn-users.md
+++ /dev/null
@@ -1,40 +0,0 @@
----
-title: Is CISPA a threat to VPN users?
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-04-18T18:22:02+00:00
-url: /blog/is-cispa-a-threat-to-vpn-users/
-heroImage: /images-static/uploads/cispa-bill.jpg
-thumbnailImage: /images-static/uploads/cispa-bill.jpg
-
----
-So the Cyber Intelligence Sharing and Protection Act is firmly back on the agenda, with the infamous bill likely to be voted on in the next 24 hours. If CISPA does eventually become enacted it will likely see more US citizens turning to virtual private networks (VPNs) to help anonymise their internet activity. But will CISPA impact VPN companies and if your VPN is US-based should you be worried?
-
-In case you haven't been keeping up, [CISPA][1] is a bill designed to facilitate the sharing of information between private companies and US government agencies. Although ostensibly designed to combat "cyber-threats" the bill is [so broadly written][2] it could be interpreted to be used against copyright infringers, or anyone else a company believes is trying to do it harm. The bill's vagueness has seen a number of high profile backers withdraw support, [including Facebook][3], but the list of companies that continue to support CISPA [remains pretty long][4].
-
-### VPNs off the hook?
-
-So will CISPA make it more difficult for VPNs to keep customer information private? In short, no,  CISPA should not affect VPN companies that have a commitment to privacy. CISPA, in its current state, does not force companies to hand over information without a warrant. It also has nothing to say on data retention, so ISPs are still not compelled to record logs on the websites you've visited and people you've emailed.
-
-Of course, not all VPNs are privacy-orientated. [Some clearly state this][5], while others don't make their intentions clear at all. The only effect CISPA will have is that VPNs without a privacy commitment will find it much easier to share any information with the government. [As TechDirt points out][6], there are VPNs who show little regard for privacy (and little understanding of the law). These companies could be more inclined to report activity such as file-sharing to the authorities if CISPA diminishes the ability to punish companies sharing info without consent.
-
-### Safer territory
-
-Even without CISPA, many argue you should never use a VPN based in the US anyway. There is some good reasoning behind this. the [NSA's warrantless wiretapping][7], and other incidents, showed how easily US surveillance laws could be subverted. But on paper, the US still doesn't have any data retention directives and requires judicial oversight for law enforcement to get data from a company that doesn't want to provide it (compare this to the UK's [RIPA legislation][8] for example). However, a US data retention law [may be around the corner][9].
-
-As we've mention before, choosing a VPN based on a given countries current legislation is a difficult process . For instance, places like Russia and Panama may appear tempting (given the amount of online criminality coming from these countries), but these countries also have problems with corruption and law enforcement agencies are not as accountable as in more developed areas if the world. Germany has an excellent track record on protecting citizens, but it's draconian when it comes [to pursuing copyright infringers][10]. And remember, surveillance legislation is currently undergoing massive changes in governments across the world.
-
-So when choosing a VPN the best thing to do is read its terms and conditions closely. Does it log your data? What are the surveillance policies in its host country? Is it willing to relocate if legislation changes in its jurisdiction? If in doubt contact the VPN and ask the questions. If you don't get answers, don't sign up.
-
- [1]: http://en.wikipedia.org/wiki/Cyber_Intelligence_Sharing_and_Protection_Act
- [2]: https://www.eff.org/cybersecurity-bill-faq#company
- [3]: http://www.dailykos.com/story/2013/03/15/1194364/-Facebook-reverses-course-to-oppose-nbsp-CISPA
- [4]: http://intelligence.house.gov/hr-624-letters-support
- [5]: http://torrentfreak.com/which-vpn-providers-really-take-anonymity-seriously-111007/
- [6]: http://www.techdirt.com/articles/20111108/08583316678/vpn-provider-hidemynet-dmcas-abcs-not-as-easy-as-123.shtml
- [7]: http://en.wikipedia.org/wiki/NSA_warrantless_surveillance_controversy
- [8]: http://en.wikipedia.org/wiki/Regulation_of_Investigatory_Powers_Act_2000
- [9]: http://news.cnet.com/8301-31921_3-20029423-281.html
- [10]: http://www.bbc.co.uk/news/technology-19354993
\ No newline at end of file
diff --git a/src/content/es/blog/2013-05-08-apple-vs-google-who-better-protects-your-privacy.md b/src/content/es/blog/2013-05-08-apple-vs-google-who-better-protects-your-privacy.md
deleted file mode 100644
index c4fed3743..000000000
--- a/src/content/es/blog/2013-05-08-apple-vs-google-who-better-protects-your-privacy.md
+++ /dev/null
@@ -1,84 +0,0 @@
----
-title: 'Apple Vs Google: Who better protects your privacy?'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-05-08T16:45:10+00:00
-url: /blog/apple-vs-google-who-better-protects-your-privacy/
-heroImage: /images-static/uploads/simple-apple-logo.png
-thumbnailImage: /images-static/uploads/simple-apple-logo.png
-comments:
-  - author: uwnthesis
-    date: 2013-05-12T19:55:48+02:00
-    content: |
-      Google's income comes from advertising. Bruce Schneier has said that the greatest and most dangerous cyber threat is probably data collection, which is dangerous than cyber warfare or crime.
-
-      The data flows like this:
-
-      Step 1 = Data Collection
-        
-      Step 2 = Data Retention
-        
-      Step 3 = Data Resale
-        
-      Step 4 = Data Aggregation
-
-      The key defensive strategy lies in stopping stage 1 - Data Collection.
-  - author: Rob
-    date: 2015-07-11T05:46:02+02:00
-    content: |
-      The questions actually seemed loaded; like the study was looking for a certain result. I was a Google/Android fan from the beginning, but I may have to switch. Government access to my personal info is one thing, but google takes info gathering to a different level. I'm willing to bet that Google has more data on the average Iphone user than even Apple has on it's users. Not to mention the reputation Google is developing for being deceitful and abusive. Who knows what they actually do with our data.
-  - author: Your name should be here
-    date: 2017-08-19T13:09:10+02:00
-    content: |
-      Where is the third competitor? is it really impossible to build reliable mobile phone OS without violating people\`s privacy?
-
----
-Apple and Google are two of the biggest giants in the world of technology and if you're using a smartphone or tablet device, then chances are you've tied yourself to one of those company's platforms and ecosystems. But with the issue of online privacy even more pertinent, and more inflammatory, in mobile sphere, which company has the better track record when it comes to protecting your data and which is more trustworthy?
-
-Now, if you're familiar with how Google and Apple make money, you may think you've got this question well and truly answered. Google [makes 96% of its revenue from online advertising][1]. The pay per click (PPC) industry is buoyed by a huge amount of data on the web-browsing, ad-clicking, and keyword searching habits of Google users. Apple on the other hand [makes the vast majority of its revenue][2] from the huge margins on the  devices it sells and on the 30% cut it takes on any transactions via its platform.
-
-So, who has the most to gain from violating your privacy? If you answered Google then well done! But evidently the story isn't quite as clear cut as the above argument makes out (even though it's an argument I've used a number of times on this blog!). Our friends at the Electronic Frontier Foundation recently [published a great report][3], which ranks some of the biggest tech companies on a number of privacy-related criteria. The results, when it comes to Apple and Google, are pretty interesting.
-
-The EFF's criteria are as follows:
-
-  * Does the company require a warrant for content?
-  * Does it tells users about government data requests?
-  * Does it publishes transparency reports?
-  * Does it publish law enforcement guidelines?
-  * Will the company fight for user' privacy rights in court?
-  * Will the company fight user privacy rights in congress?
-
-Google managed to answer positively on five of the six questions. Apple only managed a positive answer on one question, according to the EFF. Here's a breakdown on which of the EFF's criteria each company managed to satisfy:
-
-**Apple:**
-
-  * Will the company fight user privacy rights in congress?
-
-**Google:**
-
-  * Does the company require a warrant for content?
-  * Does it publishes transparency reports?
-  * Does it publish law enforcement guidelines?
-  * Will the company fight for user' privacy rights in court?
-  * Will the company fight user privacy rights in congress?
-
-Apple's positive score on fighting for privacy rights in congress comes from its [membership of the Digital Due Process coalition][4]. Google's only foul, according to the EFF, is where it backtracked on its T&Cs this year, bringing ambiguity into whether or not it will notify users if governments are trying to access their data. Other than that, Google met all of the EFF's criteria.
-
-### Who's the best judge?
-
-So judging by the EFF's report, Google is the more privacy conscious than Apple and all you Android users can breath a sigh of relief. Well possibly. But if we look at the EFF's questions they mostly pertain to government-led intrusions into privacy, rather than say, issues relating to data sharing between private companies, data mining and the protection of that data. The problem with Google, is that it has a terrible track record here compared to Apple.
-
-Remember, last year Google was [hit with the biggest fine in the FTC's history][5] for lying about the tracking the browsing habits of Safari users. Google was also found [guilty by the FTC of deceiving users][6] and violating its own privacy policy when it launched Buzz in 2010 and lets not forget the biggest scandal of all, when Google was forced to admit its Street View cars [were stealing personal information][7] from people's home Wi-Fi connections (and then lied about it).
-
-Apple has also endured a few scandals, most notably when the Wall St Journal revealed iOS apps were [sharing the UDID of devices without user consent][8] (Apple, to its credit, ended up ditching the UDID system altogether to fix the problem). But it seems Google is the company that most frequently gets into privacy-related scraps. So who is the most trustworthy? Do we go on track record, or the EFF's findings? Let us know what you think in the comments below.   
-
-  [1]: http://venturebeat.com/2012/01/29/google-advertising/
-  [2]: http://www.wingsofreason.com/2012/07/26/apple-revenue-breakdown-july-quarters-2012-edition/
-  [3]: https://www.eff.org/who-has-your-back-2013?support_whyb=1&social=1
-  [4]: http://digitaldueprocess.org/index.cfm?objectid=DF652CE0-2552-11DF-B455000C296BA163
-  [5]: http://www.guardian.co.uk/technology/2012/aug/09/google-record-fine-ftc-safari
-  [6]: http://www.pcworld.com/article/242476/ftc_approves_google_buzz_settlement.html
-  [7]: http://www.nytimes.com/2012/05/23/technology/google-privacy-inquiries-get-little-cooperation.html?pagewanted=all&_r=0
-  [8]: http://venturebeat.com/2010/12/18/mobile-apps-privacy/
diff --git a/src/content/es/blog/2013-05-17-the-online-privacy-debate-understanding-the-basics.md b/src/content/es/blog/2013-05-17-the-online-privacy-debate-understanding-the-basics.md
deleted file mode 100644
index 196aaebdd..000000000
--- a/src/content/es/blog/2013-05-17-the-online-privacy-debate-understanding-the-basics.md
+++ /dev/null
@@ -1,58 +0,0 @@
----
-title: 'The online privacy debate: Understanding the basics'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-05-17T15:20:12+00:00
-url: /blog/the-online-privacy-debate-understanding-the-basics/
-heroImage: /images-static/uploads/online-privacy1.jpg
-thumbnailImage: /images-static/uploads/online-privacy1.jpg
-
----
-The current debate being waged around online privacy isn't always straightforward and can often be filled with  legislative and technical jargon that confuses people. We frequently get questions on very fundamental aspects to understanding online privacy, such as the difference between privacy at the IP level and at the browser level, understanding what data retention is, or questions around the myriad of surveillance bills that seem to pop-up every month or so. Therefore, we thought it might be useful to provide a run-down of online privacy basics; a cheat sheet, if you will, for the important task of understanding and participating in the current debate.
-
-### Online privacy basics
-
-### Cookies and IP addresses
-
-If you zoom out of the privacy debate, you'll see two separate conversations taking place. One concerns advertising and data mining from ad companies and major online platforms such as Facebook and Google. The other concerns government surveillance of citizens' online activities.
-
-### Advertising and cookies
-
-When it comes to data mining and advertising, your privacy is potentially being compromised via 'cookies' in your web browser. [A cookie][1] is simply a piece of data that websites can store on your computer. Cookies deployed for various reasons, but they're particularly useful to advertisers, because they can tell them what websites you've visited and what advertisements you have clicked.  This lets advertisers build a profile of you in the hope you'll be more susceptible to marketing messages. Cookies have therefore become essential to the online ad industry. Not only do they allow advertisers to target ads to your individual tastes, they also track whether or not an advertisement is effective. It's important to note that none of this data is necessarily stored with advertisers, it's stored on your computer. However, this hasn't stopped [privacy campaigners raising concerns][2] about how web users are being profiled and tracked.
-
-### Surveillance and IP addresses
-
-Your [IP address][3] is numerical identifier assigned to the device you're using to connect to the internet. Essentially, this identifier is used to determine where you're located and who your ISP is, and is therefore a pretty good indicator of who you are. When it comes to surveillance, data can be gleaned based on activity linked to your IP address. Typically such surveillance will occur with the cooperation of your ISP, which brings us to the next key element to the online privacy debate.
-
-### What is data retention?
-
-When we talk about data retention in the realm of online privacy, we're usually discussing the issue of ISP data retention policies. Different countries and different ISPs have different laws and policies in terms of the data they store on individual customers' web activity. [This data usually contains][4] web logs, which reveal what websites you've visited, email logs, which revealed who you've emailed (but not necessarily the contents of the emails), and billing info, so the data can be linked to your identity.
-
-European Union member states currently must abide by the [EU Data Retention Directive][5]. This directive mandates all ISPs retain customer data for between 1 and 2 years after they leave the ISP's service. In the US, there is currently no data retention law. However, ISPs are free to set their own policies. A Justice Department [document from 2011][6] revealed that Verizon retained IP session information for one year. Time Warner on the other hand [retained data for 6 months][7], while AT&T's logging practices are not made public.
-
-Given the EU's mandatory data retention policy, other countries [such as Australia][8] and [the US][9], are exploring the possibility of introducing similar policies.
-
-### How can the government spy on me?
-
-There are numerous ways law enforcement would be able to obtain your private data. But the main channel would be to obtain a warrant to get data from your ISP, or to request the ISP start logging data on you if it isn't already. But of course, as we saw with the [NSA surveillance debacle in the US][10] and with the [RIPA in the UK][11], law enforcement doesn't always play by the rules and obtain a warrant, which means they can get your data without judicial oversight and without any evidence you've engaged in wrong doing.  Drafted surveillance bills such as CISPA and the CCDP sought to make it easier for law enforcement to obtain private data.
-
-### The surveillance debate
-
-As you probably already know, government around the world are trying to introduce new legislation to enhance their ability to conduct online surveillance. Governments are not incorrect when they say current surveillance legislation is out of date and needs to be updated for the internet age. But law enforcement agencies are clearly using this opportunity to increase their powers of surveillance to unprecedented levels. The debate also spills into the copyright and online piracy realm, as legislation such as SOPA and the TPP would [appear to require privacy compromises][12] in order to make it easier for copyright holders to prosecute copyright infringers.
-
-<span style="font-size: 13px;">Hopefully, the above helps clear-up some common misconceptions around online privacy for those of you new to the debate. If you have any questions, comments or suggestions on how we can improve this mini-guide please let us know in the comments below.</span>
-
- [1]: http://en.wikipedia.org/wiki/HTTP_cookie
- [2]: https://www.eff.org/deeplinks/2013/05/how-weak-current-dnt-proposal
- [3]: http://en.wikipedia.org/wiki/Ip_address
- [4]: http://wiki.openrightsgroup.org/wiki/Data_Retention
- [5]: http://wiki.openrightsgroup.org/wiki/Data_Retention_Directive
- [6]: http://www.wired.com/images_blogs/threatlevel/2011/09/retentionpolicy.pdf
- [7]: http://torrentfreak.com/how-long-does-your-isp-store-ip-address-logs-120629/
- [8]: http://www.zdnet.com/roxon-goes-public-on-data-retention-1339337213/
- [9]: http://news.cnet.com/8301-31921_3-20029423-281.html
- [10]: http://en.wikipedia.org/wiki/NSA_warrantless_surveillance_controversy
- [11]: http://en.wikipedia.org/wiki/Regulation_of_Investigatory_Powers_Act_2000
- [12]: http://www.techdirt.com/articles/20111209/13440317025/perhaps-sopa-should-be-called-stop-online-privacy-act.shtml
\ No newline at end of file
diff --git a/src/content/es/blog/2013-05-29-introducing-ivpns-new-privacy-guides.md b/src/content/es/blog/2013-05-29-introducing-ivpns-new-privacy-guides.md
deleted file mode 100644
index 446ba63e4..000000000
--- a/src/content/es/blog/2013-05-29-introducing-ivpns-new-privacy-guides.md
+++ /dev/null
@@ -1,48 +0,0 @@
----
-title: Introducing IVPN's new Privacy Guides
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-05-29T15:13:42+00:00
-url: /blog/introducing-ivpns-new-privacy-guides/
-comments:
-  - author: Pete
-    date: 2013-06-21T12:58:00+02:00
-    content: |
-      Great articles.
-  
-      In the "Why TOR with a VPN Service" I did not see your recommendation on whether to connect to the VPN before or after the TOR connection.
-
-      I think for protecting your connection on the exit node, you would want to connect to the VPN first and then TOR.
-
-      Can you please clarify for your readers.
-
-      Thanks!
-
----
-Here at IVPN we take privacy very seriously. Unlike many other VPNs, we aim to educate users as much as we can on the technologies and tools that are able to protect your data and online identity. That doesn't just mean proselytising our own service, but helping you understand the benefits of all privacy protection methods and how best to deploy them. So with that in mind, we'd like to introduce our new Privacy Guide section.
-
-In our [Privacy Guide section][1] you'll find expert written guides on a range of privacy-related technologies and security practices, from comparisons between Tor and I2P, to instructions on combining privacy tools with your VPN service. Our guides will tackle some of the most common misconceptions and queries around privacy issues and will hopefully demystify some of the more complex topics around keeping your data private.
-
-We've gone live with five guides and we'll be adding more over the coming weeks and months. Here's a rundown of what we have so far:
-
-**[An Introduction to Privacy and Anonymity][2]**
-
-**[Applying Risk Management to Privacy][3]**
-
-**[An Introduction to TOR vs I2P][4]**
-
-**[Why TOR with a VPN Service][5]**
-
-**[How to Create a VM Within a Hidden Truecrypt Partition][6]**
-
-We would love to get feedback from our readers on whether they find our guides helpful and, most important, what guides they'd like to see in the future. Feel free to [drop us a line here][7], or share your thoughts in the comments section below.
-
- [1]: /privacy-guides/
- [2]: /privacy-guides/an-introduction-to-privacy-anonymity/
- [3]: /privacy-guides/applying-risk-management-to-privacy/
- [4]: /privacy-guides/an-introduction-to-tor-vs-i2p/
- [5]: /privacy-guides/why-use-tor-with-a-vpn-service/
- [6]: /privacy-guides/creating-a-vm-within-a-hidden-truecrypt-partition/
- [7]: /contactus/
diff --git a/src/content/es/blog/2013-06-06-vpn-privacy-policies-decoded-hide-my-ass.md b/src/content/es/blog/2013-06-06-vpn-privacy-policies-decoded-hide-my-ass.md
deleted file mode 100644
index a7b9c1322..000000000
--- a/src/content/es/blog/2013-06-06-vpn-privacy-policies-decoded-hide-my-ass.md
+++ /dev/null
@@ -1,114 +0,0 @@
----
-title: 'VPN privacy policies decoded: Hide My Ass'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-06-06T15:58:17+00:00
-url: /blog/vpn-privacy-policies-decoded-hide-my-ass/
-heroImage: /images-static/uploads/privacy-policy-hidemyass.png
-thumbnailImage: /images-static/uploads/privacy-policy-hidemyass.png
-comments:
-  - author: Baneki Privacy Labs
-    date: 2013-07-22T06:49:13+02:00
-    content: |
-      There's a critique of the HMA ToS over at Cultureghost's customer forum: 
-
-      <a href="https://www.cryptocloud.org/viewtopic.php?f=17&#038;t=2769&#038;p=3761#p3761" rel="nofollow ugc">https://www.cryptocloud.org/viewtopic.php?f=17&t=2769&p=3761#p3761</a>
-
-      Their ToS are as bad as any we've seen in the industry. Still.
-  - author: Jimmy
-    date: 2013-07-23T14:25:13+02:00
-    content: |
-      HideMyAss is a great piece of software, but their privacy policy is indeed a little worrying&#8230;
-
-      Would you keep using it, or would you switch to another solution?
-  - author: Ritz
-    date: 2013-08-09T09:07:26+02:00
-    content: |
-      Hey Dennis,
-
-      Thanks a bunch for this and other useful articles. After reading you articles only I came to know about the "real" online privacy. Thanks a bunch buddy! 
-
-      As for HMA, I've been their user for over an year now, but hey, NO MORE!! After knowing their so-called privacy services/promises for/to their users, I DON'T TRUST THEM (yeah, "sellmyass" name suits them the best!).
-
-      Now I'll be choosing between IVPN or AirVPN only (the providers that really does take privacy of their users seriously!). However will always love to read more of your articles and gain knowledge.
-
-      Keep up the good work and best of luck!
-
-      Best regards,
-        
-      Ritz
-  - author: Dundale
-    date: 2013-10-24T06:26:36+02:00
-    content: |
-      I would not use this service anyway plus the name is silly and not pg for most people who do not like language even to this degree.
-  - author: Phillipe Gratneau
-    date: 2013-12-30T10:05:06+01:00
-    content: |
-      I used HMA before but because of Privacy Policy and logging I changed to ExpressVPN through vpnepress.net website. They also have great information on privacy and VPN options that users don't know about.
-  - author: matt
-    date: 2014-03-14T00:40:46+01:00
-    content: |
-      I used hma for 1 year and thought the service was worth it.
-        
-      The logging was distressing but not known at the time of signup.
-        
-      I did recieve a copyright complaint, and was temporarily suspended
-        
-      until I responded that it "wouldn't happen again".
-        
-      Moving on to another more privacy minded vpn.
-  - author: Chris
-    date: 2014-09-04T22:08:15+02:00
-    content: |
-      I contacted a major car manufacturer using my HMA email because I didn't want to be inundated with emails from the company's agents. And guess what - HMA sold my personal address to them. THAT'S incredibly annoying and I would not recommend HMA.
-
----
-_This post is [part of a series][1] reviewing the privacy policies of popular VPN services. The aim is to find out whether the VPN takes customer privacy seriously. This is not intended as a review of a VPN service, which would need to take into account a number of other factors. For more privacy guides and our criteria for reviewing them, [click here][1]._
-
-<a href="http://www.hidemyass.com/" rel="nofollow">Hide My Ass</a> is arguably the most well-known VPN service on the market, offering both free and paid versions of its platform. The company <a href="http://www.techweekeurope.co.uk/news/hidemyass-anonymity-service-exposes-alleged-lulzsec-hackers-40663" rel="nofollow">faced strong criticism</a> back in 2011 after it disclosed user data concerning a members of Lulzsec to the authorities. But what does it's privacy policy actually say?
-
-
-### Data retention
-
-Thankfully <a href="http://www.hidemyass.com/legal/privacy/" rel="nofollow">Hide My Ass' privacy policy</a> is pretty specific and written in clear language that's easy to understand. Hide My Ass runs a number of different services, but what we're interested in firstly is the data retention policy for its VPN platform. Here's what it says:
-
-_"What data we collect: We will store a time stamp and IP address when you connect and disconnect to our VPN service together with the IP address of the individual VPN server used by you. We do not store details of, or monitor, the websites you connect to when using our VPN service."_
-
-Regarding the storing of your IP address, Hide My Ass says this:
-
-_"&#8230;Your IP address is logged by us so that we can prevent any spam, fraud or abuse of our Site and our services. We may store this data for up to two years, unless we are required, for legal reasons or under exceptional circumstances, to retain this data for an extended period."_
-
-So what does this tell us? Well Hide My Ass is not quite as bad as your ISP when it comes to logging data – i.e. it's not recording the actual websites you visit. But it does know exactly when you log on to its servers and which servers you are using. The reasons it gives for this seem pretty innocuous - it's true that most VPNs store some network data to prevent spam and troubleshoot network problems.
-
-However, Hide My Ass also uses the phrase "to prevent abuse." "Abuse" is one of those woolly terms that could be construed to mean a number of different things. This is combined with Hide My Ass' worrying practice of storing its data logs for two years. Such a long time period is not needed for troubleshooting network problems and can only be useful in the aiding of surveillance efforts.
-
-Presumably if an authority wanted to match up the times you connected to a server and the times that Hide My Ass server connected to a certain website, they may be able to determine what you were browsing. From there they could probably request Hide My Ass start logging your data (which is probably what happened in the Lulzsec case).
-
-**Data disclosure**
-
-Hide My Ass is very upfront about how cookies work and the cookies it uses from third party advertisers. It's also upfront about where it stores your data and that your data is transferred outside the EU, which means, in some cases, it's not protected by the EU's Data Protection Directive. But some of Hide My Ass' data disclosure practices should set alarm bells ringing. Here's what their policy says (Privax is Hide My Ass' parent company):
-
-  * _5.1 In the event that Privax Limited becomes part of a group of companies, we may disclose your data to any member of such group, which means any subsidiaries of Privax, or its ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006._
-
-  * _5.2 We may disclose your personal information to third parties:_
-    
-      * _5.2.1 In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;_
-    
-      * _5.2.2 If Privax Limited is, or substantially all of its assets are, acquired by a third party, in which case personal data held by it about its users will be one of the transferred assets; or_
-    
-      * _5.2.3 If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of service and other agreements; or to protect the rights, property, or our safety, our users, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction._
-
-In other words, if another company buys Hide My Ass, all of your data will be transferred to them and they could theoretically do whatever they wanted with it. For a company selling a privacy service, this is worrying behavior indeed and certainly sends out the wrong message. Any serious privacy service would not allow this to happen.
-
-### **Missing information**
-
-While Hide My Ass is clear and specific on the privacy issues within its policy, there's a number of issues it does not address at all. This includes a lack of information concerning what the company will do if surveillance laws change in their jurisdiction. This is particularly problematic because Hide My Ass operates under UK law, and the UK is currently [considering a major revamp of surveillance legislation][2]. It would also be very useful to know what Hide My Ass will do if an authority requests information on a user and what happens if a DMCA notice is received, but this information is not clearly provided (though it is mention that the DMCA isn't applicable under UK law).
-
-### **To sum up..**
-
-Hide My Ass' privacy policy is well written, clear and honest in places. However, it also overlooks a number of key privacy-related issues and reveals a very worrying data sharing practice. There's also serious concerns over of the length of time Hide My Ass stores user data.  
-
- [1]: /blog/vpn-privacy-policies-decoded/
- [2]: http://www.bbc.co.uk/news/uk-politics-22673156
diff --git a/src/content/es/blog/2013-06-06-vpn-privacy-policies-decoded.md b/src/content/es/blog/2013-06-06-vpn-privacy-policies-decoded.md
deleted file mode 100644
index 17768ad74..000000000
--- a/src/content/es/blog/2013-06-06-vpn-privacy-policies-decoded.md
+++ /dev/null
@@ -1,71 +0,0 @@
----
-title: 'VPN privacy policies decoded: Introduction'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-06-06T15:58:02+00:00
-url: /blog/vpn-privacy-policies-decoded/
-heroImage: /images-static/uploads/vpn-privacy-policies.jpg
-thumbnailImage: /images-static/uploads/vpn-privacy-policies.jpg
-
----
-As we've [mentioned before][1] on this blog, not all commercial VPN services are concerned about protecting your privacy, with some platforms presenting just as many surveillance risks as a regular ISP.
-
-VPN services are, of course, free to log your data and there's nothing dishonest about this practice if it's openly disclosed. However, these days the acronym "VPN" has almost become a synonym for "online privacy" and many VPN companies appear to trade on this association, even if what they offer is not a real privacy service.
-
-Therefore it's always important to read a VPN services privacy policy before signing-up, ensuring you're data is protected and you're not paying for something on the basis of your erroneous assumptions, or misleading marketing. But what should you look out for in a privacy policy? What concerns should you have and what questions should you ask?
-
-In this series of posts we're going to take a closer look at some of the most popular VPN services. We will break down their privacy polices and see if they are really focused on protecting your personal data.
-
-### **VPN privacy policy guides**
-
-Below are links to all the privacy policy guides in this series of articles. Be sure to check back regularly, as new guides will be added over the coming weeks. Scroll down further to read more on our criteria for assessing privacy policies. Click the following link to access [IVPN's privacy policy][2].
-
-**[VPN privacy policies decoded: Hide My Ass][3]**
-
-**[VPN privacy policies decoded: StrongVPN][4]**
-
-**[VPN privacy policies decoded: AirVPN ][5]**
-
-**[VPN privacy policies decoded: WiTopia][6]**
-
-**[VPN privacy policies decoded: BoxPN][7]**
-
-### **Privacy policies: The key elements to consider:**
-
-**Clarity of policy and language used**
-
-It goes without saying that any privacy policy should be easy to read and free of jargon. It also needs to be specific, letting you know exactly where the VPN service stands.
-
-**Type of data being logged**
-
-What kind of data is being stored by the VPN service? Are they keeping logs of websites visited? Do they know your IP address and the times that your connecting to their servers? What about billing information and data used for advertising purposes? Of course, every VPN service will capture some data on its users. But we need to determine what data is most sensitive in terms of your privacy, what reason they have for collecting that data, and to what extent is the data anonymised.
-
-**Duration of data retention**
-
-Many VPN services store logs for a temporary period in order to troubleshoot problems and detect abuse on their networks. But beyond a couple of weeks, such data retention is not really necessary – unless it's being used for potential surveillance scenarios. It's therefore very important to know how long a VPN service retains data.
-
-**Data sharing with third parties**
-
-Does a VPN service share data with third party advertisers or other companies? What data is it sharing? What will happen if the company is acquired by a different company that wants to share data – will the user be told? Advertising data is not as sensitive as your web logs or email logs, but how a VPN service treats such data – even if it collects it at all - is a good indication of how serious it is about online privacy.
-
-**Approach to DMCA notices**
-
-DMCA stands for the Digital Millennium Copyright Act. A DMCA notice is – for our purposes - a legal tool used by copyright holders to force online services providers to disclose information on individuals suspected of copyright infringement. It's therefore important to know how a VPN service will respond to such notices, what information it is able to disclose and whether it will protect the privacy of its users.
-
-**behavior when surveillance legislation changes**
-
-Surveillance across the world is undergoing something of an overhaul, as governments attempt to keep up with new tools of communication. Therefore it's a possibility laws will change in a VPN services jurisdiction, which may impact its ability to protect its users privacy. Will the VPN inform customers of any impending changes that may affect its service? How will it adapt to the changes and will subscribers get a refund?
-
-**For more information on protecting your online privacy see our [privacy guide section][8]. You can find out more on how VPNs work by [visiting our FAQs][9].**
-
- [1]: /blog/when-law-enforcement-knocks-on-a-vpns-door-what-happens/
- [2]: /privacy/
- [3]: /blog/vpn-privacy-policies-decoded-hide-my-ass/
- [4]: /blog/vpn-privacy-policies-decoded-strongvpn/
- [5]: /blog/vpn-privacy-policies-decoded-airvpn/
- [6]: /blog/vpn-privacy-policies-decoded-witopia/
- [7]: /blog/vpn-privacy-policies-decoded-boxpn/
- [8]: /privacy-guides/
- [9]: /knowledgebase/1/General-FAQ
diff --git a/src/content/es/blog/2013-06-07-prism-the-us-government-is-attacking-the-entire-global-online-community.md b/src/content/es/blog/2013-06-07-prism-the-us-government-is-attacking-the-entire-global-online-community.md
deleted file mode 100644
index 720dba2b9..000000000
--- a/src/content/es/blog/2013-06-07-prism-the-us-government-is-attacking-the-entire-global-online-community.md
+++ /dev/null
@@ -1,34 +0,0 @@
----
-title: 'PRISM: The US government is attacking the entire global online community'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-06-07T10:25:59+00:00
-url: /blog/prism-the-us-government-is-attacking-the-entire-global-online-community/
-heroImage: /images-static/uploads/NSA-taps-in-to-systems-of.png
-thumbnailImage: /images-static/uploads/NSA-taps-in-to-systems-of.png
-
----
-Did you need more evidence that the US government is spying on your web browsing? Well today is your lucky day. The Guardian has just published evidence of a secret program from the US government's NSA, which proves that security agencies have direct access to the servers of major companies including Google, Facebook and Apple.
-
-While we always suspected such a backdoor existed, the revelations are still shocking to see laid bare. The program, [called PRISM][1], allows officials to collect your search history, the actual content of emails, file transfers and live chat sessions. This all according to 41 slide PowerPoint presentation, which the Guardian has verified as authentic.
-
-**A failure of democracy**
-
-PRISM demonstrates a complete failure in democracy and shows that citizens from every country in world are at risk from the US government's recklessness approach to online privacy. What's the point of debating this stuff in Congress? What's the point of public consultations? The NSA is prepared to steam-roll the legislative process not just for American citizens, but for the entire world.  Bills like [CISPA][2] are irrelevant. The government will act like such legislation already exists. Signing it into law is a mere formality. 
-
-PRISM once again raises serious questions about the entire internet eco-system and how we perceive the companies with which we entrust so much private data. The full list of companies working within PRISM is as follows: Microsoft, Facebook, Google, AOL, Apple and Yahoo. That covers pretty much all the major providers of social networks, search tools and email services.
-
-There's confusion over whether these companies are complicit in the spying or have no knowledge. Google has issued a statement denying all knowledge of PRISM and Apple says its "never heard" of the program. It's probably safe to say these companies are lying and have the protection of the US government. After all, it's not like Google has ever been totally honest about its [surveillance activities in the past.][3]
-
-**Fight back**
-
-It's time to fight back. Boycott the companies mentioned in the Guardian's report. Support search engines such as [DuckDuckGo][4], which do not store user data. Get off Facebook and get onto social networks that respect privacy like [Diaspora][5]. Use The Onion Router, I2P, a VPN or a combination. Visit the [Electronic Frontier Foundation][6]'s website and get involved in campaigning for online freedoms. Let your government know that you take online privacy seriously.  
-
- [1]: http://www.guardian.co.uk/world/2013/jun/06/us-tech-giants-nsa-data
- [2]: http://en.wikipedia.org/wiki/Cyber_Intelligence_Sharing_and_Protection_Act
- [3]: http://www.nytimes.com/2012/05/23/technology/google-privacy-inquiries-get-little-cooperation.html?pagewanted=all&_r=1&
- [4]: https://duckduckgo.com/
- [5]: https://joindiaspora.com/
- [6]: https://www.eff.org/
\ No newline at end of file
diff --git a/src/content/es/blog/2013-06-14-vpn-privacy-policies-decoded-strongvpn.md b/src/content/es/blog/2013-06-14-vpn-privacy-policies-decoded-strongvpn.md
deleted file mode 100644
index 8c3bf2621..000000000
--- a/src/content/es/blog/2013-06-14-vpn-privacy-policies-decoded-strongvpn.md
+++ /dev/null
@@ -1,52 +0,0 @@
----
-title: 'VPN privacy policies decoded: StrongVPN'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-06-14T14:59:25+00:00
-url: /blog/vpn-privacy-policies-decoded-strongvpn/
-heroImage: /images-static/uploads/strongvpn.png
-thumbnailImage: /images-static/uploads/strongvpn.png
-comments:
-  - author: Wanter
-    date: 2015-07-30T17:14:46+02:00
-    content: |
-      StrongVPN no longer keeps any logs, article needs updating
-
----
-_This post is [part of a series][1] reviewing the privacy policies of popular VPN services. The aim is to find out whether the VPN takes customer privacy seriously. This is not intended as a review of a VPN service, which would need to take into account a number of other factors. For more privacy guides and our criteria for reviewing them, [click here][1]._
-
-StrongVPN is one of the bigger VPN services on the market. It's based in the US and has servers across Europe and Asia. But how does its privacy policy stack-up?
-
-
-### Logging practices
-
-When it comes to logging data StrongVPN follows a similar policy to [Hide My Ass][2] and records the following:
-
-_"1.time, date and location vpn connection was made 2. duration of the vpn connection 3. bandwidth used during the connection"_
-
-StrongVPN says it does not monitor the websites you visit or the files you download "in normal course of duties". But it states that "if there's a violation" it will use its logs "to determine which account is in violation."
-
-_"After lengthy analysis of this data, we will terminate the service and/or take further action."_
-
-So while StrongVPN doesn't necessarily log websites, it's likely that it will use connection logs to highlight suspicious accounts, and then start logging your browsing activity to confirm if you are in violation of its terms. This is why it adds the "normal course of duties" disclaimer. This also leaves open the possibility that StrongVPN spies on your web browsing based on erroneous suspicions.
-
-More importantly,  as far as well can tell, StrongVPN does not say how long it holds onto its customers' data, which is a pretty serious oversight for a privacy service and should set alarm bells ringing.
-
-StrongVPN is very clear about its policy on DCMA. It says it maintains a log of DMCA Notices and will "identify customers or account holders who may be engaging in repeated copyright infringement." 
-
-### Cookies and ad data
-
-StrongVPN participates in the <a href="http://privacy-policy.truste.com/verified-policy/www.strongvpn.com" rel="nofollow">Truste privacy program</a>, which is welcome. But it also admits to collecting information on customers through various means for advertising purposes. It says is willing to hand this data over to anyone it likes. Here's what the policy says: 
-
-_"StrongVPN.com may use personally identifiable information collected through our Web site to contact Users regarding products and services offered by StrongVPN.com and its trusted affiliates, independent contractors and business partners, and otherwise to enhance Users' experience with StrongVPN.com and such affiliates, independent contractors and business partners. StrongVPN.com may also use information collected through our Web site for research regarding the effectiveness of the Web site and the marketing, advertising and sales efforts of StrongVPN.com, its trusted affiliates, independent contractors and business partners."_
-
-"Trusted affiliates, independent contractors and business partners" could mean pretty much anyone. Of course many websites happily hand over data to third parties for advertising purposes. What StrongVPN is doing is not uncommon at all. But is this really appropriate behaviour for a company that is offering a privacy service?
-
-### To sum up&#8230;
-
-StrongVPN's privacy policy leaves a lot to be desired. It's written clearly,  but there's no information on how long it stores your data, which is big problem. There's also no information on what happens if law enforcement requests data, or if laws in its jurisdiction regarding VPNs change. Also, while StrongVPN says it does not log the websites your visiting, it leaves open the possibility it will log your web browsing if you come under suspicion. 
-
- [1]: /blog/vpn-privacy-policies-decoded/
- [2]: /blog/vpn-privacy-policies-decoded-hide-my-ass/
\ No newline at end of file
diff --git a/src/content/es/blog/2013-06-21-vpn-privacy-policies-decoded-airvpn.md b/src/content/es/blog/2013-06-21-vpn-privacy-policies-decoded-airvpn.md
deleted file mode 100644
index 7cf0348f9..000000000
--- a/src/content/es/blog/2013-06-21-vpn-privacy-policies-decoded-airvpn.md
+++ /dev/null
@@ -1,234 +0,0 @@
----
-title: 'VPN privacy policies decoded: AirVPN'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-06-21T12:19:01+00:00
-url: /blog/vpn-privacy-policies-decoded-airvpn/
-heroImage: /images-static/uploads/AirVPN.png
-thumbnailImage: /images-static/uploads/AirVPN.png
-comments:
-  - author: Steven
-    date: 2013-07-09T01:55:12+02:00
-    content: |
-      I'm not sure why you expected them to give you reasonable responses. You start off the article by claiming the aim of your series is "to find out whether the VPN takes customer privacy seriously," but instead you're cherry picking things that are or are not missing in their policies.
-
-      This, along with various mistakes about them (including where they are based, cookies, affiliates), should have been enough for you to just apologize for advertising mistruths.
-
-      They spoke about DMCA when asked by Torrentfreak (<a href="https://torrentfreak.com/vpn-services-that-take-your-anonymity-seriously-2013-edition-130302/" rel="nofollow ugc">https://torrentfreak.com/vpn-services-that-take-your-anonymity-seriously-2013-edition-130302/</a>) and their response was extremely reasonable:
-      
-      _DMCAs are just ignored: no private entity claim can be considered a proof of anything (even in light of the paper by the University of Washington "Tracking the trackers – Why My Printer Received a DMCA Takedown Notice") and the details given in DMCA notices (pertaining to p2p) lack any substantial proof of any infringement. We sometimes ask for a proof of the alleged claim, just to try to see which methods are used to make up an infringement claim, but so far all private entities have poorly failed to respond with any proof or even with technical details on how such claims are fabricated._
-
-      And then you continue to insult them about their general English. For me personally, I'd much rather someone that is knowledgeable but has broken English as opposed to some commercialized company with great English.
-
-      Stop reviewing platforms with garbage journalism. Either address the topics you intended to ("find out whether the VPN takes customer privacy seriously") or don't write anything at all.
-  - author: Dennis Kügler
-    date: 2013-07-09T08:10:50+02:00
-    content: |
-      Thanks for the input Steve. 
-
-      First re: cherry picking/address the topic: If you read our full guidelines for these reviews, linked to at the top of every post, you'll see the aim is to see if a VPN takes privacy seriously - as you mentioned -and to try and educate readers about how to read VPN privacy policies for themselves (i.e. get them thinking about what questions they need to ask). However, the explanatory paragraph at the top of each review could be amended to better reflect the full guidelines. If you read this review of AirVPN, we say AirVPN "seems to take privacy seriously", and that it has the best privacy policy out of all those we've reviewed so far, but it's let down by being vague - we say this twice in the review. Clarity is one of the most important points of any privacy policy. I don't think that's unreasonable. 
-
-      re the errors: Yes we completely apologise for these two errors and we've corrected them. The cookies/ad data error was a bad mistake to make - I hold up my hands on that one. But that doesn't invalidate the whole series of reviews, nor is it a good argument for us to stop. No one's really reviewed VPN privacy policies before and tried to educate people on them, so we think this is a valid endeavour. The criticism from AirVPN has been incredibly useful and will definitely affect the way we approach further reviews.
-
-      Re TorrentFreak/DMCA - I don't think customers should have to search around other websites to find out a service's policy on relevant issues.
-  - author: John
-    date: 2013-07-15T10:53:12+02:00
-    content: |
-      "Erogate" is Italian, it means "provide." With that known the construct of the sentence works.
-  - author: Joe Bones
-    date: 2013-07-21T16:13:55+02:00
-    content: |
-      I've got a different take on your input, Steve. 
-
-      I think the author's errors were honest, I read his stance to be surprisingly objective, and I felt his were criticisms valid and worthy of being pointed out.
-
-      For just one example, the use of the word "erogate" works great in Poindexterland. But here in PlainSpeak, USA. it's pretentious. Just saying "provide" works better for the average person. (In fact, legislation actually had to force credit card companies to abandon endless boilerplate and sesquipedalian jargon in favor of simpler easier-to-understand phrasings.) For me, whether it's brain surgery or paying for a VPN service, I want simple words that convey lucid concepts. 
-
-      And talk of insults and apologies is a bit silly. It's an unemotional, academically-toned analysis, not "playing the dozens". 
-
-      The right of people to have privacy in conducting their affairs is being undermined and eroded on every side, on most continents, by most governments. When Delta Airlines fires a stewardess because she complains online about the company (a situation often repeated in the years that followed) it is high time to look closer and think more deeply. And as the "HideMyAss" fiasco proved (whose owners must have been prescient when they chose that rather crude name, as they promptly got "ripped a new one"), our level of protection is only as strong as individual VPN policies designate. 
-
-      Personally, I have no interest in wading through seas of jargon to distill the vapor trails that define how well my privacy is being looked after. I consider it grand good luck to have a review that is done in such a methodical, incisive fashion. For my part, I am impressed by a service that is willing to raise the issue of privacy to a higher level of public scrutiny. It is revealing, and I hope it puts the feet of other VPN services to the fire.
-
-      Criticism is essential, Steve. I don't argue that. However, groundless nit-picking is pointless and discouraging. And when it comes to important articles, I find it irritating because it may bring a premature and entirely unwarranted end to them.
-
-      I urge the author to keep up the good work, because he is definitely being read and considered &#8212; especially in the United States, where the ill-conceived Homeland Security Act is continuing to force privacy issues into the courts.
-  - author: Dave
-    date: 2013-08-01T10:05:43+02:00
-    content: |
-      This is a really good series, Dennis, and I look forward to your analysis of more privacy policies. You do the right thing by acknowledging any mistakes and rectifying them. I feel you've been very fair and objective.
-
-      As a layperson in these matters, I agree that clear and precise language is invaluable when choosing a VPN service. 
-
-      Again, much appreciated and keep up the good work.
-  - author: Krieg
-    date: 2013-09-20T22:07:38+02:00
-    content: |
-      Complaining about their English is extremely lame considering it is a "foreign" (read non-US) company and the person's first language is not English. People who speak ESL make those "mistakes" quite often when they have words in their languages that sound similar but unfortunately that word in English is not that common and they might sound pretentious. But anyone with some level of understanding would realize it is just the language barrier.
-
-      Considering what it's happening to privacy in the first world English speaking countries the future of VPNing is most probably in "unfamiliar" countries, so better get used to "broken" English.
-
-      _MODERATOR: The rest of this comment was edited due to the author's use of homophobic insults_
-  - author: Laura
-    date: 2013-09-24T12:39:20+02:00
-    content: |
-      It's like the italiano word "erogare", but "to erogate" is english, which is supposed to be the native language of the people here.
-  - author: Lucifer Stevenson
-    date: 2013-10-07T22:05:35+02:00
-    content: |
-      Joe Bones, excellent response. I thoroughly enjoyed the read.
-  - author: Jabba
-    date: 2013-10-22T14:32:43+02:00
-    content: |
-      This review is utter crap and I can't believe Dave is thanking Dennis for this. AirVPN is one of the best VPN providers out there and if you take a look yourself at them instead of believing what is being written here, your eyes will be opened&#8230; Anyway.. I'm out. Peace.
-  - author: Dennis Kügler
-    date: 2013-10-23T09:38:54+02:00
-    content: |
-      Jabba, this isn't intended as a review of AirVPN, just a review of its privacy policy. We're really not out to attack anyone here, the main goal is to get people thinking about how to read and judge privacy policies - which is incredibly important if you're choosing a VPN. We did make a couple of bad errors on this post, which i apologise for, but they were rectified immediatedly.
-  - author: Aurelio
-    date: 2014-04-17T22:24:37+02:00
-    content: |
-      I wish my Italian were as good as their English!
-  - author: John G
-    date: 2014-06-26T10:48:30+02:00
-    content: |
-      AirVpn is a scam. When I went to sign up they put my account on hold after debiting my credit card. They claim their processor is responsible. They sent an email claiming I need to send them banking information with my personal info and/or a copy of a drivers license or passport. I submitted a screenshot of the debit to my card showing the transaction ID and they refused to open my account until I showed them my personal ID and who I was.
-
-      Their response was they have the legal right to request all the information per terms of service agreement and under no obligation to protect privacy of its users. Definitely go to another service. A true company that protects your privacy would not be asking for state identification.
-  - author: Topkek
-    date: 2014-09-03T07:43:59+02:00
-    content: |
-      To John G: The real question should be "why in god's name aren't you using Bitcoin???"
-  - author: Anonymous Fr3@k
-    date: 2014-10-03T14:41:56+02:00
-    content: |
-      Just a quick note I understand you are doing a review of only AirVPN's Privacy Policy, However there is a flaw I never seen mentioned on AirVPN's Website that should have been addressed. As a customer of AirVPN which unfortunately I paid for multiple months upfront and I am stuck with it. I recently decided to see if I could track back through the data I was receiving and transmitting. Well I was able to trace not only my personal IP instead of the IP I was Stealthed under, worse then that I could trace it all the way back to my Exact Location. To find out that I could be tracked so easily horrified me. I now use a free VPN with option to pay for more bandwidth and server connections I will not name it because I am not trying to advertise for the company. Needless to say this free VPN has Better then DoD Encryption as well and I was unable to track back past the IP I was Stealthed under. I also could not even get any data(Encrypted or Not). I just thought this would be the best place to address this after reading others comments as well as your review of AirVPN's Privacy Policy.
-
-      I was a happy customer for a good bit of time, however I no longer am. I will not be renewing my subscription.
-  - author: Eric
-    date: 2014-12-24T10:05:50+01:00
-    content: |
-      Then what VPN we could be trust ? I think my ISP more reasonably good for me if I skip torrenting .
-  - author: jjolla
-    date: 2015-05-10T03:11:02+02:00
-    content: |
-      Dont be fooled, Bitcoin is not as anonymous as you may believe. 
-
-      The coins are identifiable and therefore traceable back to whoever purchased them. And please, don't mention exchanges &#8230; they are being snooped big time: each swap is absolutely noted.
-
-      In fact, someone did a very detailed study and found that under certain situations Bitcoins provide LESS anonymity than your Credit Card.
-
-      Also, don't ignore that the more suspect your activity (eg using Bitcoins) the more reason you are giving the NSA or whoever to snoop on you first.
-  - author: tim
-    date: 2015-09-24T19:23:56+02:00
-    content: |
-      please tell me exactly how a bitcoin is traced back to a real person if you are making a new wallet with a computer never purchased in your name or used for anything with any private data and everything thru TOR and VPN and purchase if from a private party such as thru classided like craiglist? If you name or anyting identifing you is not used how excactly will they ever get that info? All the BITcoin data is related to the wallet used and if a new wallet is used for each transaction I can not see how it could be traced unless bit coin itself has trojan or seach capabilities which would be huge news if it was the case.
-  - author: tim
-    date: 2015-09-24T19:40:14+02:00
-    content: |
-      I did want to add that the one thing that is still the most untraceable is plain old cash. Yes it has issues if it gets stolen in the mail but if its packaged well you have good chances if you are dealing with a honest company. For someone that is really concerned about privacy and amoninity the less than 1% chance of say losing $100 is not much of than a iritation when compared to the security it gives interms of privacy and non traceability. You could even pay a bit more and you can exhance it for a another currency thus making it than much harder to even know the country of orign of the payee. Add in a remailer for good measure. AGain it all comes down to how much trouble you are willing to go thru.
-  - author: tim
-    date: 2015-09-24T19:51:13+02:00
-    content: |
-      In terms lof privacy and the EU what effects has the new law the EU passed that required two nonconflicting data points to be taken and held for each customer? Is that the correct interpetation of that law and if so does that not mean that all EU member countries regardless of their own internal privacy laws are required to keep this data for even VPN providers? That would mean I think a email adresss and IP or physical address? If this is correct then Sweden etc located VPNS do not have the protections they use to have? Again I am not saying this is fact but more a ? /confirmation. I would think the use of a TOR prior to VPN would to some extent take care of the tracking but then that leaves some with nedding to actually go bridge>tor>VPN or VPN with no tracking> tor> vpn if you want the most privacy.
-  - author: nobody
-    date: 2016-06-29T15:41:08+02:00
-    content: |
-      Their servers worked well enough for 2+ months, then connection problems started occurring more and more often. Today I posted a message on their forum telling that service is down again, and called it a "great service". Do you know what happened? They instantly banned me on the forum, closed my VPN account (I paid for 12 months of service) and this is it!
-
-      Needless to say, they ignore all my emails and refund requests, so stay away from this "company". Otherwise, your account will be closed and they will keep all your money in case you complain about their service.
-
-      Hopefully this post will save money of any person who has AirVPN account and thinks about making a complaint of their poor service. If you really want to send them a message about poor connections, be ready to get your account terminated in 15 minutes (this is how long it took for my account to be cancelled).
-  - author: Per
-    date: 2016-08-24T04:29:07+02:00
-    content: |
-      Great read! I love that you're pointing out the dodgy language. I really don't understand why people are getting butthurt over it. 
-
-      I've spent a lot of hours reading about different VPN services, and there's just too many with vague privacy descriptions and bad language. They should thank you for pointing that out. It probably saves them a lot of time answering e-mails and questions from people wondering what the hell they mean.
-  - author: Stéphane
-    date: 2016-09-20T07:58:31+02:00
-    content: |
-      Stay away from AirVPN. They deleted 2 of my support tickets without any comment or explanation. Later they deleted a forum post and put me on moderation queue. After they wrote me that they never deleted any tickets. I sent proof (screenshots) to them but they still claimed they didn't do anything. AirVPN was good a few years ago. But now something very fishy is going on. I don't trust them anymore.
-  - author: Gary
-    date: 2017-01-01T14:12:53+01:00
-    content: |
-      Stéphane, do you have any proof (valid screenshot) that correlate your accusation on AirVPN like that? If yes, why don't you just show us if it's 'REAL'.? Bring it on.
-  - author: Nick
-    date: 2017-01-02T02:28:23+01:00
-    content: |
-      What a said attempt from iVPN, at reviewing of anything. I would say the intention was good though. 
-
-      As for some of the comments on AirVPN from the "haters", let me just say that the reason you ran into issues and then got into trouble for it, was probably because you guys (@nobody, @Anonymous Fr3@k, @John G), was because you guys fall under the category called: "Complete \*ffing \*bleep bleep bleep* fools", if you get what I'm saying. I won't insult you further, in case this post gets moderated - so that it'll be easy for the mods to cut out the insults, if it's still over the top. But it just has to be said, that you 3 are probably your own worst enemies. 
-
-      Judging by your posts, you're the types who, when they run into trouble the first time, instantly go onto a forum and complain very loudly about it. Without being very polite and most definitely without saying what went wrong exactly or providing any "actionable intelligence" that the community or Air support can use to help you. Thus, when you act impatiently and aggressively, you just get banned and/or muted. As you should, really. Yeah, it sucks if you paid for 12 months, but how about checking out how to behave properly then? It stands to reason, that if Air always banned everyone who asks questions, they wouldn't have a forum or indeed a company. But they do and it's quite successful. 
-
-      It's still true that Air is one of the best VPN companies out there. Why? Because they make everything secure by default, as much as possible. They stick to secure protocols, follow best-practices in their client (it's open-source for example) and the server infrastructure is superb; high-speed connections, quality data-centers, rock-solid policies regarding \*where\* they are willing to set up servers and much much more. In a VPN, you should look for: transparency, good security practices (using OpenVPN, 256-bit AES encryption, etc.) and general honesty, without being contradictory. For example, if a VPN claims they respect your security/privacy/anonymity, then check that they do! If they run Google Analytics or have Facebook plugins on their site for example, that's directly contradictory to being respectful of your privacy, as those things track you. Air has no such things on their site, by comparison. 
-
-      So, to those 3 critics, get your facts straight. Because you're wrong. I mean really, one of you claim you now use a free VPN, as if it's an upgrade! I LOL'ed at that. Thanks for a laugh. How do you think a free VPN pays the bills? Prayers to Jesus? No. Likely by several forms of spying/advertising - and you're the product. You worry about Air leaking your IP address and then start talking about other places having better encryption? Okay, one problem there: those things aren't related lol. You can have the best encryption in the world and still leak your IP address, because you're incompetent. REMEMBER: AirVPN (or any VPN) try to secure your connection to their servers. They don't try to fix your incompetent use of a computer. Thus, if you've got tons of malware installed, you're doomed. But really, it's simple - just check ipleak.net and if you leak, turn on AirVPN network lock :p. Done. As for all the credit card stuff and support tickets - pictures or it didnt happen.
-
-      ciao.
-
----
-_This post is [part of a series ][1]reviewing the privacy policies of popular VPN services. The aim is to find out whether the VPN takes customer privacy seriously. This is not intended as a review of a VPN service, which would need to take into account a number of other factors. For more privacy guides and our criteria for reviewing them, [click here][1]._
-
-**EDIT AirVPN has disputed some of this review. You can read our responses at the end of the post**
-
-<a href="https://airvpn.org/" rel="nofollow">AirVPN</a> is VPN service started by a "small group of activists" in 2010 and is based in the Italy. The company has servers across Asia, Americas and Europe. Lets take a look at <a href="https://airvpn.org/privacy/" rel="nofollow">its privacy policy</a>. 
-
-Out of the three VPN privacy policies we've looked at so far in this series AirVPN takes the most sensible and privacy-orientated approach to its customer's data. But while AirVPN seems to take user privacy seriously, it is let down by some vague language.
-
-### Logging practices
-
-Here's what AirVPN says about the data it logs:
-
-"Air servers and software procedures acquire only personal data which are strictly necessary for the technical functioning of the service, for example IP address. These data are not collected to identify, through elaboration or any other technique, users' personal identities. These data are not transmitted to third parties. "
-
-We're lacking specifics here. In particular, AirVPN does not say how the IP address is stored and if it is anonymised. The policy continues:
-
-"Data transmission is performed between Air servers network exclusively in order to erogate efficiently the AirVPN service. Data are deleted as soon as they are no more necessary for such purposes."
-
-Again, AirVPN needs to be more specific and say exactly how long it retains data for. "Data are deleted as soon as they are no more necessary for such purposes" is far to vague to be taken seriously and there is no mention of data retention periods anywhere in the privacy policy. Someone who has little knowledge of how VPNs work also has no idea how long data is typically stored for troubleshooting.
-
-Also, as the above quote shows, AirVPN's policy uses somewhat broken English (what does "erogate" mean exactly in this context?). Any legally binding policy needs to be clearly written and easily understood. In this respect, AirVPN is lacking.
-
-### <span style="font-size: 1.17em;">Missing info</span>
-
-As we mentioned, the biggest oversight in AirVPN's privacy policy is its lack of info on data retention periods. But AirVPN also doesn't mention how it responds to DMCA notices and, like most other services we've looked at, it also doesn't mention what it would do if laws in its jurisdiction change. AirVPN also suggests that it doesn't retain web logs, but because it's not specific, the policy is left somewhat open to interpretation. Unlike some other VPNs we've looked at, AirVPN seems to be a privacy conscious service, but it's let down by a badly-written policy.
-
-* * *
-
-**EDIT : AirVPN's <a href="https://airvpn.org/topic/9619-ive-read-this-over-at-a-professional-it-service-its-about-airvpns-privacy-policies-read/#entry10852"  rel="nofollow">rebuttal</a> and our response**
-
-We wrote: "<a href="https://airvpn.org/" rel="nofollow">AirVPN</a> is VPN service started by a "small group of activists" in 2010 and is based in the Netherlands."  However, AirVPN is in fact based in Italy. This is our oversight and has been corrected. We apologise to AirVPN for this error.
-
-_AirVPN writes: "These data **are not collected to identify, through elaboration or any other technique**" has an unequivocal legal meaning in the EU. It means that personal data, including IP addresses (regardless of the debate whether an IP address is a personal data or not), are not collected at all and in any way. Therefore not only we legally state that they are not stored when a client accesses a VPN service, but we also say that they are not even sent to third-parties WHILE a client is connected to a VPN server, which is a higher privacy condition. It seems, to say the least, bizarre that a higher privacy protection policy is interpreted as a lower one._
-
-AirVPN is somewhat missing the point of these reviews, as stated in our guidelines. The vast majority of people reading such privacy policies do not have a grasp of the legal intricacies and directives being mentioned, and that this has led to false expectations around VPN services.  We believe it's the VPN's job to state clearly and in plain English what their practices are. The main point of this review wasn't to say AirVPN is guilty of logging data, but that its policy is not clear enough in this regard. The point still stands.
-
-_IVPN: "Data transmission is performed between Air servers network exclusively in order to erogate efficiently the AirVPN service. Data are deleted as soon as they are no more necessary for such purposes."_
-
-_AirVPN writes: Once again, the sentence has a very precise legal meaning in the EU. The service is erogated when a client is connected, therefore when a client is disconnected the service is not erogated, ergo when a client disconnects those data are no more on the servers and the data retention period is, in the worst case, the timeout period (up to 60 seconds), in the best case 0 seconds._
-
-Same point as above.
-
-_IVPN "AirVPN doesn't mention anything regarding cookies, affiliates and ad data."_
-
-_False. The Privacy Notice states, since three years ago:_
-
-Yes, this was a mistake by us. We've made the correction and offer our apologies to AirVPN.
-
-IVPN: AirVPN also doesn't mention how it responds to DMCA notices
-
-_That's true and IT MUST BE SO. We will never mention how we "respond" to laws that are outside our jurisdiction and that are therefore inapplicable, simply because we are not forced to and we MUST NOT comply (and of course we must not even "respond") to such laws. An USA Act "has jurisdiction" on the USA. We are not subject to every single law existing in the world and we will NEVER mention them as if we recognized their validity. Doing so would imply an utter incompetence on the legal field. Ironically, we would like to ask to IVPN staff why they do not state in their policy how they "respond" to every single law in the world which makes VPN business illegal._
-
-DMCA notices are an issue that's very important to individuals looking for a VPN service and those concerned with online freedoms.  Acknowledging that DCMA notices exist, and are an issue customers want to know our stance on,  is hardly legal incompetence. It's about giving your users relevant information to help them make an informed decision about your service.
-
-_IVPN: AirVPN's policy uses somewhat broken English (what does "erogate" mean exactly in this context?)._
-
-_We recommend IVPN people to open a dictionary, for example the Webster dictionary, and search for "erogate", which means "give, lay out, provide, deal out"._
-
-"Erogate" is not a term that's commonly used in English. There's a dozen other words or phrases that could have been used that are better understood by the majority of people. One of the main criteria in our reviews is using plain English.
-
- [1]: /blog/vpn-privacy-policies-decoded/
diff --git a/src/content/es/blog/2013-06-28-vpn-privacy-policies-decoded-witopia.md b/src/content/es/blog/2013-06-28-vpn-privacy-policies-decoded-witopia.md
deleted file mode 100644
index c6c420996..000000000
--- a/src/content/es/blog/2013-06-28-vpn-privacy-policies-decoded-witopia.md
+++ /dev/null
@@ -1,66 +0,0 @@
----
-title: 'VPN privacy policies decoded: WiTopia'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-06-28T16:05:13+00:00
-url: /blog/vpn-privacy-policies-decoded-witopia/
-heroImage: /images-static/uploads/WiTopia.png
-thumbnailImage: /images-static/uploads/WiTopia.png
-comments:
-  - author: Uwnthesis 
-    date: 2013-07-02T10:15:51+02:00
-    content: |
-      As Schneider states, the biggest cyber threat of our era is data collection - it's potentially far more dangerous than cyber warfare or crime to us.
-
-      The "data collectors" harvest your data for "marketing purposes", which is lightly regulated so you have no protection. This data is then resold on to third parties as a revenue stream. Data aggregators such as Acxiom bulk buy this data, and once multiple streams of data are combined, everyone from the tax man to your local council has an X-Ray view of your life. Did you know that Acxiom buys 3 billion data sets a day? And that's only 1 company. The Rubicon project interacts with 97% of US internet users every month, and yet no-one knows about them (New York Journal).
-
-      Insurance companies are having success with reusing "marketing data" to assess obesity risk factors. One CEO of an insurance company always pays for his Macdonalds burgers in cash&#8230; to avoid an audit trail that links to "fast food" and higher medical premiums.
-
-      Marketing data is THE risk factor, so your comments on reselling marketing data to third parties is very valid.
-        
-      Even Amazon has a clause that if it goes bankrupt, their databases can be resold as a revenue stream - even if you object.
-
-      So marketing data is the real menace, as Schneider identified :)
-  - author: Dennis Kügler 
-    date: 2013-07-02T18:07:44+02:00
-    content: |
-      Great comment, thanks for the insight!
-
----
-_This post is [part of a series ][1]reviewing the privacy policies of popular VPN services. The aim is to find out whether the VPN takes customer privacy seriously. This is not intended as a review of a VPN service, which would need to take into account a number of other factors. For more privacy guides and our criteria for reviewing them, [click here][1]._
-
-<a href="https://www.witopia.net" rel="nofollow">WiTopia</a> is a popular VPN service, which provides a wide-range of servers across Asia, Europe and the Americas. The company is based in the United States and therefore subject to US laws. So what does <a href="https://www.witopia.net/privacy/" rel="nofollow">its privacy policy</a> look like?
-
-##### **Data sharing**
-
-WiTopia has a very well-written and comprehensive policy. Nevertheless it contains some worrying elements that don't sit well with a service supposedly designed to protect user privacy. For instance, when it comes to advertising-related data, take a look at this section on the information WiTopia discloses to "outside parties."
-
-_"It may be necessary, at times, to share certain personal information with trusted third parties who assist us in conducting our business or providing our services. These companies are authorized to use information only as necessary to provide services to us."_
-
-Also:
-
-_"If we are acquired by or merged with another company, if substantially all of our assets are transferred to another company, or as part of a bankruptcy proceeding, we may transfer information to the acquiring company._
-
-As we've pointed out before, this practice of willingly sharing data with companies, for non-essential purposes like advertising, is not uncommon. Most sites engage in such activity. But when it comes to a service that sells itself on protecting user privacy and data, you would expect it would stick to its values and keep data sharing to a bare minimum. As with HideMyAss, WiTopia uses the phrase "trusted third parties." But who are they? Why are they trusted? None of this is qualified in the privacy policy.
-
-##### Data logging
-
-When it comes to logging data WiTopia says it does not "monitor, record or store the content of a customer's internet activities." It only stores the following:
-
-_"(1) the time and network location from which a VPN connection was made; (2) the duration of the VPN connection."_
-
-However, it prefaces this with "during normal duties," which is could be seen as a get-out clause to allow WiTopia to store your data whenever it, or other entities, sees fit. This is further expanded upon here:
-
-_"We may release personal information, when we believe in good faith that release is necessary, to comply with legal process (such as a subpoena or court order), to protect our rights or property, to enforce the Terms of Service, or protect your safety or the safety of others."_
-
-It's also worth noting that even during normal duties WiTopia stores your web logs (i.e. the sites you've visited, dates, times, etc) for 30 days. Storing this information for so long is not necessary to troubleshoot a network. The main reason for this 30 day data retention could likely be to track down and identify users if they break terms and agreements.
-
-**To sum up&#8230;**
-
-WiTopia has a very well-written policy that gets straight to the point. But WiTopia's policy presents the same privacy issues that we saw with [HideMyAss][2] and, to a lesser extent, [StrongVPN][3]. WiTopia's section on <a href="https://www.witopia.net/copyright-policy/" rel="nofollow">DMCA takedowns</a> doesn't really say how a user's privacy will be affected. WiTopia also doesn't say what will happen if laws in its jurisdiction change, although it does appear to suggest it will comply with law enforcement if they request data.  
-
- [1]: /blog/vpn-privacy-policies-decoded/
- [2]: /blog/vpn-privacy-policies-decoded-hide-my-ass/
- [3]: /blog/vpn-privacy-policies-decoded-strongvpn/
diff --git a/src/content/es/blog/2013-07-07-global-privacy-poll-germans-least-concerned-about-online-privacy.md b/src/content/es/blog/2013-07-07-global-privacy-poll-germans-least-concerned-about-online-privacy.md
deleted file mode 100644
index 515cb262c..000000000
--- a/src/content/es/blog/2013-07-07-global-privacy-poll-germans-least-concerned-about-online-privacy.md
+++ /dev/null
@@ -1,57 +0,0 @@
----
-title: 'Global Privacy Poll: Germans least concerned about online privacy'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-07-07T14:54:53+00:00
-url: /blog/global-privacy-poll-germans-least-concerned-about-online-privacy/
-heroImage: /images-static/uploads/delarge.gif
-thumbnailImage: /images-static/uploads/delarge.gif  
-comments:
-  - author: Wutbürger 
-    date: 2013-07-13T12:19:54+02:00
-    content: |
-      As a (really angry) german, i can disagree. We are one of the world leaders in online privacy, because to our goverment it's still against the law to spy someone out. Maybe the background of Gestapo and later Stasi had something to do with it.
-  
-      We are concerned, very concerned, but we can't just handle in a rash!
-
-      I don't believe in Merkel, or her toydog Friedrich,
-        
-      but i know that she is a women who is sometimes slow, but hard to catch/hard to argue with.
-        
-      She will make the hell burn, just for Obama.
-        
-      And because she is a good talker, she will have the UN in her back, and give props to everyone who took care of Snowden.
-        
-      That's probably why the most germans are so quiet and calm.
-
----
-An interesting survey from ComRes and Big Brother Watch came out recently giving us a broad global comparison of attitudes toward online privacy. The results were rather surprising and certainly confounded some of our own expectations.
-
-[The survey][1] involved 10,354 interviews across citizens from the UK, Germany, France, Spain, India, Japan, South Korea, Brazil and Austria. One surprising statistic is that India ranks number one out of the nine countries in terms of online privacy concerns. In total 94%  of all Indian respondents said they were concerned about their personal privacy online.
-
-This concern was echoed by Brazilians, with 90% of respondents expressing concern, and Spain (also 90%). Given that we rarely see much protest over online privacy coming from India and Brazil, this is certainly a heartening statistic. These emerging economies represent the future of online business, so it's good to know their populations demonstrate a healthy degree of skepticism over data collection online.
-
-### Germans unconcerned
-
-But perhaps the most interesting statistic comes from Germany. According to the survey, Germany was the only country where a majority of respondents (56%) said they were not concerned about their privacy online. How should we read this finding? On the one hand it suggests a worrying level of complacency from the German population. But it's also true that the German government has probably done more than any other western democracy to curtail online privacy violations.
-
-For instance, German courts are still [blocking the implementation of the EU Data Retention Directive][2] and they've [ruled against Google's data gathering practices][3] on more than one occasion. Perhaps the German people have more reason to feel secure (which is the conclusion ComRes has reached)? Or maybe German's are simply more naïve about the level of protection their government offers – especially in light of the recent PRISM revelation.
-
-After Spain and Brazil, Australians are the most concerned about online privacy (85%), followed by Japan (84%), South Korea (81%), France (72%) and the UK (68%). Australians certain have good reason to be extra sensitive to online privacy concerns at the moment, with their government currently considering whether or not to [implement its own mandated data retention law for ISPs][4].
-
-Here are some of the key general stats that the survey found, which show that overall most consumers around the world take a dim few of data collection by companies.
-
-  * Three quarters (79%) globally say they are concerned about their privacy online.
-
-  * Two-fifths (41%) of consumers surveyed globally say that consumers are being harmed by big companies gathering large amounts of personal data for internal use.
-
-  * Two out of three (65%) of consumers surveyed believe that national regulators should do more to force Google to comply with existing regulations concerning online privacy and the protection of personal data.
-
-It's also worth pointing out that ComRes' survey was conducted back in March, way before the recent PRISM scandal broke. It would be certainly interesting to see how consumer attitudes toward online privacy have changed since those revelations. We're guessing it would be for the worse.
-
- [1]: http://www.comres.co.uk/poll/945/big-brother-watch-online-privacy-survey.htm
- [2]: http://europa.eu/rapid/press-release_IP-11-1248_en.htm
- [3]: http://www.itworld.com/security/363895/german-privacy-regulator-begins-action-against-google-over-privacy-policy-changes
- [4]: /blog/australian-data-retention-debate-heats-up/
diff --git a/src/content/es/blog/2013-07-19-uk-gov-publishes-whitewash-investigation-into-prism.md b/src/content/es/blog/2013-07-19-uk-gov-publishes-whitewash-investigation-into-prism.md
deleted file mode 100644
index ade8da4fd..000000000
--- a/src/content/es/blog/2013-07-19-uk-gov-publishes-whitewash-investigation-into-prism.md
+++ /dev/null
@@ -1,49 +0,0 @@
----
-title: UK gov publishes whitewash investigation into PRISM
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-07-19T16:46:04+00:00
-url: /blog/uk-gov-publishes-whitewash-investigation-into-prism/
-heroImage: /images-static/uploads/uk-flag.jpg
-thumbnailImage: /images-static/uploads/uk-flag.jpg
-
----
-The UK Intelligence and Security Committee has attempted to absolve UK authorities of any responsibility in the PRISM scandal and has published the results of an investigation into claims GCHQ along with the NSA violated UK law.
-
-[The investigation][1], headed by Sir Malcom Rifkind, only looked at PRISM and not the [Tempora programme][2], which was specific to the UK intelligence services. Surprise, surprise, Rifkind doesn't find any fault with the UK intelligence services' conduct when it comes to working with US authorities and sharing data on UK citizens.
-
-Rifkind says the most serious allegation against GCHQ is that the organisation acted illegally by accessing communications content via the PRISM programme. This accusation was 
-
-[backed-up by the Guardian][3]'s report on GCHQ's involvement with PRISM and the culture of 'don't ask don't tell' with regards to intelligence information gleaned from the NSA's activities.
-
-Here are the key points on what Rifkind says about the validity of the accusations:
-
-_"It has been alleged that GCHQ circumvented UK law by using the NSA's PRISM programme to access the content of private communications. From the evidence we have seen, we have concluded that this is unfounded._
-
-_We have reviewed the reports that GCHQ produced on the basis of intelligence sought from the US, and we are satisfied that they conformed with GCHQ's statutory duties. The legal authority for this is contained in the Intelligence Services Act 1994._
-
-_Further, in each case where GCHQ sought information from the US, a warrant for interception, signed by a Minister, was already in place, in accordance with the legal safeguards contained in the Regulation of Investigatory Powers Act 2000."_
-
-### Ignoring the bigger picture
-
-Let's take Rifkind's arguments point by point. Number one: Yes there may be no direct evidence that GCHQ circumvented UK law by accessing private communications, but that misses the point of the accusations, which were that the NSA withheld how it obtained most of the communications data from the UK authorities (with GCHQ's consent). It also specifies the "content" of communications and not the metadata surrounding the communications, which appeared to be PRISM's main purpose and was what most of the accusations concerned.
-
-Two: Rifkind reaffirms the statutory basis for PRISM in the 1994 Intelligence Services Act. This justification has already been torn down by others. Yes, maybe no laws have been broken. But how can surveillance legislation drafted in 1994 have any relevance to the internet era, where data mining is taking place on a scale that no one imagined two decades ago. The law clearly isn't fit for purpose.
-
-Three: Rifkind then invokes [RIPA][4], which itself has been the subject of controversy, as it allows so many disparate agencies and authorities the ability to access communications data without a warrant. The government no long records the amount of communication requests made under RIPA, but last count – in 2009 – it stood at [over 500,000 per year][5]. 
-
-### Inadequate laws
-
-However, the ISC's report wasn't a total whitewash. Rifkind does point out the confusion around the laws regarding surveillance in the UK. He admits the currently legal framework is a "complex interaction" between the Human Rights Act, the Intelligence Services Act and RIPA. All of this legislation is rather dated and doesn't take into account the communications shift presented by the internet. This is also something Rifkind thankfully admits, saying:
-
-_"Although we have concluded that GCHQ has not circumvented or attempted to circumvent UK law, it is proper to consider further whether the current statutory framework governing access to private communications remains adequate."_
-
-If the Intelligence Services Committee is saying the current statutory framework governing access to private communications may be inadequate, then politicians should pay close attention.    
-
- [1]: https://b1cba9b3-a-5e6631fd-s-sites.googlegroups.com/a/independent.gov.uk/isc/files/20130717_ISC_statement_GCHQ.pdf?attachauth=ANoY7comP8t2Pbhm9n4XFmfl_TirWToTDfGE4yAxr9Iob9wXN_2VtGocBIutCEXgZj4eVb-eZ8JWFoDj7MyTLzYYA5RV9O3xRfZSTHxbHXxCz5P_sDvJSfv4bXZAQh2jqmlLDuZg2L5ZN5hnTd2cnyoae5WdvwDS0M-Mxc-IHODWrn9So59MryX-2sSJ5QipEwxEoFWrFho4Cz7zocgcieThujbCVSy0wsRIjo-lPcfUXRLnPLVcQZA%3D&attredirects=0
- [2]: http://www.guardian.co.uk/uk/2013/jun/21/gchq-cables-secret-world-communications-nsa
- [3]: http://www.guardian.co.uk/commentisfree/2013/jun/11/surveilllance-about-power-as-much-as-privacy
- [4]: http://en.wikipedia.org/wiki/Regulation_of_Investigatory_Powers_Act_2000
- [5]: /data-retention-laws/united-kingdom
diff --git a/src/content/es/blog/2013-07-28-vpn-privacy-policies-decoded-boxpn.md b/src/content/es/blog/2013-07-28-vpn-privacy-policies-decoded-boxpn.md
deleted file mode 100644
index 49c2edc2f..000000000
--- a/src/content/es/blog/2013-07-28-vpn-privacy-policies-decoded-boxpn.md
+++ /dev/null
@@ -1,60 +0,0 @@
----
-title: 'VPN privacy policies decoded: Boxpn'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-07-28T13:20:19+00:00
-url: /blog/vpn-privacy-policies-decoded-boxpn/
-heroImage: /images-static/uploads/boxpn1.png
-thumbnailImage: /images-static/uploads/boxpn1.png
-comments:
-  - author: Wong
-    date: 2015-01-29T09:24:19+01:00
-    content: |
-      I will say about my experience .
-  
-      Earlier, I tried a lot of VPN including paid . Connection problems , low speed were commonplace. but by far the best in my case , was the boxpn . Not without problems, but it's the best of what I've tried, with best cost/quality ratio.
-
----
-_This post is [part of a series ][1]reviewing the privacy policies of popular VPN services. The aim is to find out whether the VPN takes customer privacy seriously. This is not intended as a review of a VPN service, which would need to take into account a number of other factors. For more privacy guides and our criteria for reviewing them, [click here][1]._
-
-Boxpn is a VPN service owned by Cakinberk Telekom, a company based in Turkey. The platform has a wide range of servers across the US and Europe. But how does its privacy policy stack-up?
-
-Boxpn has a straightforward and very short <a href="https://www.boxpn.com/PrivacyPolicy.aspx" rel="nofollow">privacy policy</a>, which covers the basics relatively well and suggests the company does take its users' privacy seriously. Boxpn says it "does not collect any information of it's clients activities on any network [sic]. Hence no information is collected, there is no information to provide any 3rd parties." which is clear and to the point.
-
-### Logging
-
-However, as we've seen with other VPN privacy policies, Boxpn is also a bit vague on its logging practices. Here's what it says:
-
-_"boxpn global network firewalls and security softwares only collect network utilisation data which is strictly necessary for the technical functioning of the service, for example IP address and hardware utilisation."_
-
-As we've explained previously, collecting and storing network data is a very common practice for VPNs, because it allows us to optimise the network and troubleshoot any problems. So it's fine that Boxpn is doing this. However, the key issue is what data is being stored and – more importantly – how long is that data being stored for?
-
-For example, [with Hide My Ass][2] we found out server connection times were being stored for two years. Such a long period of data retention is not really necessary for troubleshooting a network and only really makes sense if you want to provide a third party with historical information to track users' web activity. Most VPNs serious about privacy will not store this data for any more than a week or so and ideally less than 24 hours. We can give Boxpn the benefit of the doubt, but on this point, it should be clearer.
-
-### Cookies and ads
-
-When it comes to advertising data and cookies Boxpn says this:
-
-_"boxpn will not sell, rent, or give away any of your personal information without your consent. It is our overriding privacy principle that any personal information you provide to us is just that: private. We do not presume that you are granting us permission to share your personal information with third parties wanting to sell you products or services that you have not requested."_
-
-Unlike some of the other VPNs we've looked at, this paragraph shows Boxpn is serious about the collection of ad data. However, we did run Ghostery on Boxpn's site and found a couple of ad trackers present, such as Doubleclick, which collects anonymous data. Doubleclick does not necessarily share data with third parties, but it can if the publisher (i.e. Boxpn) is part of an ad network. The Guardian [sums this up pretty well here][3].
-
-When it comes to entities trying to obtain user data Boxpn says this:
-
-_"Pressure from private actors to obtain any data (including but not limited to IP address of users) if it's an illegal act and boxpn, in order to protect its business and the users' privacy, reserves the right to inform the competent authorities and prosecute the private entities responsible for such illegal acts [sic]."_
-
-Due to the grammatical errors this paragraph isn't very clear. As we point out in our guidelines, clear English is essential for any privacy policy. The paragraph appears to be copied from AirVPN's <a href="https://airvpn.org/privacy/" rel="nofollow">privacy policy</a> and should read:
-
-_"Pressure from private actors to obtain any data (including but not limited to IP address of users) is an illegal act and Air, in order to protect its business and the users' privacy, reserves the right to inform the competent authorities and prosecute the private entities responsible for such illegal acts."_
-
-So despite the grammatical inaccuracies Boxpn's policy, once understood, is on the side of its users.
-
-### To sum up&#8230;
-
-Overall Boxpn does seem to take privacy seriously, but it could be more clear with regards to how long it logs data and in other sections. There's also no information on what happens if laws change in Boxpn's jurisdiction regarding VPN services.
-
- [1]: /blog/vpn-privacy-policies-decoded/
- [2]: /blog/vpn-privacy-policies-decoded-hide-my-ass/
- [3]: http://www.guardian.co.uk/technology/2012/apr/23/doubleclick-tracking-trackers-cookies-web-monitoring
diff --git a/src/content/es/blog/2013-08-20-prism-is-the-biggest-influence-on-vpn-sign-ups.md b/src/content/es/blog/2013-08-20-prism-is-the-biggest-influence-on-vpn-sign-ups.md
deleted file mode 100644
index 30c05d30c..000000000
--- a/src/content/es/blog/2013-08-20-prism-is-the-biggest-influence-on-vpn-sign-ups.md
+++ /dev/null
@@ -1,60 +0,0 @@
----
-title: PRISM is the biggest influence on VPN sign-ups
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-08-20T16:22:14+00:00
-url: /blog/prism-is-the-biggest-influence-on-vpn-sign-ups/
-heroImage: /images-static/uploads/vpn-privacy-policies.jpg
-thumbnailImage: /images-static/uploads/vpn-privacy-policies.jpg
-comments:
-  - author: Uwnthesis
-    date: 2013-08-25T17:23:27+02:00
-    content: |
-      Extra brownie points for bedtime reading:
-
-      Prism break
-        
-      <a href="https://prism-break.org/" rel="nofollow ugc">https://prism-break.org/</a>
-
-      Caution not to use USA based companies due to FISA
-        
-      <a href="http://www.alexanderhanff.com/prism-break-dangerously-misleading" rel="nofollow ugc">http://www.alexanderhanff.com/prism-break-dangerously-misleading</a>
-
-      From what I understand, USA "data collectors" such as Google, Facebook and Twitter are to be avoided at all costs.
-
-      Prism is a major business opportunity for Europe, if we choose to take it. The lost of $35billion to US tech companies means more European Jobs. We just have to reach out and generate those jobs - by offering what an American corporation cannot - Data Protection.
-
----
-Edward Snowden's revelations over the [NSA's PRISM programme][1] is the biggest influence on people signing-up to a VPN, according to IVPN's recent survey. A total of 1,054 people responded to our survey, which asked them to choose which recent pieces of proposed legislation and enacted laws - if any - caused them to sign-up to a Virtual Private Network service.
-
-Admittedly, we didn't cover every privacy-threatening programme out there. But the results were interesting nonetheless. As we mentioned the biggest driver of VPN sign-ups was PRISM, with a 28.08% share of the vote. This appears to be supported by our own increase in subscriptions. We saw a 56% increase in sign-ups to IVPN during June and July, compared to the previous two months (the PRISM revelations broke on June 6). We also saw a 15.6% increase in unique visitors to the site  and a 29.2% increase in page views. Here are the full results of the survey:
-
-**Which of the following was the biggest influence in your decision to sign-up to a VPN:**
-
-  * PRISM revelations: 28.06%
-  * The EU Data Retention Directive: 9.57%
-  * The CCDP ('Snooper's Charter): 2.37%
-  * SOPA: 8.44%
-  * ACTA: 2.84%
-  * TPP: 2.37%
-  * The Patriot Act: 11.28%
-  * CISPA: 8.34%
-  * Other: 6.26%
-  * None: 20.47%
-
-After PRISM, the next single biggest influence on VPN sign-ups was the [US Patriot Act][2] (11.2% of the vote), which some say allowed PRISM to operate [without seemingly breaking any US laws][3]. Closely following the Patriot Act was the [European Data Retention Directive][4] with 9.5% of the vote. The EU Data Retention Directive, which was enacted in 2006, mandates that all European ISPs store user data, including web logs, billing info and more, during a user's subscription period, and up to 2 years after they leave the service.
-
-The defeated [SOPA bill][5] was up next with 8.4% of the vote, which we expected to be higher given the amount of publicity and anger around SOPA, followed by the shelved [CISPA legislation][6] (which seems somewhat quaint now following the PRISM!)
-
-A very big chunk of the vote went to 'None of the above' (20.4%) and Other (6.2%), which suggests a lot of people are concerned about various issues. We allowed respondents to submit their own reasons for signing-up and what we got back was a mixed bag. DMCA notices featured prominently in people's responses, as did secure Wi-Fi hot spot access. Legislation from different countries, such as Norway, Russia and Brazil were also represented, which does highlight the UK/USA-centric nature of the survey. There were also some rather funny justifications, which are worth sharing, our favorite being "the general cuntness of the UK authorities" and "fucking Pakistani idiots.
-
-Obviously using a VPN or TOR is not going to stop the NSA from reading your Gmail inbox, so in a technical sense, using a VPN specifically to counter PRISM isn't going to work. But at least the mass media coverage of PRISM appears to be pushing the idea of online surveillance into the public consciousness on a much larger scale than previous controversies. The fact PRISM is driving VPN usage probably doesn't come as much surprise, but it does suggest that, while there's little popular protest is taking place, internet users are at least increasingly taking online privacy seriously. 
-
- [1]: http://www.theguardian.com/world/prism
- [2]: http://en.wikipedia.org/wiki/Patriot_act
- [3]: http://www.slate.com/blogs/weigel/2013/06/07/nsa_prism_scandal_what_patriot_act_section_215_does.html
- [4]: http://en.wikipedia.org/wiki/Data_Retention_Directive
- [5]: http://en.wikipedia.org/wiki/Sopa
- [6]: http://en.wikipedia.org/wiki/CISPA
diff --git a/src/content/es/blog/2013-09-18-the-onion-router-under-fire.md b/src/content/es/blog/2013-09-18-the-onion-router-under-fire.md
deleted file mode 100644
index 6db68c19c..000000000
--- a/src/content/es/blog/2013-09-18-the-onion-router-under-fire.md
+++ /dev/null
@@ -1,35 +0,0 @@
----
-title: The Onion Router under fire
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-09-18T19:06:59+00:00
-url: /blog/the-onion-router-under-fire/
-heroImage: /images-static/uploads/Tor-Proje.png
-thumbnailImage: /images-static/uploads/Tor-Proje.png
-
----
-Anonymity tool The Onion Router (TOR) has had a pretty rough few months, following confirmation that the FBI used an security flaw in the Tor Browser Bundle to install malware on its users' computers.
-
-Despite offering our own privacy platform we're big supporters of TOR and think it's generally a secure platform to use (you can take a look at [some of our guides on TOR right here][1]). But this week's confirmation that [the FBI hacked TOR servers as part of an investigation][2] into child pornography is a good reminder that the platform does have its vulnerabilities. 
-
-The target of the FBI's investigation was Irish-US citizen Eric Marques. The FBI described Marques as the "largest faciliator of child porn on the planet." According to the FBI, Marques operated Freedom Hosting, which hosted more than 100 child porn sites, which in turn supported thousands of members who had collectively posted millions of images. Freedom Hosting offered ".onion" domains that could only be reached via the Tor network.
-
-In July the FBI seized control of Freedom Hosting and modified its sites to serve malware that targeted users of the [Tor Browser Bundle][3] (a version of Firefox customised for TOR use). The malware appeared to transmit the unique MAC address of infected PCs, allowing the FBI to identify users' IP addresses.
-
-**TOR popular with bot nets**
-
-The TOR Browser Bundle has since been fixed to protect users from the security flaw the FBI exploited. But TOR has faced more bad press with a report from the University of Luxembourg, which analysed TOR's traffic types. The [researchers used another exploit in TOR][4], which allowed the researchers to collect data on TOR users and see kind of content they were accessing via the network. The researchers say they achieved this "with only a moderate amount of resources."
-
-The security flaw was fixed a few months ago, but the results of the research were not good publicity for TOR, which mainly promotes itself as a tool for online freedom activists and people living under censorious regimes. The researchers found the top five most popular TOR addresses belonged to botnet command and control servers. The researchers also found that in total there was balance between the number of hidden services with illegal content/activites and those devoted to human rights and freedom of speech. It's also worth noting that the research was only counting hidden TOR services. Many TOR users will obviously be using the platform to access regular, non-hidden, websites.
-
-**Stay vigilant** 
-
-Hopefully TOR hasn't been too damaged by these revelations and can continue to gain the trust of its users by rapidly fixing flaws and addressing concerns. But it's worth remembering that pretty much every privacy tool will have its vulnerabilities. If you want to achieve a great level of protection you should [probably look into combining platforms like TOR with a VPN][5].
-
- [1]: /privacy-guides/an-introduction-to-tor-vs-i2p/
- [2]: http://www.wired.com/threatlevel/2013/09/freedom-hosting-fbi/
- [3]: https://www.torproject.org/projects/torbrowser.html.en
- [4]: http://www.technologyreview.com/view/519186/security-flaw-shows-tor-anonymity-network-dominated-by-botnet-command-and-control/
- [5]: /privacy-guides/why-use-tor-with-a-vpn-service/
\ No newline at end of file
diff --git a/src/content/es/blog/2013-09-28-top-five-threats-to-online-privacy-2013.md b/src/content/es/blog/2013-09-28-top-five-threats-to-online-privacy-2013.md
deleted file mode 100644
index 3ac77cecd..000000000
--- a/src/content/es/blog/2013-09-28-top-five-threats-to-online-privacy-2013.md
+++ /dev/null
@@ -1,38 +0,0 @@
----
-title: Top threats to online privacy 2013
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-09-28T13:07:59+00:00
-url: /blog/top-five-threats-to-online-privacy-2013/
-
----
-The likes of SOPA, ACTA and CISPA may be behind us, but that doesn't mean there still aren't a number of legislative threats against online privacy looming on the horizon. From the Trans Pacific Partnership, to the UK's impending porn filter, Western governments are continuing to try and curtail internet freedoms. Here are a few of the top threats incoming.
-
-
-**UK porn filter**
-
-Under pressure from worried parents and feminist campaigners, the UK government is planning on introducing an opt-in "porn filter" for UK ISPs. The filter would require anyone who wants to look at content deemed to be "pornography" to request their ISP opt them out of the filter. The stupidity of the idea has been [well-illustrated by others][1], so we won't go into that now, but there's also a privacy implication. If the government creates a list of websites that are censored by default (and according to reports this will [include very broad areas such as "esoteric content][2]"), then you can be sure anyone who has opted into seeing that content will be immediately more prone to surveillance than those who do not.
-
-**The evolution of PRISM**
-
-Enough digital ink has been [spilled over PRISM][3] by now, so we're sure you guys know what the programme involves (hint: it involves the NSA mining data from the servers of some of the biggest internet companies out there). Depending on your level of optimism there's a question over what the US government will do now its activities are out in the open. Another interesting point is that there are still [some US politicians pushing for a new version of CISPA][4] to be introduced to the senate. In case you don't remember, CISPA was all about facilitating the sharing of data between internet companies and law enforcement. The bill was passed in the House of Representatives, but failed to make it to the Senate. Perhaps it's existence demonstrates how murky and underground the PRISM programme really was. Why would politicians be called for CISPA when law enforcement was already happily mining the data anyway (and legally, if you believe the Obama administration)? 
-
-**TPP**
-
-The [Trans Pacific Partnership is multi-national trade agreement][5] that's being negotiated between 12 nations – specifically, the USA, Australia, Peru, Malaysia, New Zealand, Chile, Singapore and Brunei, Canada, Mexico and – most recently - Japan.The TPP has been billed by activists as an attempt to get the failed SOPA legislation passed through the back door. It contains a section dedicated to intellectual property, [which the EFF says][5] is "far more restrictive than currently required by international treaties, included the controversial ACTA" and "puts at risk some the most fundamental rights" that enable access to information. The TPP is being negotiated behind closed doors and with hardly any public consultation. The biggest problem with the TPP is that it's a truly multinational piece of legislation that could be pressured onto other countries, outside of the group, and used to create a global standard of IP enforcement. 
-
-**Data retention legislation**
-
-The entire EU (with [a few notable exceptions][6]) is subject to the [EU Data Retention Directive][7], which mandates all ISPs store user data (such as web logs, addresses and billing info) for between one and two years after an individual leaves the ISP's service. Although the Data Retention Directive is rarely discussed, it's probably one of the worst pieces of legislation ever passed when it comes to online privacy. The precedent set by the EU has encouraged other countries to try and follow the example, with the [US and Australia considering similar legislation][8] (although some [US ISPs are already storing data without being legally compelled to do so][9]). Definitely something to keep an eye on.
-
- [1]: http://paidcontent.org/2013/07/22/the-uks-opt-in-system-for-porn-is-a-terrible-idea-and-heres-why/
- [2]: http://www.huffingtonpost.com/2013/07/29/uk-internet-filter-block-more-than-porn_n_3670771.html
- [3]: http://www.theguardian.com/world/prism
- [4]: http://rt.com/usa/feinstein-cispa-cyber-security-342/
- [5]: https://www.eff.org/issues/tpp
- [6]: http://europa.eu/rapid/press-release_IP-12-530_en.htm
- [7]: http://en.wikipedia.org/wiki/Data_Retention_Directive
- [8]: http://news.cnet.com/8301-13578_3-57575160-38/congressman-endorses-data-retention-law-then-backs-away/
- [9]: http://www.wired.com/threatlevel/2011/09/cellular-customer-data/
\ No newline at end of file
diff --git a/src/content/es/blog/2013-10-23-vpn-privacy-policies-decoded-vyprvpn.md b/src/content/es/blog/2013-10-23-vpn-privacy-policies-decoded-vyprvpn.md
deleted file mode 100644
index c7856bd98..000000000
--- a/src/content/es/blog/2013-10-23-vpn-privacy-policies-decoded-vyprvpn.md
+++ /dev/null
@@ -1,61 +0,0 @@
----
-title: 'VPN privacy policies decoded: VyprVPN'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-10-23T10:49:36+00:00
-url: /blog/vpn-privacy-policies-decoded-vyprvpn/
-comments:
-  - author: Dundale
-    date: 2013-10-24T06:21:12+02:00
-    content: |
-      So basically you are paying really for encryption that can still be read if required.
-  
-      Tsk, I would never sign up for one like that. Glad ivpn is honest also about its logging of private information.
-
----
-_This post is [part of a series][1] reviewing the privacy policies of popular VPN services. The aim is to find out whether the VPN takes customer privacy seriously. This is not intended as a review of a VPN service, which would need to take into account a number of other factors. For more privacy guides and our criteria for reviewing them, [click here][2]._
-
-VyprVPN is a popular and long-running VPN service set-up by Golden Frog, which also runs the Dump Truck secure online storage service. Golden Frog and VyprVPN are headquartered in the US and operate servers in across Asia, Europe and North America. So how does <a href="http://www.goldenfrog.com/privacy" rel="nofollow">VyprVPN's privacy policy</a> stack-up?
-
-**Clarity**
-
-First of all, VyprVPN has done a good job at making its privacy policy comprehensive and easy-to-read. Unlike many other privacy policies we've reviewed you're not left wondering where VyprVPN stands on the key issues. There are a few things that could've been included, such as how VyprVPN will react to changes in VPN-related laws in its jurisdiction, but overall the language used is very clear and the policy gets straight to the point.
-
-**Logging**
-
-VyprVPN is pretty upfront about what data it collects and says the following:
-
-> [Session data] is maintained for use with billing, troubleshooting, service offering evaluation, TOS issues, AUP issues, and for handling crimes performed over the service. We maintain this level of information on a per-session basis for at least 90 days. We may keep upload & download bytes at an aggregate level for longer periods of time.
-
-As we've outlined more than once in this series, there's no real reason to log data for much longer than a couple of weeks - if your aim is troubleshooting network issues and other such maintenance. A three month retention period will be implemented to help VyprVPN determine if anyone is violating its terms of service (which it clearly states in the above paragraph). This is where you have to ask yourself just how private VyprVPN service really is. <a href="http://www.goldenfrog.com/terms-of-service" rel="nofollow">The TOS include</a> the following prohibited activities:
-
-  * Spamming (e-mail, Usenet, message boards, etc.)
-  * Copyright, trademark, and patent infringement.
-  * Defamatory or abusive language
-  * IP Spoofing
-  * Illegal or unauthorized access to other computers or networks
-  * Distribution of Internet viruses, worms or other destructive activities
-  * Export control violations
-  * All other illegal activities
-
-Most of that seems reasonable enough, but there's always going to be grey areas. "Abusive language," for instance, covers a very wide-spectrum of behavior and can mean different things to different people. "All other illegal activities" can mean different things in different jurisdictions. A relevant example is the [internet TV service Aereo][3], which while legal in a number of states in the US, is currently facing challenges to its legality in other states.
-
-**Cookies and data**
-
-VyprVPN and Golden Frog uses cookies on its site to collect data on users, but it's very clear about not sharing "personally identifiable" information with "affiliates, independent contractors, business partners or outside entities for marketing purposes or otherwise." This is good to hear. A Ghostery check reveals seven trackers on the main site, including Doubleclick, which does not necessarily share data with third parties, but it can [if the publisher is part of an ad network.][4]
-
-**Criminal and civil investigations**
-
-One welcome aspect of VyprVPN's privacy policy, which is often not included by other VPNs, is a clear outline of how it responds to civil and criminal investigations. Basically Golden Frog says it will only release personally identifiable information if served with a subpoena. But the key point to remember is that VyprVPN will have at least three months of activity logged and ready to hand over. There are [plenty of other VPNs out there][5] that don't store this information for any significant length of time.
-
-**To sum up&#8230;**
-
-VyprVPN is honest, upfront and clear in its privacy policy, but its 90 day data retention period leaves a lot to be desired, especially when there are many other VPNs out there who only store data for network troubleshooting purposes.
-
- [1]: /blog/vpn-privacy-policies-decoded/
- [2]: /blog/vpn-privacy-policies-decoded/
- [3]: http://en.wikipedia.org/wiki/Aereo
- [4]: http://www.theguardian.com/technology/2012/apr/23/doubleclick-tracking-trackers-cookies-web-monitoring
- [5]: http://torrentfreak.com/vpn-services-that-take-your-anonymity-seriously-2013-edition-130302/
diff --git a/src/content/es/blog/2013-11-07-ivpn-launches-new-privacy-guides.md b/src/content/es/blog/2013-11-07-ivpn-launches-new-privacy-guides.md
deleted file mode 100644
index 31404e107..000000000
--- a/src/content/es/blog/2013-11-07-ivpn-launches-new-privacy-guides.md
+++ /dev/null
@@ -1,32 +0,0 @@
----
-title: IVPN launches new in-depth online privacy guides
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-11-07T08:47:26+00:00
-url: /blog/ivpn-launches-new-privacy-guides/
-heroImage: /images-static/uploads/IVPN-Privacy-Guides-600x390.png
-thumbnailImage: /images-static/uploads/IVPN-Privacy-Guides-600x390.png
-
----
-Given the constant attacks on online privacy, from both government agencies and corporate interests, the practice of keeping your data private and secure has never been more relevant nor more important.
-
-However, the online privacy landscape can often look incredibly arcane and complicated to outsiders. While using tools such as VPNs and TOR is fairly straight forward, it's often difficult to find clear and concise information on going beyond this to achieve a much greater level of privacy.
-
-That's why we've created a new series of [freely available privacy guides][1] that offer both an overview of online privacy basics and step-by-step guides for much deeper privacy protection.
-
-We've got a general [introduction to privacy and anonymity][2], [TOR vs I2P][3], [applying risk management to privacy][4] and the benefits of [using TOR with a VPN][5].
-
-But our biggest addition is our [new eight-part guide][6] on using Virtual Machines, VPNs and TOR.
-
-This guide covers creating a basic setup using multiple workspace VMs, advanced VM and VPN set-ups, explanations on how to set-up Linux hosting machines for numerous VMs, creating pfSense router/firewall VMs, paying for VPNs anonymously and creating nest chains of VPNs and TOR. Perfect if you're looking for a comprehensive guide to going beyond VPNs and TOR.
-
-Be sure to check our [privacy guide section][1] regularly, as we'll be adding additional guides over the coming months.
-
- [1]: /privacy-guides/
- [2]: /privacy-guides/an-introduction-to-privacy-anonymity/
- [3]: /privacy-guides/an-introduction-to-tor-vs-i2p/
- [4]: /privacy-guides/applying-risk-management-to-privacy/
- [5]: /privacy-guides/why-use-tor-with-a-vpn-service/
- [6]: /privacy-guides/advanced-privacy-and-anonymity-part-1/
\ No newline at end of file
diff --git a/src/content/es/blog/2013-11-15-european-parliament-eu-surveillance-programmes-are-incompatible-with-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md b/src/content/es/blog/2013-11-15-european-parliament-eu-surveillance-programmes-are-incompatible-with-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md
deleted file mode 100644
index 1192bc738..000000000
--- a/src/content/es/blog/2013-11-15-european-parliament-eu-surveillance-programmes-are-incompatible-with-fundamental-human-rights-of-citizens-and-residents-in-the-eu.md
+++ /dev/null
@@ -1,29 +0,0 @@
----
-title: 'European Parliament: "EU surveillance programmes are incompatible with fundamental human rights of citizens and residents in the EU"'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-11-15T10:06:09+00:00
-url: /blog/european-parliament-eu-surveillance-programmes-are-incompatible-with-fundamental-human-rights-of-citizens-and-residents-in-the-eu/
-heroImage: /images-static/uploads/flag_yellow_low.jpg
-thumbnailImage: /images-static/uploads/flag_yellow_low.jpg
-
----
-A European Parliament [report on state surveillance][1] says current programmes are "incompatible" with the human rights of EU residents and all state surveillance must be framed "in terms of collective freedoms and democracy," rather than "data protection and national security."
-
-[The study][1], which was commissioned by the [European Parliament's Committee on Civil Liberties, Justice and Home Affairs][2], says:
-
-> From a legal point of view, EU surveillance programmes are incompatible with minimum democratic rule of law standards and compromise the security and fundamental human rights of citizens and residents in the EU.
-
-The study also makes it clear that the PRISM revelations are markedly different from past security service "transgressions," as they involve "access to a much larger scale of data" than former programmes.
-
-The authors go further to say the "purpose and scale" of any surveillance programme is "at the core of what differentiates democratic regimes and police states." It adds the "two key issues" that remain unclear over the PRISM revelations are: "what/who are the ultimate targets of this surveillance exercise, and how are data collected, processed, filtered and analysed?"
-
-The paper mainly focuses on the US' ability to compromise the privacy of EU citizens, while highlighting the UK's complicity. Interestingly the authors say very little about the EU's own mass surveillance programme, namely the [EU Data Retention Directive][3], which mandates that all European ISPs hold onto customer web logs, and other data, for the entirety of the subscription and up to two years after they leave the service.
-
-Obviously, we expect very little to change regarding the European Union's reaction to the NSA's revelations. The report's suggestion of a new international treaty, in order to protect the world from the US' security agencies, is unlikely to materialise. So far, apart from Angela Merkel impotent noise over the US' monitoring of phone calls, the EU has been useless in terms of doing its job and protecting citizens from foreign spy agencies.
-
- [1]: http://cryptome.org/2013/11/eu-mass-spying.pdf
- [2]: http://www.europarl.europa.eu/committees/en/libe/home.html
- [3]: http://en.wikipedia.org/wiki/Data_Retention_Directive
\ No newline at end of file
diff --git a/src/content/es/blog/2013-11-21-new-windows-vpn-client.md b/src/content/es/blog/2013-11-21-new-windows-vpn-client.md
deleted file mode 100644
index 37afca293..000000000
--- a/src/content/es/blog/2013-11-21-new-windows-vpn-client.md
+++ /dev/null
@@ -1,40 +0,0 @@
----
-title: Beta Windows IVPN Client
-authors: ["Ed Holden"]
-categories: ["Releases"]
-tags: ["Apps"]
-draft: false
-date: 2013-11-21T10:32:48+00:00
-url: /blog/new-windows-vpn-client/
-comments:
-  - author: willy
-    date: 2013-12-14T18:59:02+01:00
-    content: |
-      Any plans on releasing a Mac and Linux version with the same features?
-  - author: Ed Holden
-    date: 2013-12-15T20:17:31+01:00
-    content: |
-      Yes, we have a Mac OSX client in active development that will have the exact same feature set as the Windows client. However we have not yet starting working on a Linux client due to demand (most Linux users run OpenVPN as a service) but its very possible that we will develop one in the near future.
-  - author: head
-    date: 2014-03-17T06:14:41+01:00
-    content: |
-      Are there any command line parameters for this program?
-
----
-Today we are pleased to announce the first beta of our Windows VPN client for XP/Vista/Windows 7/8. We have incorporated the most popular feature requests. All customer are invited to test the Beta version and submit any feedback. The final version which will include significantly more features should be released before the end of February 2014.
-
-![IVPN Beta Client Home](/images-static/uploads/ivpn-client-beta-main.png "IVPN Beta Client Home")
-![ivpn-client-beta-settings](/images-static/uploads/ivpn-client-beta-settings.png "ivpn-client-beta-settings")
-
-
-## Features
-
-  * **Full Privacy leak detection/alert and blocking** - The application will immediately block all connections and alert the user with a popup screen when it detects that traffic may flow outside of the VPN e.g. if there is a disconnection for any reason. No traffic can flow (incoming and outgoing) until the user explicitly clicks on the 'unblock' button. Note, this feature is not available on Windows XP.
-  ![ivpn-client-beta-warning](/images-static/uploads/ivpn-client-beta-warning.png "ivpn-client-beta-warning")
-  * **Fully automated updates of new VPN gateways** - The application will transparently check for a cryptographically signed list of servers every few minutes. This means that we can deploy new servers and you will have them available within minutes. The server list is cryptographically signed to ensure the integrity of the data i.e. no MITM attacks where the server IP's are changed to one under the adversaries control.
-  * **Notification of upgrades** - When we publish a new version you will receive a notification within the application that a new version is available to download.
-  * **Start at login** - Ensure that the application is always loaded when the operating system starts.
-  * **Automatically connect to last server on startup**  - If you always connect to the same server you can now have the application connect automatically on startup.
-  * **Automatically connect to last server when joining insecure Wi-Fi** - If you connect to a Wi-Fi network without encryption enabled the client will automatically establish a VPN connection to the last server you connected to.
-  * **Built in OBFS Proxy** - If you are located in a jurisdiction where OpenVPN is blocked you can enable the built in OBFS Proxy software to obfuscate your connection to the VPN server, bypassing common Internet filtering systems.
-  * **Additional ports** - You can now connect to all singlehop servers on UDP/53 and TCP 80. UDP/53 is commonly used for DNS request traffic and is often open when all other ports are blocked.
diff --git a/src/content/es/blog/2013-11-30-five-reasons-uk-politicians-hate-internet.md b/src/content/es/blog/2013-11-30-five-reasons-uk-politicians-hate-internet.md
deleted file mode 100644
index d98881dee..000000000
--- a/src/content/es/blog/2013-11-30-five-reasons-uk-politicians-hate-internet.md
+++ /dev/null
@@ -1,93 +0,0 @@
----
-title: Five reasons why UK politicians hate the internet
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-11-30T08:48:19+00:00
-url: /blog/five-reasons-uk-politicians-hate-internet/
-heroImage: /images-static/uploads/uk-flag.jpg
-thumbnailImage: /images-static/uploads/uk-flag.jpg
-
----
-The World Wide Web may have been created by a Brit but in the last 15 years the UK government has shown nothing but disdain for online liberties and online privacy. In fact, out of all western nations, we reckon the UK is probably the most draconian and heavy handed in its approach to managing and controlling its own citizens in the online space, and - unlike the US' PRISM program - most of this has been done out in the open.
-
-So here's five reasons, in no particular order, demonstrating how rotten the UK government really is when it comes to web. Disagree with us? Think your country's government has a worse record? Let us know in the comments below.
-
-**Snoopers' Charter**
-
-![We wonder what's in Theresa May's search history... leave your suggestions below!](/images-static/uploads/398px-Theresa_May_-_Home_Secretary_and_minister_for_women_and_equality.jpg "We wonder what's in Theresa May's search history... leave your suggestions below!")
-
-We wonder what's in Theresa May's search history&#8230; leave your suggestions below!
-
-If it were left up to the current Tory government and the poisonous home secretary Theresa May, the Communications Capability Development Programme, [or 'Snoopers' Charter,'][1] would have been quietly [ushered into the Queen's Speech back in 2012][2], ready to be brought into effect in 2014. Thankfully, the plans were leaked to the media beforehand, and there was enough furore for coalition partners, the Lib Dems, to regain some of its backbone [by opposing it.][3]
-
-In case you didn't know the Snooper's Charter is the government's attempt to force ISPs into monitoring a whole range of internet activities, including emails, social media activity and the websites you've visited (although this last activity is believed to already be legal under the EU Data Retention Directive – see below).
-
-Despite the subsequent PRISM revelations, we probably still haven't seen the back of the Snooper's Charter. The head of counter-terrorism is [still pushing for the bill to be implemented][4] and Theresa May's cynical campaign of scaremongering - which tried to [smear opponents of the bill as paedophile-sympathisers][5] - seems to have [swayed the minds of the British population][6]. Labour have suggested they oppose the bill, but Labour have a god awful record when it comes to online privacy (see below), so they're more likely than the coalition to push a similar bill through if they have a majority in 2015.
-
-**Data retention pioneer**
-
-Everyone is talking about PRISM, but there's already a programme of mass online surveillance in full effect, and it's legally mandated, and out in the open. The [EU Data Retention Directive][7] has been in operation since 2006 in the majority of EU countries, although there are a few - including Germany - who thankfully have a judiciary independent enough to [fight for the rights of its citizens][8].
-
-The EU Data Retention Directive is probably the worst piece of anti-online privacy legislation ever enacted in the western world. The directive [forces all ISPs to record communication logs and personal information][9] during your subscription, and then store that data for up to two years after you leave their service.
-
-But before all you UKIP lovers start blaming the EU for oppressing member states, realise the UK Labour government was forcing ISPs to retain data as part of anti-terrorism legislation years before it was forced upon the rest of Europe. In fact, [the UK pioneered this type of mass data retention][10] following 9/11 and was [the directive's biggest cheerleader on the continent][11], in the face of protestations from other EU countries. So yes, while Theresa May is a foul human being, remember the situation was no different under successive Labour home secretaries.
-
-![Why on earth is this thing telling us what we can look at on the internet?](/images-static/uploads/David_Cameron_official.jpg)
-
-Why on earth is this thing telling us what we can look at on the internet?
-
-**Porn filter and censorship**
-
-The UK's [incoming ISP-level porn filter][12], and the recently announced [banning of fake rape porn][13], is a wonderful example of political scaremongering and deceit. The Tory government and the Home Office masterfully [managed to conflate the issues][14] of child pornography, with the danger of legal porn being accessed by children.
-
-There was no real public consultation about the issue and no real examination on whether such a filter would even work (and nearly all experts agreed it wouldn't). Everyone from [Wikipedia][15], to [MumsNet opposed the idea.][16] But dissent on the right wing was muffled by Daily Mail-style morality, while dissent on the left was curbed by feminists whose knee-jerk hatred of pornography prevented any rational thinking.
-
-Obviously none of the above really matters, because the porn filter isn't really about porn. The filter is just another tool the government can use to exert some control over online content. Remember the filter's official mandate already goes [well beyond pornography][17], extending to everything from "esoteric content" (those poor pagans) to [VPN sites like this one][18] (yep, if you want to view this blog you'll have to 'do an Alan Patridge' and beg your ISP to "turn on the porn please"). Plus the definition of pornography itself is very much open to interpretation.
-
-![Why on earth is this thing telling us what we can look at on the internet?](/images-static/uploads/Charles_Clarke_bungling_home_secretary.jpg)
-
-Labour home secretary Charles Clarke played a big role pushing for data retention in Europe. With ears that big he probably already knows what you've been talking about offline.
-
-Once the filter is established it sets a precedent. Any enhancements, or replacements, to the filter can be easily slipped in by the government without a real debate, and the amount of filtered content will just get broader and broader. Yes, the filter is crude today, but it will get more sophisticated over time (that's inevitable) – and such leaps forward will occur completely under the radar. Congratulations. The government now has a list of every household in the UK that wants access to content it does not agree with.
-
-**RIPA**
-
-The [Regulation of Investigatory Powers Act][19] was enacted in 2000 by the Labour government, in order to deal with the change in communication habits instigated by the internet (the same justification being used for the Snoopers Charter). The legislation basically allows a whole raft of public bodies to access all the private data being hoovered up by data retention programmes. It also allows public bodies to demand citizens hand over passwords to protected information, enables public bodies to request an ISP (or indeed a VPN) monitor specific individuals, and allows these warrants to be kept secret.
-
-So who are these public bodies that can access our data? Well interceptions are restricted to the sorts of agencies you'd expect, such as GCHQ and law enforcement. But when it comes to data that's already been collected (by programmes such as the above mentioned Data Retention Directive) hundreds public bodies have permissions, [including over 470 local authorities][20]. In 2008/9 there were over [50,000 requests for communications data][21], according to Privacy International (apparently the government stopped releasing the figures since then). So you better not get involved in too many disputes with your local council ([it's not as if such powers haven't been abused in the past][22]).
-
-**'Extreme' content ban**
-
-Just this week the crime and security minister James Brokenshire said the government will order ISPs to [block "extremist" content online][23]. As we mentioned above, David Camerson also announced plans to ban pornography that simulated rape (making it illegal to watch). As with data retention almost a decade ago, the UK government is still a pioneer in trying to control the online space.
-
-Of course, no one likes terrorists and rapists, but do we really trust the government to decide which extremist ideologies are too dangerous for us and what "simulated rape" actually entails? Obviously there will be clear cut cases, but there will also be many grey areas. Every major porn website hosts BDSM content, which can be easily defined as "simulated rape." Does this mean the UK government is not only going to impose a porn filter, but will actually completely outlaw every porn site on the internet? Will it issue guidelines to explain when does a rough sex video becomes "simulated rape" and therefore liable to land you in jail?
-
-When it comes to extremist sites, again, where does the government draw the line? What is "extremist" and what measurements being used to determine this? Moreover, don't we want extremists to operate out in the open, rather than driving them underground? Doesn't this make it easier for the security services?
-
-None of this makes a great deal of sense, until you realise the government doesn't care much about protecting children, terrorism, or rape. What the UK government cares about is creating enough legal recourse to exert as much power and control over the virtual space as it possibly can.
-
- [1]: http://en.wikipedia.org/wiki/Draft_Communications_Data_Bill
- [2]: http://www.theregister.co.uk/2012/04/02/ccdp_government_snooping_plans/
- [3]: http://www.mirror.co.uk/news/uk-news/snoopers-charter-liberal-democrats-still-1920532
- [4]: http://www.theguardian.com/uk-news/2013/nov/12/counter-terror-chief-charles-farr-snoopers-charter
- [5]: /blog/oppose-the-uks-spying-bill-youre-siding-with-paedophiles/
- [6]: http://www.huffingtonpost.co.uk/2013/06/10/poll-finds-public-support-snooping-plans_n_3415724.html
- [7]: http://en.wikipedia.org/wiki/Data_Retention_Directive
- [8]: http://www.out-law.com/page-10807
- [9]: https://wiki.openrightsgroup.org/wiki/Data_Retention_Directive
- [10]: http://www.theregister.co.uk/2003/09/15/uk_gov_to_impose_data/
- [11]: http://news.bbc.co.uk/2/hi/technology/4744304.stm
- [12]: http://www.wired.co.uk/news/archive/2013-07/25/isp--north-korea
- [13]: http://www.businessinsider.com/people-with-rape-porn-in-the-uk-could-get-jail-time-2013-11
- [14]: http://www.theguardian.com/technology/2013/jul/22/david-cameron-crusade-internet-pornography
- [15]: http://www.bbc.co.uk/news/uk-23558865
- [16]: http://www.telegraph.co.uk/technology/news/8316997/Mumsnet-abandons-support-for-anti-pornography-web-filters.html
- [17]: http://www.gizmodo.co.uk/2013/07/the-great-firewall-of-cameron-wont-just-block-porn/
- [18]: http://www.gizmodo.co.uk/2013/09/uh-oh-uk-porn-filter-also-blocks-vpns/
- [19]: http://en.wikipedia.org/wiki/RIPA
- [20]: http://www.liberty-human-rights.org.uk/human-rights/privacy/state-surveillance/index.php
- [21]: https://www.privacyinternational.org/reports/united-kingdom/ii-surveillance-policies#_ftn48
- [22]: http://www.theregister.co.uk/2008/04/28/ripa_council_dog_fouling/
- [23]: http://www.theguardian.com/uk-news/2013/nov/27/ministers-order-isps-block-terrorist-websites
\ No newline at end of file
diff --git a/src/content/es/blog/2013-12-15-will-europeans-really-set-free-data-retention.md b/src/content/es/blog/2013-12-15-will-europeans-really-set-free-data-retention.md
deleted file mode 100644
index 939c3a773..000000000
--- a/src/content/es/blog/2013-12-15-will-europeans-really-set-free-data-retention.md
+++ /dev/null
@@ -1,42 +0,0 @@
----
-title: Will Europeans really be set free from data retention?
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-12-15T11:08:11+00:00
-url: /blog/will-europeans-really-set-free-data-retention/
-heroImage: /images-static/uploads/flag_yellow_low.jpg
-thumbnailImage: /images-static/uploads/flag_yellow_low.jpg
-
----
-It appears the EU Data Retention Directive [will soon be scrapped][1]. On Thursday, the European Court of Justice General, Pedro Cruz Villalon, said the highly controversial law contravenes the Charter of Fundamental Rights of the European Union. While the statement was not a ruling, the Court of Justice usually follows the opinion of Advocate Generals. But will implementing Villalon's recommendations really free Europeans from mass surveillance?
-
-Firstly, Villalon's findings certainly renew our faith in the EU's ability to rectify its own mistakes. The reversal of opinion, is also a big win for online privacy activists and campaigners, especially for [Digital Rights Ireland][2], which kicked off the court case against the directive back when it was first enacted in 2006 and pursued it all the way to the ECJ in 2010.
-
-Villalon's statement will also validate the justice systems of those EU countries who refused to implement the Data Retention Directive, despite the pressure from politicians. Sweden, Germany and Romania are all facing EU fines due to ruling the law unconstitutional, with Germany being [fined 315,000 Euros per day][3] until it obeys the directive.
-
-**Data retention 2.0**
-
-But if the ECJ does rule in favour of its advocate general, what will change exactly? Well, here's where we can put our cynic hats back on. Let's take a quick look at [what Villalon actually said about the Data Retention Directive.][4]
-
-Firstly, we should remember the advocate general maintains the aims of the directive are valid and that it should remain in place until lawmakers come up with a better solution. However, Villalon agreed with what privacy campaigners have been saying for years, stating that, in its current form, the directive allows authorities to "create a both faithful and exhaustive map of a large portion of a person's conduct strictly forming part of his private life, or even a complete and accurate picture of his private identity."
-
-He also said this type of surveillance would have a "chilling effect" on freedom of expression and that the directive is "as a whole incompatible with Article 52(1) of the Charter of Fundamental Rights of the European Union" because it's "not accompanied by the necessary principals for governing the guarantees needed to regulate access to the data and their use."
-
-So all good stuff, but what the advocate general is essentially saying is the aims of the Data Retention Directive are fine, and the actual process of collecting the data is fine, but there is not enough controls over how the data is accessed by the authorities. For instance, Villalon suggests that citizens must be notified after their data has been looked at. One of the reasons for this, is because the original directive was vaguely written, leaving scope for different countries to interpret what it could and couldn't do with the collected data.
-
-Villalon is also not calling for the directive to be ditched immediately. Rather he says the decision should be suspended in order for lawmakers to address his concerns. So this isn't exactly a scrapping of the Data Retention Directive, nor is it a recommendation that ISPs should no longer be forced to record our internet activity.
-
-**Do you trust the authorities?**
-
-Now lets not rubbish Villalon's recommendations – they're all good and much needed. But he is not proposing an end to mass surveillance. What we really need is to end mandatory data retention altogether. Because as long as the data is being recorded and stored, the risk that it will be abused by the authorities, completely under the radar, will always remain.
-
-But at the moment this is all speculation. It's worth noting that a number of big EU countries ([the UK][5] and [France in particular][6]) are very pro-data retention. So it's by no means certain that Villalon's recommendations will be implemented. We will have to wait until some time next year to hear ECJ's ruling.
-
- [1]: http://gigaom.com/2013/12/12/european-metadata-law-is-incompatible-with-privacy-rights-top-legal-advisor-says/
- [2]: http://www.digitalrights.ie/
- [3]: http://www.pcworld.com/article/256571/germany_taken_to_court_for_failing_to_implement_data_retention.html
- [4]: http://www.documentcloud.org/documents/894903-191080038-opinion-of-ag-in-digital-rights.html#document/p1
- [5]: /blog/five-reasons-uk-politicians-hate-internet/
- [6]: http://www.techdirt.com/articles/20110303/03520213350/
\ No newline at end of file
diff --git a/src/content/es/blog/2013-12-24-concerned-online-privacy-heres-five-us-politicians-keep-eye-2014.md b/src/content/es/blog/2013-12-24-concerned-online-privacy-heres-five-us-politicians-keep-eye-2014.md
deleted file mode 100644
index 540c9d04b..000000000
--- a/src/content/es/blog/2013-12-24-concerned-online-privacy-heres-five-us-politicians-keep-eye-2014.md
+++ /dev/null
@@ -1,65 +0,0 @@
----
-title: Concerned about online privacy? Here's five US politicians to keep an eye-on in 2014
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-12-24T10:58:27+00:00
-url: /blog/concerned-online-privacy-heres-five-us-politicians-keep-eye-2014/
-heroImage: /images-static/uploads/800px-Flag_of_the_United_States.svg_-600x315.png
-thumbnailImage: /images-static/uploads/800px-Flag_of_the_United_States.svg_-600x315.png
-
----
-Last year we rounded-up a selection of the [most anti-online privacy politicians in the US][1], followed by a [similar round-up focusing on the UK][2]. Since then Edward Snowden's PRISM revelations have had a huge impact on the political landscape and have revealed a broad church of politicians who have allied themselves with perhaps the most pervasive spying programme in history. So below we've rounded-up five US politicians who have chosen to back the NSA over the rights of the American people and who are definitely worth keeping an eye-on as we head into the new year.
-
-**Mike Rogers**
-
-![Mike Rogers](/images-static/uploads/rogers.png)
-
-Republican Mike Rogers made our list back in 2012 and it's no surprise that he enthusiastically [backed the NSA's spying programme][4]. Rogers was the main culprit behind the [Cyber Intelligence Sharing and Protection Act][5] (otherwise known as CISPA) that was thankfully hounded out of congress by online privacy campaigners. Since the PRISM revelations, Rogers has made a number of [smear attempts on Edward Snowden][6] and even [offered to pay for Snowden's ticket][7] back to the US to face charges. Perhaps most insulting was Rogers saying [French citizens should be "popping champagne corks"][8] over the fact the NSA spies on them. Charming!
-
-**Lamar Smith**
-
-![Mike Rogers](/images-static/uploads/Lamar-Smith-400x290-300x217.jpg)
-
-Lamar Smith joined a minority of Texan Republicans [to come out in full support of the NSA][10], when he voted against curbing the agency's spying powers. Smith has form when it comes to surveillance legislation. Back in 2012 he [introduced the FISA Amendment's Act][11], which extended the surveillance and spying powers enjoyed by the NSA for another five years. Lamar Smith is also the primary architect behind the failed, and much-maligned, [Stop Online Piracy Act][12] (SOPA) and he tried to [expand the Digital Millennium Copyright Act][13] to make it easier for police to engage in wiretapping over suspected breaches of copyright.
-
-**Al Franken**
-
-![Mike Rogers](/images-static/uploads/franken.png)
-
-Democrat Al Franken may seem an unfair entry on this list, given his [previous comments on online privacy][15] and efforts to introduce a [less draconian CISPA alternative][16], but Franken showed his true colours during the Snowden affair. Firstly, it must be pointed out that Franken [originally supported SOPA and PIPA][17] (but later backtracked), due to receiving a great deal of funding from the entertainment industry, so he never really supported online freedoms in a genuine sense. Nevertheless, Franken's [attempted to whitewash PRISM][18] by saying he was "well aware" of the programme and it's "not about spying on the American people," surprised many. Franken's cosy relationship with the NSA is even more worrying when you consider he's on the [Subcommittee on Privacy, Technology and the Law][19], which looks at data collection in the private sector.
-
-**Dutch Ruppersberger**
-
-![Dutch Ruppersberger](/images-static/uploads/ruppersberger.png)
-
-Democrat Dutch Ruppersberger co-authored CISPA along with Mike Rogers. He's also a member of the House Intelligence Committee, and represents the district that's home to the National Security Agency. So he knows a thing or two about mass surveillance. Perhaps unsurprisingly Ruppersberger [called Snowden a traitor][21] who is "going to cost lives short term and long term." But in case anyone thought the NSA broke any laws Ruppersberger assures everyone: "I'm a lawyer. I was trained to follow the constitution. I'm part of the checks and balances and believe me, no one's going to break the law on my watch." Wow we feel so reassured&#8230;
-
-**Diane Feinstein**
-
-![Diane Feinstein](/images-static/uploads/feinstein.png)
-
-Like Ruppersberger, Democrat Diane Feinstein is the chair of the House Intelligence Committee and she came out very [strongly in favor of PRISM][23], saying the NSA's spying programme was an important tool to stop terrorists. Feinstein [did soften her position when the extent of the NSA's spying on foreign allies was revealed][24], saying she was "totally opposed" to the activity. However, she followed this with a bill drafted to reform the NSA, which has been heavily criticised by activists. [According to the EFF][25], Feinstein's bill "codifies some the NSA's worst practices," including the collection of metadata of phone calls and does nothing to stop the agency from hacking into web services such as Google and Facebook.
-
- [1]: /blog/americas-most-dangerous-anti-online-privacy-politicians/
- [2]: /blog/the-uks-top-5-anti-online-privacy-politicans/
- [4]: http://mikerogers.house.gov/news/documentsingle.aspx?DocumentID=339391
- [5]: http://en.wikipedia.org/wiki/Cyber_Intelligence_Sharing_and_Protection_Act
- [6]: http://www.opposingviews.com/i/politics/foreign-policy/war-terror/rep-mike-rogers-falsely-claims-edward-snowden-traded-nsa
- [7]: http://abcnews.go.com/blogs/politics/2013/12/rep-mike-rogers-id-pay-for-edward-snowdens-ticket-back-to-u-s-to-face-charges/
- [8]: http://www.politico.com/blogs/politico-live/2013/10/rogers-french-should-be-popping-champagne-over-nsa-176002.html
- [10]: http://blog.chron.com/txpotomac/2013/07/10-texas-republicans-buck-party-in-vote-to-limit-nsa-data-collection/
- [11]: http://www.dailydot.com/politics/who-voted-for-fisa/
- [12]: http://en.wikipedia.org/wiki/Stop_Online_Piracy_Act
- [13]: http://news.cnet.com/2100-1028_3-6064016.html?part=rss&tag=6064016&subj=news
- [15]: http://www.huffingtonpost.com/2012/03/30/al-franken-privacy-facebook-google_n_1392442.html
- [16]: http://www.theverge.com/2012/7/26/3189433/al-franken-cybersecurity-act-of-2012-amendments
- [17]: http://en.wikipedia.org/wiki/List_of_US_Congresspersons_who_support_or_oppose_SOPA/PIPA
- [18]: http://www.huffingtonpost.com/2013/06/11/al-franken-nsa_n_3423413.html
- [19]: http://en.wikipedia.org/wiki/United_States_Senate_Judiciary_Subcommittee_on_Privacy,_Technology_and_the_Law
- [21]: http://baltimore.cbslocal.com/2013/07/09/rep-dutch-ruppersberger-calls-nsa-leaker-a-traitor/
- [22]: /images-static/uploads/feinstein.png
- [23]: http://www.washingtonpost.com/blogs/post-politics/wp/2013/06/06/transcript-dianne-feinstein-saxby-chambliss-explain-defend-nsa-phone-records-program/
- [24]: http://www.theguardian.com/world/2013/oct/28/nsa-surveillance-dianne-feinstein-opposed-allies
- [25]: https://www.eff.org/deeplinks/2013/10/sen-feinsteins-nsa-bill-will-codify-and-extend-mass-surveillance
diff --git a/src/content/es/blog/2013-12-30-will-us-government-try-ban-vpns-2014.md b/src/content/es/blog/2013-12-30-will-us-government-try-ban-vpns-2014.md
deleted file mode 100644
index 8b559f2ee..000000000
--- a/src/content/es/blog/2013-12-30-will-us-government-try-ban-vpns-2014.md
+++ /dev/null
@@ -1,33 +0,0 @@
----
-title: Will the US government try to ban VPNs in 2014?
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2013-12-30T04:06:23+00:00
-url: /blog/will-us-government-try-ban-vpns-2014/
-heroImage: /images-static/uploads/800px-Flag_of_the_United_States.svg_-600x315.png
-thumbnailImage: /images-static/uploads/800px-Flag_of_the_United_States.svg_-600x315.png
-
----
-With online privacy coming under increasing attack, it's no surprise that more and more activists, and privacy-conscious internet users, want to shield their internet activity from potential evesdroppers - be they state institutions or private companies. Along with free tools such as TOR and I2P, one of the most popular methods of avoiding online surveillance is signing-up to a commercial Virtual Private Network.  Indeed, there is no shortage of VPN companies on the market, promising to give their customers security, anonymity and peace-of-mind while browsing. But, with the government seemingly waging war against online privacy, is it inevitable politicians will push for a ban?
-
-**VPNs on the rise**
-
-Since the PRISM scandal broke, VPN usage has been on the rise. IVPN saw a 56% increase in sign-ups in the two months following Edward Snowden's revelations. We also <a href="/blog/prism-is-the-biggest-influence-on-vpn-sign-ups/">ran a survey amongst our customers</a> back in August, which saw PRISM listed as the top reason for new VPN sign-ups. This increase in interest was mirrored by a few of our competitors, <a href="http://torrentfreak.com/nsa-spying-and-anti-piracy-laws-boost-demand-for-vpns-130824/">who also saw an uptick in business</a> following the revelations.
-
-Of course, the irony is a VPN will not protect you from the type of surveillance described in the PRISM documents. As you probably already know, the <a href="http://en.wikipedia.org/wiki/PRISM_(surveillance_program)">PRISM programme</a> involved the NSA creating a backdoor into Google, Facebook and other web services, allowing them to access the data held in accounts. VPNs may encrypt your traffic, and obscure your IP address, but if you upload a picture to Facebook, or send an email via Gmail, then that information is stored on Google and Facebook's servers. The only way to stop the NSA accessing that data is to avoid creating it in the first place.
-
-**Data retention**
-
-But VPNs are still likely to catch the attention of governments, not because they undermine PRISM, but because they undermine data retention practices. ISP-level data retention is, generally-speaking, when your internet service provider records the times you access the internet and what IP addresses you connect to, allowing authorities to determine your activity, down to the websites you've visited. Data retention has been<a href="http://en.wikipedia.org/wiki/Data_retention_directive"> mandatory in Europe since 2006</a>, with all ISPs forced to store data for the entirety of a user's subscription and up to two years after they unsubscribe. However, due to fierce opposition within certain EU states, the law <a href="http://gigaom.com/2013/12/12/european-metadata-law-is-incompatible-with-privacy-rights-top-legal-advisor-says/">may be significantly altered next year</a>.
-
-In the US both the <a href="http://news.cnet.com/8301-13578_3-57575160-38/congressman-endorses-data-retention-law-then-backs-away/">Obama administration</a> and <a href="http://news.cnet.com/8301-13578_3-57575160-38/congressman-endorses-data-retention-law-then-backs-away/">Republicans</a> have, at one time or another, pushed for a law similar to the EU Data Retention Directive. But although Washington's ambitions haven't yet been realised, US ISPs <a href="http://news.cnet.com/8301-13578_3-57575160-38/congressman-endorses-data-retention-law-then-backs-away/">still practice data retention voluntarily,</a> with some storing web logs for two years. VPNs may not protect users from PRISM, but they do threaten ISP-level data retention.
-
-**Warning shot**
-
-A warning shot appeared to have been fired back in June, when both Mastercard and Visa <a href="http://www.techdirt.com/articles/20130703/13150923710/">outlawed payments to a number of popular VPN providers</a>. This action followed a high profile case involving a hacker from the group Lulzsec, who had his anonymity compromised because <a href="http://www.thewire.com/technology/2011/09/lulzsec-hacker-exposed-service-he-thought-would-hide-him/42895/">the VPN he was using retained user data</a> (either voluntarily, or because it had been forced to by the FBI). Either way, the revelation caused a major breakdown in trust between VPNs and their customers. Since that incident we've also seen the UK government recently announce plans to implement a nationwide internet content filter that – among other things – <a href="http://www.gizmodo.co.uk/2013/09/uh-oh-uk-porn-filter-also-blocks-vpns/">will ban VPNs from being accessed.</a>
-
-So are VPNs' days numbered? Well, thankfully VPNs can be located all over the world and many companies use them in order to privately access their company intranet, making a blanket ban very tricky. Of course, governments could follow the UK's lead and stealthily ban VPNs via content filters, under the guise of 'protecting the children.' But it must be said circumventing the UK's content filter - or opting out - is not that difficult (although it may make you more noticeable to the authorities). 
-
-The other avenue the government could take is to force VPNs to retain customer data - and it's certainly possible that the EU's data retention law could be interpreted to encompass VPNs also. But for this to work in the US, lawmakers would probably need to implement a larger-scale data retention law that encompasses ISPs. Politicians will surely have to wait until the PRISM revelations are a more distant memory, before trying to push any mass surveillance legislation past the American people.
\ No newline at end of file
diff --git a/src/content/es/blog/2014-01-14-dont-expect-googles-conscious-home-to-keep-things-private.md b/src/content/es/blog/2014-01-14-dont-expect-googles-conscious-home-to-keep-things-private.md
deleted file mode 100644
index eb7460a25..000000000
--- a/src/content/es/blog/2014-01-14-dont-expect-googles-conscious-home-to-keep-things-private.md
+++ /dev/null
@@ -1,43 +0,0 @@
----
-title: Don't expect Google's "conscious home" to keep things private…
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2014-01-14T17:28:14+00:00
-url: /blog/dont-expect-googles-conscious-home-to-keep-things-private/
-heroImage: /images-static/uploads/Google-privacy.jpg
-thumbnailImage: /images-static/uploads/Google-privacy.jpg
-comments:
-  - author: lalala
-    date: 2014-01-26T18:59:06+01:00
-    content: |
-      Then why use Google Analytics on your website? Isn't it weird for a VPN provider? Anonymity is it compatible with this Google tracking service?
-  
-      Alternatives exist, Matomo for example (free software).
-
----
-Two interesting Google-related news stories broke over the last few days. The first is that France's data protection authority, CNIL, has [issued the search giant with an 150,000 euro fine][1] after ruling its privacy policy violated the French Data Protection Act. And the second is that Google has confirmed the [$3.2 billion purchase of Nest][2], a company that develops internet connected home appliances and – in its own words – wants to "realize our vision of the conscious home." So we have a company that 's repeatedly violated privacy laws buying a company that wants to make your home "conscious" - sounds like the plot of a bad sci-fi movie.
-
-**Impotent regulation**
-
-While it's great news that CNIL has taken action against Google, the penalties imposed are laughable. Google's [last fiscal statement][3] revealed profits of $2.97 billion – and that's just for a single quarter. One hundred an fifty thousand euros is pocket change (despite being the largest fine the CNIL has issued to date) and if that's all the regulator can impose then the message is loud and clear: The regulation is not working. How can you expect companies as big as Google to take laws seriously if the only repercussion is a mild slap on the wrist?
-
-We've been here before when Google was issued with a [$22.5 million fine back in the summer of 2012][4] by the US Federal Trade Commission. That was the biggest fine in the history of the FTC (Google seems to building quite the track record) but, given CNIL's ruling,  it obviously didn't have much of an impact on Mountain View's approach to privacy.
-
-Google's dismissive attitude toward regulators goes back even further. The FTC's record fine was due to Google's inability to submit privacy audits and the privacy audits were requested because Google was [guilty of deceiving users and violating its own privacy policy][5], when it launched the failed social network Buzz.
-
-Even worse was [when Google lied to British and German regulators][6] about collecting data from unsecure Wi-Fi hotspots via its Street Cars. Google said the data collection was a simple mistake, until the US' Federal Communications Commission investigated and discovered the cars were specifically designed to collect the information. What did the regulators do? Pretty much nothing.
-
-**Google too big to fail?**
-
-So now we're expected to believe Google won't violate more privacy laws when it gets to control your toaster. Perhaps Google becoming too big to fail, just like the banks. It's already arguably the most important internet company in the world and has huge resources and a great deal of clout with policy makers. Plus imagine if regulators actually got tough and threatened to limit Google's services in their markets - I'm betting most people would have Google violate their privacy, rather than be cut off from its multitude of services (which span search, email, maps, storage and mobile ecosystems).
-
-Without strong regulators, and with the 'internet of things' around the corner, this situation is only going to get worse. Google has proven over and over again that it cannot be trusted. Now it's bought Nest, it's seems we're steadily marching toward a world where Google's tendrils extend into a multitude of home appliances. Who wants a "conscious home" when the consciousness cannot be trusted to keep things to itself?
-
- [1]: http://www.theverge.com/2013/9/27/4778272/french-regulator-sanctions-against-google-for-privacy-policy
- [2]: http://www.forbes.com/sites/roberthof/2014/01/13/look-out-apple-google-just-bought-nest-for-3-2-billion/
- [3]: http://investor.google.com/earnings/2012/Q4_google_earnings.html
- [4]: http://mashable.com/2012/08/09/ftc-google-22-5-million/
- [5]: http://www.pcworld.com/article/242476/ftc_approves_google_buzz_settlement.html
- [6]: http://www.dailymail.co.uk/news/article-2158307/Google-facing-new-privacy-probe-Street-View-cars-data-theft-alleged-misled-watchdog.html
diff --git a/src/content/es/blog/2014-01-28-individuals-responsible-online-privacy-governments-says-survey.md b/src/content/es/blog/2014-01-28-individuals-responsible-online-privacy-governments-says-survey.md
deleted file mode 100644
index 9ce32cdf8..000000000
--- a/src/content/es/blog/2014-01-28-individuals-responsible-online-privacy-governments-says-survey.md
+++ /dev/null
@@ -1,35 +0,0 @@
----
-title: 'Individuals should be responsible for their online privacy, not governments, says survey'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2014-01-28T19:38:18+00:00
-url: /blog/individuals-responsible-online-privacy-governments-says-survey/
-heroImage: /images-static/uploads/it_photo_116356-600x400.jpg
-thumbnailImage: /images-static/uploads/it_photo_116356-600x400.jpg
-
----
-Microsoft has released a new global privacy survey to coincide with [International Data Privacy Day][1] (which takes place today in case you didn't know). The findings reveal a somewhat confused attitude toward online privacy across both Europe and the US, with respondents claiming to care about online privacy, but at the same time failing to take simple actions, such as reading a company's privacy policy.
-
-You can check out [the full report here][2]. Perhaps the biggest finding is that 40% of all Europeans and 46% of all Americans believe that responsibility for consumers' online privacy rests with the individual. Only 30% of Europeans and 31% of Americans think companies are responsible for their customers' privacy. When it comes to governments, Europeans see a greater role required, with 30% believing states are responsible for protecting privacy compared to 23% in the US.
-
-As you can see from the chart below, a majority of respondents in both Europe and the US believe that companies should implement technological solutions to protect privacy, rather than offer more transparency or give users more privacy controls. This is a worrying attitude because while it makes life more simple for the consumer, it also places a great deal of trust in companies such as Google and Facebook to ensure its systems really are protecting privacy – as we all know [such companies are not deserving of this trust][3].
-
-![Techrole](/images-static/uploads/techrole.png)
-
-Even more disconcerting is the chart below, which shows a majority of respondents (taken from a group Microsoft defines as "tech elites") do not read the privacy policies of services they sign-up to online. Only 23% of actually read the statements before ticking the box. It's easy to blame foolish and ignorant consumers for this behaviour. But I reckon there's very few people who have read every privacy policy they've come across. Surely this is a wake-up call for regulators, and any privacy-concerned companies, to implement more digestable and easy-to-read policies. Some companies get this right, but many policies are plagued by legalise and are too dense for the average consumer to read through.
-
-
-![Terms](/images-static/uploads/terms-600x247.png)
-
-For its part Microsoft says the survey results confirm its belief privacy will be achieved through collaboration with the global community.
-
-> "Baseline privacy legislation, industry self-regulation, user education and technology tools need to come together, which is driving a lot of what Microsoft does," said chief privacy officer Brendon Lynch.
-
-Microsoft also said consumers' preference for privacy through technology is in-line with its recent decision to [implement tracking protection lists][6] for Internet Explorer. However, judging by the results of the survey, it doesn't seem like much is going to change. When asked "what activities are you willing to trade privacy for ease of use" nearly 50% of US respondents said "shopping," while almost 40% said gaming, social networking and banking. It's clear there's a long way to go before people's expectations of privacy match-up with their actual online behaviour and attitudes.
-
- [1]: http://en.wikipedia.org/wiki/Data_Privacy_Day
- [2]: http://www.microsoft.com/en-us/twc/privacy/data-privacy-day.aspx
- [3]: /blog/dont-expect-googles-conscious-home-to-keep-things-private/
- [6]: http://windows.microsoft.com/en-gb/internet-explorer/products/ie-9/features/tracking-protection
\ No newline at end of file
diff --git a/src/content/es/blog/2014-04-10-heartbleed-passwords-change.md b/src/content/es/blog/2014-04-10-heartbleed-passwords-change.md
deleted file mode 100644
index 035d677fc..000000000
--- a/src/content/es/blog/2014-04-10-heartbleed-passwords-change.md
+++ /dev/null
@@ -1,53 +0,0 @@
----
-title: Heartbleed – What passwords to change
-authors: ["Ed Holden"]
-categories: ["Privacy & Security"]
-tags: ["Security"]
-draft: false
-date: 2014-04-10T17:24:26+00:00
-url: /blog/heartbleed-passwords-change/
-comments:
-  - author: James Bryce
-    date: 2014-04-12T10:02:57+02:00
-    content: |
-      Very helpful list, it's nice to have a clear breakdown with all the news stories out at the moment. Thanks guys!
-  - author: Rich
-    date: 2014-04-12T20:12:09+02:00
-    content: |
-      Mashable says YES, change password for Netflix: <a href="http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/#:eyJzIjoiZiIsImkiOiJfdHJhYzIxOWFwd2Npc3pwbCJ9" rel="nofollow ugc">http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/#:eyJzIjoiZiIsImkiOiJfdHJhYzIxOWFwd2Npc3pwbCJ9</a>
-  - author: Barry Rueger
-    date: 2014-04-13T03:21:05+02:00
-    content: |
-      _If a service provider is yet to apply the patch, you should not change your password. Instead, wait until you receive confirmation from an official channel that the servers have been patched._ 
-
-      I probably have log in IDs at at least 50 to 75 web sites here and there. To date not one of them has e-mailed me to say "Hey we fixed it, now change your password."
-
-      This advice is pretty much useless unless system admins are pro-active in letting users know when systems have been patched.
-  - author: David
-    date: 2014-04-13T17:31:32+02:00
-    content: |
-      I seriously question the advice that passwords not be changed until the site has announced that it has applied the fix. This simply leaves the user vulnerable if in fact their password is compromised.
-
-      I think better advice is to identify those sites where compromise would have a serious impact &#8230; e.g., a bank or investment account &#8230; and change those passwords frequently &#8230; e.g., daily &#8230; until AFTER the fix is applied &#8230; be sure to make one last change AFTER the fix.
-
-      Of particular concern would be any email providers for accounts which could be used to recover password access to other accounts.
-
----
-**Graphic updated on ******16/04 @ 17:37 CEST - (Netflix changes)****
-
-The Heartbleed bug - a major security flaw in OpenSSL - has seriously disrupted the online community this week. OpenSSL is one of the most popular pieces of encryption software, and the bug has potentially exposed millions of user details to hackers.
-
-Some online service providers acted quickly, patching the flaw as soon as it was announced. However, many others have yet to act.
-
-
-If a service provider is yet to apply the patch, you should not change your password. Instead, wait until you receive confirmation from an official channel that the servers have been patched. Only then should you log in and update your details.
-
-Conflicting reports have led to panic - nobody seems to know which sites have been affected, or whether their servers have been patched.
-
-To dispel the confusion, we've created a simple password change checklist. It identifies the major sites which have been affected by Heartbleed - and whether they've patched their servers yet.
-
-[Link to the full graphic][1]
-
-[![Heartbleed - What passwords to change](/images-static/uploads/ivpn_heartbleed_16042014.png)][1]
-
- [1]: /images-static/uploads/ivpn_heartbleed_16042014.png
diff --git a/src/content/es/blog/2014-06-18-quick-guide-fcc-corruption-infographic.md b/src/content/es/blog/2014-06-18-quick-guide-fcc-corruption-infographic.md
deleted file mode 100644
index d27b3206a..000000000
--- a/src/content/es/blog/2014-06-18-quick-guide-fcc-corruption-infographic.md
+++ /dev/null
@@ -1,32 +0,0 @@
----
-title: A Quick Infographic Guide to FCC Corruption
-# Example: /blog/this-is-a-good-post
-url: /blog/quick-guide-fcc-corruption-infographic/
-highlighted: false
-draft: false
-authors:
-  - Dennis Kügler
-categories:
-  - Privacy & Security
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - Privacy
-date: 2014-06-18T17:41:30.000Z
-# 1920px X 500px
-heroImage: /images-static/uploads/fcc-corrupt-600x271.png
-# 740px X 740px
-thumbnailImage: /images-static/uploads/fcc-corrupt-600x271.png
----
-The incestuous relationship between the [Federal Communications Commission,][1] and the telecommunications industry it's supposed to regulate, is [very well documented][2]. Numerous FCC executives and employees have left the organisation only to be employed at Comcast and other telcos, while the FCC itself is being run by the former head of lobby groups that would like nothing more than to see net neutrality ground into the dust.
-
-It's clear. The FCC cannot be trusted to regulate on net neutrality in an impartial manner and Americans must do everything in their power to stop the likes of [Tom Wheeler][3] and his cronies from letting [some of the most hated companies in the country][4] screw-up the online eco-system. Below is an infographic  that's designed to give a quick overview of just how intertwined the FCC, ISPs and industry lobby groups really are. A key part of winning this war is spreading as much information about the FCC's compromised interests as we can - so please feel free to share!
-
-**A Quick Guide to FCC Corruption (click to enlarge)**
-
-[![A Quick Guide to FCC Corruption](/images-static/uploads/A-Quick-Guide-to-FCC-Corruption1.jpg)][5]
-
- [1]: http://en.wikipedia.org/wiki/Federal_Communications_Commission
- [2]: http://www.vice.com/read/former-comcast-and-verizon-attorneys-now-manage-the-fcc-and-are-about-to-kill-the-internet
- [3]: http://en.wikipedia.org/wiki/Tom_Wheeler
- [4]: http://bgr.com/2014/05/20/comcast-twc-customer-satisfaction-survey-study/
- [5]: /images-static/uploads/A-Quick-Guide-to-FCC-Corruption1.jpg
\ No newline at end of file
diff --git a/src/content/es/blog/2014-07-15-uk-citizens-care-online-privacy-24-hours-two-simple-things.md b/src/content/es/blog/2014-07-15-uk-citizens-care-online-privacy-24-hours-two-simple-things.md
deleted file mode 100644
index aa16502e5..000000000
--- a/src/content/es/blog/2014-07-15-uk-citizens-care-online-privacy-24-hours-two-simple-things.md
+++ /dev/null
@@ -1,68 +0,0 @@
----
-title: 'UK citizens: If you care about online privacy you have 24 hours to do two simple things'
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2014-07-15T14:31:07+00:00
-url: /blog/uk-citizens-care-online-privacy-24-hours-two-simple-things/
-heroImage: /images-static/uploads/1200px-Flag_of_the_United_Kingdom.svg_-600x300.png
-thumbnailImage: /images-static/uploads/1200px-Flag_of_the_United_Kingdom.svg_-600x300.png
-comments:
-  - author: coxy
-    date: 2014-07-15T18:15:03+02:00
-    content: |
-      Thanks for posting this. :)
-  - author: Chris
-    date: 2014-07-15T22:56:15+02:00
-    content: |
-      Done!
-  - author: Tony
-    date: 2014-07-15T23:41:00+02:00
-    content: |
-      "Tell your MP you support the amendment that has been tabled by Tom Watson MP"
-
-      That's funny, because he is my MP.
-
----
-The UK is currently one of [the worst countries in Europe when it comes to pushing online surveillance laws][1] (if not the worst). Don't let them get away with more of this bullshit without voicing your opposition. Now's the time to press a few buttons in the name of online privacy.
-
-If you're from the UK and you're reading this blog post then you probably have already heard of the UK government's attempt to [rush through new online surveillance measures][2], in a move that has been widely condemned by activists and privacy conscious politicians as undemocratic and non-transparent. The legislation is now heading into the House of Commons. If you care about this stuff there are two really quick things you can do to **make sure you express your opposition!**
-
-## **What is the problem?**
-
-Super quick recap:
-
-  * The EU implemented the [EU Data Retention Directive in 2006][3]. This forced all ISPs in Europe to store the data of customers for your entire subscription period, plus two years after your subscription ends. So basically there's a record of every domain you've visited sitting with your ISP.
-  * In April the EU Court of Justice finally ruled that [this draconian law was a violation of human rights][4].
-  * With the Data Retention Directive on its way out, the UK is now trying to push through the Data Retention and Investigatory Powers bill to replace it. DRIP basically does [all the bad things the EU legislation did and even worse stuff.][5]
-
-## **What should you do?**
-
-There's two things you can do right now:
-
-**1. Send a personal email to your MP**
-
-[This is where you can find out who your local MP is][6]. Once you find this information email your MP with a personal message (or even better call them), explaining that **you are opposed to the Data Retention and Investigatory Powers bill. **
-
-It's important to make the message personal. You can also make it very short, just a couple of paragraphs. But here's a quick outline of the main points you might want to address (edit: also make sure you say the bill is being put to the House of Commons within 24 hours):
-
-  1. Tell your MP you support the amendment that has been tabled by Tom Watson MP, Caroline Lucas MP, and David Davis MP. This amendment brings the bill's "sunset clause" forward to December 31, so that Parliament has a chance to debate its provisions at the end of this year.
-  2. The EU Court of Justice recently ruled blanket data retention incompatible with human rights legislation. This means the EU-wide Data Retention Directive – which was implemented almost a decade ago – will be scrapped or reformed soon. Also point out that a number of European countries, including Germany, never implemented the Data Retention Directive in the first place because they found it violated human rights.
-  3. There is no need to rush through emergency legislation. This bill – especially in the light of Edward Snowden's revelations concerning GCHQ's online monitoring – needs proper scrutiny.
-
-**2. Email the committee of MPs who are reviewing the legislation.**
-
-You've got until Thursday to do this. [Follow the link over here][7] - 38 Degrees have a handy template and email submission form. Or you can copy and paste the email you sent to your MP.
-
-**That's it!**
-
-Obviously parliament is dominated by three parties who all support data retention, so this is an uphill struggle. But it's important to let them know there's a sizable portion of the UK online community who is opposed to such draconian surveillance laws. There are MP's on our side. Let's stop being such pushovers when it comes to online privacy. If enough MPs are swayed then hopefully they'll vote for Tom Watson's amendment and it can buy us more breathing space. Go forth and complain!
-
- [1]: /blog/five-reasons-uk-politicians-hate-internet/
- [2]: http://www.independent.co.uk/life-style/gadgets-and-tech/news/new-data-bill-contains-sweeping-surveillance-powers-that-affect-everyone-in-the-uk-9605381.html
- [3]: http://en.wikipedia.org/wiki/Data_Retention_Directive
- [4]: http://www.bbc.com/news/world-europe-26935096
- [5]: https://www.openrightsgroup.org/assets/files/pdfs/reports/DRIP_joint_briefing.pdf
- [6]: http://www.parliament.uk/mps-lords-and-offices/mps/
- [7]: https://secure.38degrees.org.uk/page/speakout/government-snooping-committee
diff --git a/src/content/es/blog/2014-08-18-internet-censorship-around-the-world.md b/src/content/es/blog/2014-08-18-internet-censorship-around-the-world.md
deleted file mode 100644
index 3d09f2596..000000000
--- a/src/content/es/blog/2014-08-18-internet-censorship-around-the-world.md
+++ /dev/null
@@ -1,28 +0,0 @@
----
-title: Internet Censorship Around the World
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2014-08-18T08:46:26+00:00
-url: /blog/internet-censorship-around-the-world/
-comments:
-- author: Snowden
-  date: 2014-11-15T19:56:57+01:00
-  content: |
-    Hi! I've read that your company was founded by guys from some UK University. I understand that a libertarian people may live everywhere, but we know the fact that UK and USA intelligent services work together in order to spying for everyone on the planet. NSA created Google, Facebook, TOR etc, so we can't trust company from UK even if it's official location in Malta. In other words, how can we trust IVPN and check you are not a honeypot?
-- author: jake
-  date: 2016-02-27T02:32:13+01:00
-  content: |
-    I'd like to see a response to this too
-
----
-In 2013, Freedom House released a <a href="http://www.freedomhouse.org/report/freedom-net/freedom-net-2013" target="_blank" rel="noopener noreferrer">'Freedom on the Net' report</a>, detailing internet censorship and restrictions around the world. In the report, each country was awarded a 'Freedom on the Net' score out of 100. This was based on three different metrics - limits placed on online content, obstacles to internet access, and violations of user rights. Based on this score, countries were then graded as Free, Partly Free, or Not Free. Some countries - those in grey - were not included in the report.
-
-![Map of Censorship around the World](/images-static/uploads/internet-censorship-map.png)
-
-Online freedom is a hotly contested topic, and one of the biggest political issues of our time. Since its conception, the internet has revolutionised communication, and promoted free speech across the globe. However, some governments see the internet as dangerous and inflammatory. They seek to regulate the net, preventing citizens from freely communicating and collaborating.
-
-The IVPN team have created a [map of internet freedom][1] around the world, based on the 2013 report. IVPN are avid supporters of online privacy, and believe that internet access should be unrestricted for all.
-
- [1]: /internet-censorship "Map of Internet Freedom around the world"
diff --git a/src/content/es/blog/2014-09-09-americas-worst-anti-online-privacy-politicians.md b/src/content/es/blog/2014-09-09-americas-worst-anti-online-privacy-politicians.md
deleted file mode 100644
index 24555e0a5..000000000
--- a/src/content/es/blog/2014-09-09-americas-worst-anti-online-privacy-politicians.md
+++ /dev/null
@@ -1,65 +0,0 @@
----
-title: America's worst 'anti-online-privacy' politicians
-authors: ["Dennis Kügler"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2014-09-09T15:32:34+00:00
-url: /blog/americas-worst-anti-online-privacy-politicians/
-heroImage: /images-static/uploads/onlineprivacyflag-600x315.png
-
----
-Every year or so we take a look at which [US politicians are making a concerted effort to destroy what little privacy we have left on the web][1]. From CISPA-supporters, to Snowden-haters, these are the people who have firmly planted their flag in the anti-online privacy camp, preferring to support entities who are pushing for surveillance and the curtailing of online freedoms. Some of these politicians are historical offenders, with a track record that stretches over decades, while others are new to the debate. Either way, they all deserved to be named and shamed. So read on and let the hate flow through you.
-
-## America's worst 'anti-online-privacy' politicians
-
-### Mike Rogers
-
-[![Rogers](2)][2]
-
-If someone made a videogame around the online privacy debate then Republican [Mike Rogers][3] would probably be the end of game boss, complete with a predictable AI routine that involves backing anything and everything that involves more surveillance. This is the man that said [you can't have your privacy violated][4] if you don't know it's being violated. He said [French citizens should celebrate the fact that the NSA spies on them][5]. And he offered to pay for Edward Snowden's ticket back to the US to face charges. It therefore comes as no surprise that Rogers is [the architect behind the dreadful CISPA legislation][6], which is still refusing to die. Thankfully, Rogers is [planning to retire from Congress in 2015.][7] Get the party poppers ready!
-
-### Diane Feinstein
-
-[![Feinstein](8)][8]
-
-[Democrat Diane Feinstein][9], who chairs the House Intelligence Committee, has tried to strike a moderate tone when it comes to the online privacy debate in the US (compared to those such as Mike Rogers). But in many ways her occasional criticisms of state surveillance have only made her a more insidious threat. This is no more evident than in Feinstein's efforts to [bring CISPA back from the dead in the form of CISA][10], which many activists claim is worse than the originally proposed surveillance bill. It also worth remembering [Feinstein was initially very much in favor of PRISM][11] – when the program was revealed – before [softening her position][12] when it turned out the NSA was spying on foreign leaders. Feinstein also helped [push FISA through the Senate][13], which allowed the government to continue collect data under secret court orders. But guess what? Feinstein hates it [when her and her own staff are being spied on by the CIA][14]! Oh dear&#8230;
-
-### Howard Coble
-
-[![Coble](15)][15]
-
-Eighty-three year old Republican [Howard Coble][16] has a long track record in not understanding the internet and supporting terrible legislation that's impacted the online space. Most recently he [came out in favor of CISPA][17], no surprise there, but perhaps worse was his [introduction of the Digital Millennium Copyright Act][18] in 1997 to the House of Representatives. Most people reading this will be familiar with the DMCA acronym, which has almost become a byword for online censorship and restriction on free expression. Coble also helped push through the [NET Act in the 90s][19], which made it easier to prosecute people for copyright theft. What a set of credentials!
-
-### Lamar Smith
-
-[![Smith](20)][20]
-
-[Remember SOPA][21]? Yep that's partly this guy's fault. But you have to give some credit to Texas [Republican Lamar Smith][22], as his piracy bill sparked one of the first [global protests over an online policy][23]. A great example of how public sentiment can actually  change things. Of course, SOPA isn't the only evidence of Smith's Big Brother credentials. The congressman also introduced [the FISA Amendment Act in 2012][13], which extended the NSA's spying powers and he attempted to expand the Digital Millennium Copyright Act, so police could more easily wiretap file sharers. Lamar's love of online surveillance also surpasses his loyalty to the great state of Texas. Last year Smith [voted against an amendment to curb the NSA's surveillance powers][24], despite the amendment being backed by a non-partisan majority of Texan House members.
-
-**What do you guys think? Any politicians who also deserve a dishonourable mention? Let us know in the comments.**
-
- [1]: /blog/americas-most-dangerous-anti-online-privacy-politicians/
- [2]: /images-static/uploads/rogers.png
- [3]: http://en.wikipedia.org/wiki/Mike_Rogers_%28Michigan_politician%29
- [4]: https://www.techdirt.com/articles/20131029/18020225059/mike-rogers-you-cant-have-your-privacy-violated-if-you-dont-know-about-it.shtml
- [5]: http://www.politico.com/blogs/politico-live/2013/10/rogers-french-should-be-popping-champagne-over-nsa-176002.html
- [6]: http://en.wikipedia.org/wiki/Cyber_Intelligence_Sharing_and_Protection_Act
- [7]: http://www.politico.com/story/2014/03/mike-rogers-michigan-house-intelligence-committee-105127.html
- [8]: /images-static/uploads/feinstein.png
- [9]: http://en.wikipedia.org/wiki/Dianne_Feinstein
- [10]: http://www.cispaisback.org/
- [11]: http://www.washingtonpost.com/blogs/post-politics/wp/2013/06/06/transcript-dianne-feinstein-saxby-chambliss-explain-defend-nsa-phone-records-program/
- [12]: http://www.theguardian.com/world/2013/oct/28/nsa-surveillance-dianne-feinstein-opposed-allies
- [13]: http://www.wired.com/2012/09/house-approves-spy-bill/
- [14]: https://www.techdirt.com/articles/20140311/11492726531/whats-feinstein-so-upset-about-cia-just-spied-senate-intelligence-committee-metadata.shtml
- [15]: /images-static/uploads/Howard-coble-400x287.jpg
- [16]: http://en.wikipedia.org/wiki/Howard_Coble
- [17]: http://ballotpedia.org/Howard_Coble
- [18]: http://en.wikipedia.org/wiki/Digital_Millennium_Copyright_Act
- [19]: http://en.wikipedia.org/wiki/NET_Act
- [20]: /images-static/uploads/Lamar-Smith-400x290.jpg
- [21]: http://en.wikipedia.org/wiki/Stop_Online_Piracy_Act
- [22]: http://en.wikipedia.org/wiki/Lamar_S._Smith
- [23]: http://www.washingtonpost.com/politics/2012/01/17/gIQA4WYl6P_story.html
- [24]: http://blog.chron.com/txpotomac/2013/07/10-texas-republicans-buck-party-in-vote-to-limit-nsa-data-collection/
diff --git a/src/content/es/blog/2015-01-27-new-ivpn-client-v2-0-windows.md b/src/content/es/blog/2015-01-27-new-ivpn-client-v2-0-windows.md
deleted file mode 100644
index 266d78b52..000000000
--- a/src/content/es/blog/2015-01-27-new-ivpn-client-v2-0-windows.md
+++ /dev/null
@@ -1,100 +0,0 @@
----
-title: The all new IVPN Client v2.0 for Windows
-authors: ["Fedir Nepyivoda"]
-categories: ["Releases"]
-tags: ["Apps"]
-draft: false
-date: 2015-01-27T15:28:31+00:00
-url: /blog/new-ivpn-client-v2-0-windows/
-comments:
-  - author: JJ
-    date: 2015-02-14T04:18:36+01:00
-    content: |
-      Great job guys, really nice program, but small problem relating to the old DNS issue like <a href="/knowledgebase/troubleshooting/my-vpn-is-connected-but-i-cannot-browse-the-internet-why/" rel="nofollow ugc">/knowledgebase/troubleshooting/my-vpn-is-connected-but-i-cannot-browse-the-internet-why/</a>
-
-      I used to have to tick box to stop IVPN from setting dns and input opendns but now I have not an option for this, so I can connect but not use IVPN, unless I re-enter dns everytime.
-
-      Thanks for the good work.
-  - author: Anonymous
-    date: 2015-03-06T13:52:02+01:00
-    content: |
-      Nice move, IVPN team! I've set it on always-on. Works flawlessly.
-  - author: Anonymous
-    date: 2015-05-25T19:05:41+02:00
-    content: |
-      Hurry it up on the Mac version will ya? XP Can we get an ETA on it please??
-
----
-After much hard work we are proud to present our new [IVPN Client for Windows][1]. Behind the completely reworked user interface and improved stability we are thrilled to introduce the IVPN Firewall. When enabled it completely protects your data from leaking outside of the secure VPN tunnel, no matter what.
-
-__Please note__ that this release is for Windows only, we are already working on a similar update for the Mac OSX IVPN client that should be available in the next few months.
-
-![Windows](/images-static/uploads/ivpn-main-window.png)
-
-## IVPN Firewall — Complete leak protection implemented properly
-
-Once enabled the IVPN Firewall integrates deep into the OS using Microsoft's own WFP API ([Windows Filtering Platform API][2]) and filters all network packets. The Firewall is independent of the IVPN client so even if a component of the IVPN Client crashes filtering will continue uninterrupted.
-
-The IVPN Firewall can be configured to switch on automatically during VPN connection or you can enable it manually when you need it. You can even configure the 'always-on' IVPN Firewall to protect the system all the time even before Windows is booted. This will ensure that no traffic will bypass the VPN tunnel even during the boot up phase.
-
-To get a better idea how data is protected by the IVPN Firewall let's review the weak points of any VPN software.
-
-### Network configuration and routing table changes
-
-VPN security relies heavily on the integrity of a systems network configuration, most importantly the routing table. This presents a significant risk if the network configuration and/or routing table is changed inadvertently. This may lead to some or all traffic bypassing the VPN tunnel silently and a complete loss of privacy and anonymity.
-
-A few examples of events that could cause the network to be reconfigured suddenly and without notice:
-
-  * Disconnection from or connection to Wi-Fi or wired network.
-  * Weak Wi-Fi signal which causes Wi-Fi to reconnect.
-  * Awaking from Sleep and/or Hibernation states.
-  * Network errors that force the network adapter to reset.
-  * Third-party security software that reconfigures the routing table for its own needs.
-  * Reboot or configuration change of the network router you are connected to.
-  * Static route addition by the DHCP server.
-  * &#8230; and many others.
-
-The IVPN Firewall completely eliminates these threats by only allowing traffic through the VPN tunnel.
-
-### Boot time protection
-
-Native and third-party Windows services can use your internet connection even before the system is fully booted. Any application installed on your system has the opportunity to connect to a server on the Internet and to exchange data long before you are able to connect to a VPN. However the IVPN Firewall can be configured to protect your system all the time, ensuring that no traffic will leak outside the VPN tunnel even when the IVPN Client, its service, or even Windows is not fully booted. Such traffic will just be filtered out until everything finishes loading and the connection with the VPN is established.
-
-### IPv6
-
-As IPv6 becomes more popular, more and more ISP's and Wi-Fi hotspots around the world allocate an IPv6 subnetwork for their clients along with an IPv4 address.
-
-According to the [Google IPv6 adoption statistics][3] 14.5% of all US traffic is IPv6. Some countries such as Belgium have an adoption rate exceeding 30%.
-
-Its important to understand that when IPv6 is enabled on the network you are connected to it will take precedence over IPv4 for all of connections to hosts with IPv6 support.
-
-This IPv6 traffic will most likely silently bypass your VPN tunnel.
-
-As a result if you have no control over the configuration of the router you are connected to (e.g. a public Wi-Fi hotspot), or when the default configuration of your router is set to announce any IPv6 network your ISP has allocated to you and you haven't disabled IPv6 in your Windows OS (which is enabled by default), you may find that you have IPv6 support which is a major potential threat to your privacy.
-
-When the IVPN Firewall is enabled its impossible for any IPv6 traffic to leak outside of the VPN tunnel, giving you absolute peace of mind.
-
-### Software stability and crashes
-
-All software has bugs and may crash for a variety of reasons. For example, out of memory errors will crash practically any foreground application.
-
-Software designed for security must fail safe in the event of a crash, fully maintaining the security of the host system.
-
-The IVPN Firewall ensures that if the VPN client, any part of the tunnel or Windows OS crashes, no traffic will leave the computer until IVPN Firewall is disabled manually or a new VPN tunnel is established.
-
-### A few screenshots of the new UI
-
-![IVPN Client connected to the VPN with IVPN Firewall enabled.](/images-static/uploads/ivpn-main-connected.png)
-
-![Selecting a server for a VPN connection.](/images-static/uploads/ivpn-server-list.png)
-
-![IVPN Firewall configuration](/images-static/uploads/ivpn-settings-firewall.png)
-
-Try IVPN today by [signing up for one of our subscription plans][4]. We offer a full 7 day unconditional money back guarantee if you are not satisfied.
-
-To download the IVPN Client 2.0 for all versions of Windows please visit the [setup page][1].
-
- [1]: /apps/
- [2]: https://msdn.microsoft.com/en-us/library/windows/desktop/aa366510(v=vs.85).aspx
- [3]: http://www.google.com/intl/en/ipv6/statistics.html#tab=per-country-ipv6-adoption
- [4]: /signup/
diff --git a/src/content/es/blog/2015-05-26-scheduled-server-maintenance-june-2015.md b/src/content/es/blog/2015-05-26-scheduled-server-maintenance-june-2015.md
deleted file mode 100644
index 9b9c59f42..000000000
--- a/src/content/es/blog/2015-05-26-scheduled-server-maintenance-june-2015.md
+++ /dev/null
@@ -1,28 +0,0 @@
----
-title: Scheduled server maintenance – June 2015
-authors: ["Dennis Kügler"]
-categories: ["IVPN News"]
-tags: []
-draft: false
-date: 2015-05-26T09:27:35+00:00
-url: /blog/scheduled-server-maintenance-june-2015/
-
----
-In preparation for the new Multi-hop network we need to perform maintenance on several servers. Expected downtime is less than 30 mins per server. Only the servers listed below will be affected. Any active connections to the servers below will be disconnected at the time of the upgrade. __All times shown using 24-hour clock__.
-
-### Monday 1st June
-
-| Server | Location | PST | EST | UTC | BST | CEST |
-| ------ | -------- | --- | --- | --- | --- | ---- |
-| nl1.gw (gw1.nl) | Amsterdam | 23:00 | 02:00 | 07:00 | 08:00 | 09:00 |
-
-### Tuesday 2nd June
-
-| Server | Location | PST | EST | UTC | BST | CEST |
-| ------ | -------- | --- | --- | --- | --- | ---- |
-| gb1.gw (gw1.uk) | London | 23:00 | 02:00 | 07:00 | 08:00 | 09:00 |
-| us-tx.gw (gw1.us) | Dallas, TX | 01:00 | 04:00 | 09:00 | 10:00 | 11:00 |
-| gb2.gw (gw2.uk) | London | 02:00 | 05:00 | 10:00 | 11:00 | 12:00 |
-| nl2.gw (gw2.nl) | Amsterdam | 03:00 | 06:00 | 11:00 | 12:00 | 13:00 |
-| us-ut.gw (gw3.us) | Salt Lake, UT | 04:00 | 07:00 | 12:00 | 13:00 | 14:00 |
-| ch1.gw (gw1.ch) | Zurich, CH | 05:00 | 08:00 | 13:00 | 14:00 | 15:00 |
diff --git a/src/content/es/blog/2015-08-26-20-faster-windows-10-less-secure.md b/src/content/es/blog/2015-08-26-20-faster-windows-10-less-secure.md
deleted file mode 100644
index 35cfd7956..000000000
--- a/src/content/es/blog/2015-08-26-20-faster-windows-10-less-secure.md
+++ /dev/null
@@ -1,73 +0,0 @@
----
-title: '20% Faster & [Windows] 10% Less Secure'
-authors: ["Ed Holden"]
-categories: ["Privacy & Security"]
-tags: ["Security"]
-draft: false
-date: 2015-08-25T22:21:42+00:00
-url: /blog/20-faster-windows-10-less-secure/
-comments:
-  - author: Ind
-    date: 2015-08-27T04:55:40+02:00
-    content: |
-      You forgot to mention the fact that Cortana watches you on webcam, listens to your microphone and when you turn Cortana off its still active and transmitting back to Microsoft. You can only stop this with host and firewall rules, no switches.
-  - author: Michael
-    date: 2015-08-27T10:49:44+02:00
-    content: |
-      Very interesting post thanks!
-    
-      I'll pass it on to some friends.
-        
-      I still cringe when people ask why I run Linux DD-WRT and VPN, yet they are busting at the seams for this next Windoze Edition and actually still trust Microshaft.
-        
-      Keep up the excellent work IVPN&#8230;.and of course these excellent blogs :)
-  - author: Tim
-    date: 2015-09-27T16:47:16+02:00
-    content: |
-      Alzo do not think using a proxy at the os level will stop that data nack to MS as I and others have proven the OS has a cal home ceature that overixes the OS proxy config and goes direct instead. So yes indeed it will take some very specific firewall configs and frankly I would also dou le heck it does not also bypasss the vpn client config in the same way it does the proxy confif we tested. The answer here would be foe home use to config your router vpn to ivpn thus taking control from the pc os layer. MS is one to learn wht works and win 10 is straight out of Google's play book. By offering the os free they are offering as a service and thus in return they get your data. You will notice the enterprise pro editions ha e real security features as no corp is going to allow its data to go back to ms. 
-
-      The share your Wi-Fi creds is the sthpidezt things ever thought of. Seeing how outlook etc auto add to your contacts. Not everyone you email is a close friend and very well can be an adversary or worse and now you are givi g the free untethered access to your home possibly work networks ans what if gou tend to reuse the same passwords. Consider that your home is full of comm devices all hooked to Wi-Fi. That means with little know how they can listen and watch you thru a xbox kinect or that noce samsung tv wih built in mic and video. 
-
-      But yeh lets share your password creds with your entire contact list. It seems MS has decided you really did not make a user/password for any secuorty reaso at all so shard it with everyone to take care of that inconvenience. I guess thats the new ms strategy higher safer securoty thru no secuirty.. Sounds like someone was doing lsd while reading Art of war
-
----
-Microsoft's latest operating system Windows 10 has been making waves in the tech world. With an estimated adoption rate of 20.1% in the first 12 months it is a safe bet to say that Windows 10 will be coming soon to a desktop, laptop or tablet near you. While the speed and efficiency benefits of Windows 10 are evident, we must ask ourselves what security implications this brings?
-
-Technology companies such as Google have made headlines time and time again over their shady security practices and the large amount of data they collect about users. Microsoft seems to have taken a lesson from the likes of Google with Windows 10. In this article we will discuss a handful of "features" which are included in Windows 10 and enabled by default and how they compromise our everyday security. As consumers we have the right to privacy and that includes privacy about our daily activities and browsing activities. These are facts about our lives and how we spend our time which we should share only should we find it necessary and not something we should be obligated to share for the profit of another company.
-
-Windows 10 by default takes the very friendly choice of automatically going through most of your personal data including contacts, calendar, mail and messages with the guise of improving your Windows experience. Information collected from the Operating System is linked with an individualized ID ("Advertising ID") assigned to you. This information is then uploaded to the Microsoft servers where it is used for the purpose of making your Windows experience better and your operating system smarter.
-
-Smarter means more involved. If you decide security is for you and encrypt your hard drive then Windows automatically stores that data on One Drive which opens up its own set of security issues. The security violations mentioned above go further as Microsoft's own security policy (See here: http://www.microsoft.com/en-us/privacystatement/default.aspx) state that Microsoft can scan and analyze all information that passes through their services (including outlook, MSN and live) in addition to information obtained from Cortona (enabled by default in Windows 10) - including but not limited to searches, reminders, notes and actions. Your location is also recorded via GPS hardware or Wi-Fi location data if available.
-
-Should you allow the default settings when installing Windows 10 or during an upgrade you will be consenting to all of the above. The good news is that there is something you can do about it. You can protect your privacy with a few easy steps which we will discuss below.
-
-**Privacy Settings**
-
-1. Search for Privacy from the start menu
-2. Turn off the following options:
-  * "Send Microsoft information about how I write"
-  * "Let apps use my Advertising ID"
-  * "Location"
-
-**Advertising ID**
-
-1. Search for advertising
-2. Open the "Choose if apps can use my advertising ID" option
-3. Disable the advertising ID
-
-We also suggest disabling Windows 10's new "Wi-Fi Sense" feature which in essence uploads your Wi-Fi passwords to the cloud and then shares them with all of your contacts so that they can "borrow" your Wi-Fi networks. While this may seem like a handy feature you must consider the security risks that this poses. Protecting your Wi-Fi network can be a crucial part of your regular security regimen and we suggest you disable this feature. Please read on to find out how.
-
-**Disable Wi-Fi Sense**
-
-1. Open the Settings pane in Windows 10
-2. Locate "Change Wi-Fi Settings"
-3. Scroll down past your list of Wi-Fi networks
-4. Locate and Disable "Wi-Fi Sense"
-
-While disabling the above options will make Windows 10 "dumber" and disable many of its "learning" abilities it will also make Windows 10 a lot more secure. Everything comes at a price and smarter electronics often come at the price of less security. In modern electronics security should be the priority and not an option, unfortunately that is not the choice of many major tech companies.
-
-At IVPN we value your security. We do not store personal information about our clients, we do not keep logs and we do not assume that security is secondary to "software intelligence".  If you care about your privacy you can follow the simple steps above to make Windows 10 more secure. We also suggest using a high quality security focused VPN such as IVPN.
-
-We have a live chat team available for inquiries anytime. Happy surfing and stay safe.
-
--IVPN Team
diff --git a/src/content/es/blog/2015-10-28-port-forwarding-reservations-now-available.md b/src/content/es/blog/2015-10-28-port-forwarding-reservations-now-available.md
deleted file mode 100644
index 8ca0e10f2..000000000
--- a/src/content/es/blog/2015-10-28-port-forwarding-reservations-now-available.md
+++ /dev/null
@@ -1,32 +0,0 @@
----
-title: Port forwarding reservations now available
-authors: ["Dennis Kügler"]
-categories: ["Releases"]
-tags: ["Privacy"]
-draft: false
-date: 2015-10-28T17:26:24+00:00
-url: /blog/port-forwarding-reservations-now-available/
-
----
-
-
-> July 2023 update: Port Forwarding is being phased out from the IVPN service and is no longer offered to new customers.\
-> You can find more information in a [blog post][1] about this change.
-
-
-Today we are excited to release the first of many upgrades to our network, **reservation based** port forwarding. Port forwarding is an advanced feature for customers who need to run servers whilst connected to IVPN (for more info see [what is port forwarding?][2]).
-
-**Please note:** If you do not understand port forwarding then you almost certainly do not require it and we strongly recommend that you leave it disabled as it can introduce security risks.
-
-Previously if you had port forwarding enabled, when you connected to a server you were required to login to the client area on the website to check which port number had been assigned to you. However if you disconnected at any time and reconnected to a new server you would receive a new port number. Our new port forwarding system enables you to login to the client area and reserve a port which will be assigned to you indefinitely, every time you connect to a server you will receive the same port number. No more having to reconfigure your software!
-
-To reserve your port, simply login to the [client area][3] and click on your username and then the **Configure Port Forwarding** link. You can then enable port forwarding (if you haven't already) and retrieve your long term port reservation. Please note that both UDP and TCP traffic will be forwarded on your reserved port.
-
-**Note:** If you do not login to the network for 14 days your reservation may be released and you will be required to login to the client area and reserve another port.
-
-In the next week we will be releasing our highly anticipated new Multi-hop network together with major updates to the Windows and OSX clients. Stay tuned and follow us on twitter at [@ivpnnet][4].
-
- [1]: /blog/gradual-removal-of-port-forwarding/
- [2]: /knowledgebase/general/what-is-port-forwarding/
- [3]: /clientarea/
- [4]: https://twitter.com/ivpnnet
diff --git a/src/content/es/blog/2015-11-26-introducing-the-ivpn-client-v2-4-for-windows-osx.md b/src/content/es/blog/2015-11-26-introducing-the-ivpn-client-v2-4-for-windows-osx.md
deleted file mode 100644
index 06cac2cd5..000000000
--- a/src/content/es/blog/2015-11-26-introducing-the-ivpn-client-v2-4-for-windows-osx.md
+++ /dev/null
@@ -1,93 +0,0 @@
----
-title: 'Introducing the IVPN client v2.4 for Windows & OSX'
-authors: ["Ed Holden"]
-categories: ["Releases"]
-tags: ["Apps"]
-draft: false
-date: 2015-11-26T18:34:57+00:00
-url: /blog/introducing-the-ivpn-client-v2-4-for-windows-osx/
-comments:
-  - author: Maarten Billemont
-    date: 2015-11-30T22:27:45+01:00
-    content: |
-      Wonderful news!
-
-      Are there any plans to publish the source code for these clients under a Free Software license so that we can build it ourselves and don't need to rely on pre-built binaries?
-  - author: Mr. A. Dog
-    date: 2015-12-15T11:46:54+01:00
-    content: |
-      I am very happy that you have the Firewall features in Mac OSX now. Bravo!
-  - author: MK
-    date: 2016-04-04T17:49:09+02:00
-    content: |
-      The firewall feature is excellent. Thank you! I now have version 2.6 on OSX, and I have 2 feature suggestions:
-
-      1. If there were some way to see what the current upload / download speed is. Perhaps this could be done via mousing-over the iVPN icon (just as with the Tunnelblick icon).
-
-      2. If it were possible to have a sound play upon connection and a (different) sound play up on disconnection. I liked this about Tunnelblick.
-        
-      Thank you!
-  - author: Gerhard
-    date: 2016-06-16T23:51:17+02:00
-    content: |
-      Please also brings a client for Ubuntu / Kubuntu &#8230; out.
-  - author: SmallTownPleb
-    date: 2016-07-26T12:26:34+02:00
-    content: |
-      Is macOS Sierra compatible with this client? I know this new OS broke my Logitech peripherals.
-  - author: Ed Holden
-    date: 2016-07-26T17:01:15+02:00
-    content: |
-      Not yet, we're still testing, a lot of new changes in Sierra which require updates to the OSX app. We will release updates ASAP to ensure full compatibility before release.
-  - author: LKO
-    date: 2016-11-05T15:54:35+01:00
-    content: |
-      Great work IVPN - very happy to see this!
-
-      Are there plans to release an iOS app? At this stage the OpenVPN works but it's not reliable.
-  - author: Dennis Kügler
-    date: 2016-11-07T12:34:07+01:00
-    content: |
-      Yes, we're actively developing an iOS client and hoping to release v1 before the end of the year.
-  - author: Liam
-    date: 2016-11-07T16:49:04+01:00
-    content: |
-      Amazing! Thank you for your response. Keep up the great work - you've also kept me as a customer now.
-  - author: Nick
-    date: 2017-01-02T02:58:05+01:00
-    content: |
-      Is this fully open-source? If not, it hardly matters what features you put in, as it'll be untrustworthy at a fundamental level. The client does look sleek though - but where's the Linux version? Must say its strange to completely ignore Linux, but attempt to push out iOS versions. Also, what's the point of your "multi-hops" - which enemies are you trying to avoid? It seems like its just marketing, because the hops are done by the same company. So if someone was wiretapping IVPN, your multi-hops wouldnt do a thing to stop them, unless the traffic is tunnelled again, to hide the contents of it.
-  - author: LKO
-    date: 2017-01-09T19:29:09+01:00
-    content: |
-      Any updates on the iOS client?
-
----
-We're thrilled to releasing major new updates to our IVPN client for Windows and OSX. We've listened carefully to customers and this release addresses almost every feature request we've had in the past year. We've put extra effort onto the OSX client as it has previously not received as much attention as the windows client. That's also changing as both clients are built from a common code base. All future releases of the IVPN client software will be for both OSX and Windows at the same time. To facilitate this we have aligned the OSX client version with that of the windows version, 2.4
-
-## Full mesh Multi-hop network support
-
-For both clients, we have introduced the capability to multi-hop on our <a href="/blog/multihop-v2-network-now-available/" target="_blank" rel="noopener noreferrer">new full mesh network</a>. When you connect to an entry server using multi-hop, your traffic will be routed securely and directly to the exit server for maximum performance (no intermediate servers). Both IVPN clients have updated versions of OpenVPN and the obfsproxy transport (useful if you're in China etc.) and a significant number of bugs have been squashed making this by far the most stable release we have published.
-
-## IVPN Firewall - Robust leak protection for OSX
-
-The OSX client has the same robust IVPN Firewall that we introduced for the Windows client earlier this year. The IVPN Firewall ensures full protection against data leaks by implementing low level firewall rules using OSX's native PF firewall. It doesn't matter if your connection drops or  your network configuration changes, the only exit for packets is through the VPN tunnel until it is explicitly disabled, providing a significant increase in your privacy and security.
-
-The firewall is independent of the IVPN client so even if a component of the IVPN Client crashes filtering will continue uninterrupted. The IVPN Firewall can be configured to switch on automatically during VPN connection or you can enable it manually when you need it. You can even configure the 'always-on' IVPN Firewall so it starts before any other processes, ensuring that no traffic will bypass the VPN tunnel even during the boot up phase.
-
-In addition, the IVPN Firewall protects against data leaks as a result of network configuration and routing table changes, IPv6 leaks and software crashes. For more information about how these types of leaks occur see our previous post on the <a href="/blog/new-ivpn-client-v2-0-windows/" target="_blank" rel="noopener noreferrer">IVPN Firewall for Windows</a>.
-
-## New UI for OSX
-
-![Home screen for IVPN Client](/images-static/uploads/osx-client-homescreen.png)
-
-![IVPN client connected](/images-static/uploads/osx-client-connected.png)
-
-![IVPN client - exit selection](/images-static/uploads/osx-client-exit-server.png)
-
-![OSX client preferences](/images-static/uploads/osx-client-preferences.png)
-
-## Download links
-
-  * <a href="/apps-windows/" rel="noopener noreferrer">IVPN client for Windows 7/8/10</a> (<a href="https://github.com/ivpn/desktop-app-ui/blob/master/CHANGELOG_windows.md" target="_blank" rel="noopener noreferrer">changelog</a>)
-  * <a href="/apps-macos/" rel="noopener noreferrer">IVPN client for OSX 10.7+</a> (<a href="https://github.com/ivpn/desktop-app-ui/blob/master/CHANGELOG_macos.md" target="_blank" rel="noopener noreferrer">changelog</a>)
diff --git a/src/content/es/blog/2015-11-26-multihop-v2-network-now-available.md b/src/content/es/blog/2015-11-26-multihop-v2-network-now-available.md
deleted file mode 100644
index 5002a699b..000000000
--- a/src/content/es/blog/2015-11-26-multihop-v2-network-now-available.md
+++ /dev/null
@@ -1,44 +0,0 @@
----
-title: Multi-hop v2 network now available
-authors: ["Ed Holden"]
-categories: ["Releases"]
-tags: ["Apps", "Privacy"]
-draft: false
-date: 2015-11-26T18:30:19+00:00
-url: /blog/multihop-v2-network-now-available/
-comments:
-  - author: Adam vij
-    date: 2017-01-02T03:00:06+01:00
-    content: |
-      I would like to see what you think about:
-
-      <a href="https://airvpn.info/topic/15854-airvpn-must-offer-multi-hop-double-vpn-and-tor-overvpn-in-openvpn-config/?p=52124" rel="nofollow ugc">https://airvpn.info/topic/15854-airvpn-must-offer-multi-hop-double-vpn-and-tor-overvpn-in-openvpn-config/?p=52124</a>
-
-      Since I am considering signing up for IVPN, but your multi-hop seems a bit.. pointless?
-  - author: John
-    date: 2017-04-21T06:48:22+02:00
-    content: |
-      i think the multi hop is great and the only reason I will join.
-  - author: Micheal
-    date: 2018-09-07T09:55:45+02:00
-    content: |
-      Taking guidance from a blog about <a href="https://www.bestvpnguru.com/best-multi-hop-vpn-chain/" rel="nofollow">Multi Hop VPN</a> and comparing your features with it&#8230;. I think it will be a good idea to join in.. Thanks a lot.
-  - author: Oliver
-    date: 2020-04-02T17:11:05+02:00
-    content: |
-      Multi hop is a amazing feature and everyone should try this :)
-
----
-We're extremely excited to launch the much anticipated multi-hop v2 network today. This new network has been built from scratch to offer the highest levels of performance and privacy based on our experience running a VPN network over the last 6 years.
-
-Every server in the network is now both an entry and exit server. When you connect you can choose both where your data will enter into our network and where it will exit providing significantly more flexibility over our existing 3 location setup. Multi-hop is an important privacy  technology as it makes traffic analysis significantly more difficult for adversaries to correlate traffic entering our network with that exiting it. Adversaries would at a minimum require access to the data centers in two different jurisdictions at them same time to identify the source of a connection.
-
-We've invested significant time developing a full mesh network so all connections between servers are direct (unlike a hub and spoke model), thereby ensuring the maximum possible speed whilst relaying traffic through multiple servers. Multi-hop servers are located in different countries so it does however come with the cost of higher latency and lower speeds. Customers should therefor <a href="/privacy-guides/will-a-vpn-protect-me/" target="_blank" rel="noopener noreferrer">carefully consider their threat model</a> when deciding whether it is necessary to use the new multi-hop network over the existing singlehop network which will always be the fastest.
-
-To use the new multi-hop network you can use our <a href="/blog/introducing-the-ivpn-client-v2-4-for-windows-osx/" target="_blank" rel="noopener noreferrer">latest IVPN v2.4 client</a> launching today or any OpenVPN compatible client. When using a non-IVPN client simply append the short name (2 letter country code) of the exit server to your username e.g. if you connect to the UK server with the username **ivpn123456@ro** then your traffic will enter the VPN in the UK and exit in Romania. Of course if you are using the latest IVPN client v2.4 then this configuration is fully transparent.
-
-The DNS servers for multi-hop connections are now positioned in the exit location. Previously if you connected to UK->NL your DNS requests would be resolved by a DNS server based in the location where you connected i.e. the UK. Now your requests will be forwarded through the tunnel to a DNS server in the exit location (in this case NL). This again mitigates the risk of traffic analysis thereby improving your security.
-
-As mentioned in the <a href="/blog/port-forwarding-reservations-now-available/" target="_blank" rel="noopener noreferrer">previous blog update</a>, we now have a reservation based port forwarding system so you can keep the same port number for as long as you want. In addition to port forwarding on the standard singlehop network you can also use port forwarding on the multi-hop network. So if you activate port forwarding and connect to UK->NL, any traffic sent to the server in NL on your assigned port will be forwarded through the VPN to the UK server and then through the VPN to your device.
-
-We hope you're as excited about these developments as we are. If you have any feedback we'd love to hear it - <feedback@ivpn.net>.
diff --git a/src/content/es/blog/2016-01-21-should-gibraltar-be-classified-as-a-member-of-the-five-eyes-alliance.md b/src/content/es/blog/2016-01-21-should-gibraltar-be-classified-as-a-member-of-the-five-eyes-alliance.md
deleted file mode 100644
index 26b568a3c..000000000
--- a/src/content/es/blog/2016-01-21-should-gibraltar-be-classified-as-a-member-of-the-five-eyes-alliance.md
+++ /dev/null
@@ -1,129 +0,0 @@
----
-title: Should Gibraltar be classified as a member of the 'five eyes' alliance?
-authors: ["Ed Holden"]
-categories: ["IVPN News"]
-tags: ["Privacy"]
-draft: false
-date: 2016-01-21T08:42:33+00:00
-url: /blog/should-gibraltar-be-classified-as-a-member-of-the-five-eyes-alliance/
-comments:
-  - author: ThatOnePrivacyGuy
-    date: 2016-01-21T19:20:17+01:00
-    content: |
-      ThatOnePrivacyGuy here,
-
-      I'm inferring that this blog post is in direct response to my VPN Comparison Chart in which I mark Gibraltar as a "Fourteen eyes country" (with a note explaining Gibraltar itself isn't a fourteen eyes country, but it is a British Overseas Territory of the UK, which is). I have created a thread on reddit on the /r/vpn subreddit where I will respond to questions and comments and in which I have posed the question to the community after providing the information I originally used to make this decision. The relevant thread can be found here:
-
-      <a href="https://www.reddit.com/r/VPN/comments/421973/should_gibraltar_be_classified_as_a_fourteen_eyes/" rel="nofollow ugc">https://www.reddit.com/r/VPN/comments/421973/should_gibraltar_be_classified_as_a_fourteen_eyes/</a>
-  - author: ThatOnePrivacyGuy
-    date: 2016-01-21T21:12:35+01:00
-    content: |
-      ThatOnePrivacyGuy here,
-
-      After some consideration, I have changed my VPN Comparison Chart in the /r/vpn sidebar to show Gibraltar NOT as a Fourteen Eyes Country, but I have left the note that was there in place as a warning for the reasons discussed in my thread.
-  - author: Michael
-    date: 2016-01-25T04:32:06+01:00
-    content: |
-      It's clear to see how these Alliances have been operating for probably longer than we realised. Australian's wanted to cut ties to the Commonwealth quite some time ago but of course that did not eventuate. Aus ticks a lot of boxes from above but that one tie to the "Commonwealth" keeps us in the FVEY's.
-    
-      I have noticed using IVPN tuneling via the UK recently that there have been "Read this about changes in how we handle your data" type notices on G0ggleye sites.
-        
-      Switch to the US or NL and the notice is gone. It seems the UK are digging their claws in. I guess most will click "Okay I got it" rather than read it.
-
-      Privacytools.io has and maintains a very informative collection of tools and explains the 5-14 eyes agreements for anyone who is interested.
-
-      Thanks for the informative blog post @Ed Holden.
-  - author: Anonymous
-    date: 2016-02-28T22:09:12+01:00
-    content: |
-      Gibraltar is a British territory, so although it isn't a part of the UK and has its own parliament and judiciary, the UK is still responsible for its defense and foreign policy.
-
-      This means that Gibraltar is within GCHQ's jurisdiction through the UK's membership in the Five Eyes, the Nine Eyes, and the Fourteen Eyes.
-  - author: Crypto | Seb
-    date: 2016-04-26T07:54:43+02:00
-    content: |
-      I am sort of on the fence with this one. Do I believe that Gibraltar is able to be controlled by high authority government entities within the UK? Yes. Do I think this is at all likely to happen? No. Let me do some explaining.
-
-      I have always told people that security, privacy and anonymity come in multiple levels. In this day and age, we can't just rely on a home security system to keep us safe and never lock our front door. The same applies for the digital world as well. In the Reddit post, someone mentioned "for OPSEC purposes.." and I immediately saw the flaw in that because one would be outright foolish to place their unconditional trust in a VPN company if it was life or prison for them.
-
-      I am a firm believer that IVPN is standing up for our privacy in the digital world on incredible levels. I also believe they could improve the system to garner more trust from their user-base (which I would happily discuss with their admins :P). But in the end, they are a great job at providing a service that is secure and keeps who we are anonymous and what we do private. Should they receive such a high-powered lawful request to turn on logs and identify a customer, from an Intelligence agency like the GCHQ, it is you who is at fault if they are able to fulfill this request and come knocking on your door with a search warrant. Placing all your eggs in one basket is a surefire way to get owned. 
-
-      Chaining multiple VPNs together or using the Tor Browser on top of IVPN is not only easy to do, but can only further the anonymity you acquire. **
-
-      Crypto | Seb
-
-      <a href="https://twitter.com/cryptoseb" rel="nofollow ugc">https://twitter.com/cryptoseb</a>
-  - author: Will
-    date: 2016-12-28T21:48:19+01:00
-    content: |
-      iVPN should get a lot of credit for being transparent about what they can and cannot do. On this topic, the crucial question is probably data retention. Can the jurisdiction of the company's incorporation compel iVPN to keep and turn over customer data, including actual internet traffic, logs, and other items related to clients? iVPN's data privacy policy is spelled out here:
-
-      <a href="/privacy/" rel="nofollow ugc">https://www.ivpn.net/privacy/</a>
-
-      That's about as good as it gets for vpn services. If your vpn service does not keep the data, they can't turn it over to whoever compels them to do so.
-
-      That is not completely bulletproof, but it is a good start. As far as Gibraltar goes, it is a British Overseas Territory, and each territory has differences in how it is governed. Unlike British Crown Dependencies (the channel islands, Isle of Mann) territories can have varying degrees of separation from the UK government. If GHCQ (that large Doughnut shaped building in Cheltenham) is listening to internet traffic in and out of Gibraltar, what would they "hear"? iVPN's entry and exit node servers are not in Gibraltar. The British government is responsible for Gibraltar's defense and foreign policy, so could some part of it compel a private Gibraltarian company like iVPN to hand over client data, or force it to "split tunnel" or "mirror" their server traffic in foreign countries?
-
-      It may be possible, but unlikely. Gibraltar is self-governing, and it would be a stretch for the Brits to ask for this. Gibraltar is pretty good when it comes to the privacy of companies incorporated there, so they would be unlikely to go along.
-
-      I would worry about the Brits, but I would worry a lot more about the American and EU governments, and, at the moment, Spain. The EU might have good data privacy laws for individuals, but for companies like iVPN it might be different. Spain after the Brexit vote now wants "co-sovereignity" over Gibraltar, which the citizens of Gibraltar have fiercely rejected (and rightly so).
-  - author: Ken Westmoreland
-    date: 2017-06-08T20:56:08+02:00
-    content: |
-      Australia has never sought to 'cut ties' with the Commonwealth of Nations- the majority of Commonwealth members are republics, and had the referendum in 1999 gone the other way, existing agreements like the Five Eyes agreements would have remained the same.
-
-      In theory, the UK still has the right to legislate for Gibraltar and suspend its Constitution (just as it did that of another Overseas Territory, the Turks and Caicos) whereas the 1986 Australia Act removed the UK Parliament's right to legislate for Australia - in addition, the Privy Council was also removed as Australia's highest court of appeal. 
-
-      In conclusion, not the same as Australia.
-  - author: NaiveSinner
-    date: 2017-09-12T02:34:46+02:00
-    content: |
-      Er guys, the spooks have been seen to break the law, time and time again. That's why giving them more power is dangerous. If it's a serious case like stopping a terrorist nuke or WMD no one is going to give a sh1t, but most of the spying by volume by definition of mass surveillance, has 0% to do with that. Thus, breaking the law, it is encouraging love of the power that the technology gives them, mission-creep and corruption by power, plain and simple. An Age-old problem for humans. The same failure of restraint that some extremist is doing, just different tools and a lot more cold-blooded. So, why is the discussion about whether spying is happening under the laws of the UK / Gibraltar? What about illegally? Thus the geographic region is irrelevant! When they have secret courts where you don't get to challenge the evidence? That's dangerous, to assume that they aren't doing something, just because it is illegal to do it&#8230; With the ignorant corrupt culture in the UK today, who's to stop them? They know it's like that! Superhumans don't exist, and power corrupts, end of story. They're spooks - at least some of whom are the best professional liars in the UK, arguably. Or certainly are working hand-in-hand with their counterparts in Westminster. All this debate, implying they cannot use something against you in legal proceedings because it was gathered illegally, which is NOT a point of law in the UK. There, even cops can lie and break the law to gather evidence but the evidence is still admissible - shameful and rights-abusing but true - that "evidence must be gathered legally" is the USA you're thinking about. So, sure, RIPA and IPA don't apply (or do?) so one of the TENS of UK Gov agencies that have powers to snoop on you since RIPA (let alone the Investigatory Powers Act) won't have such an easy time doing so&#8230; but you're naive if you think they go so far into intelligence gathering via electronic means, but suddenly stop at the Gibraltan border etc. The UK maintains a whole base in Cyprus for one reason only: Sigint. Well, maybe the sexy Cypriot women help sway it, but people need to realize the mentality of these British Government / Establishment people. They are power-crazy. Now, obviously your threat model may fear none of that, it doesn't matter, etc. But they (Gov ministers) keep talking about banning encryption, guys! Like it was an any-way-near sane option to consider! Scary times, and I don't want to sow FUD, honestly. It's just&#8230; well, naivety in others is a tool they use, too, remember that.
-
----
-There is a widely circulated misconception that Gibraltar is a part of the United Kingdom (UK). This misconception is reflected in the apparent classification of Gibraltarian VPN service providers as UK service providers. Such a classification misleads the users of Gibraltarian VPN services (such as IVPN) by giving them the false impression that Gibraltarian VPN services are governed by the UK laws and hence are subject to the signals intelligence sharing of the [five eyes][1] or 'fourteen eyes' alliances.
-  
-The purpose of this article is to demonstrate that Gibraltar is not a part of the United Kingdom (UK) and, therefore, Gibraltarian VPN service providers are not subject to the intelligence sharing alliance of the 'five eyes'. In Section 2, an examination of the relationship between Gibraltar and UK is provided. Section 3 contains arguments showing that Gibraltar is not a part of the UK. In Section 4, a conclusion is drawn. 
-
-## What is the relationship between Gibraltar and UK?
-
-The main relationship between Gibraltar and UK stems from the fact that the British monarch is the head of state of both Gibraltar and UK. However, such a relationship is not enough to make Gibraltar a part of UK. For example, no one argues that Andorra is a part of France although the President of France is the head of Andorra (together with the Spanish/Roman Catholic Bishop of Urgell). 
-
-## Arguments showing that Gibraltar is not a part of the UK
-
-Gibraltar is not a part of the UK due to the following reasons:
-
-  * Gibraltar has its own system of governance, including a parliament and a government. The members of these two institutions are elected by the Gibraltar electorate. The parliament has 17 members, whereas the government consists of 10 members. The [official website of the Gibraltar parliament][2] states that the "the Gibraltar Parliament is the heart of democracy in Gibraltar and the rock foundation of the sovereignty of 'Gibraltarians' in the widest sense". 
-      * Gibraltar is not governed by the UK laws, but by legislation which suits Gibraltar's own particular requirements and not the UK requirements.
-      * The [Gibraltar Legislation Support Unit][3] (LSU), together with ministers and government departmental officials, is responsible for drafting the Gibraltarian legislation. The Gibraltarian legislation is not drafted by the UK Office of the Parliamentary Counsel (an institution responsible for drafting all UK government Bills).
-      * Gibraltar has its own independent legal system. The Supreme Court of Gibraltar has unlimited jurisdiction to resolve any civil or criminal disputes. Other judicial institutions in Gibraltar include: the Court of Appeal of Gibraltar, Court of First Instance, and Magistrates' Court.
-      * Gibraltar uses its own currency (the Gibraltar pound) which is controlled by Gibraltar's government.
-      * Gibraltar is not officially represented in the UK parliament.
-      * Gibraltar is excluded from 4 areas of EU policy, namely, Customs Union, Common Commercial Policy, Common Agriculture Policy, Common Fisheries Policy. In comparison, the UK is obliged to comply with all those four areas. If Gibraltar was a part of the UK, the EU policies applying to UK would have applied to Gibraltar as well.
-      * Gibraltar is not obliged to comply with neither UK nor EU VAT rules. See [Article 28 of the 1971 UK Assession Treaty][4]. 
-          * The [Gibraltar Constitution Order 2006][5] clearly states that the Constitution of Gibraltar gives the people of Gibraltar a degree of self-government.
-          * The taxation in Gibraltar differs significantly from the taxation in UK. In comparison with UK, no corporate tax is levied on income which is not accrued in and derived from Gibraltar.
-          * The law enforcement in Gibraltar is in the hands of the Royal Gibraltar Police Force, not in the hands of the UK Police.
-          * The British Foreign and Commonwealth Office pointed out that Gibraltar is a separate territory enjoying the individual and collective rights accorded by the Charter of the United Nations.
-          * The British government clearly supported the right of self-determination of the people of Gibraltar.</ul> 
-        ## Conclusion
-        
-        In the light of the aforementioned observations, it can be concluded that Gibraltarian VPN service providers should not be classified as UK service providers and hence are not subject to the signals intelligence sharing of the 'five eyes' or 'fourteen eyes' alliances. To do the opposite would mean to disregard the important difference between the regulatory regimes applying to Gibraltar and UK. For example, Gibraltarian VPN service providers are not obliged to comply with the comprehensive UK laws regulating the information society (e.g. [UK Digital Economy Act 2010][6]).
-        
-        Hence, the UK government is not entitled to conduct direct surveillance of Gibraltarian VPN networks. For example, the UK [Regulation of Investigatory Powers Act 2000][7] (RIPA) allows certain UK public bodies to demand that a VPN service provider provides access to a customer's communications in secret. RIPA does not apply to Gibraltar. 
-        
-        Even the data protection authorities of Gibraltar and UK are different. The data protection authority of Gibraltar is called [Gibraltar Regulatory Authority][8] (GRA). The GRA supervises the enforcement of the [Data Protection Act 2004][9], a Gibraltarian law implementing the European data protection laws. The UK authority responsible for the enforcement of the [UK Data Protection Act 1998][10] is called [Information Commissioner's Office][11] (ICO). 
-        
-        In the future, we can expect that Gibraltar will preserve its self-governance and independent legal system. The autonomous status of Gibraltar makes it an attractive location for companies wishing to preserve the privacy and security of their customers.
-
- [1]: https://en.wikipedia.org/wiki/Five_Eyes
- [2]: http://www.parliament.gi/
- [3]: https://www.gibraltar.gov.gi/new/legislation-support-unit
- [4]: http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A62001CJ0030
- [5]: http://www.gibraltarlaws.gov.gi/constitution/Gibraltar_Constitution_Order_2006.pdf
- [6]: http://www.legislation.gov.uk/ukpga/2010/24/contents
- [7]: https://en.wikipedia.org/wiki/Regulation_of_Investigatory_Powers_Act_2000
- [8]: http://www.gra.gi/
- [9]: http://www.gibraltarlaws.gov.gi/articles/2004-01o.pdf
- [10]: http://www.legislation.gov.uk/ukpga/1998/29/contents
- [11]: https://ico.org.uk/
diff --git a/src/content/es/blog/2016-09-23-closed-affiliate-program.md b/src/content/es/blog/2016-09-23-closed-affiliate-program.md
deleted file mode 100644
index 7567a8ad5..000000000
--- a/src/content/es/blog/2016-09-23-closed-affiliate-program.md
+++ /dev/null
@@ -1,102 +0,0 @@
----
-title: Why we closed our affiliate program
-authors: ["Ed Holden"]
-categories: ["IVPN News"]
-tags: ["Transparency"]
-draft: false
-date: 2016-09-23T11:52:10+00:00
-url: /blog/closed-affiliate-program/
-comments:
-  - author: That One Privacy Guy
-    date: 2016-09-23T15:40:46+02:00
-    content: |
-      Congratulations for making such a big and important decision for the sake of the industry and your customers!
-  - author: Happy customer
-    date: 2016-09-23T23:22:31+02:00
-    content: |
-      Good that you don't support this very unethical behavior. I made a good decision by choosing you as my VPN provider.
-  - author: Shany
-    date: 2016-09-25T14:40:53+02:00
-    content: |
-      Love you guys as a VPN service! Keep up the good work!!
-  - author: CHris
-    date: 2016-11-12T01:24:06+01:00
-    content: |
-      Thank you for this decision you made.
-  - author: Bill
-    date: 2016-11-29T09:42:42+01:00
-    content: |
-      I am using different VPN affiliate programs on my blog and its working good. PureVPN is doing good in conversion.
-    
-      VPN is untap industry for affiliates. You should not close it.
-  - author: Allvpn.org
-    date: 2016-12-05T21:42:47+01:00
-    content: |
-      A strange decision. Although we do not clean up your service from allvpn.org rating, because it is based on users opinions rather than remuneration.
-  - author: Will
-    date: 2016-12-21T23:18:17+01:00
-    content: |
-      Thank you both to iVPN and That One Privacy Guy for your efforts on this. In fairness to the affiliates who did not comply, it cannot be assumed that they are unscrupulous. But without complying, there is no way iVPN.net can determine that. It is hard to justify the overhead to run the affiliate program in these circumstances, and it's a shame that the handful of affiliates who were willing to comply find themselves disadvantaged by those who would not.
-
-      Keep up the good work. iVPN does a good job of educating their clients and the public about what a VPN can and cannot do, especially with respect to the topics of privacy, jurisdiction and data retention. The comparison websites are helpful, but better to understand in as much depth as you can what a VPN provider can and cannot do.
-  - author: MSVCP140
-    date: 2017-02-02T00:22:33+01:00
-    content: |
-      :-) OK !
-  - author: Chris
-    date: 2017-04-18T16:25:51+02:00
-    content: |
-      Good move, thanks for putting your customers first! Keep up the good work and thanks for the transparent communication.
-  - author: stephen
-    date: 2017-05-08T17:32:55+02:00
-    content: |
-      Good move, back you 100% on this - one more good reason to use your service :)
-  - author: Carl
-    date: 2017-06-11T12:18:22+02:00
-    content: |
-      Counter productive move.
-    
-      Now all those affiliate bloggers will start advertising other crappy VPNs out there.
-        
-      No benefit to the end user who reads those reviews instead of digging up on their own a little bit.
-        
-      So congratulations, you didn't fix anything, you just made a bigger problem imho.
-  - author: Technological Slavery
-    date: 2017-09-12T01:36:41+02:00
-    content: |
-      "VPN is untap industry for affiliates" - Hey genius, some things are worth more than squeezing a financial derivative out of someone else's hard work! Privacy and integrity are two things rapidly disappearing in this world, yet loved when still encountered. Business doesn't have to be about hating your fellow man (including by mildly or heavily deceiving him about which product to buy). Engineering excellence, intelligent management and leadership are to be cherished. If we can help maintain a culture that involves these qualities, then perhaps we can expand it to politics and the wider world, who knows? It's certainly overdue. But the more we keep thinking we're clever to make money - to play someone else's game the rules of which were never voted upon democratically (World Banking System, anyone?) the more we are destined to suffer the same upon us - and NO ONE can watch their back 24/7. You end up dying of exhaustion, believe me! From having lived under oppression, I know what ethics are worth. IF this company actually has some, it is vastly more important that they are upheld than some middlemen oxygen-thieves make themselves some easy money. Go find a job, fool. A REAL one.
-  - author: mark
-    date: 2017-12-20T19:04:25+01:00
-    content: |
-      Wow, finally I see someone else say something about this. I can tell you how frustrated I was a few months ago when I was looking for a new provider. Its so frustrating going around in circles trying to find REAL reviews. Its so discouraging. It's counterproductive and unsustainable behavior though. there really should be a legit vpn review
-  - author: Nikko
-    date: 2018-07-01T16:32:11+02:00
-    content: |
-      Good work. It took me a long time to find IVPN because of all the liars out there. They made ProtonVPN look good, but not even one day into their free trial, their server quit and leaked all over my desktop, and I couldn't even hit their website from the open Net. Reading this blog post has increased my trust level one full point in favor of IVPN. Trust is the most important factor in choosing a VPN.
-  - author: Alexander
-    date: 2020-03-19T10:48:39+01:00
-    content: |
-      This response is linguistically crafted with excellence. Well written, and in a way that strikes or "pokes" the person mentally, to get your valid points across and heard.
-  - author: parbriz bmw seria 3 2013
-    date: 2020-04-16T02:16:30+02:00
-    content: |
-      Thanks for another great post. Where else may anybody get that kind of information in such an ideal means of writing? I've a presentation subsequent week, and I'm on the search for such info.</a>
-
----
-A few weeks ago, we communicated to affiliates that our affiliate program would be closing. For those interested, this post provides some background on how we reached that decision.
-
-When IVPN launched, we never intended to create an affiliate program. We simply provided a link in our control panel, for customers to refer friends and receive credit. When we realised professional affiliates were signing up as customers to get a link, we created a separate signup page for them. As the VPN industry grew, a dizzying number of 'Best/top VPN' comparison sites popped up. And with the increasing competition, along came increasingly unethical behavior (which is certainly not unique to the VPN industry).
-
-One example is the voucher code scam, where affiliates advertise coupons/vouchers that don't exist (we don't offer any coupons/vouchers) to rank their website on Google for keywords such as 'ivpn coupon'. They do this to take advantage of the fact that many Internet shoppers are conditioned, when arriving on a checkout page, to open a new browser tab to search for discount codes. They would then find the affiliates page, click through on the link, and arrive back on the IVPN site. Even though they don't receive any discount, the affiliate still gets paid, even though they didn't actually refer the customer to us. We would have made the sale anyway, and so the affiliate is effectively stealing 25% of our revenue. 
-
-One of the most offensive practices is the offer to pay for top rankings. In some cases, these artificial rankings are disclosed within 'sponsored' areas. But in many cases, they are not. In addition, it's clear to us that many unscrupulous affiliates rank providers in order of potential revenue. Providers that have better commission offerings, or website conversion rates, go straight to the top. It's not hard to see why. Many affiliates are spending thousands, or even tens of thousands, of dollars on advertising to get visitors to their site, and they lose if a visitor clicks through to a VPN and doesn't buy.
-
-Why does this matter? When someone goes to Google and asks for the 'Best VPN' they expect to find information aiding them in identifying the best VPN for their needs. Not only would the above practices compromise this, but in some cases, people are using VPNs in circumstances where compromising their anonymity could be life threatening. For this reason alone, its imperative that companies advertising VPN services are honest about their relationship with the brands they are advocating. In the USA this principle is encoded in [FTC guidelines][1]. 
-
-In May of this year, we were contacted by That One Privacy Site stating that they had found that several of our affiliates had not implemented a clear and conspicuous disclaimer, even though it was required in our terms of service. We proceeded to audit our affiliates, and discovered that less than 5% were in compliance. It was a major failing on our part to have not caught this earlier. 
-
-We sent out an email asking all affiliates to implement the disclosure within 6 weeks. The response was depressing, with only a handful willing to comply, and many on the offensive. Indeed, too few compliant affiliates remained to justify the overhead of running an affiliate program. We would rather focus on building a better VPN service. 
-
-We would like to thank all honest and hard working affiliates who worked with us over the last five years, and helped to grow IVPN into the service it is today.
-
- [1]: https://www.ftc.gov/sites/default/files/attachments/press-releases/ftc-publishes-final-guides-governing-endorsements-testimonials/091005revisedendorsementguides.pdf
diff --git a/src/content/es/blog/2017-03-15-new-ivpn-app-ios.md b/src/content/es/blog/2017-03-15-new-ivpn-app-ios.md
deleted file mode 100644
index 50ed1a4af..000000000
--- a/src/content/es/blog/2017-03-15-new-ivpn-app-ios.md
+++ /dev/null
@@ -1,37 +0,0 @@
----
-title: The new IVPN app for iOS
-authors: ["Ed Holden"]
-categories: ["Releases"]
-tags: ["Apps", "Protocols"]
-draft: false
-date: 2017-03-15T16:29:02+00:00
-url: /blog/new-ivpn-app-ios/
-comments:
-  - author: Question?
-    date: 2017-04-13T13:53:54+02:00
-    content: |
-      Please say how you prevent IPv6 data leak on iOS? How you keep persistent connection and make sure no leak during delay switching between Wi-Fi and Cellular networks?
-  - author: Anon
-    date: 2017-04-29T11:26:22+02:00
-    content: |
-      Please answer iVPN?
-  - author: Anonymous
-    date: 2017-05-01T09:22:53+02:00
-    content: |
-      Unfortunately iVPN rarely update their blog or respond to comments. Open a support ticket.
-
----
-After hundreds (if not thousands) of requests, we're proud to release the IVPN app for mobile devices running iOS. If you'd like to download it immediately simply navigate to the [iOS setup][1] page. I'd like to take this opportunity to provide interested customers with more information about the security configuration and design goals of the app.
-
-When we first started working on an iOS app we quickly discovered that implementing OpenVPN was not possible due to the app store terms of service being incompatible with the GPL, the license under which OpenVPN is released. Unless of course you are the holder of the copyright in which case you can relicense it under some proprietary license, which of course OpenVPN technologies has done so they can publish the OpenVPN connect app. 
-
-Before the launch of this app we offered customers who didn't want to install the OpenVPN Connect app the possibility to configure L2TP/IPSec on their iOS device. Our configuration (like with all other VPN providers offering L2TP/IPSec) required that you use a public pre-shared key. This pre-shared key made an active MITM (Man in the middle attack) possible where the adversary impersonates our server and is then able to decrypt and eavesdrop on the connection. Even though the risk of this attack occurring is small, its bad security and we made it very clear on our website that L2TP/IPSec shouldn't be used for anything other than bypassing geographic restrictions. For more info see [is using L2TP/IPSec with a public pre-shared key secure?][2]
-
-The new IVPN iOS app uses IPSec with full certificate based authentication, eliminating the previous risks of a MITM attack. One of the advantages of using the native iOS VPN client and IPSec is 'On demand' VPN connections. As we have implemented it in our app, iOS will always establish a VPN connection before sending traffic to a particular domain (or all domains in our case). This ensures that the iOS app never leaks any data whilst you are connected to an IVPN server. Even when waking from sleep, the first packet of data will trigger the 'On Demand' rules to reestablish the VPN connection, queuing the packets until the connection is established. 
-
-One the most common complaints from mobile customers in the past was having to add/configure new servers as they were deployed on our network. The new app will always have the latest list of servers available on our network and will always connect to the least loaded server in a location. In addition when choosing a location to connect to, you can see which locations have the lowest latency from your current location, ensuring the best performance at all times from all locations.
-
-We encourage all customers to install the app and test it out. Customers who don't have an active IVPN account can signup for a free trial and even purchase a subscription using in-app purchase. All customers have access to all server locations from all clients regardless of where they signed up from. And if you have any feedback please send it! <feedback@ivpn.net>.
-
- [1]: /apps-ios/
- [2]: /knowledgebase/general/is-using-l2tporipsec-with-a-public-pre-shared-key-secure/
diff --git a/src/content/es/blog/2017-07-14-are-anti-malware-products-uploading-your-private-data.md b/src/content/es/blog/2017-07-14-are-anti-malware-products-uploading-your-private-data.md
deleted file mode 100644
index f07bf2e89..000000000
--- a/src/content/es/blog/2017-07-14-are-anti-malware-products-uploading-your-private-data.md
+++ /dev/null
@@ -1,142 +0,0 @@
----
-title: Are Anti-Malware products Uploading Your Private Data?
-authors: ["mirimir"]
-categories: ["Privacy & Security"]
-tags: ["Privacy", "Security"]
-draft: false
-date: 2017-07-14T12:57:13+00:00
-url: /blog/are-anti-malware-products-uploading-your-private-data/
-
----
-Given that you're reading this on IVPN's website, you probably care about online privacy. And you probably use VPN services to hide your online activity from ISPs. That's prudent, because ISPs clearly spy on their customers. In March 2017, the Trump administration [blocked FCC rules][1] that would have protected the privacy of ISP customers. The argument was that ISPs should have the same rights to use customer data "for commercial purposes" that Google _et alia_ do. And there's arguably more in play than ISP profits, given [MPAA's efforts to fight "piracy"][2] and [complaints from the FBI about "going-dark"][3]. That's even starker in the UK. The Investigatory Powers Bill, which went into effect in November 2016, requires ISPs to [retain users' browsing history "for up to a year"][4].
-
-OK, so you use VPNs. But what about other threats to privacy and security? Well, there's a fundamental problem: with modern designs, [manufacturers arguably have ultimate control over hardware][5]. The driver is ostensibly enhanced security and efficiency for enterprise customers. Most users can only trust that these capabilities won't be used to pwn them. For desktops, key concerns are [Intel's Management Engine][6] and [AMD's Platform Security Processor][7]. It's possible to [disable parts of Intel ME][8] on some hardware, but [brickage is possible][9].
-
-Moving right along, what about operating systems? You're most likely using [Windows (39%) or Android (37%)][10]. There is long-standing concern among privacy-conscious users about spying by Microsoft, especially since Windows 10. Windows 10 does indeed [scan computers for pirated software][11]. Google's business is based on personal data, and it's rather upfront about that. Both [Microsoft][12] and [Google][13] disclose that they share personal data with third parties for various commercial and legal reasons. Conversely, Apple has staked its reputation on protecting users' [privacy][14] and [security][15] with extreme ecosystem control. The downside for users is that ecosystem control means higher cost devices. One might say that Apple sells stuff to you, Google sells you to others, and Microsoft does some of both.
-
-So anyway, the top concern for Windows users is clearly malware. That's been the case for decades. For most users, the major threats are probably [ransomware][16], [botnets][17] and [banking trojans][18]. Some also worry about [NSA][19] and [CIA][20] malware. However, while the cyberweapon toolkits are impressive, widescale deployment seems unlikely.
-
-However, there is a quandary for Windows users who want protection against malware, but also have hardcore concerns about their privacy. Back in the day, anti-malware software scanned local processes and files, relying on periodically updated threat databases. But given the volatile threat environment, it's become common to [share user information with providers in real time][21]. That apparently includes geographic location, URLs, running processes, names and paths of files, and even "suspicious" files themselves (even documents). The [Emsisoft blog][22] has also covered this issue.
-
-Let's say that you've installed the IVPN client on your Windows machine. You use an anti-malware app, registered with (and perhaps paid for) using your real name. So now, the anti-malware servers may see what IVPN exit you're using, what websites you're visiting, what files you're streaming and downloading, what other software you're running, what documents you're working on, etc, etc, etc. Even if you're using a free anti-malware app, there are potentially still records of what you're doing with and without the IVPN client connected.
-
-There are many anti-malware products, so I will focus on the best-rated and most privacy-friendly. The top award in AV-Comparatives' [2016 Summary Report][23] went to Avira Anti-Virus Pro. The runners up were Bitdefender Internet Security and Kaspersky Lab Internet Security. Other highly rated products were Emsisoft Anti-Malware, ESET Internet Security, Tencent PC Manager, and ThreatTrack VIPRE. However, according to AV-Comparatives' 2014 report, [Data transmission in Internet security products][21], Bitdefender doesn't let users opt out of uploading "suspicious" files. And Tencent isn't listed. The others do permit opting out. Conversely, AhnLab Internet Security apparently wasn't rated in 2016, but it reportedly never collects URLs or file names, and doesn't upload files, just hashes. And finally, Windows Defender (or Microsoft Security Essentials on Windows 7) is arguably the default (and [occasionally recommended][24]) solution for Windows users. It's too bad that we don't have a more comprehensive set of [CIA anti-malware reviews][25].
-
-So what do these anti-malware providers disclose in their privacy policies? Well, AhnLab and Emsisoft both say that they won't share personally identifiable information (PII) with third parties, without exception:
-
-[AhnLab][26]: "AhnLab will not collect any personal information other than [data collected during software use] and will not disclose such data to any third party."
-
-[Emsisoft][27]: "Any information we collect from you is only used by us to serve you better. Your information is never given to a third party."
-
-Avira and Kaspersky disclose that they will share PII when requested or required:
-
-[Avira][28]: "Finally, Avira may disclose your PII if we are required by law to provide it to governmental agencies, courts or other authorities."
-
-[Kaspersky][29]: "We are always ready to assist national and international law enforcement agencies if they request it."
-
-The others go even further. They disclose that they will share PII voluntarily, when there are concerns about "unethical" activity and "safety":
-
-[ESET][30]: "We may disclose Personal Information and any other information about you if we believe it is reasonably necessary to respond to legal requests (including court orders, subpoenas, government inquiry), to protect the safety, property, or rights of ESET, to prevent or stop any illegal, unethical, or legally actionable activity, or to comply with the law."
-
-[Malwarebytes][31]: "We may disclose PII to government agencies, law enforcement officials, and private parties as we, in our sole discretion, believe necessary: (1) to satisfy or comply with any applicable law, regulation or legal process; (2) to respond to lawful requests, including subpoenas, warrants or court orders; (3) to protect our property, rights and safety and the rights, property and safety of third parties or the public in general; and (4) to prevent or stop activity we consider to be illegal or unethical." [But what about >[this claim][32] re user privacy?]
-
-[Microsoft][33]: "Microsoft may access or disclose information about you, including the content of your communications, in order to: (a) comply with the law or respond to lawful requests or legal process; (b) protect the rights or property of Microsoft or our customers, including the enforcement of our agreements or policies governing your use of the services; or (c) act on a good faith belief that such access or disclosure is necessary to protect the personal safety of Microsoft employees, customers, or the public. We may also disclose personal information as part of a corporate transaction such as a merger or sale of assets."
-
-[ThreatTrack][34]: "We may also disclose your personal information to third parties to: Comply with any court order or other legal obligation. &#8230; Protect the rights, property, or safety of ThreatTrack Security, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction."
-
-Still, none of them are likely as bad as [Shrive][35], or even the FBI's [NIT malware][36] or [Geek Squad operation][37].
-
-I've looked at data uploading by seven anti-malware products. I used a fresh Windows 7 Ultimate SP1 (64-bit) VirtualBox VM for each product. I declined all data-sharing options during installation. After updating the products threat database, I did a full system scan, enabled all data-sharing options, and scanned again. The Windows 7 VMs reached the Internet through a [pfSense VPN-gateway VM][38], and I captured packets during scans using the utility in the pfSense WebGUI. Using Wireshark, I analyzed TCP conversations in each capture file.
-
-**AhnLab V3 Internet Security 8.0**
-  
-It uploaded ~7 KB during scan with Smart Defense off, and nothing during rescan with it on.
-
-**Avira Anti-Virus Pro:**
-  
-There was no opt-out for Protection Cloud during installation.
-  
-It tried to deanonymize during installation using [Mixpanel][39].
-  
-It uploaded ~38 KB during scans, with Protection Cloud off or on.
-
-**Emsisoft Anti-Malware:**
-  
-It uploaded nothing during scans, with Anti-Malware Network off or on.
-
-**ESET Internet Security:**
-  
-It required email to install, and hid LiveGrid options during installation.
-  
-It uploaded ~120 KB on first scan, but nothing during rescans.
-
-**Kaspersky Internet Security:**
-  
-It uploaded >400 KB with Kaspersky Security Network off, but just ~15 KB during rescan with it on.
-
-**Microsoft Security Essentials:**
-  
-It hid Microsoft Active Protection Service "basic membership" during installation.
-  
-It uploaded ~25 KB with basic MAPS, and nothing during rescan with MAPS fully enabled.
-
-**ThreatTrack VIPRE:**
-  
-It required email to install.
-  
-It uploaded 120 bytes with ThreatNet off, and 3.8 KB with it enabled.
-
-Bottom line, AhnLab and Emsisoft seem to be the best options from a privacy perspective. Both clearly state that they won't share user information with third parties, without exception. AhnLab allegedly doesn't upload anything except aggregate statistics. With Anti-Malware Network enabled, Emisoft does upload name and path for "suspicious" files, but users can opt out. Emsisoft Anti-Malware was just a third-rank product in AV-Comparatives' [2016 Summary Report][23], but AV-Comparatives notes that "all of the programs in our test reached an acceptable level overall". AhnLab apparently didn't choose "to have the effectiveness of their products independently evaluated", and that could be taken as evidence of poorer performance.
-
-On the other hand, Avira and Kaspersky received higher ratings from AV-Comparatives. Neither discloses that it shares PII voluntarily. And both provide the option to decline uploading. However, whichever anti-malware product you choose, declining uploading will increase the risk of detection failure. You could allow uploading while working without the VPN connected, and disable it before connecting. You could also use different anti-malware products with and without the VPN connected. In that case, it would be prudent to delete or encrypt sensitive files that you've downloaded through the VPN.
-
-**Update**
-
-I didn't look carefully at Bitdefender Internet Security, because users can't opt out of uploading "suspicious" files. Of the products that I did research, only AhnLab and Emsisoft assert that they won't share user information with third parties. Even so, I didn't find any evidence that any anti-malware provider had compromised its users.
-
-Until now, that is. This excerpt from a [Europol press release][40] needs no explanation:
-
-> With the help of Bitdefender, an internet security company advising Europol's European Cybercrime Centre (EC3), Europol provided Dutch authorities with an investigation lead into Hansa in 2016. Subsequent inquiries located the Hansa market infrastructure in the Netherlands, with follow-up investigations by the Dutch police leading to the arrest of its two administrators in Germany and the seizure of servers in the Netherlands, Germany and Lithuania.
-
-Bitdefender has admitted that it compromised a user.
-
- [1]: https://transition.fcc.gov/Daily_Releases/Daily_Business/2017/db0301/DOC-343702A1.pdf
- [2]: https://variety.com/2017/digital/news/copyright-alerts-piracy-mpaa-comcast-att-1201971756/
- [3]: https://www.fbi.gov/services/operational-technology/going-dark
- [4]: http://www.theverge.com/2016/11/23/13718768/uk-surveillance-laws-explained-investigatory-powers-bill
- [5]: https://news.ycombinator.com/item?id=13806688
- [6]: http://www.techrepublic.com/article/is-the-intel-management-engine-a-backdoor/
- [7]: https://libreboot.org/faq/#amd
- [8]: https://news.ycombinator.com/item?id=13416378
- [9]: https://github.com/corna/me_cleaner/wiki/How-does-it-work%3F
- [10]: http://gs.statcounter.com/os-market-share
- [11]: http://www.businessinsider.com/why-windows-10-scans-for-pirated-games-2015-8?IR=T
- [12]: https://privacy.microsoft.com/en-us/privacystatement
- [13]: https://www.google.com/policies/privacy/
- [14]: https://www.wired.com/2016/06/apples-differential-privacy-collecting-data/
- [15]: http://www.zdnet.com/article/the-state-of-mobile-device-security-android-vs-ios/
- [16]: http://www.zdnet.com/article/ransomware-an-executive-guide-to-one-of-the-biggest-menaces-on-the-web/
- [17]: https://us.norton.com/botnet/
- [18]: https://ibsintelligence.com/ibs-journal/ibs-news/kaspersky-report-highlights-rise-of-financial-malware-in-2016/
- [19]: https://theintercept.com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/
- [20]: https://wikileaks.org/ciav7p1/
- [21]: https://www.av-comparatives.org/wp-content/uploads/2014/04/avc_datasending_2014_en.pdf
- [22]: http://blog.emsisoft.com/2015/06/26/antivirus-software-protecting-your-files-at-the-price-of-your-privacy/
- [23]: https://www.av-comparatives.org/wp-content/uploads/2017/02/avc_sum_201612_en.pdf
- [24]: http://www.zdnet.com/article/ex-top-mozilla-dev-to-windows-users-ditch-all-antivirus-except-microsofts-defender/
- [25]: http://sanfrancisco.cbslocal.com/2017/03/08/wikileaks-cia-documents-antivirus-software-reviews/
- [26]: http://download.ahnlab.com/global/brochure/[AhnLab]V3_EULA_ENG_paid.pdf
- [27]: https://www.emsisoft.com/en/software/privacy/
- [28]: https://www.avira.com/en/general-privacy
- [29]: https://eugene.kaspersky.com/tag/law-enforcement/
- [30]: https://www.eset.com/us/privacy/
- [31]: https://www.malwarebytes.com/privacy/
- [32]: https://forums.malwarebytes.com/topic/197534-little-questions-about-copyrights/?do=findComment&comment=1108095
- [33]: https://privacy.microsoft.com/en-us/security-essentials-privacy
- [34]: https://www.threattrack.com/privacy.aspx
- [35]: https://www.theatlantic.com/entertainment/archive/2016/10/black-mirror-season-three-review-shut-up-and-dance-netflix/504929/
- [36]: https://www.eff.org/pages/playpen-cases-frequently-asked-questions
- [37]: http://www.ocweekly.com/news/fbi-used-best-buys-geek-squad-to-increase-secret-public-surveillance-7950030
- [38]: /privacy-guides/advanced-privacy-and-anonymity-part-6/
- [39]: https://en.wikipedia.org/wiki/Mixpanel
- [40]: https://www.europol.europa.eu/newsroom/news/massive-blow-to-criminal-dark-web-activities-after-globally-coordinated-operation
diff --git a/src/content/es/blog/2018-02-13-updated-desktop-apps-for-windows-and-macos.md b/src/content/es/blog/2018-02-13-updated-desktop-apps-for-windows-and-macos.md
deleted file mode 100644
index e18aeb5ca..000000000
--- a/src/content/es/blog/2018-02-13-updated-desktop-apps-for-windows-and-macos.md
+++ /dev/null
@@ -1,59 +0,0 @@
----
-title: Updated desktop apps for Windows and macOS
-authors: ["Ed Holden"]
-categories: ["Releases"]
-tags: ["Apps"]
-draft: false
-date: 2018-02-13T12:54:09+00:00
-url: /blog/updated-desktop-apps-for-windows-and-macos/
-heroImage: /images-static/uploads/ivpn-blog-01@2x.png
-thumbnailImage: /images-static/uploads/ivpn-blog-01@2x.png
-comments:
-  - author: drakakur
-    date: 2018-02-22T17:56:31+01:00
-    content: |
-      Very happy with the Android app! Any chance you'll make a similar app for Linux/Ubuntu as well?
-        
----
-Today we're pleased to release updates for our mac and windows clients. The new clients are available immediately for new and existing customers. To download the latest version, just visit the [IVPN for macOS][1] and [IVPN for Windows][2] pages.
-
-The aim of this update it to bring our desktop apps in line with our new android and iOS apps in terms of layout, design and usability, and to build on the feedback we've received from our users.
-
-## Update summary
-
-A few bigger changes:
-
-  * Mac and Windows users will see a new interface. This new layout should; 
-      * Remove the need to log in before every connection
-      * Make the set up and first connection process more intuitive
-      * Make multi-hop easier to use and easier to configure
-      * Improve consistency across desktop clients and mobile apps
-  * Mac users now have the option to "show icon in system dock" in their preferences. No more '&#8230;er&#8230; im.. sure I er&#8230; had a window open?&#8230; somewhere?&#8230;'
-  * We have implemented one of the top feature requests - the ability for the app to automatically select different protocol and ports if it detects that it is behind a restrictive firewall.
-  * Start at login should now work for all users.
-  * We've also squashed a few other bugs and improved overall performance and stability.
-
-## How can I get it?
-
-To download the latest version, just visit the IVPN for macOS and IVPN for Windows pages. If you do not upgrade right away, don't worry, your client will automatically update in the next few weeks.
-
-## How can I let you know what I think of it?
-
-As always, please let us know what you think about the changes we've made, and what you think we should do next by emailing support@ivpn.net.
-
-P.S if you haven't already, please download our mobile apps for iOS and Android.
-
-A few months back we did a quiet launch of our mobile apps for Android and iOS. We wanted to ensure they were as stable and polished as we could before general release. We're now looking to make these available to all of our users. That means no more openVPN configurations on mobile.
-
-You can download the apps by visiting the [IVPN for iOS][3] and [IVPN for android][4] pages, or if you're on desktop, just scan these QR codes.
-
-[![Android button](/images-static/uploads/button-googleplay-qr@2x.png)][5]
-
-[![Android button](/images-static/uploads/button-appstore-qr@2x.png)][6]
-
- [1]: /apps-macos/
- [2]: /apps-windows/
- [3]: /apps-ios/
- [4]: /apps-android/
- [5]: https://play.google.com/store/apps/details?id=net.ivpn.client
- [6]: https://itunes.apple.com/us/app/ivpn-serious-privacy-protection/id1193122683?mt=8
diff --git a/src/content/es/blog/2018-03-15-collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties.md b/src/content/es/blog/2018-03-15-collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties.md
deleted file mode 100644
index 9ea2fdc84..000000000
--- a/src/content/es/blog/2018-03-15-collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties.md
+++ /dev/null
@@ -1,105 +0,0 @@
----
-title: Collection of User Data by ISPs and Telecom Providers, and Sharing with Third Parties
-authors: ["mirimir"]
-categories: ["Privacy & Security"]
-tags: ["Privacy"]
-draft: false
-date: 2018-03-15T08:47:49+00:00
-url: /blog/collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties/
-comments:
-  - author: Customer
-    date: 2018-03-21T15:27:49+01:00
-    content: |
-      Your open vpn settings dont include a certificate- this is lnt secure and needs to be adressed
-
----
-There are some age-old questions among Internet users, especially those concerned about privacy. Basically, "Is my ISP watching me?", and "Is it sharing data about my online activity, such as search and browsing history, with third parties?" And back in the day, the analogous question was "Is the phone company listening?" Indeed, Bell Labs reportedly [suppressed][1] the telephone answering machine for 60 years, because it feared that recording technology would frighten away its customers.
-
-Any service that provides Internet access (ISPs, Wi-Fi hotspots, and telecom providers) can obviously see what resources users are accessing. Unless data is encrypted, providers can also see the content. And even with encryption, [traffic patterns][2] provide some information about activity. Finally, all bets are off when the NSA, or another similarly resourceful TLA, is interested.
-
-If you're living in China, especially in such areas of unrest as Tibet or Xinjiang, online privacy is an [fantasy][3]. But what about the US and EU, where privacy is supposedly protected?
-
-Well, there's this funny difference between US and EU attitudes toward privacy. In the US, there's relatively little concern about commercial use of private data. I mean, consider the information that credit reporting services buy and sell. The massive [Equifax Data Breach][4] made that very clear. Also, providers of credit cards [sell user data][5] to online advertising firms. [Google][6] and [Facebook][7], for example, use such data to link online and meatspace activity.
-
-On the other hand, there <u>is</u> concern about warrantless government access to such data. There's the Fourth Amendment. By law, Social Security numbers were not to be used as IDs. And there is no national ID card. Since 9/11, there's been government pressure for explicit access to more and more data. However, legislative efforts have failed, and there is still [no mandatory requirement][8] for data retention by Internet and telecom providers. Or by VPN providers, by the way. However, the government can access any data that has been retained, through normal warrants, or non-disclosable [National Security Letters][9] (NSLs).
-
-Conversely, in the EU, there is great concern about commercial use of private data. There's the [Right to Be Forgotten][10]. And the [General Data Protection Regulation][11] (GDPR) will go into effect on May 25, 2018. It "was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy." And "[i]t applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company's location." Such personal data includes "name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address." Basically, anything "that can be used to directly or indirectly identify the person." And consent must be unambiguous, not buried in "long illegible terms and conditions full of legalese".
-
-However, there's far less concern about government access to such data. The 2006 [Data Retention Directive][12] (DRD) "compels all ISPs and telecommunications service providers operating in Europe to collect and retain a subscriber's incoming and outgoing phone numbers, IP addresses, location data, and other key telecom and Internet traffic data for a period of 6 months to 2 years." But in 2014, the EU Court of Justice [annulled][13] the 2006 DRD.
-
-In response, the UK [enacted][14] the Data Retention and Investigatory Powers Act (DRIPA) in 2014. The EU Court of Justice also annulled that in 2016, and the UK proposed [amendments][15]. However, in January 2018, the court [ruled][16] those amendments insufficient.
-
-It appears that EU members are generally reconciling their data retention laws for consistency with GDPR. However, notwithstanding annulment of the DRD, the EU apparently [won't apply][17] GDPR to law enforcement: "The European Commission hopes to set an international standard with its upcoming proposal to give police easier access to data from tech companies, and has already asked the United States to cooperate."
-
-So anyway, let's focus on the US, where data retention by Internet and telecom providers directly exposes users to commercial exploitation, and indirectly exposes them to the government. ISPs have typically [retained][18] logs of IP address assignments, to insure that IP addresses can be linked to users.
-
-Back in the day, it's my impression that traditional ISPs didn't retain very much data about users' online activity. Maybe it cost too much to store, and there weren't opportunities to monetize it. Or maybe they were afraid of customer backlash. But over the past decade or so, that has clearly changed. Development of the online advertising industry, which targets ads based on pervasive behavioral tracking, has provided opportunities. And it has [changed][19] everyone's expectations. With the rise of smartphones, [cell providers][20] know "where you are, what you're searching for and what you like". That is valuable data for advertisers, and Internet providers want to profit.
-
-In late 2016, after many years of lobbying by privacy advocates, the Federal Communications Commission (FCC) agreed to [regulate][21] data use by ISPs and telecom providers. Use of such private data as browsing history and app usage would have required prior consent, but IP and MAC addresses would have remained fair game.
-
-But in early April 2017, Congress and President Trump [repealed][22] those rules, months before they would have taken effect. Major ISPs and telecom providers supported the repeal, arguing that such firms as Google and Facebook would have remained unregulated. So now everyone can do as they like, subject only to public opinion, and complaints to the FCC.
-
-That does work, sometimes. For example, MoviePass CEO Mitch Lowe [bragged][23] at the 2018 Entertainment Finance Forum that "We watch how you drive from home to the movies. We watch where you go afterwards." That generated considerable upset among privacy advocates. And shortly thereafter, MoviePass announced that it had [removed][24] those capabilities from its iOS app. Similarly, in late 2017, after protests and an [FTC complaint from EPIC][25], Uber [stopped][26] tracking its users after rides. But that's arguably less reliable than regulation. People can choose whether or not to use MoviePass or Uber, but there's typically little choice about Internet access, outside large cities.
-
-Some major ISPs and telecom providers (AT&T, Comcast and Verizon) quickly [reassured][27] the public that they will not sell, and have never sold, users' private data. Of course, as noted above, they will provide it to the government as required by warrants and NSLs. But that's not why they fought for the right to collect it. Like Google and Facebook, they want to make money in the behaviorally targeted advertising market.
-
-Third Door Media has this [chilling prediction][28] for 2018:
-
-> In 2018, a growing threat to Google, and to a somewhat lesser extent Facebook, will be the ISPs and wireless providers such as AT&T, Charter, Comcast, Sprint, T-Mobile and Verizon. Verizon, with its ownership of Oath (the combination of AOL's ad tech and content properties and Yahoo's remnants), is probably best positioned to take advantage of the new anti-regulatory climate. Net neutrality was an obvious gift late this year. But the gifts started coming this past spring. In March, the Senate voted to reverse FCC privacy rules that would have limited ISP's ability to sell user data without consent — for ad targeting and other purposes. FCC Chairman (and former Verizon lawyer) Ajit Pai argued consumers would be confused if ISPs were held to different privacy standard than companies like Google and Facebook.
-> 
-> The breadth of data ISPs have on users through their internet and mobile behaviors is wide. It includes geolocation data, browsing data, listening and watching data, app usage data and other non-personally identifiable information (PII) that can be used to inform highly detailed user profiles. It's a marketer's dream playground, a privacy-minded consumer's nightmare.
-
-Also, contrary to assurances, telecom providers are indeed [selling][29] "customers' personal information and real-time location to third parties". The unsecured APIs for data access have been taken down, but the [initial report][30] remains a frightening read:
-
-> But what these services show us is even more alarming: US telcos appear to be selling direct, non-anonymized, real-time access to consumer telephone data to third party services — not just federal law enforcement officials — who are then selling access to that data.
-> 
-> Given the trivial "consent" step required by these services and unlikely audit controls, it appears that <u>these services could be used to track or de-anonymize nearly anyone with a cell phone in the United States with potentially no oversight</u>. [emphasis added]
-
-And yes, [the FCC's action to end net neutrality][31] in December 2017 was another gift to Internet providers. Indeed, Internet access in the US may change dramatically this year. That's arguably a distinct issue from privacy, although it may be instrumental in the evolving role of ISPs and telecom providers in the online ad industry. That is, they can now [block][32] (or at least, slow) particular Internet traffic, affecting both content and ads. It further [strengthens][33] their position vs content providers, including Google etc. And against users.
-
-So what can we do to protect our privacy?
-
-Well, using a VPN service will prevent Internet providers from tracking and monetizing users' online activity. Because all they see is encrypted VPN packets. It will also prevent them from throttling or blocking particular websites or traffic types, except based on traffic volume and patterns. Internet providers could throttle or block VPN traffic, but VPN providers can obfuscate connections in various ways. Some providers use SSH or SSL tunneling. IVPN uses the obfsproxy framework, developed by the Tor Project to penetrate the Great Firewall of China (GFW) and such. It seems unlikely that US Internet providers will go as far as China does to block VPNs.
-
-That's the good news. But perhaps the focus on throttling and blocking is misguided. There have been instances of that, following on [disputes][34] over peering fees and such. And VPNs could obviously protect against that, using obfuscation if necessary. However, it appears that AT&T's plans focus on [preferential treatment][35] of traffic from "data sponsors". While AT&T [claims][36] that it's "not interested in creating fast lanes and slow lanes on anyone's internet", other Internet providers haven't made such assurances about paid prioritization. It's hard to imagine how VPNs could help with that. Unless VPN providers paid for prioritization. Or unless VPNs <u>became</u> Internet providers. We can dream, right?
-
-So anyway, by all means, use a VPN. If you really care about your privacy, use [nested VPN chains][37]. Plus Whonix for Tor, if it matters a lot. And [study OPSEC][38].
-
- [1]: https://io9.gizmodo.com/5691604/how-ma-bell-shelved-the-future-for-60-years
- [2]: https://en.wikipedia.org/wiki/Traffic_analysis
- [3]: https://www.engadget.com/2018/02/22/china-xinjiang-surveillance-tech-spread/
- [4]: https://clark.com/tag/equifax-data-breach/
- [5]: http://www.businessinsider.com/credit-cards-sell-purchase-data-to-advertisers-2013-4?IR=T
- [6]: https://www.washingtonpost.com/news/the-switch/wp/2017/05/23/google-now-knows-when-you-are-at-a-cash-register-and-how-much-you-are-spending/
- [7]: https://www.technologyreview.com/s/603283/how-facebook-learns-about-your-offline-life/
- [8]: https://www.eff.org/issues/mandatory-data-retention/us
- [9]: https://www.eff.org/issues/national-security-letters
- [10]: https://mashable.com/2018/02/27/right-to-be-forgotten-google-transparency-report/
- [11]: https://www.eugdpr.org/
- [12]: https://www.eff.org/issues/mandatory-data-retention/eu
- [13]: http://www.europarl.europa.eu/legislative-train/theme-area-of-justice-and-fundamental-rights/file-data-retention-directive-annulled
- [14]: http://www.legislation.gov.uk/ukpga/2014/27/contents/enacted
- [15]: https://www.theguardian.com/technology/2017/nov/30/police-to-lose-phone-and-web-data-search-authorisation-powers
- [16]: https://www.theguardian.com/uk-news...ruled-unlawful-appeal-ruling-snoopers-charter
- [17]: https://www.euractiv.com/section/data-protection/news/commission-wants-to-extend-law-for-police-data-access-to-the-us/
- [18]: https://torrentfreak.com/how-long-does-your-isp-store-ip-address-logs-120629/
- [19]: https://mashable.com/2008/01/03/isps-behavioral-advertising/
- [20]: http://money.cnn.com/2013/12/16/technology/mobile/wireless-carrier-sell-data/index.html
- [21]: https://www.epic.org/privacy/intl/data_retention.html
- [22]: https://www.usatoday.com/story/tech/news/2017/04/04/isps-can-now-collect-and-sell-your-data-what-know-internet-privacy/100015356/
- [23]: https://beta.techcrunch.com/2018/03/05/moviepass-ceo-proudly-says-the-app-tracks-your-location-before-and-after-movies/
- [24]: https://9to5mac.com/2018/03/07/moviepass-ios-privacy-update/
- [25]: https://epic.org/privacy/internet/ftc/uber/Complaint.pdf
- [26]: https://arstechnica.com/tech-policy/2017/08/uber-to-stop-tracking-customers-after-ride-is-over/
- [27]: https://www.engadget.com/2017/03/31/atandt-comcast-and-verizon-explain-that-they-dont-sell-your-brow/
- [28]: https://marketingland.com/digital-advertising-2018-trends-230473
- [29]: https://www.csoonline.com/article/3233211/security/mobile-carriers-sell-users-personal-information-to-third-parties.html
- [30]: https://medium.com/@philipn/want-to-see-something-crazy-open-this-link-on-your-phone-with-wifi-turned-off-9e0adb00d024
- [31]: https://www.theverge.com/2017/12/14/16776154/fcc-net-neutrality-vote-results-rules-repealed
- [32]: http://www.alistdaily.com/technology/net-neutrality-marketing/
- [33]: http://adage.com/article/opinion/end-net-neutrality-good-advertisers/311399/
- [34]: https://www.vox.com/cards/network-neutrality/how-does-netflixs-recent-peering-dispute-with-comcast-affect-net
- [35]: https://www.att.com/att/sponsoreddata/en/index.html
- [36]: https://www.attpublicpolicy.com/consumer-broadband/lets-take-action-and-enact-a-federal-consumer-bill-of-rights/
- [37]: /privacy-guides/advanced-privacy-and-anonymity-part-1/
- [38]: /privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-1/
diff --git a/src/content/es/blog/2018-04-19-you-cant-always-get-what-you-want-the-eternal-conflict-between-lawful-access-and-privacy.md b/src/content/es/blog/2018-04-19-you-cant-always-get-what-you-want-the-eternal-conflict-between-lawful-access-and-privacy.md
deleted file mode 100644
index e62100c62..000000000
--- a/src/content/es/blog/2018-04-19-you-cant-always-get-what-you-want-the-eternal-conflict-between-lawful-access-and-privacy.md
+++ /dev/null
@@ -1,117 +0,0 @@
----
-title: "You can't always get what you want: the eternal conflict between lawful
-  access and privacy"
-# Example: /blog/this-is-a-good-post
-url: /blog/you-cant-always-get-what-you-want-the-eternal-conflict-between-lawful-access-and-privacy/
-draft: false
-authors:
-  - mirimir
-categories:
-  - Privacy & Security
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - Privacy
-date: 2018-04-19T20:47:36.000Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/law-vs-privacy.png
----
-In late March, the US Clarifying Lawful Overseas Use of Data Act (CLOUD Act) [took effect][1]. And predictably, the US Supreme Court [just dismissed][2] United States v. Microsoft Corp. In that case, Microsoft was fighting a subpoena for data stored in an Irish data center. And now its objection is moot, because the CLOUD Act stipulates:
-
-> A [service provider] shall comply with the obligations of this chapter to preserve, backup, or disclose the contents of a wire or electronic communication and any record or other information pertaining to a customer or subscriber within such provider's possession, custody, or control, regardless of whether such communication, record, or other information is located within or outside of the United States.
-
-This is bad news, for sure. But it's no surprise, in the current environment. With all those terrorists and criminals to worry about. And when it's the feds vs Microsoft, Congress can just change the law. And this is obviously not just about the US. Russia demanded access to encrypted Telegram messages, Telegram refused, and now Russia has [blocked][3] Telegram, plus many other services and websites that rely on Google and Amazon hosting.
-
-Anyway, the CLOUD Act was arguably the US response to [outreach][4] from the EU:
-
-> A senior Commission official said on Thursday (9 November) that the EU executive suggested creating a new EU-US arrangement that would allow police to access data from companies that may be located in other jurisdictions. EU officials made that proposal to US Attorney General Jeff Sessions in June, during a joint EU-US justice ministerial meeting in Malta last June, but have not yet received a response from Sessions' office.
-
-Although the EU doesn't have its new rules yet, it just released a [detailed proposal][5]. In contrast to the 2006 Data Retention Directive, which the EU Court of Justice [annulled][6] in 2014, the current proposal would reportedly mandate preservation <u>only</u> of specific data, upon order of [judicial authorities][7]. It would also enable said judicial authorities to issue EU-wide production orders, requiring response "within 10 days, and within 6 hours in cases of emergency". And one expects that this fast-track data sharing will soon include the US.
-
-So in 1996, John Perry Barlow issued "A Declaration of the Independence of Cyberspace". And in 2016, he [said][8]:
-
-> I will stand by much of the document as written. I believe that it is still true that the governments of the physical world have found it very difficult to impose their will on cyberspace. Of course, they are as good as they ever were at imposing their will on people whose bodies they can lay a hand on, though it is increasingly easy, as it was then, to use technical means to make the physical location of those bodies difficult to determine.
-
-Perhaps understandably, "the governments of the physical world" are concerned. I mean, terrorists and criminals! And so there's an NGO for that, the [Internet & Jurisdiction Policy Network][9]:
-
-> The Internet & Jurisdiction Policy Network addresses the tension between the cross-border nature of the internet and national jurisdictions. Its Paris-based Secretariat facilitates a global multistakeholder process to enable transnational cooperation. Participants in the Policy Network work together to preserve the cross-border nature of the Internet, protect human rights, fight abuses, and enable the global digital economy. Since 2012, the Internet & Jurisdiction Policy Network has engaged more than 200 key entities from six stakeholder groups around the world.
-
-Whatever role the I&J Policy Network plays in practice, their [Retrospect][10] database is very informative:
-
-> Retrospect is the flagship, open-access publication of the Internet & Jurisdiction policy network, documenting policy developments, judicial decisions, international agreements, and other cases that reflect jurisdictional tensions on the cross-border internet. Retrospect is supported by the I&J Observatory.
-
-Police count on their ability to intercept the communications of suspects. In the US, that supposedly requires a search warrant, which judges issue based on other evidence. For the US Postal Service, this is called a ["mail cover"][11]. Sealed domestic first-class mail supposedly can't be opened without a search warrant. But only administrative approval is required for inspection of other mail, and all external information (addresses, postmarks, etc) can be recorded. International mail has often been opened for inspection, however.
-
-For communications generally, this process is termed [lawful intercept][12]. The US [Communications Assistance for Law Enforcement Act (CALEA)][13] mandates that telecommunication service providers must support lawful intercept (aka wiretap) for telephone, VoIP, email and other Internet traffic. Telecommunication equipment generally includes built-in interfaces to support CALEA.
-
-In the early 1990s, when CALEA was enacted, that was enough. But in the 1970s, academic research into strong cryptography had [accelerated][14]. It was no longer the province of government agencies. And by the mid 1990s, with the microcomputer revolution, strong encryption was on the way to becoming the norm for telecommunications.
-
-CALEA had grown out of concerns about communications "going dark", given the shift to digital telephony, and the resulting technical complexity of wiretaps. They were no longer just about telephone wires and alligator clips. But now everyone and their little yellow dog can use strong encryption. What's an honest cop to do?
-
-The answer was [key escrow][15]. We could all have our securely encrypted telecommunications, but governments (and employers, but that's a separate issue) would have the private keys, enabling lawful intercept. In the US, the NSA developed the [Clipper chip][16], to implemented key escrow. The Clinton administration [supported][17] it: "Our policy is designed to provide better encryption to individuals and businesses while ensuring that the needs of law enforcement and national security are met."
-
-But the Electronic Privacy Information Center (EPIC) and the Electronic Frontier Foundation (EFF) — and more generally, the nascent Silicon Valley sector — opposed the Clipper chip. They argued that development and commercialization of the Internet depended on privacy through secure encryption. And if the US hobbled its Internet sector, it would lose out to foreign competitors. And that was enough to kill the proposal.
-
-After the Clipper Chip went down, it seems that LEA took another track. They got friendlier with the NSA. In 1982, the Reagan administration created the [South Florida Drug Task Force][18], comprising agents from the DEA, FBI, "the Customs Service, the Coast Guard and other agencies". Just what those "other agencies" were isn't clear. But in 1994, the DEA created the [Special Operations Division (SOD)][19]. And it clearly includes the NSA. For more about SOD, see [Online Privacy Through OPSEC and Compartmentalization: Part 3][20].
-
-Also, based on documents from Edward Snowden's trove, it appears that the NSA redoubled efforts to [compromise][21] commercial encryption systems, and to [weaken][22] the encryption standards that underlie them. For example, it's been claimed that the NSA influenced the RSA Corp. to [weaken][23] the "extended random" feature in RSA's BSAFE crypto library.
-
-In any case, the debate over the conflicting needs for lawful intercept and telecommunications privacy has continued. Also, in recent years, strong encryption on devices, especially iPhones, has become far more common. And police, of course, expect lawful access to everything. Just as they've always had lawful access to safes. Because there's no safe that can't be brute forced. So governments still want [key escrow][24]. In 2011, the FBI launched the ["Going Dark"][25] initiative. And, notwithstanding the evident insecurity of key escrow, they seek some [magical][26] alternative. FBI Director Christopher Wray denies that "it's impossible" to solve "going dark" while protecting privacy. Congress is [working][27] on it. But the NSA is still there as backup, and now it's [not even a secret][28].
-
-So hey, keep your eye on the I&J Policy Network's [Retrospect][10] database.
-
-**Edit**
-
-A few hours after this post went live, I searched Google, to see if it had been indexed yet. And I found this 2016 [paper][29] by Stephanie K. Pell: "You Can't Always Get What You Want: How Will Law Enforcement Get What it Needs in a Post-CALEA, Cybersecurity-Centric Encryption Era?" Sadly, I didn't find it while researching the post. Because it's a great paper. And she has great taste in titles. I only found it because I searched for "you can't always get what you want lawful access privacy".
-
-She's a former prosecutor from Florida. Her paper uses, as an example, a case that she handled in ~2000, involving gun smuggling by the IRA. She argues that investigators have become accustomed to getting electronic data through CALEA etc. And more and more, that this has amounted to electronic mass surveillance. 
-
-She agrees with security experts that maintaining such lawful access, against pervasive "strong" encryption, would require the introduction of vulnerabilities. Such as backdoors or key escrow. And that this would expose users to malicious adversaries. She points out that the privacy vs lawful access debate is really just about competing perspectives on security. And that it's unclear "what law enforcement actually needs".
-
-Her paper came out before the The Shadow Brokers dumped all those hacking tools from the NSA. And that's the canonical example. If the bloody NSA can't keep its stuff secured, what hope would there be for securely maintaining massive key-escrow databases? There could be a system-wide encryption compromise. She argues that this would be an unacceptable risk, and that investigators will need to get data on a case-by-case basis. Just as they did when she was a prosecutor.
-
-She does raise disturbing aspects of IoT devices.
-
-> Moreover, the IoT adds to the metadata-rich investigative environment available to law enforcement. Because most metadata is difficult to encrypt and is likely to remain unencrypted for the foreseeable future, it will continue to enhance law enforcement capabilities.
-
-Basically, she points out that IoT devices are user-installed bugs. 
-
-> IoT and its ever-expanding networked sensors may provide platforms and apertures for viewing activities and recording communications content.
-
-She argues that investigators can compel access to IoT data held by providers. And indeed, Amazon [released][30] Echo data last year to investigators in Arkansas, regarding a murder case. She also notes the potential for "lawful hacking" of insecure IoT devices. Consider the [Mirai botnet][31].
-
-She also raises the possibility of lawful hacking for smartphones, "infecting them with malware capable of capturing voice communications and keystrokes before they are encrypted." And that brings to mind the FBI's use of [network investigative techniques][32]. And of course, all those NSA tools.
-
-But that's better, she argues, than mass surveillance. And I can't help but agree.
-
- [1]: https://www.eff.org/deeplinks/2018/03/responsibility-deflected-cloud-act-passes
- [2]: https://www.supremecourt.gov/opinions/17pdf/17-2_1824.pdf
- [3]: https://www.nytimes.com/2018/04/18/world/europe/russia-telegram-shutdown.html
- [4]: https://www.euractiv.com/section/data-protection/news/commission-wants-to-extend-law-for-police-data-access-to-the-us/
- [5]: http://europa.eu/rapid/press-release_IP-18-3343_en.htm
- [6]: https://www.europarl.europa.eu/legislative-train/theme-area-of-justice-and-fundamental-rights/file-data-retention-directive-annulled
- [7]: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2616397
- [8]: https://www.economist.com/news/international/21690200-internet-idealism-versus-worlds-realism-how-john-perry-barlow-views-his-manifesto
- [9]: https://www.internetjurisdiction.net/
- [10]: https://www.internetjurisdiction.net/publications/retrospect
- [11]: https://en.wikipedia.org/wiki/Mail_cover
- [12]: https://en.wikipedia.org/wiki/Lawful_interception
- [13]: https://en.wikipedia.org/wiki/Communications_Assistance_for_Law_Enforcement_Act
- [14]: https://en.wikipedia.org/wiki/History_of_cryptography
- [15]: https://en.wikipedia.org/wiki/Key_escrow
- [16]: https://en.wikipedia.org/wiki/Clipper_chip
- [17]: https://epic.org/crypto/clipper/gore_statement_feb_94.html
- [18]: https://www.nytimes.com/1986/09/04/us/4-year-fight-in-florida-just-can-t-stop-drugs.html
- [19]: http://www.reuters.com/article/us-dea-sod-idUSBRE97409R20130805
- [20]: /privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3/
- [21]: https://www.spiegel.de/international/germany/inside-the-nsa-s-war-on-internet-security-a-1010361.html
- [22]: https://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption
- [23]: https://blog.cryptographyengineering.com/2017/12/19/the-strange-story-of-extended-random/
- [24]: https://www.publicsafety.gc.ca/cnt/rsrcs/pblctns/fv-cntry-mnstrl-2017/index-en.aspx
- [25]: https://www.fbi.gov/services/operational-technology/going-dark
- [26]: https://arstechnica.com/tech-policy/2018/03/fbi-again-calls-for-magical-solution-to-break-into-encrypted-phones/
- [27]: https://www.theregister.co.uk/2018/04/09/us_encryption_backdoors/
- [28]: https://www.theregister.co.uk/2017/01/12/obama_nsa_sigint_fbi_dea/
- [29]: https://scholarship.law.unc.edu/cgi/viewcontent.cgi?article=1306&context=ncjolt
- [30]: https://www.pbs.org/newshour/nation/amazon-releases-echo-data-murder-case-dropping-first-amendment-argument
- [31]: https://blog.cloudflare.com/inside-mirai-the-infamous-iot-botnet-a-retrospective-analysis/
- [32]: https://en.wikipedia.org/wiki/Network_Investigative_Technique
\ No newline at end of file
diff --git a/src/content/es/blog/2018-07-23-new-trusted-wi-fi-networks-feature-for-ivpn-apps.md b/src/content/es/blog/2018-07-23-new-trusted-wi-fi-networks-feature-for-ivpn-apps.md
deleted file mode 100644
index 6a3c5a0a0..000000000
--- a/src/content/es/blog/2018-07-23-new-trusted-wi-fi-networks-feature-for-ivpn-apps.md
+++ /dev/null
@@ -1,30 +0,0 @@
----
-title: New 'trusted Wi-Fi networks' feature for IVPN apps
-authors: ["Ed Holden"]
-categories: ["Releases"]
-tags: ["Apps", "Privacy", "Security"]
-draft: false
-date: 2018-07-23T12:57:04+00:00
-url: /blog/new-trusted-wi-fi-networks-feature-for-ivpn-apps/
-comments:
-  - author: Simon
-    date: 2018-12-12T08:55:09+01:00
-    content: |
-      What about iOS?
-
----
-Today we're releasing a new 'trusted Wi-Fi networks' feature for our desktop and Android apps. Some customers have different security requirements depending on whether they trust the specific Wi-Fi network they are connected to or not. For example, customers who use our VPN exclusively for Wi-Fi security often only want to be connected to the VPN when they are on untrusted networks e.g. public hotspot. Ideally they would like the VPN client to automatically establish a connection on networks they don't trust and disconnect on those they do. Another use case is customers who use the VPN for privacy but who have VPN routers on trusted networks they connect to - in this case they don't want to connect whilst connected to this network or they would establish nested VPN tunnels which perform very poorly.
-
-Our new feature allows customers to set a trust status for all Wi-Fi networks that they have connected to (trusted, untrusted, none) and then define what actions should be taken automatically when joining a network with the defined trust status. When connecting to a untrusted network you can choose whether to automatically connect to the VPN and/or enable the firewall. Conversely, when connecting to a trusted network you can choose whether to automatically disconnect from the VPN and/or disable the firewall. In addition you can specify the default trust status of all new Wi-Fi networks that are joined (trusted, untrusted, none) so in most cases you don't need to do anything when joining a new network (we recommend setting the default as 'untrusted').
-
-## macOS demo
-
-![Trusted networks on macOS](/images-static/uploads/trusted-networks-macos.gif)
-
-## Windows demo
-
-![Trusted networks on Windows](/images-static/uploads/trusted-networks-windows.gif)
-
-## Android demo
-
-![Trusted networks on Android](/images-static/uploads/trusted-networks-droid.gif)
diff --git a/src/content/es/blog/2018-08-28-new-pause-vpn-feature-for-ivpn-apps.md b/src/content/es/blog/2018-08-28-new-pause-vpn-feature-for-ivpn-apps.md
deleted file mode 100644
index e5f68c241..000000000
--- a/src/content/es/blog/2018-08-28-new-pause-vpn-feature-for-ivpn-apps.md
+++ /dev/null
@@ -1,25 +0,0 @@
----
-title: New 'Pause VPN' feature for IVPN apps
-authors: ["Ed Holden"]
-categories: ["Releases"]
-tags: ["Apps"]
-draft: false
-date: 2018-08-28T10:25:22+00:00
-url: /blog/new-pause-vpn-feature-for-ivpn-apps/
-
----
-We've recently released new versions of our desktop and Android apps with a new 'Pause VPN' feature. Based on feedback from customers, we discovered that some were disconnecting temporarily from the VPN in order to connect to various services that were blocked whilst connected e.g. some payment gateways etc. When disconnected these customers were sometimes forgetting to reconnect after completing their task, leaving them in an insecure state until they remembered to manually reconnect. This could be hours or more, representing a serious privacy threat. Whilst being disconnected for even a few seconds is unacceptable for many of our hardcore privacy customers (who we don't expect to use this feature) we felt it was important to mitigate the risk of being left insecure for those who want to disconnect and understand the risk of doing so.
-
-In response we developed the 'Pause VPN' button which, when pushed, gives you the option to immediately pause the VPN for a configurable amount of time. When you do this, the VPN remains connected but your data is routed through your default ISP connection instead of our VPN gateways. To ensure that you are aware of this, we have a model window above all other windows (see below) that shows you the state of the connection and the time remaining until the VPN connection automatically resumes. Whenever you want, you can instantly resume your VPN privacy or if required add additional time to the pause VPN auto-resume timer.
-
-## macOS demo
-
-![Pause VPN on macOS](/images-static/uploads/pause-resume-vpn-macos.gif)
-
-## Windows demo
-
-![Pause VPN on Windows](/images-static/uploads/pause-resume-vpn-windows.gif)
-
-## Android demo
-
-![Pause VPN on Android](/images-static/uploads/pause-resume-droid.gif)
\ No newline at end of file
diff --git a/src/content/es/blog/2018-12-11-introducing-wireguard-fully-automated.md b/src/content/es/blog/2018-12-11-introducing-wireguard-fully-automated.md
deleted file mode 100644
index f07d7acc4..000000000
--- a/src/content/es/blog/2018-12-11-introducing-wireguard-fully-automated.md
+++ /dev/null
@@ -1,45 +0,0 @@
----
-title: Introducing WireGuard, fully automated.
-# Example: /blog/this-is-a-good-post
-url: /blog/introducing-wireguard-fully-automated/
-draft: false
-authors:
-  - Nick Pestell
-categories:
-  - Releases
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - Apps
-  - Protocols
-  - Security
-  - WireGuard
-date: 2018-12-11T14:05:43.000Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/wireguard.png
----
-In November 2009, almost 10 years ago IVPN was launched. We knew that in order to become the most trusted provider we had to demonstrate our security expertise and execute flawlessly and consistently over many years. On day one we launched a full mesh multi-hop network using Linux policy based routing with all VPN gateways passing strict CIS benchmark compliance, an industry first. In January 2015 we introduced the IVPN firewall which is integrated deep into the OS using Microsoft's WFP API and independent from the app itself. Even if the app crashed we could guarantee no data leaks. In September 2016 we took a strong stance against corrupt 'pay for play' affiliates. In the past few years we have launched dozens of new features specifically to improve our customer's security. Today we are more excited than ever to launch what we believe is the future of VPN technology, [WireGuard][1]
-
-WireGuard is an extremely fast, secure and simple protocol relative to OpenVPN, the default that we use in our current apps. Its simplicity and size ensure a much smaller attack surface relative to other protocols (roughly 1% of OpenVPN). This greatly enhances its ability to be peer reviewed and audited. It uses state-of-the-art cryptography, employing the <a class="external-link" href="http://www.noiseprotocol.org/" rel="nofollow">Noise protocol framework</a>, <a class="external-link" title="Curve25519" href="https://en.wikipedia.org/wiki/Curve25519" rel="nofollow">Curve25519</a> for <a class="external-link" title="Key exchange" href="https://en.wikipedia.org/wiki/Key_exchange" rel="nofollow">key exchange</a>, <a class="external-link" title="ChaCha20" href="https://en.wikipedia.org/wiki/ChaCha20" rel="nofollow">ChaCha20</a> for encryption, <a class="external-link" title="Poly1305" href="https://en.wikipedia.org/wiki/Poly1305" rel="nofollow">Poly1305</a> for authentication and <a class="external-link" title="BLAKE2s" href="https://en.wikipedia.org/wiki/BLAKE2s" rel="nofollow">BLAKE2s</a> for hashing. WireGuard has excellent documentation, we strongly recommend reviewing the conceptual overview on the [homepage][1] and the [white-paper][2] for the more technically inclined.
-
-In our own testing we have seen consistent speed improvements with WireGuard over OpenVPN. To continually ensure our customers security and privacy one of IVPN's design goals is to increase the time customers spend connected to the VPN, that some customers don't remain connected 24/7 may surprise our more hardcore privacy users. Customers have repeatedly told us that one of the reasons for disconnecting is the requirement for their maximum line speed for certain applications. We strongly believe that WireGuard's speed will increase the time customers spend connected and therefor their security and privacy.
-
-This simplicity of WireGuard requires that certain functions are left out of the protocol and up to the user to implement, such as key and IP address management. For VPN providers this is a major technical challenge as encryption keys have to be securely generated within the VPN client and distributed to all VPN gateways, an IP address has to be leased from a pool and sent to the client, all before the user can connect to the VPN server. Current VPN services offering WireGuard require that the user manually generate the keys and upload them to specific servers through the control panel on their website. To continue demonstrating our expertise we set the bar high and have built a fully automated solution that securely generates keys within the client, uploads them to an IVPN server which then distributes them to all VPN gateways in our infrastructure within seconds. Using WireGuard on the client couldn't be easier, the user simply has to select it and will be able to connect immediately.
-
-As part of our initiative to become increasingly open and to advance the industry we plan to open-source the code that manages all this complexity. Our hope is that VPN providers integrate this code into their infrastructure and continually improve it for the benefit of all. We are also sponsoring WireGuard development and encourage all customers to [make a donation][3] if they are able.
-
-**WARNING: The WireGuard protocol is currently under heavy development and should be considered experimental. At this time we do not recommend using WireGuard except for testing or in situations where security is not critical. Our Wireguard VPN servers are completely separate from our OpenVPN servers to ensure no security risks. We welcome all customers to begin testing, simply select the protocol from within the IVPN client.** 
-
-_27/04/2020 update: Since its merge into Linux Kernel (v5.6) and the release of WireGuard 1.0, we consider the protocol to be ready for wide-scale use. We now offer WireGuard to all our subscribers._
-
-_More information:_ [https://ivpn.net/wireguard/][4]
-
-We look forward to hearing your feedback!
-
-Nick Pestell
-
-CEO, IVPN
-
- [1]: https://www.wireguard.com/
- [2]: https://www.wireguard.com/papers/wireguard.pdf
- [3]: https://www.wireguard.com/donations/
- [4]: /wireguard/
\ No newline at end of file
diff --git a/src/content/es/blog/2019-02-18-ivpn-is-now-a-tracking-free-provider.md b/src/content/es/blog/2019-02-18-ivpn-is-now-a-tracking-free-provider.md
deleted file mode 100644
index bb70053a6..000000000
--- a/src/content/es/blog/2019-02-18-ivpn-is-now-a-tracking-free-provider.md
+++ /dev/null
@@ -1,45 +0,0 @@
----
-title: IVPN is now a Tracking Free provider
-authors: ["Viktor Vecsei"]
-categories: ["IVPN News"]
-tags: ["Privacy", "Transparency"]
-draft: false
-date: 2019-02-18T13:31:43+00:00
-url: /blog/ivpn-is-now-a-tracking-free-provider/
-comments:
-  - author: Anonymous
-    date: 2019-12-10T14:50:28+01:00
-    content: |
-      You say that you have removed every trace of trackers from your website. You explicitely mention Adobe Typekit. Yet this page is still connecting to p.typekit.net, which is Adobe's tracking pixel. Please explain this.
-  - author: Viktor Vecsei
-    date: 2019-12-10T20:37:23+01:00
-    content: |
-      Thanks for spotting this. We have removed the Adobe dependencies when the post was published, but due to an error it made its way back into our /blog/ section recently (not the rest of the website, though). This is now fixed and you should not see it any more.
-
----
-VPN services, like IVPN, exist to protect the privacy of their customers. The focus of this mission is to stop ISP's, governments or other potential adversaries snooping on your activities and using the information gathered for their benefit.
-
-We believe this list should also include corporations that collect data on you through uninvited, unconsented and unknowable ways. The list starts with Facebook and Google, but does not end there; many services rely on revenue from targeting ads based on [behavioral data harvested][1] from your activities.
-
-VPNs alone can't make you completely invisible to all these threats; encrypting your traffic and masking your IP is just a part of the solution. There are two specific things a VPN provider could do, however, to fight this problem:
-
-  1. Stop advertising through services that rely on data extraction and behavioral profiling as [part of a surveillance economy.][2]
-  2. Stop using third party tools and trackers on their website and in their apps. This way feeding of data collection schemes is avoided by not passing on information about visitor activities to external actors.
-
-If you are wondering how VPN companies are doing on this front, the short answer is: badly. At the time of publication of this post 18 of the 20 top VPN firms (selected by declared number of servers and website traffic data) advertise either on Facebook, Google or both. Also, 18 of the same 20 VPN providers have at least 1 third party tool or tracker active on their website, with the most notorious using more than 15.
-
-We believe this isn't right.  
-We don't have any ads running on Facebook and stopped our limited campaigns in Google Ads. We don't work with ad networks that target users based on their individual profiles. We have also removed every trace of the small number of third party tools and trackers we had on our website (Unbounce, Adobe Typekit).
-
-IVPN is now a Tracking Free VPN provider. We call other privacy focused services to stop supporting surveillance economy businesses with advertising dollars and shared visitor data.
-
-To check how your preferred VPN service is doing on this front, you can do the following:
-
-  1. Install the Privacy Badger extension and visit their website to see how many trackers they use.
-  2. Go to their Facebook page and visit "Info and Ads" section to check whether they run any ads in any countries.
-  3. Go to SpyFu.com (free) or Ahrefs.com (paid), enter their website URL and check the "PPC" section to assess whether they run Google Search ads.
-
-If you don't like what you see, we suggest letting your provider know about that. The other choice is switching to one that is more concerned with protecting your privacy than furthering their business goals regardless of who they support in the process.
-
- [1]: https://www.eff.org/deeplinks/2009/08/behavioral-tracking
- [2]: https://medium.com/@vvecsei/fighting-the-surveillance-economy-a-practical-guide-for-individuals-and-companies-cb9719fe1098
diff --git a/src/content/es/blog/2019-03-21-ivpn-no-logging-claim-verified-by-independent-audit.md b/src/content/es/blog/2019-03-21-ivpn-no-logging-claim-verified-by-independent-audit.md
deleted file mode 100644
index 73b91046d..000000000
--- a/src/content/es/blog/2019-03-21-ivpn-no-logging-claim-verified-by-independent-audit.md
+++ /dev/null
@@ -1,57 +0,0 @@
----
-title: IVPN no-logging claim verified by independent audit
-# Example: /blog/this-is-a-good-post
-url: /blog/ivpn-no-logging-claim-verified-by-independent-audit/
-draft: false
-authors:
-  - Nick Pestell
-categories:
-  - IVPN News
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - Audit
-  - Security
-date: 2019-03-21T16:15:26.000Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/audit.png
-comments:
-  - author: Liz_siz
-    date: 2019-08-03T05:48:02+02:00
-    content: |
-      Bravo, excellent idea
-  - author: Adilalhawa
-    date: 2019-08-09T06:11:11+02:00
-    content: |
-      Hello world
-  - author: yizakqsdux
-    date: 2019-12-09T18:57:58+01:00
-    content: |
-      I diverse these this prepackaged (fit the most part)
-  - author: Anonymous
-    date: 2019-12-10T15:32:19+01:00
-    content: |
-      Well done on passing the audit! Although it should be noted that this audit did not investigate all of your systems. Basically, this audit only covers yours servers. It doesn't cover your client software (ie apps) nor your other systems, such as customer support and billing. Do you have any plans to have those audited?
-  - author: Viktor Vecsei
-    date: 2019-12-10T20:28:15+01:00
-    content: |
-      Thanks for your comment! A comprehensive audit is under way right now. Please see more here: <a href="/blog/ivpn-to-undergo-extensive-security-audit/" rel="nofollow ugc">https://www.ivpn.net/blog/ivpn-to-undergo-extensive-security-audit/</a>
-
-
----
-From the start of IVPN, almost 10 years ago, we engineered our systems to not log any data that could be tied to an individual user account. Until now our customers had no way to verify this but today we're proud to announce the results of an independent audit conducted by [Cure53][1].
-
-Below is an excerpt from the conclusion ([Download][2] the full unredacted report from Cure53's website)
-
-> "To conclude this Cure53 audit and verification of the IVPN privacy-related claims yielded very positive results. The outcomes of this March 2019 audit, paired with fluent communications as well as the general handling of every aspect discussed during the assessment, attest to the considerable dedication to privacy matters at the IVPN project. Based on the findings, it is safe to say that all of the IVPN's privacy statements could be verified as truthful within the defined scope. The requirements for both general security claims to be considered appropriate were successfully well met for all VPN gateways."
-
-The scope of the audit was to verify the no-logging claims made in our privacy policy and included all IVPN systems that are involved in serving a customers VPN connection, including the VPN gateway servers and authentication servers. A total of 3 auditors spent 7 days performing the audit during March 2019. 
-
-When we setup IVPN and configured the our systems not to log, it required a lot more than directing logs to the null device. We have a complex configuration of scripts that set up and tear down dynamic configurations for port forwarding, multi-hop etc. These scripts communicate and store state information without persisting any data to disk, one of many design decisions we've made as a security-focused company. 
-
-Cure53 was able to identify only one issue which they classified as 'low' impact and which they said "does not negatively impact this conclusion". The issue was that our DNS servers temporarily cache their responses to improve performance however none of this data is related to a customer IP address or user account in any way and is only stored temporarily until the cache timeout. This means that if an adversary had access to a DNS server they could see what domains had been recently resolved but not which customer IP had sent the request. Regardless we decided to disable the caching so this issue has been fully mitigated. 
-
-We expect this report to provide another strong signal that we take our customers privacy and security very seriously and are dedicated to being as transparent as possible. If you have any questions relating to this audit please do not hesitate to [contact us][3].
-
- [1]: https://cure53.de/
- [2]: https://cure53.de/audit-report_ivpn.pdf
- [3]: /contactus/
diff --git a/src/content/es/blog/2019-06-11-block-ads-and-beat-data-surveillance-with-ivpns-antitracker.md b/src/content/es/blog/2019-06-11-block-ads-and-beat-data-surveillance-with-ivpns-antitracker.md
deleted file mode 100644
index 928f1f057..000000000
--- a/src/content/es/blog/2019-06-11-block-ads-and-beat-data-surveillance-with-ivpns-antitracker.md
+++ /dev/null
@@ -1,116 +0,0 @@
----
-title: Block ads and beat data surveillance with IVPN's AntiTracker
-authors: ["Viktor Vecsei"]
-categories: ["Releases"]
-tags: ["Apps", "Privacy"]
-draft: false
-date: 2019-06-11T12:25:33+00:00
-url: /blog/block-ads-and-beat-data-surveillance-with-ivpns-antitracker/
-comments:
-  - author: Two Bits
-    date: 2019-06-13T10:54:48+02:00
-    content: |
-      Great job. You guys have effectively copied Perfect Privacy.
-  - author: Anonymous
-    date: 2019-06-15T21:22:15+02:00
-    content: |
-      You're saying that like it's the only VPN giving this feature. PP is not the only VPN out there, and it's also not the only one offering this as a feature.
-  - author: Anon
-    date: 2019-06-17T17:25:05+02:00
-    content: |
-      You Guys are amazing!!! Thanks a lot! :-).
-  - author: Jack
-    date: 2019-06-18T03:54:22+02:00
-    content: |
-      The new AntiTracker feature is awesome, thank you! I previously used a popular browser-based ad-blocker but I never liked the idea of having a browser plug-in needing to analyze all of my browsing data to determine what to block (which is how browser-based ad blockers work). Network level tracker-blocking and ad-blocking is definitely the better way to do it (for efficiency, privacy, and security). Also, another problem I've had with browser-based ad-blockers is that they can "break" certain websites, but I haven't had this problem with AntiTracker. Again, thank you for this great new feature!
-  - author: Aero
-    date: 2019-06-19T01:03:32+02:00
-    content: |
-      Could we get user selectable Hardcore mode, particularly if more companies get added? That is, I'm still too embedded in the Google eco-system to be able to go hardcore on them. I would love to go hardcore on Facebook, though.
-  - author: JPL_anon
-    date: 2019-06-19T04:13:51+02:00
-    content: |
-      AntiTracker is an awesome new feature and it works great! I no longer need to use and maintain ad blockers in my browsers anymore (that all have settings and whitelists etc that take some time to maintain). Kudos to an excellent new feature. Thank you from a very happy customer!
-  - author: Viktor Vecsei
-    date: 2019-06-19T12:10:03+02:00
-    content: |
-      Thanks for the feedback! We are collecting requests like this and we'll evaluate the options for improving this feature.
-  - author: Anonymous
-    date: 2019-06-19T16:36:10+02:00
-    content: |
-      Of course there are others out there, Anonymous, but the striking resemblance to TrackStop is quite noteworthy! Coincidence? lol
-    
-      Perfect Privacy rolled this out in 2016, and yes, you are correct, many other VPNs (including IVPN) have followed their lead.
-  - author: Anonymous
-    date: 2019-06-19T16:37:45+02:00
-    content: |
-      Perfect Privacy has this. It's a custom filter for all social media domains. Give it a shot.
-  - author: Anon_223
-    date: 2019-06-24T19:50:14+02:00
-    content: |
-      Could you publish the Android app with the antiTracker on F-droid so it can be kept up-to-date easier?
-  - author: Viktor Vecsei
-    date: 2019-06-24T23:22:55+02:00
-    content: |
-      Thanks for the recommendation, we will explore this.
-  - author: IVPN FAN
-    date: 2019-07-14T19:29:44+02:00
-    content: |
-      Please have some toggles for websites hardcore mode. Like I'd never use google search, google maps or facebook, but I'd need Youtube. Great job btw, make IVPN great again!
-  - author: WubbaLubbaDubDub
-    date: 2019-08-20T20:15:09+02:00
-    content: |
-      Is this based on Pi Hole on your backend DNS server? Or have you implemented it using HOSTS file blocking or something else?
-  - author: Viktor Vecsei
-    date: 2019-08-21T09:24:50+02:00
-    content: |
-      A curated block list is applied on our DNS servers (no relation to Pi-Hole, similar logic) ->
-    
-      <a href="/knowledgebase/general/antitracker-faq/" rel="nofollow ugc">https://www.ivpn.net/knowledgebase/general/antitracker-faq/</a>
-  - author: Stephen
-    date: 2019-08-30T07:50:15+02:00
-    content: |
-      it would be good if you guys do what Trackstop do and mess with the device fingerprint. apparently it is so sophisticated the power to be can track you with this alone
-    
-      ps finished the 3 day trial and it was great. $100 US is expensive when converted to australian dollar
-
----
-IVPN's core mission is to help people control what information they share with others. Our VPN service solves a key privacy problem by encrypting your traffic, making it inaccessible to your ISP and anyone else who may wish to surveil your online activity.
-
-However, there is a lot more going on in terms of privacy violations when you are connected to the Internet. Thousands of companies track your movement across websites, profile your activities and sell that information to advertisers or the highest bidding data brokers.
-
-
-Adding an ad blocker to our core service provides multiple benefits. First, it makes the browsing experience faster and less overwhelming. IVPN's DNS-based blocking solution doesn't allow calls to ad services to go through when visiting websites, fulfilling this need much more effectively compared to browser extensions.
-
-This feature also has the added benefit of blocking the data trackers that companies use to build a profile of you by tracking your browsing behavior. An enhanced privacy protection is what we work towards at IVPN, we consider this even more valuable than ad blocking; so naming the tool 'AntiTracker' seemed a logical choice. This way every user of our VPN service can block not only unwanted ads, adware and malicious websites, but also data tracking operations.
-
-### Hardcore Mode: block Google and Facebook domains
-
-Privacy-conscious individuals are becoming increasingly frustrated by the complete disregard for, and empty promises about privacy from the flagship bearers of the surveillance economy: Google and Facebook. As an ethical [Tracking Free company][1] we strive to support anyone who plans to cut ties with them.
-
-One major step towards that goal is enabling the optional 'Hardcore Mode' of our AntiTracker feature to make the majority of their services inaccessible, and block domains for Facebook and Google services. This is particularly useful in two scenarios:
-
-  1. To receive the best protection available against their tracking methods and trying to go 'off the grid' from their pervasive scanning.
-  2. To wean yourself off their services and start looking for alternatives, contributing to a profiling-free and more competitive Internet.
-
-Keep in mind that URLs, services and dependencies from these two companies will likely not work when you go 'all in' with Hardcore Mode.
-
-We believe our solution has arrived at a critical time, not only due to the overwhelming success of data surveillance business models - which make it ever harder to preserve your privacy online without extra safeguards - but because the key players are [making it increasingly harder][2] to fight back with conventional methods. IVPN's AntiTracker feature goes one step towards a future in which no one can be surveilled, profiled and discriminated against by governments [based on what they do online][3].
-
-### Get started
-
-You can use the AntiTracker tool right now by downloading the [latest versions][4] of the IVPN application from our website.  
-Please note that some websites might not be accessible when using this tool - you can learn more about common questions and tips in our related [Knowledge Base article][5].  
-For Android users this feature won't be available in the Play Store distributed app version due to Google policies (surprise, surprise) and we recommend downloading the latest version [directly from our website][6].
-
-We would also like to invite you to give feedback on our AntiTracker tool after testing it by [sending us a message][7].  
-   
-Thank you for supporting the vision of a tracking free future!
-
- [1]: /blog/ivpn-is-now-a-tracking-free-provider/
- [2]: https://www.cnet.com/news/google-holds-firm-on-chrome-changes-that-may-break-ad-blockers/
- [3]: https://www.bbc.com/news/world-us-canada-48486672
- [4]: /apps/
- [5]: /knowledgebase/general/antitracker-faq/
- [6]: /apps-android/
- [7]: /contactus/
diff --git a/src/content/es/blog/2019-07-11-windows-support-and-privacy-improvements-for-wireguard.md b/src/content/es/blog/2019-07-11-windows-support-and-privacy-improvements-for-wireguard.md
deleted file mode 100644
index ed322ba15..000000000
--- a/src/content/es/blog/2019-07-11-windows-support-and-privacy-improvements-for-wireguard.md
+++ /dev/null
@@ -1,55 +0,0 @@
----
-title: Windows support and privacy improvements for WireGuard
-# Example: /blog/this-is-a-good-post
-url: /blog/windows-support-and-privacy-improvements-for-wireguard/
-draft: false
-authors:
-  - Nick Pestell
-categories:
-  - Releases
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - Apps
-  - Protocols
-  - Privacy
-  - WireGuard
-date: 2019-07-11T07:56:15.000Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/windows.png
----
-When picking a VPN service there are multiple criteria for evaluation, starting with questions like [who owns the company][1] behind it, whether your [provider keeps logs][2] and [what happens with the data][3] you share. Two further measures are usually on the top of the remaining list: the type of security the service provides and the connection speed you can achieve while using it. 
-
-On these two fronts, a newcomer protocol, [WireGuard][4], offers the possibility for significant improvements to existing solutions for VPN services. While it is still in its test phase, and requires formal reviews and further audits before being ready for prime time, WireGuard clearly offers improved security and better speeds over currently-preferred protocols like OpenVPN.   
-
-
-Implementing WireGuard in our applications and offering its use through our service was a key priority for us last year. In a pioneering move [we integrated][5] it in our Android, iOS and macOS apps last December. Since then, feedback from our subscribers who have tested the solution have been overwhelmingly positive. As Windows was not officially supported by WireGuard at the time of our initial launch, adding the option to our app remained on our to-do list. After a recent release by the team behind the protocol, we are now happy to offer the test use of WireGuard in all of our applications.
-
-**WARNING: The WireGuard protocol is currently under heavy development and should be considered experimental. At this time we do not recommend using WireGuard except for testing or in situations where security is not critical. We keep our WireGuard VPN servers completely separate from our OpenVPN servers to ensure there are no security risks.**
-
-_27/04/2020 update: Since its merge into Linux Kernel (v5.6) and the release of WireGuard 1.0, we consider the protocol to be ready for wide-scale use. We now offer WireGuard to all our subscribers._  
-
-_More information:_ [https://www.ivpn.net/wireguard/][10]
-
-Existing subscribers can start testing WireGuard simply by downloading the latest version of our Windows application and enabling WireGuard in the Settings (please see our [guide][6] and [FAQ][7] for more information). If you are not using IVPN yet, you can take advantage of our 3-day obligation-free trial option to test the service. 
-
-We have further news regarding our WireGuard implementation: As a VPN provider with a chief focus on privacy protection, we have considered and evaluated the possible risks of using the protocol during our tests. Security experts in our team have identified and solved multiple issues – including users' public IP being stored in memory indefinitely, the lack of real dynamic IP allocation and no 'identity-hiding forward secrecy' offered – and have taken significant steps towards eventually recommending WireGuard as a default VPN protocol to use. If you are curious about these technical solutions please review our article [Using WireGuard for Privacy Protection][8].  
-
-
-If you have any feedback, questions or concerns about WireGuard for IVPN, our [team is standing by][9] for your message.
-
-Looking forward to hearing your test impressions.  
-
-
-Nick Pestell &  
-the IVPN team
-
- [1]: /facts
- [2]: /blog/ivpn-no-logging-claim-verified-by-independent-audit/
- [3]: /privacy/
- [4]: https://www.wireguard.com/
- [5]: /blog/introducing-wireguard-fully-automated/
- [6]: /setup/windows-10-wireguard/
- [7]: /knowledgebase/general/wireguard-faq/
- [8]: /knowledgebase/general/using-wireguard-for-privacy-protection/
- [9]: /contactus/
- [10]: /wireguard/
\ No newline at end of file
diff --git a/src/content/es/blog/2019-10-09-ivpn-to-undergo-extensive-security-audit.md b/src/content/es/blog/2019-10-09-ivpn-to-undergo-extensive-security-audit.md
deleted file mode 100644
index 5641f948f..000000000
--- a/src/content/es/blog/2019-10-09-ivpn-to-undergo-extensive-security-audit.md
+++ /dev/null
@@ -1,31 +0,0 @@
----
-title: IVPN to undergo extensive security audit
-# Example: /blog/this-is-a-good-post
-url: /blog/ivpn-to-undergo-extensive-security-audit/
-draft: false
-authors:
-  - Nick Pestell
-categories:
-  - IVPN News
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - Audit
-  - Security
-date: 2019-10-09T14:54:37.000Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/audit.png
----
-Earlier this year IVPN published results of an audit that [verified our no-logging claims][1]; we are now taking the next steps towards demonstrating trustworthiness and commitment to protecting customer privacy in a transparent way. 
-
-Today we are ready to announce that a comprehensive security audit will be performed on all of our systems starting next month (November 2019). It will be carried out by cure53, an independent firm who possess the necessary experience and expertise after completing numerous similar projects in the industry. The scope is extensive and includes:
-
-  * Public VPN service infrastructure
-  * IVPN internal server infrastructure
-  * IVPN website
-
-The audit will be undertaken by six security auditors; due to its scope we expect the process to take a considerable amount of time. We forecast a conclusion early in the new year (January 2020) and aim to publish the results shortly thereafter.
-
-Nick Pestell  
-CEO
-
- [1]: /blog/ivpn-no-logging-claim-verified-by-independent-audit/
\ No newline at end of file
diff --git a/src/content/es/blog/2019-11-29-introducing-a-new-ivpn-subscription-plan.md b/src/content/es/blog/2019-11-29-introducing-a-new-ivpn-subscription-plan.md
deleted file mode 100644
index 5d7e54ce4..000000000
--- a/src/content/es/blog/2019-11-29-introducing-a-new-ivpn-subscription-plan.md
+++ /dev/null
@@ -1,52 +0,0 @@
----
-title: Introducing a new IVPN subscription plan
-# Example: /blog/this-is-a-good-post
-url: /blog/introducing-a-new-ivpn-subscription-plan/
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - IVPN News
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - Subscriptions
-date: 2019-11-29T16:06:34.000Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/pricing.png
-comments:
-  - author: Gamix
-    date: 2019-12-09T13:12:04+01:00
-    content: |
-      Thanks for this awesomes plans :)
-
----
-IVPN is working towards a future where mass surveillance is not a key part of our reality. To make our VPN service more accessible to customers looking for privacy protection we are introducing a new, more affordable subscription plan. 
-
-Customers signing up today have the chance to choose between IVPN Standard, covering up to 2 personal devices, and IVPN Pro covering up to 7, with additional tools such as Multi-hop and Port forwarding available.
-
-> July 2023 update: Port Forwarding is being phased out from the IVPN service and is no longer offered to new customers.\
-> You can find more information in a [blog post][1] about this change.
-
-Below is a detailed comparison of our new plans:
-
-
-|          |             |    |
-| -------- | ----------------- | ------------ |
-| **Plan** | **IVPN Standard** | **IVPN Pro** |
-| Monthly price | $6 | $10 |
-| Annual price | $60 | $100 |
-| Devices covered | 2 | 7 |
-| All locations and protocols accessible | ✅ | ✅ |
-| AntiTracker | ✅ | ✅ |
-| Multi-hop | ❌ | ✅ |
-| Port Forwarding | ❌ | ❌ |
-
-
-A note to current IVPN customers: all existing subscriptions are converted to IVPN Pro with the added benefit of 7 device coverage, improved from the previous limit of 5. Moving forward, IVPN Pro Quarterly plans cost $30 and will not be offered to new subscribers.
-
-With any questions about our new plans please [contact][2] our customer service team directly.
-
-IVPN Team
-
- [1]: /blog/gradual-removal-of-port-forwarding/
- [2]: /contactus/
diff --git a/src/content/es/blog/2019-12-12-password-less-vpn-authentication.md b/src/content/es/blog/2019-12-12-password-less-vpn-authentication.md
deleted file mode 100644
index 57062cfca..000000000
--- a/src/content/es/blog/2019-12-12-password-less-vpn-authentication.md
+++ /dev/null
@@ -1,30 +0,0 @@
----
-title: Password-less VPN authentication
-# Example: /blog/this-is-a-good-post
-url: /blog/password-less-vpn-authentication/
-draft: false
-authors:
-  - Nick Pestell
-categories:
-  - Releases
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - Apps
-  - Security
-date: 2019-12-12T15:17:26.000Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/password-less.png
----
-TL;DR - We no longer require customers to specify a password when connecting to the VPN as we have randomly generated usernames and the password doesn't affect the security of the VPN tunnel in any way. You still require a password to login to the website Client Area. 
-
-To understand more about this decision read on.
-
-An authenticator is the means by which an identity is confirmed e.g. password or 2FA token. When designing information systems its important to choose an authenticator that is commensurate with the sensitivity of the information to which the use of the authenticator permits access. Companies use VPN technology to permit offsite staff secure access to their corporate networks. If an attacker were able to steal an employees credentials they would have full access to all the internal servers on the corporate network. Privacy VPN services use the same technology but instead of providing secure access to an internal network they provide secure access to the Internet. If an attacker were able to steal some credentials they would simply gain access to the Internet like any other IVPN customer and could do no more than use our service without paying for it.
-
-The username and password are only used to check that you have a paid account. They are not used in any way to establish the security of the VPN tunnel itself i.e. cryptographic keys are not derived from them.
-
-IVPN have always generated random usernames (62^8 combinations), so from now on we will use the username as the identifier and remove the requirement for a password. This not only simplifies user experience, but removes the confusion about needing a strong password for the VPN tunnel. 
-
-New versions of the IVPN apps will be released today with the username field renamed to 'Account ID' and the password field removed. If you are connecting with a non-IVPN app simply specify any password.
-
-Please note: This has no effect on the client area. To access the IVPN Client Area on the website you still need to enter the email address and password you signed up with.
\ No newline at end of file
diff --git a/src/content/es/blog/2020-01-23-independent-security-audit-concluded.md b/src/content/es/blog/2020-01-23-independent-security-audit-concluded.md
deleted file mode 100644
index 0eb317ca9..000000000
--- a/src/content/es/blog/2020-01-23-independent-security-audit-concluded.md
+++ /dev/null
@@ -1,107 +0,0 @@
----
-# Example: /blog/this-is-a-good-post
-url: /blog/independent-security-audit-concluded/
-highlighted: true
-draft: false
-authors:
-  - Nick Pestell
-date: 2020-01-23T16:27:01.000Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/audit.png
-comments:
-  - author: John Ivpnuser
-    date: 2020-01-29T05:15:33.000Z
-    content: |
-      I can't seem to access the report!?
-  - author: John Doe
-    date: 2020-01-31T00:09:18.000Z
-    content: >
-      Thank you to everyone involved in the audit and being transparent about
-      it. I understand that not every minor detail cannot be covered, but it's
-      good to at least know that you guys are making an effort to show things
-      are being done. Again thank you, I don't see much activity in regards to
-      promotion of your services but I hope I prosperous new year to you all and
-      that you keep this transparency up in the future.
-  - author: Viktor Vecsei
-    date: 2020-02-05T08:31:48.000Z
-    content: >
-      The link is working on our end. Please contact our customer service team
-      here if you still can't access it: <a href="/contactus/" rel="nofollow
-      ugc">/contactus</a> - they are ready to send it to you directly through
-      other channels.
-  - author: cure69
-    date: 2020-03-04T10:05:31.000Z
-    content: |
-      great to see, thanks for doing this =)
-  - author: Jorge
-    date: 2020-03-14T14:43:41.000Z
-    content: >
-      I am not that IT literate; So how if at all does this audit correlate to
-      logging" either network or user related?
-  - author: spinon
-    date: 2020-03-15T00:22:40.000Z
-    content: >
-      The total number of issues found in the Cure53 audit (9) does not tally
-      with the sum of the numbers in parentheses. Why the glaring discrepancy?
-  - author: Viktor Vecsei
-    date: 2020-04-14T10:16:18.000Z
-    content: >
-      No-logs claim specifically was scrutinized in an earlier audit: <a
-      href="/blog/ivpn-no-logging-claim-verified-by-independent-audit/"
-      rel="nofollow
-      ugc">https://www.ivpn.net/blog/ivpn-no-logging-claim-verified-by-independent-audit/</a>
-  - author: Viktor Vecsei
-    date: 2020-04-14T10:22:37.000Z
-    content: >
-      The number of low errors indicated in the original blog post (1) was
-      incorrect. It is actually 3 - as visible in the full audit PDF linked. So
-      the total issue count was shown correctly, while we made a basic addition
-      error on that specific type. This is now fixed. Sorry.
-title: Independent security audit concluded
-categories:
-  - IVPN News
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - Audit
-  - Transparency
-socalUrls:
-  redditUrl: https://www.reddit.com/r/IVPN/comments/f1oyw6/extensive_independent_security_audit_of_the_ivpn/
----
-We're pleased to announce that an independent security audit of the IVPN service conducted by Cure53 has concluded. The audit was conducted by 6 members of the Cure 53 team over 21 man-days in late November and December. 
-
-The purpose of the audit was to evaluate the security of our information systems by measuring how well they conform to a set of security best practices. The audit identifies vulnerabilities that may affect the security or privacy of our customers and provides recommendations on how to resolve them. However, an audit only provides a snapshot of the systems in scope during the period in which it was conducted. We hope that publishing the results of these audits increases our customer's confidence in the security of our systems and demonstrates our commitment to operating transparently wherever possible.
-
-The scope of the audit was very extensive and included our public VPN service infrastructure, our internal backend servers supporting our VPN service and penetration testing of our public web servers. A white-box approach was used whereby Cure53 was given full access to all our code repositories and a dedicated audit environment created to replicate our exact production environment. No access to production VPN servers or infrastructure was granted to members of the cure53 team.
-
-A total of 9 issues (3 high, 2 medium, 3 low, 1 info) were discovered, all of which were either immediately resolved or have since been resolved. Although the general assessment concludes the audit on the positive note and the vast majority of infrastructure was shown to be designed with high levels of security, the audit identified two vulnerabilities which we'd like to expand on below.
-
-1. **Disabled CSRF token**
-
-During the audit it was identified that CSRF protection middleware on the IVPN website was commented out.
-
-Although it was re-enabled immediately, it showed that our development process failed to protect us from this code being deployed in the first place. We believe that the code disabling CSRF was pushed to production accidentally by a developer with intention to debug some transient issue on staging and then merged it to production branch.
-
-The attacker would yield no personal data (beyond what would be required to be already known for the attack to succeed) or affect the privacy or security of the customers VPN service in any way. The only possible adverse effect would be locking the user out of their account by modifying their password. Regardless, we take this vulnerability very seriously and have already done the following to ensure this vulnerability can't be exposed again:
-
-  * Created strict rules within our deployment process to peer-review code before deployment (and configured branch permissions to ensure this).
-  * Added automated tests to ensure this specific vulnerability cannot be deployed.
-
-**2. Add-on modules vulnerabilities**
-
-We have a legacy system from the early years of our business which contained modules with various security issues. This system has multiple levels of protection and were only accessible to someone
-
-  * with access to our internal network
-  * with valid access credentials to the legacy server
-  * with 2FA authentication set up on the legacy server
-
-Although only a few people in the company could theoretically exploit these modules, we acknowledge that they should have been removed earlier and it shows that we had a blind spot in the legacy part of our infrastructure. To resolve this issue we immediately deactivated the insecure modules.
-
-### Commitments going forward {#Commitments-going-forward-2020-and-beyond}
-
-We believe that extensive regular audits are necessary to ensure our customer's security and continued trust. We are committed to conducting an annual audit of all our infrastructure. We will initiate another comprehensive audit of similar scope towards the end of this year and every 12 months after that.
-
-We have made available the [Cure53 report][1] for those interested in more detail. For transparency we decided to publish the full report with only the details about the vulnerabilities removed to ensure sensitive information about our infrastructure was not exposed (internal hostnames, code snippets etc).
-
-IVPN Team
-
- [1]: https://cure53.de/summary-report_ivpn_2019.pdf
\ No newline at end of file
diff --git a/src/content/es/blog/2020-02-10-ivpn-applications-are-now-open-source.md b/src/content/es/blog/2020-02-10-ivpn-applications-are-now-open-source.md
deleted file mode 100644
index bd5b766fc..000000000
--- a/src/content/es/blog/2020-02-10-ivpn-applications-are-now-open-source.md
+++ /dev/null
@@ -1,37 +0,0 @@
----
-title: IVPN applications are now open source
-# Example: /blog/this-is-a-good-post
-url: /blog/ivpn-applications-are-now-open-source/
-highlighted: true
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - IVPN News
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - Apps
-  - Open Source
-  - Transparency
-date: 2020-02-10T11:08:57.000Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/github.png
-socalUrls:
-  redditUrl: https://www.reddit.com/r/IVPN/comments/f296ed/ivpn_applications_are_now_open_source/
----
-Today we are excited to announce the open sourcing of all IVPN applications (Android, macOS, iOS and Windows) under GPLv3 license. 
-
-This is a first step in a multi-year plan to open source many parts of our service. The planned next step is releasing key parts of our infrastructure to the public with the ultimate goal of enabling anyone to set up and verify our VPN server configuration.
-
-Similarly to other projects we have been working on in the past year ([security audit,][1] [defining ethical boundaries][2], [going tracking-free][3]), our aim is to improve our transparency and build trust with current and future IVPN customers. Another motivation for open sourcing was to help developers start or improve information security and privacy enhancing projects. 
-
-Members of the IVPN team have been using, supporting, and building on Free and Open Source Software for decades in our personal and professional lives. We are happy to join the long list of companies working on open software. 
-
-Head over to our [GitHub page][4] to review our active repositories and start working with us towards a future where open software supports individual privacy and Internet freedom.
-
-IVPN Team
-
- [1]: /blog/independent-security-audit-concluded/
- [2]: /ethics/
- [3]: /blog/ivpn-is-now-a-tracking-free-provider/
- [4]: https://github.com/ivpn
\ No newline at end of file
diff --git a/src/content/es/blog/2020-04-06-ivpn-for-android-is-now-available-on-f-droid.md b/src/content/es/blog/2020-04-06-ivpn-for-android-is-now-available-on-f-droid.md
deleted file mode 100644
index 9b6947d64..000000000
--- a/src/content/es/blog/2020-04-06-ivpn-for-android-is-now-available-on-f-droid.md
+++ /dev/null
@@ -1,38 +0,0 @@
----
-title: IVPN for Android is now available on F-Droid
-# Example: /blog/this-is-a-good-post
-url: /blog/ivpn-for-android-is-now-available-on-f-droid/
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - Releases
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - Apps
-  - Open Source
-  - Privacy
-  - Transparency
-date: 2020-04-06T12:00:00.000Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/f-droid.png
-socalUrls:
-  redditUrl: https://www.reddit.com/r/IVPN/comments/fvxsj5/ivpn_for_android_is_now_available_on_fdroid/
----
-This year we are working on projects that increase transparency and offer better privacy protection for our customers. In Febuary [we open sourced][1] all our client software and plan doing the same for other parts of our service. To complete the first phase of this project, we have submitted our Android client successfully to F-Droid, an open source repository for Android apps.
-
-Members of our community suggested this step so they can bypass Google Play when using our service. With the help of F-Droid, now anyone can [install our app][2] and access important updates without any dependency on Google's privacy-violating platform.
-
-While preparing the submission, we have found values [published][3] by the F-Droid team that align well with our own: "F-Droid respects your privacy. We don't track you, or your device. We don't track what you install. You don't need an account to use the client, and it sends no additional identifying data when talking to our web server other than its version number."
-
-These words have resonated with us. By writing this post, we want to highlight the privacy gains from using their platform: transparency provided by [reproducible builds][4] and the option to break free from centralized app stores. 
-
-If you are concerned about your privacy, use F-Droid for installing not just IVPN, but all apps for your Android device. If you are a developer, submitting your applications to the platform is a great move. We hope to see more privacy protecting tools published on the platform.
-
-IVPN Team
-
-
- [1]: /blog/ivpn-applications-are-now-open-source/
- [2]: https://f-droid.org/
- [3]: https://f-droid.org/en/about/
- [4]: https://www.f-droid.org/en/2019/05/05/trust-privacy-and-free-software.html
\ No newline at end of file
diff --git a/src/content/es/blog/2020-04-07-most-people-dont-need-a-commercial-vpn-to-work-from-home-securely.md b/src/content/es/blog/2020-04-07-most-people-dont-need-a-commercial-vpn-to-work-from-home-securely.md
deleted file mode 100644
index 2a4e92641..000000000
--- a/src/content/es/blog/2020-04-07-most-people-dont-need-a-commercial-vpn-to-work-from-home-securely.md
+++ /dev/null
@@ -1,30 +0,0 @@
----
-title: Most people don't need a commercial VPN to work from home securely
-# Example: /blog/this-is-a-good-post
-url: /blog/most-people-dont-need-a-commercial-vpn-to-work-from-home-securely/
-draft: false
-authors:
-  - Nick Pestell
-categories:
-  - Privacy & Security
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags: []
-date: 2020-04-07T13:25:11.000Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/work-from-home.png
----
-Many small businesses and their employees are concerned about the security of their data whilst working from home during the coronavirus pandemic. We see a lot of confusion surrounding this topic, even from fairly technical folk and there is unfortunately a lot of misinformation being spread by commercial VPN providers themselves. **TL;DR - Most people do NOT need a commercial VPN provider to work from home securely and any provider telling you otherwise is probably selling you snake-oil.** It's a bit like arguing that you should put on a helmet to drive your car around your neighbourhood at 30 mph. Yes you're less vulnerable than without it but does the risk justify the cost? No, not in our opinion. This excludes employees on the move who are connecting from untrusted networks and especially those with more sensitive threat models e.g. journalists.
-
-Before we dive in I want to emphasise that this article makes quite a few assumptions. To start we assume you are an employee working from home for a small to medium size company which hosts their applications in the cloud and those applications use TLS/HTTPS (as shown by the little lock in the browser bar) and you don't have an extreme threat model involving sophisticated government agencies or other well funded adversaries attempting to steal your data.
-
-VPN technology was originally developed to allow enterprises to extend their private internal networks over the Internet. Instead of having to purchase expensive dedicated links between sites (e.g. a remote site and the head office) they could purchase two routers which established a secure connection over the Internet. The VPN ensured the confidentiality and integrity of the data whilst traversing the public Internet. There is also the 'road warrior' configuration where staff requiring remote access to their company's internal servers could establish a VPN from their laptop to a VPN router connected to the company's internal network. These companies typically have strong perimeter defences and relatively lax controls on the internal network. The VPN router in this case not only ensures data confidentiality and integrity but also **access control** i.e. only authenticated users with authorisation are allowed access to defined servers on the internal VPN. Many, perhaps most large companies still operate these VPN routers which enable their employees to work from any Internet enabled remote location securely. If you are working for such a company, you will typically be using a VPN client form Cisco, Citrix, Sonicwall etc. with strong authentication e.g. 2FA with a RSA hardware token. In this case a VPN is obviously necessary whilst working from home, without it you won't be able to access the applications you need to do your job (email, CRM etc.)
-
-The other use-case for a VPN is offered by a commercial VPN provider. These companies make various claims about ensuring your security, privacy and anonymity. Although the same basic VPN technology is used, the goals are very different. When you connect to a commercial VPN provider you are not attempting to access a server on their private network (as in the enterprise case above), rather you are connecting to a VPN router/server which is simply connected to the public Internet i.e. you connect from the public Internet and once connected have access to the same public Internet.
-
-Although this may at first seem pointless it actually creates several side-effects which are potentially desirable. Because the VPN server acts as a proxy server i.e. processes all Internet requests on behalf of all connected users using the same source IP address it effectively masks the IP assigned to you by your ISP. In addition the data traversing the VPN link between your device and the VPN server is encrypted so the company providing you Internet access (your ISP) cannot see which websites you access. However what we are attempting to address here is the security of your data. What attacks does encrypting your Internet traffic between your device and a random server on the Internet prevent?
-
-The most cited reason for using a VPN for security is to prevent attacks on untrusted networks e.g. public Wi-Fi. The presumption here is that the Wi-Fi operator may be malicious or that the Wi-Fi network itself doesn't implement encryption thereby enabling various eavesdropping attacks. These are valid concerns and using a VPN may well mitigate these attacks. However in this article we are discussing working from home and assuming you are connecting to a Wi-Fi network that you trust or directly control. We're also assuming you have configured your Wi-Fi with WPA2 or WPA3 (typical on most modern routers, you can verify this in your router configuration) and a strong passphrase so all traffic sent from your devices to your home router is encrypted with a similar level of security to that used by a commercial VPN provider. Ok so what about the data sent from your home router to the destination server? Well this is where ubiquitous TLS (https) connections save the day, yes that little lock in your browser bar that everyone talks about. If its there when you connect to a website (or the address starts with https) then you are using TLS, a modern encryption protocol that ensures that all data between the browser and web server is encrypted.
-
-By now you're probably seeing that there are multiple layers of encryption on the Internet and generally speaking for most people's security needs we don't need more than one layer. So lets take the case of Jane who works for Acme inc. a company with 100 remote employees with all their applications in the cloud. Jane uses Gsuite, Zoom, Salesforce, Slack and a custom app hosted on AWS. Whenever she connects to any of these apps, a secure encrypted connection is established and all data sent by the browser is encrypted until it reaches the application server. As Jane is connected via Wi-Fi, the encrypted TLS data is again encrypted by her network adapter between her laptop and her Wi-Fi router. Then from her home router to the Salesforce server it is protected by the TLS encryption established by her browser. At no point is the data vulnerable to an eavesdropper. If Jane was convinced to use a commercial VPN provider then there would be an additional layer of encryption between her laptop and the VPN server, offering no value unless you are concerned that the underlying TLS encryption is not sufficient, which is not normally a concern for most organisations. And when using a VPN, the connection from the VPN server to the salesforce server is not encrypted by the VPN, only the path from the user device to the VPN server.
-
-So we don't think Jane needs a commercial VPN to work securely from home in this scenario. However if Jane is concerned about her ISP snooping on the websites she is visiting or she needs some basic IP layer anonymity then there may be a use-case for a commercial VPN provider but thats a subject for another article.
\ No newline at end of file
diff --git a/src/content/es/blog/2020-04-22-beta-ivpn-linux-app-released.md b/src/content/es/blog/2020-04-22-beta-ivpn-linux-app-released.md
deleted file mode 100644
index f37fe0aca..000000000
--- a/src/content/es/blog/2020-04-22-beta-ivpn-linux-app-released.md
+++ /dev/null
@@ -1,48 +0,0 @@
----
-title: Beta IVPN Linux app released
-# Example: /blog/this-is-a-good-post
-url: /blog/beta-ivpn-linux-app-released/
-highlighted: true
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - Releases
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - Apps
-  - Open Source
-date: 2020-04-22T14:57:51.000Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/linux.png
-socalUrls:
-  redditUrl: https://www.reddit.com/r/IVPN/comments/g62o2e/ivpn_cli_linux_app_is_out_in_open_beta_feedback/
----
-**tl;dr**: The [IVPN Linux CLI app][1] is available for testing - all feedback is welcome.
-
-IVPN apps have been available for most major platforms since the [release of our iOS][2] app back in 2017. The obvious missing piece was an app for Linux.
-
-Better support for Linux is big development priority for us this year. As a first milestone, we are releasing a beta command-line app with support for firewall, [WireGuard][3], [AntiTracker][4] and [Multi-hop][5] included.
-
-![Linux Example](/images-static/uploads/LIN.gif)
-
-Minimum requirements:
-
-  * 64-bit OS / Linux kernel 3.10+
-  * OpenVPN version v2.3.10+
-  * Third-party binary dependencies installed (OpenVPN, if not present by default; WireGuard; Obfsproxy, if required)
-
-During internal testing, we have verified everything works as expected on the latest versions of some popular distributions (Ubuntu, Fedora, Debian, Mint) plus some LTS editions.
-
-We invite you to [download the client][1] and start testing with us. Drop your feedback in the [dedicated Reddit thread][6], add issues [on GitHub][7] or [contact us][8] to share your findings. Please include your distribution version details plus any error messages.
-
-Next project milestone is a GUI app, which we expect to release in the coming months.
-
- [1]: /apps-linux/
- [2]: /blog/new-ivpn-app-ios/
- [3]: /wireguard/
- [4]: /antitracker/
- [5]: /what-is-a-multihop-vpn
- [6]: https://www.reddit.com/r/IVPN/comments/g62o2e/ivpn_cli_linux_app_is_out_in_open_beta_feedback/
- [7]: https://github.com/ivpn/desktop-app-cli
- [8]: /contactus/
diff --git a/src/content/es/blog/2020-04-22-updating-the-ivpn-certificate-authority.md b/src/content/es/blog/2020-04-22-updating-the-ivpn-certificate-authority.md
deleted file mode 100644
index b2a913a67..000000000
--- a/src/content/es/blog/2020-04-22-updating-the-ivpn-certificate-authority.md
+++ /dev/null
@@ -1,46 +0,0 @@
----
-title: Updating the IVPN Certificate Authority
-# Example: /blog/this-is-a-good-post
-url: /blog/updating-the-ivpn-certificate-authority-2020/
-highlighted: true
-draft: false
-authors:
-  - Iain Douglas
-categories:
-  - IVPN News
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags: []
-date: 2020-05-18T10:22:33.085Z
-thumbnailImage: /images-static/uploads/server_certificate_small.png
----
-This is an advanced warning that you may need to take action to continue using our service beyond 20th July 10:56 2020 UTC.
-
-The IVPN Certificate Authority (CA) is used to sign certificates we issue for our servers. This allows your computer to verify that the VPN server it is connecting to is one of IVPN's and not one operated by someone else. You can use our service after 20 July with the following app versions:
-
-* Windows v2.11.6 or newer
-* Android v1.66.2 or newer
-* iOS v1.19.0 or newer
-* macOS v2.11.7 or newer
-* all Linux versions
-
-Please check if your IVPN apps are up-to-date and download the latest versions to avoid disruptions.
-
-Configuration file users
-
-* OpenVPN - [Download][1] new files from here if your files are older than 23rd March 2020.
-* DD-WRT - Generate a new configuration with our [configurator][2].
-* Other OpenVPN - You will need to download our [new CA certificate file.][3]
-
-**WireGuard and IPSec/IKEv2 - no action required.**
-
-### More info
-
-The IVPN CA was created 10 years ago and will expire on 20th July 2020. When this happens certificates issued by the CA will become untrusted and OpenVPN connections to our VPN servers will stop working.
-
-In preparation for this event, we have created a new CA and root certificate. We used this to create new VPN server certificates. We also used the old CA to cross sign the new CA root certificate. We have already updated our infrastructure and until 20th July connections to our servers using the old CA certificate and the new CA certificate will be trusted.
-
-If you have any questions please contact <support@ivpn.net>
-
- [1]: /releases/config/ivpn-openvpn-config.zip
- [2]: /clientarea/ddwrt
- [3]: /releases/config/ca.crt
diff --git a/src/content/es/blog/2022-01-31-ivpn-apps-on-all-platforms-to-undergo-security-audit.md b/src/content/es/blog/2022-01-31-ivpn-apps-on-all-platforms-to-undergo-security-audit.md
deleted file mode 100644
index cc7b0c167..000000000
--- a/src/content/es/blog/2022-01-31-ivpn-apps-on-all-platforms-to-undergo-security-audit.md
+++ /dev/null
@@ -1,21 +0,0 @@
----
-title: IVPN apps to undergo security audit for 2022 
-# Example: /blog/this-is-a-good-post
-url: /blog/ivpn-apps-on-all-platforms-to-undergo-security-audit-2022/
-highlighted: true
-draft: false
-authors:
-  - Nick Pestell
-categories:
-  - IVPN News
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - Audit
-date: 2022-01-31T13:11:33.085Z
-thumbnailImage: /images-static/uploads/audit.png
----
-Last year in March 2021 we published a comprehensive 3rd party audit of our IVPN apps for all platforms (Windows, macOS, Linux, iOS, Android). As part of our ongoing commitment to annual audits, we will again be engaging cure53, an independent firm who possess the necessary experience after completing numerous similar projects in the industry. The audit is scheduled to start next week (7 Feb 2022) and we expect to publish the results no later than end of March 2022.
-
-Nick Pestell  
-CEO  
-IVPN  
diff --git a/src/content/es/blog/2023-03-15-ivpn-infrastructure-audit-concluded.md b/src/content/es/blog/2023-03-15-ivpn-infrastructure-audit-concluded.md
deleted file mode 100644
index 3355962f0..000000000
--- a/src/content/es/blog/2023-03-15-ivpn-infrastructure-audit-concluded.md
+++ /dev/null
@@ -1,35 +0,0 @@
----
-title: IVPN infrastructure security audit concluded
-url: /blog/ivpn-infrastructure-audit-concluded/
-highlighted: true 
-draft: false 
-authors:
-  - Nick Pestell
-categories:
-  - IVPN News
-tags:
-  - Audit
-  - Security
-date: 2023-03-15T11:04:37.000Z
-thumbnailImage: /images-static/uploads/audit.png
----
-We're pleased to announce that an independent security audit of the new IVPN gateway infrastructure has concluded.
-
-We recently decided it was necessary to upgrade our VPN gateway servers to a major new OS version which included many configuration changes. This provided a good opportunity to audit the new servers in our testing environment before deploying them to production for customer use.
-
-## Audit results
-
-Two senior members of the Cure53 team conducted the audit over 6 days in February 2023. The audit was divided into two work packages:
-
-1. Penetration tests and configuration review of the VPN gateway server.
-2. Source code-assisted penetration tests against the VPN server OS and OS setup. 
-
-A white-box approach was used whereby the auditors had access to our public and private Github code repositories and a dedicated test environment. No access to production VPN servers or infrastructure was granted to members of the Cure53 team.
-
-A total of 3 security vulnerabilities and 5 miscellaneous issues were discovered (1 medium, 6 low, 1 info). All issues have been remediated. As a result we are now planning the upgrade of our infrastructure with the new configuration. We have made the [Cure53 report](https://cure53.de/pentest-report_IVPN_2023.pdf) available for those interested in the details. For transparency we decided to publish the full report with only potentially sensitive information removed (internal hostnames etc).
-
-## Commitments going forward
-
-We believe that extensive regular audits are necessary to ensure our customer’s security and continued trust. We continue to commit to an annual security audit where we will focus on those parts of our infrastructure and apps that we believe to be the most critical.
-
-IVPN Team
\ No newline at end of file
diff --git a/src/content/es/blog/2023-06-29-gradual-removal-of-port-forwarding.md b/src/content/es/blog/2023-06-29-gradual-removal-of-port-forwarding.md
deleted file mode 100644
index a72fcccdd..000000000
--- a/src/content/es/blog/2023-06-29-gradual-removal-of-port-forwarding.md
+++ /dev/null
@@ -1,44 +0,0 @@
----
-title: Gradual removal of port forwarding from the IVPN service
-url: /blog/gradual-removal-of-port-forwarding/
-draft: false 
-authors:
-  - IVPN Staff
-categories:
-  - IVPN News
-tags:
-  - Subscriptions
-date: 2023-06-29
----
-Protecting the interest of our customers and ensuring the stability of the service have been key principles for IVPN since starting our operations more than ten years ago. To keep delivering on these promises, we have made the decision to gradually phase out the port forwarding feature from the IVPN Pro plan. 
-
-## Reasons for this change
-
-Port forwarding enables activities, such as large scale abuse and sharing of objectionable materials that can have a negative effect on our servers and operations. While the majority of customers are not using the feature for such purposes, actions of a few can have undesirable consequences affecting the whole VPN network. 
-
-Since recent similar changes in the policies of another popular VPN service provider, we have seen a significant influx of new customers, and the risks posed by such activities have grown manyfold. A considerable increase in law enforcement inquiries and erosion of relationship with data centers could threaten our ability to keep serving our customers. 
-
-We have no insights into how any one specific customer uses IVPN, and that needs to stay that way. After careful deliberation, we have found no other way to avoid further negative outcomes, but to gradually remove the port forwarding feature from service. We expect this move will result in more favourable load and bandwidth conditions on our end points. These changes should enable a better customer experience for our subscribers going forward.
-
-## Timeline
-
-1. As of today (29 June 2023), Port forwarding is not offered for new customers as part of the Pro plan. Further, existing IVPN Pro customers cannot reserve new ports. Existing reservations will stay in place, and can be disabled by manual action. 
-
-2. We are disabling all reserved ports and completely remove this feature from our service on 30 September 2023. 
-
-## How does it affect you
-
-Overall, we expect this change to improve the service for the vast majority of our customers, whilst negatively affecting only a small percent.
-
-If you have an IVPN Standard account, this change does not affect you. 
-
-By default, port forwarding is disabled on Pro accounts. If you have a Pro account, and have not activated port forwarding in the My Account settings, then this change does not affect you either. We suggest reading our ['Do you support Port Forwarding?'](https://www.ivpn.net/knowledgebase/general/do-you-support-port-forwarding/) explainer to learn more. 
-
-This change will only affect IVPN Pro users who take advantage of port forwarding to host servers behind the VPN. Examples for this are gaming servers, media servers, web servers or blockchain nodes. Another popular application is running a seedbox or file server to distribute a significant quantity of data.
-For some of these use cases, there are alternate solutions, for example using a free mesh VPN like Tailscale to access your home servers from outside your private network. You can consult our ['How do I remotely connect to my home system or services?'](https://www.ivpn.net/knowledgebase/general/how-do-i-remotely-connect-to-my-home-system-or-services-behind-the-vpn-connection/) guide for more information.
-
-If you have an IVPN Pro subscription with port forwarding enabled, note that once you disable your current reserved port, you won't be able to enable this feature again. Further, your current port forwarding set up will stop working on 30 September. 
-
-If you have any questions or concerns about this change, [contact us](https://www.ivpn.net/contactus/).   
-
-IVPN Team
\ No newline at end of file
diff --git a/src/content/es/blog/2023-08-10-name-change-from-privatus-to-ivpn-limited.md b/src/content/es/blog/2023-08-10-name-change-from-privatus-to-ivpn-limited.md
deleted file mode 100644
index 1b0a37fcb..000000000
--- a/src/content/es/blog/2023-08-10-name-change-from-privatus-to-ivpn-limited.md
+++ /dev/null
@@ -1,32 +0,0 @@
----
-title: Change of company name to IVPN Limited
-url: /blog/change-company-name-privatus-ivpn-limited/
-draft: false 
-authors:
-  - IVPN Staff
-categories:
-  - IVPN News
-tags:
-  - Transparency
-date: 2023-08-10T08:25:00.000Z
----
-We have officially changed the name of the company operating IVPN from Privatus Limited to IVPN Limited. Ownership structure, jurisdiction, address and administrative registration details are unchanged.  
-
-The reason for this move is to bring our product and brand name into alignment, reducing confusion and providing clarity to customers, partners and other parties about the operator of the service.
-
-To reiterate, this change only concerns the name of the company, and has no effect on:
-
-* Ownership structure of the company
-* Team behind IVPN
-* Registration number or other company details
-* Gibraltar jurisdiction, registered address 
-* Legal guidelines, processes for data requests and transparency reports
-
-In the coming days, we will update the company name on various assets of IVPN, including, but not limited to, different pages of our website, apps, and GitHub pages. 
-
-Our new company details, for reference:
-
-*IVPN Limited
-5 Secretary’s lane
-GX11 1AA
-Gibraltar*
diff --git a/src/content/es/blog/battery-life-apple-silicon-build-ivpn-app.md b/src/content/es/blog/battery-life-apple-silicon-build-ivpn-app.md
deleted file mode 100644
index fec0ddb5d..000000000
--- a/src/content/es/blog/battery-life-apple-silicon-build-ivpn-app.md
+++ /dev/null
@@ -1,74 +0,0 @@
----
-title: Battery life improvements with Apple silicon builds
-url: /blog/battery-life-apple-silicon-build-ivpn-app/
-highlighted: false
-draft: false
-authors:
-  - Alexandr Stelnykovych
-  - Viktor Vecsei
-categories:
-  - Under the Hood	
-tags:
-  - Apps
-date: 2021-11-10T09:35:00.000Z
-thumbnailImage: /images-static/uploads/silicon_thumb.png
----
-We have tested the battery consumption rate of the IVPN app with constant VPN connectivity using two protocols (WireGuard and OpenVPN) on two different app builds (M1 and Intel). We concluded that using a dedicated Apple silicon app build with WireGuard protocol can offer up to 22% increase in battery life over OpenVPN on Intel build version when bandwidth is not limited. This translates to up to 2,5 hours of extra use time on an M1 Macbook Air. In contrast, a test with artificial speed limits demonstrated only a modest (2%) improvement. Read on for detailed results. 
-
-## Why these tests?
-
-When connected, VPN apps have the potential to be notorious battery hogs due to the constant encryption operations being performed. While apps (including our software) run well on M1 Rosetta without a dedicated build, we have received customer requests for an ARM version, citing expectations around improved battery performance. 
-As a result, we planned to validate whether customer assumptions are true. If, and only if tests show that significant gains can be achieved in battery performance we were ready to commit to compiling an M1 version of the IVPN app going forward.  
-
-## Testing process design
-
-Device used: 2020 M1 Macbook Air
-
-Testing battery drain time (100% to 0%) with machine unplugged
-
-Conducting eight test runs with active VPN connection, combination of:
-- Protocol a/b: OpenVPN, WireGuard
-- Speed limit a/b: Yes (21 Mbps), No 
-- Build a/b: Intel, M1 Apple silicon  
-<br>
-
-Further notes for testing environment:
-- Results are derived from total seconds measured until battery is fully discharged 
-- Power adapter unplugged, start at full battery
-- No additional applications installed 
-- IVPN App in connected state, no other apps running
-- IVPN connected to the same server for each test run
-- Throttled download speed matching in limited runs
-- IVPN app UI is active and visible
-- Battery status configuration: Turn off display - Never
-- Display True Tone: disabled
-- macOS version: 12.0.1 (Monterey)
-- IVPN Client v3.3.63
-
-## What are the findings? 
-
-  | Intel | M1
--- | -- | --
-  | Battery drain time(hours) | Battery drain time(hours)
-OpenVPN(speed limit 21Mbs) | 14,15 | 14,03
-WireGuard(speed limit 21Mbs) | 14,29 | 14,48
-OpenVPN | 10,61 | 10,96
-WireGuard | 12,33 | 13,01
-
-![Image](/images-static/uploads/silicon_tests.png)
-
-Looking at the chart above we can deduce customers connecting through OpenVPN on an Intel-based IVPN app build could potentially achieve a ≈22% or 2,5 hours increase in battery life by switching both app builds and VPN protocols.
-
-We have to note these results are artificial and achieving them could be unrealistic. Speed-limited tests might replicate everyday use with more fidelity, since you use similar amounts of bandwidth for similar tasks even if you switch protocols and builds. Comparing the results of these tests show the lower bound for expected improvements is roughly 2%. 
-We are planning to replicate these tests with the recently released M1 Pro and Max in the coming weeks and update this post with the results. 
-
-Following these findings, we released a dedicated M1 ARM build and will continue to support it from now on. The choice between the Intel and M1 versions will be optional for all customers. For the best battery performance, please download the [appropriate build](https://www.ivpn.net/apps-macos/) for your device. If you are currently using the Intel version, you will not be prompted to upgrade to the Apple silicon version, you must download and install it manually.
-
-## Test it yourself
-
-To confirm the results or add your findings for M1 Pro or Max, follow these steps:
-1. Download both M1 and Intel IVPN macOS app builds [here](https://www.ivpn.net/apps-macos/).
-2. If you don’t have an active IVPN subscription, [email us](https://www.ivpn.net/contactus/) for a demo account.
-3. Download the test scripts used [here](https://github.com/ivpn/m1-battery-drain-tests).
-
-If you decide to carry these tests out, please post your results on [Reddit](https://www.reddit.com/r/IVPN/). 
diff --git a/src/content/es/blog/better-tracker-blocking-controls-with-antitracker-plus.md b/src/content/es/blog/better-tracker-blocking-controls-with-antitracker-plus.md
deleted file mode 100644
index 2abd625e1..000000000
--- a/src/content/es/blog/better-tracker-blocking-controls-with-antitracker-plus.md
+++ /dev/null
@@ -1,73 +0,0 @@
----
-title: Better tracker blocking controls with AntiTracker Plus
-url: /blog/better-tracker-blocking-controls-with-antitracker-plus/
-highlighted: true
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - Releases
-tags:
-  - Apps
-  - Privacy
-date: 2023-08-07T07:25:00.000Z
-thumbnailImage: /images-static/uploads/tracker-blocker.png
-
----
-IVPN AntiTracker is an optional feature of the VPN service that improves privacy protection by blocking requests from unwanted trackers and ads. Before today, AntiTracker operated with one blocklist option - OISD Big.
-
-With AntiTracker Plus we introduce ten different blocklist options to choose from: 
-
-* three combined lists with three different levels of blocking effectiveness
-* seven popular lists to select individually
-
-These options give you more control over the trade-off between more effective blocking and better usability. 
-
-For list combinations, you can choose from Basic, Comprehensive and Restrictive options, with each tier containing more entries that are blocked. The Restrictive option might cause websites and services to break, and is only recommended for the most privacy-conscious customers.
-
-We build and offer blocklists using the following sources:
-
-* [1Hosts][1]
-* [AdGuard DNS Filter][2]
-* [Developer Dan / Lightswitch05][3]
-* [EasyList][4]
-* [HaGeZi][5]
-* [OISD][6]
-* [Steven Black hosts][7]
-
-Please consult our [AntiTracker Plus FAQ entry][8] to learn more about list combinations and individual lists.
-
-### Getting started with Plus lists
-
-Access the AntiTracker settings in the IVPN app. Here you can select one of the new predefined, or individual lists to use under the "Block List” option.
-
-* On iOS, you need to reconnect to the VPN service to activate the new block list
-* On Android, block list selection is only available when not connected to the VPN service
-* When using Desktop apps, you can change lists any time
-
-<figure>
-    <img src="/images-static/uploads/at-plus.png"> 
-</figure>
-
-Note: 
-
-* For existing app installs, OISD Big is unchanged as default selection
-* For new setups, the Basic combination is the default selection
-
-We recommend reviewing and testing different options to find the most fitting for your needs.
-
-Hardcore mode, an additional AntiTracker setting that blocks all domains of Google and Facebook, is available in combination with each list option. 
-
-IVPN Staff
-
-
-*For AntiTracker Plus, we utilise various open-source blocklists, each owned and maintained by dedicated creators. We adhere to the provisions of their respective licenses. To learn more about these licenses, please visit the individual project pages of the resources, linked above.*
-
- [1]: https://o0.pages.dev/
- [2]: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
- [3]: https://github.com/lightswitch05/hosts
- [4]: https://easylist.to/
- [5]: https://github.com/hagezi/dns-blocklists
- [6]: https://oisd.nl/downloads
- [7]: https://github.com/StevenBlack/hosts
- [8]: /knowledgebase/general/antitracker-plus-lists-explained/
diff --git a/src/content/es/blog/command-line-interface-for-ivpn-released.md b/src/content/es/blog/command-line-interface-for-ivpn-released.md
deleted file mode 100644
index 006e4249b..000000000
--- a/src/content/es/blog/command-line-interface-for-ivpn-released.md
+++ /dev/null
@@ -1,58 +0,0 @@
----
-title: Command-line interface for IVPN released
-# Example: /blog/this-is-a-good-post
-url: /blog/command-line-interface-ivpn-released/
-highlighted: false
-draft: false
-authors:
-  - Alexandr Stelnykovych
-categories:
-  - Releases
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - apps
-date: 2020-05-20T11:50:34.740Z
-# 740px X 740px
-thumbnailImage: "/images-static/uploads/thumb_mac_cli-2x.png"
-# Ratio 1:1, example 500x500
-images:
-  - /images-static/uploads/og-mac-cli-2x.png
----
-As privacy advocates and technologists we are constantly working on features which we think will improve the user experience of the IVPN apps. Less than a month after the release of the Linux app, we are proud to release a command-line interface (CLI) for the macOS and Windows apps. After installing v2.12.0, it is possible to connect to the IVPN network using either the command line or graphical interface.
-
-To get started, open a Command Prompt from the Start menu on Windows or run Terminal.app on macOS. Enter `ivpn connect -any -country Canada` and hit enter - this simple command will start a VPN connection to an IVPN server in Canada. You can also try running `ivpn connect -last` to connect with the last successfully used connection settings.
-
-![command line interface gif](/images-static/uploads/blog-command-line-interface-release-2.gif)
-
-You can control all aspects of the IVPN app through the command line. Run `ivpn -h` to learn more about the available commands and parameters:
-
-```html
-$ ivpn -h
-Command-line interface for IVPN client (www.ivpn.net)
-version:2.12.0 (date:2020-05-13 commit:f8da51caf76cab956c1cc38819d08e04a337a296)
-
-Usage: ivpn COMMAND [OPTIONS...] [COMMAND_PARAMETER] [-h|-help]
-
-COMMANDS:
-status           Prints full info about IVPN state
-connect LOCATION Establish new VPN connection
-disconnect       Disconnect active VPN connection (if connected)
-servers FILTER   Show servers list
-firewall         Firewall management
-wgkeys           WireGuard keys management
-dns DNS_IP       Default 'custom DNS' management for VPN connection
-antitracker      Default AntiTracker configuration management for VPN connection
-logs             Logging management
-login ACCOUNT_ID Login operation (register ACCOUNT_ID on this device)
-logout           Logout from this device (if logged-in)
-account          Get info about current account
-
-Tips:
- ivpn COMMAND -h         Show detailed description of command
- ivpn -h -full           Show detailed description about all commands
-```
-
-\
-Our continued aim is to make the IVPN experience as seamless as possible. We have added the CLI option on macOS and Windows for customers who prefer to operate through the command line. It is just an option: you can also continue using the IVPN app graphical interface as before.
-
-IVPN Team
\ No newline at end of file
diff --git a/src/content/es/blog/device-management-for-better-control.md b/src/content/es/blog/device-management-for-better-control.md
deleted file mode 100644
index 81be506f9..000000000
--- a/src/content/es/blog/device-management-for-better-control.md
+++ /dev/null
@@ -1,46 +0,0 @@
----
-title: Introducing device management for better control of logged in devices
-url: /blog/device-management-for-better-control/
-highlighted: false
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
- - Releases
-tags:
- - Subscriptions
- - Apps
-date: 2024-02-13T05:55:00.000Z
-thumbnailImage: /images-static/uploads/rnew_release.png
----
-We are introducing IVPN device management, an opt-in (disabled by default) feature that helps you review and log out from devices currently logged in to IVPN apps. 
-
-This step is a direct response to frequent customer requests for better device controls. IVPN plans come with a device limit - 2 and 7 for Standard and Pro respectively. Prior to this update, reaching this limit necessitated logging out from all devices in case unused ones were not identifiable or accessible.
-
-<figure>
-    <img width="600px" src="/images-static/uploads/device_management_account_area.png"> 
-</figure>
-
-After [activating device management](/account/device-management) in the Account dashboard on ivpn.net:
-
-* A list becomes available with devices currently logged in, each labeled with an assigned name
-
-* IVPN apps start showing these associated device names
-
-* You will have the ability to log out from individual devices or all of them simultaneously
-
-* Disable Device Management option becomes available
-
-<figure>
-    <img width="600px" src="/images-static/uploads/device_naming_android.png"> 
-</figure>
-
-Device management is disabled by default due to a minor privacy tradeoff consideration. When device management is activated, an extra field for the device name is added to the temporary record table which helps limiting the number of connected devices. However, these device names, allocated by IVPN, are non-unique and recycled from a set list of seven across all accounts. This approach guarantees that device names alone do not link back to your account in case an adversary was able to gain access to this specific data.
-  
-We recommend reviewing our updated [privacy policy](/privacy/), which outlines how we manage device limits and provides information on device management implementation. You can also consult the [FAQ entry](/knowledgebase/general/device-management-faq/) on Device management for further details.
-
-If you have any questions or feedback about this update, don’t hesitate to [contact us](/contactus/).
-
-
-
-
diff --git a/src/content/es/blog/dns-over-https-doh-macos-linux-windows.md b/src/content/es/blog/dns-over-https-doh-macos-linux-windows.md
deleted file mode 100644
index 42c020749..000000000
--- a/src/content/es/blog/dns-over-https-doh-macos-linux-windows.md
+++ /dev/null
@@ -1,28 +0,0 @@
----
-title: DNS over HTTPS (DoH) support on macOS, Linux and Windows
-url: /blog/dns-over-https-doh-macos-linux-windows/
-draft: false
-authors:
-  - IVPN Staff
-categories:
-  - Releases
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - Apps
-  - Security
-date: 2022-04-05T07:56:15.000Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/linux.png
----
-IVPN offers custom DNS servers which, when accessed through the VPN ensure that your DNS queries are encrypted between your device and our DNS server. This is a necessity, as DNS queries are not encrypted by the DNS protocol and can be easily read by an adversary observing your traffic (even when using HTTPS for your web traffic). 
-
-Our DNS servers are logless, audited and also offer an Anti-tracker solution, which blocks most 3rd party trackers. However, some customers have additional requirements which require DNS over HTTPS (DoH) support to securely use 3rd party DNS servers.  DNS over HTTPS encrypts your DNS queries using HTTPS (tunneled through the VPN) and appears just like any other web traffic.
-
-You can now configure a custom DNS server which supports DNS over HTTPS from within the IVPN app on macOS, Linux and Windows 8, 10 or 11. Customers who do not require the use of a 3rd party DNS server (e.g. custom filtering lists) do not need to configure DNS over HTTPS. Doing so does not provide any additional security or privacy over the IVPN DNS server - unless you trust your DNS provider more than IVPN.
-
-If you have any questions please don't hesitate to [reach out][1] to our technical support team.
-
-IVPN Staff
-
-
- [1]: https://www.ivpn.net/contactus/
diff --git a/src/content/es/blog/extending-two-factor-authentication-to-ivpn-apps.md b/src/content/es/blog/extending-two-factor-authentication-to-ivpn-apps.md
deleted file mode 100644
index 01a6527bf..000000000
--- a/src/content/es/blog/extending-two-factor-authentication-to-ivpn-apps.md
+++ /dev/null
@@ -1,26 +0,0 @@
----
-title: Extending two-factor authentication to IVPN apps
-url: /blog/extending-two-factor-authentication-to-ivpn-apps/
-highlighted: false
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - Releases
-tags:
-  - Apps
-  - Security
-date: 2021-09-07T07:05:00.000Z
-thumbnailImage: /images-static/uploads/password-less.png
----
-Last year we added a two-factor authentication (2FA) option for [web-based account logins](/blog/new-open-source-ivpn-website-subscribe-without-email/). This week we are extending the time-based OTP (one-time password) support to IVPN apps. If you have 2FA enabled on your account you will need to use the previously set up authentication method when logging in to apps.
-
-A couple of notes about this change:
-
-1. We will activate this feature on 9th September 2021 for all IVPN apps: Android, iOS, and both CLI and GUI versions on Linux, macOS and Windows.
-2. 2FA for apps is only available for accounts that were created after November 2020 (account ID format: i-XXXX-XXXX-XXXX). If you wish to use 2FA for apps and have an IVPN subscription created before this date (account ID format: ivpnXXXXXXXX), contact our customer service to help you make the switch. 
-3. If you don't have 2FA enabled, these changes don't affect you and no further action is required. If you plan to enable 2FA now, you can do so by logging into the client dashboard on [https://www.ivpn.net](https://www.ivpn.net).
-
-If you have any questions or issues about this change, [contact us](/contactus/).
-
-IVPN Staff
diff --git a/src/content/es/blog/helping-people-decide-if-they-need-a-vpn-doineedavpn-launch.md b/src/content/es/blog/helping-people-decide-if-they-need-a-vpn-doineedavpn-launch.md
deleted file mode 100644
index f3142f36f..000000000
--- a/src/content/es/blog/helping-people-decide-if-they-need-a-vpn-doineedavpn-launch.md
+++ /dev/null
@@ -1,33 +0,0 @@
----
-title: Helping people decide if they need a VPN - DoINeedAVPN launch
-url: /blog/helping-people-decide-if-they-need-a-vpn-doineedavpn-launch/
-highlighted: false
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - Under the Hood
-tags:
-  - Open Source
-  - Privacy
-  - Security
-date: 2021-03-17T11:15:00.000Z
-thumbnailImage: /images-static/uploads/doineed.png
-images:
-  - /images-static/uploads/doineed_og_1200_627.png
----
-TL;DR: We have created an open-source <a href="https://www.doineedavpn.com/" target="_blank">tool</a> that helps people decide if they need a commercial VPN.
-
-Releasing a blog post titled ["Why you don't need a VPN"](/blog/why-you-dont-need-a-vpn/) seemed like a bold move for some who follow IVPN. Who heard of a business that turns away potential customers?
-
-For us, publishing that piece felt inevitable. We were jaded by the marketing hype and over-promises by popular providers, who chase new audiences and position their solutions as a privacy and security cure-all. After incorporating certain points made in the original blog post to our home page copy, we realized we should do more.
-
-Most websites that discuss VPNs detail finding the best one, or picking the most suitable for you. There is less focus is on whether a commercial VPN is a fitting choice for your needs and threat model. Promoting VPNs is more lucrative than steering people away from them. Yet A VPN won't make you anonymous and for that purpose Tor is a better fit. Protecting your data on WiFi networks you don't trust is better solved by running your own VPN. Commercial VPNs can only partly solve other problems and we wanted to address these as well.
-
-{{< figure class="shadow" src="/images-static/uploads/Screenshot 2021-03-16 at 17.16.09.png" title="" >}}
-
-<a href="https://www.doineedavpn.com/" target="_blank">DoINeedAVPN.com</a> lists twenty-one privacy, security and anti-censorship concerns. It evaluates the combination of selections and recommends the use of commercial VPNs or alternative tools, where applicable. If the user picks issues that VPNs cannot solve, like hiding financial transactions, or stopping Facebook from tracking them, we steer them clear from using a commercial VPN service. We provide a detailed explanation for each selection, no matter if a VPN solves that issue or not.
-
-For better transparency, we have added a 'decision tree' <a href="https://www.doineedavpn.com/outcomes" target="_blank">explanation page</a> where you can review the logic behind the recommendations and each end state. Similarly to IVPN website and app projects, <a href="https://www.doineedavpn.com/" target="_blank">DoINeedAVPN.com</a> is open source. If you have spotted a bug or found a way to improve the project, open an issue <a href="https://github.com/ivpn/doineedavpn.com" target="_blank">on GitHub</a> or [contact us](/contactus/). Any suggestions and feedback is welcome.
-
-We hope this tool will provide clarity for people who want to understand what a commercial VPN can and cannot do for them.
diff --git a/src/content/es/blog/in-support-of-ukraine.md b/src/content/es/blog/in-support-of-ukraine.md
deleted file mode 100644
index 7dc14af63..000000000
--- a/src/content/es/blog/in-support-of-ukraine.md
+++ /dev/null
@@ -1,33 +0,0 @@
----
-title: "In support of Ukraine: distributing free IVPN accounts"
-url: /blog/in-support-of-ukraine
-draft: false
-authors:
-  - IVPN Staff
-categories:
-  - IVPN News
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - Privacy
-  - Security
-date: 2022-02-28T07:56:15.000Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/ukrflag.png
----
-*__March 16 Update__: Visit our [dedicated Support Ukraine page][3] to request a free IVPN account. This offer is open to anyone in Ukraine, Russia and Belarus.*
-
-IVPN has multiple team members hailing from Ukraine. Their reality has shifted from living and working in a  peaceful environment to fleeing the country and hiding in bomb shelters in a matter of days. We are standing up for the right of self-determination and sovereignty of our colleagues and all Ukrainians. We will do our best as individuals and as a company to support them.
-
-Beyond internal measures and this statement, we want to help anyone affected by offering free VPN service. Some digital communication  channels are cut off or [limited in Ukraine][1], and increasingly [censored in Russia][2]. We are distributing free subscriptions to anyone in these two countries so they can try to circumvent current and future limitations.
-
-Why include Russia? While their nation is an aggressor in this conflict, we believe many Russians are against this move, and continue to look for information from outside of their country through free and unrestricted Internet access.
-
-If you are a citizen of Ukraine, Russia or Belarus, or you reside in these countries please visit our dedicated [free account request page][3] to take up on this offer.
-
-Furthermore, if you need information, tips or assistance on using privacy tools and anti-censorship measures, we will do our best to help.
-
-IVPN Staff
-
- [1]: https://twitter.com/gatech_ioda
- [2]: https://www.bbc.com/news/technology-60533083
- [3]: https://www.ivpn.net/supportua/
\ No newline at end of file
diff --git a/src/content/es/blog/insights-about-apple-app-store-rules-for-vpn-apps.md b/src/content/es/blog/insights-about-apple-app-store-rules-for-vpn-apps.md
deleted file mode 100644
index 173314fac..000000000
--- a/src/content/es/blog/insights-about-apple-app-store-rules-for-vpn-apps.md
+++ /dev/null
@@ -1,103 +0,0 @@
----
-title: Insights about Apple App Store Rules for VPN Apps
-# Example: /blog/this-is-a-good-post
-url: /blog/insights-apple-app-store-rules-vpn-apps/
-highlighted: false
-draft: false
-authors:
-  - Juraj Hilje
-categories:
-  - Under the hood
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - apps
-date: 2020-06-03T12:40:14.612Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/app_store.png
----
-As VPN developers and maintainers of the iOS VPN app distributed on the App Store, we deal with App Review and many of its peculiarities on a weekly basis. In this post we will look at:
-
-* What **unique requirements** VPN apps need to meet to be approved for App Store
-* How Apple's App Review **affects release cycle** for VPN apps on the App Store
-* Which **countries are not allowed** to distribute VPN apps
-* Behind-the-scene insight on how Apple is **reviewing VPN apps** (good & the bad parts)
-
-We’ll share some of my experiences and suggestions on how to handle the App Review process. Additionally, I will cover some unique requirements the App Review process holds for VPN apps.
-
-## About the App Review Process
-
-Every new app or update that is released in the App Store goes through a screening process called the App Review. Even though Apple uses automated tools to filter potential issues, there is also a manual review involved, conducted by an Apple Review Team member. This process has evolved over time, most noticeably in terms of reducing the review time (from a few weeks to under 24 hours), as well as defining clear rules and guidelines. One thing has stayed the same : it is fairly rigorous.
-
-Though the App Review guidelines and process have changed over the years, the main purpose remained the same — creating a trustworthy ecosystem, a safe environment where the App Store customer can rest assured that all the apps sold there meet certain basic requirements.
-
-For this same reason, Apple Review policies often create friction and overhead for app developers. Developing an app that looks and works great is a challenge in and of itself, but when you plan to release that app in the App Store, it also becomes a product that has to comply with high standards in other areas: appropriate content, customer privacy, special legal requirements, and many others.
-
-Think of it in terms of pharmaceutical production — inventing a new type of medicine that does its job is not enough. Before you can place it on the market, it has to comply with FDA rules that ensure its safety and efficiency.
-
-As daunting as they may sometimes be, these Guidelines provide safety for all parties involved. Once your app is available on the App Store, your customers are sure that your product complies at least with a minimum quality the App Store policies require. That means they’ll be more likely to purchase your app, and [purchase it at a higher average price](https://appleinsider.com/articles/19/07/03/apples-app-store-generated-80-more-revenue-than-google-play-with-a-third-as-many-installs-in-first-half-of-2019 "https\://appleinsider.com/articles/19/07/03/apples-app-store-generated-80-more-revenue-than-google-play-with-a-third-as-many-installs-in-first-half-of-2019").
-
-## Specific Rules for VPN Apps
-
-In June 2019, Apple made a separate section for VPN apps in App Store Review Guidelines. The primary goal of this change is to purge the App Store of VPN apps that share user data to 3rd parties. Though this rule is supposed to improve privacy for VPN app users, Apple seems to be struggling with its implementation.
-
-To this day, a [large percentage of VPN apps](https://www.top10vpn.com/research/investigations/free-vpn-ios-apps-data-sharing/ "https\://www.top10vpn.com/research/investigations/free-vpn-ios-apps-data-sharing/") on the App Store do not comply with this rule. For many of these apps, you don’t need to conduct an audit or a deep-level analysis to determine they’re in breach of this rule — reading their privacy policy is enough.
-
-Let’s take a look at some of the prerequisites and recommendations a VPN app has to meet in order to get approved by the App Store.
-
-### User Data Collection
-
-After Guidelines update in June 2019, Apple clearly prohibits 3rd-party data sharing for VPN apps.
-
-It can be expected that, over a perceivable period of time, the App Store will begin weeding these apps out. The new VPN apps that have a privacy policy which doesn’t comply with this rule won’t be approved. As for the VPN apps currently sold on the App Store, they may experience problems with pushing an update, or Apple may remove the app from the App Store and its owner from Apple Developer Program.
-
-To make sure your VPN app complies with this rule, you have to clearly state what user data your app collects, how it uses it, and you have to state that you don’t share user info with third parties. Furthermore, you have to familiarize your users with this information before they purchase or start using the service. In other words, before your user can connect to your VPN service, your app has to show them a separate screen containing the privacy policy that complies with this App Store rule.
-
-### Countries where VPNs are Illegal or Restricted
-
-It is common for countries to invest in methods of blocking known VPN service providers. In some countries with repressive governments, using a VPN is even restricted or illegal. At the time of writing this article (May 2020), these countries are Belarus, Iraq, Oman, Turkmenistan, North Korea, China, Turkey, The UAE, Russia, and Iran.
-
-If a new VPN app, or an update of an existing one, is made available in mentioned App Store territories, the App Store will reject the app/update.
-
-However, sometimes the App Store Review team fails to check this and releases a VPN app in one of these countries. When this happens, you can expect that the App Review team will file a rejection at some point for one of your subsequent updates, demanding you pull the app from countries where VPNs are illegal.
-
-### App Review Reliability for VPN Apps
-
-The App Review process relies on manual work from an employee that has to do [50 to 100 app reviews per day](https://www.cnbc.com/2019/06/21/how-apples-app-review-process-for-the-app-store-works.html "https\://www.cnbc.com/2019/06/21/how-apples-app-review-process-for-the-app-store-works.html"). This makes it close to impossible for the review team to test and screen every detail and use-case in your app. Sometimes, they approve an app that doesn’t comply with one of their rules. This may lead to inconsistency with reinforcing App Store rules and guidelines. It often happens that they approve one app with a certain feature, while they reject another with the exact same feature.
-
-If you feel that the App Review team misunderstood your feature and just blindly quoted the Guidelines, make your case by stating the reasons behind it. This approach will most likely result with an approval — if it was indeed a misunderstanding and not a violation of the rules.
-
-But even when you manage to squeeze an app that doesn’t comply with the rules and guidelines past the review team and onto the App Store, you’re not permanently in the clear. The App Review team might notice their mistake the next time you try to push an update.
-
-### Grey Areas
-
-Continuing with inconsistencies, an interesting example is ads- and content-blocking, and how Apple is dealing with approving or rejecting this feature. It is usually implemented using a public iOS API (NEPacketTunnelProvider) to configure a VPN tunnel and filter the outgoing DNS requests.
-
-There have been reports (for example [here](https://adguard.com/en/blog/adguard-pro-discontinued.html "https\://adguard.com/en/blog/adguard-pro-discontinued.html") and [here](https://www.fastcompany.com/90236881/apple-tightlipped-on-removal-of-freedom-and-other-content-blocking-apps "https\://www.fastcompany.com/90236881/apple-tightlipped-on-removal-of-freedom-and-other-content-blocking-apps")) of apps that were pulled from App Store, with rejection response from App Review: "Guideline 2.5.1 - Performance - Software Requirements: Your app uses a VPN profile or root certificate to block ads or other content in a third-party app, which is not allowed on the App Store."
-
-In July 2019, in IVPN iOS app we introduced a similar feature called “[AntiTracker](https://www.ivpn.net/blog/block-ads-and-beat-data-surveillance-with-ivpns-antitracker/ "https\://www.ivpn.net/blog/block-ads-and-beat-data-surveillance-with-ivpns-antitracker/")”, that is used to block ads and data trackers across the entire device. But at some point in the future, Apple could demand that we remove this feature in order to be approved for App Store.
-
-## Conclusion
-
-App Review for VPN apps is usually more strict than the one for apps in some other categories, which is understandable, given the sensitive nature of the services provided by VPNs. Eventually, I expect there’ll be little to no room to veer around Apple’s rules and guidelines in this realm.
-
-If you are an iOS developer or perhaps a stakeholder that plans to distribute a VPN app on the App Store, do your best to follow good practices:
-
-**Don't share user data with 3rd-party services**
-
-At some point, Apple will surely weed out VPN apps that violate 3rd-party data sharing or other rules. Be careful with using any 3rd-party services and libraries in your app.
-
-**Be transparent with your users**
-
-VPN users will value clear and honest communication in release notes, new feature announcements and system status notifications, rather than vague and clever marketing quotes.
-
-**Have a clear business model**
-
-It looks like shady free VPN apps on the App Store are [coming to an end](https://appleinsider.com/articles/20/03/09/apple-removed-sensor-tower-vpn-ad-blocking-apps-for-gathering-user-data "https\://appleinsider.com/articles/20/03/09/apple-removed-sensor-tower-vpn-ad-blocking-apps-for-gathering-user-data"). Earn user trust with honesty and transparency, and base your business model on paid subscriptions.
-
-- - -
-
-### Further sources
-
-*[https://developer.apple.com/app-store/review/guidelines/](https://developer.apple.com/app-store/review/guidelines/ "https\://developer.apple.com/app-store/review/guidelines/")*\
-*[https://developer.apple.com/app-store/review/](https://developer.apple.com/app-store/review/ "https\://developer.apple.com/app-store/review/")*[\
-*https://www.technadu.com/apples-new-vpn-guidelines-havent-changed-app-store/70249/*](https://www.technadu.com/apples-new-vpn-guidelines-havent-changed-app-store/70249/ "https\://www.technadu.com/apples-new-vpn-guidelines-havent-changed-app-store/70249/")
diff --git a/src/content/es/blog/introducing-a-redesigned-ivpn-for-android.md b/src/content/es/blog/introducing-a-redesigned-ivpn-for-android.md
deleted file mode 100644
index 077ccc0f2..000000000
--- a/src/content/es/blog/introducing-a-redesigned-ivpn-for-android.md
+++ /dev/null
@@ -1,42 +0,0 @@
----
-title: Introducing a redesigned IVPN for Android
-# Example: /blog/this-is-a-good-post
-url: /blog/redesigned-ivpn-for-android/
-highlighted: false
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - Releases
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - Apps
-  - Open Source
-date: 2020-09-28T13:15:00.000Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/thumb-2x_andr.png
-# Ratio 1:1, example 500x500
-images:
-  - /images-static/uploads/1.jpg
----
-After kicking off the round of releases with [iOS earlier this month](https://www.ivpn.net/blog/release-revamped-ivpn-app-iphones-ipads/ "https\://www.ivpn.net/blog/release-revamped-ivpn-app-iphones-ipads/"), today we are introducing a rebuilt IVPN app for Android. The goals for this project were similar: to deliver a solution that offers better user control, a clearer overview of connection status and location, and enables a smoother setup process.
-
-An overview on what changed:
-
-![ivpn android interactive map](/images-static/uploads/1.jpg)
-
-*Select servers for Single- and Multi-Hop connections quicker on an interactive map*
-
-![ivpn android pullup menu](/images-static/uploads/2.jpg)
-
-*Switch protocols, network protection settings and enable AntiTracker through the pull-up menu*
-
-![ivpn android account management](/images-static/uploads/3.jpg)
-
-*Get an overview on your subscription and set up IVPN on other devices easier*
-
-Similarly to the iOS and iPadOS counterparts, IVPN for Android is open source. You can find the details and ways to contribute on our [GitHub page](https://github.com/ivpn/android-app).
-
-We hope you have a smooth experience with our new Android app - please drop us a line if you have any feedback.
-
-IVPN Staff
\ No newline at end of file
diff --git a/src/content/es/blog/introducing-split-tunnelling-to-ivpn-for-windows.md b/src/content/es/blog/introducing-split-tunnelling-to-ivpn-for-windows.md
deleted file mode 100644
index da25270fc..000000000
--- a/src/content/es/blog/introducing-split-tunnelling-to-ivpn-for-windows.md
+++ /dev/null
@@ -1,26 +0,0 @@
----
-title: Introducing split tunnelling to IVPN for Windows
-url: /blog/introducing-split-tunnelling-to-ivpn-for-windows/
-highlighted: false
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - Releases
-tags:
-  - Apps
-  - Privacy
-date: 2021-09-14T05:00:00.000Z
-thumbnailImage: /images-static/uploads/split.png
----
-Split tunnels enable you to remain connected to your VPN while simultaneously accessing specific apps and services directly, bypassing the VPN tunnel.  With this solution you can protect your privacy and connect to services that restrict or block customers who use commercial VPNs. This can be very useful when you need to access banking, streaming or gaming providers using your personal IP address.
-
-Split tunnels were previously supported on IVPN for Android, today we are adding this functionality to our Windows app, with Linux support coming later. Currently this feature is in beta and may still contain some bugs although it has been extensively tested internally.
-
-To enable split tunnelling update to the latest app version (v3.3.40) and define which applications you want to exclude from the tunnel. For example, to connect to Steam directly while using IVPN, add the Steam app to the list of Excluded Applications in the IVPN settings before launching it. If you plan to use split tunnelling to access local libraries of streaming services, follow the steps laid out in our [dedicated guide](/knowledgebase/general/can-i-access-hulu-or-netflix-or-bbc-iplayer-using-ivpn/).
-
-Note that these benefits come with risks. A split tunnel creates an intentional leak and so depending on your threat model we suggest reviewing our [Split Tunnel Uses and Limitations](/knowledgebase/general/split-tunnel-uses-and-limitations/) article to learn about potential issues and how to mitigate them.
-
-If you have any questions or feedback about split tunnels, [reach out to us](/contactus/).
-
-IVPN Staff
diff --git a/src/content/es/blog/ipv6-over-ipv4-available-for-testing.md b/src/content/es/blog/ipv6-over-ipv4-available-for-testing.md
deleted file mode 100644
index dee2c9616..000000000
--- a/src/content/es/blog/ipv6-over-ipv4-available-for-testing.md
+++ /dev/null
@@ -1,23 +0,0 @@
----
-title: IPv6 (over IPv4) available for testing
-url: /blog/ipv6-over-ipv4-available-for-testing/
-highlighted: false
-draft: false
-authors:
-  - Nick Pestell
-categories:
-  - Releases
-tags:
-  - Apps
-  - WireGuard
-date: 2021-06-29T07:05:00.000Z
----
-We now provide the option to receive an IPv6 address when connecting to our servers using WireGuard. This enables those with only an IPv4 address to access the IPv6 Internet. Access to IPv6 to connect to our servers using IPv6 is under development, and not yet included in this update.
-
-IPv6 over IPv4 is now available in all IVPN apps. If required, enable the option to see your assigned IPv6 address after connecting as well as the geolocation for both the IPv4 and IPv6 address. These two might be different in some due to how geolocation providers collect and publish this information. If you have a native IPv6 connection this feature will also display your IPv6 information when disconnected from the VPN.
-
-All our backend infrastructure (e.g. authentication servers) are IPv6 enabled which also allows us to better bypass blocks that previously prevented some customers from being able to login to the app. Similarly in cases where a website or service has blocked our IPv4 address, customers may have success in accessing the service over IPv6.
-
-Its important to note that when using this feature you will have both an IPv4 and IPv6 address i.e. dual-stack and will have effectively no control over which protocol is chosen when both IPv4 and IPv6 DNS records are returned for a host. Operating systems implement [RFC 6724](https://datatracker.ietf.org/doc/html/rfc6724) to varying degrees but applications can also implement their own logic which mostly follows the ‘Happy Eyeballs’  algorithm as defined in [RFC 8305](https://datatracker.ietf.org/doc/html/rfc8305). Happy Eyeballs attempts to optimize the user experience by trying both connections in parallel and using the first connection returned. For example, if you visit the IVPN website after enabling IPv6 in the app you will see in the header which protocol your browser has selected for our website (either an IPv4 or IPv6 address).
-
-If you have any questions about this feature please reach out to our support team.
diff --git a/src/content/es/blog/ivpn-apps-on-all-platforms-to-undergo-security-audit.md b/src/content/es/blog/ivpn-apps-on-all-platforms-to-undergo-security-audit.md
deleted file mode 100644
index 0d8e7481c..000000000
--- a/src/content/es/blog/ivpn-apps-on-all-platforms-to-undergo-security-audit.md
+++ /dev/null
@@ -1,23 +0,0 @@
----
-title: IVPN apps on all platforms to undergo security audit
-url: /blog/ivpn-apps-on-all-platforms-to-undergo-security-audit/
-highlighted: false
-draft: false
-authors:
-  - Nick Pestell
-categories:
-  - IVPN News
-tags:
-  - Audit
-  - Apps
-  - Transparency
-date: 2020-12-11T10:53:00.000Z
-thumbnailImage: /images-static/uploads/audit.png
----
-Earlier this year IVPN published results of a comprehensive [3rd party infrastructure audit](/blog/independent-security-audit-concluded/) that included VPN, web, authentication, API servers and supporting infrastructure. Following the open-sourcing of our apps in February this year, we decided to commission a comprehensive audit of IVPN apps for all platforms (Windows, macOS, Linux, iOS, Android).
-
-For this project we have engaged cure53, an independent firm who possess the necessary experience after completing numerous similar projects in the industry.  Five security auditors with expertise in each app platform will undertake the audit. It is scheduled to start in early February 2021 and we expect to publish the results no later than March 2021.
-
-Nick Pestell  
-CEO  
-IVPN  
diff --git a/src/content/es/blog/ivpn-apps-security-audit-2022-concluded.md b/src/content/es/blog/ivpn-apps-security-audit-2022-concluded.md
deleted file mode 100644
index f1065a35c..000000000
--- a/src/content/es/blog/ivpn-apps-security-audit-2022-concluded.md
+++ /dev/null
@@ -1,43 +0,0 @@
----
-title: IVPN apps security audit for 2022 concluded
-url: /blog/ivpn-apps-security-audit-2022-concluded/
-highlighted: false
-draft: false 
-authors:
-  - Nick Pestell
-categories:
-  - IVPN News
-tags:
-  - Audit
-  - Security
-date: 2022-04-06T10:04:37.000Z
-thumbnailImage: /images-static/uploads/audit.png
----
-We’re pleased to announce that an independent security audit of the IVPN apps conducted by Cure53 has concluded.
-
-Since our last audit 12 months ago we have made significant updates to apps on all platforms and judged that a new audit with similar scope is necessary this year.
-
-It’s important to note an audit only provides a snapshot of the code in scope during the period in which it was conducted. We hope that publishing the results increases our customer’s confidence in the security of our apps and shows our commitment to operating transparently wherever possible.
-
-## Audit results
-
-Three senior members of the Cure53 team conducted the audit over 13 days in February and early March. A white-box approach was used whereby the auditors had access to our public Github code repositories and a dedicated test environment for backend services. No access to production VPN servers or infrastructure was granted to members of the Cure53 team.
-
-A total of 8 vulnerabilities (1 high, 6 medium, 1 info) were discovered. All except one issue has been resolved, the remaining issue (IVP-04-014 WP, Medium) is complex to resolve without significantly affecting the user experience. The issue relates to how the daemon authenticates requests (from the user interface), which could lead to a malicious app being able to manipulate the VPN tunnel e.g. disconnect. We believe the probability of this being exploited is low, but are committed to finding a solution.
-
-12 miscellaneous issues were discovered, 9 of which have already been resolved and 3 of which we deemed to be very low risk and have accepted it. The [Cure53 report][1] is available for those interested in the details. For transparency we decided to publish the full report with only potentially sensitive information removed (internal hostnames, code snippets etc).
-
-*Update: 
-We have addressed a vulnerability (IVP-04-014 WP) mentioned in the audit report relating to how the daemon authenticates requests (from the UI), which could lead to a malicious app being able to manipulate the VPN tunnel e.g. disconnect without the users consent. We believe the probability of this being exploited is low, but we committed to finding a solution. Today we’re releasing a new version of the desktop app (3.8.7) with Enhanced App Authentication (EAA) which significantly mitigates this vulnerability.* 
-
-*EAA implements an additional authentication factor between the IVPN app (UI) and the daemon that manages the VPN tunnel. To enable it you will be required to define a separate password and will then be required to manually enter this password when starting the app. This functionality can be configured from the new ‘Advanced’ tab within the GUI or Command-line interface (see 'ivpn eaa --help).*
-
-
-## Commitments going forward 
-
-We believe that extensive regular audits are necessary to ensure our customer’s security and continued trust. We are committed to conducting an annual security audit where we will focus on those parts of our infrastructure and apps that we believe to be the most important.
-
-IVPN Team
-
-[1]: https://cure53.de/pentest-report_IVPN_2022.pdf
-
diff --git a/src/content/es/blog/ivpn-apps-security-audit-concluded.md b/src/content/es/blog/ivpn-apps-security-audit-concluded.md
deleted file mode 100644
index fe4423041..000000000
--- a/src/content/es/blog/ivpn-apps-security-audit-concluded.md
+++ /dev/null
@@ -1,31 +0,0 @@
----
-title: IVPN apps security audit concluded
-url: /blog/ivpn-apps-security-audit-concluded/
-draft: false 
-authors:
-  - Nick Pestell
-categories:
-  - IVPN News
-tags:
-  - Audit
-  - Security
-date: 2021-03-12T10:54:37.000Z
-thumbnailImage: /images-static/uploads/audit.png
----
-We're pleased to announce that an independent security audit of the IVPN apps conducted by Cure53 has concluded. 
-
-Since open sourcing our apps more than a year ago, our focus has been on a complete rewrite of our desktop apps for Windows and macOS. The goal was to deliver a more robust, secure and intuitive app experience using a single unified code base for all OSs including Linux.
-
-One of the security requirements was a full code audit and pen test by an independent 3rd party. This enabled discovering and fixing all vulnerabilities and issues before releasing the new desktop apps to customers. Since that process has successfully concluded, we expect to release the new IVPN desktop app in the next two weeks. The auditors have also reviewed the latest versions of our mobile apps for iOS and Android. 
-
-It's important to note an audit only provides a snapshot of the code in scope during the period in which it was conducted. We hope that publishing the results increases our customer's confidence in the security of our systems and shows our commitment to operating transparently wherever possible.
-
-## Audit results
-Five members of the Cure53 team conducted the audit over 18 person-days in late February and early March. A white-box approach was used whereby the auditors had access to our public Github code repositories and a dedicated test environment for backend services. No access to production VPN servers or infrastructure was granted to members of the Cure53 team.
-
-A total of 4 vulnerabilities (2 critical, 2 medium) were discovered, all in the new unreleased desktop app and which were immediately resolved. 10 miscellaneous issues were discovered, 8 of which were immediately resolved and 2 of which we deemed the risk very low and are investigating solutions for. We have made the [Cure53 report](https://cure53.de/pentest-report_IVPN.pdf) available for those interested in the details. For transparency we decided to publish the full report with only potentially sensitive information removed (internal hostnames, code snippets etc).
-
-## Commitments going forward 
-We believe that extensive regular audits are necessary to ensure our customer's security and continued trust. We are committed to conducting an annual security audit where we will focus on those parts of our infrastructure and apps that we believe to be the most important.
-
-IVPN Team
diff --git a/src/content/es/blog/ivpn-for-ios-now-offers-dns-over-https.md b/src/content/es/blog/ivpn-for-ios-now-offers-dns-over-https.md
deleted file mode 100644
index d026c30ee..000000000
--- a/src/content/es/blog/ivpn-for-ios-now-offers-dns-over-https.md
+++ /dev/null
@@ -1,35 +0,0 @@
----
-title: IVPN for iOS now offers DNS over HTTPS
-url: /blog/ivpn-for-ios-now-offers-dns-over-https/
-highlighted: false
-draft: false
-authors:
-  - Juraj Hilje
-categories:
-  - Releases
-tags:
-  - Apps
-  - Open source
-date: 2021-03-18T14:05:00.000Z
-thumbnailImage: /images-static/uploads/thumb-2x.png
-images:
----
-We are introducing DNS over HTTPS with the latest version of IVPN for iOS (2.3.0), out now.  
-
-What are the new options available?
-
-* For existing Custom DNS settings, it is now possible to enable HTTPS or TLS protocol
-* You can now configure a custom DNS over HTTPS server that is used when there is no VPN connection
-
-<figure class="shadow">
-    <img width="400px" src="/images-static/uploads/disc_customdns.jpg">
-</figure>
-
-To make use of these changes you need iOS 14 or later installed on your devices.
-
-DNS over HTTPS is only available with OpenVPN and WireGuard protocols. For IKEv2 we had to disable this feature due to a bug in iOS 14 that prevents using NEDNSSettingsManager API and NEVPNManager API together from the same container app, resulting in identifier conflict error. We plan to enable the feature for future iOS releases as soon as Apple fixes this issue. 
-
-Further changes in this version:
-
-* WireGuard is now the default protocol.
-* We have upgraded OpenVPN and OpenSSL to the latest version. 
diff --git a/src/content/es/blog/ivpn-infrastructure-fifth-audit-announcement.md b/src/content/es/blog/ivpn-infrastructure-fifth-audit-announcement.md
deleted file mode 100644
index 4ed06b12b..000000000
--- a/src/content/es/blog/ivpn-infrastructure-fifth-audit-announcement.md
+++ /dev/null
@@ -1,30 +0,0 @@
----
-title: IVPN infrastructure is ready for 5th annual security audit
-url: /blog/ivpn-infrastructure-fifth-audit-announcement/
-draft: false 
-authors:
-  - Nick Pestell
-categories:
-  - IVPN News
-tags:
-  - Audit
-  - Security
-date: 2022-12-28T05:04:37.000Z
-thumbnailImage: /images-static/uploads/audit.png
----
-In-line with our commitment to perform an annual security audit of IVPN systems, we have commissioned the independent security auditing organisation [Cure53][1] to conduct a security audit at the end of February 2023. We aim to publish the results of the audit no later than April 2023. 
-
-We have recently decided to upgrade our VPN gateway servers to a new major OS version which includes many configuration changes. The scope of the audit includes a pen-test and thorough security audit of the configuration of these new VPN gateway servers which are currently in a test environment, and due to go into production following the remediation of issues found by Cure53. 
-
-A note on the chosen scope and 'no-logs' audits:
-
-In 2019 IVPN has [commissioned a 'no-logs' audit][2] to demonstrate that our service is not configured to collect and store information relating to customer connections. 
-
-After considering a repeat of this audit scope, we have decided that claims around 'no logs' audits can be misleading, or at best ambiguous to customers. We often remark that audits are just a snapshot in time. Any VPN service receiving a stamp of 'no logs' from independent evaluators can update their systems and start collecting sensitive customer information the following day. 
-
-For this reason, our aim this year, and from now on is arranging audits that focus on parts of our systems that have undergone significant updates. We believe such reviews meaningfully contribute to improving the security of our systems.
-
-
-[1]: https://www.cure53.de 
-[2]: https://www.ivpn.net/blog/ivpn-no-logging-claim-verified-by-independent-audit/
-
diff --git a/src/content/es/blog/ivpn-now-accepts-monero-payments-runs-full-node.md b/src/content/es/blog/ivpn-now-accepts-monero-payments-runs-full-node.md
deleted file mode 100644
index e122482e7..000000000
--- a/src/content/es/blog/ivpn-now-accepts-monero-payments-runs-full-node.md
+++ /dev/null
@@ -1,38 +0,0 @@
----
-title: IVPN now accepts Monero payments, runs full node
-url: /blog/ivpn-now-accepts-monero-payments-runs-full-node/
-highlighted: false
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - IVPN News
-tags:
-  - Subscriptions
-  - Privacy
-date: 2021-01-13T12:00:00.000Z
-thumbnailImage: /images-static/uploads/monero-ivpn.png
-# images:
-#   - /images-static/uploads/
----
-The core mission of IVPN is to help our customers protect their privacy. We believe maintaining financial privacy is important for achieving freedom from surveillance, and we seek to support projects that help this cause.
-
-Bitcoin, as the most widely used cryptocurrency, has great potential to assist us to conduct financial transactions anonymously. Bitcoin transactions, however, are transparent and traceable through blockchain analysis methods. If one correlates your personal information to your wallet address, they can associate your Bitcoin transactions with your persona.
-
-The Monero project aims to improve on the anonymity promise by implementing safeguards against traceability issues by using [ring signatures](https://www.getmonero.org/resources/moneropedia/ringCT.html) and [stealth addresses](https://www.getmonero.org/resources/moneropedia/stealthaddress.html) by default. To help customers subscribe to IVPN anonymously, we now accept Monero as payment for our service. 
-
-Payments deposited go to IVPN's self-hosted Monero wallet, this way both our customers and IVPN maintain independence from centralized payment providers. We also run our own node to verify transactions and to support the Monero network.
-
-As a first step, we have enabled Monero payments for new IVPN accounts and those [registered after 10 November 2020](/blog/new-open-source-ivpn-website-subscribe-without-email/). Existing customers who registered before that date and wish to switch to Monero at once can ask for a refund on their subscription and generate a new account. 
-
-If you are new to cryptocurrencies or Monero, here are a few basic tips to use them to improve your financial privacy:
-
-* When you plan to purchase goods or services online anonymously, use Monero instead of Bitcoin. 
-* Use self-hosted wallets (or just..wallets) as opposed to hosted wallets to hold your cryptocurrency - "[not your keys, not your coins](https://www.youtube.com/watch?v=AcrEEnDLm58&feature=emb_title)".
-* Where possible, pick merchants that accept direct payments to their wallets as opposed to using payment provider intermediaries. 
-
-For detailed information on Monero and more tips on getting started, visit: [https://www.getmonero.org](https://www.getmonero.org/)
-
-We are assessing making other cryptocurrencies available for direct payments in the future; contact us if you have a favored solution we should look into.
-
-IVPN Staff
diff --git a/src/content/es/blog/ivpn-preparing-sixth-security-audit.md b/src/content/es/blog/ivpn-preparing-sixth-security-audit.md
deleted file mode 100644
index e524a5256..000000000
--- a/src/content/es/blog/ivpn-preparing-sixth-security-audit.md
+++ /dev/null
@@ -1,31 +0,0 @@
----
-title: IVPN preparing for 6th annual security audit
-url: /blog/ivpn-preparing-sixth-security-audit/
-highlighted: true
-draft: false
-authors:
-  - Nick Pestell
-categories:
-  - IVPN News
-tags:
-  - Audit
-  - Apps
-  - Transparency
-date: 2024-02-15T12:53:00.000Z
-thumbnailImage: /images-static/uploads/audit.png
----
-Consistent with our pledge to conduct a yearly review of our systems, we have commissioned the independent security auditing organisation [Cure53](https://cure53.de/) to perform a security audit in March 2024. 
-
-As we remarked [last year](https://www.ivpn.net/blog/ivpn-infrastructure-fifth-audit-announcement/), audits we arrange focus on parts of our systems that received significant updates. Accordingly, the scope of the sixth annual security audit will include:
-
-* IVPN website
-
-* IVPN web API
-
-* Related IVPN Web Servers & Infrastructure
-
-The audit will be undertaken by 3 security auditors. We expect a conclusion for the audit and publication of results to happen within the next two months. 
-
-Nick Pestell
-CEO
-IVPN
\ No newline at end of file
diff --git a/src/content/es/blog/ivpn-sixth-security-audit-concluded.md b/src/content/es/blog/ivpn-sixth-security-audit-concluded.md
deleted file mode 100644
index f6708a667..000000000
--- a/src/content/es/blog/ivpn-sixth-security-audit-concluded.md
+++ /dev/null
@@ -1,45 +0,0 @@
----
-title: IVPN web infrastructure security audit concluded
-url: /blog/ivpn-sixth-security-audit-concluded/
-highlighted: true
-draft: false
-authors:
-  - Nick Pestell
-categories:
-  - IVPN News
-tags:
-  - Audit
-  - Apps
-  - Transparency
-date: 2024-04-11T08:53:00.000Z
-thumbnailImage: /images-static/uploads/audit.png
----
-We're pleased to announce that a sixth annual independent security audit has concluded. The assessment focused on Web UI, backend components, API endpoints, underlying web servers, and web infrastructure. 
-
-We'd like to share two key excerpts from the report:
-
-> “The IVPN Customer website and underlying servers presented a substantially secure posture during the assessment. This is reflected in the limited findings identified within this report, consisting solely of two Low-severity vulnerabilities and two general weaknesses. The successful mitigation of a wide range of common web application risks is a testament to the effectiveness of the security measures implemented by the project overseers.”
-
-> “To finalize, Cure53 is undeniably impressed with the overall security posture of the IVPN Customer website and its underlying infrastructure. The codebase exhibits assured standards of quality, while the implemented architecture and frameworks demonstrate a strong foundation in secure design principles.”
-
-## Audit results
-
-The Cure53 team conducted the audit over 8 days in March 2024. The audit was divided into three work packages:
-
-- White-box pentests & code audits against IVPN Customer website UI
-- White-box pentests & code audits against IVPN Customer website API
-- Gray-box pentests & scans against related IVPN web-servers & infrastructure
-
-A white-box approach was used whereby the auditors had access to our public and private Github code repositories and a dedicated test environment. No access to production servers or infrastructure was granted to members of the Cure53 team.
-
-A total of two vulnerabilities (low severity) and two general issues (info level) were identified. All vulnerabilities have been remediated. 
-
-We have made the [Cure53 report][1] available for those interested in the details. For transparency we decided to publish the full report with only potentially sensitive information redacted (e.g. internal hostnames).
-
-## Commitments going forward 
-
-We believe that extensive regular audits are necessary to ensure our customer’s security and continued trust. We continue to commit to an annual security audit where we will focus on those parts of our infrastructure and apps that we believe to be the most critical.
-
-IVPN Team
-
-[1]: https://cure53.de/pentest-report_IVPN_2024.pdf
\ No newline at end of file
diff --git a/src/content/es/blog/ivpn-tunnelcrack-vulnerability-assessment.md b/src/content/es/blog/ivpn-tunnelcrack-vulnerability-assessment.md
deleted file mode 100644
index 212a01493..000000000
--- a/src/content/es/blog/ivpn-tunnelcrack-vulnerability-assessment.md
+++ /dev/null
@@ -1,70 +0,0 @@
----
-title: IVPN TunnelCrack vulnerability assessment
-url: /blog/ivpn-tunnelcrack-vulnerability-assessment/
-highlighted: false
-authors:
-  - IVPN Staff
-categories:
-  - Privacy & Security
-tags:
-  - security
-  - apps
-date: 2023-09-07T08:25:00.000Z
-thumbnailImage: /images-static/uploads/tunnelcrack.png
----
-## Context
-
-[TunnelCrack][1] is the combination of two independent security vulnerabilities (LocalNet attack and ServerIP attack) that affect VPN applications. The research paper detailing these vulnerabilities was published and presented on 11 August 2023. IVPN apps were not tested by the researchers, and unlike other providers, we did not receive a vulnerability disclosure.
-
-We have completed the assessment and investigation of the current IVPN applications on each platform we support. Below you can review the results of this process.
-
-
-## Assessment of IVPN apps 
-
-In summary:
-
-- iOS IVPN app was vulnerable to LocalNet attack, as LAN traffic was going outside the VPN tunnel by default when the VPN connection was active.  This was identified as a consistent issue across all VPN providers assessed during the research.
-- Desktop and Android IVPN apps were potentially vulnerable to LocalNet attack, when local network traffic bypassing was enabled in the app (disabled by default).
-- Android app was potentially vulnerable to ServerIP attack, in an event of backend failure when OpenVPN protocol was used.
-
-The detailed assessment below covers the IVPN application versions in production at the time TunnelCrack details were released (Windows v3.11.15, macOS and Linux v3.11.14, iOS v.2.10.0, Android v.2.10.0). As highlighted after each section, all potential vulnerabilities were patched and released with the latest IVPN app versions released since then. 
-
-For a detailed explanation of the possible attacks please consult the [dedicated website][1] or the [research paper][2] about TunnelCrack.
-
-
-
-
-## LocalNet attack
-
-The **LocalNet attack** enables an adversary to leak traffic outside the VPN tunnel by making a remote server appear to be on the local network.
-
-**Desktop (macOS, Linux, Windows)** - Potentially vulnerable on all desktop platforms if the option Allow LAN traffic when IVPN firewall is enabled was activated. This option is **disabled** by default in the IVPN desktop apps.
-
-> This issue is fixed in the latest version of IVPN for Desktop apps. The IVPN Firewall now adds exceptions only for non-routable IP addresses of local interfaces.
-
-**Android**  - Potentially vulnerable when the option Bypass VPN for local networks was activated. This option is **disabled** by default in the IVPN Android app.
-
-> This issue is fixed in the latest version of IVPN for Android apps. The app disables local network access when the local network is using public IP addresses.
-
-**iOS** - IVPN for iOS was vulnerable to this type of attack. When VPN connection was active, LAN traffic went outside VPN tunnel by default.
-
-> In the latest version of IVPN for iOS apps, we have added a new "Disable LAN traffic" option that offers a fix for this issue when using OpenVPN and WireGuard protocols. When enabled, the app will not allow any traffic outside VPN tunnel to the local network. This solution is implemented using ‘includeAllNetworks’ and ‘excludeLocalNetworks’ APIs. When enabled, it can cause connectivity issues, e.g. loosing connection when switching from WiFi to cellular network.
-
-&nbsp;
-## ServerIP attack
-
-The **ServerIP** attack detailed in the research uses DNS to spoof the IP address of the VPN server before the VPN is enabled. Traffic can be eavesdropped because the traffic for a VPN server is routed outside the tunnel. A proxy on the spoofed IP address passes VPN traffic to the correct VPN server so the user is unaware of an issue.
-
-**Desktop (macOS, Linux, Windows)** - IVPN desktop apps are not vulnerable to this type of attack because adversaries are unable to spoof the VPN host IP. The apps do not use DNS to access VPN hosts, while data obtained from the VPN API server is protected by a certificate pinning mechanism.
-
-**Android**  - IVPN for Android app was potentially vulnerable to the ServerIP attack. 
-The app uses certificate pinning when accessing api.ivpn.net, blocking any communication with a spoofed API server, thus obtaining a spoofed server IP address is not plausible. However, in the event of a backend failure the Android app obtained an empty server IP list, and connected to the VPN server using DNS as a fallback. This issue was only applicable to connections through the OpenVPN protocol. WireGuard connections are not affected.
-
-> This issue is fixed in the latest version of IVPN for Android apps. We have removed the fallback logic to connect using DNS (hostname), and the app now only connects to an OpenVPN server using an IP address.
-
-**iOS** - Our iOS application is not vulnerable to this type of attack. The app uses certificate pinning when accessing api.ivpn.net, and blocks any communication with spoofed API server, so obtaining a spoofed server IP address is not plausible. The app does not use DNS to access VPN servers, only IP addresses. 
-
-
-
- [1]: https://tunnelcrack.mathyvanhoef.com/
- [2]: https://papers.mathyvanhoef.com/usenix2023-tunnelcrack.pdf
diff --git a/src/content/es/blog/kill-switch-and-wireguard-multi-hop-added-to-ivpn-for-ios.md b/src/content/es/blog/kill-switch-and-wireguard-multi-hop-added-to-ivpn-for-ios.md
deleted file mode 100644
index 7ab3a62f3..000000000
--- a/src/content/es/blog/kill-switch-and-wireguard-multi-hop-added-to-ivpn-for-ios.md
+++ /dev/null
@@ -1,22 +0,0 @@
----
-title: Kill Switch and WireGuard Multi-hop added to IVPN for iOS
-url: /blog/kill-switch-and-wireguard-multi-hop-added-to-ivpn-for-ios/
-highlighted: false
-draft: false
-authors:
-  - Juraj Hilje
-categories:
-  - Releases
-tags:
-  - Apps
-  - Security
-date: 2021-11-09T08:00:00.000Z
-thumbnailImage: /images-static/uploads/thumb-2x.png
----
-Kill Switch and WireGuard Multi-hop options are now available in the latest version of our iOS app (v2.5.0).  
-
-The Kill Switch protects from leaking data outside of the VPN by preventing network connections if the tunnel is unavailable. When you enable the IVPN Kill Switch, iOS forces your network traffic over the VPN tunnel. This includes connections to certain Apple services that otherwise [bypass the tunnel](https://nakedsecurity.sophos.com/2020/03/30/apples-ios-13-4-hit-by-vpn-bypass-vulnerability/). When connected to the VPN, if the tunnel becomes unavailable for any reason, the system drops all network connections immediately. Disconnecting manually from the service will not activate the Kill Switch, i.e. non-tunnelled connections will work as expected. 
-
-Kill Switch is currently available for WireGuard and OpenVPN protocols only, as a [bug in iOS](https://developer.apple.com/forums/thread/653116) prevents faultless implementation for IKEv2.
-
-This iOS release also includes WireGuard Multi-hop support. Multi-hop routes your traffic through two VPN servers, offering improved privacy.
diff --git a/src/content/es/blog/kill-switch-changes-ivpn-android.md b/src/content/es/blog/kill-switch-changes-ivpn-android.md
deleted file mode 100644
index 6d363265a..000000000
--- a/src/content/es/blog/kill-switch-changes-ivpn-android.md
+++ /dev/null
@@ -1,32 +0,0 @@
----
-title: Kill switch changes in IVPN for Android
-url: /blog/kill-switch-changes-ivpn-android/
-highlighted: false
-draft: false
-authors:
-  - Aleksandr Mykhailenko
-categories:
-  - Under the Hood
-tags:
-  - Apps
-  - Security
-date: 2021-10-14T10:15:00.000Z
-thumbnailImage: /images-static/uploads/thumb-2x_andr.png
----
-TL;DR - Before our latest Android update (2.7.0) customers had two different options for a kill switch: one implemented by IVPN, and another available through device settings in the Android OS. We have removed our custom solution from the IVPN app and suggest using the native Android solution from now on. 
-
-A Kill switch is implemented to block all network traffic when the VPN connection is active and it fails/disconnects without the user explicitly stopping the connection. We added a custom kill switch to IVPN for Android in 2018 so customers who had no access to the native solution or preferred not to use it could have a different option.
-
-We built our solution on an Android service called VPNService - the same that facilitates the VPN connection. The Android OS can only have one VPNService active at the same time; when one starts, the other stops. This means that the kill switch functionality can only become active after the VPN halts; otherwise, the kill switch would stop the connection.  
-
-What are the ramifications?
-
-1. Since the VPN and the kill switch service cannot run in parallel, there is a small gap between the old service stopping and the new one starting. This has the potential to cause traffic leaks.
-
-2. Due to how Android OS treats service life cycles, there are no guarantees the kill switch service will be active without interruptions:  
-   a. the OS can terminate it when it’s out of memory and for various other reasons - it is possible to restart the service, but traffic may leak before this happens  
-   b. the app may crash for various other reasons  
-
-These cases are unlikely, but they fail to deliver on the promises of a kill switch. Furthermore, most customers can now access the (better) native solution.
-
-For these reasons we have removed the custom solution from the Android app, and we recommend using the native kill switch. You can find a quick guide for enabling it in the IVPN Android app. 
diff --git a/src/content/es/blog/launch-ivpn-light-short-term-vpn-paid-btc-lightning.md b/src/content/es/blog/launch-ivpn-light-short-term-vpn-paid-btc-lightning.md
deleted file mode 100644
index 69b0f95a6..000000000
--- a/src/content/es/blog/launch-ivpn-light-short-term-vpn-paid-btc-lightning.md
+++ /dev/null
@@ -1,37 +0,0 @@
----
-title: Launch of IVPN Light - short-term VPN access paid with BTC Lightning
-url: /blog/launch-ivpn-light-short-term-vpn-paid-btc-lightning/
-highlighted: false
-authors:
-  - Viktor Vecsei
-categories:
-  - Releases
-tags:
-  - subscriptions
-  - wireguard
-date: 2023-09-15T08:25:00.000Z
-thumbnailImage: /images-static/uploads/ivpnlight.png
----
-
-Equipped with a [BTC Lightning wallet](https://bitcoiner.guide/lightning/) and some sats, you can now set up an [IVPN WireGuard tunnel](https://www.ivpn.net/light/) in minutes without creating an account or sharing any personal information. 
-
-Benefits of using [IVPN Light](https://www.ivpn.net/light/): 
-
-- Short duration access option, you can get a "throwaway" VPN tunnel for 3 hours or up to 30 days duration
-- Priced in sats and affordable - you can purchase access for as little as 500 sats (3 hours)
-- Access up to 5 locations or 1 entry-exit node MultiHop combination with one payment
-- No account required - we only keep a record of your Lightning payment on our self-hosted BTCPayServer, no personal information is collected
-
-
-Differences versus a regular [IVPN subscription](https://www.ivpn.net/pricing/): 
-
-- [WireGuard](https://www.wireguard.com/) app or CLI is required to connect, IVPN apps do not support Light tunnels
-- You can only pay with BTC Lightning
-- To continue using the Light service after expiration, you need to purchase access again - no subscription or top-up option
-
-Our general [Privacy Policy](https://www.ivpn.net/privacy) applies to this service.
-
-IVPN Light is an experiment in supporting Lightning adoption. We look forward to your feedback and appreciate any ideas for improvement:
-
-https://github.com/ivpn/ivpn.net  
-https://www.ivpn.net/contactus/ 
diff --git a/src/content/es/blog/misleading-promises-of-the-worlds-fastest-anonymous-military-grade-vpns.md b/src/content/es/blog/misleading-promises-of-the-worlds-fastest-anonymous-military-grade-vpns.md
deleted file mode 100644
index 144aad52d..000000000
--- a/src/content/es/blog/misleading-promises-of-the-worlds-fastest-anonymous-military-grade-vpns.md
+++ /dev/null
@@ -1,163 +0,0 @@
----
-title: Misleading promises of the world's fastest, anonymous, military-grade VPNs
-url: /blog/misleading-promises-of-the-worlds-fastest-anonymous-military-grade-vpns/
-highlighted: false
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - Industry Insights
-tags:
-  - Privacy
-  - Security
-date: 2020-12-04T08:41:00.000Z
-thumbnailImage: /images-static/uploads/greates_cereal.png
-images:
-  - /images-static/uploads/greatest_cereal_og.jpg
----
-Trust is hard to build and telling the truth is a valuable habit to support this process.
-
-Trust is also easy to lose and telling lies (even white ones) is a fast way to diminish it.
-
-When picking a VPN service, the most important questions to ask are: do I trust them to act in my best interest? Can I trust that they do not inspect my traffic or log my activities?
-
-Most popular VPN services are guilty of a practice that plagues bad parenting, budding relationships and political discourse: false promises. However, they stay popular as most customers don’t know they were enticed by lies.
-
-We discussed how popular providers over-promise in our earlier post, ‘[Why you don’t need a VPN](/blog/why-you-dont-need-a-vpn/)’. Now we observe the five most common, misleading tropes in the industry.
-
-TL;DR - 9 out of 10 of frequently recommended VPN services we observed used at least one of the misleading wordings we have identified. The three boldest (PIA, HotSpotShield, CyberGhost) used all five. TunnelBear was the only provider to pass with a clean slate.
-
-Here are the promises and claims we recommend providers to get rid of:
-
-* * *
-
-## 1\. “Become anonymous”
-
-and its variations, “achieve anonymity”, “total anonymity”, or “surf the web without a trace”.
-
-Perfect anonymity online is close to impossible to attain. You need to understand your threat model, use tactics like compartmentalization, airgapped and burner devices, getting around device fingerprinting... and the list goes on. Using a VPN alone will get you nowhere near an anonymous presence online. You can be tracked without major efforts after giving out personally identifiable information, through collected behavioral data and with cross-device tracking.
-
-VPN services promising “total anonymity” are not just misleading, they are dangerous to their customers - especially to journalists, dissidents and people living under totalitarian regimes. Why do they do this? Because fear, uncertainty and doubt creates a strong emotional need, and promising a cure-all sells the service.
-
-6 out of 10 most recommended providers are guilty of promising “anonymity” in some shape or form.
-
-Misleading samples:  
-ExpressVPN home page - "Stay secure and anonymous online"  
-CyberGhost home page - Promises "total data anonymity across all apps and platforms"  
-ProtonVPN home page - "Our anonymous VPN service enables Internet without surveillance"
-
-{{< figure src="/images-static/uploads/Screenshot-2020-11-18-at-17.44.14.png" title="Using a no-logs VPN does not make you anonymous - ExpressVPN disagrees" >}}
-
-## 2\. “Complete privacy”
-
-and its variations, "most private", perfect privacy", "truly private browsing” or "absolute privacy".
-
-Next on the list is the little brother of the anonymity promise, “perfect privacy”. Privacy is a spectrum. Just as zero privacy is not possible - even in extreme cases your thoughts can remain private - you cannot attain complete privacy either. There are many ways to capture your behavior, actions and inputs offline and online, generating pieces of data that reflect a piece of your personality or behavior. That data can be used to violate your privacy.
-
-Some providers also add “total security” and “perfect security” to their promises - a similarly dumbfounded claim.
-
-6 out of 10 most recommended providers are guilty of promising “complete privacy” or variation of it.
-
-Misleading samples:  
-Private Internet Access home page, black friday promo - "Full online privacy for only 1,94 €/month"  
-SurfShark country promo pages - "allows you to surf in complete privacy"  
-VyprVPN (get vyprvpn page) - "Total Privacy and Security"
-
-{{< figure src="/images-static/uploads/Screenshot-2020-12-02-at-17.33.47.png" title="Absolute privacy and total data anonymity provided by CyberGhost" >}}
-
-## 3\. “Fastest VPN”
-
-and “highest speeds” or “best VPN speeds”.
-
-Using a mediocre VPN can slow your connection down - speed matters, and this pushes brands to make lofty claims about it.
-
-Yet most VPN companies use the same service providers and very similar hardware setups to run their servers. Recent advancements in VPN protocols (particularly WireGuard) offer better speeds, but if the “best” services use them, it creates no speed advantages for any of them.
-
-While many other factors affect your connection speed, you need to trust your VPN to pick good infrastructure partners, use the latest hardware, deploy the best protocols, not oversell their servers or throttle your speeds.
-
-Good VPN providers will likely yield similar speeds for a significant sample size of customers averaged over time. Measurements will vary across different locations, devices, times, etc. and network conditions change all the time. There are no universally applicable metrics to award the title of “Fastest VPN”.
-
-For these reasons such claims can not be true, and assuming one service will offer the fastest connection for each potential subscriber is misleading.
-
-Misleading samples:  
-NordVPN Fast VPN page - "The fastest VPN experience on the planet"  
-HotSpotShield Fastest VPN page - "Get the world’s fastest VPN experience"  
-TorGuard VPN and Proxy network page - "The fastest VPN and Proxy Network"
-
-{{< figure src="/images-static/uploads/Screenshot-2020-11-18-at-18.14.00.png" title="NordVPN promises the best possible speed for every person on Earth" >}}
-
-## 4\. “Military grade encryption”
-
-or "industry-leading encryption" and "most encryption".
-
-“Military grade encryption” is a popular marketing gimmick in the VPN provider sales vocabulary. There is no fixed standard set in militaries for encryption, and implementations vary across different segments of armed forces.
-
-There are weak encryption protocols which you obviously don’t want to see used by a VPN service e.g. PPTP. However, the vast majority of providers implement the same level of encryption using OpenVPN or Wireguard with the default cipher (AES-256-GCM / ChaCha20). Providers don’t develop their own encryption protocols (excluding obfuscation layers). Providers calling their encryption technology “industry-leading” is misleading.
-
-Misleading samples:  
-ExpressVPN Blog - "ExpressVPN for routers protects all your devices with military grade encryption!"  
-Private Internet Access home page - "...to provide the highest speeds and most encryption."  
-SurfShark streaming promo - "all of your data is protected by a military-grade encryption system"
-
-{{< figure src="/images-static/uploads/Screenshot-2020-12-01-at-16.46.51.png" title="Three paragraphs, at least three misleading claims by PIA" >}}
-
-## 5\. “The best VPN”
-
-or "market leading VPN" and “best VPN for X”.
-
-Eight out of ten VPN providers we looked at claimed they are the best for everyone or for a specific purpose. This number alone demonstrates the issue with this claim.
-
-No VPN solution works universally well for each customer’s needs. A comparison website, after careful, independent evaluation might judge that a brand offers the “best all-around solution on the market”. But for service providers to claim they are the best for you is a bold move.
-
-This problem points to a general issue with US-focused marketing, where advertisers enjoy flexibility for wording in advertising. But even there you need to support your claims with substantial, objective evidence.
-
-Misleading samples:  
-TorGuard country promo pages - "Don’t settle for second best. Use the best VPN for Australia."  
-NordVPN home page title - "NordVPN: Best VPN service. Online security starts with a click."  
-VyprVPN home page - "Get the best VPN for streaming with lightning-fast and reliable connections"
-
-{{< figure src="/images-static/uploads/Screenshot-2020-12-01-at-16.45.31.png" title="Surfshark working hard to rank for \"best VPN\" keywords" >}}
-
-* * *
-
-We have empathy for the marketing teams of VPN providers. The competition is fierce. Writing copy that sells is hard. You need to optimise for juicy search keywords.
-
-Yet, you should not make promises or claims that are untrue.
-
-Start removing the misleading words from your websites today.
-
-* * *
-
-_Addendum:_
-
-VPN providers included in this research and their score:  
-Private Internet Access 5/5  
-CyberGhost 5/5  
-HotSpotShield 5/5  
-TorGuard 4/5  
-NordVPN 4/5  
-ExpressVPN 4/5  
-VyprVPN 3/5  
-SurfShark 3/5  
-ProtonVPN 1/5  
-TunnelBear 0/5
-
-[Download](/resources/misleading_overpromise.xlsx) the full table to review scores.
-
-All websites were observed during a period between 15 November and 1 December 2020.
-
-References:  
-<a href="https://www.cyberghostvpn.com/en_US/" rel="nofollow">https://www.cyberghostvpn.com/en_US/</a>  
-<a href="https://www.expressvpn.com" rel="nofollow">https://www.expressvpn.com</a>  
-<a href="https://protonvpn.com" rel="nofollow">https://protonvpn.com</a>  
-<a href="https://www.privateinternetaccess.com" rel="nofollow">https://www.privateinternetaccess.com</a>  
-<a href="https://surfshark.com/servers/turkey" rel="nofollow">https://surfshark.com/servers/turkey</a>  
-<a href="http://get.vyprvpn.com" rel="nofollow">get.vyprvpn.com</a>  
-<a href="https://www.hotspotshield.com/what-is-a-vpn/fastest-vpn/" rel="nofollow">https://www.hotspotshield.com/what-is-a-vpn/fastest-vpn/</a>  
-<a href="https://torguard.net/network/" rel="nofollow">https://torguard.net/network/</a>  
-<a href="https://nordvpn.com/features/fast-vpn/" rel="nofollow">https://nordvpn.com/features/fast-vpn/</a>  
-<a href="https://www.expressvpn.com/blog/popular-vpn-app-for-routers/" rel="nofollow">https://www.expressvpn.com/blog/popular-vpn-app-for-routers/</a>  
-<a href="https://surfshark.com/blog/how-to-stream-premier-league" rel="nofollow">https://surfshark.com/blog/how-to-stream-premier-league</a>  
-<a href="https://torguard.net/australia-vpn.php" rel="nofollow">https://torguard.net/australia-vpn.php</a>  
-<a href="https://nordvpn.com" rel="nofollow">https://nordvpn.com</a>  
-<a href="https://www.vyprvpn.com" rel="nofollow">https://www.vyprvpn.com</a>  
diff --git a/src/content/es/blog/new-ivpn-apps-for-macos-and-windows.md b/src/content/es/blog/new-ivpn-apps-for-macos-and-windows.md
deleted file mode 100644
index bf4e4a92b..000000000
--- a/src/content/es/blog/new-ivpn-apps-for-macos-and-windows.md
+++ /dev/null
@@ -1,54 +0,0 @@
----
-title: New IVPN apps for macOS and Windows
-url: /blog/new-ivpn-apps-for-macos-and-windows/
-highlighted: false
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - Releases
-tags:
-  - Apps
-  - Open source
-date: 2021-03-25T10:25:00.000Z
-thumbnailImage: /images-static/uploads/macos_ivpn_map_thumb.png
-images:
-  - /images-static/uploads/macos_ivpn_map.png
----
-Today marks the release of new macOS and Windows desktop apps that improve on the previous IVPN experience in a number of ways. It's easier to search for and discover servers to connect to, frequently used settings became more accessible and we provide better visual verifications of your connected status. A new QR code based setup method, first added to our [mobile apps](/blog/release-revamped-ivpn-app-iphones-ipads/), is now also available in the desktop apps.
-
-The goal with this project was to deliver a secure and intuitive app experience using a single unified code base for Linux, macOS and Windows. New IVPN for [macOS](/apps-macos) and [Windows](/apps-windows/) versions (v3.3.1) are now available to download and install from our website or through checking for updates in the apps manually.
-
-Please note that the new IVPN desktop apps do not support 32-bit operating system versions. If you are on such a system we recommend either upgrading to a 64-bit OS, or keeping current IVPN versions to continue using our service.
-
-An overview on the most important changes in the new IVPN desktop apps:
-
-1.  A map is now available for selecting servers. Your new public IP and location is visible in the app. Firewall and AntiTracker settings, along with protocol switching is easy to access.
-
-    <figure>
-        <img width="700px" src="/images-static/uploads/macos_ivpn_map.png"> 
-    </figure>
-
-2.  Server selection now offers search, server sorting and favorite servers options. You can also set the locations to exclude for Fastest server connection.
-
-    <figure>
-        <img width="700px" src="/images-static/uploads/macos_ivpn_servers.png"> 
-    </figure>
-
-3.  Dark theme is now available on IVPN for Windows.
-
-    <figure>
-        <img width="658px" src="/images-static/uploads/windows_dark_mode.png">
-    </figure>
-
-4.  New account page featuring a QR code for quick setup on other devices.
-
-    <figure>
-        <img width="650px" src="/images-static/uploads/qr_code_ivpn_setup.png"> 
-    </figure>
-
-As with all our apps, IVPN for macOS and Windows are open source. Review the source code and contribute on our [GitHub page](https://github.com/ivpn).
-
-You can also [contact us](/contactus/) to share your experience or report any issues with the new apps.
-
-IVPN Staff
diff --git a/src/content/es/blog/new-ivpn-for-android-version-v2.4.0-with-bypass-vpn-and-mock-location-options.md b/src/content/es/blog/new-ivpn-for-android-version-v2.4.0-with-bypass-vpn-and-mock-location-options.md
deleted file mode 100644
index 1fa21100f..000000000
--- a/src/content/es/blog/new-ivpn-for-android-version-v2.4.0-with-bypass-vpn-and-mock-location-options.md
+++ /dev/null
@@ -1,36 +0,0 @@
----
-title: New IVPN for Android version v2.4.0 with bypass VPN and mock location options
-url: /blog/new-ivpn-for-android-version-v2.4.0-with-bypass-vpn-and-mock-location-options/
-highlighted: false
-draft: false
-authors:
-  - Aleksandr Mykhailenko
-categories:
-  - Releases
-tags:
-  - Apps
-  - Privacy
-date: 2021-04-19T08:25:00.000Z
-thumbnailImage: /images-static/uploads/thumb-2x_andr.png
----
-IVPN for Android app v2.4.0 is now available to download from the Play Store and our website. Two key additions to this version allow you to bypass the VPN for local networks and to mock your location information.
-
-With the ‘Bypass VPN for local networks’ feature you can access devices on the local network whilst connected e.g. your network printer.
-
-<figure class="center">
-    <img width="390px" src="/images-static/uploads/ivpn-for-android-version-v2.4.0-1.png"> 
-</figure>
-
-The Mock location option offers additional privacy gains. There are numerous ways to track information about you while you are using an Android device - chief amongst them is harvesting your GPS location. The data from this source can be used, for example, by advertising networks to generate personalized ads targeting you. 
-
-To help you prevent this problem, we have added the ‘Mock Location’ feature to the IVPN app. It allows matching your GPS location with a VPN server location. To enable this feature go to the advanced settings section in the IVPN client and follow the setup guides - some steps will require you to change device settings. 
-
-Please note that the Mock location feature is not foolproof, so we discourage relying on it if you need to protect your location information in high-risk scenarios.
-
-<figure class="center">
-    <img width="390px" src="/images-static/uploads/ivpn-for-android-version-v2.4.0-2.gif"> 
-</figure>
-
-We hope these additions will help you achieve a seamless always-on VPN experience and offer increased privacy protections.
-
-[Contact us](/contactus/) to share any feedback and suggestions about this release.
diff --git a/src/content/es/blog/new-ivpn-linux-app-with-gui-now-available.md b/src/content/es/blog/new-ivpn-linux-app-with-gui-now-available.md
deleted file mode 100644
index 0aec5c2eb..000000000
--- a/src/content/es/blog/new-ivpn-linux-app-with-gui-now-available.md
+++ /dev/null
@@ -1,48 +0,0 @@
----
-title: New IVPN Linux app with GUI now available
-# Example: /blog/this-is-a-good-post
-url: /blog/ivpn-linux-app-gui-available/
-highlighted: true
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - Releases
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - Apps
-  - Open Source
-date: 2020-10-13T12:08:38.756Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/screenshot-2020-10-13-at-14.11.13.png
-# Ratio 1:1, example 500x500
-images:
-  - /images-static/uploads/clipboard-october-9-2020-1_38-pm.png
----
-Improving the user experience for Linux customers has been a big priority for us in 2020. Earlier this year we released a fully featured CLI app. Today, following the redesigned Android and iOS/iPadOS apps, we are releasing the next iteration of our Linux app with a graphical interface.
-
-A quick overview of the app:
-
-![server selection ivpn linux gui](/images-static/uploads/clipboard-october-9-2020-1_39-pm.png)
-
-*Interactive map with server choice screens for single- and multi-hop connections*
-
-![quick settings ivpn linux gui](/images-static/uploads/clipboard-october-9-2020-1_38-pm.png)
-
-*Accessible Firewall + AntiTracker toggle and quick protocol switcher*
-
-![protocol settings ivpn linux gui](/images-static/uploads/clipboard-october-12-2020-3_00-pm.png)
-
-*Further protocol, DNS and Firewall options under Settings*
-
-![account setup ivpn linux gui](/images-static/uploads/clipboard-october-9-2020-1_39-2-pm.png)
-
-*Account overview with QR code for quick setup on other devices*
-
-We have tested the app on current Debian and Red Hat based distributions including CentOS, Debian 64, Fedora and Ubuntu. Your mileage may vary - [let us know](https://www.ivpn.net/contactus/ "https\://www.ivpn.net/contactus/") if you encounter any issues.
-
-The app is open source - you can review its code and contribute [on GitHub](https://github.com/ivpn/desktop-app).
-
-Download IVPN for Linux [here](https://www.ivpn.net/apps-linux/) to get started. [Contact us](https://www.ivpn.net/contactus/ "https\://www.ivpn.net/contactus/") if you have any feedback or suggestions.
-
-IVPN Staff
\ No newline at end of file
diff --git a/src/content/es/blog/new-open-source-ivpn-website-subscribe-without-providing-your-email.md b/src/content/es/blog/new-open-source-ivpn-website-subscribe-without-providing-your-email.md
deleted file mode 100644
index 2f3d14800..000000000
--- a/src/content/es/blog/new-open-source-ivpn-website-subscribe-without-providing-your-email.md
+++ /dev/null
@@ -1,52 +0,0 @@
----
-title: "New open-source IVPN website: subscribe without providing your email"
-# Example: /blog/this-is-a-good-post
-url: /blog/new-open-source-ivpn-website-subscribe-without-email/
-highlighted: true
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - IVPN News
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - Open Source
-  - Privacy
-  - Transparency
-  - Subscriptions
-date: 2020-11-10T11:33:25.348Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/screenshot-2020-11-10-at-13.30.29.png
-# Ratio 1:1, example 500x500
-images:
-  - /images-static/uploads/screenshot-2020-11-10-at-13.38.57.png
----
-**In a nutshell**
-
-Generating an account for our VPN service no longer requires an email address, and we dropped renewing subscriptions by default in favor of a pre-paid system. We have introduced a new onboarding process with QR code setup, and two-factor authentication for account IDs that act as a sole identifier.\
-We have also changed our website structure and copy, emphasizing our policies and the limitations of VPNs. The website is now open-source on GitHub and supports light/dark mode switching.
-
-**Why the changes?**
-
-We've been vocal about the shortcomings of the VPN industry and our competitors for multiple reasons. Two of them stand out:
-
-1. VPN services promise privacy protection, yet most of them collect and share personally identifiable information about you. Methods for this include using Google Analytics, website trackers and third-party tools - all shunned by IVPN. A handful of services stopped these violations, but yet they still require an email address to sign up. Disclosing your email address makes you personally identifiable and should not be necessary to subscribe to a privacy protection service.
-2. Most VPN services over-promise on the actual value they offer - they claim to make you anonymous and invisible on the internet and pledge to solve every privacy problem online. As we have demonstrated in a [previous blog post](https://www.ivpn.net/blog/why-you-dont-need-a-vpn/), false promises are rampant on VPN websites, marketing materials and landing pages. We aim to do better, and do it in the most transparent way possible.
-
-![ivpn new website dark mode do you need a vpn](/images-static/uploads/screenshot-2020-11-10-at-13.26.14.png)
-
-**What has changed exactly?**
-
-1. We have dropped the email address requirement and removed our initial signup form. From now on, customers create a unique identifier instantly by pressing a 'Generate account' button. The generated Account ID is the only information you need to manage your account and use our service (please keep it secret, keep it safe - 2FA is supported). If you pay for your subscription with cash or anonymously sourced cryptocurrency, no personally identifiable information can be tied to your IVPN account.
-2. Our subscriptions are now pre-paid by default. Getting a recurring subscription is optional during account generation, and we don't store any payment details unless you ask us to. You can now add 2 and 3 years of service time with one payment (and a discount). 
-3. We have revamped our website and written new copy that's clear on VPN capabilities and their value for privacy protection. Review our home page to see how we think a responsible VPN service should communicate without overselling or creating fear, uncertainty, and doubt.
-4. The IVPN website - following precedent set by our apps - is now open-source. Source code is available on [GitHub](https://github.com/ivpn/ivpn.net/). You can follow changes to any page on [ivpn.net](https://ivpn.net/ "https://ivpn.net"), e.g. our Privacy Policy or Terms of Service.
-
-![ivpn signup form without email prepaid](/images-static/uploads/screenshot-2020-11-10-at-13.38.57.png)
-
-Note to current IVPN subscribers:
-
-* As a first step, we have implemented our new account creation flow and client area only for newly created subscriptions.
-* We plan to migrate each existing, previously created account to the new system later this year and offer an automated method for removing your email address on file.
-
-IVPN Staff
\ No newline at end of file
diff --git a/src/content/es/blog/privacy-issue-real-vpns-alone-cant-solve-it.md b/src/content/es/blog/privacy-issue-real-vpns-alone-cant-solve-it.md
deleted file mode 100644
index d6c91f546..000000000
--- a/src/content/es/blog/privacy-issue-real-vpns-alone-cant-solve-it.md
+++ /dev/null
@@ -1,140 +0,0 @@
----
-title: The privacy issue is real and you can't solve it with just a VPN
-url: /blog/privacy-issue-real-vpns-alone-cant-solve-it/
-highlighted: false
-authors:
-  - Viktor Vecsei
-categories:
-  - Industry Insights
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - privacy
-date: 2020-08-13T11:25:00.000Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/screenshot-2020-08-13-at-14.57.09.png
-# Ratio 1:1, example 500x500
-images:
-  - /images-static/uploads/image-from-rawpixel-id-323097-jpeg-1-.jpg
----
-In the two previous posts in our series we have discussed even though mainstream VPN providers [over-promise on their services](https://www.ivpn.net/blog/why-you-dont-need-a-vpn/ "https\://www.ivpn.net/blog/why-you-dont-need-a-vpn/"), VPNs are useful and [necessary tools](https://www.ivpn.net/blog/vpn-imperfect-necessary-privacy-enhancing-tools/ "https\://www.ivpn.net/blog/vpn-imperfect-necessary-privacy-enhancing-tools/") for privacy protection. This third post looks beyond promises of VPNs to examine why and how sensitive data is accumulated of our lives, and what can we do about it. 
-
-In short, while some tools for surveillance resistance are useful to protect your privacy, we must take further actions to enact systemic changes.
-
-- - -
-
-## Privacy is a new, but fundamental human concept
-
-Ever since chimneys made fireplaces possible, the potential of having a private, safe space you can call a home fundamentally changed how humans relate to themselves and each other. Walls and closed doors shut out prying eyes, and the possibility of not sharing every detail of our lives [strengthened our agency](https://edri.org/evolution-concept-privacy/ "https\://edri.org/evolution-concept-privacy/") and helped [individual thinking flourish](https://constitutioncenter.org/blog/contraception-marriage-and-the-right-to-privacy "https\://constitutioncenter.org/blog/contraception-marriage-and-the-right-to-privacy"). Having multiple devices connected 24/7 to the Internet in your home is dismantling this status quo, as intimate details of your activities are shared with those you don’t even know. Very little you do on your phone escapes monitoring by multiple entities, microphones are listening in on your home, while police [have access](https://www.newsweek.com/amazon-ring-drones-monitor-protests-1523856) to cameras looking at your front lawn. There is no escape from surveillance.
-
-![privacy shielded by your home](/images-static/uploads/image-from-rawpixel-id-459469-jpeg-1-.jpg)
-
-Privacy, as a commonly accepted social convention, was unknown a thousand years ago. Now life in a true, thriving democracy cannot be complete without it. Lacking privacy, the possibility of experimentation and progress become stunted because of [chilling effects](https://www.socialcooling.com/ "https\://www.socialcooling.com/"). Discrimination and human rights abuses face [less obstacles](https://www.tandfonline.com/doi/full/10.1080/23738871.2016.1228990 "https\://www.tandfonline.com/doi/full/10.1080/23738871.2016.1228990"). Long arms of a government following an authoritarian vision can label, [locate, harass and discredit](https://www.theatlantic.com/magazine/archive/2020/09/china-ai-surveillance/614197/ "https\://www.theatlantic.com/magazine/archive/2020/09/china-ai-surveillance/614197/") anyone not following an agenda. Profit driven data collection [drives your profiling](https://www.salon.com/2020/06/20/were-losing-the-war-against-surveillance-capitalism-because-we-let-big-tech-frame-the-debate/ "https\://www.salon.com/2020/06/20/were-losing-the-war-against-surveillance-capitalism-because-we-let-big-tech-frame-the-debate/") with information from multiple sources chained together - mapping out your past, monitoring your present, directing your future. We established in our [earlier post ](https://www.ivpn.net/blog/vpn-imperfect-necessary-privacy-enhancing-tools/ "https\://www.ivpn.net/blog/vpn-imperfect-necessary-privacy-enhancing-tools/")even if you think have nothing to hide, those profiling you hold power over you.
-
-## Small breaches of trust set up large violations
-
-Here is why the privacy issue is so hard to pin down: most actions that end up causing privacy violations happen ‘in the dark’ and without us realising their long-term effect. A piece of data collected is seemingly harmless - but small increments in loss of control set us up for an enormous leap in violations. Google storing [thousands](https://www.theguardian.com/commentisfree/2018/mar/28/all-the-data-facebook-google-has-on-you-privacy "https\://www.theguardian.com/commentisfree/2018/mar/28/all-the-data-facebook-google-has-on-you-privacy") of personal data points on me? No problem, they are just building a better product. Facebook having [hundreds of pictures](https://www.businessinsider.com/instagram-facing-500-billion-in-fines-in-facial-recognition-lawsuit-2020-8?r=US&IR=T) of all your family members to [train their machine learning algorithm](https://bgr.com/2019/07/05/facebook-outage-reveals-ai-catalogs-every-photo-you-upload/ "https\://bgr.com/2019/07/05/facebook-outage-reveals-ai-catalogs-every-photo-you-upload/")? Everyone does that, it’s normal (no, they don’t, and [it’s not](https://www.cnet.com/news/amazon-google-and-microsoft-sued-over-photos-in-facial-recognition-database/?mkt_tok=eyJpIjoiTmpobE1EYzJZekJrTWpReCIsInQiOiJJSTgyWUZQZ3hEZU9xQnR5MEpuYUEzRmE4UWNWVDM4NmhkbzF0VERMWXF0VDl0VittTGtHdVB5SEFwdFVHYktmWDJQXC9kMzBiK1NhZmVHZW9XdmhpTzAya051XC9QNVk0NXBSRWlPS3BiVzQ5N0M2dm1TZXVWczJUWHpQeHh3ZFBTIn0%3D "https\://www.cnet.com/news/amazon-google-and-microsoft-sued-over-photos-in-facial-recognition-database/?mkt_tok=eyJpIjoiTmpobE1EYzJZekJrTWpReCIsInQiOiJJSTgyWUZQZ3hEZU9xQnR5MEpuYUEzRmE4UWNWVDM4NmhkbzF0VERMWXF0VDl0VittTGtHdVB5SEFwdFVHYktmWDJQXC9kMzBiK1NhZmVHZW9XdmhpTzAya051XC9QNVk0NXBSRWlPS3BiVzQ5N0M2dm1TZXVWczJUWHpQeHh3ZFBTIn0%3D")).
-
-Corporate entities whose business model rests on violating your privacy log your actions, thoughts, secrets and desires. They predict your future steps through these violations, [nudging you](https://theintercept.com/2018/04/13/facebook-advertising-data-artificial-intelligence-ai/ "https\://theintercept.com/2018/04/13/facebook-advertising-data-artificial-intelligence-ai/") into directions you might not explore by your own volition. Your government might [get access](https://www.wsj.com/articles/u-s-government-contractor-embedded-software-in-apps-to-track-phones-11596808801 "https\://www.wsj.com/articles/u-s-government-contractor-embedded-software-in-apps-to-track-phones-11596808801") to [this information](https://theintercept.com/2020/07/09/twitter-dataminr-police-spy-surveillance-black-lives-matter-protests/) (perhaps in an ‘all access backdoor’ form) to use it as they please. Your [credit score may tank](https://www.chron.com/opinion/article/Data-isn-t-just-being-collected-from-your-phone-15449776.php "https\://www.chron.com/opinion/article/Data-isn-t-just-being-collected-from-your-phone-15449776.php"), proper healthcare might [go out of reach](https://www.propublica.org/article/health-insurers-are-vacuuming-up-details-about-you-and-it-could-raise-your-rates "https\://www.propublica.org/article/health-insurers-are-vacuuming-up-details-about-you-and-it-could-raise-your-rates"), you might not get that job or police just knocks on your door [after a lawful protest](https://theintercept.com/2020/07/09/twitter-dataminr-police-spy-surveillance-black-lives-matter-protests/) - because of [privacy violating profiling](https://www.nytimes.com/interactive/2019/12/21/opinion/location-data-democracy-protests.html "https\://www.nytimes.com/interactive/2019/12/21/opinion/location-data-democracy-protests.html"). Global crises offer a [handy](https://www.politico.eu/article/coroanvirus-covid19-surveillance-data/ "https\://www.politico.eu/article/coroanvirus-covid19-surveillance-data/") opportunity for shortcuts leading to normalization of privacy issues. This is not just a problem under authoritarian regimes, but [becoming](https://www.jpost.com/israel-news/israelis-underestimating-gravity-of-govt-surveillance-expert-warns-624891 "https\://www.jpost.com/israel-news/israelis-underestimating-gravity-of-govt-surveillance-expert-warns-624891") [the](https://monitor.civicus.org/updates/2019/07/22/new-mass-surveillance-system-chile/ "https\://monitor.civicus.org/updates/2019/07/22/new-mass-surveillance-system-chile/") [norm](https://www.opendemocracy.net/en/opensecurity/big-democracy-big-surveillance-indias-surveillance-state/ "https\://www.opendemocracy.net/en/opensecurity/big-democracy-big-surveillance-indias-surveillance-state/") in stable democracies around the world.
-
-> Information is power. But like all power, there are those who want to keep it for themselves.\
-> *Aaron Swartz*
-
-The slippery privacy slope we found ourselves on came about organically because of familiar forces that shape our world: money and power. Those raking in the cash and carry out invasive monitoring for control have [no real incentives](https://www.theverge.com/2019/7/12/20692524/facebook-five-billion-ftc-fine-embarrassing-joke "https\://www.theverge.com/2019/7/12/20692524/facebook-five-billion-ftc-fine-embarrassing-joke") to curb their behavior. Capabilities and purpose are both aligned for effective tech companies in monopolistic positions and states with vast resources dismantling checks and balances. While the means are similar for the two groups, their goals are different.\
-For the former, monetisation of the [behavioral surplus](https://sciencenode.org/feature/shoshana-zuboff,-part-two-rendering-reality.php "https\://sciencenode.org/feature/shoshana-zuboff,-part-two-rendering-reality.php") derived from personal information through advertising is the goal. For the latter, dragnet surveillance and bulk data collection provide insights to actions of their citizens, enabling effective monitoring and control. There is no reason to change the status quo: the scope of data collection [will just keep increasing](https://www.idc.com/getdoc.jsp?containerId=prUS45213219 "https\://www.idc.com/getdoc.jsp?containerId=prUS45213219").
-
-## All watched over by machines of data collection
-
-It was a daunting task for us even to contemplate the scope of data harvested from our lives for this post. How does this work in action? Where does data originate? Who is collecting it and what information they derive from it?
-
-![we are all profiled carefully](/images-static/uploads/image-from-rawpixel-id-323097-jpeg-1-.jpg)
-
-1. On the micro-level, [trackers collect](https://petsymposium.org/2020/files/papers/issue2/popets-2020-0038.pdf "https\://petsymposium.org/2020/files/papers/issue2/popets-2020-0038.pdf") individual data points from a distinct source and group it together, representing a sequence or a session
-2. Data processors and their partners [trade, sell and acquire](https://www.ft.com/content/f1590694-fe68-11e8-aebf-99e208d3e521 "https\://www.ft.com/content/f1590694-fe68-11e8-aebf-99e208d3e521") these batches for analysis and other use
-3. By correlating different data sets with matching pieces of personally identifiable information (email address, name, physical address, unique sequence of actions), companies and adversaries match them to [your individual profile](https://www.fastcompany.com/90310803/here-are-the-data-brokers-quietly-buying-and-selling-your-personal-information "https\://www.fastcompany.com/90310803/here-are-the-data-brokers-quietly-buying-and-selling-your-personal-information") with high confidence. They create a chain of events that mirror your life spanning across days, weeks and years.
-4. For targeting purposes, the processors attach labels and flags to profiles that represent your household income, religion, [political preferences](https://twitter.com/VickerySec/status/1292721157888598017 "https\://twitter.com/VickerySec/status/1292721157888598017"), sexual identity and potentially a thousand plus other [inferred data points](https://privacyinternational.org/sites/default/files/2018-04/data%20points%20used%20in%20tracking_0.pdf "https\://privacyinternational.org/sites/default/files/2018-04/data%20points%20used%20in%20tracking_0.pdf").
-5. This information is then used to identify you for [law enforcement purposes](https://www.latimes.com/opinion/story/2020-07-27/lapd-big-data-policing-palantir), to influence your vote or to target you with advertisements carrying the right content, at the right place, at the right time. This is happening with such precision that you might think platforms are now [tapping your phone](https://newatlas.com/computers/facebook-not-secretly-listening-conversations/ "https\://newatlas.com/computers/facebook-not-secretly-listening-conversations/") to figure out your intimate thoughts.
-
-Where is your information leaking? While giving a complete picture is difficult, here are the key sources and channels where data derived from our actions originate and flow through:
-
-| Source                                            | Method                                                                                                                                                               | Information (sample)                                                                       | Sensitive knowledge (e.g.)                                       |
-| ------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------ | ---------------------------------------------------------------- |
-| Internet Service Provider, Cell Provider          | Logging through DNS and [deep packet inspection](https://security.stackexchange.com/questions/155057/my-isp-uses-deep-packet-inspection-what-can-they-observe)       | IP address; websites visited; length of visit                                              | Political affiliation, medical conditions                        |
-| Online services and apps (incl. Facebook, Google) | [Trackers in app](https://petsymposium.org/2020/files/papers/issue2/popets-2020-0017.pdf); customer profiles sold                                                    | IP address, email address,  location information,  customer preferences, generated content | Political affiliation, groups you belong to, what you believe in |
-| Websites you visit                                | [Trackers on website](https://petsymposium.org/2020/files/papers/issue2/popets-2020-0038.pdf); analytics services passing data                                       | IP address, actions taken on website, device information, email address                    | Content preferences, medical conditions, 'risky' research        |
-| Mobile location                                   | [Collecting GPS, cell tower information](https://arstechnica.com/tech-policy/2020/08/beware-of-find-my-phone-wi-fi-and-bluetooth-nsa-tells-mobile-users/)            | Location attached to device ID/phone number                                                | Who you associate with, identity of friends, where do you work   |
-| Credit card purchases                             | [Sharing purchase history ](https://www.forbes.com/sites/petercohan/2018/07/22/mastercard-amex-and-envestnet-profit-from-400m-business-of-selling-transaction-data/) | Date, vendor, item, amount                                                                 | Travel habits, activism support, adult content consumption       |
-| Email provider                                    | Scanning email content [and selling insights](https://www.techradar.com/news/your-email-provider-might-be-selling-your-personal-data)                                | Email content analysis, contacts, metadata                                                 | Secrets, desires, purchase habits, travel habits                 |
-| Health trackers                                   | Logging and selling [biometric data](https://techcrunch.com/2020/02/20/google-gobbling-fitbit-is-a-major-privacy-risk-warns-eu-data-protection-advisor/)             | Heart rate, workout habits                                                                 | Health issues, private life                                      |
-| Connected devices                                 | [Collecting voice](https://www.the-ambient.com/features/how-amazon-google-apple-use-smart-speaker-data-338), device usage data                                       | Search queries, apartment layout, consumption habits                                       | Details on your home, private conversation with family           |
-| Out-of-home                                       | CCTV, facial recognition, workplace monitoring                                                                                                                       | Date/time and location correlated                                                          | Where you are and when, travel habits, daily routine             |
-
-*Selling in the context of ‘Method’ might mean used for monetisation and profit extraction within the same corporate ecosystem. Google and Facebook can safely say ‘We never sell customer information, we care about user privacy’. That is technically correct, but they sell your attention to the highest bidder using private information gathered from you across their different services. Google Analytics, for example, is present on [87% of the 10.000](https://petsymposium.org/2020/files/papers/issue2/popets-2020-0038.pdf "https\://petsymposium.org/2020/files/papers/issue2/popets-2020-0038.pdf") most visited websites.*
-
-## Change is possible, and it starts with you
-
-There are concrete steps you can take today to protect your privacy first, then extend that change to help others do the same. As we discussed [before](https://www.ivpn.net/blog/why-you-dont-need-a-vpn/ "https\://www.ivpn.net/blog/why-you-dont-need-a-vpn/"), in most cases a VPN is not a sufficient solution to tackle privacy issues. To give you pointers for moving beyond one tool, we have collected what can you do to address the key problems:
-
-| Source                                            | Tools for resistance                                                     |
-| ------------------------------------------------- | ------------------------------------------------------------------------ |
-| Internet Service Provider, Cell Provider          | VPN; Tor                                                                 |
-| Online services and apps (incl. Facebook, Google) | Use privacy respecting services; email forwarding services               |
-| Websites you visit                                | Ads and tracker blockers (extensions, VPN)                               |
-| Mobile location                                   | Turn off location sharing; selective permissions; burner phone           |
-| Credit card purchases                             | Card masking services; stick to prepaid cards, cryptocurrency or cash    |
-| Email provider                                    | Use a paid email provider with no-logs policy and no ads (e.g. Tutanota) |
-| Health trackers                                   | Turn off logging and sharing; pick a product with privacy safeguards     |
-| Connected devices                                 | Buy non-connected devices; ditch smart speakers                          |
-| Out-of-home                                       | Wear masks; support anti-FRT legislation.                                |
-
-As you can see, using a VPN only solves one part of the entire issue, and partly helps with another. If you want to improve your privacy protection significantly, you need to do more.
-
-## Further challenges we cannot solve alone
-
-Most issues can be mitigated or solved with tactics or tools, others are complex or hard to resist. Examples of issues with no simple solutions:
-
-**Device fingerprinting online** 
-
-When visiting a website, the combination of the characteristics of your device, settings and browser information (e.g. user agent information, operating system, fonts and plugins installed) makes you unique and [personally identifiable](https://petsymposium.org/2020/files/papers/issue2/popets-2020-0041.pdf "https\://petsymposium.org/2020/files/papers/issue2/popets-2020-0041.pdf"). You can use a browser that’s [trying](https://brave.com/whats-brave-done-for-my-privacy-lately-episode-4-fingerprinting-defenses-2-0/) to counter this issue. Disabling JavaScript and using tools like Tails and CanvasBlocker might help. But in most cases, the more measures you take to hide yourself, the more unique your ‘fingerprint’ will become.
-
-**Mobile phone location based on cell tower data**
-
-To connect to your phone network, your device must communicate with cell towers that generate [logs at your mobile provider](https://petsymposium.org/2020/files/papers/issue2/popets-2020-0041.pdf "https\://petsymposium.org/2020/files/papers/issue2/popets-2020-0041.pdf"). Burner phones are a solution, but in certain countries you cannot legally get a SIM card without a photo ID.
-
-**Facial recognition through police cameras, CCTV**
-
-Masks are [somewhat efficient](https://www.vox.com/recode/2020/7/28/21340674/face-masks-facial-recognition-surveillance-nist "https\://www.vox.com/recode/2020/7/28/21340674/face-masks-facial-recognition-surveillance-nist") and you can [buy gear](https://www.businessinsider.com/clothes-accessories-that-outsmart-facial-recognition-tech-2019-10?r=US&IR=T "https\://www.businessinsider.com/clothes-accessories-that-outsmart-facial-recognition-tech-2019-10?r=US&IR=T") designed for countering this threat, but there is no perfect solution.
-
-**Compromised hardware layer**
-
-Malware and backdoors in hardware [you cannot trust](https://theprivacyissue.com/government-surveillance/pwned-on-arrival-hardware-supply-chain "https\://theprivacyissue.com/government-surveillance/pwned-on-arrival-hardware-supply-chain") are hard to detect and can cause leakage of sensitive data even if [other layers](https://twitter.com/cburniske/status/1269712449243975680 "https\://twitter.com/cburniske/status/1269712449243975680") are secure.
-
-**Services that don’t respect your privacy, but you ‘must’ use**
-
-If you cannot find [suitable substitutes](https://www.reddit.com/r/degoogle/ "https\://www.reddit.com/r/degoogle/") for Google Maps, peer pressure is too much for you to leave Facebook or other snooping services are mandatory for your work, your privacy will suffer.
-
-## Education, activism and resistance shows the path forward
-
-To solve each problem above, you can go ‘off the grid’. If you are living in the woods without a phone or any connected device, typing the next activist manifesto on an air-gapped machine - no-one can violate your privacy. Most of us, however, wish to stay and take part in our communities without the pressure of surveillance, as free individuals who can choose what they share and who they share it with.
-
-![wrestling the surveillance octopus](/images-static/uploads/image-from-rawpixel-id-543749-jpeg.jpg)
-
-There is a small minority who won’t settle for the new data collection status quo. Activists, journalists, academics, lawyers and tool makers are working on uncovering issues, bringing those ‘steps in the dark’ to light. They piece minor violations together and apply pressure on those grinding their way to more money and more power. Their contributions bring on [congressional hearings](https://www.wilmerhale.com/insights/client-alerts/20190314-senate-judiciary-committee-holds-hearing-on-gdpr-and-ccpa "https\://www.wilmerhale.com/insights/client-alerts/20190314-senate-judiciary-committee-holds-hearing-on-gdpr-and-ccpa"), [privacy legislations](https://www.velaw.com/insights/ccpa-2-0-the-california-privacy-rights-act-is-on-november-ballot/), and creation of [new tools of resistance](https://ssd.eff.org/en/module-categories/tool-guides). Here is what you can do to join this movement, start protecting yourself and further the bigger cause:
-
-**Education**
-
-Understanding the underlying issues better help put the problem into proper context and sets you off towards finding solutions. There are great resources on privacy issues, ranging from [blogs](https://teachprivacy.com/privacy-security-training-blog/ "https\://teachprivacy.com/privacy-security-training-blog/") through [books](https://www.theguardian.com/technology/2019/jan/20/shoshana-zuboff-age-of-surveillance-capitalism-google-facebook "https\://www.theguardian.com/technology/2019/jan/20/shoshana-zuboff-age-of-surveillance-capitalism-google-facebook") to [podcasts](https://theprivacyissue.com/privacy-and-society/download-privacy-security-podcasts "https\://theprivacyissue.com/privacy-and-society/download-privacy-security-podcasts"). We have published well-received [privacy guides](https://www.ivpn.net/privacy-guides/ "https\://www.ivpn.net/privacy-guides/") where you can start.
-
-**Activism**
-
-Experienced and motivated people actively work on privacy and surveillance related problems using technology, law and political channels. Join them and donate money or your time - start with [Tor](https://donate.torproject.org/ "https\://donate.torproject.org/"), [EFF](https://supporters.eff.org/donate/30for30--S "https\://supporters.eff.org/donate/30for30--S"), [NOYB](https://support.noyb.eu/join "https\://support.noyb.eu/join") and [Tactical Tech](https://tacticaltech.org/#/donate "https\://tacticaltech.org/#/donate").
-
-**Using tools of resistance** 
-
-As highlighted above, you can counter various privacy harms by using tools designed for your problems. Use open-source and paid products, donate to their creators. The best place to find alternatives to your current setup is the [PrivacyGuides](https://www.privacyguides.org/ "https\://www.privacyguides.org/") website and their [community](https://www.reddit.com/r/privacyguides/ "https\://www.reddit.com/r/privacyguides/"). Techlore also has great [guides](https://www.youtube.com/c/Techlore/playlists "https\://www.youtube.com/c/Techlore/playlists") (and a Discord channel) if video is your preferred format for learning.\
-Are you working on privacy enhancing tools and services? Contact us and we will do our best to amplify them.
-
-- - -
-
-Protecting personal privacy in the age of perpetual surveillance might seem like a Sisyphean task, but one thing to keep in mind is you are not alone in this. Many of us have similar needs, share your feelings of injustice and ready to work on solving the issues. Let us work together towards that future by using every mean available: education, activism that pushes for legislation, and building tools of resistance against this present day dystopia.
-
-*Illustrations displayed in the post are under public domain C00 license.*
diff --git a/src/content/es/blog/quantum-resistant-wireguard-connections-ivpn-apps.md b/src/content/es/blog/quantum-resistant-wireguard-connections-ivpn-apps.md
deleted file mode 100644
index b2dce8995..000000000
--- a/src/content/es/blog/quantum-resistant-wireguard-connections-ivpn-apps.md
+++ /dev/null
@@ -1,35 +0,0 @@
----
-title: Introducing quantum resistant WireGuard connections in IVPN apps
-url: /blog/quantum-resistant-wireguard-connections-ivpn-apps/
-highlighted: false
-draft: false
-authors:
-  - Alexandr Stelnykovych
-  - Viktor Vecsei
-categories:
-  - Releases
-tags:
-  - Apps
-  - WireGuard
-  - Security
-date: 2023-08-07T08:35:00.000Z
-thumbnailImage: /images-static/uploads/quantum-resistant.png
-
----
-Quantum computing poses a threat to VPN security due to its potential to break traditional encryption algorithms much faster.
-
-In an attempt to mitigate this risk and provide quantum resistance, a PresharedKey (PSK) is now used in addition to existing encryption. A PresharedKey (PSK) is a secret key that is shared between the VPN client and server before establishing a connection. 
-
-This adds an extra layer of symmetric encryption to the connection, making it more difficult for potential quantum attackers to break the encryption. Using a Key Encapsulation Mechanism (KEM) with a PresharedKey (PSK) can increase the quantum resistance of a WireGuard connection, if the KEM is based on a post-quantum cryptographic algorithm. 
-
-Note, this approach doesn't make the connection entirely quantum-proof as it still relies on classical cryptographic primitives.
-
-Starting with the latest version of all IVPN apps, quantum-resistant WireGuard connections are initiated by default. No manual action is required to enable this feature. Quantum resistance does not affect the latency or the speed of the connection.
-
-For more details read our explainer about [quantum resistant VPN connections][1], or consult our [FAQ article][2] that addresses common questions. 
-
-Quantum resistant connections are available only with IVPN apps at this time, we will assess offering similar functionality for manual connections using a router or the native WireGuard client.
-
- [1]: /knowledgebase/general/quantum-resistant-vpn-connections/
- [2]: /knowledgebase/general/quantum-resistance-faq/
- 
diff --git a/src/content/es/blog/release-of-revamped-ivpn-app-for-iphones-and-ipads.md b/src/content/es/blog/release-of-revamped-ivpn-app-for-iphones-and-ipads.md
deleted file mode 100644
index 3d5ca3213..000000000
--- a/src/content/es/blog/release-of-revamped-ivpn-app-for-iphones-and-ipads.md
+++ /dev/null
@@ -1,50 +0,0 @@
----
-title: Release of revamped IVPN app for iPhones and iPads
-# Example: /blog/this-is-a-good-post
-url: /blog/release-revamped-ivpn-app-iphones-ipads/
-highlighted: false
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - Releases
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - Apps
-  - Open Source
-date: 2020-09-08T10:59:22.493Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/thumb-2x.png
-# Ratio 1:1, example 500x500
-images:
-  - /images-static/uploads/frame-264-2x.png
----
-Today we are releasing redesigned iOS and iPadOS apps for IVPN. This is the first milestone in our project of rebuilding our applications for better usability and user experience.
-
-Why have we opted for redesign? There are specific aspects of the apps we aimed to improve:
-
-1. Easier controls accessible right in the main screen
-2. Better visual overview of connection status and location
-3. Smoother setup process and account management within our apps
-
-Let's see how these needs translated into the revamped version of our iOS and iPadOS apps:
-
-![server selection on ios ipados ivpn app](/images-static/uploads/frame-267-2x.png)
-
-A pull-up control panel is accessible from the main screen, providing a seamless way to select servers (including multi-hop), switch between protocols, or toggle AntiTracker.
-
-![interactive map on ios ipados ivpn app](/images-static/uploads/frame-264-2x.png)
-
-An interactive map helps with picking a new location and verifying it after connection. The app displays the new public IP address.
-
-![account management with qr code ios ipados ivpn app](/images-static/uploads/frame-276-2x.png)
-
-A dedicated account screen helps grabbing your username, serving as a sole identifier. A QR code enables quicker setup on other devices.
-
-iOS and iPadOS apps for IVPN are open source. You can review the source code and contribute on our [GitHub page.](https://github.com/ivpn/ios-app)
-
-The release of a new Android app is the next step for the project, followed by desktop apps on Linux (with a GUI), macOS and Windows.
-
-We welcome any feedback on the new app versions - please [contact us](https://www.ivpn.net/contactus/) to share your experience.
-
-IVPN Staff
diff --git a/src/content/es/blog/removal-of-kill-switch-from-our-ios-app-due-to-apple-ip-leak-issue.md b/src/content/es/blog/removal-of-kill-switch-from-our-ios-app-due-to-apple-ip-leak-issue.md
deleted file mode 100644
index f9a63a695..000000000
--- a/src/content/es/blog/removal-of-kill-switch-from-our-ios-app-due-to-apple-ip-leak-issue.md
+++ /dev/null
@@ -1,37 +0,0 @@
----
-title: Removal of kill switch from our iOS app due to Apple IP leak issue
-url: /blog/removal-of-kill-switch-from-our-ios-app-due-to-apple-ip-leak-issue/
-highlighted: false
-draft: false
-authors:
-  - Juraj Hilje
-  - Viktor Vecsei
-categories:
-  - Releases
-tags:
-  - Apps
-  - Privacy
-date: 2023-08-01T12:00:00.000Z
-thumbnailImage: /images-static/uploads/thumb-2x.png
----
-**When using Apple services on iOS 16+, a VPN connection does not fully protect your privacy against Apple. Even with an active VPN connection and kill switch enabled, traffic from your iOS 16+ device to Apple servers can leak outside the VPN tunnel and expose your local IP address to Apple. For this reason, during the next release we are removing the kill switch feature from the IVPN iOS app. Connections to non-Apple servers are not vulnerable to this leak, thus general privacy benefits of your VPN connection are unaffected.**
-
-## Leak issue
-
-During recent tests of Apple's 'includeAllNetworks' feature, also known as kill switch, we found that the functionality is not working as expected, leading to some traffic leaking outside the VPN tunnel to Apple's servers.
-
-This means that, even when the VPN is connected, using Apple's services like Apple Maps or Apple Push Notifications may result in traffic bypassing the VPN tunnel, allowing Apple servers you connect to to see the user's local IP address.
-
-## Background
-
-The iOS VPN bypass issue was initially discovered in iOS 13.3.1. To resolve the problem, Apple introduced the ['includeAllNetworks'](https://developer.apple.com/documentation/networkextension/nevpnprotocol/3131931-includeallnetworks) feature in iOS 14+, which was designed to force all network traffic through the VPN tunnel.
-
-Recent tests [conducted by security researchers](https://restoreprivacy.com/latest-ios-found-to-bypass-vpn-connection-for-some-services/) revealed that on iOS 16.1+ devices, network traffic to Apple's servers still leaks outside the VPN tunnel, even when 'includeAllNetworks' is enabled.
-
-## Next steps by IVPN
-
-In our next iOS app release, we will remove the kill switch feature for iOS 16+ devices. This step is required to avoid providing a false sense of security to customers. 
-
-The feature will continue to be available for iOS 15 devices, as we have confirmed that 'includeAllNetworks' works effectively on those devices.
-
-Further, we are filing a bug report with Apple and will closely monitor this issue in future iOS versions.
diff --git a/src/content/es/blog/socks5-proxy.md b/src/content/es/blog/socks5-proxy.md
deleted file mode 100644
index 30286bb32..000000000
--- a/src/content/es/blog/socks5-proxy.md
+++ /dev/null
@@ -1,35 +0,0 @@
----
-title: App-based VPN using SOCKS5
-url: /blog/socks5-proxies-app-based-vpn-tunnels/
-highlighted: false
-draft: false
-authors:
-  - Nick Pestell
-categories:
-  - Under the Hood	
-tags:
-  - Apps
-date: 2022-07-13T11:12:00.000Z
-thumbnailImage: /images-static/uploads/firefox-containers-thumbnail.png
----
-
-Today we're launching our new SOCKS5 proxy service, available on all IVPN servers. This enables multiple new features but I feel the most exciting is the ability to configure individual apps (or browser tabs!) to route their traffic through a different VPN server than the one you are connected to. For example, you could connect to the Paris VPN server using the IVPN app, but configure your web browser to exit through the Singapore VPN server. With this setup, all the traffic generated by apps on your device will by default exit through the Paris server, except for traffic from the web browser which will exit through the Singapore VPN server. This feature can be supercharged for customers using Firefox by installing the "Firefox Multi-account Containers" addon which enables you to configure a different SOCKS5 proxy for each browser tab. See the section below for more details, including a video demo.
-
-Secondly, with the SOCKS5 service you can implement an application kill-switch, so traffic from the application would be unrouteable if the VPN connection is terminated. The IVPN app firewall already prevents any traffic leaking outside of the VPN connection, but for those not using the IVPN app SOCKS5 can provide a kill-switch functionality. 
-IVPN app users may also benefit from an additional killswitch if they need to disable the IVPN firewall to access local or remote resources, or if they feel more comfortable having multiple anti-leak controls. This works, because our SOCKS5 proxies are only available when the VPN is connected, so if the VPN is disconnected, the proxy is not available and no traffic can leak from the application.
-
-For more information on how to configure SOCKS5 please refer to our <a href="/knowledgebase/general/socks5-proxy-service/">SOCKS5 Knowledgebase article</a>.
-
-## Firefox Multi-Account Containers
-
-Besides being able to configure containers with their own VPN server, you can associate specific websites with a container. When you open the website, it will open in the associated container and all traffic will be routed through the associated VPN server. For example, you can create a container to route traffic through the London, UK server and associate the BBC news website with that container. When you visit the BBC news website, Firefox will launch it in the associated container, and the connection will be routed through the London, UK server without you having to do anything. Note that you need to be connected to the VPN first for this to work.
-
-{{< video src="/images-static/uploads/firefox-multi-account-containers-ivpn-demo-blog-50.mp4" type="video/mp4" preload="auto" >}}
-
-## Some technical details
-
-Each VPN server has a SOCKS5 proxy listening on port 1080. Once you are connected to any VPN server using Wireguard, OpenVPN, or IPSec you can configure your application to use the SOCKS proxy on any server in our network, including the one you are connected to. Every server in our network is interconnected using a Wireguard mesh. If you connect to Amsterdam using OpenVPN and then proxy your Firefox traffic to the Kyiv server, your Firefox traffic is encrypted to the Amsterdam server using OpenVPN, and then re-encrypted for the Kyiv server via the WireGuard mesh, where it will exit to its final destination.
-
-**Warning**
-
-Although this appears to be a multi-hop connection, it doesn't offer the same security properties as the multi-hop service available from within the apps. When using multi-hop via the IVPN apps, your data is encrypted for the exit server, so an attacker with access to the entry server would only see the encrypted data. When using a SOCKS5 proxy, an attacker with access to the entry server could see your unencrypted traffic after it has been decrypted by the OpenVPN tunnel, and before encrypting for the WireGuard mesh. This risk is somewhat mitigated by the use of layer 5+ encryption e.g. SSL/TLS. For customers with a threat model that requires multi-hop, and a fully end-end encrypted tunnel to the exit server, we recommend establishing a multi-hop connection from within the app before using  a SOCKS5 server (thereby establishing a triple-hop connection if you use a SOCKS5 proxy on a different server to your entry or exit server).
\ No newline at end of file
diff --git a/src/content/es/blog/test-the-new-ivpn-apps-in-our-first-beta-program.md b/src/content/es/blog/test-the-new-ivpn-apps-in-our-first-beta-program.md
deleted file mode 100644
index d99afea1e..000000000
--- a/src/content/es/blog/test-the-new-ivpn-apps-in-our-first-beta-program.md
+++ /dev/null
@@ -1,57 +0,0 @@
----
-title: Test the new IVPN apps in our first beta program
-# Example: /blog/this-is-a-good-post
-url: /blog/test-new-ivpn-apps-first-beta-program/
-highlighted: true
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - Releases
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - apps
-date: 2020-08-11T12:42:20.683Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/rnew_release.png
-# Ratio 1:1, example 500x500
-images:
-  - /images-static/uploads/protection.png
-socalUrls:
-  twitterUrl: https://twitter.com/ivpnnet/status/1293184826304995332
-  redditUrl: https://www.reddit.com/r/IVPN/comments/i7sawt/test_the_new_ivpn_apps_in_our_first_beta_program/
----
-Our team is preparing new and revamped IVPN apps for shipping to all customers. Major changes include a redesigned UI on all platforms and the addition of GUI to our Linux app.
-
-We invite you to get a sneak peek, test our apps over the next few weeks and help deliver a bug-free release.
-
-![ivpn beta apps with new ui](/images-static/uploads/protection.png)
-
-**How to participate?**
-
-**iOS**: Get access to the beta app through TestFlight by following [this link](https://testflight.apple.com/join/FnmEzHHb), then log in with your existing username.\
-\
-**Android, macOS, Linux and Windows:** Download the beta application from the beta section on our site, install, then log in with your existing username.
-
-For testing on desktop, make sure that you have the latest IVPN apps installed (v2.12.4 for macOS\Windows, v2.12.5 for Linux) before installing the beta version.
-
-Note: our beta service is only available to customers who have an active subscription with IVPN. If you wish to participate in this test, but you are not a customer or your previous plan has expired, we recommend [purchasing](https://www.ivpn.net/signup/ "https\://www.ivpn.net/signup/") a new subscription.
-
-**What to look out for while testing?**\
-Hearing about your experiences is the aim of this project. While we welcome tips on improvements, we are primarily looking for reports on bugs we can fix before the full release.
-
-![slide up panel in ivpn beta apps](/images-static/uploads/slide_up_panel.png)
-
-**How to give feedback?**
-
-Pick the most convenient for you from these options:
-
-1. Post your findings in the dedicated [Reddit thread](https://www.reddit.com/r/IVPN/comments/i7sawt/test_the_new_ivpn_apps_in_our_first_beta_program/)
-2. Respond the the [tweet](https://twitter.com/ivpnnet/status/1293184826304995332) about the program
-3. Respond to our post [on Mastodon](https://mastodon.social/@ivpn/104671103222315153)
-4. Drop us an email to [beta@ivpn.net](mailto:beta@ivpn.net "mailto\:beta@ivpn.net")
-5. Send your findings through the TestFlight app (on iOS)
-
-Thanks for your participation and happy testing!
-
-IVPN Staff
\ No newline at end of file
diff --git a/src/content/es/blog/vpns-are-imperfect-but-necessary-privacy-enhancing-tools.md b/src/content/es/blog/vpns-are-imperfect-but-necessary-privacy-enhancing-tools.md
deleted file mode 100644
index 2230328f1..000000000
--- a/src/content/es/blog/vpns-are-imperfect-but-necessary-privacy-enhancing-tools.md
+++ /dev/null
@@ -1,55 +0,0 @@
----
-title: VPNs are imperfect, but necessary privacy enhancing tools
-# Example: /blog/this-is-a-good-post
-url: /blog/vpn-imperfect-necessary-privacy-enhancing-tools/
-highlighted: false
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - Industry Insights
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - privacy
-  - security
-date: 2020-06-04T08:54:36.080Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/vpn.png
----
-I’ve given everything away in the title. If you want better privacy online, use a VPN, but don’t expect perfect protection.
-
-Another blog post discussing the benefits of a VPN might feel unnecessary in 2020. Hundreds of companies give you thousands of reasons on why you need one, bombarding you through ads, flashy landing pages and YouTube shout-outs. These promotions are often misleading or even harmful.This is why we need clarity.
-
-The first article in this series is [‘Why you don’t need a VPN’](https://www.ivpn.net/blog/why-you-dont-need-a-vpn/ "https\://www.ivpn.net/blog/why-you-dont-need-a-vpn/"). There we have established that VPNs are not useful, or not alone sufficient for most use cases mentioned in VPN marketing lingo. They won’t provide perfect privacy, total anonymity or complete security.
-
-Today we aim to set the record straight by expanding all use cases you need a VPN for. Commercial VPNs are imperfect tools, with the potential of giving a false sense of security. However, there are real, demonstrable privacy- and security-protecting benefits of using one.
-
-## Privacy under attack
-
-Privacy violations were the [most important reasons](https://www.wired.com/2014/05/sandvine-report/ "https\://www.wired.com/2014/05/sandvine-report/") for VPN usage in the past ten years. [Permanent records are created](https://theintercept.com/2015/11/12/edward-snowden-explains-how-to-reclaim-your-privacy/ "https\://theintercept.com/2015/11/12/edward-snowden-explains-how-to-reclaim-your-privacy/") about most human beings from the moment we go online. Data collected on our actions is used to profile us, [grabbing our attention](https://www.amazon.com/Attention-Merchants-Scramble-Inside-Heads/dp/0804170045/ref=sr_1_1?dchild=1&keywords=attention+merchants&qid=1591259691&s=books&sr=1-1 "https\://www.amazon.com/Attention-Merchants-Scramble-Inside-Heads/dp/0804170045/ref=sr_1_1?dchild=1&keywords=attention+merchants&qid=1591259691&s=books&sr=1-1") and influence our behavior. This data is immensely valuable - we are now a desirable commodity. Our privacy is under constant attack every day from [governments](https://www.pbs.org/wgbh/frontline/article/with-or-without-the-patriot-act-heres-how-the-nsa-can-still-spy-on-americans/ "https\://www.pbs.org/wgbh/frontline/article/with-or-without-the-patriot-act-heres-how-the-nsa-can-still-spy-on-americans/") and [corporations](https://www.amazon.com/Age-Surveillance-Capitalism-Future-Frontier/dp/1610395697 "https\://www.amazon.com/Age-Surveillance-Capitalism-Future-Frontier/dp/1610395697"). Even if you think have nothing to hide, those profiling you hold power over you.
-
-Those who want to resist becoming exploited data sources need tools to stop the unwanted capture of information. VPNs alone can’t do that in entirety, no matter what certain providers promise. They can be an essential part of an online security and privacy improving toolkit, however:
-
-1. You need to be are aware of the limitations of VPNs
-2. You need to trust your VPN provider more than you trust your ISP and/or your government
-
-In short, a VPN encrypts the data between your device and the VPN server. This protects your connection from data collection and snooping by entities you don’t trust. They can also solve other problems, like getting around censorship and geographical blocking.
-
-## What VPNs can do for you
-
-Let’s go through the benefits of using a VPN in 2020. What exact advantages are there?
-
-1. **Privacy benefits of encryption**. Using a commercial VPN hides your browsing history from your internet service providers, including your mobile provider. A list of websites you have visited in a period gives powerful insights into your life. If you connect to a VPN, your ISP won’t be able to sell your browsing history to advertisers and data brokers. Legislations covering the possibilities for commercial transactions vary from country to country, but they are [permissive in the United States](https://www.theverge.com/2017/3/31/15138526/isp-privacy-bill-vote-trump-marsha-blackburn-internet-browsing-history "https\://www.theverge.com/2017/3/31/15138526/isp-privacy-bill-vote-trump-marsha-blackburn-internet-browsing-history") specifically since 2017.\
-   Governments in many countries (US and UK included) have a wide range of investigative powers and can also get your detailed browsing history from ISPs. These companies are very unlikely to put up any fight against official requests. Your VPN provider might and they are less likely to keep logs on your activities. This is where the trust factor comes in: a transparent, audited VPN service with clear no-logs policy can be an ally your ISP never will be.
-2. **Privacy benefits of IP address masking**. When connecting to a VPN, it hides your private IP and ideally mixes your new public address with many other users. This means no one can associate your activity with your persona based on this identifier alone. In addition, this provides increased anonymity on peer-to-peer networks. Websites have a harder time figuring out you are visiting them, associating your actions tied to a personal profile. This adds limited tangible value to identity protection, however, as there are dozens of different other ways to identify users of apps and visitors of websites. If any of the other signals give away your persona, you lose your initial anonymity.
-3. **Information security benefits of encryption** on Wi-Fi networks you don’t trust. Since a VPN tunnel encrypts your connection between your device and the server, the operator of a network can’t monitor or log what you do online. It protects you from common attacks capturing your sensitive data, like [Man-in-the-Middle](https://en.wikipedia.org/wiki/Man-in-the-middle_attack "https\://en.wikipedia.org/wiki/Man-in-the-middle_attack") or [Evil Twin](https://www.darkreading.com/attacks-breaches/understanding-evil-twin-ap-attacks-and-how-to-prevent-them-/a/d-id/1333240 "https\://www.darkreading.com/attacks-breaches/understanding-evil-twin-ap-attacks-and-how-to-prevent-them-/a/d-id/1333240"), which make eavesdropping on your connection possible when connecting to a Wi-Fi you cannot fully trust. For these reasons, if you care about privacy, use a VPN when accessing the Internet in hotels, cafes, libraries and government run places. There is a flip-side to this: if you are the network operator or you trust them, these issues won’t affect you much. In that case, a VPN is only necessary if you care about other problems discussed in this post.
-4. Connecting to a VPN servers in another country can **unlock websites and content blocked** from you. Most common use case is accessing geo-fenced content, for example Netflix shows available only in the US, and BBC iPlayer in the UK. The increased demand for this advantage has enabled a new breed of VPN providers focusing on this specific need, offering free or cheap services [at the expense of sound security practices](https://www.forbes.com/sites/simonchandler/2019/09/23/too-many-vpns-put-our-privacy-and-security-at-risk/#42ad9b2261df "https\://www.forbes.com/sites/simonchandler/2019/09/23/too-many-vpns-put-our-privacy-and-security-at-risk/#42ad9b2261df") and strict privacy policies. In other cases, governments censor tools and websites or even cut off parts of the internet, forcing citizens to turn to technical solutions. This happens not only under oppressive regimes, but in [autocratic states](https://en.wikipedia.org/wiki/Censorship_of_Wikipedia "https\://en.wikipedia.org/wiki/Censorship_of_Wikipedia") that are still democracies. VPNs are useful for getting quick, stable access to blocked sites - yet you should not use a free one, no matter how desperate you are.
-
-Do you need a commercial VPN to solve these issues?
-
-* for the second problem, a trusted [proxy](https://en.wikipedia.org/wiki/Proxy_server "https\://en.wikipedia.org/wiki/Proxy_server") could be sufficient
-* to address the third issue only, you can [roll your own VPN](https://mikkel.hoegh.org/2019/11/01/home-vpn-server-wireguard "https\://mikkel.hoegh.org/2019/11/01/home-vpn-server-wireguard") server, but that won’t protect your privacy
-
-To get the benefits of any other points or their combinations, you should pick and use a trustworthy commercial service.
-
-To summarize, if you care about your privacy online and understand the limitations of how a VPN can help you protect it: you need one. In the next post in this series, we’ll go beyond VPNs to talk about the bigger picture in this fight for the right to privacy and personal autonomy.
diff --git a/src/content/es/blog/who-owns-your-vpn-you-should-find-out.md b/src/content/es/blog/who-owns-your-vpn-you-should-find-out.md
deleted file mode 100644
index 3b4c328c6..000000000
--- a/src/content/es/blog/who-owns-your-vpn-you-should-find-out.md
+++ /dev/null
@@ -1,54 +0,0 @@
----
-title: Who owns your VPN? You should find out
-url: /blog/who-owns-your-vpn-you-should-find-out/
-highlighted: false
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - Industry Insights
-tags:
-  - Transparency
-date: 2021-03-03T14:55:00.000Z
-thumbnailImage: /images-static/uploads/98cac49a-146a-48a6-be26-3fd68d3b5448.png
-images:
-  - /images-static/uploads/who-owns-your-vpn-you-should-find-out.png
----
-Trust is, or should be, the number one factor in picking a VPN service. This is a point we have mentioned in [previous posts](/blog/misleading-promises-of-the-worlds-fastest-anonymous-military-grade-vpns/) in this series, but it's worth expanding on and taking a closer look at the why.
-
-Can you trust the service to encrypt your connection and not log any information about you? Can you trust its owners to act on your best interest when someone tries to identify you, be it a data broker or an overzealous government entity? Can you trust someone you don’t know and cannot hold accountable? 
-
-A common defense by companies hiding their ownership in the VPN industry is the following: "we are a privacy company, so our owners wish to remain anonymous". In other cases they reason anonymous operators can <a href="https://slate.com/technology/2019/02/best-vpn-companies-trust-privacy.html" target="_blank">fight government pressure better</a>. These are red herring arguments. Privacy protection services don't exist to serve their owners, they exist to serve their customers. If a government agency wants to pressure operators of large-scale VPN services, they have the means to find them.  
-If anything goes wrong and the VPN service bails on its promises, those in charge need to take responsibility. If a company that is supposed to protect you is registered in an obscure location, it shields the owner's identity, which is beneficial for them, but not for you. The chance for accountability is lost.
-
-A further reason to learn and understand who is behind the VPN service is to assess their motivation. Entrepreneurs motivated by financial gains can run services at a high quality and some may put principles before profits. Yet if those operators have a history of <a href="https://twitter.com/kennwhite/status/1201747679405105152?lang=en" target="_blank">running malware</a>, or investing in data mining services, their commitment to protect your privacy is less clear. If having some unwelcome connections is a reason for hiding their ownership, that is a cause for alarm.  
-
-Some popular VPNs are owned by vertically integrated conglomerates that also operate <a href="https://www.j2global.com/brands/technology" target="_blank">media companies</a> and run tech comparison websites. They are not breaking any laws, yet corporate visions rarely include activism motivated by the desire to challenge a new surveillance status quo. Rather, they tend to favor structures and decisions that prefer creating shareholder value and improving <a href="https://investor.j2global.com/corporate-information/overview/default.aspx" target="_blank">financial performance indicators</a>.
-
-When considering other reasons for obfuscated ownership, we can only contemplate the worst cases. We have no proof on any top VPN services being <a href="https://www.computerweekly.com/news/252466203/Top-VPNs-secretly-owned-by-Chinese-firms" target="_blank">secretly owned</a> by governments or malicious actors that use them as <a href="https://twitter.com/swiftonsecurity/status/977593310893236224?lang=en" target="_blank">honeypots</a>. This is something we cannot rule out either, and the consequences are grave.
-
-<figure>
-    <img width="400px" src="/images-static/uploads/6a9bd8cf-eab4-4159-98c2-005d4c9b9983.png"> 
-</figure>
-
-If you are evaluating VPN services, we suggest researching the owners of your top choices. 
-
-You can start with the following steps:
-
-1. Review their website and look for information on who operates the service: About Us pages, Terms and Conditions, Career sections.
-2. Do a <a href="https://duckduckgo.com/" target="_blank">DuckDuckGo</a> search on the operators or use sources like Crunchbase or LinkedIn to find out more about their background. Based on the available information, you can determine whether their profile fits the mission of protecting your privacy.
-3. Check if the team members are listed on the website or other public spaces. Relevant activity on platforms like GitHub and LinkedIn are good signs.
-4. Do a search on Reddit and Twitter for the company and brand name and see what pops up - are there any obvious issues or reports of maleficence?
-
-What we would consider red flags:
-
-* No company name provided on the website, or a company registered in an obscure location with no owners specified.
-* Vague missions statements and no persons responsible listed on the About Us page.
-* No trace of the brand name, owners or staff mentioned outside of the homepage of the service.
-* Repeated complaints about the service without any redress.
-
-The VPN industry has changed considerably in the past couple of years. Gone are the days where companies serving millions of customers could get by with obfuscated ownership and unclear policies. This is a welcome trend, but transparency should be the norm for every VPN service. We hereby call on VPN providers to do the following:
-
-1. Fully disclose final and beneficial owners of the service, so customers know who is responsible for protecting their data.
-2. Announce the jurisdictions they operate in and publicise law enforcement response guidelines to make customer aware of their policies.
-3. Disclose team members and include information about background on your website.
diff --git a/src/content/es/blog/why-we-refuse-modern-marketing.md b/src/content/es/blog/why-we-refuse-modern-marketing.md
deleted file mode 100644
index 18a076d3a..000000000
--- a/src/content/es/blog/why-we-refuse-modern-marketing.md
+++ /dev/null
@@ -1,57 +0,0 @@
----
-title: "Why we refuse modern marketing, even when it hurts our growth"
-url: /blog/why-we-refuse-modern-marketing/
-highlighted: false
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - Under the Hood
-tags:
-  - Privacy
-  - Subscriptions
-  - Transparency
-date: 2021-07-21T11:25:00.000Z
-thumbnailImage: /images-static/uploads/modern_marketing_thumb.png
----
-1. Modern marketing is surveillance. It enables anyone with funds to follow us around and pester us with ads for stuff we don't need. The surveillance economy forces companies to participate, since their competitors would outpace them otherwise.  Alternative options are limited: most eyeballs and dollars are captured by a couple of companies that made online surveillance the new normal. Even companies who claim they stand for privacy help keep the status quo. 
-
-2. Modern marketing is dark patterns. It locks down information and trials that should be accessible without having to give up our personal details. Social validation inserts and fake countdown timers push us to quick decisions, triggering our fear of missing out. Once we become a customer, it uses artificial rewards and puts up roadblocks so we don’t switch services. 
-
-3. Modern marketing is human experiments. Our actions are turned into funnels, relentlessly optimized for growth and profit without ethical considerations. Human actions become data to be used for achieving better key performance indicators. We are a billion guinea pigs, subject to billions of micro-experiments every day.
-
-4. Modern marketing is misinformation. Affiliate programs and paid editorials make writers and content creators push products for a cut in profits, breaking the promise of honest reviews and editorial independence. Participants ignore the conflict of interest and share biased opinion.
-
-5. Modern marketing bribes us. To achieve virality and capture our data, apps ask for our permission to reveal contacts and spam them with offers. We are beholden to sharing, inviting, liking and other compelled actions to get access and feel rewarded.
-
-6. Modern marketing over-promises. It allows companies to make lofty claims about the benefits of their products and announce they are the best choice for everyone. It incentivises brands to hide limitations and negative externalities, then use the fine print to escape criticism. 
-
-7. Modern marketing is spam. It manufactures customer feedback on e-commerce sites, perverting the wisdom of the crowd. It uses fake ratings on company review sites that yield a 4-star-plus score on landing pages for social validation. It generates an army of fake commenters mentioning, recommending and defending subpar products in community spaces.
-
-8. Modern marketing is useless content. It’s keyword optimized SEO friendly articles, destined to be AI generated, dominating search results. It judges the work of content marketers on indicators like emails captured and free trials started, instead of delivering value by putting forth valuable, factual information.
-
-9. Modern marketing is buying influence. YouTubers who know little about information security advertise VPNs and endorse products they would never use themselves. Vodka, energy drink and flu pill brands spend millions per quarter to get carried into your attention via Instagram influencers.
-
-
-We refuse to take part in the surveillance economy, not as marketers, nor as subjects whose attention it captures. We say no to dark patterns and calculated experiments to improve our conversion funnel. We don’t want to buy influence and pay others to write favorable reviews of our service. We won’t pollute the internet with fake comments, made-up reviews and sales-focused content. 
-
-
-This is why we don't do modern marketing.
-
-- - -
-
-You can argue this blog post is marketing. Fair enough. We run a business to help people resist online surveillance. Growing our customer base results in additional profits we can reinvest into improving our service. Yet we refuse to use privacy-violating and unethical tactics that many of our competitors take advantage of in pursuit of business goals. 
-
-What we can do instead:
-
-* Improving our service and communicating our progress through channels allowed by our ethical guidelines
-
-* Being vocal about our values, e.g. through blog posts like this
-
-* Creating educational materials for and with communities who share our goals
-
-* Sponsor organizations and projects that share our values
-
-To mark this shift from experimenting with marketing tools to being very clear about the strict boundaries, we have [revamped](https://github.com/ivpn/ivpn.net/pull/213/files) our [Ethics page](https://www.ivpn.net/ethics) to show our stance on these issues. 
-
-We are sure other companies face similar dilemmas around marketing. If you are reading this as a conflicted business owner or marketer, [let us know](https://www.ivpn.net/contactus/). Let’s take a stand and attempt to fight the trends that erode our digital spaces together. 
diff --git a/src/content/es/blog/why-you-dont-need-a-vpn.md b/src/content/es/blog/why-you-dont-need-a-vpn.md
deleted file mode 100644
index 95aa82735..000000000
--- a/src/content/es/blog/why-you-dont-need-a-vpn.md
+++ /dev/null
@@ -1,94 +0,0 @@
----
-title: Why you don't need a VPN
-# Example: /blog/this-is-a-good-post
-url: /blog/why-you-dont-need-a-vpn/
-highlighted: false
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - Industry Insights
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - privacy
-  - security
-date: 2020-05-19T06:22:00.000Z
-# 1920px X 500px
-heroImage: ""
-images: ["/images-static/uploads/don-t-need-vpn.png"]
-# 740px X 740px
-thumbnailImage: /images-static/uploads/don-t-need-vpn.png
-socalUrls:
-  redditUrl: https://www.reddit.com/r/IVPN/comments/gmodf9/why_you_dont_need_a_vpn_first_post_in_vpn_worst/
----
-
-If you have to ask: 'do I need a VPN for this problem?', the answer is no, most of the time.
-
-Let us forget the ‘Family Online Safety' TV inserts and the thirteen 'Best Fastest Secure VPN’ ads on a single search result page. They exist to answer this question with a loud "yes, definitely, all the time". They also want you to stop looking for the correct solution.
-
-Commercial VPNs are not useful or not alone sufficient for:
-
-* providing better [security when 'working from home'](/blog/most-people-dont-need-a-commercial-vpn-to-work-from-home-securely/)
-* achieving anonymity
-* defending yourself from hackers ("Mr. Robot") when at home
-* solving all privacy issues, like unwanted profiling by social networks or search engines
-* protecting your passwords
-* hiding your mobile phone location (GPS)
-* helping you avoid data breaches on services you use online
-* defending against "cyber threats" and identity theft
-* preventing your medical information or family photos getting in the wrong hands
-
-Do you see these issues popping up in ads for leading VPN brands? No surprise.
-
-![private internet access printer malfunction](/images-static/uploads/1.png)
-
-People want quick assurance and safety. Just give me a one-step solution and let's consider the matter solved. Old-school locks keep people from going through your basement door and they are easy to use, yet burglars can break in the windows. Face masks can protect you and others in a pandemic, but if you shake hands and touch your eyes, they become useless. The promise of one service to solve all information security and privacy issues sounds comforting - but it does not exist.
-
-Hundreds of VPN companies exploit the need for safety by pushing their solutions as a cure-all for various digital ailments. "Protecting your privacy" or "securing your data" are frequently not their primary motivations. In the pursuit of growth and profits, they desperately need new problems to solve with an existing solution. There is serious money in exploiting fear, uncertainty and doubt, and the barrier of entry to this game is very low.
-
-- - -
-
-A lot has changed in the past 10 years. Using a VPN then protected you from the most pressing privacy and security threats online. Websites logging your visits and ISPs monitoring your browsing history were principal issues. Attacks on privacy through undisclosed or unconsented data collection are more pervasive now. Social sites, data brokers and ad networks are all after your intimate personal details; the list of companies building a profile of you is much longer.
-
-Regarding security issues, one often overlooked fact is a VPN only encrypts your connection between your device and the providers server. This protects you from rogue Wi-Fi operators, ISPs with malicious intent or hackers on the same network. Your data, however, gets decrypted when leaving the server and reaches further nodes in the network as secures as it was when it entered the VPN network.
-
-On the brighter side, the level of default encryption for your connection and data traveling on the internet has improved. Most websites [use HTTPS by default](https://news.umich.edu/how-lets-encrypt-doubled-the-internets-percentage-of-secure-websites-in-four-years/) (indicated by that padlock in your browser's address bar). DNS over HTTPS, providing further protection against eavesdropping by encrypting DNS requests, is [rolled out in browsers](https://blog.mozilla.org/blog/2020/02/25/firefox-continues-push-to-bring-dns-over-https-by-default-for-us-users/)[.](https://blog.mozilla.org/blog/2020/02/25/firefox-continues-push-to-bring-dns-over-https-by-default-for-us-users/.) These developments limit the possibilities for snooping, even if you don’t use a VPN. They do not make such services useless, but further put 'VPNs are indispensable for online security' claims into question.
-
-![nordvpn credit card theft on subway underground](/images-static/uploads/2.png)
-
-Most VPN companies refuse to educate their customers about the limitations of their service. They don't just ignore developments detrimental to the ‘marketability’ of their product, they claim VPNs solve a whole set of new, unrelated issues. The same lock for your basement door secures your whole house and prevents strangers peeking through the window. Sometimes, turning the key can make you and all your belongings magically disappear.
-
-Companies making such claims not only fail to fulfill their stated mission of securing your data and privacy. They harm by offering a false sense of security. Getting people to pay 30 bucks for a lifetime access to The Security Button is easy. Building trust through transparency, educating customers on threat models and suggesting complementary tools for better protection are hard. These steps are essential, however, as a VPN alone won't provide complete security, perfect privacy and will certainly not make you anonymous.
-
-![expressvpn promise of anonymity](/images-static/uploads/3.png)
-
-So when do you need a VPN?\
-"Never use them", [warn some](https://gist.github.com/joepie91/5a9909939e6ce7d09e29), disillusioned with VPN providers and their practices. We believe that is a misstatement. Commercial VPNs can be useful if you use them for specific jobs they can help with. These are:
-
-1. Keeping some control over your privacy. They hide your real IP address from websites you visit and peer-to-peer nodes you connect to. It also prevents ISPs and mobile network operators from tracking the domains and IPs you visit.
-2. Protecting your connection from '[Man in the Middle](https://en.wikipedia.org/wiki/Man-in-the-middle_attack)' and [other common attacks](https://en.wikipedia.org/wiki/Evil_twin_(wireless_networks)) on networks you don’t trust. Useful when connected to Wi-Fi in airports, hotels, cafes and libraries.
-3. Circumventing censorship or geographical blocks on websites and content. Some VPNs can help you retrieve information and media otherwise inaccessible.
-
-That's it.
-
-One last note: please remember that if you use a commercial VPN, your internet traffic goes through the VPN provider’s network. Whoever is in control of the servers can see and log anything you do online, if they choose to. You better trust the service you are signing up for - we will get to that in a future post of Industry Insights.
-
-> Update: We have published a tool called ['Do I need a VPN'](https://www.doineedavpn.com).\
-> It builds on the key points of this blog posts to help evaluate whether a VPN is a right choice for you.\
-> The project is [open source](https://github.com/ivpn/doineedavpn.com) - please pass it along an help us improve it.
-
-- - -
-
-*Disclaimer: This post addresses commercial VPNs marketed for 'regular users'. Corporate VPNs set up by organizations for their staff serve a different purpose; use them when required by your company. This post is not applicable for users with non-regular threat models: journalists, activists living under repressive regimes, or anyone at risk of being targeted by resourceful individuals or state actors. If any of that applies to you, you need a VPN as part of your security and privacy toolkit. We recommend starting [here](<https://freedom.press/training/>) and using tools recommended by [PrivacyGuides](http://www.privacyguides.org) to protect yourself.*
-
-Useful resources in this matter (not always correct):\
-<https://schub.wtf/blog/2019/04/08/very-precarious-narrative.html>\
-<https://drewdevault.com/2019/04/19/Your-VPN-is-a-serious-choice.html>\
-<https://krebsonsecurity.com/tag/vpn/>\
-<https://www.youtube.com/watch?v=WVDQEoe6ZWY> (we are happy to sponsor your video, Tom)
-
-Screencap sources:\
-<https://www.youtube.com/watch?v=jXwX-VTJoFw> - [archived version ](https://web.archive.org/web/20200424044453/https://www.youtube.com/watch?v=jXwX-VTJoFw)\
-<https://www.ispot.tv/ad/IU7h/nordvpn-terrible-at-secrets> - [archived version ](https://archive.is/16Wsn)\
-<https://www.ispot.tv/ad/IlT0/nordvpn-online-privacy-made-easy-299> - [archived version ](https://archive.is/BzqPX)\
-<https://www.facebook.com/192711594106057/videos/726462231019564/>
diff --git a/src/content/es/blog/wireguard-port-forwarding-enabled.md b/src/content/es/blog/wireguard-port-forwarding-enabled.md
deleted file mode 100644
index aa2d69bdf..000000000
--- a/src/content/es/blog/wireguard-port-forwarding-enabled.md
+++ /dev/null
@@ -1,31 +0,0 @@
----
-title: WireGuard Port Forwarding enabled
-url: /blog/wireguard-port-forwarding-enabled/
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - Releases
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - Apps
-  - Protocols
-  - WireGuard
-date: 2022-02-16T07:56:15.000Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/windows.png
----
-
-> July 2023 update: Port Forwarding is being phased out from the IVPN service and is no longer offered to new customers.\
-> You can find more information in a [blog post][1] about this change.
-
-After the recent addition of [Multi-Hop for WireGuard][2], we are now introducing port forwarding support for Wireguard. Port forwarding allows incoming connections on a specific port, enabling you to run various services on your device that need to be accessible from the Internet. This feature comes with potential threats, so we suggest reviewing our [brief introduction][3] to port forwarding.
-
-You can enable port forwarding for both WireGuard and OpenVPN by logging in and visiting the [Port Forwarding tab][4] in your client area.
-
-Please note that WireGuard port forwarding will not be activated automatically until you have disconnected all your active sessions at least once. After doing so please wait 10 mins and reconnect using your chosen protocol.
-
- [1]: /blog/gradual-removal-of-port-forwarding/
- [2]: /blog/kill-switch-and-wireguard-multi-hop-added-to-ivpn-for-ios/
- [3]: /knowledgebase/general/what-is-port-forwarding/
- [4]: /account/port-forwarding
diff --git a/src/content/es/blog/your-vpn-provider-wont-go-to-jail-for-you.md b/src/content/es/blog/your-vpn-provider-wont-go-to-jail-for-you.md
deleted file mode 100644
index 2bd3d605f..000000000
--- a/src/content/es/blog/your-vpn-provider-wont-go-to-jail-for-you.md
+++ /dev/null
@@ -1,66 +0,0 @@
----
-title: Your VPN provider won't go to jail for you for 5 dollars
-url: /blog/your-vpn-provider-wont-go-to-jail-for-you/
-highlighted: false
-draft: false
-authors:
-  - Viktor Vecsei
-categories:
-  - Industry Insights
-# Tags are seperated by comma. Ex. Open Source, Security, Subscriptions
-tags:
-  - privacy
-  - transparency
-date: 2023-08-18T08:54:36.080Z
-# 740px X 740px
-thumbnailImage: /images-static/uploads/thumb_5d.png
----
-The phrase in the title is a common trope that comes up when VPN services are discussed. While this statement is technically correct, it can be misleading, as it implies that all providers handle law enforcement requests and prepare for worst case scenarios similarly, so their conduct cannot be a differentiating factor when you evaluate them.
-In this blog post we explain why competent service operators can avoid having to share sensitive information about you without facing severe legal consequences. The reasons laid out will also highlight why you are better off choosing a VPN service run by privacy activists who will prioritise principles before profits in difficult situations.
-
-Let's start with clarifying the statement in the post title:
-A VPN provider might face jail time for not complying with valid legal requests for sharing information as per the rules of the jurisdiction they operate in. Since reputable VPN services operate in countries that rely on the rule of law for fighting crime and national security, those responsible for your privacy will have no choice but to comply when facing pressure from law enforcement, so they can avoid prosecution.
-
-We believe these observations apply to most VPN companies, however in every case, people running them have choices. Choices that prepare them for when law enforcement come knocking, in their conduct when responding to requests, and around reacting to the worst-case scenarios. 
-
-
-<figure>
-    <img src="/images-static/uploads/justice_5d.jpg"> 
-</figure>
-
-
-A list of things a VPN service can do to make sure that no sensitive information about you, or your activities need to be shared with authorities:
-
-1. **Choose the right jurisdiction**. If the country the service is incorporated in provides proper safeguards for running a VPN service, they can simply state they have no information to give when receiving a valid request. This is only possible if there is no legal requirement to keep any customer records or log their activities. This should be a basic requirement for VPN service, yet many continue to operate in jurisdictions that don't fulfil these criteria.  
-
-2. **Have clear legal guidelines**. If the jurisdiction choice is prudent, VPN services can simply ignore requests coming from outside of the country they operate in, and might only reply to queries coming in the right format through the right channels. If interested parties want to receive any information, they can only do so if they have done the legwork, which might require jumping through legal hoops. Even if that happens, when the provider addresses other points in this list properly, they will have no information to provide. 
-
-3. **Know as little about you as possible**. If your provider has nothing to give, they are not liable to hand it over. With proper jurisdiction and internal policies when building the service, there is no need to keep personally identifiable information about you. This includes not collecting your email address or your name, or "limited connection data to improve the service". Zero information about users should be the goal. Payment information can also tie you to your VPN subscriptions, so it's prudent to offer options where no information is shared with third parties (like anonymity-friendly cryptocurrency, or cash). 
-
-4. **Have a protective privacy policy**. A concise and clear privacy policy is not just a promise to users, but a signal to authorities. It shows that it's within the rights of the VPN service to not keep records on their customers and not log their activities, clearly communicating boundaries. Even if one comes equipped with email addresses, IP addresses or timestamps, the service can be up front on why they cannot assist with investigations.
-
-5. **Be transparent about requests**. Similarly to the privacy policy, this is as much of a signal towards authorities as to customers. Publishing the number of requests alongside the number of cases where data was shared (which should be zero), a transparency report shows that their jurisdiction choice and policies are prudent. 
-
-If the provider makes the right choices on the above points, there is a very good chance they can safeguard you from data requests about your subscription information and VPN use. 
-
-<figure>
-    <img src="/images-static/uploads/cabinet_5d.jpg"> 
-</figure>
-
-
-However, things can go wrong, and circumstances can change. Even if a provider has done everything right for a decade or more, there are unknowns and new threats they cannot influence. 
-
-Laws might change, jurisdictions can join surveillance cooperations, and covert operations can target individuals responsible for keeping your data private. For these eventualities, providers can establish a clear plan so they do not face the "go to jail for $5" dilemma. 
-
-Here are some measures for the proverbial stuff hitting the fan scenarios:
-
-1. **Move jurisdictions as soon as possible**. Starting companies and drafting up new legal guidelines is not a five-minute exercise, however if faced with a choice of complying with fresh logging requirements, it is a required option that must be exercised to protect users.
-
-2. **Have a warrant canary and trigger it**. If the first option is not workable for any reason, your provider can trigger its warrant canary to alert users to an event that cannot be publicised and could jeopardise their privacy. Such an event would likely severely affect the reputation of the service, thus providers who prioritise profits over principles will not be ready to do this.
-
-3. **Shut down their operations**. VPN services run by activists would rather do this than to hand over customer data to authorities. At IVPN, we are conscious of the fact that we have one life and a reputation to uphold, and rather do something else than to violate our principles. We deliberately phrased this paragraph to reiterate our earlier promise to this action, if required. 
-
-Yes, your VPN provider won't go to jail for you, and that includes IVPN staff. Yet operators of well-run services don’t need to face such risks if they prepare their legal protections and policies right.
-
-By evaluating providers against the points above, you can separate those willing to go lengths to safeguard your privacy from those that care more about those five bucks.  
-
diff --git a/src/content/es/categories/industry-insights/_index.md b/src/content/es/categories/industry-insights/_index.md
deleted file mode 100644
index b0183b2a1..000000000
--- a/src/content/es/categories/industry-insights/_index.md
+++ /dev/null
@@ -1,8 +0,0 @@
----
-title: Industry Insights
-weight: 40
-showOldWarning: true
----
-# Industry Insights
-
-Improving the standards in the VPN industry is an important part of our work. Here we cover recent developments, and make recommendations to others in the VPN space.
diff --git a/src/content/es/categories/ivpn-news/_index.md b/src/content/es/categories/ivpn-news/_index.md
deleted file mode 100644
index cc9e4c1a2..000000000
--- a/src/content/es/categories/ivpn-news/_index.md
+++ /dev/null
@@ -1,8 +0,0 @@
----
-title: IVPN News
-weight: 10
----
-
-# IVPN News
-
-General news about IVPN - changes to our service and infrastructure, yearly audit results and announcements about business and ethical choices.
\ No newline at end of file
diff --git a/src/content/es/categories/privacy-security/_index.md b/src/content/es/categories/privacy-security/_index.md
deleted file mode 100644
index 687d67aa8..000000000
--- a/src/content/es/categories/privacy-security/_index.md
+++ /dev/null
@@ -1,8 +0,0 @@
----
-title: Privacy & Security
-weight: 50
-showOldWarning: true
----
-# Privacy & Security
-
-Privacy and information security news and updates from our staff and guest authors. Review our [Privacy Guides](/privacy-guides/) for in-depth tutorials on privacy.
diff --git a/src/content/es/categories/releases/_index.md b/src/content/es/categories/releases/_index.md
deleted file mode 100644
index 459be99fd..000000000
--- a/src/content/es/categories/releases/_index.md
+++ /dev/null
@@ -1,7 +0,0 @@
----
-title: Releases
-weight: 20
----
-# Releases
-
-Improvements of the IVPN apps. Important milestones: addition of WireGuard, tracker and ad-blocking and open sourcing of our apps.
\ No newline at end of file
diff --git a/src/content/es/categories/under-the-hood/_index.md b/src/content/es/categories/under-the-hood/_index.md
deleted file mode 100644
index 16eed300e..000000000
--- a/src/content/es/categories/under-the-hood/_index.md
+++ /dev/null
@@ -1,7 +0,0 @@
----
-title: Under the Hood
-weight: 30
----
-# Under the Hood
-
-Insights into challenges and solutions at IVPN. The authors are our engineers and experts who build and run IVPN’s network and apps.
\ No newline at end of file
diff --git a/src/content/es/pages/account.md b/src/content/es/pages/account.md
deleted file mode 100644
index 31ebefbfb..000000000
--- a/src/content/es/pages/account.md
+++ /dev/null
@@ -1,11 +0,0 @@
----
-title: My Account
-url: /account/
-# Leave empty for default, `application` for client area and signup
-layout: application
-menu:
-  - main
-isMenuCta: true
-hasSeperator: false
----
-# Application
\ No newline at end of file
diff --git a/src/content/es/pages/antitracker.md b/src/content/es/pages/antitracker.md
index 365cc4f39..1ce5617c8 100644
--- a/src/content/es/pages/antitracker.md
+++ b/src/content/es/pages/antitracker.md
@@ -1,7 +1,9 @@
 ---
 title: VPN con bloqueo de anuncios y antirastreo
 description: Aumenta tu protección y privacidad utilizando IVPN con protección de rastreo incorporada. Bloqueamos peticiones de empresas de publicidad y recopiladoras de datos para que tu experiencia de navegación sea más ligera y privada.
-url: antitracker/
+url: /es/antitracker/
+params:
+  translated: true
 ---
 # AntiTracker
 
diff --git a/src/content/es/pages/apps-android.md b/src/content/es/pages/apps-android.md
deleted file mode 100644
index 9a9827a98..000000000
--- a/src/content/es/pages/apps-android.md
+++ /dev/null
@@ -1,62 +0,0 @@
----
-title: IVPN for Android - Open-source VPN app for your Android
-description: The IVPN app for Android offers you comprehensive privacy leak protection with the IVPN firewall, automatic connection on insecure Wi-Fi and Multi-hop.
-h1: IVPN for Android
-subtitle: Supports Android 7.1+
-url: /apps-android/
-platform: android
-layout: apps
-image: apps/android-app
-releases: [{
-    cta: Download,
-    downloads: [
-        {
-            cta: Google Play,
-            url: "https://play.google.com/store/apps/details?id=net.ivpn.client"
-        },
-        {
-            cta: F-Droid,
-            url: https://f-droid.org/en/packages/net.ivpn.client/
-        },
-        {
-            cta: Accrescent,
-            url: https://accrescent.app/app/net.ivpn.client
-        },
-        {
-            cta: .APK file,
-            url: https://www.ivpn.net/releases/android/IVPNv2.10.7site.apk
-        }
-    ],
-    github: https://github.com/ivpn/android-app,
-    changelog: https://github.com/ivpn/android-app/blob/main/CHANGELOG.md,
-    checksum: [
-        {
-            title: .apk SHA256,
-            value: e091ee87d73eda39036854ca02be2c0451502730043fe39a8242403124965ceb
-        },
-        {
-            title: .apk sign cert SHA256,
-            value: 88a6b40fc97fdc842f231f50eb12de116f5b759e3c5b38aaccaf6a7b393c85bb
-        }
-    ]
-}]
----
-## Features
-
-- WireGuard and OpenVPN protocols.
-- WireGuard privacy controls - Define automatic key and IP address rotation schedule.
-- AntiTracker that blocks ads, adware, malicious websites and data harvesting trackers.
-- Ability to define trusted Wi-Fi networks and create rules for automatic VPN connection/disconnection.
-- Split tunnel to allow some apps to bypass the VPN.
-- Multi-hop VPN routes. Connect through multiple servers in separate jurisdictions for enhanced privacy.
-- Custom DNS servers, DoT via Android native Private DNS.
-- Mock location for GPS.
-- Tapjacking protection.
-
-## Manual configuration
-
-If you prefer not to use the IVPN app please follow the relevant setup guide below.
-
-- [WireGuard](/setup/android-wireguard/)
-- [OpenVPN for Android](/setup/android-openvpn-for-android/)  
-- [IPSec with IKEv2](/setup/android-ipsec-with-ikev2/)  
diff --git a/src/content/es/pages/apps-ios.md b/src/content/es/pages/apps-ios.md
deleted file mode 100644
index 959e48e96..000000000
--- a/src/content/es/pages/apps-ios.md
+++ /dev/null
@@ -1,32 +0,0 @@
----
-title: IVPN for iOS - Open-source VPN app for your iPhone and iPad
-description: The IVPN app for iOS is designed for iPhone and iPad and offers you comprehensive privacy leak protection, automatic connection on insecure Wi-Fi and Multi-hop.
-h1: IVPN for iOS
-subtitle: Supports iOS/iPadOS 15.0+
-url: /apps-ios/
-platform: ios
-layout: apps
-image: apps/ios-app
-releases: [{
-    cta: Get it on App Store,
-    download: "https://apps.apple.com/us/app/ivpn-serious-privacy-protection/id1193122683?mt=8",
-    github: https://github.com/ivpn/ios-app,
-    changelog: https://github.com/ivpn/ios-app/blob/master/CHANGELOG.md
-}]
----
-## Features
-
-- WireGuard, OpenVPN or IPSec protocols.
-- WireGuard privacy controls - Define automatic key and IP address rotation schedule.
-- AntiTracker that blocks ads, adware, malicious websites and data harvesting trackers.
-- Ability to define trusted Wi-Fi networks and create rules for automatic VPN connection/disconnection
-- Multi-hop VPN routes. Connect through multiple servers in separate jurisdictions for enhanced privacy.
-- Custom DNS servers, with DoH or DoT.
-
-## Manual configuration
-
-If you prefer not to use the IVPN app please follow the relevant setup guide below.
-
-- [WireGuard](/setup/ios-wireguard/)
-- [OpenVPN Connect](/setup/ios-openvpn-connect/)  
-- [IPSec with IKEv2](/setup/ios-ipsec-ikev2/)
diff --git a/src/content/es/pages/apps-linux-legacy.md b/src/content/es/pages/apps-linux-legacy.md
deleted file mode 100644
index 4c8fd487a..000000000
--- a/src/content/es/pages/apps-linux-legacy.md
+++ /dev/null
@@ -1,97 +0,0 @@
----
-title: IVPN for Linux - Open-source VPN app for Linux
-description: IVPN for Linux offers you comprehensive privacy leak protection with the IVPN firewall, automatic connection on insecure Wi-Fi and Multi-hop.
-h1: IVPN for Linux
-subtitle: In open beta - supports 64-bit Linux 3.10+
-url: /apps-linux-legacy/
-draft: true
-platform: linux
-layout: apps
-image: apps/linux-app
-releases: [
-    {
-        title: Base Package,
-        description: "Base package contains everything you need to connect to IVPN with command line interface. IVPN GUI app is provided as a separate package you can find below.",
-        cta: Download,
-        downloads: [
-            {
-                cta: Download .DEB file,
-                url: https://cdn.ivpn.net/releases/linux/2.12.8/ivpn_2.12.8_amd64.deb
-            },
-            {
-                cta: Download .RPM file,
-                url: https://cdn.ivpn.net/releases/linux/2.12.8/ivpn-2.12.8-1.x86_64.rpm
-            }
-        ],
-        github: https://github.com/ivpn/desktop-app-cli,
-        changelog: https://github.com/ivpn/desktop-app-cli/blob/master/CHANGELOG.md,
-        checksum: [
-            {
-                title: SHA256 .deb,
-                value: c2ff205408d7c3e4fe74310e9a19ea7617e68215986c01b499f329d7744ee83b
-            },
-            {
-                title: SHA256 .rpm,
-                value: bd7b7a16830013388f0f8712464fc1ed63d46f2fa3dc8704f5ba645df0e3ebc0
-            }
-        ]
-    },
-    {
-        title: IVPN GUI App,
-        description: "Please note: base package is required to be installed prior to installing GUI app.",
-        cta: Download,
-        downloads: [
-            {
-                cta: Download .DEB file,
-                url: https://cdn.ivpn.net/releases/linux/ui/3.2.0/ivpn-ui_3.2.0_amd64.deb
-            },
-            {
-                cta: Download .RPM file,
-                url: https://cdn.ivpn.net/releases/linux/ui/3.2.0/ivpn-ui-3.2.0-1.x86_64.rpm
-            },
-            {
-                cta: Download .AppImage file,
-                url: https://cdn.ivpn.net/releases/linux/ui/3.2.0/ivpn-ui-3.2.0.AppImage
-            }
-        ],
-        github: https://github.com/ivpn/desktop-app-cli,
-        changelog: https://github.com/ivpn/desktop-app-ui2/blob/master/CHANGELOG.md,
-        checksum: [
-            {
-                title: SHA256 .deb,
-                value: 2f1a33920ff6826be485c1d420083e2e2df45f220b903f8083bad5fea5940dab
-            },
-            {
-                title: SHA256 .rpm,
-                value: 6eaf4333be05c86a15f6eda442305484afef484214264dadc4005841c4866b00
-            },
-            {
-                title: SHA256 .AppImage,
-                value: 537ea33aab4dd375700387d4187663c1551172e600dc68b9e5832f851e503de3
-            }
-        ]
-    }
-]
----
-## Features
-
-- WireGuard or OpenVPN protocols.
-- GUI or CLI (command-line interface).
-- WireGuard privacy controls - Define automatic key and IP address rotation schedule.
-- AntiTracker that blocks ads, adware, malicious websites and data harvesting trackers.
-- Firewall / killswitch - Ability to configure as on-demand or always-on. Offers comprehensive protection against DNS, IPv6, disconnection and WebRTC leaks.
-- Ability to define trusted Wi-Fi networks and create rules for automatic VPN connection/disconnection.
-- Multi-hop VPN routes. Connect through multiple servers in separate jurisdictions for enhanced privacy.
-- Allow LAN traffic when connected to VPN.
-- Pause VPN for when disabling VPN connection temporarily is required.
-- Obfsproxy option to circumvent censorship.
-
-## Manual configuration
-
-If you prefer not to use the IVPN app please follow the relevant setup guide below.
-
-- [OpenVPN using NetworkManager Setup Guide](/setup/linux-netman/)  
-- [OpenVPN using terminal Setup Guide](/setup/linux-terminal/)  
-- [Linux IPSec with IKEv2 Setup Guide](/setup/linux-ipsec-with-ikev2/)  
-- [WireGuard using terminal Setup Guide](/setup/linux-wireguard/)  
-- [WireGuard using NetworkManager Setup Guide](/setup/linux-wireguard-netman/)  
diff --git a/src/content/es/pages/apps-linux.md b/src/content/es/pages/apps-linux.md
deleted file mode 100644
index 41ed521f4..000000000
--- a/src/content/es/pages/apps-linux.md
+++ /dev/null
@@ -1,266 +0,0 @@
----
-title: IVPN for Linux - Open-source VPN app for Linux
-description: IVPN for Linux offers you comprehensive privacy leak protection with the IVPN firewall, automatic connection on insecure Wi-Fi and Multi-hop.
-h1: IVPN for Linux
-subtitle: Supports 64-bit Linux 3.10+
-url: /apps-linux/
-platform: linux
-layout: apps-single
-imageLight: /images-static/uploads/apps/linux-app-3.3.7-light@2x.png
-imageDark: /images-static/uploads/apps/linux-app-3.3.7-dark@2x.png
-contents:
-- item:
-    title: Features
-    anchor: features
-- item:
-    title: Packages
-    anchor: packages
-- item:
-    title: Install from IVPN Repository
-    anchor: install
-    subitems:
-    - item:
-        title: Ubuntu
-        anchor: ubuntu
-    - item:
-        title: Debian
-        anchor: debian
-    - item:
-        title: Mint
-        anchor: mint
-    - item:
-        title: Fedora
-        anchor: fedora
-    - item:
-        title: CentOS
-        anchor: centos
-    - item:
-        title: Arch Linux
-        anchor: arch
-    - item:
-        title: Fedora Silverblue
-        anchor: silverblue
-- item:
-    title: Install from Binaries
-    anchor: binaries
-- item:
-    title: Install from Source Code
-    anchor: source
-- item:
-    title: Install the Snap
-    anchor: snap
-- item:
-    title: Useful Links
-    anchor: useful-links
----
-## Features {#features}
-
-* WireGuard or OpenVPN protocols.
-* GUI or CLI (command-line interface).
-* WireGuard privacy controls - Define automatic key and IP address rotation schedule.
-* AntiTracker that blocks ads, adware, malicious websites and data harvesting trackers.
-* Firewall / kill switch - Ability to configure as on-demand or always-on. Offers comprehensive protection against DNS, IPv6, disconnection and WebRTC leaks.
-* Ability to define trusted Wi-Fi networks and create rules for automatic VPN connection/disconnection.
-* Multi-hop VPN routes. Connect through multiple servers in separate jurisdictions for enhanced privacy.
-* Allow LAN traffic when connected to VPN.
-* Pause VPN for when disabling VPN connection temporarily is required.
-* Obfsproxy option to circumvent censorship.
-* Custom DNS servers, with DoH.
-* Split Tunnel to allow designated apps to bypass the VPN tunnel.
-
-## Packages {#packages}
-
-### Base Package  
-
-Base package contains everything you need to connect to IVPN with command line interface. IVPN GUI app is provided as a separate package you can find below.  
-[Changelog](https://github.com/ivpn/desktop-app/blob/master/CHANGELOG.md)  
-
-### IVPN GUI App  
-
-Please note: base package is required to be installed prior to installing GUI app.  
-[Changelog](https://github.com/ivpn/desktop-app/blob/master/CHANGELOG.md)  
-
-## Install from IVPN Repository {#install}
-
-### Ubuntu {#ubuntu}
-
-```pkgconfig
-# Add IVPN's GPG key
-curl -fsSL https://repo.ivpn.net/stable/ubuntu/generic.gpg | gpg --dearmor > ~/ivpn-archive-keyring.gpg
-
-sudo mv ~/ivpn-archive-keyring.gpg /usr/share/keyrings/ivpn-archive-keyring.gpg
-
-# Set Appropriate Permissions for GPG key
-sudo chown root:root /usr/share/keyrings/ivpn-archive-keyring.gpg && sudo chmod 644 /usr/share/keyrings/ivpn-archive-keyring.gpg
-
-# Add the IVPN repository
-curl -fsSL https://repo.ivpn.net/stable/ubuntu/generic.list | sudo tee /etc/apt/sources.list.d/ivpn.list
-
-# Set Appropriate Permissions for Repository
-sudo chown root:root /etc/apt/sources.list.d/ivpn.list && sudo chmod 644 /etc/apt/sources.list.d/ivpn.list
-
-# Update APT repo info
-sudo apt update
-
-# To install IVPN software (CLI and UI)
-sudo apt install ivpn-ui
-
-# To install only IVPN CLI
-sudo apt install ivpn
-```
-
-### Debian {#debian}
-
-```pkgconfig
-# Add IVPN's GPG key
-curl -fsSL https://repo.ivpn.net/stable/debian/generic.gpg | gpg --dearmor > ~/ivpn-archive-keyring.gpg
-
-sudo mv ~/ivpn-archive-keyring.gpg /usr/share/keyrings/ivpn-archive-keyring.gpg
-
-# Set Appropriate Permissions for GPG key
-sudo chown root:root /usr/share/keyrings/ivpn-archive-keyring.gpg && sudo chmod 644 /usr/share/keyrings/ivpn-archive-keyring.gpg
-
-# Add the IVPN repository
-curl -fsSL https://repo.ivpn.net/stable/debian/generic.list | sudo tee /etc/apt/sources.list.d/ivpn.list
-
-# Set Appropriate Permissions for Repository
-sudo chown root:root /etc/apt/sources.list.d/ivpn.list && sudo chmod 644 /etc/apt/sources.list.d/ivpn.list
-
-# Update APT repo info
-sudo apt update
-
-# To install IVPN software (CLI and UI)
-sudo apt install ivpn-ui
-
-# To install only IVPN CLI
-sudo apt install ivpn
-```
-
-### Mint {#mint}
-
-```pkgconfig
-# Add IVPN's GPG key
-curl -fsSL https://repo.ivpn.net/stable/mint/generic.gpg | gpg --dearmor > ~/ivpn-archive-keyring.gpg
-
-sudo mv ~/ivpn-archive-keyring.gpg /usr/share/keyrings/ivpn-archive-keyring.gpg
-
-# Set Appropriate Permissions for GPG key
-sudo chown root:root /usr/share/keyrings/ivpn-archive-keyring.gpg && sudo chmod 644 /usr/share/keyrings/ivpn-archive-keyring.gpg
-
-# Add the IVPN repository
-curl -fsSL https://repo.ivpn.net/stable/mint/generic.list | sudo tee /etc/apt/sources.list.d/ivpn.list
-
-# Set Appropriate Permissions for Repository
-sudo chown root:root /etc/apt/sources.list.d/ivpn.list && sudo chmod 644 /etc/apt/sources.list.d/ivpn.list
-
-# Update APT repo info
-sudo apt update
-
-# To install IVPN software (CLI and UI)
-sudo apt install ivpn-ui
-
-# To install only IVPN CLI
-sudo apt install ivpn
-```
-
-### Fedora {#fedora}
-
-```pkgconfig
-# Add the IVPN repository
-sudo dnf config-manager --add-repo https://repo.ivpn.net/stable/fedora/generic/ivpn.repo
-
-# To install IVPN software (CLI and UI)
-sudo dnf install ivpn-ui
-
-# To install only IVPN CLI
-sudo dnf install ivpn
-```
-
-### CentOS {#centos}
-
-```pkgconfig
-# Install Yum-utils
-sudo yum install yum-utils
-
-# Add the IVPN repository
-sudo yum-config-manager --add-repo https://repo.ivpn.net/stable/centos/generic/ivpn.repo
-
-# To install IVPN software (CLI and UI)
-sudo yum install ivpn-ui
-
-# To install only IVPN CLI
-sudo yum install ivpn
-
-# Required for CentOS 8
-sudo yum install libXScrnSaver
-```
-
-### Arch Linux {#arch}
-
-AUR - ArchLinux User Repository. Can be used by distributions based on ArchLinux: (e.g. ArchLinux, Manjaro ...)
-
-Base package: [ivpn](https://aur.archlinux.org/packages/ivpn/)  
-UI package: [ivpn-ui](https://aur.archlinux.org/packages/ivpn-ui/)  
-
-Using a AUR helper/Pacman wrapper  automates the installation process:
-
-```pkgconfig
-yay -S ivpn
-yay -S ivpn-ui
-```
-
-Note: Other AUR helper/Pacman wrapper utilities are available.
-
-### Fedora Silverblue {#silverblue}
-
-IVPN client can be installed on [Fedora Silverblue](/knowledgebase/linux/fedora-silverblue/).
-
-## Install from Binaries {#binaries}
-
-### .DEB
-
-[Base package](https://repo.ivpn.net/stable/pool/ivpn_3.14.2_amd64.deb)  
-SHA256: 12d1005eeb92c5b35bf83b9df51317ec4ac08efc6fbb7ab01e962250f23b891d  
-
-[UI package](https://repo.ivpn.net/stable/pool/ivpn-ui_3.14.2_amd64.deb)  
-SHA256: f64cd84b4e0ce252f0c066977d180b953c55f2b485cf7a5437b1e4c7af1959f7  
-
-### .RPM
-
-[Base package](https://repo.ivpn.net/stable/pool/ivpn-3.14.2-1.x86_64.rpm)  
-SHA256: 45dba6b5a281646bde6b6651661092024aafc0165268e3245fb515dabb866996  
-
-[UI package](https://repo.ivpn.net/stable/pool/ivpn-ui-3.14.2-1.x86_64.rpm)  
-SHA256: 0b3602497cf599060e44b0912923f3a5bc2f9325c8d34856bc7ef2eb019bb6ee  
-
-## Install from Source Code {#source}
-
-[Daemon + CLI](https://github.com/ivpn/desktop-app#compilation_linux_daemon)  
-[UI](https://github.com/ivpn/desktop-app#compilation_linux_ui)  
-
-## Install the Snap {#snap}
-
-Get the IVPN App from the [Snap Store](https://snapcraft.io/ivpn) by typing `sudo snap install ivpn`.  
-
-<p>
-    <a href="https://snapcraft.io/ivpn">
-        <img class="features__image--light" src="/images-static/uploads/snap-store-white@2x.png" alt="Get it from the Snap Store" width="182">
-        <img class="features__image--dark" src="/images-static/uploads/snap-store-black@2x.png" alt="Get it from the Snap Store"  width="182">
-    </a>
-</p>
-
-### Snap Notes:
-
-* The [snapd](https://snapcraft.io/docs/installing-snapd) daemon is required.
-* Uninstall prior versions (DEB, RPM, etc.) of the IVPN App before switching to the snap release channel and vice versa.
-* The **Split Tunnel** feature is not available due to strong restrictions of the snap environment.
-
-## Useful Links {#useful-links}
-
-If you prefer not to use the IVPN app please follow the relevant setup guide below.
-
-* [WireGuard using terminal](/setup/linux-wireguard/)
-* [WireGuard using NetworkManager](/setup/linux-wireguard-netman/)
-* [OpenVPN using terminal](/setup/linux-terminal/)
-* [OpenVPN using NetworkManager](/setup/linux-netman/)
-* [IPSec with IKEv2](/setup/linux-ipsec-with-ikev2/)
diff --git a/src/content/es/pages/apps-macos.md b/src/content/es/pages/apps-macos.md
deleted file mode 100644
index e74d0b287..000000000
--- a/src/content/es/pages/apps-macos.md
+++ /dev/null
@@ -1,63 +0,0 @@
----
-title: IVPN for macOS - Open-source VPN app for your Mac
-description: IVPN for macOS offers you comprehensive privacy leak protection with the IVPN firewall, automatic connection on insecure Wi-Fi and Multi-hop.
-h1: IVPN for macOS
-subtitle: Supports macOS 10.14+
-url: /apps-macos/
-platform: macos
-layout: apps
-image: apps/macos-app
-releases: [{
-    cta: Download,
-    downloads: [
-        {
-            cta: Intel,
-            url: "https://repo.ivpn.net/macos/bin/IVPN-3.14.12.dmg"
-        },
-        {
-            cta: Apple Silicon,
-            url: https://repo.ivpn.net/macos/bin/IVPN-3.14.12-arm64.dmg
-        }
-    ],
-    github: https://github.com/ivpn/desktop-app,
-    changelog: https://github.com/ivpn/desktop-app/blob/master/CHANGELOG.md,
-    checksum: [
-        {
-            title: SHA256 Intel,
-            value: 802426e0ab7eacd1bb2b9da39eb31d59cf3c0d250073b77692449a4d9ec77dbe
-        },
-        {
-            title: SHA256 Apple Silicon,
-            value: eb41d2049ae30518b940eafc439043d527729070dea6b8df0165923055b64949
-        }
-    ]
-}]
----
-## Features
-
-- Supports WireGuard or OpenVPN protocols.
-- Supports GUI or CLI (command-line interface).
-- WireGuard privacy controls - Define automatic key and IP address rotation schedule.
-- AntiTracker that blocks ads, adware, malicious websites and data harvesting trackers.
-- Firewall / killswitch - Ability to configure as on-demand or always-on. Offers comprehensive protection against DNS, IPv6, disconnection and WebRTC leaks.
-- Ability to define trusted Wi-Fi networks and create rules for automatic VPN connection/disconnection.
-- Multi-hop VPN routes. Connect through multiple servers in separate jurisdictions for enhanced privacy.
-- Allow LAN traffic when connected to VPN.
-- Pause VPN for when disabling VPN connection temporarily is required.
-- Obfsproxy option to circumvent censorship.
-- Custom DNS servers, with DoH.
-- Auto-update.
-- Auto-connect on launch / on joining insecure Wi-Fi.
-
-## Manual configuration
-
-If you prefer not to use the IVPN app please follow the relevant setup guide below.
-
-- [WireGuard](/setup/macos-wireguard/)
-- [Tunnelblick (OpenVPN)](/setup/macos-openvpn-tunnelblick/)  
-- [IPSec with IKEv2](/setup/macos-ipsec-with-ikev2/)   
-
-## Download legacy version
-
-Download [IVPN-2.12.17.dmg](https://cdn.ivpn.net/releases/osx/IVPN-2.12.17.dmg)  
-SHA256: 0fd09967482f53c801dc55eaf23a88ad341da37f58d70d9c9e24c2e5aeb36c22  
diff --git a/src/content/es/pages/apps-windows.md b/src/content/es/pages/apps-windows.md
deleted file mode 100644
index 18c1a3e81..000000000
--- a/src/content/es/pages/apps-windows.md
+++ /dev/null
@@ -1,55 +0,0 @@
----
-title: IVPN for Windows - Open-source VPN app for your Windows PC
-description: IVPN for Windows offers you comprehensive privacy leak protection with the IVPN firewall, automatic connection on insecure Wi-Fi and Multi-hop.
-h1: IVPN for Windows
-subtitle: Supports Windows 10 / 11 (64-bit)
-url: /apps-windows/
-platform: windows
-layout: apps
-image: apps/windows-app-3.3.7
-releases: [{
-    cta: Download,
-    download: https://repo.ivpn.net/windows/bin/IVPN-Client-v3.14.2.exe,
-    github: https://github.com/ivpn/desktop-app,
-    changelog: https://github.com/ivpn/desktop-app/blob/master/CHANGELOG.md,
-    checksum: [
-        {
-            title: SHA256,
-            value: 78e363c6405134ab4424650f2d0435c5a2f4120fcd1b0d4ce062fcd3f6dc471a
-        }
-    ]
-}]
----
-## Features
-
-- WireGuard or OpenVPN protocols.
-- GUI or CLI (command-line interface).
-- WireGuard privacy controls - Define automatic key and IP address rotation schedule.
-- AntiTracker that blocks ads, adware, malicious websites and data harvesting trackers.
-- Firewall / killswitch - Ability to configure as on-demand or always-on. Offers comprehensive protection against DNS, IPv6, disconnection and WebRTC leaks.
-- Ability to define trusted Wi-Fi networks and create rules for automatic VPN connection/disconnection.
-- Multi-hop VPN routes. Connect through multiple servers in separate jurisdictions for enhanced privacy.
-- Allow LAN traffic when connected to VPN.
-- Pause VPN for when disabling VPN connection temporarily is required.
-- Obfsproxy option to circumvent censorship.
-- Custom DNS servers, with DoH.
-- Split tunneling.
-- Auto-update.
-- Auto-connect on launch / on joining insecure Wi-Fi.
-
-## Manual configuration
-
-If you prefer not to use the IVPN app please follow the relevant setup guide below.
-
-- [WireGuard (Windows 10)](/setup/windows-10-wireguard/)  
-- [OpenVPN GUI (Windows 10)](/setup/windows-10-openvpn-community/)
-- [OpenVPN GUI (Windows 8)](/setup/windows-8-openvpn-community/)
-- [IPSec with IKEv2 (Windows 10)](/setup/windows-10-ipsec-with-ikev2/)
-
-## Download legacy versions
-
-[IVPN-Client-v3.12.0.exe](https://repo.ivpn.net/windows/bin/IVPN-Client-v3.12.0.exe)  
-SHA256: 2425f3e339eeb8bb8ac11734b2db918083eea6d2cd9172109e0748b2fcd62f19  
-
-[IVPN-Client-v2.12.17.exe](https://cdn.ivpn.net/releases/win/IVPN-Client-v2.12.17.exe)  
-SHA256: 7dce2cd90a2828f308c5c9063776d05af6074d974c57ee69a7ea79030640149a  
diff --git a/src/content/es/pages/apps.md b/src/content/es/pages/apps.md
deleted file mode 100644
index 89e4156be..000000000
--- a/src/content/es/pages/apps.md
+++ /dev/null
@@ -1,7 +0,0 @@
----
-title: IVPN Apps - Open-source VPN apps for every device
-description: IVPN offers you open-source VPN apps for all your devices including comprehensive leak protection, automatic connection on insecure Wi-Fi and Multi-hop.
-url: /apps/
-layout: apps-redirect
----
-## Please select your OS
diff --git a/src/content/es/pages/contactus.md b/src/content/es/pages/contactus.md
deleted file mode 100644
index 99cafab25..000000000
--- a/src/content/es/pages/contactus.md
+++ /dev/null
@@ -1,20 +0,0 @@
----
-title: Contact IVPN
-h1: Contact us
-intro: Amet minim mollit non deserunt ullamco est sit aliqua dolor do amet sint. Velit officia consequat duis enim velit mollit. Exercitation veniam consequat sunt nostrud amet.
-url: /contactus/
----
-# Contact us
-
-Send an email and we'll normally reply within a few hours (in some rare cases up to 24 hours).
-
-Should your message contain any sensitive data you may encrypt your email using  the PGP key below.
-
-<p markdown="1">
-    <a href="mailto:support@ivpn.net" class="cta cta--is-blue">Support</a>
-    <a href="mailto:press@ivpn.net" class="cta cta--is-blue">Press inquiries</a>
-    <br>
-    <a href="/resources/support@ivpn.net(938BFC14).asc" class="cta ">Download PGP key</a>
-    <br>
-    <br>
-</p>
diff --git a/src/content/es/pages/ethics.md b/src/content/es/pages/ethics.md
deleted file mode 100644
index b561a59d4..000000000
--- a/src/content/es/pages/ethics.md
+++ /dev/null
@@ -1,113 +0,0 @@
----
-title: Ethical guidelines for privacy protection | IVPN
-description: Learn about the privacy-first ethical direction we follow. We explain how we approach transparency and how/what we communicate to new customers.
-url: /ethics/
-sections:
-  - type: text_one_narrow_column
-    content: >-
-      # Ethical Guidelines
-
-      We consider the effects of our choices with regarding to running our service. We follow a privacy-first mindset that goes beyond the basics.
-
-
-      Every decision matters: how and what we communicate to new customers, what information we collect and what tools we use to improve our service.
-
-      We believe in leading by example, and commit to the following:
-      
-      #### No personal information
-
-      We aim for zero user information collected as defined in our concise [privacy policy](https://www.ivpn.net/privacy). We don’t ask for your email address or any other personal information.
-
-      #### No trackers
-
-      Trackers by ad companies and social networks monitor your actions and aid in profiling you. You won’t find them on ivpn.net - we are a tracking free provider.
-
-      #### No third-party tools
-
-      Tools like Google Analytics collect personally identifiable information. We use software hosted only on IVPN controlled servers to ensure your privacy.
-
-      #### No secrets
-
-      IVPN’s [ownership, company structure and team](https://www.ivpn.net/team/) is public, so you know who is responsible for protecting your privacy.
-
-      #### No false promises
-
-      Some services try to convince everyone to get a VPN and become anonymous online. We don't advertise benefits that are not attainable by using a VPN.
-
-      #### Openness and accountability 
-
-      Our applications are open source and available for review on our [GitHub page](https://github.com/ivpn). We commission regular [audits](https://www.ivpn.net/blog/tags/audit/) to back up our claims. 
-      
-  - type: text_one_narrow_column
-    content: >-
-      ## How we don’t do marketing
-      
-      We are committed to spreading the word about IVPN’s mission and help more people protect their privacy.  Considering the state of modern marketing, this is a challenging task.
-
-
-      We consider most marketing methods harmful, and refuse to engage in them. The following list represents all tactics we have considered and either rejected or eliminated over the years.
-      
-      #### Paid reviews
-
-      We have closed down our affiliate program to protest against the practice of paid reviews and misleading recommendations by “best VPN” websites.
-      
-      #### Surveillance ads
-
-      Surveillance ads use personal information and behavioral data for personal targeting and retargeting purposes. We reject Facebook, Google and all forms of programmatic advertising.
-
-      #### Dark patterns
-      
-      We shun fake reviews, made up social proofs, countdown timers, expiring deals, exit consoles and tricks that make it hard to cancel our service.
-
-      #### Fear, uncertainty and doubt
-
-      Pushing subscriptions with scare tactics is common in the VPN industry. We won’t claim that everyone without a VPN is under grave threat.
-
-      #### Buying endorsements
-
-      We believe influencers and YouTube creators with no information security expertise should not endorse VPN services in exchange for payment.
-
-      #### Spam
-    
-      We shun spam on social media and buying email lists of prospective customers, two marketing tactics frequently used by VPN providers.
-      
-  - type: text_one_narrow_column
-    content: >-
-      ## How we attract new customers
-
-      Our mission supersedes making profit and we reinvest most of our revenue into improving our service and educational projects. Yet IVPN is a business and we are working on attracting new customers, while keeping our values and commitments in mind.
-      
-      <table>
-        <tr>
-          <th><h3 style="margin:0">Method</h3></th>
-          <th style="width:35%"><h3 style="margin:0">Examples</h3></th> 
-        </tr>
-        <tr>
-          <td><strong>Improving our service</strong> <br>Consistent improvements to our service lead to customers recommend us to others.</td>
-          <td>WireGuard support<br>Linux CLI and GUI<br>IPv6 support</td> 
-        </tr>
-        <tr>
-          <td><strong>Educational projects</strong><br>We allocate time and resources to projects that spread information about privacy and trustworthy VPNs.</td>
-          <td><a href="https://www.ivpn.net/privacy-guides/">IVPN Privacy Guides</a><br><a href="https://www.ivpn.net/blog/categories/industry-insights/">Educational blog posts</a><br><a href="https://www.doineedavpn.com">Do I need a VPN?</a><br><a href="https://theprivacyissue.com">The Privacy Issue</a></td> 
-        </tr>
-        <tr>
-          <td><strong>Community and social channels</strong><br>We share information about our progress in dedicated IVPN communities.</td>
-          <td><a href="https://mastodon.social/@ivpn">Mastodon</a><br><a href="https://www.reddit.com/r/ivpn">Reddit</a><br><a href="https://twitter.com/ivpnnet">Twitter</a></td> 
-        </tr>
-        <tr>
-          <td><strong>Journalists and reviewer cooperation</strong><br>We share progress updates and demo accounts with journalists and ethical VPN reviewers. No compensation is offered.</td>
-          <td><a href="https://arstechnica.com/gadgets/2018/12/testing-wireguard-with-an-early-adopter-vpn-service/">Ars Technica</a><br><a href="https://themarkup.org/the-breakdown/2021/08/12/how-private-is-my-vpn">The Markup</a><br>Techlore<br>Privacy Guides</td> 
-        </tr>
-        <tr>
-          <td><strong>Sponsorships</strong><br>We sponsor non-profit organisations and development projects that focus on privacy.</td>
-          <td><a href="https://www.eff.org">EFF</a><br><a href="https://www.torproject.org">Tor Project</a><br><a href="https://www.wireguard.com">WireGuard</a></td> 
-        </tr>
-          <tr>
-          <td><strong>Supporting privacy educators</strong><br>We financially support ethical content creators, who possess the necessary background to evaluate and endorse VPNs.</td>
-          <td><a href="https://optoutpod.com">Seth For Privacy</a><br><a href="https://www.thenewoil.org">The New Oil</a><br><a href="https://www.monerotalk.live">Monero Talk</a></td> 
-        </tr>
-      </table>
-
-      If you have made it all the way to the end, and agree with our values, please consider sharing this page. That can help us stay within these defined boundaries and prove that growing a business is possible without resorting to unethical tools.  
-
----
diff --git a/src/content/es/pages/headless.md b/src/content/es/pages/headless.md
deleted file mode 100644
index df5f2de49..000000000
--- a/src/content/es/pages/headless.md
+++ /dev/null
@@ -1,5 +0,0 @@
----
-url: /account/headless/
-layout: application
-hideHeaders: true
----
diff --git a/src/content/es/pages/home.md b/src/content/es/pages/home.md
index 76ae7c7a2..62cf5cf66 100644
--- a/src/content/es/pages/home.md
+++ b/src/content/es/pages/home.md
@@ -2,6 +2,8 @@
 title: VPN para privacidad y seguridad | IVPN | Resiste la vigilancia en línea
 description: Servicio VPN de código abierto, auditado, con WireGuard, killswitch y bloqueador de rastreadores. Sin registros, sin falsas promesas. Inscripción anónima con garantía de reembolso de 30 días.
 url: /es/
+params:
+  translated: true
 isMenuCta: false
 hasSeperator: false
 sections:
@@ -47,7 +49,7 @@ sections:
           la privacidad como la EFF, Open Rights Group y el proyecto Tor.
       - name: Transparencia
         description: Nuestro modelo de negocio se basa exclusivamente en suscripciones de pago. No
-          poseemeos ningún otro servicio VPN ni páginas de reseñas de VPN. Revisa [el equipo](/team/)
+          poseemeos ningún otro servicio VPN ni páginas de reseñas de VPN. Revisa [el equipo](team/)
           que dirige IVPN y la propiedad de la empresa.
   - type: heading_text_one_column
     content: "## Funciones"
diff --git a/src/content/es/pages/knowledgebase/android/_index.md b/src/content/es/pages/knowledgebase/android/_index.md
deleted file mode 100644
index 6db1b7794..000000000
--- a/src/content/es/pages/knowledgebase/android/_index.md
+++ /dev/null
@@ -1,7 +0,0 @@
----
-title: Android - IVPN Help
-url: /knowledgebase/android/
-section: android
-layout: help
----
-## Android
diff --git a/src/content/es/pages/knowledgebase/android/developer-options-on-the-android-phone.md b/src/content/es/pages/knowledgebase/android/developer-options-on-the-android-phone.md
deleted file mode 100644
index 5430e1c23..000000000
--- a/src/content/es/pages/knowledgebase/android/developer-options-on-the-android-phone.md
+++ /dev/null
@@ -1,34 +0,0 @@
----
-title: Developer Options on the Android phone - IVPN Help
-h1: Developer Options on the Android phone
-url: /knowledgebase/android/developer-options-on-the-android-phone/
-sections:
-    - android
-sectionTitle: Android
-layout: help-details
-weight: 60
----
-# Developer Options on the Android phone
-
-The Settings app on Android includes a screen called Developer options that lets you configure system behaviors that help you profile and debug your app performance. Despite the name, they contain some settings that can be useful to an ordinary user.
-
-### Enable developer options
-
-On Android 4.1 and lower, the Developer options screen is available by default. On Android 4.2 and higher, you must enable this screen. To enable developer options, tap the Build Number option 7 times. You can find this option in one of the following locations, depending on your Android version:
-
-* Android 9 (API level 28) and higher: **Settings > About Phone > Build Number**
-* Android 8.0.0 (API level 26) and Android 8.1.0 (API level 26): **Settings > System > About Phone > Build Number**
-* Android 7.1 (API level 25) and lower: **Settings > About Phone > Build Number**
-
-At the top of the Developer options screen, you can toggle the options on and off. 
-
-<figure class="center">
-    <img width="390px" src="/images-static/uploads/developer-options-on-the-android-phone-1.png"> 
-</figure>
-
-### Device and Operating system specifics
-
-The steps above will work in most cases. But sometimes they can differ.
-
-For example, for some Samsung devices you may need to tap "Software information", then tap "Build number" seven times.  
-[https://www.samsung.com/uk/support/mobile-devices/how-do-i-turn-on-the-developer-options-menu-on-my-samsung-galaxy-device/](https://www.samsung.com/uk/support/mobile-devices/how-do-i-turn-on-the-developer-options-menu-on-my-samsung-galaxy-device/)  
diff --git a/src/content/es/pages/knowledgebase/android/error 424 public key not found.md b/src/content/es/pages/knowledgebase/android/error 424 public key not found.md
deleted file mode 100644
index b15053f35..000000000
--- a/src/content/es/pages/knowledgebase/android/error 424 public key not found.md	
+++ /dev/null
@@ -1,19 +0,0 @@
----
-title: Error 424 public key not found - IVPN Help
-h1: Error 424 public key not found
-url: /knowledgebase/android/error-424-public-key-not-found/
-sections:
-    - android
-sectionTitle: Android
-layout: help-details
-weight: 20
----
-# Error 424 public key not found
-
-Try logging out from the IVPN app and back in to force the app to resync with our WireGuard key management servers - this may resolve the issue with generating WireGuard keys.
-
-You can also try regenerating WireGuard keys manually. In the IVPN app, navigate to `Settings` - `VPN protocol`, select `WireGuard`, tap on the `WireGuard details` -> `Re-generate keys`.
-
-To additionally rule out any software-related issues with the app, try clearing its cache in your phone's Settings - Applications area, then uninstall the app, restart your device and install it back.
-
-In case the issue persists, high chances are that your current network is blocking the calls to our key management servers. If nothing from the above works, you may try connecting from a different, less-restrictive network or try connecting to our OpenVPN servers instead.
\ No newline at end of file
diff --git a/src/content/es/pages/knowledgebase/android/ivpn-doesnandsharp039t-start-on-boot.md b/src/content/es/pages/knowledgebase/android/ivpn-doesnandsharp039t-start-on-boot.md
deleted file mode 100644
index 4fb7fb5fc..000000000
--- a/src/content/es/pages/knowledgebase/android/ivpn-doesnandsharp039t-start-on-boot.md
+++ /dev/null
@@ -1,17 +0,0 @@
----
-title: IVPN doesn't start on boot - IVPN Help
-h1: IVPN doesn't start on boot
-url: /knowledgebase/android/ivpn-doesnandsharp039t-start-on-boot/
-sections:
-    - android
-sectionTitle: Android
-layout: help-details
-weight: 50
----
-# IVPN doesn't start on boot
-
-If the IVPN app does not start up automatically when your device boots up, check the following, please:
-
-1. Make sure that you have the latest version of IVPN app installed on your device.
-2. On your device, navigate to `Settings` - `Battery` - `Battery Optimisation` and verify that **Automatic optimisation** for IVPN app is **Disabled**.
-3. Some vendors, e.g. Xiaomi, might require you to provide additional permission to allow app Autostart on boot. Navigate to `Settings` - `Permissions` - `Autostart` and tap on the switch next to the IVPN app icon to have it enabled.
diff --git a/src/content/es/pages/knowledgebase/android/mock-location-option.md b/src/content/es/pages/knowledgebase/android/mock-location-option.md
deleted file mode 100644
index 24d786619..000000000
--- a/src/content/es/pages/knowledgebase/android/mock-location-option.md
+++ /dev/null
@@ -1,35 +0,0 @@
----
-title: Mock Location Option - IVPN Help
-h1: Mock Location Option
-url: /knowledgebase/android/mock-location-option/
-sections:
-    - android
-sectionTitle: Android
-layout: help-details
-weight: 70
----
-# Mock Location Option
-
-Most Android devices have a built-in feature that helps you spoof your location with the ‘Mock location’ option. This feature is designed for developers, so to take advantage of it you need to enable Developer Options. We have prepared a [guide](/knowledgebase/android/developer-options-on-the-android-phone/) to do that - we suggest starting here. 
-
-When you select IVPN as a mock location app you enable fake location information to be relayed to the GPS network and your phone network operator. The mock location will match the gateway location you connected to.
-
-### Enable Mock Location
-
-To use this feature, go to **Settings > System > Advanced > Developer Options** and choose **Select mock location app** option in the **Debugging**.
-
-<figure class="center">
-    <img width="390px" src="/images-static/uploads/mock-location-option-1.png"> 
-</figure>
-
-Now choose the IVPN app on the next opened screen.
-
-<figure class="center">
-    <img width="390px" src="/images-static/uploads/mock-location-option-2.png"> 
-</figure>
-
-The alternative way to find **Select mock location app** option is to search for this option in your device's settings - just like in the screenshot below.
-
-<figure class="center">
-    <img width="390px" src="/images-static/uploads/mock-location-option-3.png"> 
-</figure>
diff --git a/src/content/es/pages/knowledgebase/android/unable-to-click-andsharp039okandsharp039-on-the-connection-request-prompt-why.md b/src/content/es/pages/knowledgebase/android/unable-to-click-andsharp039okandsharp039-on-the-connection-request-prompt-why.md
deleted file mode 100644
index 15dca5ce2..000000000
--- a/src/content/es/pages/knowledgebase/android/unable-to-click-andsharp039okandsharp039-on-the-connection-request-prompt-why.md
+++ /dev/null
@@ -1,19 +0,0 @@
----
-title: Unable to click 'OK' on the connection request prompt, why? - IVPN Help
-h1: Unable to click 'OK' on the connection request prompt, why?
-url: /knowledgebase/android/unable-to-click-andsharp039okandsharp039-on-the-connection-request-prompt-why/
-sections:
-    - android
-sectionTitle: Android
-layout: help-details
-weight: 30
----
-# Unable to click 'OK' on the connection request prompt, why?
-
-When you run the IVPN client for the first time, rebooted your device or used another VPN application prior to IVPN, you might be seeing a 'Connection request' prompt asking you to allow or cancel setting up a VPN connection.
-
-![](/images-static/uploads/android-connection-request.png)
-
-If you are unable to click OK or check the "I trust this application" checkbox, there might be another app on top of the dialogue. Among the apps that can cause this issue are Lux Brightness, Night Mode, and Twilight.
-
-To avoid this problem, close all apps running in the background and try clicking 'OK' once again.
diff --git a/src/content/es/pages/knowledgebase/android/what-permissions-does-your-app-require-and-why.md b/src/content/es/pages/knowledgebase/android/what-permissions-does-your-app-require-and-why.md
deleted file mode 100644
index 23f8d50aa..000000000
--- a/src/content/es/pages/knowledgebase/android/what-permissions-does-your-app-require-and-why.md
+++ /dev/null
@@ -1,23 +0,0 @@
----
-title: What permissions does your app require and why? - IVPN Help
-h1: What permissions does your app require and why?
-url: /knowledgebase/android/what-permissions-does-your-app-require-and-why?/
-sections:
-    - android
-sectionTitle: Android
-layout: help-details
-weight: 10
----
-# What permissions does your app require and why?
-
-Our app can ask for Location, Camera and Storage permissions.
-
-**Location** permission is required for our 'Network Protection' feature to work. It needs to have the list of your device's known WiFi SSID names as well as the type and the name of the network you are currently connected to. This allows you to set and manage the 'Trust' status for these networks and allow the app to trigger the actions based on the rules you have defined.
-
-The prompt asking for this permission will only appear when you enable the 'Network Protection' feature. If you don't plan to use the said feature, you can have the granted earlier permission removed.
-
-Our app has no other need for your location other than to provide the SSID name.
-
-**Storage** access permission is required for our app to generate the log file and attach it to your mail application if you have 'Enable logging' option enabled and would like to send us diagnostic logs to troubleshoot a certain issue.
-
-Access to your phone’s **Camera** is needed to scan the QR code with your IVPN username for a seamless authentication experience.
\ No newline at end of file
diff --git a/src/content/es/pages/knowledgebase/billing/_index.md b/src/content/es/pages/knowledgebase/billing/_index.md
deleted file mode 100644
index b1934aefe..000000000
--- a/src/content/es/pages/knowledgebase/billing/_index.md
+++ /dev/null
@@ -1,7 +0,0 @@
----
-title: Billing - IVPN Help
-url: /knowledgebase/billing/
-section: billing
-layout: help
----
-## Billing
diff --git a/src/content/es/pages/knowledgebase/billing/does-ivpn-offer-a-free-trial.md b/src/content/es/pages/knowledgebase/billing/does-ivpn-offer-a-free-trial.md
deleted file mode 100644
index 2d93c7c30..000000000
--- a/src/content/es/pages/knowledgebase/billing/does-ivpn-offer-a-free-trial.md
+++ /dev/null
@@ -1,14 +0,0 @@
----
-title: Does IVPN offer a free trial? - IVPN Help
-h1: Does IVPN offer a free trial?
-url: /knowledgebase/billing/does-ivpn-offer-a-free-trial/
-sections:
-    - billing
-    - general
-sectionTitle: Billing
-layout: help-details
-weight: 11
----
-# Does IVPN offer a free trial?
-
-We do not have a free trial option. We offer an affordable one week paid plan which can be used to test our service out. With our [30-day money-back guarantee](/refunds/), you can [sign up](/pricing/) and try IVPN with no risks.
diff --git a/src/content/es/pages/knowledgebase/billing/how-can-i-cancel-my-ivpn-subscription.md b/src/content/es/pages/knowledgebase/billing/how-can-i-cancel-my-ivpn-subscription.md
deleted file mode 100644
index 8b612231f..000000000
--- a/src/content/es/pages/knowledgebase/billing/how-can-i-cancel-my-ivpn-subscription.md
+++ /dev/null
@@ -1,17 +0,0 @@
----
-title: How can I cancel my IVPN subscription? - IVPN Help
-h1: How can I cancel my IVPN subscription?
-url: /knowledgebase/billing/how-can-i-cancel-my-ivpn-subscription/
-sections:
-    - billing
-sectionTitle: Billing
-layout: help-details
-weight: 30
----
-# How can I cancel my IVPN subscription?
-
-1. Login to the [Client area](/account/login/#id).
-
-2. Navigate to `Billing Settings`.
-
-3. Uncheck `Recurring payments`.
diff --git a/src/content/es/pages/knowledgebase/billing/how-can-i-delete-my-ivpn-account.md b/src/content/es/pages/knowledgebase/billing/how-can-i-delete-my-ivpn-account.md
deleted file mode 100644
index 6a0368c34..000000000
--- a/src/content/es/pages/knowledgebase/billing/how-can-i-delete-my-ivpn-account.md
+++ /dev/null
@@ -1,21 +0,0 @@
----
-title: How can I delete my IVPN account? - IVPN Help
-h1: How can I delete my IVPN account?
-url: /knowledgebase/billing/how-can-i-delete-my-ivpn-account/
-sections:
-    - billing
-sectionTitle: Billing
-layout: help-details
-weight: 120
----
-# How can I delete my IVPN account?
-
-We respect your privacy and understand the importance of being able to have full control over your personal information. You can permanently delete your account and purge our database of any related information.
-
-**Note: This process is irreversible.**
-
-To delete your IVPN account with an Account ID like `i-XXXX-XXXX-XXXX`, log into the [Account Area](/account/login/#id), navigate to `Account settings` area, click on the `Delete account` button, and confirm the action. 
-
-To delete your IVPN account with an Account ID like `ivpnXXXXXXXX`, log into the [Account Area](/account/login/#email), click the `Delete Account` link on the left, and confirm the action.  An active IVPN account of this format cannot be deleted.  [Contact us](/contactus/) to have your account set to an **inactive** status.
-
-Deleting an account before requesting a refund may delay the refund process, so please consider waiting until after the refund is processed to delete your account.
diff --git a/src/content/es/pages/knowledgebase/billing/how-can-i-pay-with-cash.md b/src/content/es/pages/knowledgebase/billing/how-can-i-pay-with-cash.md
deleted file mode 100644
index 5dff52009..000000000
--- a/src/content/es/pages/knowledgebase/billing/how-can-i-pay-with-cash.md
+++ /dev/null
@@ -1,25 +0,0 @@
----
-title: How can I pay with cash? - IVPN Help
-h1: How can I pay with cash?
-url: /knowledgebase/billing/how-can-i-pay-with-cash/
-sections:
-    - billing
-sectionTitle: Billing
-layout: help-details
-weight: 20
----
-# How can I pay with cash?
-
-<div markdown="1" class="notice notice--info">
-Due to the manual processing required we accept cash payments only for 1, 2, or 3 years. Cash payments are not refundable.
-</div>
-
-1. [Sign up](/pricing/) for a new account. 
-
-2. On the checkout page, select 1 year or longer and click on the `Cash` button.
-
-3. After you click the `Cash` button you will be redirected to a page with instructions on how and where to send the cash.
-
-If you would like to add more time to an existing account, login to the [Client Area](/account/login/), click on the `Billing Settings` -> `Extend your account`, select 1 year or longer and click on the `Cash` button to checkout.
-
-Letters are forwarded from the address from step 3 above to our receiving and billing teams.  It can take anywhere from one to four weeks for the payment to be received and processed.
diff --git a/src/content/es/pages/knowledgebase/billing/how-can-i-reactivate-my-account.md b/src/content/es/pages/knowledgebase/billing/how-can-i-reactivate-my-account.md
deleted file mode 100644
index 3ffe2a96a..000000000
--- a/src/content/es/pages/knowledgebase/billing/how-can-i-reactivate-my-account.md
+++ /dev/null
@@ -1,17 +0,0 @@
----
-title: How can I reactivate my account? - IVPN Help
-h1: How can I reactivate my account?
-url: /knowledgebase/billing/how-can-i-reactivate-my-account/
-sections:
-    - billing
-sectionTitle: Billing
-layout: help-details
-weight: 110
----
-# How can I reactivate my account?
-
-For IVPN Account IDs like **i-XXXX-XXXX-XXXX**, log into the [Account Area](/account/login/#id), click the `Add More Time` link, then make a payment.
-
-For IVPN Account IDs like **ivpnXXXXXXXX**, log into the [Account Area](/account/login/#email), click the blue `Renew` button, then complete the checkout page to make a payment.
-
-If your IVPN account has been inactive for 3 months it will be automatically deleted from our systems. If you have discovered that your old IVPN account has been deleted, you can generate a new one [here](/pricing/).
diff --git a/src/content/es/pages/knowledgebase/billing/i-paid-with-bitcoin-but-the-invoice-is-still-unpaid-why.md b/src/content/es/pages/knowledgebase/billing/i-paid-with-bitcoin-but-the-invoice-is-still-unpaid-why.md
deleted file mode 100644
index f20eb4601..000000000
--- a/src/content/es/pages/knowledgebase/billing/i-paid-with-bitcoin-but-the-invoice-is-still-unpaid-why.md
+++ /dev/null
@@ -1,17 +0,0 @@
----
-title: I paid with Bitcoin but the invoice is still unpaid. Why? - IVPN Help
-h1: I paid with Bitcoin but the invoice is still unpaid. Why?
-url: /knowledgebase/billing/i-paid-with-bitcoin-but-the-invoice-is-still-unpaid-why/
-sections:
-    - billing
-sectionTitle: Billing
-layout: help-details
-weight: 70
----
-# I paid with Bitcoin but the invoice is still unpaid. Why?
-
-BTCPay invoices are only valid for 60 minutes due to exchange rate volatility. If a payment is received more than 60 minutes after the invoice is generated, we will need to manually process the payment.
-
-In other cases, a payment may take a long time to confirm.  Our BTCPay server watches an invoice for 24 hours.  If a payment is confirmed after that, manual processing is required.
-
-In both cases, to expedite the invoice completion process, please send our [billing department](/contactus/) the Bitcoin transaction ID/hash.
diff --git a/src/content/es/pages/knowledgebase/billing/i-paid-with-paypal-but-my-account-is-still-pending-why.md b/src/content/es/pages/knowledgebase/billing/i-paid-with-paypal-but-my-account-is-still-pending-why.md
deleted file mode 100644
index 78ae955f5..000000000
--- a/src/content/es/pages/knowledgebase/billing/i-paid-with-paypal-but-my-account-is-still-pending-why.md
+++ /dev/null
@@ -1,13 +0,0 @@
----
-title: I paid with PayPal but my account is still pending. Why? - IVPN Help
-h1: I paid with PayPal but my account is still pending. Why?
-url: /knowledgebase/billing/i-paid-with-paypal-but-my-account-is-still-pending-why/
-sections:
-    - billing
-sectionTitle: Billing
-layout: help-details
-weight: 60
----
-# I paid with PayPal but my account is still pending. Why?
-
-Accounts are activated automatically after payment has been received from the payment processor. This requires that PayPal sends a message to our servers indicating that the payment was successful. In very rare circumstances this message between servers can fail. However, it's more likely that you have sent an [e-check payment](https://www.paypal.com/us/webapps/helpcenter/helphub/article/?solutionId=FAQ1082) (a payment made from your bank account) which won't clear for a few days (unlike a credit/debit card which is instant). If this is the case please be patient until PayPal processes the payment.
diff --git a/src/content/es/pages/knowledgebase/billing/paid-with-paypal-using-echeck-but-ivpn-account-is-still-in-pendingorsuspended-state-why.md b/src/content/es/pages/knowledgebase/billing/paid-with-paypal-using-echeck-but-ivpn-account-is-still-in-pendingorsuspended-state-why.md
deleted file mode 100644
index f87ce8dd0..000000000
--- a/src/content/es/pages/knowledgebase/billing/paid-with-paypal-using-echeck-but-ivpn-account-is-still-in-pendingorsuspended-state-why.md
+++ /dev/null
@@ -1,17 +0,0 @@
----
-title: Paid with PayPal using eCheck but IVPN account is still in Pending/Suspended state. Why? - IVPN Help
-h1: Paid with PayPal using eCheck but IVPN account is still in Pending/Suspended state. Why?
-url: /knowledgebase/billing/paid-with-paypal-using-echeck-but-ivpn-account-is-still-in-pendingorsuspended-state-why/
-sections:
-    - billing
-sectionTitle: Billing
-layout: help-details
-weight: 130
----
-# Paid with PayPal using eCheck but IVPN account is still in Pending/Suspended state. Why?
-
-Unfortunately, eChecks are not instant. They function the same as paper checks and can take up to 7 business days to clear. The name may appear to sound fast, however, the process is not.
-
-If your payment is still in a 'Pending' status that means we won't receive the funds until the transaction is cleared by PayPal. See more on the following [PayPal FAQ page](https://www.paypal.com/us/smarthelp/article/i-sent-an-echeck,-but-the-payment-is-pending.-why-faq572).
-
-For instant payments, consider using the bank card payment method. Please note, we do not accept American Express or Prepaid/Gift cards at this time.
diff --git a/src/content/es/pages/knowledgebase/billing/paypal-wonandsharp039t-let-me-pay-with-my-credit-card-can-you-help.md b/src/content/es/pages/knowledgebase/billing/paypal-wonandsharp039t-let-me-pay-with-my-credit-card-can-you-help.md
deleted file mode 100644
index 776a8c53a..000000000
--- a/src/content/es/pages/knowledgebase/billing/paypal-wonandsharp039t-let-me-pay-with-my-credit-card-can-you-help.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-title: PayPal won't let me pay with my credit card. Can you help? - IVPN Help
-h1: PayPal won't let me pay with my credit card. Can you help?
-url: /knowledgebase/billing/paypal-wonandsharp039t-let-me-pay-with-my-credit-card-can-you-help/
-sections:
-    - billing
-sectionTitle: Billing
-layout: help-details
-weight: 50
----
-# PayPal won't let me pay with my credit card. Can you help?
-
-Unfortunately, we do not have any control over how PayPal collects payments from customers. Our servers simply pass a request to PayPal to collect payment (this happens during the redirect to PayPal's website) and if payment is successful our servers are notified and the account is provisioned. As far as we know PayPal only accepts credit cards from non-PayPal customers based in the USA.
-
-If you are having problems paying with PayPal, you will need to contact PayPal to investigate the issue or try alternative payment methods available on the checkout page.
diff --git a/src/content/es/pages/knowledgebase/billing/voucher-cards-faq.md b/src/content/es/pages/knowledgebase/billing/voucher-cards-faq.md
deleted file mode 100644
index 22a513696..000000000
--- a/src/content/es/pages/knowledgebase/billing/voucher-cards-faq.md
+++ /dev/null
@@ -1,49 +0,0 @@
----
-title: Voucher cards FAQ - IVPN Help
-h1: Voucher cards FAQ
-url: /knowledgebase/billing/voucher-cards-faq/
-sections:
-    - billing
-sectionTitle: Billing
-layout: help-details
-weight: 10
----
-# Voucher cards FAQ
-
-<div markdown="1" class="notice notice--info">
-Voucher payment method is only available for accounts that were created after November 2020 (Account ID format: i-XXXX-XXXX-XXXX). If you wish to use vouchers and have an IVPN account created before this date (Account ID format: ivpnXXXXXXXX), contact our customer service to help you make the switch or generate a new account.
-</div>
-
-1. ### Where can I purchase an IVPN voucher?
-    Physical voucher cards are currently available on [Amazon US](https://amazon.com/dp/B0BL8FWDRL) and [ProxyStore DE](https://shop.proxysto.re/category/69). Digital vouchers can be purchased in the [ProxyStore Onlineshop](https://digitalgoods.proxysto.re/en). We plan to introduce it to other vendors and countries in the future.
-
-2. ### How do I redeem the voucher?
-    One physical voucher card can be redeemed for either 2 years of IVPN Standard or 1 year of IVPN Pro. It can be used for activating a newly generated account as well as extending the duration of an existing one.
-
-    #### New accounts:
-    - Select the preferred plan and generate your IVPN Account ID [here](/pricing/)
-    - Click on the `Add more time` - "Have a voucher code? `Redeem it here`" link
-    - Enter the voucher code and press `Add Time`
-
-    #### Existing accounts:
-    - Log into your [Client Area](/account/login#id)
-    - Click on the `Add more time` - "Have a voucher code? `Redeem it here`" link
-    - Enter the voucher code and press `Add Time`
-
-3. ### The voucher redeem page says the code is invalid or has already been used.
-    Reach out to our [support team](/contactus/) including the voucher code in your message and we will look into this.
-
-4. ### I have lost my Account ID. Can you help me recover it?
-    Send us a [message](/contactus/) including your voucher code and we will look up your Account ID.
-
-    <div markdown="1" class="notice notice--warning">
-    Please note: Voucher codes are stored in our system only for 30 days after use. Account recovery is not possible after this period.
-    </div>
-
-5. ### Can I get a refund for my voucher purchase?
-
-    Voucher purchases are non-refundable.
-
-6. ### There are shipping issues with my order / I received a damaged card
-
-    Unfortunately, we are unable to help with these types of issues. For assistance, please contact the vendor you have purchased the voucher from.
diff --git a/src/content/es/pages/knowledgebase/general/_index.md b/src/content/es/pages/knowledgebase/general/_index.md
deleted file mode 100644
index 856a68028..000000000
--- a/src/content/es/pages/knowledgebase/general/_index.md
+++ /dev/null
@@ -1,7 +0,0 @@
----
-title: General - IVPN Help
-url: /knowledgebase/general/
-section: general
-layout: help
----
-## General
diff --git a/src/content/es/pages/knowledgebase/general/answers-for-18-questions-to-ask-your-vpn-service-provider.md b/src/content/es/pages/knowledgebase/general/answers-for-18-questions-to-ask-your-vpn-service-provider.md
deleted file mode 100644
index 3d2e29d53..000000000
--- a/src/content/es/pages/knowledgebase/general/answers-for-18-questions-to-ask-your-vpn-service-provider.md
+++ /dev/null
@@ -1,62 +0,0 @@
----
-title: Answers for "18 Questions to ask your VPN Service provider" - IVPN Help
-h1: Answers for "18 Questions to ask your VPN Service provider"
-url: /knowledgebase/general/answers-for-18-questions-to-ask-your-vpn-service-provider/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 160
----
-# Answers for "18 Questions to ask your VPN Service provider"
-
-1.  #### Is there a monthly bandwidth-usage limit?
-    No, we do not record bandwidth used and therefore there is no limit.
-
-2.  #### Do you throttle connections that use excessive bandwidth?
-    No.
-
-3.  #### How many devices are allowed per account?
-    2 on the Standard and 7 on the Pro plan. See our [Pricing Page](/pricing/).
-
-4.  #### How many hops are there in your VPN connections?
-    We have a choice of both single and multi-hop connections. The Multi-hop feature is available in our Pro plan.
-
-5.  #### What type(s) of VPN encryption do you use? Why?
-    We use the highest AES-256 with 4096-bit RSA keys.
-
-6.  #### Do you support perfect forward secrecy? If so, how?
-    Yes, our OpenVPN servers are configured to automatically generate new encryption keys every hour. If an adversary was able to crack the encryption key, they would only be able to decrypt the traffic captures since the last key rotation.
-
-7.  #### Do you provide users with Diffie Hellman key files?
-    No, this is a server configuration.
-
-8.  #### How do you authenticate clients – certificates/keys, or usernames/passwords?
-    We issue a random Account ID to each customer to log in to our IVPN app and for OpenVPN connections. WireGuard uses a public and private key pair.
-
-9.  #### Do you employ HMAC-Based TLS Authentication? If so, why?
-    Yes, it mitigates DDOS and buffer overflow attacks on our servers.
-
-10. #### Do you ever email passwords to customers?
-    No.
-
-11. #### Does each customer have a unique client certificate and key?
-    No.
-
-12. #### Are your VPN gateway servers hosted, co-located or in-house?
-    We use dedicated hosted servers and co-located servers.
-
-13. #### Are any of your VPN gateway servers running on VPS or cloud servers?
-    No.
-
-14. #### How are your VPN gateway servers protected?
-    We build each server according to strict CIS benchmarks. This includes full disk encryption, fifo logs writing to tempfs, strict change control procedures etc. We reinstall the system from scratch when we take delivery of it. We use LUKS encryption such that it requires a password to be entered as part of the boot process.
-
-15. #### Where is user account information stored?
-    On a hardened database server that is not exposed to the general Internet.
-
-16. #### How is communication between servers secured?
-    OpenVPN using AES-256.
-
-17. #### Do you allow port forwarding by users?
-    No.
diff --git a/src/content/es/pages/knowledgebase/general/antitracker-faq.md b/src/content/es/pages/knowledgebase/general/antitracker-faq.md
deleted file mode 100644
index 30706cac7..000000000
--- a/src/content/es/pages/knowledgebase/general/antitracker-faq.md
+++ /dev/null
@@ -1,64 +0,0 @@
----
-title: AntiTracker FAQ - IVPN Help
-h1: AntiTracker FAQ
-url: /knowledgebase/general/antitracker-faq/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 200
----
-# AntiTracker FAQ
-
-1.  #### What is AntiTracker?
-
-    AntiTracker is a new IVPN feature that enables you to block trackers that collect various information about your browser activity (e.g. Google Analytics), known malicious websites, and ads. This, on par with the encryption IVPN provides, significantly increases your online privacy. 
-     
-    See our in-depth [blog post](/blog/block-ads-and-beat-data-surveillance-with-ivpns-antitracker/) for more info on the subject.
-
-2.  #### How does it work?
-    The AntiTracker feature uses a specially configured DNS server to block domains from a selection of continuously updated [block lists](/knowledgebase/general/antitracker-plus-lists-explained/).
-
-3.  #### How can I activate the AntiTracker?
-    - On desktop apps for **macOS**, **Windows**, and **Linux**, toggle the AntiTracker switch located below the IVPN Firewall switch on the right side of the app.  
-
-    - On mobile apps for **Android** and **iOS**, swipe up on the app's main window to toggle the AntiTracker switch.  
-
-    - To activate AntiTracker using our desktop apps' **CLI** interface, type `ivpn antitracker -on` in a Terminal or include it with the **connect** command, like `ivpn connect -antitracker se.gw.ivpn.net`  
-
-    <div markdown="1" class="notice notice--warning">
-    The AntiTracker does not work unless you are connected to an IVPN server.
-    </div>
-
-4.  #### Which VPN protocols does it work with?
-    AntiTracker is configured to work across all OpenVPN and WireGuard servers.
-
-5.  #### Can I use it together with my browser’s ads/tracking-blocking extension?
-    Yes. Do keep in mind though, when using other tracker-blocking extensions, e.g. Privacy Badger or Ghostery, along with our AntiTracker you might see that the webpage still loads and contains various trackers. This happens because the AntiTracker is not purging these trackers from the webpage but rather prevents them from relaying any gathered data in your browser, thus mitigating a leak.
-
-6.  #### On which devices can I use AntiTracker?
-    AntiTracker is available across all our [native apps](/apps/) for Windows, macOS, Linux, iOS, and Android.  
-
-    The AntiTracker can also be enabled on routers and other manual connections by specifying a [specific DNS IP address](/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers/).
-
-7.  #### What is “Hardcore Mode”?
-    Hardcore Mode extends the AntiTracker feature further by completely blocking all domains owned by the flagship bearers of the surveillance economy, Google and Facebook/Meta. 
-
-    Do not be surprised to discover that the majority of services linked to those corporations, starting from YouTube, Facebook, Instagram, and Gmail, and down to the widely used Google Search and services using their domains will not work once you switch to Hardcore Mode.
-
-8.  #### How do I activate the Hardcore Mode?
-    If you are mentally prepared to fully cut any ties with those companies, follow the steps below:
-
-    - On desktop apps for **macOS**, **Windows**, and **Linux**, click the `Settings` gear icon at the top of the app's main window, click the AntiTracker tab on the left, then check **Hardcore Mode**.  
-
-    - On mobile apps for **Android** and **iOS**, tap the `Settings` gear icon at the top of the screen, tap the `AntiTracker` menu, enable the `AntiTracker` (if it is not enabled already), then toggle **Hardcore Mode** on.
-
-    - If you are using our desktop apps' **CLI** interface, type `ivpn antitracker -on_hardcore` in a Terminal or include it with the **connect** command, like `ivpn connect -antitracker_hard fi.gw.ivpn.net`
-
-    - To enable the Hardcore Mode on routers and other manual connections, use one of the [specific DNS IP addresses](/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers/).
-
-9.  #### Are there limitations to Hardcore Mode?
-    Hardcore mode uses autonomous system numbers (ASN) to detect extra domains based on Facebook/Meta and Google IP addresses.  The IP addresses themselves are not blocked, but any domains associated with those addresses that are not already part of the AntiTracker's blocklist will be blocked.  As a result, if an app or service uses an IP address directly, like if it is hard-coded into an app, access to Facebook/Meta and Google services will be available. 
-
-    For example, WhatsApp (owned by Facebook/Meta) uses IP addresses directly and access to messages and services may be available when Hardcore Mode is active.  This is likely a feature to bypass network restrictions that try to block WhatsApp content.
-
diff --git a/src/content/es/pages/knowledgebase/general/antitracker-plus-lists-explained.md b/src/content/es/pages/knowledgebase/general/antitracker-plus-lists-explained.md
deleted file mode 100644
index b713509c8..000000000
--- a/src/content/es/pages/knowledgebase/general/antitracker-plus-lists-explained.md
+++ /dev/null
@@ -1,86 +0,0 @@
----
-title: AntiTracker Plus Lists Explained - IVPN Help
-h1: AntiTracker Plus Lists Explained
-url: /knowledgebase/general/antitracker-plus-lists-explained/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 10
----
-# AntiTracker Plus Lists Explained
-
-**AntiTracker Plus** extends IVPN's original advertising and tracker blocking system by providing three combinations of lists to choose from with the option to choose any one of seven individual lists.  The goal is to offer more control over what is blocked and not blocked.
-
-Adjust the current AntiTracker block list selection via the IVPN App's `Settings > AntiTracker` area.  For manual VPN connections, check this [article](/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers/) for details on DNS server IP addresses.
-
-<div markdown="1" class="notice notice--info">
-Note: Hardcore Mode remains optionally available with each AntiTracker Plus list option to block known Google and Facebook domains.
-</div>
-
-## List Sources
-
-* [1Hosts](https://o0.pages.dev/)
-* [AdGuard DNS Filter](https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt)
-* [Developer Dan / Lightswitch05](https://github.com/lightswitch05/hosts)
-* [EasyList](https://easylist.to/)
-* [HaGeZi](https://github.com/hagezi/dns-blocklists)
-* [OISD](https://oisd.nl/downloads)
-* [Steven Black hosts](https://github.com/StevenBlack/hosts)
-
-## List Combinations
-
-### Basic
-
-Offers a convenient level of blocking.  May offer access to services that rely on some level of tracking.  Includes:
-
-* **1Hosts Lite** - "balanced; set & forget, doesn't hamper user experience (UX)"
-* **AdGuard** - "default filter for AdGuard Home and for the public AdGuard DNS servers"
-* **EasyList + EasyPrivacy** - "EasyList is a popular list used by many ad blockers and forms the basis of over a dozen combination filter lists. EasyPrivacy is a supplementary filter list that removes all forms of tracking from the internet, including tracking scripts and information collectors."
-* **OISD Small** - "smaller, less comprehensive variant of the big list, which [focuses] mainly on Ads, (Mobile) App Ads"
-* **Steven Black Unified = Ads + Malware**
-
-<br />
-
-### Comprehensive
-
-Offers a moderate level of blocking.  Recommended as a reasonable balance between privacy and usability.  Includes:
-
-* **Basic** list sources from above
-* **1Hosts Pro** - "strict; has some minimal breakages, prioritizes privacy & safety (adblocking) over UX"
-* **Developer Dan Ads + Tracking** - "A programmatically expanded list of hosts used for advertisements and tracking"
-* **HaGeZi Multi Normal** - "All-round protection"
-* **OISD Big** - "The big list blocks: Ads, (Mobile) App Ads, Phishing, Malvertising, Malware, Spyware, Ransomware, CryptoJacking, Scam ... Telemetry/Analytics/Tracking (Where not needed for proper functionality)"
-
-<br />
-
-### Restrictive
-
-Offers an intense level of blocking.  Some online services may break.  Includes:
-
-* **Comprehensive** list sources from above
-* **1Hosts Xtra** - "extremly aggressive & restrictive"
-* **Developer Dan Aggressive Tracking** - "I do not recommend this list for most users. It is a very aggressive block list for tracking, geo-targeting, & ads. This list will likely break functionality, so do not use it unless you are willing to maintain your own whitelist."
-* **HaGeZi Multi Ultimate** - "Aggressive protection"
-
-<br />
-
-### Individual
-
-The option also exists to select a single list for blocking instead of the collections above:
-
-* **EasyList + EasyPrivacy** - "EasyList is a popular list used by many ad blockers and forms the basis of over a dozen combination filter lists. EasyPrivacy is a supplementary filter list that removes all forms of tracking from the internet, including tracking scripts and information collectors."
-* **OISD Big** - "The big list blocks: Ads, (Mobile) App Ads, Phishing, Malvertising, Malware, Spyware, Ransomware, CryptoJacking, Scam ... Telemetry/Analytics/Tracking (Where not needed for proper functionality)"
-* **Developer Dan Ads + Tracking** - "A programmatically expanded list of hosts used for advertisements and tracking"
-* **Steven Black Unified = Ads + Malware**
-* **1Hosts Xtra** - "extremly aggressive & restrictive"
-* **HaGeZi Multi Light** - "Cleans the Internet and protects your privacy! Blocks Ads, Tracking, Metrics, some Malware and Fake."
-* **HaGeZi Multi Pro** - "Cleans the Internet and protects your privacy! Blocks Ads, Affiliate, Tracking, Metrics, Telemetry, Phishing, Malware, Scam, Fake, Coins and other 'Crap'."
-* **HaGeZi Multi Pro++** - "Aggressive[ly] cleans the Internet and protects your privacy! Blocks Ads, Affiliate, Tracking, Metrics, Telemetry, Phishing, Malware, Scam, Fake, Coins and other 'Crap'."
-* **HaGeZi Multi Ultimate** - "It may contain false positive domains that limit functionality. Therefore it should only be used by experienced users."
-
-<br />
-
-#### List Licensing
-
-For AntiTracker Plus, we utilise various open-source blocklists, each owned and maintained by dedicated creators. We adhere to the provisions of their respective licenses.  To learn more about these licenses, please visit the individual project pages of the resources, linked above.
diff --git a/src/content/es/pages/knowledgebase/general/antivirus-detects-malware-in-the-ivpn-installer-why.md b/src/content/es/pages/knowledgebase/general/antivirus-detects-malware-in-the-ivpn-installer-why.md
deleted file mode 100644
index 9d898b819..000000000
--- a/src/content/es/pages/knowledgebase/general/antivirus-detects-malware-in-the-ivpn-installer-why.md
+++ /dev/null
@@ -1,67 +0,0 @@
----
-title: Antivirus detects malware in the IVPN installer, why? - IVPN Help
-h1: Antivirus detects malware in the IVPN installer, why?
-url: /knowledgebase/general/antivirus-detects-malware-in-the-ivpn-installer-why/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 600
----
-# Antivirus detects malware in the IVPN installer, why?
-
-False positive detections are common in the antivirus industry. They occur when a benign program is wrongfully flagged as malicious due to an overly broad detection signature or algorithm used in an antivirus product.
-
-As long as the installation file was downloaded from our [website](/apps/) you can rest assured it's 100% secure and should be added to your antivirus' exceptions list.
-
-### How to add IVPN installer to the exception list
-
-#### Avast
-
-1. Open the Avast Antivirus user interface and select `☰ Menu` ▸ `Settings`.
-
-2. Select the `General` tab, then scroll down and click the `Exclusions panel` to expand the section.
-
-3. Click on the `File paths` tab: specify the IVPN installer file location manually into the text box, or alternatively click `Browse...`, tick the relevant file, then click `OK`.
-
-For further information see the following [Avast](https://support.avast.com/en-us/article/Antivirus-scan-exclusions) article.
-
-#### Eset
-
-1. Open the Eset user interface and click `Setup` ▸ `Enter application preferences`.
-
-2. Click `General` ▸ `Setup` ▸ `Add`.
-
-3. Navigate to the IVPN installer file, select it from the file system tree and click `OK`.
-
-4. Save the changes and restart your computer.
-
-For further information see the following [Eset](https://support.eset.com/kb3258/) article.
-
-#### Norton
-
-1. In the Norton main window, click Settings.
-
-2. Click `Antivirus` ▸ `Scans and Risks` tab.
-
-3. Under Exclusions / Low Risks, In the Items to Exclude from Auto-Protect, SONAR and Download Intelligence Detection row, click `Configure`.
-
-4. In the window that appears, click `Add Files` & select the IVPN installer file.
-
-5. Click `Ok` & `Apply`.
-
-For further information see the following [Norton](https://support.norton.com/sp/en/us/home/current/solutions/v3672136_ns_retail_en_us) article.
-
-#### AVG
-
-1. Double-click the `AVG icon` on your desktop to open the program.
-
-2. Go to `Menu` ▸ `Settings` ▸ `Components` and click `Customize` next to File Shield.
-
-3. Select the `Exceptions` tab.
-
-4. Type the file or folder location manually into the text box or click `browse` and tick the relevant folder, then click `OK` to confirm.
-
-5. Click `Add`.
-
-For further information see the following [AVG](https://support.avg.com/SupportArticleView?l=en&urlName=How-to-exclude-file-folder-or-website-from-AVG-scanning&supportType=home) article.
diff --git a/src/content/es/pages/knowledgebase/general/can-i-access-hulu-or-netflix-or-bbc-iplayer-using-ivpn.md b/src/content/es/pages/knowledgebase/general/can-i-access-hulu-or-netflix-or-bbc-iplayer-using-ivpn.md
deleted file mode 100644
index 431916fb6..000000000
--- a/src/content/es/pages/knowledgebase/general/can-i-access-hulu-or-netflix-or-bbc-iplayer-using-ivpn.md
+++ /dev/null
@@ -1,28 +0,0 @@
----
-title: Can I access Hulu / Netflix / BBC iPlayer using IVPN? - IVPN Help
-h1: Can I access Hulu / Netflix / BBC iPlayer using IVPN?
-url: /knowledgebase/general/can-i-access-hulu-or-netflix-or-bbc-iplayer-using-ivpn/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 120
----
-# Can I access Hulu / Netflix / BBC iPlayer using IVPN?
-
-A VPN service can be used to not only protect your privacy but also to gain access to services not available in your current location, such as Hulu, Netflix, Amazon, BBC, Disney+ and so on.
-
-IVPN, however, is focused specifically on protecting the privacy of our customers and although many customers do use IVPN to access these services we make no guarantee about the availability of these services when connected to our network.
-
-<div markdown="1" class="notice notice--warning">
-Most streaming services are currently on an active campaign to block all VPN and Proxy connections. They are targeting massive amounts of IPv4 addresses at this time. Due to the exhaustion of the IPv4 space and strict registrar reporting requirements, it is quickly becoming impossible to get around this block.
-</div>
-
-In case you want to access your local streaming content while routing everything else via the VPN, this is achievable with our Split Tunnel feature by excluding the streaming application from the VPN tunnel. 
-
-The feature is currently available in our Windows and Android apps. 
-<div markdown="1" class="notice notice--info">
-Split Tunnel rules cannot be applied on apps installed from the Microsoft Store. As a workaround, Windows users can use Split Tunnel feature to exclude the web browser from the VPN and use it to watch the streaming content instead.
-</div>
-
-[Split Tunnel uses and limitations](/knowledgebase/general/split-tunnel-uses-and-limitations/)
diff --git a/src/content/es/pages/knowledgebase/general/command-line-client-faq.md b/src/content/es/pages/knowledgebase/general/command-line-client-faq.md
deleted file mode 100644
index 4908b6453..000000000
--- a/src/content/es/pages/knowledgebase/general/command-line-client-faq.md
+++ /dev/null
@@ -1,153 +0,0 @@
----
-title: Command Line Client FAQ - IVPN Help
-h1: Command Line Client FAQ
-url: /knowledgebase/general/command-line-client-faq/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 610
----
-# Command Line Client FAQ
-
-1.  ### How do I log in?
-    ```
-    ivpn login
-    ```
-    or
-    ```
-    ivpn login < IVPN Account ID >
-    ```
-    The IVPN Account ID is available via the [Client Area](/account/) or [sign up](/signup/) today.
-
-2.  ### How do I log out?
-    ```
-    ivpn logout
-    ```
-
-3.  ### How do I see available servers?
-    ```
-    ivpn servers
-    ivpn servers Paris
-    ivpn servers land
-    ivpn servers -country "United States"
-    ivpn servers -protocol ovpn
-    ivpn servers -protocol WireGuard
-    ```
-
-4.  ### How do I connect?
-    ```
-    ivpn connect -fastest
-    ivpn connect Tokyo
-    ivpn connect -country_code -any US
-    ivpn connect -protocol WireGuard -city London
-    ivpn connect nl.gw.ivpn.net
-    ```
-
-5.  ### How do I disconnect?
-    ```
-    ivpn disconnect
-    ```
-
-6.  ### How do I use the firewall?
-    ```
-    ivpn firewall -status
-    ivpn firewall -on
-    ivpn firewall -off
-    ivpn firewall -lan_allow
-    ivpn firewall -lan_block
-    ```
-
-7.  ### How do I manage WireGuard keys?
-    ```
-    ivpn wgkeys -status
-    ivpn wgkeys -regenerate
-    ivpn wgkeys -rotation_interval 2
-    ```
-    Check our [WireGuard FAQ](/knowledgebase/general/wireguard-faq/) for more information.
-
-8.  ### How do I use the AntiTracker?
-    ```
-    ivpn antitracker -on
-    ivpn antitracker -off
-    ivpn antitracker -on_hardcore
-    ```
-    Check our [AntiTracker FAQ](/knowledgebase/general/antitracker-faq/) for more information.
-
-9.  ### How do I use a custom DNS server?
-    ```
-    ivpn dns 1.1.1.1
-    ivpn dns -off
-    ```
-
-    <div markdown="1" class="notice notice--warning">
-    You cannot use Custom DNS together with AntiTracker as once the latter is enabled, it will override the IP address you have specified.
-    </div>
-
-10. ### How do I use a different protocol and port?
-    Different combinations are available for different VPN protocols.
-
-    - **OpenVPN**: UDP:53, UDP:80, UDP:443, UDP:1194, UDP:2049, UDP:2050, TCP:80, TCP:443, TCP:1443
-    - **WireGuard**: UDP:53, UDP:80, UDP:443, UDP:1194, UDP:2049, UDP:2050, UDP:30587, UDP:41893, UDP:48574, UDP:58237
-
-    ```
-    ivpn connect -protocol OpenVPN -port TCP:443 de.gw.ivpn.net
-    ivpn connect -protocol WireGuard -port UDP:53 sg.wg.ivpn.net
-    ```
-
-    TCP and UDP offer different connection benefits. Check [this article](/knowledgebase/general/tcp-and-udp-connections/) for more details.
-
-11. ### How do I Multi-hop entering in Brazil and exiting in Canada?
-
-    ```
-    ivpn connect -exit_svr ca.gw.ivpn.net br.gw.ivpn.net
-    ```
-
-    <div markdown="1" class="notice notice--warning">
-    Entry and exit servers must be in different countries.
-    </div>
-
-    Multi-hop is available with IVPN Pro plans. [Upgrade](/signup/) today.
-
-12. ### How do I enable obfsproxy?
-
-    ```
-    ivpn -o connect es.gw.ivpn.net
-    ```
-    or
-    ```
-    ivpn -obfsproxy connect es.gw.ivpn.net
-    ```
-
-13. ### How do I manage logs?
-
-    ```
-    ivpn logs -show
-    ivpn logs -on
-    ivpn logs -off
-    ```
-
-    Logs are stored:  
-    - **Linux**: `/opt/ivpn/log/IVPN_Agent.log`
-
-14. ### How do I check my account status?
-
-    ```
-    ivpn account
-    ```
-
-15. ### How do I get help?
-
-    ```
-    ivpn -h
-    ivpn -h -full
-    ivpn connect -h
-    ivpn servers -h
-    ivpn firewall -h
-    ivpn wgkeys -h
-    ivpn dns -h
-    ivpn antitracker -h
-    ivpn logs -h
-    ```
-
-[Contact](/contactus/) our support department 24/7 with any questions.
diff --git a/src/content/es/pages/knowledgebase/general/configuring-the-ivpn-app-to-autoconnect.md b/src/content/es/pages/knowledgebase/general/configuring-the-ivpn-app-to-autoconnect.md
deleted file mode 100644
index e398f1ea6..000000000
--- a/src/content/es/pages/knowledgebase/general/configuring-the-ivpn-app-to-autoconnect.md
+++ /dev/null
@@ -1,29 +0,0 @@
----
-title: Configuring the IVPN app to autoconnect - IVPN Help
-h1: Configuring the IVPN app to autoconnect
-url: /knowledgebase/general/configuring-the-ivpn-app-to-autoconnect/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 12
----
-# Configuring the IVPN app to autoconnect
-
-IVPN desktop apps can be configured to autoconnect when the application is started or as soon as the IVPN daemon/service is started.
-
-The last option can be especially useful to those who prefer to control the app via CLI/terminal commands and have their system connected to the VPN server as quickly as possible, during the system boot up or when the user is logged into the system (depends on the OS).
-
-The basic autoconnect functionality can be enabled in the app’s `Settings` - `General` area by having both `Launch at login` and `Autoconnect on launch` options checked.
-
-By additionally enabling the `Allow background daemon to manage autoconnect` option, the connection to the VPN server will be established as soon as the IVPN app’s daemon is started:
-
-* Linux: during system boot up
-* macOS: user is logged into the system
-* Windows: during system boot up (on Cold Startup) or user session is started
- 
-This option can also be enabled via the following CLI/terminal command:
-```
-ivpn autoconnect -on_launch on
-```
-The same logic is applied when using the Wi-Fi Control feature (Trusted Networks) together with the `Allow background daemon to apply WiFi Control settings` option enabled.
diff --git a/src/content/es/pages/knowledgebase/general/custom-dns.md b/src/content/es/pages/knowledgebase/general/custom-dns.md
deleted file mode 100644
index 43f8a1603..000000000
--- a/src/content/es/pages/knowledgebase/general/custom-dns.md
+++ /dev/null
@@ -1,54 +0,0 @@
----
-title: Custom DNS - IVPN Help
-h1: Custom DNS
-url: /knowledgebase/general/custom-dns/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 560
----
-# Custom DNS
-
-IVPN apps are configured to automatically apply our internal [zero-logging](https://www.ivpn.net/blog/ivpn-no-logging-claim-verified-by-independent-audit) DNS IP address every time you connect to the VPN server to mitigate DNS leaks on your system.
-
-We understand that in some cases, one can benefit more from using a custom DNS server. No matter the reason you need to use one, with IVPN apps, you can have it customized in just a few steps. 
-
-DNS requests made to public DNS servers will first pass through the VPN tunnel, so there is still a level of privacy and security in place when using a Custom DNS server.
-
-### Windows, macOS, and Linux
-
-<div markdown="1" class="notice notice--info">
-Supported address types: IPv4, DNS-over-HTTPS
-</div>
-
-- **GUI:** Access the `Settings` area by tapping on the “gear” icon and navigate to the `DNS` tab.  Check the `Use Custom DNS` box and enter the preferred IPv4 address or the DNS-over-HTTPS URI string plus that DoH provider's corresponding IPv4 address.
-
-- **Command Line:** Open a Terminal window and run, e.g.: `ivpn dns 1.1.1.1` or `ivpn dns -doh https://cloudflare-dns.com/dns-query 1.1.1.1`. Type `ivpn dns -off` to revert back to using IVPN DNS.
-
-### iOS
-
-<div markdown="1" class="notice notice--info">
-Supported address types: IPv4, DNS-over-HTTPS, DNS-over-TLS
-</div>
-
-Custom DNS in the IVPN app for iOS can be configured and used when the VPN is connected or disconnected. 
-- In the IVPN app, navigate to `Settings` and enter the preferred IPv4 or DoH/DoT address in the `Custom DNS for VPN` or/and `Disconnected Custom DNS` areas.
-
-### Android
-
-<div markdown="1" class="notice notice--info">
-Supported address types: IPv4. DNS-over-TLS via Android native Private DNS feature
-</div>
-
-- Access the `Settings` area by tapping on the “gear” icon and navigate to `Custom DNS`. Toggle the `Use Custom DNS` switch on and enter the preferred IPv4-based IP address.
-
-- DNS-over-TLS can be set using the Android OS native Private DNS feature. On your device, navigate to `Settings` - `More connections` - `Private DNS`. Select `Configure Private DNS` and enter the preferred DoT address.
-
-### Current limitations
-
-- Custom DNS works only with OpenVPN and WireGuard VPN protocols
-
-- Custom DNS cannot be used together with AntiTracker as the latter will override the entries specified in the Custom DNS field
-
-- IPv6-based IP addresses are not yet supported
diff --git a/src/content/es/pages/knowledgebase/general/device-management-faq.md b/src/content/es/pages/knowledgebase/general/device-management-faq.md
deleted file mode 100644
index 3828c5ae2..000000000
--- a/src/content/es/pages/knowledgebase/general/device-management-faq.md
+++ /dev/null
@@ -1,70 +0,0 @@
----
-title: Device Management FAQ - IVPN Help
-h1: Device Management FAQ
-url: /knowledgebase/general/device-management-faq/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 199
----
-# Device Management FAQ
-
-### What is Device Management?
-
-Device Management is an opt-in (disabled by default) feature that allows you to see the number and the list of devices that are currently added to your IVPN account (logged in to the IVPN app) and log specific or all devices out directly from the Account area on our website.
-
-### What information do you store for Device Management?
-
-When Device management is enabled, entries in the temporary record table used for limiting the number of connected devices are appended by an additional field that specifies the Device name. The device names are defined and assigned by IVPN and are not unique, therefore cannot be used to identify your account in case an adversary was able to gain access to this data. For this specific reason, we have made it impossible to set unique device names or identifiers. Please, see our [Privacy Policy](/privacy/) for more details.
-
-### How can I enable Device Management?
-
-<div markdown="1" class="notice notice--info">
-Device Management is only available for accounts that were created after November 2020 (account ID format: i-XXXX-XXXX-XXXX). If you have an IVPN subscription created before this date (account ID format: ivpnXXXXXXXX) and wish to make use of the feature, contact our customer service to help you make the switch.
-</div>
-
-To enable the feature, log in to the [Account](/account/login#id) area - `Device Management` tab and click on the `Enable device management` button.
-
-![](/images-static/uploads/device-management-1.png)
-
-### How does the device naming assignment work?
-
-Once enabled, the feature makes use of predefined phrases below (first two on IVPN Standard and all seven on IVPN Pro plan) that are assigned to existing and new devices in a specific order:
-
-```
-Silent Circuit
-Infinite Cipher
-Shadow Grid
-Galactic Wave
-Cosmic Helix
-Zenith Core
-Onyx Eclipse
-```
-
-Following the list order above, the first device that is logged in to the IVPN app will be named “**Silent Circuit**”, the second “**Infinite Cipher**” up until adding the seventh device assigned as “**Onyx Eclipse**”.
-
-Devices that were already logged in to the IVPN app prior to the activation of Device Management will be assigned the names in the order you have authenticated them in the past, e.g. the very first device you have logged in to the IVPN app on will be named “**Silent Circuit**”, the second “**Infinite Cipher**” and so on.
-
-We recommend storing these device identifiers and the device pairs safely, e.g. in open-source password managers with strong encryption, so you can easily identify and remove devices when you don’t have access to them. For extra security, you can [enable 2FA](/knowledgebase/general/do-you-offer-two-factor-authentication/) for both Account area and IVPN apps authentication.
-
-### Where can I find my device name?
-
-The assigned device name is located in the IVPN app `Settings` - `Account` area (head-with-shoulders icon on the top-left corner of the app's main window on iOS and Android).
-
-<img src="/images-static/uploads/device-management-2.png" hight="50%" width="50%"/><br></br>
-
-It can also be retrieved using the `ivpn account` CLI/terminal command on your desktop systems.
-
-### How can I delete (log out) my devices?
-
-- In your [Account](/account/login#id) area - `Device Management` tab, locate the required device and click on the `Delete` button. Use the `Log out from all devices` button to log all of your devices out and reset the device counter to zero.
-
-![](/images-static/uploads/device-management-3.png)
-
-- In the IVPN app on your device, navigate to the `Settings` - `Account` area and click on the `Log out` button or use the option to “Log out from all devices”. This option becomes available when you attempt to log in to the app and the device limit has already been reached.
-
-- Log out from all devices by using the `ivpn login -force` CLI/terminal command on your desktop systems.
-
-- Request log out from all devices by reaching out to our [support team](/contactus/).
-
diff --git a/src/content/es/pages/knowledgebase/general/do-you-allow-p2p-or-bittorrent-or-torrents-downloading.md b/src/content/es/pages/knowledgebase/general/do-you-allow-p2p-or-bittorrent-or-torrents-downloading.md
deleted file mode 100644
index 73a7dfa62..000000000
--- a/src/content/es/pages/knowledgebase/general/do-you-allow-p2p-or-bittorrent-or-torrents-downloading.md
+++ /dev/null
@@ -1,13 +0,0 @@
----
-title: Do you allow P2P / BitTorrent / torrents downloading? - IVPN Help
-h1: Do you allow P2P / BitTorrent / torrents downloading?
-url: /knowledgebase/general/do-you-allow-p2p-or-bittorrent-or-torrents-downloading/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 20
----
-# Do you allow P2P / BitTorrent / torrents downloading?
-
-We do not restrict the use of any protocols, however, our upstream providers in the USA have threatened to disconnect our servers on multiple occasions as a result of the high number of DMCA notices we receive. **We kindly request that customers avoid USA based servers for P2P (including USA exit servers on Multi-hop)**.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-allow-smtp-email-whilst-connected-to-ivpn.md b/src/content/es/pages/knowledgebase/general/do-you-allow-smtp-email-whilst-connected-to-ivpn.md
deleted file mode 100644
index 445b146bc..000000000
--- a/src/content/es/pages/knowledgebase/general/do-you-allow-smtp-email-whilst-connected-to-ivpn.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-title: Do you allow SMTP (email) whilst connected to IVPN? - IVPN Help
-h1: Do you allow SMTP (email) whilst connected to IVPN?
-url: /knowledgebase/general/do-you-allow-smtp-email-whilst-connected-to-ivpn/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 310
----
-# Do you allow SMTP (email) whilst connected to IVPN?
-
-We do not allow SMTP port 25 traffic to be sent through our servers. As this opens up the possibility to spam millions of people from behind our VPN servers, we have decided to block SMTP port 25 as a way to keep the reputation of our IP addresses in a cleaner state.
-
-To send email while connected to our VPN servers, consider using a secure email connection. When email is sent over a secure connection, there may be a higher level of trust and the email may be accepted by the email service provider. Port 25 is the default outgoing email port, but this offers no security.  Ports available for secure SMTP are 465 and 587, which include SSL or TLS. Check your email provider's support documentation for details about which ports are available for secure outgoing messages.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-have-advanced-privacy-guides.md b/src/content/es/pages/knowledgebase/general/do-you-have-advanced-privacy-guides.md
deleted file mode 100644
index b56c38205..000000000
--- a/src/content/es/pages/knowledgebase/general/do-you-have-advanced-privacy-guides.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-title: Do you have advanced privacy guides? - IVPN Help
-h1: Do you have advanced privacy guides?
-url: /knowledgebase/general/do-you-have-advanced-privacy-guides/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 500
----
-# Do you have advanced privacy guides?
-
-IVPN offers both introductory and advanced privacy guides. These guides cover much more than just VPN services and are a great resource for those looking to setup more sophisticated security configurations or get a deeper understanding of how privacy protection tools can be used to enhance your privacy.
-
-Visit our [Privacy Guides](/privacy-guides/) section.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-have-an-affiliate-program.md b/src/content/es/pages/knowledgebase/general/do-you-have-an-affiliate-program.md
deleted file mode 100644
index 7a827320e..000000000
--- a/src/content/es/pages/knowledgebase/general/do-you-have-an-affiliate-program.md
+++ /dev/null
@@ -1,13 +0,0 @@
----
-title: Do you have an affiliate program? - IVPN Help
-h1: Do you have an affiliate program?
-url: /knowledgebase/general/do-you-have-an-affiliate-program/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 360
----
-# Do you have an affiliate program?
-
-No, the previous IVPN affiliate program has been closed and details for this closure can be found on our [Blog](/blog/). If you were previously a member of the IVPN affiliate program and have any questions please contact affiliates@ivpn.net.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall.md b/src/content/es/pages/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall.md
deleted file mode 100644
index fbfc09fe9..000000000
--- a/src/content/es/pages/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall.md
+++ /dev/null
@@ -1,74 +0,0 @@
----
-title: Do you offer a kill switch or VPN firewall? - IVPN Help
-h1: Do you offer a kill switch or VPN firewall?
-url: /knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 150
----
-# Do you offer a kill switch or VPN firewall?
-
-Yes, the IVPN apps on Windows, macOS, Linux, and iOS 15 have an integrated firewall that offers the 'kill switch' solution ensuring your privacy is protected in every possible scenario. If you are interested in knowing more about our kill switch please continue reading.
-
-An Internet kill switch is a mechanism to prevent data from leaking outside of the VPN tunnel when the tunnel fails for any reason. Traditionally the kill switch software will monitor the Internet connection of the computer on which it is running and either block all traffic or disconnect the network connection if it detects that the VPN has failed.
-
-IVPN has implemented a secure and robust mechanism called the IVPN firewall. Once enabled the IVPN Firewall integrates deep into the operating system (using Microsoft’s own WFP API on Windows, `pf` on macOS, and `iptables` on Linux) and filters all network packets. The Firewall is independent of the IVPN client, so even if a component of the IVPN Client crashes filtering will continue uninterrupted. The IVPN Firewall can be configured to switch on automatically during a VPN connection, or you can enable it manually when you need it. You can also set the 'always-on' IVPN Firewall to protect the system all the time, even before the OS is booted. This will ensure that no traffic will bypass the VPN tunnel even during the boot-up phase.
-
-Many events could cause the network to be reconfigured suddenly and without notice which could expose your personal IP address. For example:
-
-- Disconnection from or connection to Wi-Fi or wired network.
-- Weak Wi-Fi signal which causes Wi-Fi to reconnect.
-- Awaking from Sleep and/or Hibernation states.
-- Network errors that force the network adapter to reset.
-- Third-party security software that reconfigures the routing table for its own needs.
-- Reboot or configuration change of the network router you are connected to.
-- Static route addition by the DHCP server.
-- … and many others.
-
-A traditional kill switch solution needs to react to all of these events and do so fast enough that not a single packet is leaked before the connection is blocked/disconnected. The IVPN Firewall completely eliminates these threats by only allowing traffic through the VPN tunnel. Everything else is blocked.
-
-### Boot time protection
-
-Native and third-party services can use your internet connection even before the system is fully booted. Any application installed on your system has the opportunity to connect to a server on the Internet and to exchange data long before you are able to connect to a VPN. However, the IVPN Firewall can be configured to protect your system all the time, ensuring that no traffic will leak outside the VPN tunnel even when the IVPN Client, its service, or even the operating system is not fully booted. Such traffic will just be filtered out until everything finishes loading, and the connection with the VPN is established. When using a traditional kill switch, it is only effective once the operating system starts the application.
-
-### IPv6
-
-As IPv6 becomes more popular, more and more ISPs and Wi-Fi hotspots around the world allocate an IPv6 subnetwork for their clients along with an IPv4 address.
-
-According to the Google IPv6 adoption statistics, 14.5% of all US traffic is IPv6. Some countries, such as Belgium, have an adoption rate exceeding 30%.
-
-It is important to understand that when IPv6 is enabled on the network you are connected to it will take precedence over IPv4 for all of the connections to hosts with IPv6 support.
-
-This IPv6 traffic will most likely silently bypass your VPN tunnel.
-
-As a result, if you have no control over the configuration of the router you are connected to (e.g. a public Wi-Fi hotspot), or when the default configuration of your router is set to announce any IPv6 network your ISP has allocated to you and you haven’t disabled IPv6 in your OS (which is enabled by default), you may find that you have IPv6 support which is a major potential threat to your privacy.
-
-When the IVPN Firewall is enabled it is impossible for any IPv6 traffic to leak outside of the VPN tunnel, giving you absolute peace of mind.
-
-### DNS
-
-When you connect using our native apps your system's DNS is replaced with IVPN's DNS servers. This is done to ensure that neither your ISP nor anyone else can eavesdrop on what websites you visit.
-
-However, some 3rd-party applications or web browsers are configured to use their own DNS. When using such apps, your system's DNS is generally ignored, essentially causing a DNS leak. 
-
-The IVPN Firewall adds rules to your system to block all DNS queries that are sent to a non-IVPN DNS server making any DNS leaks impossible.
-
-### WebRTC
-
-WebRTC (Web Real-Time Communication) is an API drafted by the W3C that supports browser-to-browser applications for voice calling, video chat, and P2P file sharing (without the need of either internal or external plugins). WebRTC implements STUN (Session Traversal Utilities for NAT), a protocol that allows the discovery of your externally assigned IP address (to facilitate the applications above).
-
-In some cases, the request to the STUN server may leak outside of the VPN and expose your ISP-issued IP address. However, if you are using our kill switch, then these leaks will be blocked.
-
-### Software stability and crashes
-
-All software has bugs and may crash for a variety of reasons. For example, out-of-memory errors will crash practically any foreground application.
-
-Software designed for security must fail-safe in the event of a crash, fully maintaining the security of the host system.
-
-The IVPN Firewall ensures that if the VPN client, any part of the tunnel, or your desktop OS crashes, no traffic will leave the computer until IVPN Firewall is disabled manually or a new VPN tunnel is established.
-
-### Conclusion
-
-Using the IVPN firewall enhances your security and privacy steps further. From ensuring your privacy at boot time to blocking IPv6 and protecting against IP, DNS, and traffic leaks during a software crash.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-offer-dedicated-or-static-ip-addresses.md b/src/content/es/pages/knowledgebase/general/do-you-offer-dedicated-or-static-ip-addresses.md
deleted file mode 100644
index 62bdd4f58..000000000
--- a/src/content/es/pages/knowledgebase/general/do-you-offer-dedicated-or-static-ip-addresses.md
+++ /dev/null
@@ -1,13 +0,0 @@
----
-title: Do you offer dedicated or static IP addresses? - IVPN Help
-h1: Do you offer dedicated or static IP addresses?
-url: /knowledgebase/general/do-you-offer-dedicated-or-static-ip-addresses/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 110
----
-# Do you offer dedicated or static IP addresses?
-
-No, we do not offer dedicated or static IP addresses for privacy reasons. We use shared IPs to ensure sufficient interface crowding on the servers. Crowding is used to increase the total number of users sharing the same IP,  which combined with encryption makes it harder for a 3rd party to attribute an outgoing connection to an incoming one thereby significantly increasing your privacy.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-offer-ipv6.md b/src/content/es/pages/knowledgebase/general/do-you-offer-ipv6.md
deleted file mode 100644
index 62593b86e..000000000
--- a/src/content/es/pages/knowledgebase/general/do-you-offer-ipv6.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-title: Do you support IPv6? - IVPN Help
-h1: Do you support IPv6?
-url: /knowledgebase/general/do-you-support-ipv6/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 210
----
-# Do you support IPv6?
-
-We provide the option to receive an IPv6 address when connecting to our servers using WireGuard (IPv6 over IPv4). This enables those with only an IPv4 address to access the IPv6 Internet. Access to IPv6 by connecting to our servers using IPv6 is currently under development.
-
-IPv6 DNS is not currently available.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-offer-openvpn-wireguard-config-files.md b/src/content/es/pages/knowledgebase/general/do-you-offer-openvpn-wireguard-config-files.md
deleted file mode 100644
index 9ef6089ba..000000000
--- a/src/content/es/pages/knowledgebase/general/do-you-offer-openvpn-wireguard-config-files.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-title: Do you offer OpenVPN, WireGuard config files? - IVPN Help
-h1: Do you offer OpenVPN, WireGuard config files?
-url: /knowledgebase/general/do-you-offer-openvpn-wireguard-config-files/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 230
----
-# Do you offer OpenVPN, WireGuard config files?
-
-OpenVPN config files can be generated and downloaded [here](/openvpn-config).
-
-WireGuard config file generator is available in the [Client Area](/account/wireguard-config).
diff --git a/src/content/es/pages/knowledgebase/general/do-you-offer-two-factor-authentication.md b/src/content/es/pages/knowledgebase/general/do-you-offer-two-factor-authentication.md
deleted file mode 100644
index 3ad5d7701..000000000
--- a/src/content/es/pages/knowledgebase/general/do-you-offer-two-factor-authentication.md
+++ /dev/null
@@ -1,27 +0,0 @@
----
-title: Do you offer Two-Factor Authentication? - IVPN Help
-h1: Do you offer Two-Factor Authentication?
-url: /knowledgebase/general/do-you-offer-two-factor-authentication/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 550
----
-# Do you offer Two-Factor Authentication?
-
-Yes, and it can be easily enabled in just a few steps:
-
-1. Login to your [Client Area](/account/login/#id)
-
-2. Navigate to `Account settings` and check the `2-factor authentication` checkbox.
-
-3. Scan the barcode using the preferred TOTP (Time-based One-Time Password) app, e.g. **Google Authenticator**.
-
-4. Enter the generated 6-digit code and click on the `Enable` button to confirm the 2FA activation.
-
-5. Store **Backup Codes** you will see on the next page somewhere safe - it can be used to disable the 2FA in the future.
-
-<div markdown="1" class="notice notice--warning">
-2FA for IVPN apps is only available for accounts that were created after November 2020 (account ID format: i-XXXX-XXXX-XXXX). If you wish to use 2FA for apps and have an IVPN subscription created before this date (account ID format: ivpnXXXXXXXX), contact our customer service to help you make the switch.
-</div>
diff --git a/src/content/es/pages/knowledgebase/general/do-you-reboot-servers-during-a-maintenance-window.md b/src/content/es/pages/knowledgebase/general/do-you-reboot-servers-during-a-maintenance-window.md
deleted file mode 100644
index a8e20a85d..000000000
--- a/src/content/es/pages/knowledgebase/general/do-you-reboot-servers-during-a-maintenance-window.md
+++ /dev/null
@@ -1,13 +0,0 @@
----
-title: Do you reboot servers during a maintenance window? - IVPN Help
-h1: Do you reboot servers during a maintenance window?
-url: /knowledgebase/general/do-you-reboot-servers-during-a-maintenance-window/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 190
----
-# Do you reboot servers during a maintenance window?
-
-Yes, when necessary we perform scheduled upgrades and maintenance of the network between 03:00-04:00 EST (GMT -5) on Sundays. We recommend following our [Twitter](https://twitter.com/ivpnstatus) account for notices of when there may be brief outages.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-support-blackberry.md b/src/content/es/pages/knowledgebase/general/do-you-support-blackberry.md
deleted file mode 100644
index c6f02505d..000000000
--- a/src/content/es/pages/knowledgebase/general/do-you-support-blackberry.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-title: Do you support BlackBerry? - IVPN Help
-h1: Do you support BlackBerry?
-url: /knowledgebase/general/do-you-support-blackberry/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 540
----
-# Do you support BlackBerry?
-
-At this time, native BlackBerry devices -- including those with BlackBerry OS 10 -- do not support OpenVPN.  Due to the lack of OpenVPN support on these devices, they will not work.
-
-BlackBerry devices based on Android (PRIV) have been reported to work.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-support-chromebook.md b/src/content/es/pages/knowledgebase/general/do-you-support-chromebook.md
deleted file mode 100644
index 540d91b24..000000000
--- a/src/content/es/pages/knowledgebase/general/do-you-support-chromebook.md
+++ /dev/null
@@ -1,19 +0,0 @@
----
-title: Do you support Chromebook? - IVPN Help
-h1: Do you support Chromebook?
-url: /knowledgebase/general/do-you-support-chromebook/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 270
----
-# Do you support Chromebook?
-
-Not officially.
-
-At this time, Google Chromebook has very limited native VPN support. We have had some customers report success using IPSec however we highly suggest OpenVPN for security reasons. At this time OpenVPN is not fully compatible with Google Chromebook at the ChromeOS level.
-
-Newer models of Chromebooks support Android apps via the Google Play store. The [IVPN App for Android](/apps-android/) may work on these newer Chromebooks and can be installed just like any other app, though there are recent reports that interacting with the app after installing causes a black screen and the app is unusable.
-
-If it does work, please note that the Android subsystem and the ChromeOS subsystem are not 100% in alignment and it may be the case that the default ChromeOS web browser does not make use of the VPN tunnel. You might consider installing an additional web browser from the Google Play store to take full advantage of the VPN connection.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-support-port-forwarding.md b/src/content/es/pages/knowledgebase/general/do-you-support-port-forwarding.md
deleted file mode 100644
index 300a60d5f..000000000
--- a/src/content/es/pages/knowledgebase/general/do-you-support-port-forwarding.md
+++ /dev/null
@@ -1,31 +0,0 @@
----
-title: Do you support Port Forwarding? - IVPN Help
-h1: Do you support Port Forwarding?
-url: /knowledgebase/general/do-you-support-port-forwarding/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 14
----
-# Do you support Port Forwarding?
-
-Port Forwarding is not available with our service. See our [blog post](/blog/gradual-removal-of-port-forwarding) to understand why.
-
-### What is not possible without port forwarding?
-
-Remote access to services and systems running behind a VPN. Review our dedicated [article](/knowledgebase/general/how-do-i-remotely-connect-to-my-home-system-or-services-behind-the-vpn-connection) about this for more details and a possible workaround.
-
-### Is it possible to P2P/torrent without Port Forwarding?
-
-The short answer to the question: Yes, you can download and upload data even with closed port.
-
- - If the port is closed that only means you can not accept incoming connections, but you can still connect to peers who accept connections. In torrent terminology they say that you are in passive mode. A client in passive mode can connect to a client with open port (active mode), but not to a client with a closed port. 
-
- - If your port would be open then you would be able to accept connections too. In torrent terminology this is called active mode. A client with open port can connect to both active and passive clients.
-
-If your port is closed, that only means you can't connect to other peers with closed ports. In this case you may get less peers to connect to. If the torrent has a lot of peers, your client will likely be able to find enough peers with open port to achieve high download speeds. If the torrent has few peers, then it is likely that with open port you would get better results. 
-
-In the rare case when all peers have their ports closed, then you won't be able to connect to any of them. You will have to wait until a peer with open port comes in (active mode).
-
-Please review our [ToS](/tos) about P2P usage on the IVPN network.
diff --git a/src/content/es/pages/knowledgebase/general/do-you-support-tunnelblick-or-viscosity.md b/src/content/es/pages/knowledgebase/general/do-you-support-tunnelblick-or-viscosity.md
deleted file mode 100644
index 30d627917..000000000
--- a/src/content/es/pages/knowledgebase/general/do-you-support-tunnelblick-or-viscosity.md
+++ /dev/null
@@ -1,19 +0,0 @@
----
-title: Do you support Tunnelblick / Viscosity? - IVPN Help
-h1: Do you support Tunnelblick / Viscosity?
-url: /knowledgebase/general/do-you-support-tunnelblick-or-viscosity/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 420
----
-# Do you support Tunnelblick / Viscosity?
-
-Yes. Both Tunnelblick and Viscosity are software packages designed for macOS which allow you to connect to VPN services like IVPN.
-
-See our [Tunnelblick setup guide](/setup/macos-openvpn-tunnelblick/) for more details.
-
-<div markdown="1" class="notice notice--info">
-We highly recommend using the IVPN client over a 3rd party client such as Tunnelblick as we have implemented many advanced security features.
-</div>
diff --git a/src/content/es/pages/knowledgebase/general/does-ivpn-protect-ssh-connections.md b/src/content/es/pages/knowledgebase/general/does-ivpn-protect-ssh-connections.md
deleted file mode 100644
index 98df09e9e..000000000
--- a/src/content/es/pages/knowledgebase/general/does-ivpn-protect-ssh-connections.md
+++ /dev/null
@@ -1,13 +0,0 @@
----
-title: Does IVPN protect SSH connections? - IVPN Help
-h1: Does IVPN protect SSH connections?
-url: /knowledgebase/general/does-ivpn-protect-ssh-connections/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 490
----
-# Does IVPN protect SSH connections?
-
-Yes, when using IVPN all traffic (including SSH connections running on your computer) is forwarded through the VPN.  For maximum efficiency, tunnelling the TCP-based SSH protocol through a UDP VPN tunnel is the best option.
diff --git a/src/content/es/pages/knowledgebase/general/does-ivpn-support-pfsense-firewall.md b/src/content/es/pages/knowledgebase/general/does-ivpn-support-pfsense-firewall.md
deleted file mode 100644
index 89c55c398..000000000
--- a/src/content/es/pages/knowledgebase/general/does-ivpn-support-pfsense-firewall.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-title: Does IVPN support pfSense firewall? - IVPN Help
-h1: Does IVPN support pfSense firewall?
-url: /knowledgebase/general/does-ivpn-support-pfsense-firewall/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 320
----
-# Does IVPN support pfSense firewall?
-
-Yes and we provide advanced documentation on how to prevent and test for IP leaks when using pfSense.
-
-Please see the [pfSense setup guide](/setup/router/pfsense/) for more information.
diff --git a/src/content/es/pages/knowledgebase/general/does-ivpn-support-roku-media-players.md b/src/content/es/pages/knowledgebase/general/does-ivpn-support-roku-media-players.md
deleted file mode 100644
index 574521d58..000000000
--- a/src/content/es/pages/knowledgebase/general/does-ivpn-support-roku-media-players.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-title: Does IVPN support Roku media players? - IVPN Help
-h1: Does IVPN support Roku media players?
-url: /knowledgebase/general/does-ivpn-support-roku-media-players/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 450
----
-# Does IVPN support Roku media players?
-
-Roku media players do not have a built-in VPN client and cannot natively run any VPN client software including IVPN.
-
-You can still share an IVPN connection with a Roku media player by using a supported VPN router. Please see our [Routers Setup](/setup/router/) page for more information.
diff --git a/src/content/es/pages/knowledgebase/general/does-ivpn-support-synology-nas.md b/src/content/es/pages/knowledgebase/general/does-ivpn-support-synology-nas.md
deleted file mode 100644
index eeb2aef0c..000000000
--- a/src/content/es/pages/knowledgebase/general/does-ivpn-support-synology-nas.md
+++ /dev/null
@@ -1,13 +0,0 @@
----
-title: Does IVPN support Synology NAS? - IVPN Help
-h1: Does IVPN support Synology NAS?
-url: /knowledgebase/general/does-ivpn-support-synology-nas/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 440
----
-# Does IVPN support Synology NAS?
-
-Yes. We recommend an updated version of the Diskstation Manager to ensure that OpenVPN will work properly. Please see our [Synology OpenVPN setup guide](/setup/nas/synology-6/) for more information.
diff --git a/src/content/es/pages/knowledgebase/general/does-ivpn-support-windows-10.md b/src/content/es/pages/knowledgebase/general/does-ivpn-support-windows-10.md
deleted file mode 100644
index 3258b3cfe..000000000
--- a/src/content/es/pages/knowledgebase/general/does-ivpn-support-windows-10.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-title: Does IVPN support Windows 10? - IVPN Help
-h1: Does IVPN support Windows 10?
-url: /knowledgebase/general/does-ivpn-support-windows-10/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 370
----
-# Does IVPN support Windows 10?
-
-Yes, the latest version of the [IVPN client for Windows](/apps-windows/) has been extensively tested on Windows 10.
-
-If you have any issues running IVPN on Windows 10, please contact our [support department](/contactus/).
diff --git a/src/content/es/pages/knowledgebase/general/does-voip-work-with-ivpn.md b/src/content/es/pages/knowledgebase/general/does-voip-work-with-ivpn.md
deleted file mode 100644
index 1b0ea720b..000000000
--- a/src/content/es/pages/knowledgebase/general/does-voip-work-with-ivpn.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-title: Does VoIP work with IVPN? - IVPN Help
-h1: Does VoIP work with IVPN?
-url: /knowledgebase/general/does-voip-work-with-ivpn/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 520
----
-# Does VoIP work with IVPN?
-
-In general, VoIP (Voice over IP) services will work properly with IVPN. These services are forwarded through the VPN just like all other services. 
-
-Please take into account that VoIP services are very dependent on latency therefore the quality of the call may vary greatly depending on your internet connection and the distance from you to the VPN server and the VPN server to the VoIP endpoint.
diff --git a/src/content/es/pages/knowledgebase/general/firewall-exceptions.md b/src/content/es/pages/knowledgebase/general/firewall-exceptions.md
deleted file mode 100644
index 7e1c68c83..000000000
--- a/src/content/es/pages/knowledgebase/general/firewall-exceptions.md
+++ /dev/null
@@ -1,104 +0,0 @@
----
-title: Firewall Exceptions - IVPN Help
-h1: Firewall Exceptions
-url: /knowledgebase/general/firewall-exceptions/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 470
----
-# Firewall Exceptions
-
-The IVPN App for Windows, macOS, and Linux includes a feature to allow IP addresses and subnets to bypass the app's kill switch firewall.  This can be useful to access local network devices that are outside of the range of the current LAN.  It can also be useful if a corporate VPN is required to run concurrently with the IVPN App.  It is also possible to include the IP address for a website in the firewall exception list and traffic to that website will bypass the VPN connection, like a split tunnel for a specific website.
-
-To make use of this feature, adding a firewall exception to the IVPN App is the first step and adding a static route to the computer system is the second step.  The firewall exception instructs the IVPN App to allow the traffic to bypass its firewall and the static route instructs the computer system to route the traffic outside of the VPN tunnel.
-
-To add a firewall exception, go to IVPN App's `Settings > IVPN Firewall > Exceptions` area and enter an IP address or a subnet.
-
-To add a static route, three details are required:
-1. The IP address or subnet from the exception
-1. The subnet mask for #1 above as an IP address or in [CIDR notation](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation)
-1. The IP address for the computer system's default gateway (i.e. the local router)
-
-In the examples below, `a.b.c.d` represents the default gateway and needs to be replaced with the actual local default gateway IP address.
-
-<div markdown="1" class="notice notice--warning">
-Note: These static routes are temporary and will have to be added after each reboot.
-</div>
-
-### Windows
-
-Open a Command Prompt via the **Run as administrator** option.
-
-Show the routing table:
-```
-route PRINT
-```
-
-Add a static route for subnet `192.168.100.0/24`:
-```
-route ADD 192.168.100.0 MASK 255.255.255.0 a.b.c.d
-```
-
-Delete the route:
-```
-route DELETE 192.168.100.0 MASK 255.255.255.0 a.b.c.d
-```
-
-
-### macOS
-
-Show the routing table:
-```
-netstat -rn
-```
-
-Add a static route for subnet `192.168.192.0/20`:
-```
-sudo route -n add -net 192.168.192.0/20 a.b.c.d
-```
-
-Delete the route:
-```
-sudo route -n delete -net 192.168.192.0/20
-```
-
-
-### Linux
-
-Show the routing table:
-```
-route
-routel
-ip route
-```
-
-Add a static route for IP address `192.168.111.111`:
-```
-sudo ip route add 192.168.111.111/32 via a.b.c.d
-```
-
-Delete the route:
-```
-sudo ip route del 192.168.111.111/32
-```
-
-
-### Example of a Website Exception
-
-Connect the VPN and visit a website to check the current IP address: [https://www.dnsleaktest.com](https://www.dnsleaktest.com)
-
-Determine a website's IP address using one of these commands:
-```
-nslookup dnsleaktest.com
-dig +short dnsleaktest.com
-```
-
-Add an exception to the IVPN App's firewall for that website's IP address using the `/32` CIDR notation subnet mask.
-
-Add a static route to the system for the website's IP address using the `/32` or `255.255.255.255` subnet mask.
-
-Refresh the page.
-
-This may offer a way to access a site that uses one or two IP addresses for hosting, though for larger sites with complicated infrastructure, like streaming sites and those that rely on redirects to content delivery networks, this type of exception might not behave as expected.
diff --git a/src/content/es/pages/knowledgebase/general/how-can-i-connect-to-the-multihop-network.md b/src/content/es/pages/knowledgebase/general/how-can-i-connect-to-the-multihop-network.md
deleted file mode 100644
index 506058e69..000000000
--- a/src/content/es/pages/knowledgebase/general/how-can-i-connect-to-the-multihop-network.md
+++ /dev/null
@@ -1,67 +0,0 @@
----
-title: How can I connect to the Multi-hop network? - IVPN Help
-h1: How can I connect to the Multi-hop network?
-url: /knowledgebase/general/how-can-i-connect-to-the-multihop-network/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 170
----
-# How can I connect to the Multi-hop network?
-
-<div markdown="1" class="notice notice--info">
-These instructions are not required when using the official <a href="/apps/">IVPN client</a>. Simply select the Multi-hop tab on the main screen.<br></br>
-The Multi-hop feature is available in our Pro plan and can be used with any WireGuard and OpenVPN clients.<br></br>
-Entry and Exit-hop servers must be in different countries.
-</div>
-
-Multi-hop-ready config files for WireGuard can be generated in the [Client Area](/account/wireguard-config). OpenVPN config file generator is available [here](/openvpn-config). Read on if you prefer to create configuration file manually  or simply want to understand how our port based Multi-hop solution works.
-
-Every server has a unique port number reserved for Multi-hop connections which can be found on our [server status](/status/) page.
-
-![](/images-static/uploads/wireguard-multihop.jpg)
-
-Choose the Exit-hop server for your Multi-hop connection, note its **Multi-hop Port** number, **Public key** and follow the instructions relevant to the VPN protocol you use below:
-
-### WireGuard
-
-In your WireGuard config '**[Peer]**' section, specify the **Entry-hop server hostname** with the **Exit-hop server Multi-hop port** separated with a colon in the '**Endpoint**' field, and the **Exit-hop server Public key** in the '**PublicKey**' field.
-
-*Endpoint = [Entry-hop server address]**:**[Exit-hop server Multi-hop port]<br>
-PublicKey = [Exit-hop server Public Key]*
-
-Below, is an example of the WireGuard Multi-hop connection config with Entry server in Ukraine and Exit server in Austria:
-
->[Interface]<br>
->PrivateKey = *****<br>
->Address = 172.x.y.z/32, fd00:4956:504e:ffff::x.y.z/128<br>
->DNS = 172.16.0.1<br><p>
->[Peer]<br>
->PublicKey = 83LUBnP97SFpnS0y1MpEAFcg8MIiQJgW1FRv/8Mc40g=<br>
->AllowedIPs = 0.0.0.0/0, ::/0<br>
->Endpoint = ua1.wg.ivpn.net:25601<br>
->PersistentKeepalive = 25
-
-### OpenVPN
-
-1. [Download](/openvpn-config) and open the .ovpn config file with the location of the **Entry-hop server** using any text editor
-2. Replace port number in line 4 (*remote xx.gw.ivpn.net <u>**2049**</u>*) with the **Exit-hop server Multi-hop port**
-3. Replace the location code in line 16 (*verify-x509-name <u>**XX**</u> name-prefix*) with the **Exit-hop server location code**
-
-To lookup the location codes, open the [server status](/status/) page. Note the server names are in the format XY.gw.ivpn.net where X is the location code and Y is a number uniquely identifying the server. Ignore the number and use the code before it:
-
-| Server | Location code|
-|---|---|
-| at1.gw.ivpn.net | **at** |
-| ua1.gw.ivpn.net | **ua** |
-| us-nj1.gw.ivpn.net | 	**us-nj** | 
-
-Below, is an example of the OpenVPN Multi-hop connection config file with Entry server in Ukraine and Exit server in Austria:
-
-![](/images-static/uploads/openvpn-multihop.png)
-
-### Obfsproxy (via OpenVPN)
-
-Check our article on manual Linux connections for details:
-[Linux - OBFS3 and OBFS4 Obfuscation with Obfsproxy to Circumvent Censorship](https://www.ivpn.net/knowledgebase/linux/linux-obfs3-and-obfs4-obfuscation-with-obfsproxy-to-circumvent-censorship/)
diff --git a/src/content/es/pages/knowledgebase/general/how-do-i-remotely-connect-to-my-home-system-or-services-behind-the-vpn-connection.md b/src/content/es/pages/knowledgebase/general/how-do-i-remotely-connect-to-my-home-system-or-services-behind-the-vpn-connection.md
deleted file mode 100644
index 4abffc6a5..000000000
--- a/src/content/es/pages/knowledgebase/general/how-do-i-remotely-connect-to-my-home-system-or-services-behind-the-vpn-connection.md
+++ /dev/null
@@ -1,21 +0,0 @@
----
-title: How do I remotely connect to my home system or services behind the VPN connection? - IVPN Help
-h1: How do I remotely connect to my home system or services behind the VPN connection?
-url: /knowledgebase/general/how-do-i-remotely-connect-to-my-home-system-or-services-behind-the-vpn-connection/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 13
----
-# How do I remotely connect to my home system or services behind the VPN connection?
-
-When you are connected to a VPN service, the VPN gateway server protects your device from potentially hostile incoming connections in the same way that your router or firewall does.
-
-Remote access to services and devices (like media, file, web servers, etc.) or the system itself running behind a VPN becomes impossible without opening the port on the server and forwarding the traffic to the recipient – a service called Port Forwarding which is [not available](/blog/gradual-removal-of-port-forwarding) with IVPN.
-
-One way to solve this is to enable and configure Port Forwarding on the router, though this often requires owning a static IP address provided by your ISP with the router connected directly to the Internet (not behind NAT).
-
-Another way is to use an open-source software called [Tailscale](https://tailscale.com/) that interconnects your devices into a single, secure peer-to-peer WireGuard mesh network allowing you to access your services and resources from anywhere on the Internet, even those behind IVPN or ISP NAT.
-
-The service is free to individuals and supported on plethora of popular operating systems and devices. To explore this solution we suggest reviewing documentation and setup guides published by Tailscale [here](https://tailscale.com/kb/1017/install/).
\ No newline at end of file
diff --git a/src/content/es/pages/knowledgebase/general/how-do-i-send-a-secure-pgp-encrypted-email-to-ivpn.md b/src/content/es/pages/knowledgebase/general/how-do-i-send-a-secure-pgp-encrypted-email-to-ivpn.md
deleted file mode 100644
index 294104e5b..000000000
--- a/src/content/es/pages/knowledgebase/general/how-do-i-send-a-secure-pgp-encrypted-email-to-ivpn.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-title: How do I send a secure PGP encrypted email to IVPN? - IVPN Help
-h1: How do I send a secure PGP encrypted email to IVPN?
-url: /knowledgebase/general/how-do-i-send-a-secure-pgp-encrypted-email-to-ivpn/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 280
----
-# How do I send a secure PGP encrypted email to IVPN?
-
-Import our [PGP key](/contactus/) and send a secure email support request to [support@ivpn.net](mailto:support@ivpn.net) and we'll respond ASAP. 
-
-Please be sure to include your own public key with your message.
diff --git a/src/content/es/pages/knowledgebase/general/how-many-devices-or-simultaneous-connections-can-i-have-to-ivpn.md b/src/content/es/pages/knowledgebase/general/how-many-devices-or-simultaneous-connections-can-i-have-to-ivpn.md
deleted file mode 100644
index 1c92d4d08..000000000
--- a/src/content/es/pages/knowledgebase/general/how-many-devices-or-simultaneous-connections-can-i-have-to-ivpn.md
+++ /dev/null
@@ -1,19 +0,0 @@
----
-title: How many devices or simultaneous connections can I have to IVPN? - IVPN Help
-h1: How many devices or simultaneous connections can I have to IVPN?
-url: /knowledgebase/general/how-many-devices-or-simultaneous-connections-can-i-have-to-ivpn/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 10
----
-# How many devices or simultaneous connections can I have to IVPN?
-
-You can install the IVPN App on as many devices as you require and, by default, a single subscription allows 2 devices with an IVPN Standard plan or 7 devices with an IVPN Pro plan. Please note that each time you log in to our IVPN App, this counts as adding one device. Each time you log out of the app, this counts as removing one device. Whether our app is connected or not and powered on or not, simply logging in is enough to occupy one of the device slots.
-
-<div markdown="1" class="notice notice--info">
-Our terms of service do not permit the sharing of accounts with another person (including within a single household etc). You may wish to investigate the use of a VPN router for household access to allow many devices to share a single connection, though this does require some technical expertise to set up. See our <a href="/setup/router/ddwrt/">DD-WRT router page</a> for more info.
-</div>
-
-Our intention with this policy is to prevent large-scale abuse (sharing of credentials) and ensure fair access for all customers considering that VPN bandwidth is a shared limited resource.
diff --git a/src/content/es/pages/knowledgebase/general/how-many-ips-do-you-have-in-total-or-per-server.md b/src/content/es/pages/knowledgebase/general/how-many-ips-do-you-have-in-total-or-per-server.md
deleted file mode 100644
index 0cbadddd7..000000000
--- a/src/content/es/pages/knowledgebase/general/how-many-ips-do-you-have-in-total-or-per-server.md
+++ /dev/null
@@ -1,13 +0,0 @@
----
-title: How many IPs do you have (in total or per server)? - IVPN Help
-h1: How many IPs do you have (in total or per server)?
-url: /knowledgebase/general/how-many-ips-do-you-have-in-total-or-per-server/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 290
----
-# How many IPs do you have (in total or per server)?
-
-As a privacy service, we maintain a very small pool of IP addresses per server, usually 3 to 5. We need to keep the number of IP addresses low to ensure sufficient interface crowding on the servers. Crowding is used to increase the total number of users sharing the same IP address, which combined with encryption, makes it harder for a 3rd-party to attribute an outgoing connection to an incoming one. If you are looking for a large pool of IP addresses then you may be better off with a proxy service that specializes in this type of offering.
diff --git a/src/content/es/pages/knowledgebase/general/how-much-does-ivpn-cost.md b/src/content/es/pages/knowledgebase/general/how-much-does-ivpn-cost.md
deleted file mode 100644
index 644ddce6b..000000000
--- a/src/content/es/pages/knowledgebase/general/how-much-does-ivpn-cost.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-title: How much does IVPN cost? - IVPN Help
-h1: How much does IVPN cost?
-url: /knowledgebase/general/how-much-does-ivpn-cost/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 470
----
-# How much does IVPN cost?
-
-Please see the pricing on our [sign up](/pricing/) page. 
-
-You may also be interested in [what payment methods does IVPN accept](/knowledgebase/general/what-payment-methods-do-you-accept/).
diff --git a/src/content/es/pages/knowledgebase/general/how-to-verify-warrant-canary-signature.md b/src/content/es/pages/knowledgebase/general/how-to-verify-warrant-canary-signature.md
deleted file mode 100644
index cdaddb306..000000000
--- a/src/content/es/pages/knowledgebase/general/how-to-verify-warrant-canary-signature.md
+++ /dev/null
@@ -1,35 +0,0 @@
----
-title: How to verify Warrant Canary signature? - IVPN Help
-h1: How to verify Warrant Canary signature?
-url: /knowledgebase/general/how-to-verify-warrant-canary-signature/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 300
----
-# How to verify Warrant Canary signature?
-
-The warrant canary is signed using a PGP key. Please install [GnuPG](https://www.gnupg.org/) if you haven't already.
-
-To verify the signature:
-
-1.  Download and import the IVPN public key from [/resources/pubkey.txt](/resources/pubkey.txt).
-
-    ```
-    gpg --import pubkey.txt
-    ```
-
-2.  Download the latest canary from [/resources/canary.txt](/resources/canary.txt) and verify.
-
-3.  ```
-    gpg --verify canary.txt
-    ```
-
-You should see a message similar to below confirming the signature is good
-
-```
-gpg: Signature made Tue Nov  4 16:23:00 2014 CET using RSA key ID B647BA69
-gpg: Good signature from "IVPN Administrator "
-```
-
diff --git a/src/content/es/pages/knowledgebase/general/in-which-countries-do-you-have-servers-or-where-are-your-servers-located.md b/src/content/es/pages/knowledgebase/general/in-which-countries-do-you-have-servers-or-where-are-your-servers-located.md
deleted file mode 100644
index 949769c96..000000000
--- a/src/content/es/pages/knowledgebase/general/in-which-countries-do-you-have-servers-or-where-are-your-servers-located.md
+++ /dev/null
@@ -1,13 +0,0 @@
----
-title: In which countries do you have servers / Where are your servers located? - IVPN Help
-h1: In which countries do you have servers / Where are your servers located?
-url: /knowledgebase/general/in-which-countries-do-you-have-servers-or-where-are-your-servers-located/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 260
----
-# In which countries do you have servers / Where are your servers located?
-
-Please see our [server status](/status/) page.
diff --git a/src/content/es/pages/knowledgebase/general/is-using-l2tporipsec-with-a-public-pre-shared-key-secure.md b/src/content/es/pages/knowledgebase/general/is-using-l2tporipsec-with-a-public-pre-shared-key-secure.md
deleted file mode 100644
index 774339f6a..000000000
--- a/src/content/es/pages/knowledgebase/general/is-using-l2tporipsec-with-a-public-pre-shared-key-secure.md
+++ /dev/null
@@ -1,25 +0,0 @@
----
-title: Is using L2TP/IPSec with a public pre-shared key secure? - IVPN Help
-h1: Is using L2TP/IPSec with a public pre-shared key secure?
-url: /knowledgebase/general/is-using-l2tporipsec-with-a-public-pre-shared-key-secure/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 40
----
-# Is using L2TP/IPSec with a public pre-shared key secure?
-
-No, it is not secure and should only be used where security is not required/important e.g. If you are streaming content that requires an IP in a different location. To understand why it is not secure read on.
-
-For wide compatibility with client devices and ease of setup the L2TP/IPSec service uses a pre-shared key for authentication. This key is often published on a VPN providers website and is therefor accessible by anyone.
-
-However this pre-shared key is not used to encrypt the data between your device and the VPN servers, only to authenticate the server to the client device. A passive adversary eavesdropping on the connection is unable to decrypt the tunnel data. However there does exist a risk of an active MITM (Man in the middle attack) where the adversary impersonates the VPN server and is then able to decrypt and eavesdrop on the connection.
-
-This capability requires some technical sophistication on the part of the attacker but the possibility is very real and therefore we strongly recommend that customers who require security use an OpenVPN based VPN service. Furthermore [leaked NSA presentations released by the "Der Spiegel" publication](http://www.spiegel.de/media/media-35529.pdf) indicate that IKE is being exploited in an unknown manner to decrypt IPSec traffic.
-
-### Further technical info
-
-IPSec uses a protocol called IKE (Internet Key Exchange) which is used to set up a security association (SA) between the client and server. IKE has two phases, during the first phase the client and server generate and exchange [nounces](http://en.wikipedia.org/wiki/Cryptographic_nonce) after which they perform a [Diffie–Hellman](http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange) key exchange. Both sides then use the nounce, the Diffie-Hellman shared secret and the pre-shared key to generate the IKE keys. These IKE Keys are then used in the second stage to generate the IPSec SA's which contain the session keys used to encrypt the tunnel data.
-
-Because of the Diffie-Hellman operation in phase 1 a passive eavesdropper would be unable to derive the same set of session keys used to encrypt the tunnel data. However as mentioned above an active MITM attack is possible due to the use of the pre-shared key in which case the adversary would be able to eavesdrop or even inject malicious data into the connection.
diff --git a/src/content/es/pages/knowledgebase/general/my-ip-is-being-leaked-by-webrtc-how-do-i-disable-it.md b/src/content/es/pages/knowledgebase/general/my-ip-is-being-leaked-by-webrtc-how-do-i-disable-it.md
deleted file mode 100644
index 500000e8d..000000000
--- a/src/content/es/pages/knowledgebase/general/my-ip-is-being-leaked-by-webrtc-how-do-i-disable-it.md
+++ /dev/null
@@ -1,37 +0,0 @@
----
-title: My IP is being leaked by WebRTC. How do I disable it? - IVPN Help
-h1: My IP is being leaked by WebRTC. How do I disable it?
-url: /knowledgebase/general/my-ip-is-being-leaked-by-webrtc-how-do-i-disable-it/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 30
----
-# My IP is being leaked by WebRTC. How do I disable it?
-
-WebRTC (Web Real-Time Communication) is an API drafted by the W3C that supports browser-to-browser applications for voice calling, video chat, and P2P file sharing (without the need of either internal or external plugins). WebRTC implements STUN (Session Traversal Utilities for Nat), a protocol that allows the discovery of your externally assigned IP address (to facilitate the applications above).
-
-Due to the way in which Windows selects the adapter when sending traffic (source IP address selection), the request to the STUN server may leak outside of the VPN and expose your ISP issued IP address. However, if you are using a VPN firewall, such as the [IVPN Firewall](/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall/) available in our [apps](/apps/), then these leaks will be blocked.
-
-However, it is still possible for the site to identify your internally assigned IP addresses as these are detected by the browser locally using JavaScript. Please follow the instructions below to disable WebRTC.
-
-To test whether you are vulnerable please visit this [demo page](https://diafygi.github.io/webrtc-ips/).
-
-### Mozilla Firefox
-
-1. Type `about:config` in the address bar.
-
-2. Scroll down to `media.peerconnection.enabled`, double click to set it to `false`.
-
-### Internet Explorer
-
-No action is necessary.
-
-### Google Chrome (Android only)
-
-1. In your Chrome address bar type `chrome://flags/#disable-webrtc` and hit Enter
-
-2. `WebRTC Stun origin` header should be set to **Enabled**
-
-3. Restart your Chrome browser for changes to take effect.
diff --git a/src/content/es/pages/knowledgebase/general/quantum-resistance-faq.md b/src/content/es/pages/knowledgebase/general/quantum-resistance-faq.md
deleted file mode 100644
index 2c6db33f4..000000000
--- a/src/content/es/pages/knowledgebase/general/quantum-resistance-faq.md
+++ /dev/null
@@ -1,65 +0,0 @@
----
-title: Quantum Resistance FAQ - IVPN Help
-h1: Quantum Resistance FAQ
-url: /knowledgebase/general/quantum-resistance-faq/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 10
----
-# Quantum Resistance FAQ
-
-### Do you offer any protection against quantum computing attacks?
-
-Yes, all IVPN apps provide quantum-resistant WireGuard connections enabled by default.
-
-### How can the VPN tunnel become resistant to quantum computer attacks?
-
-The WireGuard configuration includes an optional parameter called "PresharedKey", which can be used to enhance the security of the VPN connection.
-    
-A PresharedKey (PSK) is a secret key that is shared between the VPN client and server before establishing a connection. The PSK is used to add an additional layer of symmetric encryption, making it more difficult for attackers to break the connection.
-    
-Using a Key Encapsulation Mechanism (KEM) with a PresharedKey (PSK) can potentially increase the quantum resistance of a WireGuard connection, provided that the KEM is based on a post-quantum cryptographic algorithm.
-    
-We make use of the [liboqs](https://github.com/open-quantum-safe/liboqs) library and the following KEM algorithms for exchanging keys:
-    
-- desktop apps: [Kyber-1024](https://pq-crystals.org/kyber/) + [Classic-McEliece-348864](https://classic.mceliece.org/)
-- mobile apps: [Kyber-1024](https://pq-crystals.org/kyber/)
-        
-For more details read about [quantum resistant vpn connections](/knowledgebase/general/quantum-resistant-vpn-connections/).
-
-### How often is PresharedKey rotated?
-
-A new PresharedKey is generated together with the new WireGuard key pair. The frequency at which the keys are rotated can be adjusted from 1 to 30 days.
-
-### Which platforms is quantum resistance available on?
-
-Quantum resistance is available in IVPN apps for all platforms.
-
-### Which servers are quantum-resistant?
-
-All WireGuard servers.
-
-### How can I verify that quantum resistance is enabled?
-
-On desktop apps, navigate to `Settings` - `Connection` - `WireGuard key information` area:
-
-![](/images-static/uploads/desktop-verify-quantum.png)
-    
-On mobile apps, navigate to `Settings` - `WireGuard` - `WireGuard details`:
-   
-<img width="390px" src="/images-static/uploads/mobile-verify-quantum.png"> 
-
-### Is it compatible with other IVPN features like Multi-hop and AntiTracker?
-
-Yes.
-
-### Will it reduce my speed, increase latency?
-
-No, it does not affect the latency or the speed of the connection.
-
-### Can I enable quantum resistance for manual connections using a native WireGuard client or router?
-
-Quantum resistant connections are available only with IVPN apps at this time.
-
diff --git a/src/content/es/pages/knowledgebase/general/quantum-resistant-vpn-connections.md b/src/content/es/pages/knowledgebase/general/quantum-resistant-vpn-connections.md
deleted file mode 100644
index 4e9ad58b9..000000000
--- a/src/content/es/pages/knowledgebase/general/quantum-resistant-vpn-connections.md
+++ /dev/null
@@ -1,141 +0,0 @@
----
-title: Quantum-Resistant VPN connections - IVPN Help
-h1: Quantum-Resistant VPN connections
-url: /knowledgebase/general/quantum-resistant-vpn-connections/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 9
----
-# Quantum-Resistant VPN connections
-
-Quantum computing poses a threat to VPN security due to its potential to break traditional encryption algorithms (e.g., AES, RSA) and key exchange mechanisms (e.g., Diffie-Hellman) much faster. 
-
-## Current Problems with VPNs and Quantum Resistance
-
-VPNs rely on encryption algorithms like AES (Advanced Encryption Standard) and RSA (Rivest-Shamir-Adleman) to secure data transmission. However, these encryption methods are vulnerable to attacks from quantum computers, which can efficiently solve the underlying mathematical problems and decrypt the data.
-
-Quantum computing has seen significant advancements in recent years, with companies like IBM and Google investing heavily in research and development. As a result, the threat of large-scale quantum computers breaking existing encryption methods is becoming more imminent, necessitating the need for quantum-resistant encryption.
-
-## Possible Solutions for Quantum-Resistant VPNs
-
-### Post-Quantum Cryptography
-
-Post-quantum cryptography focuses on developing new encryption algorithms that are resistant to quantum computing attacks. Several post-quantum algorithms are being researched, including lattice-based, code-based, and multivariate cryptographic schemes.
-Currently, there are no widely-used VPN protocols that have fully adopted post-quantum cryptography (PQC). 
-
-### Hybrid Cryptosystems
-
-Hybrid encryption is an approach that combines classical encryption algorithms with post-quantum encryption algorithms to enhance security during the transition period when both types of cryptography coexist. The idea is to maintain compatibility with existing systems while providing quantum resistance.
-
-In a hybrid encryption scheme, data is encrypted using two separate layers of encryption. The first layer is a classical encryption algorithm, such as AES or RSA, which is widely used and well-understood. The second layer is a post-quantum encryption algorithm, designed to be secure against quantum computers.
-
-By combining both algorithms, even if one of them is compromised, the other layer of encryption should still provide security. In the context of quantum computing, if a quantum computer manages to break the classical encryption algorithm, the post-quantum algorithm would still protect the data.
-
-In a VPN connection, hybrid encryption can be applied to both the data encryption process and the key exchange mechanism. For example, a VPN may use a classical key exchange protocol like Diffie-Hellman alongside a post-quantum key exchange algorithm to establish secure communication channels. Similarly, data transmitted over the VPN could be encrypted using both classical and post-quantum algorithms.
-
-This approach ensures that VPN connections remain secure during the transition to post-quantum cryptography while maintaining compatibility with existing systems and infrastructure.
-
-### Key Encapsulation Mechanism (KEM)
-
-The Key Encapsulation Mechanism (KEM) is a cryptographic primitive used to securely exchange keys between two parties over an insecure channel. Post-quantum KEMs are designed to provide a level of security that is resistant to attacks from quantum computers.
-
-In a VPN connection, the key exchange process is a crucial step in establishing a secure communication channel between the client and server. Traditional key exchange methods, such as Diffie-Hellman (DH) and Elliptic Curve Diffie-Hellman (ECDH), are vulnerable to attacks by quantum computers through Shor's algorithm.
-
-Post-quantum KEMs, such as those based on lattice-based cryptography (e.g., Kyber), error-correcting codes (e.g., Classic McEliece), or multivariate cryptography, are being developed to replace traditional key exchange algorithms that are vulnerable to quantum attacks, such as the widely-used Diffie-Hellman key exchange or RSA.
-
-In a quantum-resistant VPN, a post-quantum KEM is used to establish a shared secret between the client and the server over an insecure channel. This shared secret can then be used as a pre-shared key or as input to derive symmetric keys for encrypting and decrypting the actual data transmitted over the VPN tunnel.
-
-#### Cryptographic libraries that support KEM:
-<br>
-There are several libraries available that provide Key Encapsulation Mechanism (KEM) functionality, including those implementing post-quantum cryptographic algorithms:
-<br></br>
-
-* liboqs (Open Quantum Safe): The Open Quantum Safe (OQS) project, led by the Centre for Applied Cryptographic Research at the University of Waterloo and the National Research Council of Canada, provides the liboqs library. liboqs is a C library that offers a collection of quantum-resistant cryptographic algorithms, including key encapsulation mechanisms and digital signature schemes. The library serves as a testing ground for experimental algorithms and is intended for research and development purposes. You can find the liboqs library on [GitHub](https://github.com/open-quantum-safe/liboqs).
-
-* PQClean: PQClean is another library that offers a collection of implementations of post-quantum cryptography schemes, including KEMs. It focuses on providing clean, secure, and portable implementations of these schemes, which are suitable for integration into various cryptographic libraries and applications. PQClean is available on [GitHub](https://github.com/PQClean/PQClean).
-
-* CRYSTALS (Cryptographic Suite for Algebraic Lattices) libraries: The CRYSTALS project provides implementations of lattice-based cryptographic schemes, including the Kyber KEM and Dilithium digital signature algorithm. Both Kyber and Dilithium are finalists in the NIST Post-Quantum Cryptography Standardization process. The implementations can be found on GitHub ([Kyber](https://github.com/pq-crystals/kyber), [Dilithium](https://github.com/pq-crystals/dilithium)).
-
-These libraries provide a starting point for developers and researchers interested in experimenting with KEM functionality, particularly for post-quantum cryptography. It is important to note that many of these implementations are intended for research, development, and testing purposes, and their security and performance should be carefully evaluated before integrating them into production environments.
-
-## Implementing Quantum Resistance in WireGuard using PresharedKey
-
-WireGuard connections, by default, are not quantum-resistant. WireGuard uses the ChaCha20 encryption algorithm, Poly1305 for authentication, and Curve25519 for key exchange, which are considered secure against classical attacks but are vulnerable to quantum computing attacks.
-To make WireGuard connections more quantum-resistant, a PresharedKey (PSK) can be used in addition to the existing encryption. This adds an extra layer of symmetric encryption to the connection, making it more difficult for potential quantum attackers to break the encryption. 
-
-<div markdown="1" class="notice notice--warning">
-Note, this approach doesn't make the connection entirely quantum-proof as it still relies on classical cryptographic primitives.
-<br></br>
-For complete quantum resistance, a transition to post-quantum cryptographic algorithms is necessary. These algorithms are designed to be secure against both classical and quantum computing attacks. In the future, it's expected that VPN protocols, including WireGuard, will incorporate post-quantum cryptography to provide enhanced security.
-</div>
-
-### Preshared Key (PSK) Concept
-
-The WireGuard configuration includes an optional parameter called "PresharedKey" which can be used to enhance the security of the VPN connection.
-
-A PresharedKey (PSK) is a secret key that is shared between the VPN client and server before establishing a connection. The PSK is used to add an additional layer of symmetric encryption, making it more difficult for attackers to break the connection.
-
-Using a Key Encapsulation Mechanism (KEM) with a PresharedKey (PSK) can potentially increase the quantum resistance of a WireGuard connection, provided that the KEM is based on a post-quantum cryptographic algorithm.
-
-### Exchanging PresharedKey using KEM
-
-The table below is illustrating the algorithm/logic for exchanging a PresharedKey between the client and server using a post-quantum Key Encapsulation Mechanism (KEM).
-
-![](/images-static/uploads/quantum-resistance-1.png)
-
-As an example, see the [Client](https://github.com/open-quantum-safe/liboqs-go/blob/main/examples/client_server_kem/client/client_kem.go) and [Server](https://github.com/open-quantum-safe/liboqs-go/blob/main/examples/client_server_kem/server/server_kem.go) Go-lang implementations of sharing a PresharedKey using a KEM (the example uses liboqs-go, which is a wrapper for the original liboqs library).
-
-## Communication channel options for exchanging the PSK
-
-### Using the initial WireGuard tunnel 
-
-Using this approach the PSK is generated each time before the connection starts. But it uses an initial WireGuard connection for key exchange.
-
-![](/images-static/uploads/quantum-resistance-2.png)
-
-<strong>Pros</strong>: If the API server is blocked for the user, but they are able to access the WireGuard server, we can bypass such blocks and access the API server through the WireGuard tunnel
-
-<strong>Cons</strong>: The need to establish an additional WireGuard tunnel, which will lead to extra delays before establishing a real connection
-
-### Using REST API over HTTPS
-
-Since the Key Encapsulation Mechanism is developed to securely exchange keys between two parties over an insecure channel, it does not matter which channel is used. Using an API call before each WireGuard connection is simpler e.g.:
-
-![](/images-static/uploads/quantum-resistance-3.png)
-
-<strong>Pros</strong>: Easy to implement
-
-<strong>Cons</strong>: Impossible to exchange PSK when the API server is not accessible to a user
-
-### Using REST API over HTTPS only when regenerating WG keys
-
-Using this method, the PSK is updated during the WireGuard keys regeneration phase.
-
-<strong>Pros</strong>: Easy to implement
-
-<strong>Cons</strong>: Using the same PSK for each connection, until the new WireGuard keys are regenerated
-
-## IVPN's solution for quantum-resistant WireGuard connections
-
-IVPN apps and infrastructure make use of the last method for exchanging the PSK (via REST API over HTTPS during WireGuard key regeneration phase) with multiple KEM Algorithms for enhanced security.
-
-The aim of using multiple KEM algorithms for PresharedKey generation is to increase the overall security and robustness of the key exchange process. By combining different KEM algorithms, we create a "hybrid" approach that mitigates the risk of any single algorithm being compromised or broken by an attacker, whether it be a classical or quantum computer. This strategy helps to ensure that even if one algorithm is found to be vulnerable, the other algorithm(s) can still provide a strong level of security for the key exchange.
-
-Chosen algorithms:
-
-1. Kyber (Kyber-1024). Kyber is one of the finalists in the NIST post-quantum cryptography project. It has a high Claimed NIST Level and it has a not too long Public-Key size (1568 bytes).
-
-2. Classic McEliece (Classic-McEliece-348864). It is based on the McEliece cryptosystem, and its security has been studied and withstood attacks for decades. The main disadvantage is the large public key size. That's why we use the Classic-McEliece-348864 variant with the lowest NIST level, as it utilizes the smallest key size possible for this algorithm (261120 bytes).
-
-A PresharedKey rotation is integrated into the current mechanism of WireGuard key rotation using a quantum-resistant Key Encapsulation Mechanism:
-
-* The Client sends multiple public keys (public key for each KEM algorithm)
-* The Server returns multiple ciphers (secrets encoded by different KEM algorithms)
-
-The resulted PresharedKey is calculated as the SHA256 sum of all ciphers by both, client and server, and is used in hardening WireGuard connections against quantum computer attacks.
-
-### Conclusion
-
-Quantum computing presents a significant threat to the security of VPN connections. By adopting post-quantum cryptography and implementing quantum-resistant measures like PresharedKeys in WireGuard, VPN providers can ensure the privacy and security of their users in a post-quantum world.
diff --git a/src/content/es/pages/knowledgebase/general/socks5-proxy-service.md b/src/content/es/pages/knowledgebase/general/socks5-proxy-service.md
deleted file mode 100644
index d7418098f..000000000
--- a/src/content/es/pages/knowledgebase/general/socks5-proxy-service.md
+++ /dev/null
@@ -1,163 +0,0 @@
----
-title: SOCKS5 Proxy Service - IVPN Help
-h1: SOCKS5 Proxy Service
-url: /knowledgebase/general/socks5-proxy-service/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 210
----
-# SOCKS5 Proxy Service
-
-## Overview
-
-Our SOCKS v5 proxy service enables you to configure an application, e.g. a web browser to:
-
-1. Route its traffic through a different VPN server than the one you are connected to. This enables you to effectively set up VPN connections to multiple VPN servers at the same time. For example you could connect to the Paris VPN server but configure your Firefox web browser to exit the Singapore VPN server. All your traffic will exit the Paris server except for traffic from the Firefox web browser which will exit the Singapore VPN server. With the Firefox Multi-Account Containers addon you can even configure different VPN servers for each tab of the Firefox browser.
-1. Force traffic to be unrouteable if the VPN connection is terminated (application kill switch). The IVPN app firewall already prevents any traffic leaking outside of the VPN connection whilst connected, though you may want an additional kill switch if you need to disable the IVPN firewall to access local or remote resources. This works because our SOCKS5 proxies are only available when the VPN is connected, so if the VPN is disconnected, the proxy is not available and no traffic can leak from the application.
-
-## How to use the SOCKS5 service
-
-All IVPN VPN servers offer a SOCKS v5 proxy service.  The service is available on port `1080` when the VPN is connected.  SOCKS5 proxy services are not available when the VPN is disconnected.
-
-The local IP address for the proxy service is `10.1.0.1` and this address is associated with the DNS name `socks5.gw.ivpn.net`, which is the VPN server hosting the client device's connection. This is helpful if you want to configure an application to always send its traffic to the SOCKS5 proxy on the same server that you are connected to giving you the additional kill switch functionality described in the overview above.
-
-Hostnames are available on our [server status page](https://www.ivpn.net/status), though typically follow the rule of adding `socks5.` at the beginning of the VPN server's hostname, like `socks5.es1.gw.ivpn.net` or `socks5.nl1.wg.ivpn.net`.
-
-No authentication (username/password) is required for the proxy connection.
-
-## Add SOCKS5 Proxy Settings
-
-### All platforms: Mozilla Firefox
-
-1. Go to the Firefox `Settings/Preferences` area, search for **proxy**, then click the `Settings...` button
-
-1. Select `Manual Proxy configuration`
-
-1. In the `SOCKS Host` field, enter the desired IP address or hostname.  Check our [server status page](https://www.ivpn.net/status) for proxy IP addresses and hostnames
-
-1. In the `Port` field beside the `SOCKS Host` field, enter **1080**
-
-1. Make sure `SOCKS v5` is selected
-
-1. Put a checkmark beside `Proxy DNS when using SOCKS v5` otherwise the VPN server's DNS will be used for DNS queries
-
-1. Click `OK`
-
-![](/images-static/uploads/socks5-firefox.png)
-
-Select `No Proxy` at the top of the `Connection Settings` area to disable the proxy settings.
-
-### All platforms: Firefox Multi-Account Containers
-
-The Firefox Multi-Account Containers add-on allows you to associate tabs with a specific container. Tabs in different containers use separate website storage areas, which limits 3rd party tracking and also enables other features such as being able to sign in to the same account (e.g. Gmail) with two different identities in the same browser. Another feature of these containers is that they can be configured with their own SOCKS5 proxy so we can create one or multiple containers each associated with different exit VPN servers. For example, you could be connected to the London server with the IVPN app, but have three tabs open, one sending traffic to the Amsterdam VPN server, one to the Singapore VPN server and one to the Kyiv VPN server (all via the SOCKS5 proxy on those servers).
-
-1. Install the [Firefox Multi-Account Containers add-on](https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/)
-
-1. Click the extension icon in the toolbar and select `Manage Containers`, then `New Container`
-
-1. Give the container a name e.g. `IVPN - Amsterdam` and a color to easily identify tabs in this container and click `OK`
-
-1. Click on the extension icon in the toolbar again and select `Manage Containers` and select the container you just created
-
-1. Click on the link at the bottom `Advanced proxy settings`, enter the proxy address (e.g. `socks://socks5.nl8.gw.ivpn.net:1080` or `socks://socks5.sg1.gw.ivpn.net:1080`) and click `Apply to container`
-
-1. Open a new tab in this container by selecting the extension icon and selecting the container name and navigate to [DNSleaktest.com](https://www.dnsleaktest.com) to verify that the VPN traffic is exiting in the location you configured
-
-{{< video src="/images-static/uploads/firefox-multi-account-containers-ivpn-demo.mp4" type="video/mp4" preload="auto" >}}
-
-### Windows: [Chromium-based browsers](https://en.wikipedia.org/wiki/Chromium_(web_browser)), like Brave, Google Chrome, Microsoft Edge, Opera
-
-1. Edit the browser shortcut properties by clicking the desktop icon and pressing `Alt + Enter`
-
-1. At the end of the the `Target:` field, add a space plus `--proxy-server=socks5://` plus the proxy server IP address or hostname:
-
-    ` --proxy-server=socks5://10.1.0.1` (proxy on connected VPN server)
-
-    ` --proxy-server=socks5://socks5.gw.ivpn.net` (proxy on connected VPN server)
-
-    ` --proxy-server=socks5://socks5.fr1.gw.ivpn.net` (proxy on `fr1` server in France)
-
-1.   Click `OK` to apply and save the changes
-
-![](/images-static/uploads/socks5-edge.png)
-
-Remove the added `--proxy-server=socks5://...` text from the end of the `Target:` field to disable the proxy settings.
-
-### macOS: Safari
-
-1. Open the Safari Preferences
-
-1. Go to `Advanced > Proxies:` and click the `Change Settings...` button
-
-1. Put a checkmark beside `SOCKS Proxy`
-
-1. Enter the desired IP address or hostname in the `SOCKS Proxy Server` field.  Check our [server status page](https://www.ivpn.net/status) for proxy IP addresses and hostnames
-
-1. In the `Port` field beside the `SOCKS Proxy Server` field, enter **1080**
-
-1. Click the `OK` button on the `Advanced` settings screen
-
-1. Click the `Apply` button on the `Network` screen
-
-Remove the check mark beside `SOCKS Proxy` in the `Network > Advanced > Proxies` area, then click `OK` and `Apply` to disable the proxy settings.
-
-![](/images-static/uploads/sock5-macos.png)
-
-### macOS: [Chromium-based browsers](https://en.wikipedia.org/wiki/Chromium_(web_browser)), like Brave, Google Chrome, Microsoft Edge, Opera
-
-1. Open the browser Settings
-
-1. Search for "proxy" and click the button to "Open your computer's proxy settings"
-
-1. Enter the desired IP address or hostname in the `SOCKS Proxy Server` field.  Check our [server status page](https://www.ivpn.net/status) for proxy IP addresses and hostnames
-
-1. In the `Port` field beside the `SOCKS Proxy Server` field, enter **1080**
-
-1. Click the `OK` button on the `Advanced` settings screen
-
-1. Click the `Apply` button on the `Network` screen
-
-Remove the check mark beside `SOCKS Proxy` in the `Network > Advanced > Proxies` area, then click `OK` and `Apply` to disable the proxy settings.
-
-### Android and iOS
-
-Android and iOS currently support HTTPS proxy services; SOCKS5 proxies are not supported.
-
-
-## Compatibility with Other IVPN Features
-
-### AntiTracker
-
-No.
-
-The standard DNS is used by the SOCKS5 proxy.  This standard DNS runs on the VPN server itself and all DNS queries are fully encrypted.
-
-### Custom DNS ([IVPN app](https://www.ivpn.net/apps/))
-
-No.
-
-The standard DNS is used by the SOCKS5 proxy.  This standard DNS runs on the VPN server itself and all DNS queries are fully encrypted.
-
-### IPv6
-
-IPv6 sites and services are available through the proxy connection, though a pure IPv6 proxy service is not available.  Proxy IP addresses are currently in the IPv4 address space.  All VPN protocols provide this IPv6-through-IPv4 access, which differs from a VPN-only connection where IPv6-through-IPv4 is available for WireGuard connections.
-
-### Multi-Hop
-
-Yes, with port-based Multi-Hop.  Add a proxy to a web browser and it results in a triple-hop connection: **entry server** to **exit server** to **proxy server**.
-
-The original Multi-Hop system used a suffix on the IVPN Account ID, like `@fr` to exit in France, and this original system is not 100% compatible with the SOCKS5 proxy service.  For a triple-hop connection and access to all proxy servers, please switch from this original suffix-based system to the port-based system.  This [knowledge base article](https://www.ivpn.net/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) offers details on switching to port-based Multi-Hop.
-
-### Obfsproxy
-
-Yes, for Windows, macOS, and Linux.
-
-### Split Tunnel ([IVPN app](https://www.ivpn.net/apps/))
-
-No.  A web browser included in the split tunnel bypass list will not be able to make use of the proxy service.
-
-### VPN Protocols
-
-Yes.  All VPN protocols provided by IVPN are supported (IPSec with IKEv2, OpenVPN, WireGuard).
diff --git a/src/content/es/pages/knowledgebase/general/split-tunnel-faq.md b/src/content/es/pages/knowledgebase/general/split-tunnel-faq.md
deleted file mode 100644
index 2a0d11ac2..000000000
--- a/src/content/es/pages/knowledgebase/general/split-tunnel-faq.md
+++ /dev/null
@@ -1,62 +0,0 @@
----
-title: Split Tunnel FAQ - IVPN Help
-h1: Split Tunnel FAQ
-url: /knowledgebase/general/split-tunnel-faq/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 589
----
-# Split Tunnel FAQ
-
-1.  ### What is Split Tunnel?
-    Split Tunnel is a feature that lets you choose which apps use the VPN tunnel and which bypass it. Check the following [article](/knowledgebase/general/split-tunnel-uses-and-limitations/) for more details on the feature uses and limitations.
-
-2.  ### Which platforms is Split Tunnel available on?
-    The Split Tunnel feature is currently available on our apps for Windows, Linux and Android.
-
-3.  ### What types of VPN Split Tunneling do you offer?
-
-    #### App-based Split Tunneling (Windows, Linux and Android) 
-    All apps on the system are using the VPN connection with the exception to those added to the Split Tunnel list.
-    
-    #### Inverse app-based Split Tunneling (Windows and Linux)
-    Apps in the Split Tunnel list use the VPN connection. Everything else on the system is not using the VPN.
-
-4.  ### Can I use Split Tunnel to exclude a specific website/s from the VPN?
-    We do not currently offer a URL-based Split Tunnel functionality.
-
-5.  ### Which DNS server does the app added to the Split Tunnel list use?
-    If the [IVPN Firewall](/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall/) is enabled, apps excluded from the VPN tunnel will use the DNS server set by the IVPN app. Otherwise, DNS requests may leak to your ISP.
-
-    In the Inverse Split Tunnel mode, the DNS requests may leak to your ISP provided DNS servers unless `Block DNS servers not specified by the IVPN application` option is enabled.
-    
-    Run the extended test on the [dnsleaktest](https://dnsleaktest.com) page to confirm.
-
-6.  ### How can I activate the Split Tunnel?
-
-    #### Windows
-    In the IVPN app, go to `Settings` - `Split Tunnel`, enable the `Split Tunnel` option, click on the `Add application` button and select the app from the list or add the path to the app's executable manually.
-    
-    For inverse Split Tunnel functionality, have the `Inverse mode` option checked. Note, you cannot use the IVPN Firewall in this mode.
-
-    Split Tunnel can also be managed via CLI. Run `ivpn splittun -h` command for details.
-
-    You can have multiple apps added to the Split Tunnel list. The user defined Split Tunnel configuration persists through the system reboot and is automatically applied when the IVPN app is started.
-
-    It is impossible to add some apps to the Split Tunnel list (e.g  apps installed via Microsoft Store).
-
-    #### Linux
-    To start the app in the Split Tunnel environment, it has to be launched from the IVPN app.
-
-    Navigate to `Settings` - `Split Tunnel`, enable the `Split Tunnel` option, click on the `Launch application` button and start the required app from the list or by specifying the path to the binary.
-
-    For inverse Split Tunnel functionality, have the `Inverse mode` option checked. Note, you cannot use the IVPN Firewall in this mode.    
-
-    The apps can also be quickly started in the Split Tunnel environment from the app's main UI window by clicking on the `+` icon in the `Split Tunnel mode active` area, as well as via the terminal (see `ivpn splittun -h` for details).
-
-    #### Android
-    In the IVPN app, access `Settings` by tapping on the `Gear` icon in the top right. Navigate to `Split Tunnelling` area and toggle the switch **'On'** next to the apps you want to use the VPN and **'Off** for those that must to use your default connection.
-
-    The user defined Split Tunnel configuration persists through the system reboot and is automatically applied when the IVPN app is started.
\ No newline at end of file
diff --git a/src/content/es/pages/knowledgebase/general/split-tunnel-uses-and-limitations.md b/src/content/es/pages/knowledgebase/general/split-tunnel-uses-and-limitations.md
deleted file mode 100644
index 7b744fdd8..000000000
--- a/src/content/es/pages/knowledgebase/general/split-tunnel-uses-and-limitations.md
+++ /dev/null
@@ -1,53 +0,0 @@
----
-title: Split Tunnel Uses and Limitations - IVPN Help
-h1: Split Tunnel Uses and Limitations
-url: /knowledgebase/general/split-tunnel-uses-and-limitations/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 590
----
-# Split Tunnel Uses and Limitations
-
-The IVPN App's split tunnel feature offers a way to bypass the VPN tunnel for select applications and services e.g. to access video streaming services or for gaming. This is a convenient way to protect your privacy while offering the convenience of accessing content and services that may not be friendly to VPN server IP addresses.
-
-With any convenience, there is often a trade-off. For the split tunnel feature, the trade-off is an intentional leak. The IVPN App has been designed to prevent leaks, so please be aware that these intentional leaks present with the split tunnel feature may include unexpected behaviours. These are detailed below.
-
-**Active Applications and Connections**
-
-The split tunnel feature has an impact on applications and connections that are launched after the split tunnel is activated and the VPN is connected. Applications and connections that were already active before the split tunnel is enabled may still use the VPN connection instead of bypassing it.
-
-For example, after the VPN is connected, when an already-open web browser is added to the split tunnel application list, that web browser will continue to use the VPN tunnel. Restart the web browser to make use of the split tunnel bypass.
-
-Torrents present an interesting example. When the VPN connection is enabled and a torrent client is not part of the split tunnel bypass, all peer connections use the VPN connection. Add the torrent client to the split tunnel list and activate the bypass feature in the IVPN App and existing peer connections will continue to use the VPN while any new peer connections will bypass the VPN. Restart the torrent client to make sure all connections bypass the tunnel (if this is your preference).
-
-Generally, restarting an application after enabling the split tunnel feature will make sure its traffic bypasses the VPN.
-
-**Child Processes**
-
-An application added to the split tunnel list might spawn child processes (additional programs running independently in-support-of or to-provide-extra-features-for the parent application). These child processes will make use of the tunnel based on the status of the parent process in the split tunnel application list.
-
-Valve's Steam client is an example of a parent application that spawns child processes (the games themselves). When the Steam client is in the split tunnel application list, games launched will also make use of the bypass.
-
-Other gaming launchers, like the Epic Games Launcher, may behave in a similar manner. One way to test for certain is to check ping times to gaming servers. Games that bypass the VPN will likely have lower ping times to servers that are geographically close. Games that use the VPN will likely have higher ping times due to the extra hop through the VPN server.
-
-**DNS**
-
-The Domain Name System (DNS) offers a way to turn a network hostname, like [ivpn.net](https://ivpn.net), into an IP address. Network communication relies on IP addresses and hostnames are offered to make accessing network clients easy for humans.
-
-An application that uses the split tunnel feature in the IVPN App will likely rely on the operating system's DNS service, which is likely protected by the IVPN App's VPN connection. DNS queries from a web browser that uses the split tunnel, for example, may appear to come from the VPN server, which may have an impact on accessing some online content. Run a [DNS leak test](https://www.dnsleaktest.com/) to be certain.
-
-Using an application's built-in DNS option, like [Mozilla Firefox's DNS-over-HTTPS feature](https://support.mozilla.org/en-US/kb/firefox-dns-over-https#w_manually-enabling-and-disabling-dns-over-https), offers a way to correct unexpected DNS-related issues.
-
-The IVPN App includes a [Custom DNS](https://www.ivpn.net/knowledgebase/general/custom-dns/) feature that handles DNS requests for all applications on the system, whether they use the VPN tunnel or bypass it via the split tunnel.  Switching to a Custom DNS server in the IVPN App might help with applications that do not behave as expected, though please consider that all requests on the system will use this DNS and not the VPN server's DNS. 
-
-**Multicast and UDP**
-
-Applications designed to receive Multicast or UDP packets might end up dropping incoming packets depending on the local network interface binding and precedence. Testing is likely required to confirm whether an application or service behaves as expected when it is part of the split tunnel list and excluded from the VPN with respect to Multicast and UDP traffic.
-
-**Privacy**
-
-Bypassing the VPN tunnel for some applications and services means that your ISP and any observer can see the actual destination of some of your Internet traffic. The convenience of accessing content or improving a gaming experience is ultimately a choice.
-
-Please consider the privacy implications when adding applications to the IVPN App's split tunnel application list.
diff --git a/src/content/es/pages/knowledgebase/general/tcp-and-udp-connections.md b/src/content/es/pages/knowledgebase/general/tcp-and-udp-connections.md
deleted file mode 100644
index 35301d9d6..000000000
--- a/src/content/es/pages/knowledgebase/general/tcp-and-udp-connections.md
+++ /dev/null
@@ -1,21 +0,0 @@
----
-title: TCP and UDP Connections - IVPN Help
-h1: TCP and UDP Connections
-url: /knowledgebase/general/tcp-and-udp-connections/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 590
----
-# TCP and UDP Connections
-
-Generally, UDP traffic is more a efficient protocol compared to TCP due to the simpler design. UDP is a lightweight protocol with no ordering of messages, no connection tracking, and fewer packets for overhead. TCP is a heavyweight protocol with more overhead required for the initial handshake and every subsequent packet.
-
-UDP is typically used for video streaming and Internet service providers have a tendency to employ traffic shaping techniques to keep the massive quantities of video traffic under control. This shaping can catch UDP-based VPN traffic accidentally, which may result in a slower connection that expected. Switching to the TCP protocol may result in a connection with better performance.
-
-By default, IVPN apps and our [OpenVPN configuration files](/openvpn-config) use a UDP connection to take advantage of the benefits and efficiency of the protocol. We offer OpenVPN connections on UDP 53, 80, 443, 1194, 2049, 2050 and TCP 80, 443, 1443. Since all networks are different, our IVPN apps makes it easy to [change the protocol and port](/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect/) for the connection.
-
-For manual OpenVPN connections, you can also generate and download TCP-based [OpenVPN configuration files](/openvpn-config).
-
-Currently, IPSec and WireGuard only use UDP-based connections, so there are fewer tuning options. IPSec is the least configurable because it only accepts connections on UDP port 500. WireGuard can accept connections on any UDP port. We offer ports 53, 80, 443, 1194, 2049, 2050, 30587, 41893, 48574, and 58237 for WireGuard connections.
diff --git a/src/content/es/pages/knowledgebase/general/using-wireguard-for-privacy-protection.md b/src/content/es/pages/knowledgebase/general/using-wireguard-for-privacy-protection.md
deleted file mode 100644
index fee4ae7f6..000000000
--- a/src/content/es/pages/knowledgebase/general/using-wireguard-for-privacy-protection.md
+++ /dev/null
@@ -1,172 +0,0 @@
----
-title: Using WireGuard® for Privacy Protection - IVPN Help
-h1: Using WireGuard® for Privacy Protection
-url: /knowledgebase/general/using-wireguard-for-privacy-protection/
-sections:
-    - general
-    - privacy
-sectionTitle: General
-layout: help-details
-weight: 530
----
-# Using WireGuard® for Privacy Protection
-
-WireGuard® is a new VPN protocol that utilises state-of-the-art cryptography. It aims to be simpler and more performant than IPsec and OpenVPN. This promises huge benefits for its users:
-
-- Much easier to audit, due to its small codebase
-- Faster speeds
-- Easy to configure
-- More reliable: it supports user roaming and has less overhead
-
-If you're not familiar with it, we highly recommend reading the excellent [white paper on WireGuard, written by its author, Jason A. Donenfeld](https://www.wireguard.com/papers/wireguard.pdf).
-
-### Security vs Privacy
-
-WireGuard was not designed with commercial VPN providers who offer privacy services in mind. As such, it leaves certain issues (e.g. IP address assignment, key distribution etc.) to the implementers.
-
-The border between privacy and security is very blurred by nature and needs to be specifically defined, so as to understand, where WireGuard makes compromises that need to be addressed.
-
-We define the split as the following:
-
-- The security of the protocol is concerned with protecting the data in a tunnel from being accessed by adversaries: either by breaking the encryption, MITM attacks, or by any other means, no matter how complicated.
-
-- Privacy is concerned with whether an adversary can learn anything about you, your communication or any party you've communicated with. It has more to do with the metadata rather than the actual data.
-
-Privacy can be violated, even when security is rock solid. For example, when the fact that two parties communication can be determined. Or when a certain piece of information about a party becomes known after the communication took place. However, it should be noted that, if security is weak, privacy cannot be guaranteed at all.
-
-WireGuard provides a very high level of security, let's take a look at where it is not particularly effective at with protecting privacy, and how we at IVPN fix these issues.
-
-### Problem 1: The public IP address of a peer is stored in memory indefinitely
-
-If you run WireGuard command line utility wg(8) on a server with root privileges, you will see entries similar to this:
-
-```
-peer: TmljZSBUcnkgISA6KSB3b3J0aCBjaGVja2luZw==
-endpoint: 198.51.100.23:39812
-allowed ips: 192.0.2.131/32 
-latest handshake: 22 hours, 42 minutes, 5 seconds ago
-transfer: 1.99 KiB received, 2.76 KiB sent
-```
-
-As you can see, WireGuard is associating public IP address of a peer (endpoint field in the output above) with the key.
-
-This is not really any different from any other VPN protocol: it needs to know where to send encrypted packets to.
-
-What is different is that other protocols keep track if the peer is active. When a peer is determined to be inactive, or if the connection is closed, other VPN protocols purge the peer information. WireGuard doesn't do this.
-
-WireGuard doesn't really have a concept of a connection, it is connection-less, peers can stop exchanging data at any time and expect to be able to continue at any point in the future. This helps, for example, when a peer wakes from sleep mode or when a user is roaming and switches from mobile to Wi-Fi.
-
-This is not optimal for privacy, however, as a peer's IP address may be stored long after it stops sending data to the tunnel.
-
-#### Solution
-
-The WireGuard protocol uses sessions to manage various aspects of the peer data exchange, sessions last maximum for 180 seconds.
-
-Internally WireGuard stores the time of the latest handshake so that it knows what to do when exchanging data with a peer:
-
-- When fewer than 120 seconds have elapsed, just send data as the session is still active
-
-- 120 to 179 seconds have elapsed, send data and interleave a handshake to renew the session.
-
-- More than 180 seconds have elapsed, handshake to renew the session before data is sent.
-
-Knowing this, we can solve the issue of WireGuard holding on to peer information indefinitely and reduce it to a minimum.
-
-When it is reasonably clear that the remote peer has stopped talking (i.e. latest handshake is more than 180 seconds ago), the peer's configuration can be deleted and then reinstated.
-
-This removes the peer information and configures the server to wait for an incoming handshake. The example above becomes:
-
-```
-peer: TmljZSBUcnkgISA6KSB3b3J0aCBjaGVja2luZw==
-allowed ips: 192.0.2.131/32
-```
-
-We handle this within our "key management daemon" – specially developed software which manages keys on our gateway.
-
-It scans the list of peers for those that have the latest handshake time greater than 180 seconds ago and deletes/reinstates their configuration.
-
-Our KMD interacts directly with the WireGuard kernel module to manage the information it requires (we don’t write config files).
-
-#### Summary
-
-We don't store connection data or metadata about your keys and we take care to ensure that we don't hold on to data any longer than is required by the WireGuard protocol for optimal usage.
-
-### Problem 2: WireGuard doesn't provide a mechanism for tunnel IP address allocation.
-
-In order to operate, each tunnel requires an internal tunnel IP address to be assigned on both ends, regardless of which protocol is used.
-
-Protocols like OpenVPN and IPSec rely on DHCP to assign a dynamic tunnel IP address during connection to the peer.
-
-However, as discussed above, WireGuard doesn't have the concept of connections. And because of its architecture, it cannot rely on mechanisms like DHCP for tunnel IP address assignment to the peers.
-
-In WireGuard, the responsibility to allocation tunnel IP addresses in shifted away from the protocol and to the user. In some environments, a simple static address assignment may be possible.
-
-However, this doesn't scale well to large numbers of clients. A mechanism is required to dynamically generate tunnel IP addresses and distribute public keys prior to the connection being made.
-
-This mechanism should be implemented in a way that the privacy of customers cannot be compromised.
-
-#### Solution
-
-At IVPN, we solve this by assigning a random tunnel IP address for each key provided.
-
-It works like this:
-
-1. You generate a key pair.
-2. You provide us with the public key.
-3. We generate a random IP address from a huge private network range and return it back to you.
-4. We distribute both, your public key and the generated IP address to all our gateways.
-5. You configure your client with the private key you generated in step 1 and the IP address we returned in step 3.
-
-All of these steps are done automatically in a fraction of a second when using our apps.
-
-Since the private network range is huge, we can allocate random addresses from it and not worry that we will run out of them. Neither do we have to reclaim any previously-used internal IP addresses to avoid exhaustion.
-
-IP Addresses are deleted together with keys, either by apps (when you log out), or alternatively when your account gets suspended or cancelled or by you through our website.
-
-#### Summary
-
-We allocate random tunnel IP addresses which we provide to you or our Apps to complete the WireGuard connection setup. There is no need for us to keep track of the usage of these addresses nor reclaim them since they are allocated from the huge private network range.
-
-For added privacy, we provide a mechanism to rotate these addresses at your request, as described below.
-
-### Problem 3: Without real dynamic IP address allocation, users can be tracked under some circumstances.
-
-As discussed in previous sections, WireGuard relies on statically assigned tunnel IP addresses, while other protocols like OpenVPN and IPSec, can change the tunnel IP address on every connection.
-
-The private tunnel IP address should never be seen on the public internet, as it’s always secured by the protocol's encryption.
-
-If an adversary monitors the traffic, there is no way to know that the packet from a specific user on the public internet is associated with a particular device or internal tunnel IP address.
-
-However, software running on the user's computer may actually see your tunnel interface and the associated internal IP address.
-
-Another option to extract this tunnel IP address is through WebRTC if it is enabled in a browser etc.
-
-If extracted, this can serve as an identifier, when other measures are not implemented.
-
-#### Solution
-
-All IVPN clients apps support periodically changing IP addresses. This process is implemented together with key regeneration (see below).
-
-By default, this happens once per day and can be changed from within the app's settings to up to once every 30 days.
-
-#### Summary
-
-Your tunnel IP address is no longer static and it becomes more difficult to track a user if it gets exposed through WebRTC or by software.
-
-### Problem 4: WireGuard doesn't offer "identity-hiding forward secrecy"
-
-As discussed on the WireGuard [mailing list](https://lists.zx2c4.com/pipermail/wireguard/2019-January/003777.html), the WireGuard protocol doesn't offer identity-hiding forward secrecy.
-
-If an attacker records all traffic to/from a server, then breaks into the server and extracts the WireGuard private key from it, they will be able to correlate traffic with specific users.
-
-#### Solution
-
-All IVPN client apps support periodic, automatic key regeneration which also changes the internal IP address. During this process, the client creates a new key pair and uploads a new key to the server, and we provide the client with a new IP address.
-
-The new key is distributed to our servers and the client switches to using it and the new IP address. This is designed to be completely transparent to the user.
-
-The default is to regenerate the key once per day. It can be changed in the app's settings to be regenerated between once a day to once every 30 days.
-
-#### Summary
-
-Previous sessions cannot be identified or tracked.
diff --git a/src/content/es/pages/knowledgebase/general/what-are-tcp-connections.md b/src/content/es/pages/knowledgebase/general/what-are-tcp-connections.md
deleted file mode 100644
index 2f44c908b..000000000
--- a/src/content/es/pages/knowledgebase/general/what-are-tcp-connections.md
+++ /dev/null
@@ -1,20 +0,0 @@
----
-title: What are TCP connections? - IVPN Help
-h1: What are TCP connections?
-url: /knowledgebase/general/what-are-tcp-connections/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 80
----
-# What are TCP connections?
-
-The IVPN client uses the UDP protocol by default as it is the fastest. If you are unable to connect using UDP you may wish to connect using TCP. We offer the ability to use TCP for cases when the underlying Internet connection is not stable or you are positioned behind a very restrictive firewall. Both protocols are equally secure.
-
-| # Normal (UDP) mode | # TCP mode |
-|---|---|
-| Faster | Slower (usually around 5-10%) |
-| Can be slower with a very unreliable Internet connection | Very stable even with an unreliable connection |
-| Works through most firewalls | Should work through even more restrictive firewalls |
-| Maximum security | Maximum security |
diff --git a/src/content/es/pages/knowledgebase/general/what-is-a-multihop-vpn-service.md b/src/content/es/pages/knowledgebase/general/what-is-a-multihop-vpn-service.md
deleted file mode 100644
index d7826e772..000000000
--- a/src/content/es/pages/knowledgebase/general/what-is-a-multihop-vpn-service.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-title: What is a Multi-hop VPN service? - IVPN Help
-h1: What is a Multi-hop VPN service?
-url: /knowledgebase/general/what-is-a-multihop-vpn-service/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 570
----
-# What is a Multi-hop VPN service?
-
-When connecting to a Multi-hop server, instead of your traffic being routed through a single VPN server, it is routed through two VPN servers. This technology has been carefully incorporated into the IVPN network using the same 256-bit OpenVPN and WireGuard encryption as the single-hop VPN servers. Multi-hop connections offer significantly higher levels of anonymity and privacy, however, they are slightly slower than single-hop connections due to the additional hop that your traffic is routed through. We offer our customers a choice of single and Multi-hop connections for both WireGuard and OpenVPN.
-
-The Multi-hop feature is available in our Pro plan.
diff --git a/src/content/es/pages/knowledgebase/general/what-is-the-default-encryption-cipher-for-vpn-connections.md b/src/content/es/pages/knowledgebase/general/what-is-the-default-encryption-cipher-for-vpn-connections.md
deleted file mode 100644
index a8d7f5f5f..000000000
--- a/src/content/es/pages/knowledgebase/general/what-is-the-default-encryption-cipher-for-vpn-connections.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-title: What is the default encryption cipher for VPN connections? - IVPN Help
-h1: What is the default encryption cipher for VPN connections?
-url: /knowledgebase/general/what-is-the-default-encryption-cipher-for-vpn-connections/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 510
----
-# What is the default encryption cipher for VPN connections?
-
-If you use OpenVPN 2.4 or later and do not specify a cipher in your OpenVPN configuration file, then `AES-256-GCM` is used by default. If use a version of OpenVPN older than v2.4 then `AES-256-CBC` will be used as the default.  For OpenVPN 2.5 and up, `ChaCha20-Poly1305` is also available.
-
-If you use WireGuard, `ChaCha20` is in place to encapsulate packets.
diff --git a/src/content/es/pages/knowledgebase/general/what-makes-ivpn-so-fast.md b/src/content/es/pages/knowledgebase/general/what-makes-ivpn-so-fast.md
deleted file mode 100644
index 7ba0a32d5..000000000
--- a/src/content/es/pages/knowledgebase/general/what-makes-ivpn-so-fast.md
+++ /dev/null
@@ -1,25 +0,0 @@
----
-title: What makes IVPN so fast? - IVPN Help
-h1: What makes IVPN so fast?
-url: /knowledgebase/general/what-makes-ivpn-so-fast/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 50
----
-# What makes IVPN so fast?
-
-The IVPN network was designed to be as fast as possible to encourage customers to remain connected 24/7. We have researched the international wholesale bandwidth markets to find network providers with the most reliable and high performance tier 1 bandwidth. Premium bandwidth is expensive but this is the foundation for a fast service. Consider the following about speed:
-
-- It is commonly misunderstood that speed = capacity. If someone asks how fast is your connection and you say 30Mb/s then you are referring to the capacity or bandwidth of the connection, not the speed. The combination of latency and bandwidth gives the perception of how fast a connection is. So bandwidth refers to how wide the pipe is, not how fast it is. Latency is the delay caused by the time it takes for a packet to travel from the source to the destination. Together, latency and bandwidth define the speed of a network.
-
-- Bandwidth and latency are related. If the bandwidth is saturated then congestion occurs and latency is increased. However, if the bandwidth of a connection is not saturated, the latency will not decrease. Bandwidth can always be increased but latency cannot be decreased. Use the ping utility to measure the latency between your device and our servers.
-
-- We've placed VPN servers as physically close to our customer base as possible and continually revise existing and new locations for opportunities to get servers closer to customers thereby decreasing the latency and increasing the speed of our VPN service. 
-
-- We build VPN servers which can easily handle the heavy encryption overhead for hundreds of users simultaneously. We have a minimum server specification which includes multi-core Xeon processors.
-
-- We maintain an extremely low subscriber ratio per server to ensure that performance does not decline at peak periods. The majority of our servers operate at a fraction of their capacity to allow for bursts during high demand periods.
-
-- Finally, high performance relies on constant monitoring to forward plan capacity and resolve communication problems as close to real time as possible. We've implemented a 24/7 enterprise class monitoring system to alert our network engineers of any issues and allow us to spot trends and ensure we can always meet our customers expectations.
diff --git a/src/content/es/pages/knowledgebase/general/what-payment-methods-do-you-accept.md b/src/content/es/pages/knowledgebase/general/what-payment-methods-do-you-accept.md
deleted file mode 100644
index 7ef0764be..000000000
--- a/src/content/es/pages/knowledgebase/general/what-payment-methods-do-you-accept.md
+++ /dev/null
@@ -1,23 +0,0 @@
----
-title: What payment methods do you accept? - IVPN Help
-h1: What payment methods do you accept?
-url: /knowledgebase/general/what-payment-methods-do-you-accept/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 400
----
-# What payment methods do you accept?
-
-IVPN accepts the following payment methods via our website:
-
-* Bitcoin (via our own BTCPay server)
-* Monero (self-hosted)
-* PayPal
-* Credit/Debit Cards (except American Express and any types of Prepaid/Gift Cards)
-* In-app payments via our mobile apps for [iOS](/apps-ios/) and [Android](/apps-android/) (Play Store version only)
-* [Physical voucher cards and digital voucher codes](/knowledgebase/billing/voucher-cards-faq/)
-* [Cash](/knowledgebase/billing/how-can-i-pay-with-cash/)
-
-We run our own nodes for both Bitcoin and Monero.
diff --git a/src/content/es/pages/knowledgebase/general/what-speed-can-i-expect-or-how-fast-is-ivpn.md b/src/content/es/pages/knowledgebase/general/what-speed-can-i-expect-or-how-fast-is-ivpn.md
deleted file mode 100644
index f7eee71b0..000000000
--- a/src/content/es/pages/knowledgebase/general/what-speed-can-i-expect-or-how-fast-is-ivpn.md
+++ /dev/null
@@ -1,19 +0,0 @@
----
-title: What speed can I expect / how fast is IVPN? - IVPN Help
-h1: What speed can I expect / how fast is IVPN?
-url: /knowledgebase/general/what-speed-can-i-expect-or-how-fast-is-ivpn/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 60
----
-# What speed can I expect / how fast is IVPN?
-
-This is a difficult question to answer accurately without testing. All our servers are deployed on industry-leading tier-1 multi-gigabit networks with full-duplex gigabit ethernet interfaces. However, the performance you experience when connected to the IVPN network is based on much more than the theoretical maximum throughput of our servers.
-
-We maintain a very low ratio of users per server to ensure sufficient bandwidth is available at all times. Most customers in the USA and Europe find that they can sustain around 70% of the underlying Internet bandwidth depending on factors such as time of day and whether the server is on the same continent. When testing, always use a downloading application that can open enough download processes to saturate your connection.
-
-For more information about the speed of our network, see [what makes IVPN so fast](/knowledgebase/general/what-makes-ivpn-so-fast/).
-
-Although we do not have a free trial option, we offer an affordable one week paid plan which can be used to test the speed of our servers. With our [30-day money-back guarantee](/refunds/), you can [sign up](/signup/) and try IVPN with no risks.
diff --git a/src/content/es/pages/knowledgebase/general/what-technologies-do-you-use-at-ivpn.md b/src/content/es/pages/knowledgebase/general/what-technologies-do-you-use-at-ivpn.md
deleted file mode 100644
index 5c9ba2a67..000000000
--- a/src/content/es/pages/knowledgebase/general/what-technologies-do-you-use-at-ivpn.md
+++ /dev/null
@@ -1,33 +0,0 @@
----
-title: What technologies do you use at IVPN? - IVPN Help
-h1: What technologies do you use at IVPN?
-url: /knowledgebase/general/what-technologies-do-you-use-at-ivpn/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 140
----
-# What technologies do you use at IVPN?
-
-We use only open-source software at IVPN. Below is a list of some of the technologies we have used to build our network.
-
-- [CentOS](https://www.centos.org/) - Enterprise-class Linux distribution
-
-- [AlmaLinux](https://almalinux.org/) - 1:1 binary compatible with RHEL® and pre-Stream CentOS
-
-- [Puppet](https://puppet.com/) and [the Foreman](https://theforeman.org/) - Centralized configuration management for all our servers.
-
-- [Zabbix](https://www.zabbix.com/) - Distributed network monitoring solution.
-
-- [OSSEC](https://www.ossec.net/) - Host intrusion detection and centralized logging platform.
-
-- [OpenVPN](https://openvpn.net/) - Encryption and authentication for all server to server communications.
-
-- [OpenSwan](https://openswan.org/) - Providing IPSec services to customers.
-
-- [WireGuard](https://www.wireguard.com/) - WireGuard VPN services for customers.
-
-- [FreeRadius](https://freeradius.org/) - AAA services.
-
-- [Tarsnap](https://www.tarsnap.com/) - Backup of critical data.
diff --git a/src/content/es/pages/knowledgebase/general/what-vpn-protocols-do-you-offer.md b/src/content/es/pages/knowledgebase/general/what-vpn-protocols-do-you-offer.md
deleted file mode 100644
index e7270c599..000000000
--- a/src/content/es/pages/knowledgebase/general/what-vpn-protocols-do-you-offer.md
+++ /dev/null
@@ -1,21 +0,0 @@
----
-title: What VPN protocols do you offer? - IVPN Help
-h1: What VPN protocols do you offer?
-url: /knowledgebase/general/what-vpn-protocols-do-you-offer/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 130
----
-# What VPN protocols do you offer?
-
-IVPN supports OpenVPN, WireGuard®, and IPSec with IKEv2.
-
-The IVPN App for all platforms supports OpenVPN and WireGuard connections.  The IVPN App for iOS also supports IPSec with IKEv2 connections.  Check the app's `Settings > Connection` (desktop) or `Settings > Protocol` (mobile) area for protocol details and options.
-
-The VPN server [status page](https://www.ivpn.net/status) indicates which servers support which protocols.  Servers with the `openvpn` tag also accept IPSec with IKEv2 connections.
-
-We do not support PPTP or L2TP/IPSec.
-
-View our [setup guides](/apps/) at the bottom of the IVPN App's download page for more information about manual VPN connections.
diff --git a/src/content/es/pages/knowledgebase/general/where-can-i-download-the-vpn-software-for-my-computer.md b/src/content/es/pages/knowledgebase/general/where-can-i-download-the-vpn-software-for-my-computer.md
deleted file mode 100644
index 318fec6d7..000000000
--- a/src/content/es/pages/knowledgebase/general/where-can-i-download-the-vpn-software-for-my-computer.md
+++ /dev/null
@@ -1,13 +0,0 @@
----
-title: Where can I download the VPN software for my computer? - IVPN Help
-h1: Where can I download the VPN software for my computer?
-url: /knowledgebase/general/where-can-i-download-the-vpn-software-for-my-computer/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 390
----
-# Where can I download the VPN software for my computer?
-
-The IVPN client software in the [Apps](/apps/) section and instructions for manual setups are available in our [Setup Guides](/apps/) section.
diff --git a/src/content/es/pages/knowledgebase/general/why-is-the-location-of-the-server-not-accurate.md b/src/content/es/pages/knowledgebase/general/why-is-the-location-of-the-server-not-accurate.md
deleted file mode 100644
index bb0b7280a..000000000
--- a/src/content/es/pages/knowledgebase/general/why-is-the-location-of-the-server-not-accurate.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-title: Why is the location of the server not accurate? - IVPN Help
-h1: Why is the location of the server not accurate?
-url: /knowledgebase/general/why-is-the-location-of-the-server-not-accurate/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 340
----
-# Why is the location of the server not accurate?
-
-If you are using a website to lookup the location of your IP and find that the location does not match the server that you are connected to then the geolocation data from the website is inaccurate/out of date. These websites purchase geolocation data from specialized providers who collect this information from various sources.
-
-For geolocation providers determining the country based on an IP is relatively accurate (95%-99% percent) since the country is required information when an IP range is allocated and IP registrars supply that information for free. However, determining the physical location down to a city is more difficult and less accurate because there is no official source for the information and ISPs often base IP addresses in a city where the company is basing its operations. Accuracy rates for cities is 50-80% according to dnsstuff.com. If you would like a more accurate tool to determine the location try using - [https://www.yougetsignal.com/tools/visual-tracert/](https://www.yougetsignal.com/tools/visual-tracert/), however even this tool can be inaccurate.
diff --git a/src/content/es/pages/knowledgebase/general/wireguard-faq.md b/src/content/es/pages/knowledgebase/general/wireguard-faq.md
deleted file mode 100644
index e4f42aced..000000000
--- a/src/content/es/pages/knowledgebase/general/wireguard-faq.md
+++ /dev/null
@@ -1,77 +0,0 @@
----
-title: WireGuard FAQ - IVPN Help
-h1: WireGuard FAQ
-url: /knowledgebase/general/wireguard-faq/
-sections:
-    - general
-sectionTitle: General
-layout: help-details
-weight: 480
----
-# WireGuard FAQ
-
-1.  #### What is WireGuard?
-    WireGuard is a new VPN protocol that utilizes “state-of-the-art” cryptography. It was designed to be faster, simpler and considerably more performant compared to other VPN protocols. If you wish to learn more about it, visit the [WireGuard website](https://www.wireguard.com/).
-
-2.  #### Which OS/Platforms are supported by WireGuard?
-    WireGuard is available on our Windows, macOS, Linux, iOS & Android clients. 
-    
-    On desktop apps, WireGuard can be selected in the IVPN app's `Settings/Preferences` area - `Connection` tab. On mobile apps, navigate to `Settings` - `VPN Protocol` area.
-    
-    If you would like to configure WireGuard on a native WireGuard app or WireGuard client on your router, see our manual setup guides [here](/apps/).
-
-3.  #### What cryptography is used in WireGuard?
-    WireGuard utilizes the following [protocols and primitives](https://www.wireguard.com/protocol/):
-
-    <div markdown="1" class="notice notice--info">
-    <a href="http://cr.yp.to/chacha.html">ChaCha20</a> for symmetric encryption, authenticated with <a href="http://cr.yp.to/mac.html">Poly1305, using <a href="https://tools.ietf.org/html/rfc7539">RFC7539's AEAD construction</a><br>
-    <a href="http://cr.yp.to/ecdh.html">Curve25519</a> for ECDH<br>
-    <a href="https://blake2.net/">BLAKE2s</a> for hashing and keyed hashing, as described in <a href="https://tools.ietf.org/html/rfc7693">RFC7693</a><br>
-    <a href="http://cr.yp.to/siphash/siphash-20120918.pdf">SipHash</a> for hashtable keys<br>
-    <a href="https://eprint.iacr.org/2010/264">HKDF</a> for key derivation, as described in <a href="https://tools.ietf.org/html/rfc5869">RFC5869</a><br>
-    <a href="https://www.wireguard.com/protocol/#key-exchange-and-data-packets">Noise_IK handshake</a> from <a href="http://noiseprotocol.org/noise.pdf">Noise</a>, building on the work of <a href="http://www.curvecp.org/">CurveCP</a>, <a href="http://cr.yp.to/highspeed/naclcrypto-20090310.pdf">NaCL</a>, <a href="http://research.microsoft.com/en-us/um/people/klauter/security_of_kea_ake_protocol.pdf">KEA+</a>, <a href="http://webee.technion.ac.il/~hugo/sigma-pdf.pdf">SIGMA</a>, <a href="https://eprint.iacr.org/2009/408.pdf">FHMQV</a>, and <a href="https://eprint.iacr.org/2010/638.pdf">HOMQV</a><br>
-    All packets are sent over UDP
-    </div>
-
-4.  #### How resilient is a WireGuard connection?
-    WireGuard is built for roaming. If your device changes networks, e.g. from Wi-Fi to a mobile/cellular, the connection will persist because as long as the client sends correctly authenticated data to our WireGuard VPN server, the server keeps the connection alive.
-
-5.  #### What ports do you use for WireGuard?
-    ```
-    UDP 53
-    UDP 80
-    UDP 443
-    UDP 1194
-    UDP 2049
-    UDP 2050
-    UDP 30587
-    UDP 41893
-    UDP 48574
-    UDP 58237
-    ```
-
-6.  #### What IP addresses are issued for WireGuard connections?
-    The IP address is randomly assigned from `172.16.0.0/12` range.
-
-7.  #### Which servers can I connect to with WireGuard?
-    The full list of our WireGuard servers can be viewed on the [Servers](/status/) page.
-
-8.  #### How many devices can I connect with WireGuard?
-    2 on the Standard and 7 on the Pro plan.
-
-9.  #### Do I need to manually create and add public key in the Client Area when adding a new device?
-    No, when using the IVPN app keys are automatically generated and the public key uploaded to our server the moment you select the WireGuard protocol in the app.
-
-    If you are not using an IVPN app, you can also generate and download a WireGuard configuration file in the [Account Area](/account/wireguard-config) using a key pair you have manually generated on your own device or a key pair generated by us.
-
-10. #### How do I verify that I am connected?
-    Our website shows a connection status at the top of the page or inside the 'Menu' on mobile devices. There is a green 'Connected' or a red 'Disconnected' dot, which indicates your status. Another way to ensure that you are properly connected to IVPN is to simply visit the [dns leak test](https://www.dnsleaktest.com/) website. As long as you see the revealed location matches the selected IVPN server & the IP address is different to the one provided by your ISP - this gives you reasonable assurance that your traffic is routed through the VPN service.
-
-11. #### Does WireGuard support IPv6?
-    Yes.
-
-12. #### Can I use Multi-hop with WireGuard?
-    Yes.
-
-13. #### What DNS server is used when connecting with WireGuard?
-    We provide our own, secure and absolutely logless DNS server which is pushed and applied automatically to your device when you connect. The IP address of the standard DNS server is `172.16.0.1`. The AntiTracker DNS address is `10.0.254.2`. The AntiTracker's Hardcore Mode DNS address is `10.0.254.3`.
diff --git a/src/content/es/pages/knowledgebase/ios/_index.md b/src/content/es/pages/knowledgebase/ios/_index.md
deleted file mode 100644
index a087774de..000000000
--- a/src/content/es/pages/knowledgebase/ios/_index.md
+++ /dev/null
@@ -1,7 +0,0 @@
----
-title: iOS - IVPN Help
-url: /knowledgebase/ios/
-section: ios
-layout: help
----
-## iOS
diff --git a/src/content/es/pages/knowledgebase/ios/ios-how-to-enable-multihop.md b/src/content/es/pages/knowledgebase/ios/ios-how-to-enable-multihop.md
deleted file mode 100644
index 6fbef44e6..000000000
--- a/src/content/es/pages/knowledgebase/ios/ios-how-to-enable-multihop.md
+++ /dev/null
@@ -1,22 +0,0 @@
----
-title: iOS - How to enable Multi-hop - IVPN Help
-h1: iOS - How to enable Multi-hop
-url: /knowledgebase/ios/ios-how-to-enable-multihop/
-sections:
-    - ios
-sectionTitle: iOS
-layout: help-details
-weight: 30
----
-# iOS - How to enable Multi-hop
-
-Multi-hop increases privacy by sending the encrypted traffic through two countries, which makes tracking attempts extremely difficult.
-
-1. Tap the `Multi-hop` toggle to the **ON** position (to the right). This reveals a second server location.
-2. Choose whichever server you prefer for the first hop. A geographically close server may be a good choice for increased speed.
-3. Choose a server in a different country as the second hop.
-4. Connect.
-
-Switch back to a single-hop connection by toggling the `Multi-hop` option **OFF**.
-
-The Multi-hop feature is available in our Pro plan.
diff --git a/src/content/es/pages/knowledgebase/ios/ivpn-would-like-to-add-vpn-configurations-why-do-i-see-this-message.md b/src/content/es/pages/knowledgebase/ios/ivpn-would-like-to-add-vpn-configurations-why-do-i-see-this-message.md
deleted file mode 100644
index 4fa97ad26..000000000
--- a/src/content/es/pages/knowledgebase/ios/ivpn-would-like-to-add-vpn-configurations-why-do-i-see-this-message.md
+++ /dev/null
@@ -1,17 +0,0 @@
----
-title: '"IVPN would like to add VPN configurations". Why do I see this message? - IVPN Help'
-h1: '"IVPN would like to add VPN configurations". Why do I see this message?'
-url: /knowledgebase/ios/ivpn-would-like-to-add-vpn-configurations-why-do-i-see-this-message/
-sections:
-    - ios
-sectionTitle: iOS
-layout: help-details
-weight: 10
----
-# "IVPN would like to add VPN configurations". Why do I see this message?
-
-The message is a simple iOS system warning notifying you that all your traffic will be routed through the VPN tunnel. It is also informing you that our client needs to add a VPN configuration into your device's network environment which can only be done if you allow doing so. Should you disallow it, it will be impossible to connect to any of IVPN servers.
-
-You can also receive this message in case you have just installed IVPN client and trying to establish the VPN connection for the first time. It might also be shown if you are trying to connect for the first time after reinstalling or updating the IVPN app to the newer version.
-
-![](/images-static/uploads/ios-add-configurations.png)
diff --git a/src/content/es/pages/knowledgebase/ios/native-ios-kill-switch-known-issues.md b/src/content/es/pages/knowledgebase/ios/native-ios-kill-switch-known-issues.md
deleted file mode 100644
index 143e56e42..000000000
--- a/src/content/es/pages/knowledgebase/ios/native-ios-kill-switch-known-issues.md
+++ /dev/null
@@ -1,23 +0,0 @@
----
-title: Known issues with Native iOS Kill Switch - IVPN Help
-h1: Known issues with Native iOS Kill Switch
-url: /knowledgebase/ios/known-issues-with-native-ios-kill-switch/
-sections:
-    - ios
-sectionTitle: iOS
-layout: help-details
-weight: 40
----
-# Known issues with Native iOS Kill Switch
-
-<div markdown="1" class="notice notice--warning">
-Kill switch is not available on devices with iOS 16+. Learn why in our blog post <a href="/blog/removal-of-kill-switch-from-our-ios-app-due-to-apple-ip-leak-issue/">here</a>.
-</div>
-
-A list of known issues with the Kill Switch enabled for VPN tunnel in the iOS app:
-
-* [OpenVPN] OpenVPN tunnel will take slightly longer to reconnect to a different gateway.
-* [OpenVPN] When switching networks, OpenVPN tunnel will reconnect instead of just routing traffic through a different network interface.
-* Approx. 1-3 seconds delay to engage the Kill Switch after VPN is connected, and the same delay to disengage it after VPN is disconnected.
-* In some cases, if there are multiple VPN profiles saved in the iOS Settings, Internet traffic gets blocked after switching networks or disabling the Airplane mode. Removing all VPN profiles in the iOS Settings and reconnecting the VPN resolves the issue.
-* When the Kill Switch is active, the [Personal Hotspot](https://support.apple.com/en-gb/HT204023) network is not available.
\ No newline at end of file
diff --git a/src/content/es/pages/knowledgebase/ios/v2ray.md b/src/content/es/pages/knowledgebase/ios/v2ray.md
deleted file mode 100644
index 0560f0b3b..000000000
--- a/src/content/es/pages/knowledgebase/ios/v2ray.md
+++ /dev/null
@@ -1,48 +0,0 @@
----
-title: Obfuscation with V2Ray on iOS - IVPN Help
-h1: Obfuscation with V2Ray on iOS
-url: /knowledgebase/ios/v2ray/
-sections:
-    - ios
-sectionTitle: iOS
-layout: help-details
-weight: 50
----
-# Obfuscation with V2Ray on iOS
-
-<div markdown="1" class="notice notice--warning">
-Obfuscation with V2Ray on iOS is currently in beta.
-</div>
-
-VPN obfuscation is a technique that masks VPN traffic to make it appear like standard internet traffic, helping to evade detection and bypass internet restrictions or censorship.
-
-When using WireGuard we offer the powerful V2Ray proxy protocol. It is available in two variants, you may find one is more performant and/or reliable depending on multiple variables relating to your location and the path your traffic takes to the VPN server. We recommend experimenting with both variants.
-
-## V2Ray protocols
-
-**V2Ray (VMESS/QUIC)** is a modern protocol designed to provide robust security and high performance, while reducing latency compared to traditional protocols. It makes your data appear as regular HTTPS traffic.
-
-**V2Ray (VMESS/TCP)** is a traditional, widely-used protocol that guarantees reliable, ordered data delivery. It makes your data appear as regular HTTP traffic.
-
-## Supported features on iOS
-
-* VPN protocols: WireGuard
-* V2Ray protocols: VMESS/QUIC, VMESS/TCP
-* Single and multi hop
-* WiFi network interface
-
-## Limitations and known issues
-
-* V2Ray does not work on mobile/cellular networks
-* When switching WiFi networks, VPN needs to be manually reconnected
-* Before connecting VPN + V2Ray, VPN without V2Ray needs to be connected; app does this automatically when V2Ray is enabled
-* App might fail to connect in the following cases:
-  * When using MultiHop
-  * When changing servers while the VPN is connected
-  * When switching QUIC and TCP protocols while connected
-
-### Will V2Ray obfuscation stop websites from detecting a VPN connection?
-
-No.
-
-The obfuscation only exists between your device and the VPN server and the mechanism is not designed to bypass VPN blocks on websites, like for video streaming, gambling, or anything with geo-location restrictions.  The IP address on the VPN server for outgoing traffic remains the same whether V2Ray is active or not.
diff --git a/src/content/es/pages/knowledgebase/linux/_index.md b/src/content/es/pages/knowledgebase/linux/_index.md
deleted file mode 100644
index 57a7bd917..000000000
--- a/src/content/es/pages/knowledgebase/linux/_index.md
+++ /dev/null
@@ -1,7 +0,0 @@
----
-title: Linux - IVPN Help
-url: /knowledgebase/linux/
-section: linux
-layout: help
----
-## Linux
diff --git a/src/content/es/pages/knowledgebase/linux/building-the-ivpn-cli-client-for-linux-on-a-raspberry-pi.md b/src/content/es/pages/knowledgebase/linux/building-the-ivpn-cli-client-for-linux-on-a-raspberry-pi.md
deleted file mode 100644
index 4d7f319cc..000000000
--- a/src/content/es/pages/knowledgebase/linux/building-the-ivpn-cli-client-for-linux-on-a-raspberry-pi.md
+++ /dev/null
@@ -1,98 +0,0 @@
----
-title: Building the IVPN CLI Client for Linux on a Raspberry Pi - IVPN Help
-h1: Building the IVPN CLI Client for Linux on a Raspberry Pi
-url: /knowledgebase/linux/building-the-ivpn-cli-client-for-linux-on-a-raspberry-pi/
-sections:
-    - linux
-sectionTitle: Linux
-layout: help-details
-weight: 11
----
-# Building the IVPN CLI Client for Linux on a Raspberry Pi
-
-<div markdown="1" class="notice notice--info">
-This was tested using <a href="https://www.raspberrypi.org/downloads/raspberry-pi-os/">Raspberry Pi OS May 2023 (bullseye)</a> and the <a href="https://github.com/ivpn/desktop-app">Official IVPN CLI Client version 3.10.15</a> for 32-bit and 64-bit systems.
-</div>
-
-1.  Install packages for compiling, building, and connecting:
-
-    ```
-    $ sudo apt install ruby ruby-dev ruby-full rpm curl git openvpn libiw-dev
-    ```
-
-2.  Install FPM:
-
-    ```
-    $ sudo gem install --no-document fpm
-    Fetching ...
-    ...
-    Successfully installed fpm-1.15.1
-    ```
-
-3.  Determine the ARM architecture for your Raspberry Pi device:
-
-    ```
-    $ uname -m
-    ```
-
-    32-bit systems will be identfied with `armv6l` or `armv7l` and 64-bit systems with `aarch64`.
-
-    Install the most recent version of Go via [https://golang.org/dl/](https://golang.org/dl/) for your device's architecture:
-
-    ```
-    $ wget https://go.dev/dl/go1.20.5.linux-arm64.tar.gz
-    $ sudo tar -C /usr/local -xzf go1.20.5.linux-arm64.tar.gz
-    $ rm -i go1.20.5.linux-arm64.tar.gz
-    ```
-
-    <div markdown="1" class="notice notice--info">
-    <strong>Note:</strong> The IVPN Client requires Go version 1.18 or higher and the Raspberry Pi OS repositories include an older version of the golang package:
-    <br><br>
-    <code>$ apt-cache policy golang
-    golang:
-    Installed: (none)
-    Candidate: 2:1.15~1
-    </code>
-    </div>
-
-4.  Add Go to the `$PATH` and define the `$GOPATH` variable by adding two lines to the bottom of `~/.profile`, then source the file:
-
-    ```
-    $ echo -e "\n\nPATH=$PATH:/usr/local/go/bin\nGOPATH=$HOME/go" >> ~/.profile
-    $ source ~/.profile
-    ```
-
-    Verify the changes and add the `$GOPATH` folder:
-
-    ```
-    $ which go
-    /usr/local/go/bin/go
-    $ mkdir -v $GOPATH
-    mkdir: created directory '/home/pi/go'
-    ```
-
-5.  Follow the build instructions for the Linux base package (daemon + CLI) from the IVPN App's [GitHub page](https://github.com/ivpn/desktop-app#compilation_linux_daemon):
-
-    ```
-    $ git clone https://github.com/ivpn/desktop-app.git
-    $ cd desktop-app/cli/References/Linux/
-    $ CL="https://raw.githubusercontent.com/ivpn/desktop-app/master/CHANGELOG.md"
-    $ VER=$(curl -s $CL | grep "## Version" | head -n 1 | awk '{ print $3 }')
-    $ echo $VER
-    $ ./build.sh -v $VER
-    ...
-    ---------------------------
-    DEB package...
-    Created package {:path=>"ivpn_3.10.23_arm64.deb"}
-    ---------------------------
-    ...
-    Copying compiled packages to '/home/pi/desktop-app/cli/References/Linux/_out_bin'...
-    ```
-
-6.  Install the new package:
-
-    ```
-    $ sudo apt install ./_out_bin/ivpn_3.10.23_arm64.deb
-    ```
-
-7. Check our [Command Line Client FAQ](/knowledgebase/general/command-line-client-faq/) for the next steps.
diff --git a/src/content/es/pages/knowledgebase/linux/fedora-silverblue.md b/src/content/es/pages/knowledgebase/linux/fedora-silverblue.md
deleted file mode 100644
index fadb940b0..000000000
--- a/src/content/es/pages/knowledgebase/linux/fedora-silverblue.md
+++ /dev/null
@@ -1,68 +0,0 @@
----
-title: Linux - Fedora Silverblue - IVPN Help
-h1: Linux - Fedora Silverblue
-url: /knowledgebase/linux/fedora-silverblue/
-sections:
-    - linux
-sectionTitle: Linux
-layout: help-details
-weight: 150
----
-# Installing IVPN on Fedora Silverblue
-
-Fedora Silverblue is unique because it uses an immutable filesystem and an ostree-based package management system. This means that the system files cannot be modified once they are installed, ensuring greater stability and security of the operating system. 
-
-IVPN client can be installed on Fedora Silverblue using `rpm-ostree`.
-
-Commands to install the IVPN client on Fedora Silverblue:
-
-<div class="highlight">
-<pre>
-<code class="language-shell" data-lang="shell">
-<span># Add the IVPN repository</span>
-cd /etc/yum.repos.d/
-sudo wget https://repo.ivpn.net/stable/fedora/generic/ivpn.repo
-
-<span># install IVPN client</span>
-rpm-ostree install ivpn
-<span># install UI for IVPN client, if required</span>
-rpm-ostree install ivpn-ui
-
-<span># reboot system</span>
-systemctl reboot
-
-<span># enable IVPN service to start automatically</span>
-sudo systemctl enable ivpn-service
-<span># start IVPN stervice</span>
-sudo systemctl start ivpn-service
-</code>
-</pre>
-</div>
-
-To correctly uninstall 'ivpn' package on Fedora Silverblue, extra steps should be performed manually:
-
-<div class="highlight">
-<pre>
-<code class="language-shell" data-lang="shell">
-<span># logout from ivpn account</span>
-ivpn logout
-
-<span># uninstall IVPN client</span>
-rpm-ostree uninstall ivpn
-
-<span># uninstall IVPN User Interface (if installed)</span>
-rpm-ostree uninstall ivpn-ui
-
-<span># stop and disable IVPN service</span>
-sudo systemctl stop ivpn-service
-sudo systemctl disable ivpn-service
-
-<span># manualy remove leftovers</span>
-sudo rm -fr /etc/opt/ivpn
-sudo rm -fr /var/log/ivpn
-
-<span># reboot system</span>
-systemctl reboot
-</code>
-</pre>
-</div>
diff --git a/src/content/es/pages/knowledgebase/linux/ivpn-on-qubes-os.md b/src/content/es/pages/knowledgebase/linux/ivpn-on-qubes-os.md
deleted file mode 100644
index 82f5a88db..000000000
--- a/src/content/es/pages/knowledgebase/linux/ivpn-on-qubes-os.md
+++ /dev/null
@@ -1,158 +0,0 @@
----
-title: IVPN on Qubes OS - IVPN Help
-h1: IVPN on Qubes OS
-url: /knowledgebase/linux/ivpn-on-qubes-os/
-sections:
-    - linux
-sectionTitle: Linux
-layout: help-details
-weight: 8
----
-# IVPN on Qubes OS
-
-<div markdown="1" class="notice notice--warning">
-This guide was produced using Qubes OS release 4.1.1 (R4.1) and fedora-36 as VM template
-</div>
-
-### Introduction
-
-Qubes OS uses a ProxyVM as an intermediary between other VMs in the system and the outside world. The primary function of a ProxyVM is to handle network traffic for other VMs, allowing those VMs to remain isolated from the internet, untrusted and potentially hostile networks.
-
-In Qubes OS, each VM is assigned a specific role, such as a NetVM (for networking) or an AppVM (for running applications). When an AppVM needs to connect to the internet, it sends its network traffic to the designated NetVM.
-
-Alternatively, an AppVM can send its network traffic directly to a ProxyVM for processing. This configuration, known as a "ProxyVM-based NetVM", allows the ProxyVM to enforce various security policies, such as blocking certain types of traffic or limiting access to specific resources. It also allows the use of a Virtual Private Network (VPN) connection, which can provide additional privacy and security for network traffic.
-
-By configuring a ProxyVM to use a VPN connection, all network traffic from the other VMs in the system can be routed through the VPN, ensuring that the traffic is encrypted and anonymized before it leaves the system. This approach can be especially useful when accessing sensitive or confidential information over untrusted networks.
-
-In summary, using a Proxy VM in Qubes OS can provide a flexible and customizable framework for managing network security and isolation, including the ability to use a VPN connection for added privacy and security.
-
-This guide describes the configuration for the following setup:
-
-<div markdown="1" class="notice notice--info">
-App VM/s -> Proxy VM (with IVPN) -> Internet
-</div>
-
-### Creating ProxyVM
-
-1. Navigate to Qube manager (`Main menu` -> `Qubes Tools` -> `Qube Manager`):
-
-2. Create “New qube” with the following parameters: 
-
-    - Name and label: **ivpn-proxy**
-    - Type: **StandaloneVM (fully persistent)**
-    - Template: **fedora-36**
-    - Networking: **default (sys-firewall)**
-    - Advanced tab -> “Provide network access to other qubes“: **enabled**
-
-3. Press `OK`
-
-### Installing IVPN client
-
-1. Start the recently created **ivpn-proxy** cube (`right-click` -> `Start/Resume`)
-
-2. Open **ivpn-proxy** terminal (`Main menu` -> `Service: ivpn-proxy` -> `ivpn-proxy: Terminal`)
-
-3. Install IVPN client (CLI and UI; refer to <a href="/apps-linux/#fedora" target="_blank">Fedora setup instructions</a>)
-
-4. Add IVPN client to **ivpn-proxy** VM menu: 
-
-    - `Main menu` -> `Service: ivpn-proxy` -> `Settings` 
-    - In the Applications tab: select `IVPN` from the list and press the `>` button
-    - Press `OK`
-
-### Configuring IVPN client
-
-IVPN client must start and establish a VPN connection automatically when ProxyVM (**ivpn-proxy**) starts. It must also block all network traffic when not connected to the VPN server.
-
-1. Start the IVPN app (`Main menu` -> `Service: ivpn-proxy` -> `ivpn-proxy: IVPN`)
-
-2. Log in using your IVPN account ID (i-XXXX-XXXX-XXXX or ivpnXXXXXXXX)
-
-3. In the app's `Settings` - `General` area:
-
-    - Autoconnect On launch: **Enabled**
-    - Allow background daemon to manage autoconnect: **Enabled**
-
-4. `Settings` - `IVPN Firewall`:
-    
-    - Always-on firewall: **Enabled**
-
-5. `Settings` -> `DNS`:
-
-    - Force management of DNS using resolv.conf: **Enabled**(!)
-
-6. Select preferred VPN settings (VPN protocol, server, etc.) and connect
-
-### DNS: Configuring DNAT on ProxyVM
-
-Qubes OS requires the **/usr/lib/qubes/qubes-setup-dnat-to-ns** script to be run every time after updating DNS settings on ProxyVM.
-
-The **/usr/lib/qubes/qubes-setup-dnat-to-ns** script sets up the necessary DNAT (Destination Network Address Translation) rules by modifying the iptables configuration. This allows DNS requests to be properly forwarded from AppVM-s.
-
-There are various approaches to execute this script automatically:
-
-#### Approach 1 - Modify the VM startup script:
-
-<div markdown="1" class="notice notice--info">
-This approach is easy but not robust: DNS will not work if DNS settings change on ProxyVM; it will also not work for situations when it takes too long time for system to boot
-</div>
-
-1. Open **ivpn-proxy** terminal (`Main menu` -> `Service:ivpn-proxy` -> `ivpn-proxy: Terminal`)
-
-2. Update **/rw/config/rc.local** file with the following command: 
-    ```
-    cat <<EOF | sudo tee -a /rw/config/rc.local
-    sleep 10 # Waiting a bit so that IVPN can establish a connection
-    systemctl restart systemd-resolved # for Qubes OS 4.2 only (tested on Qubes OS 4.2-RC4)
-    /usr/lib/qubes/qubes-setup-dnat-to-ns
-    EOF
-    ```
-
-#### Approach 2 - Modify IVPN ‘dns’ script:
-
-<div markdown="1" class="notice notice--info">
-This approach is more robust because DNAT will be updated every time when IVPN updates DNS settings.
-</div>
-
-1. Open the **/opt/ivpn/etc/firewall.sh** script file on **ProxyVM (ivpn-proxy)** and add the following right after the `elif [[ $1 = "-set_dns" ]]; then` line:
-    ```
-    #QUBES OS - specific operation
-    systemctl restart systemd-resolved || echo "Error: systemd-resolved" # this line is required for Qubes OS 4.2 (tested on Qubes OS 4.2-RC4)
-    /usr/lib/qubes/qubes-setup-dnat-to-ns || echo "Error: failed to run '/usr/lib/qubes/qubes-setup-dnat-to-ns'"
-    ```
-
-
-2. The contents of **/opt/ivpn/etc/firewall.sh** should look as follows:
-    ```
-    ...
-    #DNS rules
-    elif [[ $1 = "-set_dns" ]]; then
-
-    #QUBES OS - specific operation
-    systemctl restart systemd-resolved || echo "Error: systemd-resolved" # this line is required for Qubes OS 4.2 (tested on Qubes OS 4.2-RC4)
-    /usr/lib/qubes/qubes-setup-dnat-to-ns || echo "Error: failed to run '/usr/lib/qubes/qubes-setup-dnat-to-ns'" 
-
-    get_firewall_enabled || return 0
-    ...
-    ```
-
-### AppVM
-
-All AppVMs that need to use the VPN connection have to be configured to use **ivpn-proxy** ProxyVM.
-
-1. In Qube manager (`Main menu` -> `Qubes Tools` -> `Qube Manager`), create “New qube” with the following parameters: 
-
-    - Name and label: **my-app-vm**
-    - Type: **AppVM** 
-    - Template: **fedora-36**
-    - Networking: **ivpn-proxy**(!)
-
-2. Press `OK`
-
-That is it. Now, all traffic from my-app-vm will go through the VPN connection.
-
-### Final steps
-
-1. Reboot your system
-
-2. To confirm that you are connected to the IVPN network, check the connection status tool on our website and run a dns leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com)
diff --git a/src/content/es/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-fedora.md b/src/content/es/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-fedora.md
deleted file mode 100644
index b54409075..000000000
--- a/src/content/es/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-fedora.md
+++ /dev/null
@@ -1,75 +0,0 @@
----
-title: Autostart OpenVPN in systemd (Fedora) - IVPN Help
-h1: Autostart OpenVPN in systemd (Fedora)
-url: /knowledgebase/linux/linux-autostart-openvpn-in-systemd-fedora/
-sections:
-    - linux
-sectionTitle: Linux
-layout: help-details
-weight: 17
----
-# Autostart OpenVPN in systemd (Fedora)
-
-In order to configure OpenVPN to autostart for systemd, complete the following steps:
-
-1.  Move the .ovpn file with the desired server location to the '/etc/openvpn' folder:
-
-    ```
-    # sudo cp /location/whereYouDownloadedConfigfilesTo/Germany.ovpn /etc/openvpn/
-    ```
-
-2.  Edit the .ovpn file you copied in the previous step and change the line 'auth-user-pass' to 'auth-user-pass pass':
-
-    ```
-    # sudo nano /etc/openvpn/Germany.ovpn
-    ```
-
-    If nano is not installed:
-
-    ```
-    # sudo yum install nano
-    ```
-
-3.  In the '/etc/openvpn/client' folder, create a text file:
-
-    ```
-    # sudo nano /etc/openvpn/client/pass
-    ```
-
-    and enter your  IVPN Account ID (starts with 'ivpn') on the first line and any non-blank text on the 2nd line, then press 'Ctrl X' to save the changes and exit the text editor.
-
-4.  (Optional) Change the permissions on the pass file to protect the credentials:
-
-    ```
-    # sudo chmod 400 /etc/openvpn/client/pass
-    ```
-
-5.  Rename and move the .ovpn file to 'client.conf':
-
-    ```
-    # sudo cp /etc/openvpn/Germany.ovpn /etc/openvpn/client/client.conf
-    ```
-
-6.  Enable the OpenVPN service to run while booting:
-
-    ```
-    # sudo systemctl enable openvpn-client@client.service
-    ```
-
-7.  Reload the daemons:
-
-    ```
-    # sudo systemctl daemon-reload
-    ```
-
-8.  Start the OpenVPN service:
-
-    ```
-    # sudo service openvpn-client@client.service start
-    ```
-
-9.  Reboot and test if it is working by checking the external IP:
-
-    ```
-    # curl ifconfig.co
-    ```
diff --git a/src/content/es/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-ubuntu.md b/src/content/es/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-ubuntu.md
deleted file mode 100644
index f6bb51d84..000000000
--- a/src/content/es/pages/knowledgebase/linux/linux-autostart-openvpn-in-systemd-ubuntu.md
+++ /dev/null
@@ -1,92 +0,0 @@
----
-title: Autostart OpenVPN in systemd (Ubuntu) - IVPN Help
-h1: Autostart OpenVPN in systemd (Ubuntu)
-url: /knowledgebase/linux/linux-autostart-openvpn-in-systemd-ubuntu/
-sections:
-    - linux
-sectionTitle: Linux
-layout: help-details
-weight: 16
----
-# Autostart OpenVPN in systemd (Ubuntu)
-
-In order to configure OpenVPN to autostart for systemd, complete the following steps:
-
-1.  Run the command:
-
-    ```
-    # sudo nano /etc/default/openvpn
-    ```
-
-    and uncomment, or remove, the "#" in front of
-
-    ```
-    AUTOSTART="all"
-    ```
-
-    then press 'Ctrl X' to save the changes and exit the text editor.
-
-2.  Move the .ovpn file with the desired server location to the '/etc/openvpn' folder:
-
-    ```
-    # sudo cp /location/whereYouDownloadedConfigfilesTo/Germany.ovpn /etc/openvpn/    
-    ```
-
-3.  Edit the .ovpn file you copied in the previous step and change the line 'auth-user-pass' to 'auth-user-pass pass':
-
-    ```
-    # sudo nano /etc/openvpn/Germany.ovpn
-    ```
-
-    then press 'Ctrl X' to save the changes and exit the text editor.
-
-4.  In the '/etc/openvpn' folder, create a text file called pass:
-
-    ```
-    # sudo nano /etc/openvpn/pass
-    ```
-
-    and enter your IVPN Account ID (starts with 'ivpn') on the first line and any non-blank text on the 2nd line, then press 'Ctrl X' to save the changes and exit the text editor.
-
-5.  (Optional) Change the permissions on the pass file to protect the credentials:
-
-    ```
-    # sudo chmod 400 /etc/openvpn/pass
-    ```
-
-6.  Rename the .ovpn file to 'client.conf':
-
-    ```
-    # sudo cp /etc/openvpn/Germany.ovpn /etc/openvpn/client.conf
-    ```
-
-7.  On Ubuntu 16.04 LTS, OpenVPN installs and initiates a service by default. If you are using Ubuntu 16.04 LTS, skip to step 10.  
-    For Ubuntu 18.04 LTS and up, enable the OpenVPN service to run while booting:
-
-    ```
-    # sudo systemctl enable openvpn@client.service
-    ```
-
-8.  Reload the daemons:
-
-    ```
-    # sudo systemctl daemon-reload
-    ```
-
-9.  Start the OpenVPN service:
-
-    ```
-    # sudo service openvpn@client start
-    ```
-
-10. Reboot and test if it is working by checking the external IP:
-
-    ```
-    # curl ifconfig.co
-    ```
-
-    If curl is not installed:
-
-    ```
-    # sudo apt install curl
-    ```
diff --git a/src/content/es/pages/knowledgebase/linux/linux-autostart-wireguard-in-systemd.md b/src/content/es/pages/knowledgebase/linux/linux-autostart-wireguard-in-systemd.md
deleted file mode 100644
index 6dcddf674..000000000
--- a/src/content/es/pages/knowledgebase/linux/linux-autostart-wireguard-in-systemd.md
+++ /dev/null
@@ -1,50 +0,0 @@
----
-title: Autostart WireGuard in systemd - IVPN Help
-h1: Autostart WireGuard in systemd
-url: /knowledgebase/linux/linux-autostart-wireguard-in-systemd/
-sections:
-    - linux
-sectionTitle: Linux
-layout: help-details
-weight: 15
----
-# Autostart WireGuard in systemd
-
-These steps are mostly distribution agnostic and have been tested on Debian unstable and Fedora.
-
-1.  Generate a valid and working WireGuard configuration file `/etc/wireguard/wg0.conf`. Our [setup guide](/setup/linux-wireguard/) offers details.
-
-    <div markdown="1" class="notice notice--warning">
-    Note: You may have to replace the <strong>Endpoint</strong> hostname with the WireGuard server IP address in the WireGuard configuration file. DNS may or may not be applied when systemd brings the wg0 interface up.
-    </div>
-
-2.  Add the WireGuard service to systemd:
-
-    ```
-    sudo systemctl enable wg-quick@wg0.service
-    sudo systemctl daemon-reload
-    ```
-
-3.  Start the new service immediately:
-
-    ```
-    sudo systemctl start wg-quick@wg0
-    ```
-
-4.  Reboot your computer system to verify the automatic connection on startup works as expected.
-
-5.  Check the service status:
-
-    ```
-    systemctl status wg-quick@wg0
-    ```
-
-6.  To remove the service and clean up the system:
-
-    ```
-    sudo systemctl stop wg-quick@wg0
-    sudo systemctl disable wg-quick@wg0.service
-    sudo rm -i /etc/systemd/system/wg-quick@wg0*
-    sudo systemctl daemon-reload
-    sudo systemctl reset-failed
-    ```
diff --git a/src/content/es/pages/knowledgebase/linux/linux-avc-denial-with-selinux.md b/src/content/es/pages/knowledgebase/linux/linux-avc-denial-with-selinux.md
deleted file mode 100644
index 1e5909a73..000000000
--- a/src/content/es/pages/knowledgebase/linux/linux-avc-denial-with-selinux.md
+++ /dev/null
@@ -1,18 +0,0 @@
----
-title: AVC denial with selinux - IVPN Help
-h1: AVC denial with selinux
-url: /knowledgebase/linux/linux-avc-denial-with-selinux/
-sections:
-    - linux
-    - troubleshooting
-sectionTitle: Linux
-layout: help-details
-weight: 60
----
-# AVC denial with selinux
-
-If you receive an 'AVC denial' error message in your logs, run the following command to change the security context of the directory containing your OpenVPN certificates:
-
-```
-chcon -t cert_t /your/certificates/dir/*
-```
diff --git a/src/content/es/pages/knowledgebase/linux/linux-cannot-import-ovpn-config-file.md b/src/content/es/pages/knowledgebase/linux/linux-cannot-import-ovpn-config-file.md
deleted file mode 100644
index acdcc4c80..000000000
--- a/src/content/es/pages/knowledgebase/linux/linux-cannot-import-ovpn-config-file.md
+++ /dev/null
@@ -1,25 +0,0 @@
----
-title: Cannot import .ovpn config file - IVPN Help
-h1: Cannot import .ovpn config file
-url: /knowledgebase/linux/linux-cannot-import-ovpn-config-file/
-sections:
-    - linux
-sectionTitle: Linux
-layout: help-details
-weight: 50
----
-# Cannot import .ovpn config file
-
-If you try to import the [OpenVPN config files](/openvpn-config) and receive the `'-----.ovpn' could not be read or does not contain recognized VPN connection information. Error: unknown PPTP file extension.` error, then you likely do not have the `network-manager-openvpn-gnome` package installed.
-
-1.  Install `network-manager-openvpn-gnome` package:
-
-    ```
-    sudo apt-get install openvpn network-manager-openvpn network-manager-openvpn-gnome
-    ```
-
-2.  Restart the networking service:
-
-    ```
-    sudo service network-manager restart
-    ```
diff --git a/src/content/es/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables.md b/src/content/es/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables.md
deleted file mode 100644
index ff2a750a7..000000000
--- a/src/content/es/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables.md
+++ /dev/null
@@ -1,142 +0,0 @@
----
-title: How do I prevent VPN leaks using iptables? - IVPN Help
-h1: How do I prevent VPN leaks using iptables?
-url: /knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables/
-sections:
-    - linux
-    - troubleshooting
-sectionTitle: Linux
-layout: help-details
-weight: 30
----
-# How do I prevent VPN leaks using iptables?
-
-<div markdown="1" class="notice notice--info">
-We recommend using our <a href="/apps-linux/">Linux CLI app</a> that offers an easy-to-use built-in Firewall solution that protects you from both IP and traffic leaks. Read on, if you would like to have a more granular Firewall configuration or prefer to use NetworkManager or a different VPN client.
-</div>
-
-If you're using stock OpenVPN in Linux, especially with Network Manager, leaks are possible if the VPN connection fails, or is temporarily interrupted. Also, if your ISP provides IPv6 connectivity, but your VPN service does not, traffic to IPv6-capable sites will bypass the VPN tunnel, and identify you to websites. Given that, it's prudent to have firewall (iptables) rules that: 1) restrict traffic to the VPN tunnel; 2) allow direct connections only to the VPN server; and 3) block IPv6 traffic.
-
-There are many ways to manage iptables rules. The old-school standard is shell scripting. And indeed, OpenVPN has hooks to run scripts, for routing and iptables, when the VPN connects and disconnects. That's convenient, certainly, but it's also complicated, and it requires editing VPN configuration files. Most VPN services use the "redirect-gateway def1" option to handle routing, but they don't touch iptables. So you need to disable "redirect-gateway def1", and handle routing changes in your scripts.
-
-For most customers we think using iptables-persistent is the better solution. The rules files are easy to understand, and there's no need for complicated rules chains with custom tables. It's easy to manage custom rules for particular circumstances (different locations, different VPNs, etc). And default rules load at reboot, which can be a lifesaver if you're working on remote servers.
-
-However, this approach has limitations for VPN services that specify servers by hostname (for load-balancing, etc). First, iptables does not interpret hostnames in saved rules, only in scripts for creating rules. And so you must get IPv4 addresses (using the host command) and use them in your rules file(s). Second, to prevent DNS leaks, the recommended rules do not allow DNS requests, except through the VPN tunnel. To ensure that the VPN can reconnect after interruption, you must either specify servers in configuration files by IP address, or add entries for them to /etc/hosts.
-
-<div markdown="1" class="notice notice--warning">
-This guide uses eth0 for the network adapter name. Please check <strong>ip a</strong> output in a Terminal to confirm the adapter name in your distribution.
-</div>
-
-Start by installing iptables-persistent:
-
-```
-$ sudo su
-# apt-get update
-# apt-get -y install iptables-persistent
-```
-
-The current iptables rules are saved as `/etc/iptables/rules.v4` and `/etc/iptables/rules.v6`.
-
-Then create new IPv4 rules for the VPN connection:
-
-```
-# nano /etc/iptables/vpn-rules.v4
-```
-
-<div class="highlight">
-<pre>
-<code class="language-shell" data-lang="shell">
-<span># You can delete all of these comments, if you like.</span>
-*filter
-
-<span># You drop everything by default.</span>
-:INPUT DROP [0:0]
-:FORWARD DROP [0:0]
-:OUTPUT DROP [0:0]
-
-<span># Some local processes need to hear from other ones.</span>
--A INPUT -i lo -j ACCEPT
-
-<span># If you are running a server on port N, and have enabled forwarding in your VPN account, you must allow inbound traffic on the VPN. You may also want to limit access to a particular IP address (a.b.c.d). There can be multiple rules, one for each permitted port and source address.</span>
--A INPUT -i tun0 -s a.b.c.d –dport N -j ACCEPT
-
-<span># You may need to allow traffic from local DHCP servers. If using Wi-Fi, use “wlan0” instead of “eth0”. This isn’t needed if your router provides persistent leases.</span>
--A INPUT -i eth0 -s 255.255.255.255 -j ACCEPT
-
-<span># Then you allow related/established traffic, and drop everything else, without acknowledgement to peers.</span>
--A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT
--A INPUT -j DROP
-
-<span># Your device isn’t a router, so don’t allow forwarding. In any case, you’d also need to allow that using sysctl.</span>
--A FORWARD -j DROP
-
-<span># Some local processes need to talk to other ones.</span>
--A OUTPUT -o lo -j ACCEPT
-
-<span># You need rule(s) to allow connecting to VPN server(s). You must use IP addresses. If also using Wi-Fi, add another rule, with “-o wlan0”, instead of “-o eth0”. There can be multiple rules, one for each server.</span>
--A OUTPUT -o eth0 -d e.f.g.h -j ACCEPT
-
-<span># You need a rule to allow outbound traffic through the VPN tunnel.</span>
--A OUTPUT -o tun0 -j ACCEPT
-
-<span># You may want rule(s) to allow LAN access. There can be multiple rules, one for each LAN that you use. If also using Wi-Fi, add another rule, with “-o wlan0”, instead of “-o eth0”.</span>
--A OUTPUT -o eth0 -d x.y.z.0/24 -j ACCEPT
-
-<span># Allow outgoing traffic to local DHCP servers. If using Wi-Fi, use “wlan0” instead of “eth0”. This isn’t needed if your router provides persistent leases.</span>
--A OUTPUT -o eth0 -d 255.255.255.255 -j ACCEPT
-
-<span># Then you allow related/established traffic, and drop everything else, without acknowledgement to peers.</span>
--A OUTPUT -m state –state RELATED,ESTABLISHED -j ACCEPT
--A OUTPUT -j DROP
-
-COMMIT
-</code>
-</pre>
-</div>
-
-Then load the IPv4 VPN rules:
-
-```
-# iptables-restore < /etc/iptables/vpn-rules.v4
-```
-
-Now connect (or reconnect) the VPN. If it doesn't connect, restore the default rules:
-
-```
-# iptables-restore < /etc/iptables/rules.v4
-```
-
-If the VPN connects now, there must be errors in the iptables rules.
-
-Once the basic IPv4 setup is working, you can deal with IPv6. If you have IPv6 service from your ISP, and want to use IPv6 when you're not using VPNs, just create new IPv6 rules for the VPN connection:
-
-```
-# nano /etc/iptables/vpn-rules.v6
-```
-
-> *filter
-> 
-> :INPUT DROP [0:0]
-> :FORWARD DROP [0:0]
-> :OUTPUT DROP [0:0]
-> 
-> COMMIT
-
-Then load the IPv6 VPN rules:
-
-```
-# ip6tables-restore < /etc/iptables/vpn-rules.v6
-```
-
-Using "iptables-restore" to restore "vpn-rules.v6" is a classic fail, by the way.
-
-If you don't use VPN services that route IPv6, and don't need it, you may want to just disable it:
-
-```
-# echo 'net.ipv6.conf.all.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
-# echo 'net.ipv6.conf.default.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
-# echo 'net.ipv6.conf.lo.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
-# sudo sysctl -p
-```
-
-You can reverse those changes by editing `/etc/sysctl.conf`, and deleting those lines.
\ No newline at end of file
diff --git a/src/content/es/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-nftables-and-openvpn.md b/src/content/es/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-nftables-and-openvpn.md
deleted file mode 100644
index c343f8e07..000000000
--- a/src/content/es/pages/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-nftables-and-openvpn.md
+++ /dev/null
@@ -1,182 +0,0 @@
----
-title: Linux - How do I prevent VPN leaks using nftables and OpenVPN? - IVPN Help
-h1: Linux - How do I prevent VPN leaks using nftables and OpenVPN?
-url: /knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-nftables-and-openvpn/
-sections:
-    - linux
-    - troubleshooting
-sectionTitle: Linux
-layout: help-details
-weight: 30
----
-# How do I prevent VPN leaks using nftables and OpenVPN?
-
-<div markdown="1" class="notice notice--info">
-We recommend using our <a href="/apps-linux/">Linux app</a> that offers an easy-to-use built-in Firewall solution that protects you from both IP and traffic leaks. Read on, if you would like to have a more granular Firewall configuration or prefer to use NetworkManager or a different VPN client.
-</div>
-
-As the successor to [iptables](/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables/), **nftables** is supported by the [netfilter project](https://www.netfilter.org/) and provides flexibility, scalability, plus performance improvements with firewall rules.  In this article, we present a script with a set of **nftables** firewall commands and rules to create a kill switch for a manual OpenVPN connection.
-
-
-### nftables Basics
-
-Install the `nftables` package as required.
-
-Disable the **iptables** service and enable the **nftables** service (if required) to automatically load firewall rules when the system boots:
-```
-sudo systemctl disable --now iptables
-sudo systemctl enable --now nftables
-```
-
-The system-wide configuration for **nftables** might be stored in one of the following locations based on your Linux distribution:
-```
-/etc/nftables.conf
-/etc/sysconfig/nftables.conf
-```
-
-Check the current **nftables** rules:
-```
-sudo nft list ruleset
-```
-
-Flush the current **nftables** rules (ie. to start over):
-```
-sudo nft flush ruleset
-sudo nft list ruleset
-```
-
-The rules in the script below can be stored in an `nft` script file and loaded into the system for testing.  The `/tmp/` folder is used as an example; please feel free to use a more permanent location if you reboot your system regularly:
-```
-sudo nft --file /tmp/killswitch.nft
-sudo nft list ruleset
-```
-
-Testing with **nftables** is relatively friendly.  For example, there is an optional rule in the script below to allow outbound access to the local network.  This rule is commented out by default.  Load the script below (`sudo nft --file ...`) and verfy that LAN access is not available.  Uncomment the line from the `nft` script, save the changes, then load the script again and check that LAN access is available.
-
-Once the testing is complete, copy the script to the system-wide configuration location mentioned above:
-```
-sudo cp /etc/nftables.conf /etc/nftables.conf.ORIGINAL
-sudo cp /tmp/killswitch.nft /etc/nftables.conf
-```
-
-Reboot the system and check the current **nftables** rules to confirm the desired boot-time behaviour.
-
-<div markdown="1" class="notice notice--warning">
-Please check the "define" lines at the top of the script below and adjust them based on your system's network interface names, LAN details, preferred VPN server location, preferred NTP sources, etc.  Rules marked OPTIONAL are not required, though they may add extra functionality.  Please consider your threat model prior to enabling these optional rules.
-</div>
-
-
-### nftables Rules Script
-
-Add the script below to a file using the text editor of your choice:
-
-```
-nano /tmp/killswitch.nft
-vi /tmp/killswitch.nft
-vim /tmp/killswitch.nft
-ed /tmp/killswitch.nft
-```
-
-<div class="highlight">
-<pre>
-<code class="language-shell" data-lang="shell">
-<span>#!/usr/sbin/nft -f</span>
-
-<span>## FLUSH existing rules and create a table called "killswitch".</span>
-flush ruleset
-add table inet killswitch
-
-<span>## NETWORK interfaces: Run "ip a" to confirm local interface device names.</span>
-define INET_DEV = eth0
-define VPN_DEV  = tun0
-
-<span>## VPN servers: Switzerland in this case.  Adjust accordingly: ivpn.net/status </span>
-<span>## dig +short ch{1,3}.gw.ivpn.net</span>
-define VPN_SERVERS = { 141.255.166.194, 185.212.170.138 }
-
-<span>## NTP servers: Adjust for your server pool.</span>
-<span>## dig +short {0..1}.pool.ntp.org | sort -h</span>
-define NTP_SERVERS = { 62.108.36.235, 85.214.96.5, 129.70.132.32, 136.243.202.118, 144.91.116.85, 185.242.112.53, 193.203.3.170, 213.160.74.205 }
-
-<span>## LAN: Adjust for your local LAN.</span>
-<span># define LAN_CLIENTS = { 192.168.0.2, 192.168.0.4-192.168.0.6 }</span>
-define LAN_CLIENTS = 192.168.0.0/24
-
-<span>## DROP everything by default for all chains ("INPUT", "FORWARD", "OUTPUT").</span>
-add chain inet killswitch INPUT { type filter hook input priority 0 ; policy drop ; }
-add chain inet killswitch FORWARD { type filter hook forward priority 0 ; policy drop ; }
-add chain inet killswitch OUTPUT { type filter hook output priority 0 ; policy drop ; }
-
-<span>## LOOPBACK: Some local processes need to hear from other ones.</span>
-add rule inet killswitch INPUT iifname "lo" counter accept
-
-<span>## LAN BROADCAST: You may need to allow traffic from local DHCP servers.</span>
-add rule inet killswitch INPUT iifname $INET_DEV ip saddr 255.255.255.255 counter accept
-
-<span>## OPTIONAL: Allow incoming SSH (22/TCP) from LAN.  Uncomment and adjust for other services as required or add additional rules.</span>
-<span>#add rule inet killswitch INPUT iifname $INET_DEV tcp dport 22 counter accept</span>
-
-<span>## ALLOW related/established traffic and drop everything else without acknowledgement to peers.</span>
-add rule inet killswitch INPUT ct state related,established accept
-add rule inet killswitch INPUT counter drop
-
-<span>## FORWARDING: Your device is not a router, so do not allow forwarding.  Enable logging just in case.</span>
-add rule inet killswitch FORWARD counter log prefix "NFT drop fwd: " drop
-
-<span>## LOOPBACK: Some local processes need to talk to other ones.</span>
-add rule inet killswitch OUTPUT oifname "lo" counter accept
-
-<span>## NTP: Allow outbound NTP requests because OpenVPN's certificate system is sensitive to time discrepancies.</span>
-add rule inet killswitch OUTPUT oifname $INET_DEV ip daddr $NTP_SERVERS udp dport 123 counter accept
-
-<span>## VPN: Allow outbound traffic to VPN servers defined above.</span>
-add rule inet killswitch OUTPUT oifname $INET_DEV ip daddr $VPN_SERVERS counter accept
-
-<span>## VPN: Allow outbound traffic through the VPN tunnel.</span>
-add rule inet killswitch OUTPUT oifname $VPN_DEV counter accept
-
-<span>## LAN BROADCAST: You may need to allow traffic to local DHCP servers.</span>
-add rule inet killswitch OUTPUT oifname $INET_DEV ip daddr 255.255.255.255 counter accept
-
-<span>## OPTIONAL: Allow outbound traffic to local network.</span>
-<span>#add rule inet killswitch OUTPUT oifname $INET_DEV ip daddr $LAN_CLIENTS counter accept</span>
-
-<span>## ALLOW related/established traffic.</span>
-add rule inet killswitch OUTPUT ct state related,established accept
-
-<span>## DROP everything else, without acknowledgement to peers.</span>
-<span>## LOGGING is useful for testing, though may consume log files over time.  Choose one rule or the other from below.</span>
-add rule inet killswitch OUTPUT counter log prefix "NFT drop out: " drop
-<span>#add rule inet killswitch OUTPUT counter drop</span>
-</code>
-</pre>
-</div>
-
-
-### Verifying
-
-Stop the OpenVPN connection, then check access to Internet sites, LAN, etc., using `ping` or other methods.  If logging is enabled on the **DROP** rule, check the system log (`dmesg | grep "NFT drop"`) to confirm outgoing traffic is blocked.
-
-
-### Handling IPv6
-
-The ruleset in the script above ends up blocking IPv6 traffic.  Link local IPv6 addresses are pingable from the local system (ie. `fe80:...`), though IPv6 traffic to other systems, like LAN and Internet destinations, is blocked.  This might be enough for your threat model, though there are other ways to block IPv6 traffic.
-
-- For OpenVPN 2.5 and up, the `block-ipv6` directive is available.  Edit the OpenVPN configuration file you use for your VPN connection and add the following directives above the `verb` line:
-```
-ifconfig-ipv6 fd15:53b6:dead::2/64 fd15:53b6:dead::1
-redirect-gateway ipv6
-block-ipv6
-```
-
-The `fd15:53b6:dead:` prefix and the three lines above are taken from the OpenVPN 2.5 man page.  The prefix is part of the IPv6 local range (`fd00::/8`) and is not routable over the Internet.
-
-- Disable IPv6 on the local system.  Unless you make use of local network IPv6 resources, it may be simplest to disable IPv6 entirely.  Run these commands:
-```
-echo 'net.ipv6.conf.all.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
-echo 'net.ipv6.conf.default.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
-echo 'net.ipv6.conf.lo.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
-sudo sysctl -p
-```
-
-To undo the change and restore IPv6 on your system, change the `disable_ipv6=1` bits to `disable_ipv6=0` or manually edit the `/etc/sysctl.conf` file and remove the three `disable_ipv6=1` lines, then run `sudo sysctl -p`.  A system reboot may or may not be required after re-enabling IPv6.
diff --git a/src/content/es/pages/knowledgebase/linux/linux-kill-switch-using-the-uncomplicated-firewall-ufw.md b/src/content/es/pages/knowledgebase/linux/linux-kill-switch-using-the-uncomplicated-firewall-ufw.md
deleted file mode 100644
index 9be3fb2f9..000000000
--- a/src/content/es/pages/knowledgebase/linux/linux-kill-switch-using-the-uncomplicated-firewall-ufw.md
+++ /dev/null
@@ -1,85 +0,0 @@
----
-title: Kill Switch using the Uncomplicated Firewall (UFW) - IVPN Help
-h1: Kill Switch using the Uncomplicated Firewall (UFW)
-url: /knowledgebase/linux/linux-kill-switch-using-the-uncomplicated-firewall-ufw/
-sections:
-    - linux
-sectionTitle: Linux
-layout: help-details
-weight: 70
----
-# Kill Switch using the Uncomplicated Firewall (UFW)
-
-<div markdown="1" class="notice notice--info">
-We recommend using our <a href="/apps-linux/">Linux CLI app</a> that offers an easy-to-use built-in Firewall solution that protects you from both IP and traffic leaks. Read on, if you would like to have a more granular Firewall configuration or prefer to use NetworkManager or a different VPN client.
-</div>
-
-This guide shows you how to setup a firewall (similar to a 'kill switch') using the UFW to protect against packets leaking if the VPN fails for any reason.
-
-1.  Start by installing UFW:
-
-    ```
-    # sudo apt-get update
-    # sudo apt-get install ufw
-    ```
-
-2.  Enable UFW:
-
-    ```
-    # sudo ufw enable
-    ```
-
-3.  Block all outgoing traffic:
-
-    ```
-    # sudo ufw default deny outgoing
-    ```
-
-    ...and all incoming traffic:
-
-    ```
-    # sudo ufw default deny incoming
-    ```
-
-4.  Allow traffic through VPN tunnel:
-
-    ```
-    # sudo ufw allow out on tun0 from any to any
-    # sudo ufw allow in on tun0 from any to any
-    ```
-
-5.  Choose the IVPN server you will be connecting to and make an exception for it in UFW.  
-    Let's assume you choose Germany server. Navigate to the [Server Status page](/status/), find & resolve its domain name:
-
-    ```
-    # nslookup de1.gw.ivpn.net
-    ```
-
-    The output will be the IP addresses, which you need to specify in the UFW exception rule:
-
-    ```
-    # sudo ufw allow out from any to resolved.ip.address.here
-    ```
-
-    If you do not have or do not wish to use i.e. public DNS or the one provided by your ISP (skip this step if otherwise), update your hosts file accordingly:
-
-    ```
-    # echo "resolved.ip.address.here  de1.gw.ivpn.net" | sudo tee -a /etc/hosts
-    ```
-
-6.  You're done! In case you need to reset those rules and start anew:
-
-    ```
-    # sudo ufw reset
-    ```
-
-You can additionally disable IPv6:
-
-```
-# echo 'net.ipv6.conf.all.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
-# echo 'net.ipv6.conf.default.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
-# echo 'net.ipv6.conf.lo.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
-# sudo sysctl -p
-```
-
-...and reverse those changes by editing /etc/sysctl.conf, and deleting those lines.
\ No newline at end of file
diff --git a/src/content/es/pages/knowledgebase/linux/linux-obfs3-and-obfs4-obfuscation-with-obfsproxy-to-circumvent-censorship.md b/src/content/es/pages/knowledgebase/linux/linux-obfs3-and-obfs4-obfuscation-with-obfsproxy-to-circumvent-censorship.md
deleted file mode 100644
index cde917697..000000000
--- a/src/content/es/pages/knowledgebase/linux/linux-obfs3-and-obfs4-obfuscation-with-obfsproxy-to-circumvent-censorship.md
+++ /dev/null
@@ -1,176 +0,0 @@
----
-title: Linux - OBFS3 and OBFS4 Obfuscation with Obfsproxy to Circumvent Censorship - IVPN Help
-h1: Linux - OBFS3 and OBFS4 Obfuscation with Obfsproxy to Circumvent Censorship
-url: /knowledgebase/linux/linux-obfs3-and-obfs4-obfuscation-with-obfsproxy-to-circumvent-censorship/
-sections:
-    - linux
-sectionTitle: Linux
-layout: help-details
-weight: 9
----
-# OBFS3 and OBFS4 Obfuscation with Obfsproxy to Circumvent Censorship
-
-In some countries (like China, Iran, Vietnam, etc.), the government utilizes a very restrictive firewall and enforces local ISPs to throttle and block the traffic via Deep Packet Inspection. Work around these restrictions with the help of obfs4proxy by masking the VPN traffic.  This article offers details on using OBFS3 or OBFS4 with a single-hop or Multi-hop OpenVPN connection over TCP.
-
-<div markdown="1" class="notice notice--info">
-Our IVPN Linux client includes obfsproxy support. Check it out <a href="/apps-linux/">here</a>
-</div>
-
-
-1. Install the OBFS4 proxy package:
-
-    **Debian, Ubuntu, Mint**: `sudo apt install obfs4proxy`
-
-    **Fedora**: `sudo dnf install obfs4`
-
-    **openSUSE**: `sudo zypper install obfs4`
-
-    **Arch, Manjaro**: https://aur.archlinux.org/packages/obfs4proxy
-
-
-1. Create a helper script to set proxy variables and launch the `obfs4proxy` service:
-
-    ```
-    $ nano /path/to/obfs-helper.sh
-
-    #!/bin/bash
-    echo "Keep this running for the duration of the OpenVPN connection."
-    echo "Use Ctrl+c two times to exit."
-    mkdir -p /tmp/obfs
-    export TOR_PT_CLIENT_TRANSPORTS=obfs3,obfs4
-    export TOR_PT_MANAGED_TRANSPORT_VER=1
-    export TOR_PT_STATE_LOCATION=/tmp/obfs
-    /usr/bin/obfs4proxy
-    ```
-
-    Press `Ctrl+x` to save and exit the `nano` editor.  Make the script executable with `chmod +x /path/to/obfs-helper.sh`.  Be sure to use a real file location (not `/path/to/`).
-
-    This script creates a local proxy service for both OBFS3 and OBFS4.  Adjust the `export TOR_PT_CLIENT_TRANSPORTS=obfs3,obfs4` line if required (ie. `export TOR_PT_CLIENT_TRANSPORTS=obfs4` for OBFS4 only).
-
-
-1. Generate a single-hop OpenVPN configuration file:
-
-    IVPN OpenVPN configuration generator: https://www.ivpn.net/openvpn-config
-
-    In step 2 of the configuration generator, choose any **TCP** port for `Protocol / Port` and select `Use hostnames`.
-
-
-1. Edit the OpenVPN configuration file (ie. using `nano`, `vim`, or any text editor you prefer):
-
-    **OBFS3 single-hop**: Change line 4 port to `5145`
-
-    **OBFS4 single-hop**: Change line 4 port to `5146`
-
-    **OBFS3 Multi-hop**:
-    - Change line 4 port to the exit server's `OBFS 3 MultiHop Port` from the [server status page](https://www.ivpn.net/status) (ie. fr1 = 23402, jp2 = 20831, us-ca3 = 21302)
-    - Change line 16 `name-prefix` to match the exit server (ie. fr, jp, us-ca)
-
-    **OBFS4 Multi-hop**:
-    - Change line 4 port to the exit server's `OBFS 4 MultiHop Port` from the [server status page](https://www.ivpn.net/status) (ie. fr1 = 23403, jp2 = 20832, us-ca3 = 21303)
-    - Change line 16 `name-prefix` to match the exit server (ie. fr, jp, us-ca)
-
-    **For all connections** (OBFS3, OBFS4, single-hop, Multi-hop), add four lines after `verb 3`:
-
-    ```
-    tls-timeout 4
-    txqueuelen 1024      # Linux only
-    connect-retry-max 3  # adjust as required
-    route xx.xx.xx.xx 255.255.255.255 yy.yy.yy.yy
-    ```
-
-    Use the IP address from line 4 of the OpenVPN configuration file to replace `xx.xx.xx.xx` and use your network's default gateway IP address to replace `yy.yy.yy.yy`.  Run `ip route | grep default` to identify the default gateway IP address for your system.
-
-    Save the file (ie. `Taiwan-obfs4.ovpn`).
-
-
-1. **OBFS4 Only** - Create a  `socks5_auth` file:
-
-    This file contains the VPN server's public key/certificate and the Inter-Arrival Timing (IAT) mode (elapsed time after receipt of a packet until the next packet arrives).
-
-    **cert=...;** use the `OBFS 4 Public Key` from the [server status page](https://www.ivpn.net/status) for the server your traffic exits from.  A semi-colon at end of line is required.
-
-    **iat-mode=** can be 0, 1, or 2 and determines packet segmentation rules:  
-    - **0 = disabled**: packets are segmented by the network, network fingerprints could be detected  
-    - **1 = enabled**: packets are segmented by the OBFS4 proxy, maximum payload is 1448 bytes, prevents re-assembly for analysis  
-    - **2 = paranoid**: random packet size, prevents re-assembly for analysis, uncommon and may or may not offer benefits  
-
-    There will likely be a performance decrease for the VPN connection with IAT-modes 1 and 2.
-
-    Example: `socks5_auth` with IAT-mode 0:
-
-    ```
-    cert=abcdefghijklmnopqrstuvwxyz0123456789;
-    iat-mode=0
-    ```
-
-    Save the file to a convenient location (ie. `~/socks5_auth_fr1`, `/path/to/socks5_auth_us-ca3`).
-
-
-1. Launch the helper script and keep it running (ie. do not close the terminal window):
-
-    ```
-    $ /path/to/obfs-helper.sh
-    Keep this running for the duration of the OpenVPN connection.
-    Use Ctrl+c two times to exit.
-    VERSION 1
-    CMETHOD obfs3 socks5 127.0.0.1:aaaaa
-    CMETHOD obfs4 socks5 127.0.0.1:bbbbb
-    CMETHODS DONE
-    ```
-
-    `aaaaa` is the port number for OBFS3 connections.
-
-    `bbbbb` is the port number for OBFS4 connections.
-
-    The port numbers are random and change each time `obfs4proxy` is launched (via the helper script).
-
-
-1. Start the OpenVPN connection and keep the terminal window open:
-    
-    Replace `aaaaa` and `bbbbb` in the commands below with the actual port numbers from the step above.
-
-    **OBFS3 single-hop or Multi-hop**:
-    ```
-    sudo openvpn --config /path/to/France-obfs3.ovpn --socks-proxy 127.0.0.1 aaaaa
-    ```
-
-    **OBFS4 single-hop**:
-    ```
-    sudo openvpn --config /path/to/France-obfs4.ovpn --socks-proxy 127.0.0.1 bbbbb ~/socks5_auth_fr1
-    ```
-
-    **OBFS4 Multi-hop**, the `socks5_auth` file is for the exit server:
-    ```
-    sudo openvpn --config /path/to/France2Portugal-obfs4.ovpn --socks-proxy 127.0.0.1 bbbbb /path/to/socks5_auth_pt1
-    ```
-
-    **Note**:  Use a chained command with a variable to determine the random port to help with scripts and automation instead of manually replacing `aaaaa` and `bbbbb`:
-    ```
-    OBFS3PORT=$(ss -ltp | grep obfs4proxy | grep "fd=3" | awk '{ print $4 }' | awk -F":" '{ print $2 }')
-    OBFS4PORT=$(ss -ltp | grep obfs4proxy | grep "fd=4" | awk '{ print $4 }' | awk -F":" '{ print $2 }')
-    ```
-
-1. Run a [DNS leak test](https://www.dnsleaktest.com/) to verify the connection.
-
-
-1. Disconnect the OpenVPN connection first by using `Ctrl+c` in the OpenVPN terminal.  Stop the proxy service by using `Ctrl+c` twice in the other terminal.
-
-
-### Troubleshooting:
-
-- [DNS leak](https://www.ivpn.net/knowledgebase/linux/linux-webpages-do-not-load-or-dns-leaks-when-connecting-via-networkmanager/)
-
-- IPv6 leak:
-
-    - Use a firewall to allow connection to TCP port `5145` (OBFS3, single-hop), `5146` (OBFS4, single-hop), and/or any required `2xxxx` port for Multi-hop using [iptables](https://www.ivpn.net/knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables/) or [ufw](https://www.ivpn.net/knowledgebase/linux/linux-kill-switch-using-the-uncomplicated-firewall-ufw/).  
-
-    - Disable IPv6:  
-
-    ```
-    echo 'net.ipv6.conf.all.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
-    echo 'net.ipv6.conf.default.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
-    echo 'net.ipv6.conf.lo.disable_ipv6=1' | sudo tee -a /etc/sysctl.conf
-    sudo sysctl -p
-    ```
-
-    **Note**: Change the three `disable_ipv6=1` to `disable_ipv6=0` to re-enable IPv6.
diff --git a/src/content/es/pages/knowledgebase/linux/linux-tray-icon-is-missing-in-gnome.md b/src/content/es/pages/knowledgebase/linux/linux-tray-icon-is-missing-in-gnome.md
deleted file mode 100644
index a1c05f4a3..000000000
--- a/src/content/es/pages/knowledgebase/linux/linux-tray-icon-is-missing-in-gnome.md
+++ /dev/null
@@ -1,20 +0,0 @@
----
-title: Tray icon is missing in GNOME - IVPN Help
-h1: Tray icon is missing in GNOME
-url: /knowledgebase/linux/linux-tray-icon-is-missing-in-gnome/
-sections:
-    - linux
-    - troubleshooting
-sectionTitle: Linux
-layout: help-details
-weight: 70
----
-# Tray icon is missing in GNOME
-
-In the GNOME desktop environment version 40, tray icons have been mostly removed and the tray icon for the IVPN App does not appear by default.  The IVPN App's tray icon can be restored by installing two packages using the command line via Terminal:
-
-```
-$ sudo dnf install gnome-extensions-app gnome-shell-extension-appindicator
-```
-
-After installing, launch the `Extensions` application and toggle the `KStatusNotifierItem` switch to **on**.  You may have to log out from the GNOME desktop, then log back in for the `Extesions` application to update.
diff --git a/src/content/es/pages/knowledgebase/linux/linux-webpages-do-not-load-or-dns-leaks-when-connecting-via-networkmanager.md b/src/content/es/pages/knowledgebase/linux/linux-webpages-do-not-load-or-dns-leaks-when-connecting-via-networkmanager.md
deleted file mode 100644
index 3fe267875..000000000
--- a/src/content/es/pages/knowledgebase/linux/linux-webpages-do-not-load-or-dns-leaks-when-connecting-via-networkmanager.md
+++ /dev/null
@@ -1,109 +0,0 @@
----
-title: Webpages do not load or DNS leaks when connecting via NetworkManager - IVPN Help
-h1: Webpages do not load or DNS leaks when connecting via NetworkManager
-url: /knowledgebase/linux/linux-webpages-do-not-load-or-dns-leaks-when-connecting-via-networkmanager/
-sections:
-    - linux
-sectionTitle: Linux
-layout: help-details
-weight: 110
----
-# Webpages do not load or DNS leaks when connecting via NetworkManager
-
-When you connect to a VPN server using the NetworkManager, you might discover that it does not apply IVPN DNS IP address automatically. This may lead to either websites' domain names not resolving or your real DNS is being used, which is considered as a leak.
-
-If you are more comfortable with NetworkManager, feel free to apply IVPN DNS IP addresses manually:
-
-<div markdown="1" class="notice notice--warning">
-Syntax may differ depending on your Linux distro, substitute where required
-</div>
-
-1.  Install the `resolvconf` package:
-
-    ```
-    #sudo apt-get install resolvconf
-    ```
-
-2.  Open **head** file..:
-
-    ```
-    #sudo nano /etc/resolvconf/resolv.conf.d/head
-    ```
-
-    ... and on the new line (without quotes) enter `nameserver 10.0.254.1` and on another line nameserver `198.245.51.147`. Cntrl+X to save changes and exit the file.
-
-3.  Restart your system to apply the DNS changes or edit the **resolv.conf** file to apply the DNS immediately:
-
-    ```
-    #sudo nano /etc/resolv.conf
-    ```
-
-    Add both of our DNS IP addresses:
-
-    ```
-    nameserver 10.0.254.1
-    nameserver 198.245.51.147
-    ```
-
-    Remove or comment out (by adding '#' at the beginning of the line) lines containing your real DNS IP address  
-    Using a different Internal IP addresses activates the AntiTracker:  
-    * 10.0.254.1 = regular DNS with no blocking (OpenVPN)
-    * 10.0.254.2 = standard AntiTracker to block advertising and malware domains
-    * 10.0.254.3 = Hardcore Mode AntiTracker to also block Google and Facebook domains 
-
-4.  Confirm that your system is now using IVPN DNS. Running the, e.g. **nslookup ivpn.net** command should provide you with the following output.  
-    When disconnected from IVPN, your system should use `198.245.51.147` IP address:
-
-    ```
-    Server: 198.245.51.147
-    Address: 198.245.51.147#53
-    Non-authoritative answer:
-    Name:	ivpn.net
-    Address: 167.114.18.34
-    ```
-
-    When connected to IVPN, `10.0.254.1`:
-
-    ```
-    Server: 10.0.254.1
-    Address: 10.0.254.1#53
-    Non-authoritative answer:
-    Name:	ivpn.net
-    Address: 167.114.18.34
-    ```
-
-### Troubleshooting
-
-1.  In some Linux distros, there may be multiple services affecting the DNS sub-system. If you see an entry like `nameserver 127.0.0.53` in the /etc/resolv.conf file after making the changes above and rebooting your computer system, you may have to disable the systemd-resolved service and reboot your system:
-
-    ```
-    sudo systemctl disable systemd-resolved.service
-    ```
-
-2.  Another way to put and keep DNS servers in the resolv.conf file involves creating a file and changing a file attribute to preserve the file and contents:
-
-    ```
-    sudo rm -i /etc/resolv.conf
-    ```
-
-    Add our DNS servers to the resolv.conf file:
-
-    ```
-    #sudo nano /etc/resolv.conf
-    nameserver 10.0.254.1
-    nameserver 198.245.51.147
-    ```
-
-    Press `Ctrl+x` to save and exit the **nano** editor, then change the file attribute to prevent writes or file changes:
-
-    ```
-    sudo chattr +i /etc/resolv.conf
-    ```
-
-    This file attribute change persists over a reboot. Undo this change with:
-
-    ```
-    sudo chattr -i /etc/resolv.conf
-    ```
-
-    ... then restart your computer system to allow the resolv.conf file to be populated automatically.
diff --git a/src/content/es/pages/knowledgebase/linux/linux-wireguard-kill-switch.md b/src/content/es/pages/knowledgebase/linux/linux-wireguard-kill-switch.md
deleted file mode 100644
index cc49faf11..000000000
--- a/src/content/es/pages/knowledgebase/linux/linux-wireguard-kill-switch.md
+++ /dev/null
@@ -1,57 +0,0 @@
----
-title: WireGuard Kill Switch - IVPN Help
-h1: WireGuard Kill Switch
-url: /knowledgebase/linux/linux-wireguard-kill-switch/
-sections:
-    - linux
-sectionTitle: Linux
-layout: help-details
-weight: 80
----
-# WireGuard Kill Switch
-
-To ensure no traffic leaks outside and your real IP address is revealed in case the WireGuard VPN tunnel accidentally goes down, you can set up the Kill Switch which is configured using the **PostUp** and **PreDown** WG syntax.
-
-1.  Open the WireGuard config file with any text editors:
-
-    ```
-    $ sudo nano /etc/wireguard/wg0.conf
-    ```
-
-2.  Add the following two lines to the [Interface] section:
-
-    ```
-    PostUp  =  iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
-    PreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show  %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -D OUTPUT ! -o %i -m mark ! --mark $(wg show  %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
-    ```
-
-3.  Here's how the WG config file should look like afterwards:
-
-    ```
-    [Interface]
-    PrivateKey = abcdefghijklmnopqrstuvwxyz0123456789=
-    Address = 172.x.y.z/32
-    DNS = 172.16.0.1
-    PostUp  =  iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
-    PreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show  %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -D OUTPUT ! -o %i -m mark ! --mark $(wg show  %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
-    [Peer]
-    PublicKey = JPT1veXLmasj2uQDstX24mpR7VWD+GmV8JDkidkz91Q=
-    Endpoint = us-tx1.wg.ivpn.net:2049
-    AllowedIPs = 0.0.0.0/0
-    ```
-
-### Testing
-
-1.  One way to test a down tunnel is to delete the IP address from the WireGuard network interface, like this via the Terminal:
-
-    ```
-    sudo ip a del [IP address] dev [interface]
-    ```
-
-    In this example, it's possible to remove 172.x.y.z from the wg0 interface:
-
-    ```
-    sudo ip a del 172.x.y.z/32 dev wg0
-    ```
-
-    The PostUP iptables rule from step 2 above restricts all traffic to the tunnel and all outgoing attempts to get traffic out fail. To gracefully recover from this, you will likely have to use the **wg-quick** command to take the connection down, then bring it back up.
diff --git a/src/content/es/pages/knowledgebase/linux/linux-wireguard-rtnetlink-answers-operation-not-supported.md b/src/content/es/pages/knowledgebase/linux/linux-wireguard-rtnetlink-answers-operation-not-supported.md
deleted file mode 100644
index af6e9d6f4..000000000
--- a/src/content/es/pages/knowledgebase/linux/linux-wireguard-rtnetlink-answers-operation-not-supported.md
+++ /dev/null
@@ -1,29 +0,0 @@
----
-title: 'WireGuard - "RTNETLINK answers: Operation not supported" - IVPN Help'
-h1: 'WireGuard - "RTNETLINK answers: Operation not supported"'
-url: /knowledgebase/linux/linux-wireguard-rtnetlink-answers-operation-not-supported/
-sections:
-    - linux
-sectionTitle: Linux
-layout: help-details
-weight: 20
----
-# WireGuard - "RTNETLINK answers: Operation not supported"
-
-If you are trying to establish a WireGuard connection with a **wg-quick** command and receive the following error..:
-
-```
-$ ip link add dev wg0 type wireguard
-RNETLINK answers: Operation not supported
-Unable to access interface: Protocol not supported
-```
-
-..most likely the **wireguard** kernel module is not loaded in your system. To fix this, open the terminal and run the following command:
-
-```
-$ sudo modprobe wireguard
-```
-
-In case the issue is still there, reboot your machine.
-
-A chance exists that the **Secure Boot** feature is blocking the unsigned WireGuard kernel module.  In this case, you might consider either disabling the **Secure Boot** feature or signing the WireGuard module to raise the trust level.
diff --git a/src/content/es/pages/knowledgebase/linux/managing-the-ivpn-linux-client-at-system-boot.md b/src/content/es/pages/knowledgebase/linux/managing-the-ivpn-linux-client-at-system-boot.md
deleted file mode 100644
index 44e1a31d6..000000000
--- a/src/content/es/pages/knowledgebase/linux/managing-the-ivpn-linux-client-at-system-boot.md
+++ /dev/null
@@ -1,142 +0,0 @@
----
-title: Managing the IVPN Linux CLI client at System Boot - IVPN Help
-h1: Managing the IVPN Linux CLI client at System Boot
-url: /knowledgebase/linux/managing-the-ivpn-linux-client-at-system-boot/
-sections:
-    - linux
-sectionTitle: Linux
-layout: help-details
-weight: 10
----
-# Managing the IVPN Linux CLI client at System Boot
-
-<div markdown="1" class="notice notice--warning">
-This article applies to the IVPN Linux CLI client.  The GUI client includes both Always-On and On-Demand firewall settings.
-</div>
-
-
-The IVPN Linux CLI client does not currently offer support for a persistent firewall or automatically connecting at system boot, though these features are planned for future releases.
-
-Using standard Linux features, it is possible to manage both the automatic connect and the firewall settings at system boot at either the user-level via **crontab** or the system-level using a **systemd unit file**.
-
-Please use only one of these options to avoid conflicts.
-
-### User-level: crontab
-
-<div markdown="1" class="notice notice--info">
-No root-level or sudo-style permissions are required for this option.
-</div>
-
-1.  Create a Bash script to first wait for the **ivpn-service** to become ready, then apply the connection options:
-
-    ```
-    $ nano /home/user/bin/auto-conn-ivpn.sh
-    #!/bin/bash
-    while ! ps -e | grep ivpn-service > /dev/null ; do
-        sleep 1
-    done
-    /usr/local/bin/ivpn firewall -on
-    /usr/local/bin/ivpn connect -p wg -antitracker Denmark
-    ```
-
-    Press `Ctrl+x` to save the file and exit from the `nano` editor.
-
-    <div markdown="1" class="notice notice--info">
-    Note: The script above uses a WireGuard connection to our server in Denmark. Please feel free to use whichever connection settings you prefer. Our <a href="/knowledgebase/general/command-line-client-faq/">Command Line Client FAQ</a> has details.
-    </div>
-
-2.  Make the script executable:
-
-    ```
-    $ chmod +x /home/user/bin/auto-conn-ivpn.sh
-    ```
-
-3.  Edit the **crontab** and add a line with the `@reboot` timing directive plus the path to the script above. Logging is optional:
-
-    ```
-    $ crontab -e
-    @reboot /home/user/bin/auto-conn-ivpn.sh > /home/user/auto-conn-ivpn.log
-    ```
-
-4.  Reboot your system to confirm the IVPN Linux client connects automatically.
-
-5.  Check the log file to see the connection details:
-
-    ```
-    $ cat /home/user/auto-conn-ivpn.log
-    ```
-
-To adjust the connection settings, edit the `/home/user/bin/auto-conn-ivpn.sh` script. No changes to the **crontab** are required.
-
-To de-activate this automatic boot-time connection, edit the **crontab** and comment out or remove the `@reboot /home/...` line.
-
-### System-level: systemd
-
-<div markdown="1" class="notice notice--info">
-Root-level or sudo-style access is required for this option.
-</div>
-
-1.  Create a Bash script with the connection options:
-
-    ```
-    $ sudo nano /usr/local/bin/ivpn-autoconnect.sh
-    #!/bin/bash
-    /usr/local/bin/ivpn firewall -on
-    /usr/local/bin/ivpn connect -p ovpn -antitracker Singapore
-    ```
-
-    Press `Ctrl+x` to save the file and exit from the `nano` editor.
-
-    <div markdown="1" class="notice notice--info">
-    Note: The script above uses an OpenVPN connection to our server in Singapore. Please feel free to use whichever connection settings you prefer. Our <a href="/knowledgebase/general/command-line-client-faq/">Command Line Client FAQ</a> has details.
-    </div>
-
-2.  Make the script executable:
-
-    ```
-    $ sudo chmod +x /usr/local/bin/ivpn-autoconnect.sh
-    ```
-
-3.  Create a **systemd unit file** to control the autoconnect service:
-
-    ```
-    $ sudo nano /lib/systemd/system/ivpn-autoconnect.service
-    [Unit]
-    Description=IVPN autoconnect service.
-    After=network.target ivpn-service.service
-    Requires=network-online.target ivpn-service.service
-
-    [Service]
-    Type=oneshot
-    ExecStartPre=sleep 2
-    ExecStart=/bin/bash /usr/local/bin/ivpn-autoconnect.sh
-    ExecStop=ivpn disconnect
-    RemainAfterExit=yes
-
-    [Install]
-    WantedBy=multi-user.target
-    ```
-
-    Press `Ctrl+x` to save the file and exit from the `nano` editor.
-
-4.  Enable the autoconnect service:
-
-    ```
-    $ sudo systemctl enable ivpn-autoconnect.service
-    ```
-
-5.  Reboot your system to confirm the IVPN Linux client connects automatically.
-
-6.  Check the autoconnect service status:
-
-    ```
-    $ sudo systemctl status ivpn-autoconnect.service
-    ```
-
-To adjust the connection settings, edit the `/usr/local/bin/ivpn-autoconnect.sh` script. No changes to the **systemd unit file** are required.
-
-To de-activate this automatic boot-time connection, disable the autoconnect service:
-
-```
-$ sudo systemctl disable ivpn-autoconnect.service
-```
diff --git a/src/content/es/pages/knowledgebase/macos/_index.md b/src/content/es/pages/knowledgebase/macos/_index.md
deleted file mode 100644
index 4af024f15..000000000
--- a/src/content/es/pages/knowledgebase/macos/_index.md
+++ /dev/null
@@ -1,7 +0,0 @@
----
-title: macOS - IVPN Help
-url: /knowledgebase/macos/
-section: macos
-layout: help
----
-## macOS
diff --git a/src/content/es/pages/knowledgebase/macos/how-do-i-completely-uninstall-or-remove-tunnelblick.md b/src/content/es/pages/knowledgebase/macos/how-do-i-completely-uninstall-or-remove-tunnelblick.md
deleted file mode 100644
index 12c690ea1..000000000
--- a/src/content/es/pages/knowledgebase/macos/how-do-i-completely-uninstall-or-remove-tunnelblick.md
+++ /dev/null
@@ -1,14 +0,0 @@
----
-title: How do I completely uninstall / remove Tunnelblick? - IVPN Help
-h1: How do I completely uninstall / remove Tunnelblick?
-url: /knowledgebase/macos/how-do-i-completely-uninstall-or-remove-tunnelblick/
-sections:
-    - macos
-    - troubleshooting
-sectionTitle: macOS
-layout: help-details
-weight: 40
----
-# How do I completely uninstall / remove Tunnelblick?
-
-Please follow the [uninstall instructions](https://tunnelblick.net/cUninstall.html) on Tunnelblick's website.
diff --git a/src/content/es/pages/knowledgebase/macos/how-to-resolve-error-ivpnapp-is-damaged-and-cannot-be-opened.md b/src/content/es/pages/knowledgebase/macos/how-to-resolve-error-ivpnapp-is-damaged-and-cannot-be-opened.md
deleted file mode 100644
index d5cb91968..000000000
--- a/src/content/es/pages/knowledgebase/macos/how-to-resolve-error-ivpnapp-is-damaged-and-cannot-be-opened.md
+++ /dev/null
@@ -1,22 +0,0 @@
----
-title: How to resolve error "IVPN.app is damaged and cannot be opened." - IVPN Help
-h1: How to resolve error "IVPN.app is damaged and cannot be opened."
-url: /knowledgebase/macos/how-to-resolve-error-ivpnapp-is-damaged-and-cannot-be-opened/
-sections:
-    - macos
-    - troubleshooting
-sectionTitle: macOS
-layout: help-details
-weight: 90
----
-# How to resolve error "IVPN.app is damaged and cannot be opened."
-
-This error is caused by the macOS extended file attributes which result in app signature verification failure. We are not sure what the root cause of this issue is and it seems to affect only a very small percentage of users. The solution, however, is very simple and does not introduce any security risks. You simply have to remove the extended file attributes on the IVPN.app package.
-
-1.  Open Terminal.app by navigating to the utilities folder within the applications folder.
-
-2.  Type the command below (where ~/Downloads/IVPN.app is the path to the IVPN.app file you extracted)
-
-    ```
-    xattr -rc ~/Downloads/IVPN.app
-    ```
diff --git a/src/content/es/pages/knowledgebase/macos/ivpnapp-wants-to-control-system-events-why-do-i-see-this-warning.md b/src/content/es/pages/knowledgebase/macos/ivpnapp-wants-to-control-system-events-why-do-i-see-this-warning.md
deleted file mode 100644
index a743a3b58..000000000
--- a/src/content/es/pages/knowledgebase/macos/ivpnapp-wants-to-control-system-events-why-do-i-see-this-warning.md
+++ /dev/null
@@ -1,21 +0,0 @@
----
-title: '"IVPN.app wants to control System Events". Why do I see this warning? - IVPN Help'
-h1: '"IVPN.app wants to control System Events". Why do I see this warning?'
-url: /knowledgebase/macos/ivpnapp-wants-to-control-system-events-why-do-i-see-this-warning/
-sections:
-    - macos
-sectionTitle: macOS
-layout: help-details
-weight: 170
----
-# "IVPN.app wants to control System Events". Why do I see this warning?
-
-Various new threats and vulnerabilities are discovered daily and reacting to them is vital to keep the device that holds your personal and sensitive information safe and secure. For that, Apple is continuously implementing new security features to its operating systems, which is definitely a good thing.
-
-<div markdown="1" class="notice notice--warning">
-[insert an app name here] wants to control "System Events". Allowing control will provide access to documents and data inside "System Events", and to perform actions within that app.
-</div>
-
-This is a new dialogue message that was added with the release of macOS Catalina. What you're seeing is warning that was not a part of previous versions of macOS - it's being more cautious and letting you know about things that you may want to weigh in on, such as whether to grant this or that application certain privileges, where in the past, it would've just gone ahead and granted them without asking you for specific permission.
-
-Our app provides a lot of features, which rely on various system events and triggers to work. For example, the "Start at login" feature needs to know when you are, well, logged into your computer to launch an app. The only way to know whether this event has actually occurred, IVPN app needs to have access to your computer's "System Events", hence the permission request message. Should you not allow this, the feature is not guaranteed to work as it was designed initially.
diff --git a/src/content/es/pages/knowledgebase/macos/macos-disposable-emails.md b/src/content/es/pages/knowledgebase/macos/macos-disposable-emails.md
deleted file mode 100644
index 24b575be7..000000000
--- a/src/content/es/pages/knowledgebase/macos/macos-disposable-emails.md
+++ /dev/null
@@ -1,46 +0,0 @@
----
-draft: true
-title: macOS - Disposable Emails - IVPN Help
-h1: macOS - Disposable Emails
-url: /knowledgebase/macos/macos-disposable-emails/
-sections:
-    - macos
-sectionTitle: macOS
-layout: help-details
-weight: 120
----
-# macOS - Disposable Emails
-
-<div markdown="1" class="notice notice--warning">
-Disposable email is currently a beta feature. If you do not see the options described in this article, the beta has not been made available to you. If you would like to help us test this feature and join the beta, please email <a href="mailto:support@ivpn.net">support@ivpn.net</a>
-</div>
-
-Your email address is requested 100 times a day. Every time you provide it, you're trusting it won't fall into the wrong hands. IVPN's disposable email feature lets you create unlimited disposable email addresses you can share without concern, but immediately delete should they become compromised by spammers, sold to 3rd parties, or should you no longer require them.
-
-This article will show you how to use the IVPN disposable email feature on macOS to protect your real email address.
-
-### Creating a disposable email
-
-* To create a new Disposable Email address, launch the IVPN client, right-click the small `IVPN icon` and choose `Private Email`->`Manage...` as shown in the screenshot below:
-
-  ![](/images-static/uploads/Mac_PE_1.jpg)  
-
-* Once in the E-mail manager, click on the `Generate new` button to create your new random email address:
-
-  ![](/images-static/uploads/Mac_PE_2.png)
-
-* Once created, you can use that address right away.
-* You can optionally save a note along with that email address. You could use this to save information about the sites or services you have used this email address for. You can edit your note at any time by simply pressing the `Update notes` button and saving a new note.
-* Emails sent to those disposable email addresses will be forwarded to the email address associated with your IVPN account.
-
-### Deleting a disposable email
-
-To remove an email address you have created, simply:
-
-* Open your `Manage email` panel.
-* Select the email address you wish to delete from this list.
-* Click on a `Delete address` button. **This email address will stop receiving emails immediately and cannot be reinstated**.
-
-### Available on the web
-
-Just in case you ever need to sign up for something from another device, it is also possible to manage, create and delete disposable email addresses or even send mail from it in your personal [Client Area](/account/), under `VPN Account` - `Private emails` tab.
diff --git a/src/content/es/pages/knowledgebase/macos/macos-failed-to-regenerate-wireguard-keys-private-key-generation-error-133.md b/src/content/es/pages/knowledgebase/macos/macos-failed-to-regenerate-wireguard-keys-private-key-generation-error-133.md
deleted file mode 100644
index 3e22e4883..000000000
--- a/src/content/es/pages/knowledgebase/macos/macos-failed-to-regenerate-wireguard-keys-private-key-generation-error-133.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-title: "macOS - Failed to regenerate WireGuard keys. Private key generation error: 133 - IVPN Help"
-h1: "macOS - Failed to regenerate WireGuard keys. Private key generation error: 133"
-url: /knowledgebase/macos/macos-failed-to-regenerate-wireguard-keys-private-key-generation-error-133/
-sections:
-    - macos
-sectionTitle: macOS
-layout: help-details
-weight: 180
----
-# macOS - Failed to regenerate WireGuard keys. Private key generation error: 133
-
-This error is caused when you attempt to connect to a WireGuard server using an old version of macOS. To use WireGuard, your device has to be running on [macOS version 10.14 or later](https://apps.apple.com/us/app/wireguard/id1451685025?mt=12).
-
-Updating your macOS device to a supported version will resolve this issue. If updating is not feasible, you can continue connecting using OpenVPN or [IPSec with IKEv2 VPN protocol](/setup/macos-ipsec-with-ikev2/).
diff --git a/src/content/es/pages/knowledgebase/macos/macos-how-do-i-completely-uninstall-or-remove-the-ivpn-application.md b/src/content/es/pages/knowledgebase/macos/macos-how-do-i-completely-uninstall-or-remove-the-ivpn-application.md
deleted file mode 100644
index 1fdebd2e7..000000000
--- a/src/content/es/pages/knowledgebase/macos/macos-how-do-i-completely-uninstall-or-remove-the-ivpn-application.md
+++ /dev/null
@@ -1,20 +0,0 @@
----
-title: macOS - How do I completely uninstall / remove the IVPN application? - IVPN Help
-h1: macOS - How do I completely uninstall / remove the IVPN application?
-url: /knowledgebase/macos/macos-how-do-i-completely-uninstall-or-remove-the-ivpn-application/
-sections:
-    - macos
-    - troubleshooting
-sectionTitle: macOS
-layout: help-details
-weight: 60
----
-# macOS - How do I completely uninstall / remove the IVPN application?
-
-The uninstaller app is included in the installation .dmg image and is only required if you wish to completely remove all components of the IVPN application from your macOS computer. It is not required before installing a new version.
-
-You can download the latest .dmg image from the following link: [https://www.ivpn.net/apps-macos/](/apps-macos/)
-
-Open the downloaded image file and scroll down until you see the "Uninstall IVPN.app".
-
-After running the uninstaller app, restart your macOS computer system.
diff --git a/src/content/es/pages/knowledgebase/macos/macos-ivpn-helper-agent-is-not-starting.md b/src/content/es/pages/knowledgebase/macos/macos-ivpn-helper-agent-is-not-starting.md
deleted file mode 100644
index fe35b3f53..000000000
--- a/src/content/es/pages/knowledgebase/macos/macos-ivpn-helper-agent-is-not-starting.md
+++ /dev/null
@@ -1,27 +0,0 @@
----
-title: macOS - IVPN Helper agent is not starting - IVPN Help
-h1: macOS - IVPN Helper agent is not starting
-url: /knowledgebase/macos/macos-ivpn-helper-agent-is-not-starting/
-sections:
-    - macos
-sectionTitle: macOS
-layout: help-details
-weight: 160
----
-# macOS - IVPN Helper agent is not starting
-
-If you are unable to use IVPN app and getting the error about "IVPN Helper agent" being unable to start, follow the steps below:
-
-1.  Download the latest version of IVPN client for macOS from our website & double click on the installer.
-
-2.  Instead of moving the IVPN icon to your Applications folder in the popped up frame, scroll down and click on `Uninstall IVPN` - this will initiate a full uninstall process, removing any files associated with the app, including configuration files
-
-    ![](/images-static/uploads/macos-uninstaller.png)
-
-3.  Reboot your Mac -> install the IVPN app once again and check if the problem persists.
-
-In case the issue is still there, close the IVPN app, open the terminal on your macOS device and execute the following command:
-
-```
-sudo launchctl enable system/net.ivpn.client.Helper
-```
diff --git a/src/content/es/pages/knowledgebase/macos/macos-launch-at-login-is-not-available.md b/src/content/es/pages/knowledgebase/macos/macos-launch-at-login-is-not-available.md
deleted file mode 100644
index 2e6f01353..000000000
--- a/src/content/es/pages/knowledgebase/macos/macos-launch-at-login-is-not-available.md
+++ /dev/null
@@ -1,17 +0,0 @@
----
-title: macOS - "Launch at login" is not available - IVPN Help
-h1: macOS - "Launch at login" is not available
-url: /knowledgebase/macos/macos-launch-at-login-is-not-available/
-sections:
-    - macos
-sectionTitle: macOS
-layout: help-details
-weight: 190
----
-# macOS - "Launch at login" is not available
-
-The IVPN App for macOS requires permission to access the `System Events.app` on macOS to provide a way for the IVPN App to integrate with the macOS at a low level.  By granting permission, the IVPN App is allowed to make entries in the event log related to VPN, routing and firewall processes, and launching the app on login.
-
-During the IVPN App's installation process, access to `System Events.app` is requested.  If access is denied, the "Launch at login" feature will be greyed out and unavailable.
-
-You can view this permission entry on a macOS computer by opening `System Preferences > Security & Privacy > Privacy tab > Automation` and checking that the IVPN App has a check mark denoting permission to access `System Events.app`.  Toggling this check mark will grant or deny access.  Access is required for the "Launch at login" feature.
diff --git a/src/content/es/pages/knowledgebase/macos/macos-what-credentials-are-required-for-the-helper-agent-portion-of-the-ivpn-app-install.md b/src/content/es/pages/knowledgebase/macos/macos-what-credentials-are-required-for-the-helper-agent-portion-of-the-ivpn-app-install.md
deleted file mode 100644
index 87210fb28..000000000
--- a/src/content/es/pages/knowledgebase/macos/macos-what-credentials-are-required-for-the-helper-agent-portion-of-the-ivpn-app-install.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-title: macOS - What credentials are required for the Helper Agent portion of the IVPN App install? - IVPN Help
-h1: macOS - What credentials are required for the Helper Agent portion of the IVPN App install?
-url: /knowledgebase/macos/macos-what-credentials-are-required-for-the-helper-agent-portion-of-the-ivpn-app-install/
-sections:
-    - macos
-sectionTitle: macOS
-layout: help-details
-weight: 150
----
-# macOS - What credentials are required for the Helper Agent portion of the IVPN App install?
-
-During the IVPN App's installation, there is a `login prompt` with a `padlock icon` for our helper agent. Please enter your **macOS username** and **macOS password** to grant permission as the administrator of your computer system to allow access for the networking and firewall integration.
-
-We assign an **IVPN Account ID**, which starts with `ivpnXXXXXXXX` or `i-xxxx-xxxx-xxxx`, to your account. Please use this **IVPN Account ID** to log in to the IVPN App after the install is complete.
diff --git a/src/content/es/pages/knowledgebase/macos/tunnelblick-how-do-i-edit-the-openvpn-config-file.md b/src/content/es/pages/knowledgebase/macos/tunnelblick-how-do-i-edit-the-openvpn-config-file.md
deleted file mode 100644
index 28e93e6bb..000000000
--- a/src/content/es/pages/knowledgebase/macos/tunnelblick-how-do-i-edit-the-openvpn-config-file.md
+++ /dev/null
@@ -1,16 +0,0 @@
----
-title: Tunnelblick - How do I edit the OpenVPN config file? - IVPN Help
-h1: Tunnelblick - How do I edit the OpenVPN config file?
-url: /knowledgebase/macos/tunnelblick-how-do-i-edit-the-openvpn-config-file/
-sections:
-    - macos
-    - troubleshooting
-sectionTitle: macOS
-layout: help-details
-weight: 10
----
-# Tunnelblick - How do I edit the OpenVPN config file?
-
-1. Click on the Tunnelblick icon in the top right menu bar and select `VPN details`.
-2. Select the server you wish to edit the config file for and click on the 'gear' icon with a small down arrow in the bottom left corner of the window.
-3. Select `Edit OpenVPN configuration file`. The file will open in your text editor. Make the necessary changes and save the file.
diff --git a/src/content/es/pages/knowledgebase/macos/tunnelblick-how-to-submit-diagnostic-data-to-ivpn.md b/src/content/es/pages/knowledgebase/macos/tunnelblick-how-to-submit-diagnostic-data-to-ivpn.md
deleted file mode 100644
index 33a005c86..000000000
--- a/src/content/es/pages/knowledgebase/macos/tunnelblick-how-to-submit-diagnostic-data-to-ivpn.md
+++ /dev/null
@@ -1,19 +0,0 @@
----
-title: Tunnelblick - How to submit diagnostic data to IVPN? - IVPN Help
-h1: Tunnelblick - How to submit diagnostic data to IVPN?
-url: /knowledgebase/macos/tunnelblick-how-to-submit-diagnostic-data-to-ivpn/
-sections:
-    - macos
-    - troubleshooting
-sectionTitle: macOS
-layout: help-details
-weight: 110
----
-# Tunnelblick - How to submit diagnostic data to IVPN?
-
-If you are unable to resolve a technical issue and wish to contact IVPN support please include a copy of the log files by following the instructions below:
-
-1. Click on the Tunnelblick icon in the top right menu bar area.
-2. Click `VPN Details`.
-3. In the left side window select the server that you are trying to connect to.
-4. Click on the `log` tab on the right. `Click Copy diagnostic info to clipboard` and paste the data into an email to [support@ivpn.net](mailto:support@ivpn.net). Please include as much detail as possible about the issue you are experiencing.
diff --git a/src/content/es/pages/knowledgebase/macos/tunnelblick-opening-utun-no-buffer-space-available.md b/src/content/es/pages/knowledgebase/macos/tunnelblick-opening-utun-no-buffer-space-available.md
deleted file mode 100644
index dbd223776..000000000
--- a/src/content/es/pages/knowledgebase/macos/tunnelblick-opening-utun-no-buffer-space-available.md
+++ /dev/null
@@ -1,18 +0,0 @@
----
-title: Tunnelblick - Opening utun - No buffer space available - IVPN Help
-h1: Tunnelblick - Opening utun - No buffer space available
-url: /knowledgebase/macos/tunnelblick-opening-utun-no-buffer-space-available/
-sections:
-    - macos
-    - troubleshooting
-sectionTitle: macOS
-layout: help-details
-weight: 80
----
-# Tunnelblick - Opening utun - No buffer space available
-
-There is a bug in some versions of Tunnelblick which can result in the error above shown in the logs. To resolve follow the steps below.
-
-1. Ensure that you are running the [latest stable version of Tunnelblick](https://tunnelblick.net/downloads.html).
-2. Click on the Tunnelblick menu bar icon and then `VPN details`. Select the server you are trying to connect to and click the `advanced button`. Change the option `Load TUN driver automatically` to `Always load TUN driver`.
-3. If neither of the above resolve the issue, restart your computer and try again.
diff --git a/src/content/es/pages/knowledgebase/macos/tunnelblick-password-or-authentication-failure.md b/src/content/es/pages/knowledgebase/macos/tunnelblick-password-or-authentication-failure.md
deleted file mode 100644
index 02eb7b034..000000000
--- a/src/content/es/pages/knowledgebase/macos/tunnelblick-password-or-authentication-failure.md
+++ /dev/null
@@ -1,22 +0,0 @@
----
-title: Tunnelblick - Password or authentication failure - IVPN Help
-h1: Tunnelblick - Password or authentication failure
-url: /knowledgebase/macos/tunnelblick-password-or-authentication-failure/
-sections:
-    - macos
-    - troubleshooting
-sectionTitle: macOS
-layout: help-details
-weight: 30
----
-# Tunnelblick - Password or authentication failure
-
-Tunnelblick stores usernames and passwords in the macOS keychain. If you are having authentication failures then you should first delete the keychain entries:
-
-1. Open `keychain access` utility by navigating to your `Applications` folder and then `Utilities`.
-2. Select `Login` under `keychains` and `all elements` under `Category`.
-3. In the search box in the top right, enter `Tunnelblick` to filter all the Tunnelblick keychain entries.
-4. Select all the Tunnelblick entries, select `edit` | `delete`.
-5. Close Tunnelblick and open it again and try to connect.
-
-If you continue to have authentication issues please see [I receive an 'authentication failure' message. What can I do?](/knowledgebase/troubleshooting/i-receive-an-andsharp039authentication-failureandsharp039-message-what-can-i-do/)
diff --git a/src/content/es/pages/knowledgebase/macos/tunnelblick-the-internet-does-not-appear-to-be-reachable-error.md b/src/content/es/pages/knowledgebase/macos/tunnelblick-the-internet-does-not-appear-to-be-reachable-error.md
deleted file mode 100644
index 6ba68d59b..000000000
--- a/src/content/es/pages/knowledgebase/macos/tunnelblick-the-internet-does-not-appear-to-be-reachable-error.md
+++ /dev/null
@@ -1,18 +0,0 @@
----
-title: Tunnelblick - "the internet does not appear to be reachable" error - IVPN Help
-h1: Tunnelblick - "the internet does not appear to be reachable" error
-url: /knowledgebase/macos/tunnelblick-the-internet-does-not-appear-to-be-reachable-error/
-sections:
-    - macos
-    - troubleshooting
-sectionTitle: macOS
-layout: help-details
-weight: 50
----
-# Tunnelblick - "the internet does not appear to be reachable" error
-
-This issue is caused by the Tunnelblick DNS configuration. Please follow the steps below to resolve it:
-
-1. Click on the Tunnelblick icon in the taskbar and choose `VPN Details`.
-2. On the Details window, click on `Settings`. Click on the `Set DNS/WINS` option and select `Set nameserver` and re-connect.
-3. If that does not work, set it to `nameserver (3.0b10)` and re-connect. 
diff --git a/src/content/es/pages/knowledgebase/macos/tunnelblick-unable-to-load-nettunnelblicktap-kexts-error.md b/src/content/es/pages/knowledgebase/macos/tunnelblick-unable-to-load-nettunnelblicktap-kexts-error.md
deleted file mode 100644
index 393bd42c3..000000000
--- a/src/content/es/pages/knowledgebase/macos/tunnelblick-unable-to-load-nettunnelblicktap-kexts-error.md
+++ /dev/null
@@ -1,14 +0,0 @@
----
-title: Tunnelblick - "Unable to load net.tunnelblick.tap kexts" error - IVPN Help
-h1: Tunnelblick - "Unable to load net.tunnelblick.tap kexts" error
-url: /knowledgebase/macos/tunnelblick-unable-to-load-nettunnelblicktap-kexts-error/
-sections:
-    - macos
-    - troubleshooting
-sectionTitle: macOS
-layout: help-details
-weight: 70
----
-# Tunnelblick - "Unable to load net.tunnelblick.tap kexts" error
-
-This is a common error and suggests that you have a conflict with other VPN software. Please see the [following solution](https://tunnelblick.net/cCommonProblems.html#an-openvpn-log-entry-says-tunnelblick-openvpnstart-status-247-error-unable-to-load-net.tunnelblick.tun-andor-net.tunnelblick.tap-kexts-in-5-tries.-status-71) on the Tunnelblick website.
diff --git a/src/content/es/pages/knowledgebase/macos/tunnelblick-why-is-the-dns-server-incorrect.md b/src/content/es/pages/knowledgebase/macos/tunnelblick-why-is-the-dns-server-incorrect.md
deleted file mode 100644
index 3f841c969..000000000
--- a/src/content/es/pages/knowledgebase/macos/tunnelblick-why-is-the-dns-server-incorrect.md
+++ /dev/null
@@ -1,16 +0,0 @@
----
-title: Tunnelblick - Why is the DNS server incorrect? - IVPN Help
-h1: Tunnelblick - Why is the DNS server incorrect?
-url: /knowledgebase/macos/tunnelblick-why-is-the-dns-server-incorrect/
-sections:
-    - macos
-    - troubleshooting
-sectionTitle: macOS
-layout: help-details
-weight: 20
----
-# Tunnelblick - Why is the DNS server incorrect?
-
-Tunnelblick will automatically configure your macOS to use our private DNS servers when a VPN connection is established. If you are using DHCP, please ensure that you check the `Set nameserver` checkbox.
-
-However, if you have manually configured DNS servers, then regardless of the state of `Set nameserver`, your manually configured DNS servers will always be the only ones used. We strongly recommend that you configure your device to use DHCP and use the `Set nameserver` option to ensure that your privacy is not compromised due to DNS leaks.
diff --git a/src/content/es/pages/knowledgebase/macos/what-macos-version-is-required-for-ivpn-client.md b/src/content/es/pages/knowledgebase/macos/what-macos-version-is-required-for-ivpn-client.md
deleted file mode 100644
index 1fd63fec1..000000000
--- a/src/content/es/pages/knowledgebase/macos/what-macos-version-is-required-for-ivpn-client.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-title: What macOS version is required for IVPN client? - IVPN Help
-h1: What macOS version is required for IVPN client?
-url: /knowledgebase/macos/what-macos-version-is-required-for-ivpn-client/
-sections:
-    - macos
-sectionTitle: macOS
-layout: help-details
-weight: 130
----
-# What macOS version is required for IVPN client?
-
-To use our native IVPN client, your macOS is required to be not older than version 10.10.
-
-macOS version 10.14 or later is [required](https://apps.apple.com/us/app/wireguard/id1451685025?mt=12) to use WireGuard VPN protocol.
diff --git a/src/content/es/pages/knowledgebase/macos/why-is-ivpn-agent-daemon-always-running.md b/src/content/es/pages/knowledgebase/macos/why-is-ivpn-agent-daemon-always-running.md
deleted file mode 100644
index 4133b542f..000000000
--- a/src/content/es/pages/knowledgebase/macos/why-is-ivpn-agent-daemon-always-running.md
+++ /dev/null
@@ -1,28 +0,0 @@
----
-title: Why is IVPN agent daemon always running? - IVPN Help
-h1: Why is IVPN agent daemon always running?
-url: /knowledgebase/macos/why-is-ivpn-agent-daemon-always-running/
-sections:
-    - macos
-    - troubleshooting
-sectionTitle: macOS
-layout: help-details
-weight: 100
----
-# Why is IVPN agent daemon always running?
-
-The IVPN App has a client-server architecture. The IVPN agent runs as a daemon and is responsible for establishing connections, spawning OpenVPN processes, managing WireGuard interfaces, handling firewall rules, etc., whilst the client UI that you interact with is a separate component that communicates with the agent.
-
-Disabling the helper agent will cause the IVPN App to cease functioning.  In order to implement various security features, such as the Always-On firewall, it is important that the agent daemon is always running.
-
-<div markdown="1" class="notice notice--warning">
-Please note that by following the instructions below, the IVPN App and the privacy and security features it provides, like the Always-On firewall, will no longer function correctly.
-</div>
-
-1.  Quit the IVPN client by clicking on the menu bar icon and selecting `Quit`.
-
-1.  Stop the agent daemon by opening the macOS system `Settings > General > Login Items` and toggling the **IVPN** or **Privatus Limited** entry to `OFF`.  Confirm the change with your macOS user password or biometrics.
-
-Re-enable the agent daemon by toggling that name login item entry to `ON`.   Confirm the change with your macOS user password or biometrics, then open the IVPN App and click on the `Retry..` button.
-
-
diff --git a/src/content/es/pages/knowledgebase/mp/_index.md b/src/content/es/pages/knowledgebase/mp/_index.md
deleted file mode 100644
index da265520e..000000000
--- a/src/content/es/pages/knowledgebase/mp/_index.md
+++ /dev/null
@@ -1,8 +0,0 @@
----
-title: Media Players - IVPN Help
-url: /knowledgebase/mp/
-section: mp
-layout: help
----
-## Media Players
-
diff --git a/src/content/es/pages/knowledgebase/mp/connecting-to-ivpn-on-amazon-fire-tv.md b/src/content/es/pages/knowledgebase/mp/connecting-to-ivpn-on-amazon-fire-tv.md
deleted file mode 100644
index ccb18c0f5..000000000
--- a/src/content/es/pages/knowledgebase/mp/connecting-to-ivpn-on-amazon-fire-tv.md
+++ /dev/null
@@ -1,36 +0,0 @@
----
-title: Connecting to IVPN on Amazon Fire TV - IVPN Help
-h1: Connecting to IVPN on Amazon Fire TV
-url: /knowledgebase/mp/connecting-to-ivpn-on-amazon-fire-tv/
-sections:
-    - mp
-sectionTitle: Media Players
-layout: help-details
-weight: 20
----
-# Connecting to IVPN on Amazon Fire TV
-
-The IVPN App is not currently compatible with the Amazon implementation of Android.  If you would like to use IVPN on your Amazon Fire TV Stick, follow the instructions below to setup a connection using the OpenVPN for Android app.
-
-### Install the OpenVPN for Android app
-
-1. On your Fire device, navigate to `Settings` -> `Developers Options` and enable `Apps from Unknown Sources` and `ADB Debugging`.
-2. Install ES File Explorer app on the Fire device.
-3. Open ES File Explorer and download the latest version of OpenVPN for Android from [here](http://plai.de/android/ics-openvpn-latest-stable.apk)
-
-### Transfer the OpenVPN configuration files
-
-1. Install an FTP client on your computer system.
-2. Generate and download the [IVPN configuration files](/openvpn-config) on your computer system and extract the .ovpn files from the .zip file into a sub-folder.
-3. Open ES File Explorer on the Fire device and navigate to `Network` -> `Remote Manager` on the sidebar.
-4. Enable `Remote Manager` and make sure it gives an IP address for the FTP server.
-5. Enter the FTP server IP address from Remote Manager into the FTP client on the computer system. It may work best if the Fire device and the computer system are on the same network.
-6. Upload the sub-folder with the .ovpn files from your computer system to the Downloads folder on the Fire device via the FTP client.
-7. Disable the `Remote Manager` in the Fire device after the transfer is complete.
-8. In the ES File Explorer, navigate to `Local` -> `Download`. The OpenVPN configuration files should be inside the sub-folder.
-
-### Import the configuration
-
-1. Launch the OpenVPN for Android app.
-2. Follow our [OpenVPN for Android Setup Guide](/setup/android-openvpn-for-android/) starting on step #3.
-3. For the import in step #4, select the ES File Explorer as the navigator and go to the Download folder.
diff --git a/src/content/es/pages/knowledgebase/mp/how-do-i-connect-my-nvidia-shield-device.md b/src/content/es/pages/knowledgebase/mp/how-do-i-connect-my-nvidia-shield-device.md
deleted file mode 100644
index 65408df78..000000000
--- a/src/content/es/pages/knowledgebase/mp/how-do-i-connect-my-nvidia-shield-device.md
+++ /dev/null
@@ -1,25 +0,0 @@
----
-title: How do I connect my Nvidia Shield device? - IVPN Help
-h1: How do I connect my Nvidia Shield device?
-url: /knowledgebase/mp/how-do-i-connect-my-nvidia-shield-device/
-sections:
-    - mp
-sectionTitle: Media Players
-layout: help-details
-weight: 50
----
-# How do I connect my Nvidia Shield device?
-
-The NVIDIA Shield and other similar devices use a limited implementation of Android. Our IVPN App has extra features that work well with the full version of Android, but not so well with limited versions.
-
-The OpenVPN for Android app should work because it's functionality is limited to just the VPN connection. We offer a guide for the [OpenVPN for Android app](/setup/android-openvpn-for-android/).
-
-This app should be available from the Play Store on your NVIDIA device. You will have to find a way to transfer the OpenVPN configuration files from step #1 to your device.
-
-Alternatively, you can consider setting up the VPN connection on the router, which will let all devices that connect to it share this VPN connection, including your Nvidia Shield.
-
-Here, at IVPN, we officially support pfSense, Asus-wrt, OpenWRT, DD-WRT & Tomato router firmware and if your device is one of the latter (or compatible to be flashed with either, which is always done at your own risk) you are very welcome to review our [router setup guides](/setup/router/).
-
-Generally, it is also possible to connect other routers that have **OpenVPN client** support & you can try using the setup guides above as a reference.
-
-Alternatively, you can also order a router with preconfigured IVPN on it from, e.g. [Vilfo](https://www.vilfo.com/providers/ivpn), [Flashrouters](https://www.flashrouters.com/vpn-types/ivpn) or [VPNrouters](https://www.vpnrouters.com/vpn-providers/ivpn-vpn-routers.html).
diff --git a/src/content/es/pages/knowledgebase/mp/how-to-use-ivpn-on-kodi-media-player.md b/src/content/es/pages/knowledgebase/mp/how-to-use-ivpn-on-kodi-media-player.md
deleted file mode 100644
index f0526c89d..000000000
--- a/src/content/es/pages/knowledgebase/mp/how-to-use-ivpn-on-kodi-media-player.md
+++ /dev/null
@@ -1,18 +0,0 @@
----
-title: How to use IVPN on KODI media player? - IVPN Help
-h1: How to use IVPN on KODI media player?
-url: /knowledgebase/mp/how-to-use-ivpn-on-kodi-media-player/
-sections:
-    - mp
-sectionTitle: Media Players
-layout: help-details
-weight: 30
----
-# How to use IVPN on KODI media player?
-
-To connect to an IVPN server on KODI media player, follow the steps below:
-
-1. Download the latest OpenVPN for Kodi release [from GitHub](https://github.com/brianhornsby/script.openvpn/releases).
-2. In your Kodi system, head to `System -> Settings -> Add-ons -> Install from zip file`. Choose the file you downloaded in the previous step. For more info see the [Kodi wiki](http://kodi.wiki/view/HOW-TO:Install_an_Add-on_from_a_zip_file).
-3. Download our [.ovpn config files](/openvpn-config). Unzip the archive & upload them to your Kodi system.
-4. Launch OpenVPN for Kodi addon, choose the .ovpn config file with the desired server location, import & connect.
diff --git a/src/content/es/pages/knowledgebase/mp/is-ivpn-compatible-with-appletv.md b/src/content/es/pages/knowledgebase/mp/is-ivpn-compatible-with-appletv.md
deleted file mode 100644
index 8506a0327..000000000
--- a/src/content/es/pages/knowledgebase/mp/is-ivpn-compatible-with-appletv.md
+++ /dev/null
@@ -1,29 +0,0 @@
----
-title: Is IVPN compatible with AppleTV? - IVPN Help
-h1: Is IVPN compatible with AppleTV?
-url: /knowledgebase/mp/is-ivpn-compatible-with-appletv/
-sections:
-    - mp
-sectionTitle: Media Players
-layout: help-details
-weight: 40
----
-# Is IVPN compatible with AppleTV?
-
-No AppleTV app is currently available.
-
-IVPN is a privacy-focused VPN service and access to streaming services is [never guaranteed](/knowledgebase/general/can-i-access-hulu-or-netflix-or-bbc-iplayer-using-ivpn/).
-
-One way to make use of our VPN service on an AppleTV device is to set up a router with a VPN connection, which the AppleTV connects through. This method provides a VPN connection to all the devices on your network.
-
-We support a variety of router firmware projects and [setup guides are available](/setup/router/).
-
-If your router accepts a configuration file, OpenVPN and WireGuard configuration file generators are available on the router setup page above.
-
-Otherwise, it may be possible to flash custom firmware onto the router. Please note that you assume all risks in flashing your device. You can buy "pre-flashed" routers online if you prefer not to do this yourself:
-
-* [FlashRouters](https://www.flashrouters.com/vpn-types/ivpn)
-
-Vilfo offers a dedicated VPN router with IVPN pre-configured. When you receive the router all you need to do is enter your IVPN Account ID (starts with ivpn) to connect.
-
-* [Vilfo router](https://www.vilfo.com/providers/ivpn?ref=ivpn) - Please note that if you purchase a router from Vilfo we receive a commission.
diff --git a/src/content/es/pages/knowledgebase/passwords/_index.md b/src/content/es/pages/knowledgebase/passwords/_index.md
deleted file mode 100644
index 5e6c6b77f..000000000
--- a/src/content/es/pages/knowledgebase/passwords/_index.md
+++ /dev/null
@@ -1,7 +0,0 @@
----
-title: Passwords - IVPN Help
-url: /knowledgebase/passwords/
-section: passwords
-layout: help
----
-## Passwords
diff --git a/src/content/es/pages/knowledgebase/passwords/how-do-i-change-my-password.md b/src/content/es/pages/knowledgebase/passwords/how-do-i-change-my-password.md
deleted file mode 100644
index 5a38eaae6..000000000
--- a/src/content/es/pages/knowledgebase/passwords/how-do-i-change-my-password.md
+++ /dev/null
@@ -1,18 +0,0 @@
----
-title: How do I change my password? - IVPN Help
-h1: How do I change my password?
-url: /knowledgebase/passwords/how-do-i-change-my-password/
-sections:
-    - passwords
-    - troubleshooting
-sectionTitle: Passwords
-layout: help-details
-weight: 30
----
-# How do I change my password?
-
-For IVPN Account IDs like **i-XXXX-XXXX-XXXX**, no password is required by default.  If you have added an email address and password to your account, log into the [Account Area](/account/login/#id), click the `Account Settings` link, and click the pen icon beside **Password** on the `Authentication` tab.
-
-For IVPN Account IDs like **ivpnXXXXXXXX**, log into the [Account Area](/account/login/#email), and click the `Change Password` link on the left side of the page.
-
-If you are not logged in to the Account Area or if you no longer have access to your password, request a [password reset](/recover/password/).
diff --git a/src/content/es/pages/knowledgebase/passwords/i-forgot-my-ivpn-account-id-what-should-i-do.md b/src/content/es/pages/knowledgebase/passwords/i-forgot-my-ivpn-account-id-what-should-i-do.md
deleted file mode 100644
index 5d4286124..000000000
--- a/src/content/es/pages/knowledgebase/passwords/i-forgot-my-ivpn-account-id-what-should-i-do.md
+++ /dev/null
@@ -1,33 +0,0 @@
----
-title: I forgot my IVPN Account ID. What should I do? - IVPN Help
-h1: I forgot my IVPN Account ID. What should I do?
-url: /knowledgebase/passwords/i-forgot-my-ivpn-account-id-what-should-i-do/
-sections:
-    - passwords
-    - troubleshooting
-sectionTitle: Passwords
-layout: help-details
-weight: 10
----
-# I forgot my IVPN Account ID. What should I do?
-
-The IVPN Account ID looks with `i-XXXX-XXXX-XXXX` or `ivpnXXXXXXXX`.
-
-To locate the IVPN Account ID in the original, `ivpnXXXXXXXX` format, log into the [Client Area](/account/) with your email address and your current password.
-
-Your IVPN Account ID can also be found in the **Settings > Account** area in the IVPN App for all platforms.  Click or tap the **Account** icon (minimalist head-with-shoulders button on the app's main screen) to access the Account screen.
-
-We can also try and look up your IVPN Account ID if you send us an email (support@ivpn.net) with the information of your last purchase.  Use [PGP encryption](/knowledgebase/general/how-do-i-send-a-secure-pgp-encrypted-email-to-ivpn/) for the message if you prefer.
-
-For card payments made on our website, provide:
-- **first 6 digits** of the card 
-- **last 4 digits** of the card 
-- **expiry date** of the card 
-
-For PayPal, Bitcoin, or Monero payments, provide the **transaction ID**.
-
-For Android payments, provide the **Google Invoice ID** (starts with [GPA](https://support.google.com/store/answer/6160235)).
-
-If there was a successful payment to Apple, please provide us with the [invoice from Apple](https://support.apple.com/en-gb/HT204088).  The personal details, like mailing address and email address, are not required, though we do need to see the Invoice ID and Document Number from Apple.
-
-For voucher payments, provide the **voucher code**.
diff --git a/src/content/es/pages/knowledgebase/passwords/i-forgot-my-password-what-should-i-do.md b/src/content/es/pages/knowledgebase/passwords/i-forgot-my-password-what-should-i-do.md
deleted file mode 100644
index b5c6968d0..000000000
--- a/src/content/es/pages/knowledgebase/passwords/i-forgot-my-password-what-should-i-do.md
+++ /dev/null
@@ -1,20 +0,0 @@
----
-title: I forgot my password. What should I do? - IVPN Help
-h1: I forgot my password. What should I do?
-url: /knowledgebase/passwords/i-forgot-my-password-what-should-i-do/
-sections:
-    - passwords
-    - troubleshooting
-sectionTitle: Passwords
-layout: help-details
-weight: 20
----
-# I forgot my password. What should I do?
-
-Navigate to the [password reset](/recover/password/) page and enter your email address. You will receive instructions via email on how to reset your password. Once reset, you can log in to the Client Area using your email address and your new password.
-
-IVPN accounts created after November 2020 with an Account ID format like `i-XXXX-XXXX-XXXX` use no email or password by default.  If you have added an email and password, the password reset link above is available.  Check [this article](/knowledgebase/passwords/i-forgot-my-ivpn-account-id-what-should-i-do/) if you no longer have your Account ID.
-
-<div markdown="1" class="notice notice--info">
-If you have forgotten the email address you signed up with or no longer have access to it please <a href="/contactus/">contact us</a>.
-</div>
diff --git a/src/content/es/pages/knowledgebase/privacy/_index.md b/src/content/es/pages/knowledgebase/privacy/_index.md
deleted file mode 100644
index 535a63451..000000000
--- a/src/content/es/pages/knowledgebase/privacy/_index.md
+++ /dev/null
@@ -1,7 +0,0 @@
----
-title: Privacy - IVPN Help
-url: /knowledgebase/privacy/
-section: privacy
-layout: help
----
-## Privacy
diff --git a/src/content/es/pages/knowledgebase/privacy/do-you-collect-or-store-any-usageorstats-information-relating-to-an-account.md b/src/content/es/pages/knowledgebase/privacy/do-you-collect-or-store-any-usageorstats-information-relating-to-an-account.md
deleted file mode 100644
index 3c329707c..000000000
--- a/src/content/es/pages/knowledgebase/privacy/do-you-collect-or-store-any-usageorstats-information-relating-to-an-account.md
+++ /dev/null
@@ -1,14 +0,0 @@
----
-title: Do you collect or store any usage/stats information relating to an account? - IVPN Help
-h1: Do you collect or store any usage/stats information relating to an account?
-url: /knowledgebase/privacy/do-you-collect-or-store-any-usageorstats-information-relating-to-an-account/
-sections:
-    - privacy
-    - general
-sectionTitle: Privacy
-layout: help-details
-weight: 50
----
-# Do you collect or store any usage/stats information relating to an account?
-
-Unlike many service providers, IVPN purposefully does not log any usage data associated with an account as we provide an unlimited and unrestricted quota free service.
diff --git a/src/content/es/pages/knowledgebase/privacy/do-you-store-any-logs-that-could-be-used-to-identify-a-customer.md b/src/content/es/pages/knowledgebase/privacy/do-you-store-any-logs-that-could-be-used-to-identify-a-customer.md
deleted file mode 100644
index 8c641541c..000000000
--- a/src/content/es/pages/knowledgebase/privacy/do-you-store-any-logs-that-could-be-used-to-identify-a-customer.md
+++ /dev/null
@@ -1,14 +0,0 @@
----
-title: Do you store any logs that could be used to identify a customer? - IVPN Help
-h1: Do you store any logs that could be used to identify a customer?
-url: /knowledgebase/privacy/do-you-store-any-logs-that-could-be-used-to-identify-a-customer/
-sections:
-    - privacy
-    - general
-sectionTitle: Privacy
-layout: help-details
-weight: 10
----
-# Do you store any logs that could be used to identify a customer?
-
-Our VPN servers do not store any logs that could be used to identify a customer. This is [backed up by a no-logs audit](/blog/ivpn-no-logging-claim-verified-by-independent-audit/) conducted by independent security researchers. For more info see our simple [Privacy Policy](/privacy/).
diff --git a/src/content/es/pages/knowledgebase/privacy/does-ivpn-offer-perfect-forward-secrecy-pfs.md b/src/content/es/pages/knowledgebase/privacy/does-ivpn-offer-perfect-forward-secrecy-pfs.md
deleted file mode 100644
index 2be9ffec9..000000000
--- a/src/content/es/pages/knowledgebase/privacy/does-ivpn-offer-perfect-forward-secrecy-pfs.md
+++ /dev/null
@@ -1,16 +0,0 @@
----
-title: Does IVPN offer Perfect Forward Secrecy (PFS)? - IVPN Help
-h1: Does IVPN offer Perfect Forward Secrecy (PFS)?
-url: /knowledgebase/privacy/does-ivpn-offer-perfect-forward-secrecy-pfs/
-sections:
-    - privacy
-    - general
-sectionTitle: Privacy
-layout: help-details
-weight: 40
----
-# Does IVPN offer Perfect Forward Secrecy (PFS)?
-
-Yes, our OpenVPN servers are configured to automatically generate new encryption keys every hour. If an adversary was able to crack the encryption key, they would only be able to decrypt the traffic captures since the last key rotation.
-
-To give you some idea of the requirements to brute force an AES 256 bit key, 50 supercomputers that could check a billion billion (10^18) AES keys per second. If such a device could ever be made it would, in theory, require about 3 × 10^51 years to exhaust the 256-bit key space.
diff --git a/src/content/es/pages/knowledgebase/privacy/how-do-i-know-when-iandsharp039m-protected-by-ivpn.md b/src/content/es/pages/knowledgebase/privacy/how-do-i-know-when-iandsharp039m-protected-by-ivpn.md
deleted file mode 100644
index bb45e1f05..000000000
--- a/src/content/es/pages/knowledgebase/privacy/how-do-i-know-when-iandsharp039m-protected-by-ivpn.md
+++ /dev/null
@@ -1,16 +0,0 @@
----
-title: How Do I Know When I'm Protected by IVPN? - IVPN Help
-h1: How Do I Know When I'm Protected by IVPN?
-url: /knowledgebase/privacy/how-do-i-know-when-iandsharp039m-protected-by-ivpn/
-sections:
-    - privacy
-    - general
-sectionTitle: Privacy
-layout: help-details
-weight: 20
----
-# How do I know when I'm protected by IVPN?
-
-To quickly check if your VPN is working you can use a website such as [infosniper.net](https://www.infosniper.net/) or [dnsleaktest.com](https://www.dnsleaktest.com/). When you are connected and navigate to one of these websites, you should see an indication of the location of the server you are connected to and not your present location. This gives you reasonable assurance that your traffic is routed through the VPN service. However, for more advanced users requiring a high level of security, we recommend reviewing our guide [How to perform a VPN leak test](/privacy-guides/how-to-perform-a-vpn-leak-test/) to test that your VPN is not leaking any packets.
-
-When using the website above please note that geolocation data is not 100% accurate. For geolocation providers (such as those above) determining the country is relatively accurate (95%-99%) since the `country` is required information when an IP range is allocated and IP registrars supply that information for free. Determining the physical location down to a city is more difficult and less accurate because there is no official source for the information and Internet service providers often locate IP addresses to the city where the company bases its operations. Accuracy rates for `city` is 50-80% according to dnsstuff.com. If you would like a more accurate tool to determine the location try using [Visual traceroute](https://www.yougetsignal.com/tools/visual-tracert/).
diff --git a/src/content/es/pages/knowledgebase/privacy/how-do-we-react-when-requested-by-an-authority-for-information-relating-to-a-customer.md b/src/content/es/pages/knowledgebase/privacy/how-do-we-react-when-requested-by-an-authority-for-information-relating-to-a-customer.md
deleted file mode 100644
index 58a674e06..000000000
--- a/src/content/es/pages/knowledgebase/privacy/how-do-we-react-when-requested-by-an-authority-for-information-relating-to-a-customer.md
+++ /dev/null
@@ -1,16 +0,0 @@
----
-title: How do we react when requested by an authority for information relating to a customer? - IVPN Help
-h1: How do we react when requested by an authority for information relating to a customer?
-url: /knowledgebase/privacy/how-do-we-react-when-requested-by-an-authority-for-information-relating-to-a-customer/
-sections:
-    - privacy
-    - general
-sectionTitle: Privacy
-layout: help-details
-weight: 60
----
-# How do we react when requested by an authority for information relating to a customer?
-
-The company is incorporated in Gibraltar. If a court order is received from a recognized legal authority with jurisdiction over IVPN, then the company will comply with that order. However, the company cannot be compelled to hand over information which it does **not** have. Our [Legal Guidelines](/legal-process-guidelines/) page has more details.
-
-When a customer signs up we [do not request any personal information](/knowledgebase/privacy/what-information-do-you-collect-and-store-when-i-signup-for-your-service/). If it ever becomes required by law for us to keep a persistent log of our customers' connections or any personal data relating to their network activity, we will immediately notify our customers and do everything in our power to move jurisdictions or close the service to protect those who entrust their privacy to us.
diff --git a/src/content/es/pages/knowledgebase/privacy/what-happens-if-laws-change-forcing-ivpn-to-compromise-their-customers-privacy.md b/src/content/es/pages/knowledgebase/privacy/what-happens-if-laws-change-forcing-ivpn-to-compromise-their-customers-privacy.md
deleted file mode 100644
index 3b01976fd..000000000
--- a/src/content/es/pages/knowledgebase/privacy/what-happens-if-laws-change-forcing-ivpn-to-compromise-their-customers-privacy.md
+++ /dev/null
@@ -1,14 +0,0 @@
----
-title: What happens if laws change forcing IVPN to compromise their customers' privacy? - IVPN Help
-h1: What happens if laws change forcing IVPN to compromise their customers' privacy?
-url: /knowledgebase/privacy/what-happens-if-laws-change-forcing-ivpn-to-compromise-their-customers-privacy/
-sections:
-    - privacy
-    - general
-sectionTitle: Privacy
-layout: help-details
-weight: 70
----
-# What happens if laws change forcing IVPN to compromise their customers' privacy?
-
-IVPN is committed to keeping its customers informed of any serious legislative threats to our service. If the laws in our jurisdiction change in a way that prevents us from upholding our privacy policy we will always inform our customers before those laws are enacted. We will also allow customers to cancel their subscription and will refund any fees that cover the remainder of their subscription period.
diff --git a/src/content/es/pages/knowledgebase/privacy/what-happens-if-you-receive-a-legal-notice-such-as-a-dmca-for-copyright-material-that-i-have-downloaded.md b/src/content/es/pages/knowledgebase/privacy/what-happens-if-you-receive-a-legal-notice-such-as-a-dmca-for-copyright-material-that-i-have-downloaded.md
deleted file mode 100644
index 2d508faf7..000000000
--- a/src/content/es/pages/knowledgebase/privacy/what-happens-if-you-receive-a-legal-notice-such-as-a-dmca-for-copyright-material-that-i-have-downloaded.md
+++ /dev/null
@@ -1,14 +0,0 @@
----
-title: What happens if you receive a legal notice such as a DMCA for copyright material that I have downloaded? - IVPN Help
-h1: What happens if you receive a legal notice such as a DMCA for copyright material that I have downloaded?
-url: /knowledgebase/privacy/what-happens-if-you-receive-a-legal-notice-such-as-a-dmca-for-copyright-material-that-i-have-downloaded/
-sections:
-    - privacy
-    - general
-sectionTitle: Privacy
-layout: help-details
-weight: 30
----
-# What happens if you receive a legal notice such as a DMCA for copyright material that I have downloaded?
-
-When our customers are connected to our VPN service with the IVPN App's kill switch firewall active, their real details, like IP address and location, remain private, so such notices are directed to IVPN and our legal department will issue an appropriate response. Since we store no connection logs, we couldn't associate a request with a customer identity even if legally compelled to do so.
diff --git a/src/content/es/pages/knowledgebase/privacy/what-information-do-you-collect-and-store-when-i-signup-for-your-service.md b/src/content/es/pages/knowledgebase/privacy/what-information-do-you-collect-and-store-when-i-signup-for-your-service.md
deleted file mode 100644
index 1ced03bfa..000000000
--- a/src/content/es/pages/knowledgebase/privacy/what-information-do-you-collect-and-store-when-i-signup-for-your-service.md
+++ /dev/null
@@ -1,22 +0,0 @@
----
-title: What information do you collect and store when I sign up for your service? - IVPN Help
-h1: What information do you collect and store when I sign up for your service?
-url: /knowledgebase/privacy/what-information-do-you-collect-and-store-when-i-signup-for-your-service/
-sections:
-    - privacy
-    - general
-sectionTitle: Privacy
-layout: help-details
-weight: 80
----
-# What information do you collect and store when I sign up for your service?
-
-To maximize your privacy, you will not be asked for any personal information like your name, physical address, phone number, and even email address. This also means that we have no way to contact you in the event of any account issues, network downtime, etc. If you wish to provide us with an email address so we can contact you about future issues you can optionally add one in the client area after signup. We will also not log any personally identifiable information e.g. IP address.
-
-Depending on how payment for the service is made, some payment information may be related to your account. For example, if PayPal is used to pay for the service, a PayPal transaction ID will be associated with your account (as well as the subscription ID if a PayPal subscription has been set up).
-
-| Date of payment | Amount | Payment method | Transaction ID | Subscription ID |
-|---|---|---|---|---|
-| 2020-01-24 | $100 | Paypal | XXX | XXX |
-
-IVPN is subject to EU law and is in compliance with the EU Data Protection Directive (Directive 95/46/EC), which prohibits companies from transferring data to overseas jurisdictions with weaker privacy laws. IVPN will not locate servers in countries where it's forced to break this compliance. Due to the nature of our logging practices, VPN servers do not contain any personally identifiable information and thus, if seized, could not be used to identify users.
diff --git a/src/content/es/pages/knowledgebase/privacy/what-information-is-collected-and-stored-about-all-visitors-to-your-website.md b/src/content/es/pages/knowledgebase/privacy/what-information-is-collected-and-stored-about-all-visitors-to-your-website.md
deleted file mode 100644
index ce3aad9d2..000000000
--- a/src/content/es/pages/knowledgebase/privacy/what-information-is-collected-and-stored-about-all-visitors-to-your-website.md
+++ /dev/null
@@ -1,14 +0,0 @@
----
-title: What information is collected and stored about all visitors to your website? - IVPN Help
-h1: What information is collected and stored about all visitors to your website?
-url: /knowledgebase/privacy/what-information-is-collected-and-stored-about-all-visitors-to-your-website/
-sections:
-    - privacy
-    - general
-sectionTitle: Privacy
-layout: help-details
-weight: 90
----
-# What information is collected and stored about all visitors to your website?
-
-IVPN uses [Matomo](https://matomo.org/) (formerly called Piwik) to analyze and aggregate information about our website visitors. When your web browser loads a page on our site, a small snippet of JavaScript code is executed within your browser which submits information about the device from which you are connecting such as your browser user-agent, language, screen resolution, referring website, a redacted IP address (167.114.18.34 becomes 167.114.0.0), etc. to a private server operated by IVPN. None of this information is personally identifying and is never shared with 3rd parties.
diff --git a/src/content/es/pages/knowledgebase/privacy/what-information-is-stored-when-i-stop-using-your-service.md b/src/content/es/pages/knowledgebase/privacy/what-information-is-stored-when-i-stop-using-your-service.md
deleted file mode 100644
index 115d94126..000000000
--- a/src/content/es/pages/knowledgebase/privacy/what-information-is-stored-when-i-stop-using-your-service.md
+++ /dev/null
@@ -1,20 +0,0 @@
----
-title: What information is stored when I stop using your service? - IVPN Help
-h1: What information is stored when I stop using your service?
-url: /knowledgebase/privacy/what-information-is-stored-when-i-stop-using-your-service/
-sections:
-    - privacy
-    - general
-sectionTitle: Privacy
-layout: help-details
-weight: 100
----
-# What information is stored when I stop using your service?
-
-When a VPN account is terminated on our network due to the subscription ending, non-payment or for any other reason, all data associated with that VPN account including the account itself (with the exception of the accounting data below) is automatically deleted from all systems after 3 months. After the account is deleted the remaining accounting data below has no link to any past account ID. 
-
-If you want to delete your data immediately, simply click on the `Delete account` button within the [Client Area](/account/login/).
-
-| Date of payment | Amount | Payment method | Transaction ID | Subscription ID |
-|---|---|---|---|---|
-| 2020-01-24 | $100 | Paypal | XXX | XXX |
diff --git a/src/content/es/pages/knowledgebase/routers/_index.md b/src/content/es/pages/knowledgebase/routers/_index.md
deleted file mode 100644
index 949b38c55..000000000
--- a/src/content/es/pages/knowledgebase/routers/_index.md
+++ /dev/null
@@ -1,8 +0,0 @@
----
-title: Routers - IVPN Help
-url: /knowledgebase/routers/
-section: routers
-layout: help
----
-## Routers
-
diff --git a/src/content/es/pages/knowledgebase/routers/dd-wrt-how-do-i-exclude-hosts-or-bypass-vpn-tunnel.md b/src/content/es/pages/knowledgebase/routers/dd-wrt-how-do-i-exclude-hosts-or-bypass-vpn-tunnel.md
deleted file mode 100644
index 039c27678..000000000
--- a/src/content/es/pages/knowledgebase/routers/dd-wrt-how-do-i-exclude-hosts-or-bypass-vpn-tunnel.md
+++ /dev/null
@@ -1,64 +0,0 @@
----
-title: DD-WRT - How do I exclude hosts / bypass VPN tunnel? - IVPN Help
-h1: DD-WRT - How do I exclude hosts / bypass VPN tunnel?
-url: /knowledgebase/routers/dd-wrt-how-do-i-exclude-hosts-or-bypass-vpn-tunnel/
-sections:
-    - routers
-    - troubleshooting
-sectionTitle: Routers
-layout: help-details
-weight: 10
----
-# DD-WRT - How do I exclude hosts / bypass VPN tunnel?
-
-<div markdown="1" class="notice notice--warning">
-We do not provide support in getting this functionality working on your DD-WRT router. You agree to use these scripts at your own risk.
-</div>
-
-### WireGuard
-
-1. Go to `SETUP` / `TUNNELS`
-
-2. Set **Advanced settings**: Enable
-
-3. Set **Policy Based Routing**: Enter the IP address list in a CIDR notation.
-
-![](/images-static/uploads/ddwrt-pbr.png)
-
-<div markdown="1" class="notice notice--info">
-The hosts with the IP addresses specified in the Policy Based Routing (PBR) field will be routed via the WireGuard interface. Everything else will bypass the VPN tunnel and use the WAN interface instead.<br><br>
-The IP addresses are entered in a CIDR notation as a comma delimited list (no comma at the beginning and at the end).<br><br>
-When the list starts with a '#' symbol, all entries are ignored and PBR is disabled. This allows you to preserve the list for future use.<br><br>
-You can also specify a range of IPs by entering, e.g. - 192.168.1.64/26.
-</div>
-
-### OpenVPN
-
-1.  Go to `ADMINISTRATION` / `COMMANDS` / `COMMAND SHELL`. Enter the following commands whilst substituting the IPs you wish to bypass the VPN (each IP separated by a space character):
-
-    ```
-    nvram set no_vpn_lst="192.168.1.5 192.168.1.6 192.168.1.7"
-    nvram commit
-    ```
-
-2.  Copy the script from below into the COMMAND SHELL and click on `Save Custom Script`
-
-    ```
-    #!/bin/sh
-    sleep 30
-    NO_VPN_LST=`nvram get no_vpn_lst`
-    [ -z "$NO_VPN_LST" ] && exit 0
-    WAN_GWAY="0.0.0.0"
-    while [ $WAN_GWAY == "0.0.0.0" ]; do
-    sleep 3
-    WAN_GWAY=`nvram get wan_gateway`
-    done
-    ip route add default via $WAN_GWAY table 10
-    for ipa in $NO_VPN_LST; do
-    ip rule add from $ipa table 10
-    done
-    ip route flush cache
-    exit 0
-    ```
-
-3.  Reboot. Now the devices with the IPs on your list will be routed outside the OpenVPN tunnel.
diff --git a/src/content/es/pages/knowledgebase/routers/dd-wrt-tls-errors-incoming-plaintext-read-error-etc.md b/src/content/es/pages/knowledgebase/routers/dd-wrt-tls-errors-incoming-plaintext-read-error-etc.md
deleted file mode 100644
index 1602073cf..000000000
--- a/src/content/es/pages/knowledgebase/routers/dd-wrt-tls-errors-incoming-plaintext-read-error-etc.md
+++ /dev/null
@@ -1,20 +0,0 @@
----
-title: DD-WRT - TLS errors - incoming plaintext read error etc. - IVPN Help
-h1: DD-WRT - TLS errors - incoming plaintext read error etc.
-url: /knowledgebase/routers/dd-wrt-tls-errors-incoming-plaintext-read-error-etc/
-sections:
-    - routers
-    - troubleshooting
-sectionTitle: Routers
-layout: help-details
-weight: 20
----
-# DD-WRT - TLS errors - incoming plaintext read error etc.
-
-This error usually means that you have configured the incorrect TLS cipher. Add the block below to the contents of the 'additional config' field on the OpenVPN client settings page:
-
-```
-cipher AES-256-CBC
-tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA
-auth SHA1
-```
diff --git a/src/content/es/pages/knowledgebase/routers/how-to-enable-a-andsharp039kill-switchandsharp039-in-my-dd-wrtortomato-router.md b/src/content/es/pages/knowledgebase/routers/how-to-enable-a-andsharp039kill-switchandsharp039-in-my-dd-wrtortomato-router.md
deleted file mode 100644
index 823e00fd7..000000000
--- a/src/content/es/pages/knowledgebase/routers/how-to-enable-a-andsharp039kill-switchandsharp039-in-my-dd-wrtortomato-router.md
+++ /dev/null
@@ -1,59 +0,0 @@
----
-title: How to enable a 'Kill switch' in my DD-WRT/Tomato router? - IVPN Help
-h1: How to enable a 'Kill switch' in my DD-WRT/Tomato router?
-url: /knowledgebase/routers/how-to-enable-a-andsharp039kill-switchandsharp039-in-my-dd-wrtortomato-router/
-sections:
-    - routers
-sectionTitle: Routers
-layout: help-details
-weight: 30
----
-# How to enable a 'Kill switch' in my DD-WRT/Tomato router?
-
-To enhance your security and prevent any possible traffic leaking outside VPN tunnel whenever you are unexpectedly disconnected from IVPN, you need to slightly adjust firewall settings in a router you use:
-
-## DD-WRT
-
-### WireGuard:
-
-1.  Go to `Setup` - > `Tunnels`
-
-2.  Check **Kill Switch**
-
-3.  Click the `Save` button, then click the `Apply Settings` button.
-
-4.  Reboot your router.
-
- <div markdown="1" class="notice notice--info">
-    This option will block the traffic only from clients connected via br0 interface. If you have made your own unbridged interfaces you have to add additional rules to your router's iptables firewall accordingly.<br><br>
-    If you use PBR (Policy Based Routing), the Killswitch rules will only apply to IP addresses you have specified in the PBR field. When PBR is disabled, then all LAN clients connected to br0 are blocked from accessing WAN.</div>
-
-### OpenVPN:
-
-1.  Go to `Administration` - > `Commands`
-
-2.  Add the following rules:
-    ```
-    iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
-    iptables -I FORWARD -i tun0 -o br -j ACCEPT
-    iptables -I FORWARD -i br0 -o $(nvram get wan_iface) -j DROP
-    iptables -I INPUT -i tun0 -j REJECT
-    iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
-    ```
-
-3.  Click on `Save Firewall` and Reboot router. 
-
-## Tomato
-
-1.  Go to `Administration` -> `Scripts` > `Firewall`
-
-2.  Add the following rules:  
-    ```
-    iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
-    iptables -I FORWARD -i tun0 -o br -j ACCEPT
-    iptables -I FORWARD -i br0 -o $(nvram get wan_iface) -j DROP
-    iptables -I INPUT -i tun0 -j REJECT
-    iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
-    ```
-
-3.  Save the rule and reboot router.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/_index.md b/src/content/es/pages/knowledgebase/troubleshooting/_index.md
deleted file mode 100644
index 9426681b1..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/_index.md
+++ /dev/null
@@ -1,7 +0,0 @@
----
-title: Troubleshooting - IVPN Help
-url: /knowledgebase/troubleshooting/
-section: troubleshooting
-layout: help
----
-## Troubleshooting
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/error-connecting-to-ivpn-daemon.md b/src/content/es/pages/knowledgebase/troubleshooting/error-connecting-to-ivpn-daemon.md
deleted file mode 100644
index e39e15e92..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/error-connecting-to-ivpn-daemon.md
+++ /dev/null
@@ -1,50 +0,0 @@
----
-title: 'Error Connecting to IVPN Daemon - IVPN Help'
-h1: 'Error Connecting to IVPN Daemon'
-url: /knowledgebase/troubleshooting/error-connecting-to-ivpn-daemon/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 190
----
-# Error Connecting to IVPN Daemon
-
-In some cases, rebooting the computer system is enough to encourage the IVPN App's daemon/service to behave as expected.
-
-For Linux systems, the IVPN App's base package `ivpn` may need to be updated if the graphical interface package `ivpn-ui` has a higher version number.  [Update](https://www.ivpn.net/apps-linux/) the app's base package.
-
-In other cases, restarting the daemon/service may help.  Here are steps to restart the IVPN App's daemon/service manually:
-
-### Windows:
-
-1. Click the `Windows` or `Start` button and type `services.msc`
-1. Right-click the `Services` app and select `Run as Administrator`
-1. Look for the `IVPN Client` service in the list on the right, then right-click on it and choose to restart (if currently in `Enabled` state) or enable (if in `Disabled` state)
-1. Close the properties window, the `Services` window, and any other windows that were opened in this process
-1. Open the IVPN App.  Click "Retry" on the app's window if necessary
-
-
-### macOS:
-
-Run this command in a **Terminal** (Finder > Applications > Utilities > Terminal):
-
-```
-sudo launchctl enable system/net.ivpn.client.Helper
-```
-
-Note: The `sudo` portion of the command requires your macOS password.
-
-Also check that the IVPN App's agent is set to run.  Visit the macOS system `Settings > General > Login Items` area and toggle the **IVPN** or **Privatus Limited** entry to `ON`.  Confirm the change with your macOS user password or biometrics, then open the IVPN App and click on the `Retry..` button.
-
-
-### Linux (systemd):
-
-In a **Terminal**, run this command:
-
-```
-sudo systemctl restart ivpn-service.service
-```
-
-
-If the IVPN App's daemon/service error persists on Windows, macOS, or Linux, reinstalling the app might help.  Generally, we recommend uninstalling the app, rebooting the computer system, then [reinstalling](https://www.ivpn.net/apps/) the app.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/how-can-i-reset-my-dns-settings.md b/src/content/es/pages/knowledgebase/troubleshooting/how-can-i-reset-my-dns-settings.md
deleted file mode 100644
index a267c8392..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/how-can-i-reset-my-dns-settings.md
+++ /dev/null
@@ -1,44 +0,0 @@
----
-title: How can I reset my DNS settings? - IVPN Help
-h1: How can I reset my DNS settings?
-url: /knowledgebase/troubleshooting/how-can-i-reset-my-dns-settings/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 60
----
-# How can I reset my DNS settings?
-
-The following instructions will reset your DNS configuration to that provided by your router/ISP. This is necessary if a VPN client or a DNS leak protection script has crashed and left an unusable DNS configuration. You need to do this if you have Internet connectivity but are unable to browse to any websites i.e. your DNS is most likely not working.
-
-### Windows 10
-
-1. Right click the Start menu, then select `Network Connections`.
-2. Click `Change Adapter Options` below 'Change your network settings'.
-3. Right click on the network connection you're using and select `Properties`.
-4. Click on `Internet protocol Version 4 (TCP/IP v4)` and then on the `Properties` button.
-5. Make sure that you have `Obtain IP Address automatically` and `Obtain DNS Server Automatically` selected. This will configure your device to acquire the settings directly from your modem/router.
-6. Click `OK` and exit all the windows.
-7. Follow the instructions in [How do I clear or flush my DNS cache?](/knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache/) to flush your DNS resolver cache.
-
-### Windows 8
-
-1. Select the `Desktop` from the Start menu.
-2. From the Desktop window, right click the `Networks` icon in the system tray and select `Open Network and Sharing Center`.
-3. Under 'Active Networks' click on the active connection name, usually `Ethernet` or `Local area connection`.
-4. Click on the `Properties` button. This should take you to the `Network Connections Properties` window.
-5. Click on `Internet protocol Version 4 (TCP/IP v4)` and then on the `Properties` button.
-6. Make sure that you have `Obtain IP Address automatically` and `Obtain DNS Server Automatically` selected. This will configure your device to acquire the settings directly from your modem/router.
-7. Click `OK` and exit all the windows.
-8. Follow the instructions in [How do I clear or flush my DNS cache?](/knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache/) to flush your DNS resolver cache.
-
-### macOS
-
-1. Go to `System Preferences`.
-2. Click on `Network`.
-3. Select the first connection in your list and click `Advanced`.
-4. Select the `DNS` tab.
-5. Select any addresses in the list and attempt to remove them using the `-` button. If you cannot select them or the `-` is not active then you are already using your routers DHCP assigned DNS servers.
-6. Click `OK` and exit all the windows.
-7. Follow the instructions in [How do I clear or flush my DNS cache?](/knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache/) to flush your DNS resolver cache.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect.md b/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect.md
deleted file mode 100644
index 6b247b133..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect.md
+++ /dev/null
@@ -1,48 +0,0 @@
----
-title: How do I change the port or protocol used to connect? - IVPN Help
-h1: How do I change the port or protocol used to connect?
-url: /knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 70
----
-# How do I change the port or protocol used to connect?
-
-Changing the port/protocol you use to connect to the VPN can increase your performance in some cases or unblock the connection if a certain port/protocol combination is blocked.  You may need to try multiple combinations to find the ideal setup for your connection.
-
-Different combinations are available for different VPN protocols:
-
-1. OpenVPN: UDP:53, UDP:80, UDP:123, UDP:443, UDP:1194, UDP:2049, UDP:2050, TCP:80, TCP:443, TCP:1194, TCP:1443, TCP:2049, TCP:2050, TCP:30587, TCP:41893, TCP:48574, TCP:58237, and any UDP or TCP port within the 5500-19999, 30000-65000 range.
-2. WireGuard: UDP:53, UDP:80, UDP:123, UDP:443, UDP:500, UDP:1194, UDP:2049, UDP:2050, UDP:4500, UDP:30587, UDP:41893, UDP:48574, UDP:58237, and any UDP port within the 5500-19999, 30000-65000 range.
-
-### For Windows, macOS, Linux, iOS, and Android:
-
-1. Open the IVPN client.
-2. Click on the "Gear" icon at the top right to access `Settings`. 
-3. Go to the `Connection` tab (`VPN protocol` on mobile clients).
-4. Select a different Port/Protocol combination.
-5. Retry the connection and repeat steps 1-4 as necessary.
-
-### Using CLI:
-
-Add the `-port` command argument `ivpn connect -port TCP:443 de.gw.ivpn.net` and try the connection again. You might have to try more than one combination to find the one best suited for your network.
-
-### For manual connection on any other platforms that you connect using our config files:
-
-#### OpenVPN
-<br>
-
-1. Open the .ovpn config file with any text editor and locate line 3 `proto udp` and line 4 `remote xx.gw.ivpn.net 2049`.
-2. Change those values to, e.g. `proto tcp` and `remote xx.gw.ivpn.net 443` (see all available port combinations above).
-3. Save the changes, (if required) create a new VPN profile in your OpenVPN client, and reconnect.
-4. In case the issue persists, go back to step 1 and try a different port.
-
-#### WireGuard
-<br>
-
-1. Open the WireGuard config file with any text editor.
-2. Change the port number in the `Endpoint` field, e.g. `ua1.wg.ivpn.net:443` (see all available port combinations above).
-3. Save the changes, (if required) create a new VPN profile in your WireGuard client, and reconnect.
-4. In case the issue persists, go back to step 1 and try a different port.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache.md b/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache.md
deleted file mode 100644
index 07657c78f..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache.md
+++ /dev/null
@@ -1,39 +0,0 @@
----
-title: How do I clear or flush my DNS cache? - IVPN Help
-h1: How do I clear or flush my DNS cache?
-url: /knowledgebase/troubleshooting/how-do-i-clear-or-flush-my-dns-cache/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 110
----
-# How do I clear or flush my DNS cache?
-
-The following instructions will flush the cache of your DNS resolver. This may be necessary if you are having DNS issues or you have [reset your DNS configuration](/knowledgebase/troubleshooting/how-can-i-reset-my-dns-settings/).
-
-### Windows 8 / Windows 10
-
-1.  On Windows 8 press the `Windows Key` or hover your mouse over the bottom left corner and click the Windows Icon. On Windows 10 click on the start button.
-2.  Begin typing `Command Prompt`.
-3.  Right-click the application and select `Run as Administrator`.
-4.  Enter the following command followed by the enter button:
-    ```
-    ipconfig /flushdns
-    ```
-
-### macOS
-
-1.  Click the `Terminal` icon in the dock or in Finder under Application/Utilities/Terminal.
-2.  Enter the following command followed by the enter button:
-    ```
-    sudo killall -HUP mDNSResponder
-    ```
-
-### Linux
-
-1.  Open a terminal window (gnome-terminal, konsole, xterm, etc.).
-2.  Enter the following command followed by the enter button:
-    ```
-    sudo /etc/init.d/nscd restart
-    ```
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-connect-to-the-vpn-from-a-remote-server.md b/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-connect-to-the-vpn-from-a-remote-server.md
deleted file mode 100644
index 2870a082e..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-connect-to-the-vpn-from-a-remote-server.md
+++ /dev/null
@@ -1,25 +0,0 @@
----
-title: How do I connect to the VPN from a remote server - IVPN Help
-h1: How do I connect to the VPN from a remote server
-url: /knowledgebase/troubleshooting/how-do-i-connect-to-the-vpn-from-a-remote-server/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 200
----
-# How do I connect to the VPN from a remote server
-
-If you attempt to connect to the VPN from a server that you are remotely connected to, you will lose the connection to the server as soon as the VPN connects. This is because the VPN server pushes a new default route that sends the return traffic through the VPN. To prevent this, you'll need to edit the OpenVPN config file for the server you are connecting to and add the line below:
-
-```
-route A.B.C.D 255.255.255.255 net_gateway
-```
-
-where A.B.C.D is the IP address of the device you are connecting from.
-
-If you don't want to route all traffic through the VPN you can reject the default route pushed by the server by adding the directive below to the config file. You will then need to add your own static routes for the addresses you do want to route through the VPN.
-
-```
-route-nopull
-```
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-use-the-ping-command.md b/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-use-the-ping-command.md
deleted file mode 100644
index 8f540eca3..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-use-the-ping-command.md
+++ /dev/null
@@ -1,28 +0,0 @@
----
-title: How do I use the ping command? - IVPN Help
-h1: How do I use the ping command?
-url: /knowledgebase/troubleshooting/how-do-i-use-the-ping-command/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 100
----
-# How do I use the ping command?
-
-You may need to use the "ping" utility to diagnose connectivity or DNS issues if you are having problems browsing websites while connected to the VPN.
-
-### Windows
-1. Open the Start menu.
-2. Start typing `Command Prompt`.
-3. Click `Command Prompt`.
-4. Type `ping 1.1.1.1` *(Replace 1.1.1.1 with the address you wish to ping)*.
-
-### macOS
-1. Open the `Applications` folder then goto `Utilities`.
-2. Click the `Terminal` application.
-3. Type `ping 1.1.1.1` *(Replace 1.1.1.1 with the address you wish to ping)*.
-
-### Linux
-1. Open a new `Terminal window`.
-2. Type `ping 1.1.1.1` *(Replace 1.1.1.1 with the address you wish to ping)*.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-verify-the-location-of-server.md b/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-verify-the-location-of-server.md
deleted file mode 100644
index 7653b3441..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/how-do-i-verify-the-location-of-server.md
+++ /dev/null
@@ -1,52 +0,0 @@
----
-title: How do I verify the location of a server? - IVPN Help
-h1: How do I verify the location of a server?
-url: /knowledgebase/troubleshooting/how-do-i-verify-the-location-of-server/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 220
----
-# How do I verify the location of a server?
-
-Sometimes, when you check the location of a server using IP-based geolocation, the database may say the server is not where it is advertised. This is usually because the database is incorrect.
-
-You can, though, use tools available on the Internet to help verify the approximate location of a server. This technique is based on the understanding that the closer you are to a server the shorter the ping time should be. Whilst this may not be perfect it should be able to help you determine that a server is at least close to its stated location. For example, using a UK-based system I get the following ping times to various locations:
-
-| Location | Destination | Time ms |
-|---|---|---|
-| UK | gb1.gw.ivpn.net (UK) | 48 |
-| UK | fr1.gw.ivpn.net (France) | 49 |
-| UK | us-tx1.gw.ivpn.net (Texas, USA) | 152 |
-| UK | us-ut1.gw.ivpn.net (Utah, USA) | 186 |
-
-From the above, we can tell that the servers in Utah and Texas are further away than the ones in the UK and France but we can't really distinguish between the UK and France. We would need to ping the servers from a number of locations and compare the results to get a more accurate result. This is where Internet-based tools are useful. We will use the CA Technologies [Ping Test tool](https://asm.saas.broadcom.com/). This uses over 90 global locations to ping a server and displays the response time. (Note: The Ping Test tool was available previously, circa 2020, though seems to be behind a paywall/trial. This [ping test](https://www.wormly.com/test-remote-ping) may offer a similar experience without the paywall/trial.) Using the tool we can see (selected results):
-
-| Server: gb1.gw.ivpn.net (London, UK) |   | Server: fr1.gw.ivpn.net (Paris, FR) |
-|---|---|---|---|
-| *Test Location* | *Time ms* | *Test Location* | *Time ms* |
-| Manchester | 6.6 | Manchester | 14 |
-| London | 3.4 | London | 11 |
-| Edinburgh | 2.1 | Edinburgh | 9 |
-| Lille | 12 | Lille | 6 |
-| Milan | 26 | Milan | 20 |
-| Berlin | 21 | Berlin | 24 |
-| Frankfurt | 11 | Frankfurt | 14 |
-
-Interpreting the results: First, this neatly shows that this is not perfect. Edinburgh is geographically further away from London than Manchester but the results don't show this. You should discard outliers like this. For everything else, the closer the test location is to the target server, the shorter the ping time. You can have reasonable confidence that the servers are in the locations stated.
-
-At the time of writing, we have a server in Texas with the IP address 67.228.177.194 that is correctly geolocated. Some of the secondary IP addresses on the Texas server e.g. 67.213.212.242 are incorrectly geolocated* in Utah (the ISP's headquarter location). Let's use the ping test to see what's really happening (selected results):
-
-| Server: 67.228.177.194 (Texas) |   | Server: 67.213.212.242 (Utah) |
-|---|---|---|---|
-| *Test Location* | *Time ms* | *Test Location* | *Time ms* |
-| Atlanta, GA | 19 | Atlanta, GA | 19 |
-| Charlotte, NC | 25 | Charlotte, NC | 25 |
-| Los Angeles, CA | 30 | Los Angeles, CA | 30 |
-| Salt Lake City, UT | 35 | Salt Lake City, UT | 34 |
-| Dallas, TX | 4 | Dallas, TX | 4 |
-
-As you can see, at the time of writing, the ping times for both IP addresses are pretty much the same and Dallas TX is only 4 ms away from both. So we can be fairly sure that the geolocation is incorrect for the IP address 67.213.212.242.
-
-*We have submitted a request to the ISP to have the geolocation updated and they have agreed to do so.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/how-to-disable-enhanced-app-authentication-eaa.md b/src/content/es/pages/knowledgebase/troubleshooting/how-to-disable-enhanced-app-authentication-eaa.md
deleted file mode 100644
index 290723ddd..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/how-to-disable-enhanced-app-authentication-eaa.md
+++ /dev/null
@@ -1,37 +0,0 @@
----
-title: How to Disable Enhanced App Authentication (EAA)
-h1: How to Disable Enhanced App Authentication (EAA)
-url: /knowledgebase/troubleshooting/how-to-disable-enhanced-app-authentication-eaa
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 70
----
-
-# How to Disable Enhanced App Authentication (EAA)
-
-### Via the IVPN App's Graphical Interface
-
-Go to the app's **Settings > Advanced > Enhanced App Authentication** area and click the `Disable` button, enter the EAA password, then click the `Disable` button.
-
-### Via the IVPN App's Command-Line Interface (CLI)
-
-Open a Command Prompt or Terminal and type `ivpn eaa -off`, type the EAA password, then press `Enter/Return`.
-
-### When the EAA Password is Lost
-
-Two options are available:
-
-- Use Windows Administrator access or macOS/Linux superuser (root) access to bypass the EAA password requirement to disable the EAA feature via the IVPN App directly.
-
-    **Windows:** right-click on the **Command Prompt** icon, click `Run as Administrator`. Type `ivpn eaa -off` and press `Enter`
-
-    **macOS/Linux:** In a Terminal, type `sudo ivpn eaa -off` or run `ivpn eaa -off` as root
-
-- EAA is based on a single file, which is protected for reading by a standard computer account with user-level privileges.  This file contains information about the EAA password.  If this file does not exist, EAA is disabled.  Removing this file manually will disable EAA.  Only a privileged user can remove this file (Windows Administrator, macOS/Linux superuser, or root).
-
-    **File locations:**  
-    Windows: `C:\Program Files\IVPN Client\etc\eaa`  
-    macOS: `/Library/Application Support/IVPN/eaa`  
-    Linux: `/opt/ivpn/mutable/eaa`  
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/how-to-submit-vpn-diagnostic-logs-to-ivpn.md b/src/content/es/pages/knowledgebase/troubleshooting/how-to-submit-vpn-diagnostic-logs-to-ivpn.md
deleted file mode 100644
index 12fac385b..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/how-to-submit-vpn-diagnostic-logs-to-ivpn.md
+++ /dev/null
@@ -1,81 +0,0 @@
----
-title: How to submit VPN diagnostic logs to IVPN? - IVPN Help
-h1: How to submit VPN diagnostic logs to IVPN?
-url: /knowledgebase/troubleshooting/how-to-submit-vpn-diagnostic-logs-to-ivpn/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 160
----
-# How to submit VPN diagnostic logs to IVPN?
-
-If you are unable to resolve a technical issue please submit your logs by following the instructions below and contact our [support department](/contactus/) to request that they review them.
-
-### Windows
-
-1. Open the IVPN App and click on the gear icon to access the `Settings` area.
-2. Navigate to the `General` tab.
-3. Check on `Enable logging` and click the `Save` button.
-4. Use the VPN software in such a way that the error may be logged e.g. if you cannot connect then attempt to connect to the VPN.
-5. Go back to `Settings` > `General` and click on the `Submit logs` button.
-
-### macOS
-
-1. Open the IVPN application by clicking on the menu bar icon and then on `Show IVPN`.
-2. Click on the gear button in the top right and select `Preferences`.
-3. Navigate to the `General` tab.
-4. Check `Create log files` and close the window.
-5. Use the VPN software in such a way that the error may be logged e.g. if you cannot connect then attempt to connect to the VPN.
-6. Click on the small IVPN icon in your menu bar and then `Diagnostics logs`. Once the logs have been generated, click on the `Send logs` button.
-
-### Android
-
-1. Launch the IVPN App and tap on the gear icon to access the `Settings` menu.
-2. Click on the `VPN protocol` and select `OpenVPN`.
-3. Return one step back, scroll down, and toggle the `Enable logging` option **on**.
-4. Use the VPN software in such a way that the error may be logged e.g. if you cannot connect then attempt to connect to the VPN.
-5. Access the `Settings` menu once again and click on the `Send Logs` button.
-
-### iOS
-
-1. Launch the IVPN App and tap on the gear icon to access the `Settings` menu.
-2. Toggle the `Diagnostic logs` switch On.
-5. Use the VPN software in such a way that the error may be logged e.g. if you cannot connect then attempt to connect to the VPN.
-6. Access the Settings menu once again and click on the `Send Logs` button.
-
-### Linux
-
-#### GUI
-
-1. Open the IVPN App and click on the gear icon to access the `Settings` area.
-2. Navigate to the `General` tab.
-3. In the `Diagnostics` area, check `Allow logging`, then click the back button.
-4. Use the VPN software in such a way that the error may be logged e.g. if you cannot connect then attempt to connect to the VPN.
-5. Go back to `Settings` > `General` and click on the `Diagnostic logs ...` button to send.
-
-#### CLI
-
-IVPN CLI app stores logs in the following file - `/opt/ivpn/log/IVPN_Agent.log*`. Attach the file(s) to your email message to our support department or copy/paste the file contents into your support request.
-
-#### Manual
-
-1.  If you are using a different VPN client, use 'grep' to filter the OpenVPN logs from the system log e.g.
-    ```
-    sudo grep VPN /var/log/syslog
-    ```
-
-2.  If the step above outputs what appears to be the VPN logs then run the command below to create a log file in your home directory
-    ```
-    sudo grep VPN /var/log/syslog > ~/ivpn.log
-    ```
-
-3.  If you cannot see OpenVPN log entries in syslog, add the following line to the .ovpn file to enable file logging.
-    ```
-    log /var/log/openvpn
-    ```
-
-4.  If you are using NetworkManager, the following command will capture more details and create a file in your home directory:
-    ```
-    egrep -i "vpn|NetworkManager|nm-openvpn|nm-dispatcher" /var/log/syslog > ~/ivpn.log
-    ```
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/i-cannot-access-devices-on-my-local-network-why.md b/src/content/es/pages/knowledgebase/troubleshooting/i-cannot-access-devices-on-my-local-network-why.md
deleted file mode 100644
index c57a6548b..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/i-cannot-access-devices-on-my-local-network-why.md
+++ /dev/null
@@ -1,21 +0,0 @@
----
-title: I cannot access devices on my local network. Why? - IVPN Help
-h1: I cannot access devices on my local network. Why?
-url: /knowledgebase/troubleshooting/i-cannot-access-devices-on-my-local-network-why/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 210
----
-# I cannot access devices on my local network. Why?
-
-Whenever you use any of our desktop apps ([Windows](/apps-windows/), [macOS](/apps-macos/) or [Linux](/apps-linux/)) with the [IVPN Firewall](/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall/) enabled, please, keep in mind that all traffic is routed strictly through the VPN tunnel. This will prevent access to network printers, print servers, media servers, IP cameras, and all other devices on your local network.
-
-If you want to access and use a printer (or any other device) that resides on your local network – in the IVPN client, navigate to `Settings` - `IVPN Firewall` tab and check both `Allow LAN traffic when IVPN Firewall is enabled` and `Allow Multicast...` options.
-
-Enabling these options will allow traffic only between devices that reside on the same local network and subnet mask. If you are unable to access them despite having these options checked, verify the IPs on both devices belong to the same local network and subnet mask.  If devices are on different subnets, add a [firewall exception](/knowledgebase/general/firewall-exceptions/) and a static route to bypass the firewall and gain access.
-
-<div markdown="1" class="notice notice--warning">
-Note: These options will also allow incoming traffic from devices on the same subnet.  It is best to disable these options on public networks.  
-</div>  
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do.md b/src/content/es/pages/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do.md
deleted file mode 100644
index 3a733b994..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do.md
+++ /dev/null
@@ -1,76 +0,0 @@
----
-title: I cannot connect from China / Vietnam / Iran / Russia etc. What can I do? - IVPN Help
-h1: I cannot connect from China / Vietnam / Iran / Russia etc. What can I do?
-url: /knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 130
----
-# I cannot connect from China / Vietnam / Iran / Russia etc. What can I do?
-
-If you are unable to connect from a country where there may be a restrictive national firewall we recommend enabling the **obfsproxy** or **V2Ray** options from within the IVPN client.
-
-When using OpenVPN we offer two solutions, V2Ray and Obfsproxy. For WireGuard, only V2Ray is currently available.
-
-Both solutions generally work well but you may find one solution is more performant and/or reliable depending on multiple variables relating to your location and the path your traffic takes to the VPN server. We recommend experimenting with both Obfsproxy and V2Ray options.
-
-<div markdown="1" class="notice notice--info">
-Obfuscation protocols are currently supported in the IVPN app for Windows, macOS, Linux and iOS (in beta). Adding the feature to the Android app is a work in progress.
-</div>
-
-### Graphical Interface for Windows, macOS, and Linux
-
-1. Click on the `Settings` gear icon.
-2. Click on the `Connection` tab.
-3. Select the preferred obfuscation option from the `Obfuscation` drop-down list.
-4. Exit `Settings` and connect to the VPN.
-
-### Command-Line Interface for Windows, macOS, and Linux
-
-Open a `Command Prompt` (Windows) or `Terminal` (macOS and Linux) and type one of the following commands.  Feel free to adjust the VPN protocol, obfuscation method and the server location as required:
-
-```
-ivpn connect -obfsproxy obfs4_iat1 -any Sweden
-```
-```
-ivpn connect -v2ray quic -p wireguard -fastest
-```
-
-Help is available with more **obfsproxy** & **V2Ray** options:
-
-```
-ivpn connect -h
-```
-
-### iOS
-
-<div markdown="1" class="notice notice--warning">
-Obfuscation with V2Ray on iOS is currently in <a href="/knowledgebase/ios/v2ray/" target="_blank">beta</a>.
-</div>
-
-1. Set the VPN protocol to `WireGuard`.
-2. Navigate to `Settings` - `Advanced` area.
-3. Toggle the `V2Ray` option on and select the preferred protocol.
-4. Exit `Settings` and connect to the VPN.
-
-### Inter-Arrival Timing (IAT) Mode
-
-This option is available for OBFS4 proxy and it is the elapsed time after receipt of a packet until the next packet arrives.  Three different options are available to determines packet segmentation rules:
-- **0 = disabled**: packets are segmented by the network, network fingerprints could be detected
-- **1 = enabled**: packets are segmented by the OBFS4 proxy, maximum payload is 1448 bytes, prevents re-assembly for analysis
-- **2 = paranoid**: random packet size, prevents re-assembly for analysis, uncommon and may or may not offer benefits
-
-There will likely be a performance decrease for the VPN connection with IAT-modes 1 and 2.
-
-### V2Ray options
-
-- **VMESS/QUIC**: a modern protocol designed to provide robust security and high performance, while reducing latency compared to traditional protocols. It makes your data appear as regular HTTPS traffic
-- **VMESS/TCP**: a traditional, widely-used protocol that guarantees reliable, ordered data delivery. It makes your data appear as regular HTTP traffic.
-
-### Will these obfuscation mechanisms stop websites from detecting a VPN connection?
-
-No.
-
-The obfuscation only exists between your device and the VPN server and the mechanism is not designed to bypass VPN blocks on websites, like for video streaming, gambling, or anything with geo-location restrictions.  The IP address on the VPN server for outgoing traffic remains the same whether an obfuscation mechanism is active or not.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/i-cannot-connect-to-the-vpn-what-can-i-do.md b/src/content/es/pages/knowledgebase/troubleshooting/i-cannot-connect-to-the-vpn-what-can-i-do.md
deleted file mode 100644
index 02afc1dd9..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/i-cannot-connect-to-the-vpn-what-can-i-do.md
+++ /dev/null
@@ -1,29 +0,0 @@
----
-title: I cannot connect to the VPN. What can I do? - IVPN Help
-h1: I cannot connect to the VPN. What can I do?
-url: /knowledgebase/troubleshooting/i-cannot-connect-to-the-vpn-what-can-i-do/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 20
----
-# I cannot connect to the VPN. What can I do?
-
-Most connection failures are caused by something blocking the connection to our servers.  Before you begin troubleshooting a blocked connection please check the following:
-
-* Verify that your internet connection is working whilst disconnected from the VPN. Try loading a website or pinging a web address such as `8.8.8.8` or `1.1.1.1`. See [how to run the ping command](/knowledgebase/troubleshooting/how-to-run-the-ping-command/). If you are using the IVPN client, ensure that the IVPN firewall is not activated. If your connection is still not working then you will need to contact your ISP to resolve the issue.
-* Verify that the server you are connecting to is online and available on the [server status](/status/) page.
-* Double-check that you are using the correct IVPN Account ID (ivpnXXXXXXXX or i-XXXX-XXXX-XXXX). For more info see [I receive an 'authentication failure' message. What can I do?](/knowledgebase/troubleshooting/i-receive-an-andsharp039authentication-failureandsharp039-message--what-can-i-do/).
-
-Once you have verified all of the above, proceed to troubleshoot the connection as follows:
-
-1. Try connecting using a different OpenVPN port. See [how to change ports/protocols](/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect/).
-2. Try WireGuard VPN protocol - available in all of our [native apps](/apps/) for macOS, iOS, Windows, Linux and Android.
-3. Try IPSec with IKEv2 VPN protocol. Setup guides can be found [here](/apps/).
-4. Enable the [Obfsproxy](/knowledgebase/troubleshooting/i-cant-connect-from-china-or-vietnam-or-iran-etc-how-do-i-enable-obfsproxy/) feature and retry the connection.
-5. Temporarily disable any firewalls or antivirus software on your computer and retry the connection.
-6. Try another internet connection, some types of connections are particularly problematic such as public hotspots, cellular hotspots and hotel internet connections.
-7. Try another device as there may be an issue with your local device. Our service works with many different devices, see our [setup guides](/apps/).
-
-Still can't connect? Please see [how to submit VPN diagnostic logs to IVPN](/knowledgebase/troubleshooting/how-to-submit-openvpn-diagnostic-data-to-ivpn/) so we can help you diagnose the issue.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/i-lose-internet-connection-when-i-disconnect-from-ivpn-why.md b/src/content/es/pages/knowledgebase/troubleshooting/i-lose-internet-connection-when-i-disconnect-from-ivpn-why.md
deleted file mode 100644
index 2377569ae..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/i-lose-internet-connection-when-i-disconnect-from-ivpn-why.md
+++ /dev/null
@@ -1,17 +0,0 @@
----
-title: I lose Internet connection when I disconnect from IVPN. Why? - IVPN Help
-h1: I lose Internet connection when I disconnect from IVPN. Why?
-url: /knowledgebase/troubleshooting/i-lose-internet-connection-when-i-disconnect-from-ivpn-why/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 240
----
-# I lose Internet connection when I disconnect from IVPN. Why?
-
-Most likely, you have IVPN Firewall (kill switch) enabled. It was designed to ensure that all traffic is routed strictly through the VPN tunnel to prevent any possible leaks or your real IP address from being exposed. Given the latter, it will also block the Internet connection if you disconnect from the IVPN network.
-
-To regain access to the Internet, you must either disable the IVPN Firewall or reconnect to any of the IVPN servers. You may also control its behaviour within the app's `Settings` area - `IVPN Firewall` tab.
-
-Feel free to read more about how our Firewall works [here](/knowledgebase/general/do-you-offer-a-kill-switch-or-vpn-firewall/)
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/i-receive-an-andsharp039authentication-failureandsharp039-message-what-can-i-do.md b/src/content/es/pages/knowledgebase/troubleshooting/i-receive-an-andsharp039authentication-failureandsharp039-message-what-can-i-do.md
deleted file mode 100644
index 5f2bc899c..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/i-receive-an-andsharp039authentication-failureandsharp039-message-what-can-i-do.md
+++ /dev/null
@@ -1,18 +0,0 @@
----
-title: I receive an 'authentication failure' message. What can I do? - IVPN Help
-h1: I receive an 'authentication failure' message. What can I do?
-url: /knowledgebase/troubleshooting/i-receive-an-andsharp039authentication-failureandsharp039-message-what-can-i-do/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 80
----
-# I receive an 'authentication failure' message. What can I do?
-
-1. Check that your IVPN Account ID is in the form 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX'. You can check this in the [Client Area](/account/).
-2. Check that the IVPN Account ID is entered in the correct case i.e. 'ivpnABcd12' is not the same as 'ivpnabcd12'.
-3. You may have reached the device limit for your account.  You may have to log out of the IVPN App on another device to free up a slot.
-4. There may be a network restriction blocking access to our authentication server.  You may have to try a different network.
-5. Try logging out from the IVPN App, then logging back in. This will refresh the account status. The logout button is available on the 'Account' screen in the IVPN App on mobile devices.  For macOS, the logout is accessible via the app's menu bar icon.  For Windows, please log out via the app's 'Settings' area on the 'Account' tab.
-6. If you are still unable to connect, your account is most likely disabled/suspended. Verify that your VPN account is active by logging into the client area. If your account has been suspended, [renew](/knowledgebase/billing/how-can-i-reactivate-my-account/) your account to automatically unsuspended it.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/my-real-location-is-detected-when-connected-to-vpn-how-to-disable-geolocation.md b/src/content/es/pages/knowledgebase/troubleshooting/my-real-location-is-detected-when-connected-to-vpn-how-to-disable-geolocation.md
deleted file mode 100644
index c36d9e35d..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/my-real-location-is-detected-when-connected-to-vpn-how-to-disable-geolocation.md
+++ /dev/null
@@ -1,71 +0,0 @@
----
-title: My real location is detected when connected to VPN. How to disable geolocation? - IVPN Help
-h1: My real location is detected when connected to VPN. How to disable geolocation?
-url: /knowledgebase/troubleshooting/my-real-location-is-detected-when-connected-to-vpn-how-to-disable-geolocation/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 30
----
-# My real location is detected when connected to VPN. How to disable geolocation?
-
-Most modern browsers implement the [geolocation API](http://dev.w3.org/geo/api/spec-source.html) as defined by the W3C which enables browsers to detect the geographic location of the device. This enables web services that rely on location information to function correctly. The specification doesn't define the location sources but the following are commonly used:
-
-1. Global Positioning System (GPS)
-2. Available Wi-Fi networks and signal strengths
-3. GSM/CDMA cell IDs
-4. IP address
-
-If you are connected to IVPN the IP address lookup should return the location of the VPN server. However, if your browser is configured to use any of the alternate location sources then your actual location may be revealed to web services. Most commonly your Wi-Fi network information will be used as there are large databases that map Wi-Fi networks to a geographic location (usually created by cars with GPS & Wi-Fi e.g. Google Street View cars).
-
-## How to disable geolocation in browsers?
-
-### Google Chrome
-
-1. Click the Chrome menu button on the browser toolbar (with the 3 dots).
-2. Click on `Settings`.
-3. Scroll down and click on `Advanced`.
-4. In the 'Privacy and security' section, click `Site settings`.
-5. Click 'Location' and toggle 'Ask before accessing' to 'Blocked'.
-
-For further information see [Google's location sharing](https://support.google.com/chrome/answer/142065?hl=en) page.
-
-### Firefox
-
-1. In the URL bar, type `about:config`.
-2. In the search bar type `geo.enabled`.
-3. Double click on the geo.enabled preference. Location-Aware Browsing should now be disabled.
-
-For further information see the [Firefox Location-Aware Browsing](https://www.mozilla.org/en-US/firefox/geolocation/) page.
-
-### Internet Explorer
-
-1. Open the Tools menu by clicking on the gear icon in the upper-right corner of the browser window.
-2. Open the `Privacy` tab.
-3. Under Location, select the option `Never Allow Websites To Request Your Physical Location`.
-
-### Microsoft Edge
-
-1. Hit the `Windows` button & select `Settings`
-2. Navigate to `Privacy` -> `Location` and toggle location to `Off`
-
-For further information see the [Windows 10 location service and privacy: FAQ](http://windows.microsoft.com/en-us/windows-10/location-service-privacy).
-
-### Apple Safari
-
-1.  Choose `System Preferences` from the Apple () menu.
-2.  Click the `Security & Privacy` icon in the System Preferences window.
-3.  Click the `Privacy` tab.
-4.  If the padlock icon in the lower left is locked  
-    ![](https://support.apple.com/library/content/dam/edam/applecare/images/en_US/il/locked_icon.png)  
-    , click it and enter an admin name and password to unlock it  
-    ![](https://support.apple.com/library/content/dam/edam/applecare/images/en_US/il/unlocked_icon.png)
-5.  Select `Location Services`.
-6.  Uncheck 'Safari' to disable geolocation. 
-
-### Opera
-
-1. In the URL bar, type `about:config`.
-2. In the Preferences Editor, expand the `Geolocation` section.
-3. Uncheck `Enable geolocation`.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/my-vpn-connection-is-randomly-disconnecting-what-can-i-do.md b/src/content/es/pages/knowledgebase/troubleshooting/my-vpn-connection-is-randomly-disconnecting-what-can-i-do.md
deleted file mode 100644
index 499775103..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/my-vpn-connection-is-randomly-disconnecting-what-can-i-do.md
+++ /dev/null
@@ -1,29 +0,0 @@
----
-title: My VPN connection is randomly disconnecting. What can I do? - IVPN Help
-h1: My VPN connection is randomly disconnecting. What can I do?
-url: /knowledgebase/troubleshooting/my-vpn-connection-is-randomly-disconnecting-what-can-i-do/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 50
----
-# My VPN connection is randomly disconnecting. What can I do?
-
-Disconnections are frustrating and can potentially compromise your privacy. It is very helpful to have a basic understanding of what causes a VPN to disconnect in order to troubleshoot the issue.
-
-### What causes disconnections?
-
-The client software and server both send each other a cryptographically signed ping packet every 10 seconds to inform the other side that they are active/alive. If the client doesn't receive this ping packet (or any other data) from the server for longer than 120 seconds it assumes the server is no longer available and disconnects.  This happens because the ping packets are being either lost or blocked on the path between your device and the server. This could be a software or hardware router filtering these packets or an unreliable Internet connection which is causing packet loss.
-
-### What can you do?
-
-1. Change the port of the VPN protocol you use to connect, see [how to change ports/protocols](/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect/).
-2. Try WireGuard VPN protocol - available in all of our [native apps](/apps/) for macOS, iOS, Windows, Linux and Android.
-3. Try IPSec with IKEv2 VPN protocol. Setup guides can be found [here](/apps/).
-4. Try connecting to a different server, there may be an issue between your device and the server.
-5. If you are connecting from a location where you think your connection may be censored, try enabling obfsproxy from within the IVPN client. See [how to enable obfsproxy](/knowledgebase/troubleshooting/i-cant-connect-from-china-or-vietnam-or-iran-etc-how-do-i-enable-obfsproxy/). Instructions for Linux users are available [here](/knowledgebase/linux/linux-how-can-i-circumvent-vpn-censorship-by-masking-the-vpn-traffic/).
-6. Try connecting from another device to see if the issue is with the device. We support a large range of devices, see our [setup guides](/apps/).
-7. Restart your router device. Check if there are available updates to your router's firmware - they might contain various fixes and improve the general performance and quality of the connection after installing it.
-8. Try another internet connection as your connection may be unreliable, especially shared wireless connections (hotels, coffee shops), cellular (3G/4G/5G) etc.
-9. Advanced users may want to read about MTU and experiment with adjusting the maximum UDP packet sizes for OpenVPN (using the tun-mtu, fragment and mssfix directives). More information can be found in the [OpenVPN manual](https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage).
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/my-vpn-is-connected-but-i-cannot-browse-the-internet-why.md b/src/content/es/pages/knowledgebase/troubleshooting/my-vpn-is-connected-but-i-cannot-browse-the-internet-why.md
deleted file mode 100644
index 1e551ee41..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/my-vpn-is-connected-but-i-cannot-browse-the-internet-why.md
+++ /dev/null
@@ -1,27 +0,0 @@
----
-title: My VPN is connected but I cannot browse the Internet, why? - IVPN Help
-h1: My VPN is connected but I cannot browse the Internet, why?
-url: /knowledgebase/troubleshooting/my-vpn-is-connected-but-i-cannot-browse-the-internet-why/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 40
----
-# My VPN is connected but I cannot browse the Internet, why?
-
-The most common reason you cannot browse the internet when connected to the VPN is a **DNS configuration issue**. Please perform the following steps to see if the issue is related to DNS:
-
-1. Ping an external IP such as **`1.1.1.1`** and **`8.8.8.8`** to verify that you have Internet connectivity. See [how to run the ping command](/knowledgebase/troubleshooting/how-do-i-use-the-ping-command/).
-2. If you see replies from the ping above this indicates your connection is working and your issue is likely DNS related, continue to the "resolving DNS issues" section below.
-3. If you do not get a reply (e.g. "Request timeout") this indicates something is blocking the VPN connection, see [I cannot connect to the VPN, what can I do?](/knowledgebase/troubleshooting/i-cannot-connect-to-the-vpn-what-can-i-do/)
-
-### Resolving DNS Issues
-
-1. The first step is to reset your DNS settings. Disconnect from the VPN and follow the steps in [How to reset your DNS settings](/knowledgebase/troubleshooting/how-can-i-reset-my-dns-settings/). Try connecting again and browsing.
-2. If the above does not resolve the issue then you can configure OpenDNS to resolve your DNS. Follow the relevant instructions on the [OpenDNS setup](https://support.opendns.com/forums/21618384) page. (Please note that by configuring OpenDNS servers your DNS requests will be sent to OpenDNS, which may be considered a leak).
-3. If you are using Linux please ensure that you are running commands as root using the `sudo` command or the DNS resolver may not be updated correctly.
-4. If you have configured a proxy, please ensure that it is disabled.  This usually needs to be done via your browser settings.
-5. If you have another browser installed (Firefox, Chrome, Safari, Opera, Brave, Edge) try browsing with that browser and see if you have the same issue. You should also attempt to start your browser in 'safe mode' with all addons/plugins disabled. In Chrome, you simply have to open an 'incognito' window. If any of these methods allow you to browse the Internet then the issue lies with your Internet browser configuration. 
-
-Still can't connect? Please see [how to submit VPN diagnostic logs to IVPN](/knowledgebase/troubleshooting/how-to-submit-vpn-diagnostic-logs-to-ivpn/) so we can help you diagnose the issue.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/my-vpn-is-slow-what-can-i-do-to-make-it-faster.md b/src/content/es/pages/knowledgebase/troubleshooting/my-vpn-is-slow-what-can-i-do-to-make-it-faster.md
deleted file mode 100644
index 67320a34e..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/my-vpn-is-slow-what-can-i-do-to-make-it-faster.md
+++ /dev/null
@@ -1,53 +0,0 @@
----
-title: My VPN is slow, what can I do to make it faster? - IVPN Help
-h1: My VPN is slow, what can I do to make it faster?
-url: /knowledgebase/troubleshooting/my-vpn-is-slow-what-can-i-do-to-make-it-faster/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 10
----
-# My VPN is slow, what can I do to make it faster?
-
-The Internet is a large and dynamic network routing data packets between billions of devices. When the computers routing this data fail certain routes become unavailable and traffic has to be temporarily routed over an alternate path causing congestion on the new route (much like a road traffic system). Speed issues are therefore often temporary and will resolve themselves automatically as new routes are added, repaired and optimized.
-
-A VPN is dependent on the speed of your connection to the Internet. Whatever the speed of the connection is, the VPN cannot be faster. In fact, you should expect a small loss in speed when connecting to any VPN service due to the software having to encrypt every packet of data. This loss should be small, usually 10-20% when compared with your connection without a VPN.
-
-If you have a persistent speed issue consider the following troubleshooting steps:
-
-1.  ### Change servers
-    Selecting a server that is geographically close to you will normally result in increased performance (due to lower latency). In addition, changing to a server in another location may bypass any congestion issues depending on how close the congestion is to your location. See our [server status](/status/) page for a list of locations where we have servers.
-
-2.  ### Change VPN port/protocol
-    Your VPN software connects to our servers on a specific port number (e.g. 443) using a specific protocol (UDP or TCP). Some networks restrict the speed of certain ports or protocols.  Try changing the port/protocol until you identify the fastest combination. See [how to change ports and protocols](/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect/).
-
-3.  ### Use a wired connection
-    Your speed may be limited by your Wi-Fi connection. Wireless connections rely on a shared channel to transmit data between multiple devices which may result in increased latency and slower speeds. Wired connections normally support much higher speeds and are always preferable if you have access to one.
-
-4.  ### Switch devices
-    Certain devices are not capable of providing high speeds due to the heavy encryption overhead of a VPN tunnel.  These devices often include routers, NAS, older Android devices, and early generation iOS devices.  If you are using one of these devices then your only solution is to switch to a device with a more capable processor.
-
-5.  ### Restart your Modem/Router
-    Over time your modem or router may slow down due to memory leaks etc. Restarting your modem/router may increase the speed of your connection and thus the VPN.
-
-6.  ### Try WireGuard
-    OpenVPN connections may be restricted or throttled on some networks. Using WireGuard may result in a faster connection. WireGuard is available on our [native apps](/apps/) for macOS, iOS, Windows, Linux, and Android.
-
-7.  ### Temporarily disable local security software
-    Firewall or antivirus software can slow down VPN traffic by filtering or scanning outgoing packets. Try temporarily disabling your security software to determine if the security software is the cause of the performance issue.
-
-8.  ### Restart your Device
-    Over time many devices experience "fatigue" due to running out of free memory or resources. Restarting your device may help your connection speed.
-
-9.  ### Install the latest device updates
-    Check if your device has available firmware updates - they might contain various fixes and improve the general performance and quality of the connection after installing it.
-
-10. ### Connecting from another location
-    It may be that there is an issue with your connection to your ISP. You can easily check this by connecting to the Internet from another location e.g. coffee shop / neighbor etc.
-
-### Advanced options
-
-1. To locate the congestion or network hop which is delaying your traffic, run a traceroute. Try tracerouting to the host you are trying to reach both with and without the VPN active.
-2. Override the DNS with 3rd party DNS servers. We always advise customers to use our DNS servers to prevent DNS privacy leaks. However, you may wish to test whether our DNS servers are the cause of your performance issues.
-3. Adjust the MTU. You'll need to read up about how to determine the best MTU for your network. If you change the network you are connecting from in the future don't forget that you may need to change the MTU again.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/replay-window-backtrack-occurred-error.md b/src/content/es/pages/knowledgebase/troubleshooting/replay-window-backtrack-occurred-error.md
deleted file mode 100644
index 93cab7b35..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/replay-window-backtrack-occurred-error.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-title: '"Replay-window backtrack occurred" - error - IVPN Help'
-h1: '"Replay-window backtrack occurred" - error'
-url: /knowledgebase/troubleshooting/replay-window-backtrack-occurred-error/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 170
----
-# "Replay-window backtrack occurred" - error
-
-This error is generally caused by network congestion and latency when using the UDP protocol. Essentially packets are being dropped or received by the server in the wrong order. This is often seen when connecting to Wi-Fi networks with a poor signal or 3G/4G networks.
-
-The best solution is to switch to using the TCP protocol. You can do this by selecting the TCP protocol option from within the IVPN app or editing the relevant OpenVPN configuration file.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/the-battery-on-my-phone-drains-too-fast-while-using-ivpn-why.md b/src/content/es/pages/knowledgebase/troubleshooting/the-battery-on-my-phone-drains-too-fast-while-using-ivpn-why.md
deleted file mode 100644
index 0460b8e95..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/the-battery-on-my-phone-drains-too-fast-while-using-ivpn-why.md
+++ /dev/null
@@ -1,26 +0,0 @@
----
-title: The battery on my phone drains too fast while using IVPN. Why? - IVPN Help
-h1: The battery on my phone drains too fast while using IVPN. Why?
-url: /knowledgebase/troubleshooting/the-battery-on-my-phone-drains-too-fast-while-using-ivpn-why/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 230
----
-# The battery on my phone drains too fast while using IVPN. Why?
-
-Extensive battery usage with IVPN would not be particularly unusual for a combination of reasons, more specifically:
-
-1. The IVPN App offers VPN protocols with the highest level of encryption available, thus using more CPU power, which results in a higher battery consumption as a result.
-2. Mobile devices usually 'sleep' and shut down persistent network connections in favor of reduced bandwidth and energy, a solution called 'push'. However, a VPN tunnel requires constant connectivity to ensure security, and this does not utilize this power-saving method.
-
-On the most recent version of the IVPN App for iOS, disabling the 'Keep alive on sleep' option may reduce battery consumption.
-
-<div markdown="1" class="notice notice--warning">
-Disabling keep-alive will not result in any data leak outside of the VPN, as the on-demand rules will automatically re-establish the VPN tunnel before any network traffic starts on the device. Keep-alive, when on, makes sure that the VPN tunnel is active even when the device is in sleep mode. By disabling it, the VPN tunnel is reconnected only when the device needs to make network requests. Disabling keep-alive will improve battery consumption when the device is in sleep mode, but the drawback is you might experience occasional slowdowns due to wake-up reconnections.
-</div>
-
-If security is not your primary concern and to preserve the battery power, consider disconnecting from the VPN connection when not in use or when your device is sleeping.
-
-Alternatively, you may try the [WireGuard VPN protocol](/knowledgebase/general/wireguard-faq/), which was proven to provide higher performance while causing less stress to the battery.
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/tls-error-unroutable-control-packet-received-how-to-fix.md b/src/content/es/pages/knowledgebase/troubleshooting/tls-error-unroutable-control-packet-received-how-to-fix.md
deleted file mode 100644
index 3742cc647..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/tls-error-unroutable-control-packet-received-how-to-fix.md
+++ /dev/null
@@ -1,49 +0,0 @@
----
-title: '"TLS Error: Unroutable control packet received" - How to fix - IVPN Help'
-h1: '"TLS Error: Unroutable control packet received" - How to fix'
-url: /knowledgebase/troubleshooting/tls-error-unroutable-control-packet-received-how-to-fix/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 90
----
-# "TLS Error: Unroutable control packet received" - How to fix
-
-The OpenVPN protocol requires the client and server to have synchronized time. If the time on your local PC is incorrect you may see the error **TLS Error: Unroutable control packet received from** in your logs.
-
-### Windows
-
-1. Go to `Start` > `Settings` > `Time & language` > `Date & time`.
-2. Toggle `Set time automatically` to `On`.
-
-### macOS
-
-1. Open the `System Preferences`.
-2. Click the Date & Time icon and ensure that `Set date and time automatically` is selected.
-
-### Linux
-
-You need to install and configure an NTP client. Refer to the documentation for your distribution for further instructions.
-
-### DD-WRT
-
-Please refer to the section **Correct Time** on this page [http://www.dd-wrt.com/wiki/index.php/OpenVPN](http://www.dd-wrt.com/wiki/index.php/OpenVPN)
-
-To set the time manually, connect via telnet or ssh and run the following command at the prompt:
-
-```
-date YYYYMMDDhhmm
-```
-
-If you set the Date and Time manually, you will have to do that every time your router is rebooted.
-
-Instead, it is recommended to enable and connect your device to the NTP server to allow system Date and Time automatically sync with the current time. For help, see https://wiki.dd-wrt.com/wiki/index.php/Network_Time_Protocol
-
-### pfSense
-
-pfSense will attempt to keep the router device’s time synchronized with the ntp.org Network Time Protocol (NTP) server pool automatically. Check `Status` > `NTP` for details. If time is out of sync, there may be a DNS issue preventing the NTP hostname lookup. The pfSense system log will show details via `Status` > `System Logs` > `NTP`.
-
-### OpenWRT
-
-OpenWrt’s NTP client is enabled by default and will attempt to keep the router device’s system clock synchronized automatically. Configuration details and further information can be found here https://openwrt.org/docs/guide-user/advanced/ntp_configuration
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/tls-key-negotiation-failed-to-occur-how-to-fix.md b/src/content/es/pages/knowledgebase/troubleshooting/tls-key-negotiation-failed-to-occur-how-to-fix.md
deleted file mode 100644
index 317ad1c0e..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/tls-key-negotiation-failed-to-occur-how-to-fix.md
+++ /dev/null
@@ -1,13 +0,0 @@
----
-title: '"TLS key negotiation failed to occur" - How to fix - IVPN Help'
-h1: '"TLS key negotiation failed to occur" - How to fix'
-url: /knowledgebase/troubleshooting/tls-key-negotiation-failed-to-occur-how-to-fix/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 190
----
-# "TLS key negotiation failed to occur" - How to fix
-
-This log entry indicates that the connection to our VPN server is being blocked. Please see [I cannot connect to the VPN, what can I do?](/knowledgebase/troubleshooting/i-cannot-connect-to-the-vpn-what-can-i-do/)
diff --git a/src/content/es/pages/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers.md b/src/content/es/pages/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers.md
deleted file mode 100644
index 7292dadb8..000000000
--- a/src/content/es/pages/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers.md
+++ /dev/null
@@ -1,91 +0,0 @@
----
-title: What is the IP address of your DNS servers? - IVPN Help
-h1: What is the IP address of your DNS servers?
-url: /knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers/
-sections:
-    - troubleshooting
-sectionTitle: Troubleshooting
-layout: help-details
-weight: 150
----
-# What is the IP address of your DNS servers?
-
-The IVPN DNS servers clients use when connected to our VPN servers are not publicly accessible from the Internet. They are internal and can be used only when connected to an IVPN server.  Three types of internal DNS servers are available on each VPN server:
-
-* Regular DNS with no blocking (OpenVPN + WireGuard + IPSec with IKEv2)
-* Normal [AntiTracker](/antitracker/) to block advertising and malware domains (OpenVPN + WireGuard)
-* Hardcore Mode AntiTracker to also block Google and Facebook domains (OpenVPN + WireGuard)
-
-
-### Regular DNS Servers
-
-For WireGuard connections, the regular DNS address is: `172.16.0.1`
-
-For OpenVPN connections, the regular DNS address is: `10.0.254.1`
-
-With an OpenVPN connection there is another regular DNS address available.  To work out the address, look at the IP assigned to you when you connect. The DNS servers are in the format `10.x.y.1`. For example, if the VPN address you receive is `10.16.4.66` then the DNS address will be `10.16.4.1`.
-
-
-### AntiTracker with Optional Hardcore Mode
-
-The original AntiTracker addresses remain unchanged (same as **OISD Big** below):
-
-Normal   `10.0.254.2` and 
-Hardcore `10.0.254.3`
-
-The [AntiTracker Plus](/knowledgebase/general/antitracker-plus-lists-explained/) options follow a similar IP address pattern for normal and hardcore modes:
-
-#### Basic
-Normal   `10.0.254.4` and 
-Hardcore `10.0.254.5`
-
-#### Comprehensive
-Normal   `10.0.254.6` and 
-Hardcore `10.0.254.7`
-
-#### Restrictive
-Normal   `10.0.254.18` and 
-Hardcore `10.0.254.19`
-
-#### EasyList + EasyPrivacy
-Normal   `10.0.254.14` and 
-Hardcore `10.0.254.15`
-
-#### OISD Big
-Normal   `10.0.254.2` and 
-Hardcore `10.0.254.3`
-
-#### Developer Dan Ads + Tracking
-Normal   `10.0.254.8` and 
-Hardcore `10.0.254.9`
-
-#### Steven Black Unified + Ads + Malware
-Normal   `10.0.254.20` and 
-Hardcore `10.0.254.21`
-
-#### 1Hosts Extra
-Normal   `10.0.254.16` and 
-Hardcore `10.0.254.17`
-
-#### Hagezi Light
-Normal   `10.0.254.22` and 
-Hardcore `10.0.254.23`
-
-#### Hagezi Pro
-Normal   `10.0.254.10` and 
-Hardcore `10.0.254.11`
-
-#### Hagezi Pro++
-Normal   `10.0.254.24` and 
-Hardcore  `10.0.254.25`
-
-#### Hagezi Ultimate
-Normal   `10.0.254.12` and 
-Hardcore `10.0.254.13`
-
-
-### Public DNS Server
-
-We provide a public, validating, non-logging, recursive DNS server: `198.245.51.147`
-
-No IVPN connection -- or account -- required.
diff --git a/src/content/es/pages/knowledgebase/windows/_index.md b/src/content/es/pages/knowledgebase/windows/_index.md
deleted file mode 100644
index 94ca18612..000000000
--- a/src/content/es/pages/knowledgebase/windows/_index.md
+++ /dev/null
@@ -1,7 +0,0 @@
----
-title: Windows - IVPN Help
-url: /knowledgebase/windows/
-section: windows
-layout: help
----
-## Windows
diff --git a/src/content/es/pages/knowledgebase/windows/windows-10-set-ivpn-dns-servers-manually.md b/src/content/es/pages/knowledgebase/windows/windows-10-set-ivpn-dns-servers-manually.md
deleted file mode 100644
index 452713985..000000000
--- a/src/content/es/pages/knowledgebase/windows/windows-10-set-ivpn-dns-servers-manually.md
+++ /dev/null
@@ -1,38 +0,0 @@
----
-title: Windows 10 - Set IVPN DNS servers manually - IVPN Help
-h1: Windows 10 - Set IVPN DNS servers manually
-url: /knowledgebase/windows/windows-10-set-ivpn-dns-servers-manually/
-sections:
-    - windows
-sectionTitle: Windows
-layout: help-details
-weight: 110
----
-# Windows 10 - Set IVPN DNS servers manually
-
-In some cases, it may be beneficial to set DNS servers on your system manually. The IVPN App does this automatically, though this can he helpful with some manual VPN connection.
-
-1.  Open the `Control Panel` by clicking the Start menu icon and typing `control panel`
-
-2.  Click `Network and Internet` followed by `Network and Sharing Centre`
-
-3.  Click `Change Adapter settings`
-
-4.  Right-click the icon for the Ethernet or Wi-Fi network adapter and choose `Properties`
-
-5.  Click `Internet Protocol Version 4 (TCP/IPv4)` and click the `Properties` button
-
-    ![](/images-static/uploads/050-adapter-properties-window-ipv4.png)
-
-6.  Switch to `Use the following DNS server addresses` and enter the IVPN addresses. We offer different internal options plus one public DNS servers:
-
-    ```
-    10.0.254.1 = regular DNS with no blocking
-    10.0.254.2 = standard AntiTracker to block advertising and malware domains
-    10.0.254.3 = Hardcore Mode AntiTracker to also block Google and Facebook
-    198.245.51.147 = public, validating, non-logging, recursive DNS server
-    ```
-
-    ![](/images-static/uploads/060-manual-dns-addresses.png)
-
-7.  Click `OK` on the IPv4 properties window. Click `Close` on the network adapter properties window
diff --git a/src/content/es/pages/knowledgebase/windows/windows-all-tap-win32-adapters-in-use-error.md b/src/content/es/pages/knowledgebase/windows/windows-all-tap-win32-adapters-in-use-error.md
deleted file mode 100644
index be9e80418..000000000
--- a/src/content/es/pages/knowledgebase/windows/windows-all-tap-win32-adapters-in-use-error.md
+++ /dev/null
@@ -1,29 +0,0 @@
----
-title: Windows - "All TAP-Win32 Adapters in Use" error - IVPN Help
-h1: Windows - "All TAP-Win32 Adapters in Use" error
-url: /knowledgebase/windows/windows-all-tap-win32-adapters-in-use-error/
-sections:
-    - windows
-    - troubleshooting
-sectionTitle: Windows
-layout: help-details
-weight: 30
----
-# Windows - "All TAP-Win32 Adapters in Use" error
-
-This error indicates that the VPN was not cleanly disconnected from the previous session or another VPN connection is already established.
-
-1. Click the `Start Menu` button and then select the `Control Panel`.
-2. Click on `Network and Internet`.
-3. Click on `Network and Sharing Center`.
-4. Click on `Change adapter settings`.
-5. Find the connection which is your TAP Adapter, right-click the `TAP adapter` and select `Disable`.
-6. Right-click the `TAP adapter` and select `Enable`.
-
-If the above does not resolve the issue please close and restart all OpenVPN processes by following these steps
-
-1. Press `Ctrl+Alt+Del`.
-2. Open `Task Manager`.
-3. End all instances of any process containing the word **OpenVPN**.
-4. Restart OpenVPN.
-5. Retry connecting to IVPN.
diff --git a/src/content/es/pages/knowledgebase/windows/windows-defender-smartscreen-prevents-the-installation-of-ivpn-app-why.md b/src/content/es/pages/knowledgebase/windows/windows-defender-smartscreen-prevents-the-installation-of-ivpn-app-why.md
deleted file mode 100644
index a39f301aa..000000000
--- a/src/content/es/pages/knowledgebase/windows/windows-defender-smartscreen-prevents-the-installation-of-ivpn-app-why.md
+++ /dev/null
@@ -1,27 +0,0 @@
----
-title: Windows Defender SmartScreen prevents the installation of IVPN app. Why? - IVPN Help
-h1: Windows Defender SmartScreen prevents the installation of IVPN app. Why?
-url: /knowledgebase/windows/windows-defender-smartscreen-prevents-the-installation-of-ivpn-app-why/
-sections:
-    - windows
-sectionTitle: Windows
-layout: help-details
-weight: 130
----
-# Windows Defender SmartScreen prevents the installation of IVPN app. Why?
-
-Our development team has rewritten our desktop apps to be more efficient as well as signed them with the new certificate. It might take up to 2-3 weeks for a new certificate to build enough reputation, until that, Windows Defender Smartscreen can prevent the execution of the file, detecting it as an "unrecognized" app.
-
-This block by Windows Security is a false positive. Please make sure you have downloaded the installer directly from our [website](/apps-windows/) and not any 3rd party site to ensure that no malware has been injected.
-
-The [changelog](https://github.com/ivpn/desktop-app-ui/blob/master/CHANGELOG_windows.md) for our Windows app offers a SHA1 checksum, which you can use to verify the integrity of the download above to make sure no tampering has occurred during the download. Details on how to verify a checksum can be found [here](https://support.microsoft.com/en-us/help/889768/how-to-compute-the-md5-or-sha-1-cryptographic-hash-values-for-a-file).
-
-In the meantime, to proceed with the installation when you receive a Windows Defender Smartscreen warning message, click on `More info`:
-
-![](https://www.ivpn.net/img/screens/install/smartscreen_1.png)
-
-..and click on the `Run anyway` button.
-
-![](https://www.ivpn.net/img/screens/install/smartscreen_2.png)
-
-You may have to temporarily disable any other running security software running on your computer to allow the installation to proceed. Please be sure to re-enable it back immediately after installing our app. For extra security, you might consider temporarily disabling your network connection while the real-time protection is disabled.
diff --git a/src/content/es/pages/knowledgebase/windows/windows-dns-cannot-be-resolved.md b/src/content/es/pages/knowledgebase/windows/windows-dns-cannot-be-resolved.md
deleted file mode 100644
index 9f8df38b2..000000000
--- a/src/content/es/pages/knowledgebase/windows/windows-dns-cannot-be-resolved.md
+++ /dev/null
@@ -1,19 +0,0 @@
----
-title: Windows - "DNS Cannot be resolved" - IVPN Help
-h1: Windows - "DNS Cannot be resolved"
-url: /knowledgebase/windows/windows-dns-cannot-be-resolved/
-sections:
-    - windows
-sectionTitle: Windows
-layout: help-details
-weight: 70
----
-# Windows - "DNS Cannot be resolved"
-
-What if your browser cannot load any web pages and it receives 'DNS cannot be resolved' error when connected to IVPN? Most of the time this is happening because of 3rd-party software altering the DNS server configuration on your computer. To work around this, check the following steps:
-
-1. Make sure IVPN Firewall is enabled (assuming you use our [official software](/apps-windows/))
-2. Open your Network Management (hit 'Windows' button - > Type 'ncpa.cpl' - > 'Enter') and find 'Tap-Windows' device - > Double click on it - > Properties - > Double click 'IPv4' - > Make sure you have 'Obtain DNS server address automatically' checked
-3. Reconnect to IVPN
-
-When you establish the VPN connection, IVPN pushes and applies our DNS IP-address to your system if the network adapter is configured to set the DNS automatically. In case the latter is not happening, the installed Antivirus/Firewall or various Network Filtering software can prevent that from happening and it is advised to have the IVPN client whitelisted there to avoid the aforementioned issue.
diff --git a/src/content/es/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-save-my-credentials.md b/src/content/es/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-save-my-credentials.md
deleted file mode 100644
index ad3dfd499..000000000
--- a/src/content/es/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-save-my-credentials.md
+++ /dev/null
@@ -1,37 +0,0 @@
----
-title: Windows - How do I configure OpenVPN to save my credentials? - IVPN Help
-h1: Windows - How do I configure OpenVPN to save my credentials?
-url: /knowledgebase/windows/windows-how-do-i-configure-openvpn-to-save-my-credentials/
-sections:
-    - windows
-    - troubleshooting
-sectionTitle: Windows
-layout: help-details
-weight: 10
----
-# Windows - How do I configure OpenVPN to save my credentials?
-
-To configure the OpenVPN GUI to save your credentials:
-
-1.  Using Windows Explorer, navigate to the `C:\Program Files\OpenVPN\config` folder (or `C:\Program Files (x86)\OpenVPN\config` on 64 bit systems).
-
-2.  Using WordPad or a similar text editor, open the config file relating to the server you wish to save your IVPN account ID for (the filename should indicate the server location).
-
-3.  Locate the line containing `auth-user-pass` and change it to:
-
-    ```
-    auth-user-pass pass.txt
-    ```
-
-4.  Create a new text file with the name `pass.txt` and insert your IVPN Account ID (either 'ivpnXXXXXXXX' or `i-XXXX-XXXX-XXXX`) on the first line and a non-blank second line, then save,  e.g.:
-
-    ```
-    ivpnxxxxxx
-    ivpn
-    ```
-
-    <div markdown="1" class="notice notice--warning">
-    You may not be able to save files directly to the c:\program files\openvpn\config directory due to Windows security controls. In this case, simply copy the file to your desktop first, edit it and then copy it back to the same location.
-    </div>
-
-5.  Repeat step 3 for other config files you wish to save the Account ID for.
diff --git a/src/content/es/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-start-automatically.md b/src/content/es/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-start-automatically.md
deleted file mode 100644
index 00301a5ce..000000000
--- a/src/content/es/pages/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-start-automatically.md
+++ /dev/null
@@ -1,40 +0,0 @@
----
-title: Windows - How do I configure OpenVPN to start automatically? - IVPN Help
-h1: Windows - How do I configure OpenVPN to start automatically?
-url: /knowledgebase/windows/windows-how-do-i-configure-openvpn-to-start-automatically/
-sections:
-    - windows
-    - troubleshooting
-sectionTitle: Windows
-layout: help-details
-weight: 40
----
-# Windows - How do I configure OpenVPN to start automatically?
-
-<div markdown="1" class="notice notice--info">
-We recommend using the official IVPN software client which already includes this functionality. See the <a href="/apps-windows/">Windows App</a> page to download IVPN for your platform.
-</div>
-
-For this solution to work, you need to configure OpenVPN to store your IVPN Account ID (if you have not done so already). To do this please follow [these instructions](/knowledgebase/windows/windows-how-do-i-configure-openvpn-to-save-my-password/).
-
-1.  Click on the Windows start button and type `Task Scheduler` and click on it.
-
-2.  On the menu bar click `Action` | `Create task`.
-
-3.  Give the task a name e.g. "Auto-start VPN".
-
-4.  Select `Run only when user is logged on`.
-
-5.  Select `Run with the highest privileges`.
-
-6.  Click on the `Triggers` tab and click `New`. Select `At log on` and click `OK` - You can choose for all users or a specific user. If you have any issues you may need to set the `Delay task` option in the advanced settings to 30 seconds or thereabout to enable the network adapter to initialize first.
-
-7.  Click on the `Actions` tab and click `New`. Enter the program and argument as below according to your installation. The path must be correct and you must specify the name of the config file you wish to connect to.
-
-    ```
-    Program: "C:\Program Files\OpenVPN\bin\OpenVPN-Control-Centre.exe" Argument: --config_dir "C:\Program Files (x86)\OpenVPN\config" --connect "iVPN - Singlehop - Netherlands.ovpn"
-    ```
-
-8.  Click on the `Conditions` tab and clear any boxes which are checked.
-
-9.  Click `OK`. The task should now be created and will connect to the named VPN connection every time the system starts up.
diff --git a/src/content/es/pages/knowledgebase/windows/windows-my-ip-address-doesnandsharp039t-change-when-connected-why.md b/src/content/es/pages/knowledgebase/windows/windows-my-ip-address-doesnandsharp039t-change-when-connected-why.md
deleted file mode 100644
index 5d16f73b3..000000000
--- a/src/content/es/pages/knowledgebase/windows/windows-my-ip-address-doesnandsharp039t-change-when-connected-why.md
+++ /dev/null
@@ -1,25 +0,0 @@
----
-title: Windows - My IP address doesn't change when connected, why? - IVPN Help
-h1: Windows - My IP address doesn't change when connected, why?
-url: /knowledgebase/windows/windows-my-ip-address-doesnandsharp039t-change-when-connected-why/
-sections:
-    - windows
-sectionTitle: Windows
-layout: help-details
-weight: 20
----
-# Windows - My IP address doesn't change when connected, why?
-
-If geolocation websites such as [dnsleaktest.com](https://www.dnsleaktest.com/) are showing your personal IP instead of the IP of the VPN server then you have a serious privacy leak. Fortunately this is not possible with the IVPN client as it has a firewall that protects against these types of leaks. However if you are using the community edition of OpenVPN then read on.
-
-It really helps to have a basic understanding of the issue to resolve it. Your computer maintains a 'routing table' that lists the routes to particular network destinations. Most personal computers simply forward all outbound traffic to the Internet Service Provider (ISP) so the routing table is very simple. When the VPN client software connects to the VPN server it needs to update the routing table to override the existing entry which routes all traffic to the ISP. If the VPN client software is unable to update the routing table then even although there is an active connection to the VPN server (green shield), traffic will NOT be routed through it and you will see your own IP on geolocation websites. On Windows computers this is almost always due to insufficient permissions to update the routing table. This is the reason why the VPN client prompts you for administrative permission when you start it.
-
-### How can I fix it?
-
-1.  Check that when you start the OpenVPN application it prompts you with the message "Do you want to allow the following program from an unknown publisher to make changes to your computer?". You must answer YES to this prompt. If you do not see this prompt then you may have disabled UAC. Right click on the desktop OpenVPN icon and select `Properties`. Click on the `Compatibility` tab and select `Run this program as an administrator`.
-
-2.  To confirm that the routing table has not been updated click on `Start` and type `cmd.exe` and click on the icon for the command prompt. Type `route print` and hit enter. Under the heading "IPv4 Route Table" the top two entries should both have a network destination of '0.0.0.0' with one of them having a netmask of '128.0.0.0'. If you only have a single entry with a destination of '0.0.0.0' then the routing table has not been updated.
-
-3.  If you are using Windows 8.x there is an obscure bug that may cause the routes to not be correctly installed. To workaround this open the Network Adapter Applet (Control Panel\Network and Internet\Network Connections) before you start the VPN connection. This has to be done once after each reboot.
-
-4.  Proxy settings might be interfering.  To reset Windows 10 proxy settings, click the Start button, type *proxy*, click to open the `Proxy settings` app, toggle the `Use a proxy server` to *off* under `Manual proxy setup`.  Reset web browser proxy settings in [Mozilla Firefox](https://support.mozilla.org/en-US/kb/connection-settings-firefox) by choosing `No Proxy` or `Use system proxy settings`. 
diff --git a/src/content/es/pages/knowledgebase/windows/windows-warning-route-gateway-is-not-reachable.md b/src/content/es/pages/knowledgebase/windows/windows-warning-route-gateway-is-not-reachable.md
deleted file mode 100644
index 3f4ec0fee..000000000
--- a/src/content/es/pages/knowledgebase/windows/windows-warning-route-gateway-is-not-reachable.md
+++ /dev/null
@@ -1,41 +0,0 @@
----
-title: Windows - "Warning, route gateway is not reachable" - IVPN Help
-h1: Windows - "Warning, route gateway is not reachable"
-url: /knowledgebase/windows/windows-warning-route-gateway-is-not-reachable/
-sections:
-    - windows
-sectionTitle: Windows
-layout: help-details
-weight: 50
----
-# Windows - "Warning, route gateway is not reachable"
-
-This error is likely to be caused by corruption in the TCP stack on your system. To resolve this try the following:
-
-1.  Open command console - press `'Windows'` button-> type `cmd` -> right-click & hit `Run as Administrator`
-
-2.  Execute the following commands:
-
-    ```
-    netsh dump netsh
-    netsh winsock reset
-    netsh int ip reset
-    ipconfig /flushdns
-    exit
-    ```
-
-3.  Reboot your PC and try to connect once again.
-
-If the problem persists try adding a few configuration changes to the IVPN client:
-
-1.  In the IVPN app navigate to `'Settings'` -> `'OpenVPN'` tab.
-
-2.  Add the following configuration:
-
-    ```
-    route-delay 5
-    route-method exe
-    ip-win32 netsh
-    ```
-
-3.  Apply the changes and reconnect.
diff --git a/src/content/es/pages/legal-process-guidelines.md b/src/content/es/pages/legal-process-guidelines.md
deleted file mode 100644
index 7c1f13633..000000000
--- a/src/content/es/pages/legal-process-guidelines.md
+++ /dev/null
@@ -1,53 +0,0 @@
----
-title: Law Enforcement Legal Process Guidelines
-url: /legal-process-guidelines/
----
-# Law Enforcement Legal Process Guidelines
-
-### Introduction
-
-These guidelines are provided for use by government and law enforcement agencies within Gibraltar when seeking information from IVPN Limited (“IVPN”) about users of the IVPN service (“IVPN users”).
-
-These guidelines do not apply to requests made by government and law enforcement agencies outside Gibraltar. IVPN does not respond to requests from governments or law enforcement agencies outside of Gibraltar, all requests must originate from a government agency with jurisdiction in Gibraltar.
-
-IVPN has a centralized process for receiving, tracking, processing, and responding to legitimate legal requests from government and law enforcement from when they are received until when a response is provided. Our legal department reviews and evaluates all requests received, and requests which IVPN determines to have no valid legal basis or considers to be unclear, inappropriate or over-broad are challenged or rejected.
-
-The information contained within these Guidelines is devised to provide information to government and law enforcement agencies within Gibraltar regarding the legal process that IVPN requires in order to disclose electronic information to government and law enforcement agencies within Gibraltar. These Guidelines are not intended to provide legal advice.
-
-Nothing within these Guidelines is meant to create any enforceable rights against IVPN and IVPN’s policies may be updated or changed in the future without further notice to government or law enforcement.
-
-### About IVPN
-
-IVPN provides a VPN service “IVPN” for consumers and small teams to improve their security and privacy whilst using the Internet. We develop the client software required to connect securely to our servers and manage a large network of servers through which IVPN users traffic is routed.
-
-User information is held by IVPN in accordance with the IVPN privacy policy and the applicable terms of service. IVPN is committed to maintaining the privacy of the IVPN users of the IVPN service. Accordingly, information about IVPN users will not be released without valid legal process.
-
-### Legal process
-
-IVPN accepts service of subpoenas, search warrants, and court orders by email from government and law enforcement agencies, provided these are transmitted from the official email address of the government or law enforcement agency concerned. Government and law enforcement personnel submitting a legal request to IVPN should transmit it directly from their official government or law enforcement email address to [legal@ivpn.net](mailto:legal@ivpn.net). This mailbox is intended solely for use by government and law enforcement personnel.
-
-When government or law enforcement has served legal process on IVPN by email, a duplicate hard copy must be personally served at the IVPN headquarters at:
-
-**IVPN Limited, 5 Secretary’s lane, GX11 1AA, Gibraltar.**
-
-Where possible, IVPN will notify IVPN users when their IVPN account information is being sought in response to legal process from government, law enforcement, or third parties, except where providing notice is explicitly prohibited by the legal process itself, by a court order IVPN receives.
-
-### Information available from IVPN
-
-#### Customer records
-
-IVPN has no need to collect or store personal personally identifiable information relating to our customers and therefor no personally identifiable information is requested, collected or stored when a customer signs up for our service. Each customer is assigned a randomly generated identifier which they use to authenticate themselves to our service.
-
-If a payment method is chosen that requires an external payment processor and that payment processor requires that IVPN store a link to the transaction in our system then that identifier together with the payment processor is stored with the randomly generated user account ID.
-
-### Information not available from IVPN
-
-#### Connection logs
-
-IVPN does not store any logs relating to the connections of IVPN users to the VPN network i.e. timestamped records of when a particular user connected and disconnected to any server in the IVPN network. If provided with a timestamp IVPN are therefor not able to determine who was connected to any server at that time.
-
-#### Activity logs
-
-IVPN do not store logs relating to the activity of IVPN users when connected to the IVPN service i.e. timestamped records of what Internet servers or websites the IVPN user was connected to. Therefor if provided with a timestamp IVPN are not able to retrieve any Internet activity relating to any time period or user account.
-
-If you have further questions, please contact [legal@ivpn.net](mailto:legal@ivpn.net).
diff --git a/src/content/es/pages/light.md b/src/content/es/pages/light.md
deleted file mode 100644
index 51d90fb0b..000000000
--- a/src/content/es/pages/light.md
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: IVPN Light - Quick VPN Access paid with BTC Lightning
-description: Set up a VPN tunnel in 60 seconds with exit nodes in 35 countries. Priced in sats, paid with Lightning, account not required.
-url: /light/
-layout: application
----
diff --git a/src/content/es/pages/manifesto.md b/src/content/es/pages/manifesto.md
deleted file mode 100644
index b960aad23..000000000
--- a/src/content/es/pages/manifesto.md
+++ /dev/null
@@ -1,38 +0,0 @@
----
-title: Manifesto
-url: /manifesto/
----
-# Resist Online Surveillance
-
-The 21st century has been profoundly shaped by the silent infrastructure of the surveillance economy, which sweeps up every last crumb of data our daily lives leave behind. These data points are collected and pieced together to create individual profiles of us. Profiles that can be leased to advertisers hungry for our attention, shared with governments for investigative purposes, and sold on to shady data brokers.
-
-Our digital products and services have stopped working for us. Instead, we’re unwittingly working for them. We’re ranked, rated, profiled – programmed to act in ways we otherwise wouldn’t.
-
-Forget having nothing to hide. The internet activity of every human being has become a hot commodity. Our data is being churned into an industry that’s worth more than oil. And it’s being used against us. To capture our attention, our money, and our votes. To predict what we’ll do next, and to influence our behavior.
-
-If information is power, and we’ve lost control of our information, what are we left with?
-
----
-
-The internet once seemed like an endless horizon of possibility. A place for connection, for serendipity, for experimentation. A space not beholden to profit.
-
-Today’s internet looks very different – having been captured by the market forces of the surveillance economy, whose fuel is every detail of our personal lives. Though companies claim the purpose of data collection is to improve their services, so we shrug it off as a compromise for convenience, and hope that the law will take care of it.
-
-Yet governments around the world have been slow to regulate. And many have implemented their own mass surveillance programs in the name of national security – listening in on communications, coercing companies to open their data troves, automating policing and court processes, implementing social credit systems, and rolling out facial recognition programs. In the process, they have turned law-abiding citizens into suspects without cause.
-
-The loss of control over our data has been a slippery slope of decline. Much of it has happened without our knowledge or consent – but it’s become our problem, both individually and collectively.
-
-What we’re losing is nothing less than our individual autonomy. Open democratic societies require vigorous debate and the free exchange of ideas. Constant monitoring robs us of the ability to selectively reveal ourselves to the world. It pushes us towards conformism instead of respecting individuality and difference. Knowing that our words and actions are being permanently recorded makes us less likely to think critically, speak up for what we believe in, experiment with new ideas and to flourish as human beings.
-
-Maybe we haven’t yet been personally targeted, hacked, or discriminated against. But in this volatile climate, where everything can change in the click of a refresh button, the rights we have today aren’t a given. And the more we take them for granted, the more it harms the billions of people around the world who are already vulnerable: Minorities and marginalised communities, journalists, activists, lawyers, dissenters, citizens of authoritarian regimes, democracy advocates.
-
----
-
-We can’t choose to opt out of the global surveillance society we’ve become subject to. But it’s not going to fix itself either.
-
-What we can do is claim our agency. To equip ourselves with digital tools that allow us to regain a degree of control. To share strategies, spread the word, and take a stand. To let governments and tech companies know that privacy is not an inevitable sacrifice for progress. Not a trade-off for national security. Not a last-century value. And certainly not dead.
-
-Around the world, a growing movement of individuals and organizations is coming together to counter the status quo. To assert their rights, and to speak up for those who can’t. To resist the relentless data economy. To hold accountable those who abuse their power. And to keep fighting: For a human-centred internet, for the thriving of democracy, and for a future free from surveillance.
-
-<h4 class="eof">Join us</h4>
-<br>
diff --git a/src/content/es/pages/openvpn-configuration.md b/src/content/es/pages/openvpn-configuration.md
deleted file mode 100644
index 0e5d62b16..000000000
--- a/src/content/es/pages/openvpn-configuration.md
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: OpenVPN Configuration
-url: /openvpn-config/
-layout: openvpn-config
----
diff --git a/src/content/es/pages/pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard.md b/src/content/es/pages/pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard.md
deleted file mode 100644
index d9cd9bbf6..000000000
--- a/src/content/es/pages/pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard.md
+++ /dev/null
@@ -1,384 +0,0 @@
----
-title: PPTP vs IPSec IKEv2 vs OpenVPN vs WireGuard
-description: Compare PPTP, IPSec IKEv2, OpenVPN and WireGuard to determine which VPN protocol offers the best combination of security, speed and ease of use for your needs.
-url: /pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard/
-layout: full-width
----
-# Comparison of VPN protocols
-
-{{< raw-html >}}
-<div class="content--hidden-mobile">
-{{< / raw-html >}}
-
-<div class="navbar" id="navbar">
-    <div id="sticky">
-        <h3>PPTP</h3>
-        <h3>IPSec IKEv2</h3>
-        <h3>OpenVPN</h3>
-        <h3>WireGuard</h3>
-    </div>
-</div>
-
-{{< raw-html >}}
-<table class="table--fixed">
-    <tr>
-        <th colspan="4">
-            <h3>Intro</h3>
-        </th>
-    </tr>
-    <tr>
-        <td>A very basic VPN protocol based on PPP. The PPTP specification does not actually describe encryption or authentication features and relies on the PPP protocol being tunneled to implement security functionality.</td>
-        <td>IKEv2 (Internet key exchange version 2) is part of the IPSec protocol suite. Standardized in <a href="https://tools.ietf.org/html/rfc7296">RFC 7296</a>. IPSec has become the defacto standard protocol for secure Internet communications, providing confidentiality, authentication and integrity.</td>
-        <td>Open-source VPN protocol developed by OpenVPN technologies. Very popular however not based on standards (RFC). Uses a custom security protocol and <a href="https://en.wikipedia.org/wiki/Transport_Layer_Security">SSL/TLS</a> for key exchange. Provides full confidentiality, authentication and integrity.</td>
-        <td><a href="https://www.wireguard.com/">WireGuard®</a> is an extremely fast VPN protocol with very little overhead and state-of-the-art cryptography. It has the potential to offer a simpler, more secure, more efficient, and easier to use VPN over existing technologies.</td>
-    </tr>
-</table>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<table class="table--fixed">
-    <tr>
-        <th colspan="4">
-            <h3>Encryption</h3>
-        </th>
-    </tr>
-    <tr>
-        <td>The PPP payload is encrypted using Microsoft's Point-to-Point Encryption protocol (<a href="http://en.wikipedia.org/wiki/Microsoft_Point-to-Point_Encryption">MPPE</a>). MPPE implements the RSA <a href="http://en.wikipedia.org/wiki/RC4">RC4</a> encryption algorithm with a maximum of 128 bit session keys.</td>
-        <td>IKEv2 implements a large number of <a href="https://wiki.strongswan.org/projects/strongswan/wiki/IKEv2CipherSuites">cryptographic algorithms</a> including 3DES, AES, Blowfish, Camellia. IVPN implements IKEv2 using AES with 256 bit keys.</td>
-        <td>OpenVPN uses the <a href="http://en.wikipedia.org/wiki/OpenSSL">OpenSSL</a> library to provide encryption. OpenSSL implements a large number of <a href="https://en.wikipedia.org/wiki/OpenSSL#Algorithms">cryptographic algorithms</a> such as 3DES, AES, RC5, Blowfish.<br> As with IKEv2, IVPN implements AES with 256 bit keys.</td>
-        <td>Built atop ChaCha20 for symmetric encryption (<a href="https://tools.ietf.org/html/rfc7539">RFC7539</a>), Curve25519 for Elliptic-curve Diffie–Hellman (ECDH) anonymous key agreement, BLAKE2s for hashing (<a href="https://tools.ietf.org/html/rfc7693">RFC7693</a>), SipHash24 for hashtable keys, and HKDF for key derivation (<a href="https://tools.ietf.org/html/rfc5869">RFC5869</a>). Makes use of a UDP-based handshake and the key exchange uses perfect forward secrecy while avoiding both key-compromise impersonation and replay attacks.</td>
-    </tr>
-</table>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<table class="table--fixed">
-    <tr>
-        <th colspan="4">
-            <h3>Security weaknesses</h3>
-        </th>
-    </tr>
-    <tr>
-        <td>The Microsoft implementation of PPTP has <a href="http://www.schneier.com/paper-pptpv2.html">serious security vulnerabilities</a>. MSCHAP-v2 is vulnerable to dictionary attack and the RC4 algorithm is subject to a bit-flipping attack. Microsoft strongly recommends upgrading to IPSec where confidentiality is a concern.</td>
-        <td>IPSec has no known major vulnerabilities and is generally considered secure when implemented using a secure encryption algorithm and certificates for authentication. However <a href="https://github.com/nsa-observer/documents/blob/master/files/pdf/media-35529.pdf">Leaked NSA presentations</a> indicate that IKE could be exploited in an unknown manner to decrypt IPSec traffic.</td>
-        <td>OpenVPN has no known major vulnerabilities and is generally considered secure when implemented using a secure encryption algorithm and certificates for authentication.</td>
-        <td>WireGuard® has no known major vulnerabilities. It is relatively new and has not seen the thorough vetting of OpenVPN, though the code-base is extremely small, so full audits are possible by individuals and not just large organizations. WireGuard® is in-tree with Linux Kernel 5.6 and has been reviewed by a 3rd party auditor.</td>
-    </tr>
-</table>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<table class="table--fixed">
-    <tr>
-        <th colspan="4">
-            <h3>Speed</h3>
-        </th>
-    </tr>
-    <tr>
-        <td>With RC4 and 128 bit keys, the encryption overhead is least of all protocols making PPTP the fastest.</td>
-        <td>IPSec with IKEv2 should in theory be the faster than OpenVPN due to user-mode encryption in OpenVPN however it depends on many variables specific to the connection. In most cases it is faster than OpenVPN.</td>
-        <td>When used in its default UDP mode on a reliable network OpenVPN performs similarly to IKEv2.</td>
-        <td>WireGuard® benefits from extremely high-speed cryptographic primitives and deep integration with underlying operating system kernel, so speeds are very high with low overhead. Most customers report higher speeds than OpenVPN.</td>
-    </tr>
-</table>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<table class="table--fixed">
-    <tr>
-        <th colspan="4">
-            <h3>Firewall ports</h3>
-        </th>
-    </tr>
-    <tr>
-        <td>PPTP uses TCP port 1723 and GRE (Protocol 47). PPTP can be easily blocked by restricting the GRE protocol.</td>
-        <td>IKEv2 uses UDP 500 for the initial key exchange, protocol 50 for the IPSEC encrypted data (ESP) and UDP 4500 for NAT traversal.<br> IKEv2 is easier to block than OpenVPN due to its reliance on fixed protocols and ports.</td>
-        <td>OpenVPN can be easily configured to run on any port using either UDP or TCP thereby easily bypassing restrictive firewalls.</td>
-        <td>WireGuard® uses the UDP protocol and can be configured to use any port. May succumb to traffic shaping more easily than OpenVPN due to lack of support for TCP.</td>
-    </tr>
-</table>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<table class="table--fixed">
-    <tr>
-        <th colspan="4">
-            <h3>Setup / Configuration</h3>
-        </th>
-    </tr>
-    <tr>
-        <td>All versions of Windows and most other operating systems (including mobile) have native support for PPTP. PPTP only requires a username, password and server address making it incredibly simple to setup and configure.</td>
-        <td>Windows 7+, macOS 10.11+ and most mobile operating systems have native support for IPSec with IKEv2.</td>
-        <td>OpenVPN is not included in any operating system release and requires the installation of client software. Installation typically takes less than 5 minutes.</td>
-        <td>WireGuard® is in-tree with Linux Kernel 5.6. Other non-linux operating systems require the installation of a WireGuard® client app. Installation typically takes less than 5 minutes.</td>
-    </tr>
-</table>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<table class="table--fixed">
-    <tr>
-        <th colspan="4">
-            <h3>Stability / Compatibility</h3>
-        </th>
-    </tr>
-    <tr>
-        <td>PPTP is not as reliable, nor does it recover as quickly as OpenVPN over unstable network connections. Minor compatibility issues with the GRE protocol and some routers.</td>
-        <td>IPSec is more complex than OpenVPN and can require additional configuration between devices behind NAT routers. However as long as both the server and client support NAT traversal there shouldn't be any issues.</td>
-        <td>Very stable and fast over wireless, cellular and other non reliable networks where packet loss and congestion is common. OpenVPN has a TCP mode for highly unreliable connections but this mode sacrifices significant performance due to the inefficiency of encapsulating TCP within TCP.</td>
-        <td>Extremely stable and robust. More stable than OpenVPN when roaming across networks. Uses an initial endpoint for connections and can switch servers while maintaining the connection. Client can also change networks without dropping the connection.</td>
-    </tr>
-</table>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<table class="table--fixed">
-    <tr>
-        <th colspan="4">
-            <h3>Supported platforms</h3>
-        </th>
-    </tr>
-    <tr>
-        <td>
-            <a href="/apps-windows/">Windows</a><br>
-            <a href="/apps-macos/">macOS</a><br>
-            <a href="/apps-linux/">Linux</a><br>
-            <a href="/apps-ios/">Apple iOS</a><br>
-            <a href="/apps-android/">Android</a><br>
-            <a href="/setup/router/">DD-WRT</a>
-        </td>
-        <td>
-            <a href="/apps-windows/">Windows</a><br>
-            <a href="/apps-macos/">macOS</a><br>
-            <a href="/apps-linux/">Linux</a><br>
-            <a href="/apps-ios/">Apple iOS</a><br>
-            <a href="/apps-android/">Android</a>
-        </td>
-        <td>
-            <a href="/apps-windows/">Windows</a><br>
-            <a href="/apps-macos/">macOS</a><br>
-            <a href="/apps-linux/">Linux</a><br>
-            <a href="/apps-ios/">Apple iOS</a><br>
-            <a href="/apps-android/">Android</a><br>
-            <a href="/setup/router/">DD-WRT (with the correct build)</a>
-        </td>
-        <td>
-            <a href="/apps-windows/">Windows</a><br>
-            <a href="/apps-macos/">macOS</a><br>
-            <a href="/apps-linux/">Linux</a><br>
-            <a href="/apps-ios/">Apple iOS</a><br>
-            <a href="/apps-android/">Android</a>
-        </td>
-    </tr>
-</table>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<table class="table--fixed">
-    <tr>
-        <th colspan="4">
-            <h3>Verdict</h3>
-        </th>
-    </tr>
-    <tr>
-        <td><img src="/images-static/uploads/icon-dislike.svg"></td>
-        <td><img src="/images-static/uploads/icon-like.svg"></td>
-        <td><img src="/images-static/uploads/icon-like.svg"></td>
-        <td><img src="/images-static/uploads/icon-like.svg"></td>
-    </tr>
-    <tr>
-        <td>Due to the major security flaws, there is no good reason to choose PPTP other than device compatibility. If you have a device on which only PPTP is supported then you should consider how to encrypt data at other layers e.g. HTTPS.</td>
-        <td>IKEv2 is an excellent choice, it is extremely fast, secure and reliable. In addition unlike OpenVPN it requires no additional software to be installed (in most cases) and is therefor the quickest to configure. If you have a threat model that includes sophisticated adversaries then you may want to consider OpenVPN due to the leaked NSA presentations discussed above.</td>
-        <td>OpenVPN is an excellent choice for all platforms. It is extremely fast, secure and reliable.</td>
-        <td>WireGuard® is an excellent choice and may be the best protocol for high speeds. WireGuard® promises better security and faster speeds compared to existing solutions. Since its merge into Linux Kernel (v5.6) and the release of v1.0, we consider WireGuard® to be ready for wide-scale use.</td>
-    </tr>
-</table>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-</div>
-{{< / raw-html >}}
-
-
-{{< raw-html >}}
-<div class="content--hidden-desktop">
-{{< / raw-html >}}
-
-## PPTP
-
-### Intro
-
-A very basic VPN protocol based on PPP. The PPTP specification does not actually describe encryption or authentication features and relies on the PPP protocol being tunneled to implement security functionality.
-
-### Encryption
-
-The PPP payload is encrypted using Microsoft's Point-to-Point Encryption protocol ([MPPE](http://en.wikipedia.org/wiki/Microsoft_Point-to-Point_Encryption)). MPPE implements the RSA <a href="http://en.wikipedia.org/wiki/RC4">RC4</a> encryption algorithm with a maximum of 128 bit session keys.
-
-### Security weaknesses
-
-The Microsoft implementation of PPTP has [serious security vulnerabilities](http://www.schneier.com/paper-pptpv2.html). MSCHAP-v2 is vulnerable to dictionary attack and the RC4 algorithm is subject to a bit-flipping attack. Microsoft strongly recommends upgrading to IPSec where confidentiality is a concern.
-
-### Speed
-
-With RC4 and 128 bit keys, the encryption overhead is least of all protocols making PPTP the fastest.
-
-### Firewall ports
-
-PPTP uses TCP port 1723 and GRE (Protocol 47). PPTP can be easily blocked by restricting the GRE protocol.
-
-### Setup / Configuration
-
-All versions of Windows and most other operating systems (including mobile) have native support for PPTP. PPTP only requires a username, password and server address making it incredibly simple to setup and configure.
-
-### Stability / Compatibility
-
-PPTP is not as realiable, nor does it recover as quickly as OpenVPN over unstable network connections. Minor compatibility issues with the GRE protocol and some routers.
-
-### Supported platforms
-
-[Windows](/apps-windows/)  
-[macOS](/apps-macos/)  
-[Linux](/apps-linux/)  
-[Apple iOS](/apps-ios/)  
-[Android](/apps-android/)  
-[DD-WRT](/setup/router/)  
-
-### Verdict ![](/images-static/uploads/icon-dislike.svg)
-
-Due to the major security flaws, there is no good reason to choose PPTP other than device compatibility. If you have a device on which only PPTP is supported then you should consider how to encrypt data at other layers e.g. HTTPS.
-
-
-## IPSec IKEv2
-
-### Intro
-
-IKEv2 (Internet key exchange version 2) is part of the IPSec protocol suite. Standardized in [RFC 7296](https://tools.ietf.org/html/rfc7296). IPSec has become the defacto standard protocol for secure Internet communications, providing confidentiality, authentication and integrity.
-
-### Encryption
-
-IKEv2 implements a large number of [cryptographic algorithms](https://wiki.strongswan.org/projects/strongswan/wiki/IKEv2CipherSuites) including 3DES, AES, Blowfish, Camellia. IVPN implements IKEv2 using AES with 256 bit keys.
-
-### Security weaknesses
-
-IPSec has no known major vulnerabilities and is generally considered secure when implemented using a secure encryption algorithm and certificates for authentication. However [Leaked NSA presentations](https://github.com/nsa-observer/documents/blob/master/files/pdf/media-35529.pdf) indicate that IKE could be exploited in an unknown manner to decrypt IPSec traffic.
-
-### Speed
-
-IPSec with IKEv2 should in theory be the faster than OpenVPN due to user-mode encryption in OpenVPN however it depends on many variables specific to the connection. In most cases it is faster than OpenVPN.
-
-### Firewall ports
-
-IKEv2 uses UDP 500 for the initial key exchange, protocol 50 for the IPSEC encrypted data (ESP) and UDP 4500 for NAT traversal.  
-IKEv2 is easier to block than OpenVPN due to its reliance on fixed protocols and ports.
-
-### Setup / Configuration
-
-Windows 7+, macOS 10.11+ and most mobile operating systems have native support for IPSec with IKEv2.
-
-### Stability / Compatibility
-
-IPSec is more complex than OpenVPN and can require additional configuration between devices behind NAT routers. However as long as both the server and client support NAT traversal there shouldn't be any issues.
-
-### Supported platforms
-
-[Windows](/apps-windows/)  
-[macOS](/apps-macos/)  
-[Linux](/apps-linux/)  
-[Apple iOS](/apps-ios/)  
-[Android](/apps-android/)  
-
-### Verdict ![](/images-static/uploads/icon-like.svg)
-
-IKEv2 is an excellent choice, it is extremely fast, secure and reliable. In addition unlike OpenVPN it requires no additional software to be installed (in most cases) and is therefor the quickest to configure. If you have a threat model that includes sophisticated adversaries then you may want to consider OpenVPN due to the leaked NSA presentations discussed above.
-
-
-## OpenVPN
-
-### Intro
-
-Open-source VPN protocol developed by OpenVPN technologies. Very popular however not based on standards (RFC). Uses a custom security protocol and [SSL/TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security) for key exchange. Provides full confidentiality, authentication and integrity.
-
-### Encryption
-
-OpenVPN uses the [OpenSSL](http://en.wikipedia.org/wiki/OpenSSL) library to provide encryption. OpenSSL implements a large number of [cryptographic algorithms](https://en.wikipedia.org/wiki/OpenSSL#Algorithms) such as 3DES, AES, RC5, Blowfish.  
-As with IKEv2, IVPN implements AES with 256 bit keys.
-
-### Security weaknesses
-
-OpenVPN has no known major vulnerabilities and is generally considered secure when implemented using a secure encryption algorithm and certificates for authentication.
-
-### Speed
-
-When used in its default UDP mode on a reliable network OpenVPN performs similarly to IKEv2.
-
-### Firewall ports
-
-OpenVPN can be easily configured to run on any port using either UDP or TCP thereby easily bypassing restrictive firewalls.
-
-### Setup / Configuration
-
-OpenVPN is not included in any operating system release and requires the installation of client software. Installation typically takes less than 5 minutes.
-
-### Stability / Compatibility
-
-Very stable and fast over wireless, cellular and other non reliable networks where packet loss and congestion is common. OpenVPN has a TCP mode for highly unreliable connections but this mode sacrifices significant performance due to the inefficiency of encapsulating TCP within TCP.
-
-### Supported platforms
-
-[Windows](/apps-windows/)  
-[macOS](/apps-macos/)  
-[Linux](/apps-linux/)  
-[Apple iOS](/apps-ios/)  
-[Android](/apps-android/)  
-[DD-WRT (with the correct build)](/setup/router/) 
-
-### Verdict ![](/images-static/uploads/icon-like.svg)
-
-OpenVPN is an excellent choice for all platforms. It is extremely fast, secure and reliable.
-
-
-## WireGuard
-
-### Intro
-
-[WireGuard®](https://www.wireguard.com/) is an extremely fast VPN protocol with very little overhead and state-of-the-art cryptography. It has the potential to offer a simpler, more secure, more efficient, and easier to use VPN over existing technologies.
-
-### Encryption
-
-Built atop ChaCha20 for symmetric encryption ([RFC7539](https://tools.ietf.org/html/rfc7539)), Curve25519 for Elliptic-curve Diffie–Hellman (ECDH) anonymous key agreement, BLAKE2s for hashing ([RFC7693](https://tools.ietf.org/html/rfc7693)), SipHash24 for hashtable keys, and HKDF for key derivation ([RFC5869](https://tools.ietf.org/html/rfc5869)). Makes use of a UDP-based handshake and the key exchange uses perfect forward secrecy while avoiding both key-compromise impersonation and replay attacks.
-
-### Security weaknesses
-
-WireGuard® has no known major vulnerabilities. It is relatively new and has not seen the thorough vetting of OpenVPN, though the code-base is extremely small, so full audits are possible by individuals and not just large organizations. WireGuard® is in-tree with Linux Kernel 5.6 and has been reviewed by a 3rd party auditor.
-
-### Speed
-
-WireGuard® benefits from extremely high-speed cryptographic primitives and deep integration with underlying operating system kernel, so speeds are very high with low overhead. Most customers report higher speeds than OpenVPN.
-
-### Firewall ports
-
-WireGuard® uses the UDP protocol and can be configured to use any port. May succumb to traffic shaping more easily than OpenVPN due to lack of support for TCP.
-
-### Setup / Configuration
-
-WireGuard® is in-tree with Linux Kernel 5.6. Other non-linux operating systems require the installation of a WireGuard® client app. Installation typically takes less than 5 minutes.
-
-### Stability / Compatibility
-
-Extremely stable and robust. More stable than OpenVPN when roaming across networks. Uses an initial endpoint for connections and can switch servers while maintaining the connection. Client can also change networks without dropping the connection.
-
-### Supported platforms
-
-[Windows](/apps-windows/)  
-[macOS](/apps-macos/)  
-[Linux](/apps-linux/)  
-[Apple iOS](/apps-ios/)  
-[Android](/apps-android/)  
-
-### Verdict ![](/images-static/uploads/icon-like.svg)
-
-WireGuard® is an excellent choice and may be the best protocol for high speeds. WireGuard® promises better security and faster speeds compared to existing solutions. Since its merge into Linux Kernel (v5.6) and the release of v1.0, we consider WireGuard® to be ready for wide-scale use.
-
-{{< raw-html >}}
-</div>
-{{< / raw-html >}}
diff --git a/src/content/es/pages/pricing-teams.md b/src/content/es/pages/pricing-teams.md
deleted file mode 100644
index 84be5b2d5..000000000
--- a/src/content/es/pages/pricing-teams.md
+++ /dev/null
@@ -1,109 +0,0 @@
----
-title: IVPN business and nonprofit teams pricing
-description: We offer discounts for businesses and nonprofit organizations that need a trustworthy VPN for their teams.
-url: /pricing-teams/
----
-# IVPN for teams
-
-IVPN is well suited for distributed team members to improve their privacy from unwanted data collection and data security on untrusted networks. We offer volume discounts, administrative tools and 2FA on demand. We cannot provide dedicated servers/IPs or facilitate access to corporate networks.
-
-IVPN Pro pricing for companies:
-
-<div class="price-box">
-<table>
-<thead>
-<tr>
-<th></th>
-<th>per user per month</th>
-<th>per user per year</th>
-</tr>
-</thead>
-<tbody>
-<tr>
-<td>Up to 20 seats</td>
-<td>$9</td>
-<td>$90</td>
-</tr>
-<tr>
-<td>21 to 40 seats</td>
-<td>$8</td>
-<td>$80</td>
-</tr>
-<tr>
-<td>41 to 60 seats</td>
-<td>$7</td>
-<td>$70</td>
-</tr>
-<tr>
-<td>61 to 80 seats</td>
-<td>$6</td>
-<td>$60</td>
-</tr>
-<tr>
-<td>80 plus seats</td>
-<td>$5</td>
-<td>$50</td>
-</tr>
-</tbody>
-</table>
-</div>
-
-[Email us](mailto:team-support@ivpn.net) to purchase IVPN team accounts for your company.
-
-## IVPN for nonprofit organisations
-
-We offer steep discounts for nonprofit organizations that need a trustworthy VPN for their members.
-
-IVPN Pro Pricing for nonprofits:
-
-<div class="price-box">
-<table>
-<thead>
-<tr>
-<th></th>
-<th>per user per month</th>
-<th>per user per year</th>
-</tr>
-</thead>
-<tbody>
-<tr>
-<td>5+ seats</td>
-<td>$3</td>
-<td>$30</td>
-</tr>
-</tbody>
-</table>
-</div>
-
-To qualify for this discount, your organisation must be a verified nonprofit.
-
-[Email us](mailto:team-support@ivpn.net) to purchase IVPN non-profit team accounts.
-
-## IVPN Pro team account benefits
-
-* Access on up to 7 devices per seat
-* Open-source applications for Android, iOS, macOS, Windows and Linux
-* Private DNS servers
-* Anti-tracker
-* Multi-hop
-* Killswitch/firewall and obfuscation methods where applicable
-
-## Payment options
-
-* Credit card
-* PayPal
-* Bitcoin
-* Monero
-* Wire transfer (50+ accounts)
-
-## Why trust IVPN?
-
-* Regularly audited no-logs VPN service
-* 10 year+ track record in serving customers
-* Clear privacy policy
-* Transparent ownership and team
-* Strong ethics: no trackers, no false promises, no surveillance ads
-
-Any questions remaining? [Contact us](mailto:team-support@ivpn.net).
-
-These offers are valid for businesses and organisations purchasing IVPN accounts for their team members. Reselling of IVPN accounts is prohibited as per our Terms of Service. 
diff --git a/src/content/es/pages/pricing.md b/src/content/es/pages/pricing.md
deleted file mode 100644
index dd554a1eb..000000000
--- a/src/content/es/pages/pricing.md
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: IVPN Pricing - VPN subscription with anonymous registration
-description: Generate an IVPN Standard or Pro account - no email address required. We accept credit cards, Paypal, Bitcoin or cash payments. 30-day money-back guarantee.
-url: /pricing/
-layout: application
----
diff --git a/src/content/es/pages/privacy-guides/18-questions-to-ask-your-vpn-service-provider.md b/src/content/es/pages/privacy-guides/18-questions-to-ask-your-vpn-service-provider.md
deleted file mode 100644
index dbe9d85b2..000000000
--- a/src/content/es/pages/privacy-guides/18-questions-to-ask-your-vpn-service-provider.md
+++ /dev/null
@@ -1,162 +0,0 @@
----
-title: 18 Questions to ask your VPN Service provider
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/18-questions-to-ask-your-vpn-service-provider/
-section: Basic
-weight: 10
-articles: [
-  {
-    title: "Will a VPN Protect Me? Defining Your Threat Model",
-    url: "/privacy-guides/will-a-vpn-protect-me/"
-  },
-  {
-    title: "An Introduction to Privacy & Anonymity",
-    url: "privacy-guides/an-introduction-to-privacy-anonymity/"
-  },
-]
-date: 2021-10-26T10:46:16+00:00
-layout: guides-details
----
-### Introduction
-
-Choosing a VPN service can be a nerve–wracking ordeal. You've probably read about the Snowden leaks and NSA related revelations about mass surveillance. You probably don't trust your ISP to protect your privacy (and as the [FTC concluded in 2021](https://www.ftc.gov/system/files/documents/reports/look-what-isps-know-about-you-examining-privacy-practices-six-major-internet-service-providers/p195402_isp_6b_staff_report.pdf), you really shouldn't). Perhaps you don't trust your government. You may even distrust all governments and corporations.
-
-Indeed, you may not trust this guide, and think that it's just an advertorial. While that's an understandable concern, I invite you to read on, and judge for yourself. I also invite you to read this in the context of my other writings about VPNs, Tor and such, primarily on [Wilders Security Forums][1] and [Tor.StackExchange][2].
-
-If you're especially concerned about privacy, you may want to obscure your research about VPN providers. Although many people use VPN services, extensive research might flag you as someone with something important to hide. You can mitigate that risk by using a free VPN service at this step (such as [Calyx VPN](https://calyxinstitute.org/projects/digital-services/vpn)) and free webmail (such as [mailbox.org](https://mailbox.org) or [RiseUP](https://riseup.net)). For even better privacy, you can add the [Tor Browser Bundle][3] to tunnel Tor through CalyxVPN, and connect through the hidden service access when offered, like [Mailbox.org][29] or [RiseUP][5] do.
-
-Relatively little reliable and trustworthy information about VPN services is available online. It's generally best to ignore 'best VPN' and 'VPN review' sites. Most of them feature paid reviews, and some are protection rackets, featuring bad reviews for VPN services that refuse to buy favorable reviews. Even the honest ones are typically just popularity contests, dominated by clueless torrent users and wannabe 'hackers'. If you ever need to get information from a dedicated VPN review source look for those that don't use affiliate parameters on outgoing links (or even better, remove referer information).
-
-
-### TorrentFreak's Surveys
-
-TorrentFreak's VPN surveys are notable exceptions to the norm. In late 2011, it became clear that Luzlsec member 'Recursion' had been identified and arrested based on connection logs that the VPN service HideMyAss provided to the FBI. TorrentFreak responded by publishing ['Which VPN Service Providers Really Take Anonymity Seriously?'][5] (now rephrased as "Which VPN Providers Really Take Privacy Seriously?"). This Q&A has been updated yearly since the original version, now supplying unedited answers to 12 privacy-related questions.
-
-These are the following (as of [2023][6]):
-
-1. Do you keep (or share with third parties) ANY data that would allow you to match an IP-address and a timestamp to a current or former user of your service? If so, exactly what information do you hold/share and for how long?
-2. What is the name under which your company is incorporated (+ parent companies, if applicable) and under which jurisdiction does your company operate?
-3. What tools are used to monitor and mitigate abuse of your service, including limits on concurrent connections if these are enforced?
-4. Do you use any external email providers (e.g. Google Apps), analytics, or support tools ( e.g Live support, Zendesk) that hold information provided by users?
-5. In the event you receive a DMCA takedown notice or a non-US equivalent, how are these handled?
-6. What steps would be taken in the event a court orders your company to identify an active or former user of your service? How would your company respond to a court order that requires you to log activity for a user going forward? Have these scenarios ever played out in the past?
-7. Is BitTorrent and other file-sharing traffic allowed on all servers? If not, why? Do you provide port forwarding services? Are any ports blocked?
-8. Which payment systems/providers do you use? Do you take any measures to ensure that payment details can’t be linked to account usage or IP-assignments?
-9. What is the most secure VPN connection and encryption algorithm you would recommend to your users?
-10. Do you provide tools such as “kill switches” if a connection drops and DNS/IPv6 leak protection? Do you support Dual Stack IPv4/IPv6 functionality?
-11. Are any of your VPN servers hosted by third parties? If so, what measures do you take to prevent those partners from snooping on any inbound and/or outbound traffic? Do you use your own DNS servers?
-12. In which countries are your servers physically located? Do you offer virtual locations?
-
-Introducing their results, they note:
-
-> Choosing the right VPN can be a tricky endeavor. There are hundreds of VPN services out there, all promising to keep you private but some are more private than others. To help you pick the best one for your needs, we asked dozens of VPNs to detail their logging practices, how they handle torrent users, and what else they do to keep you as anonymous as possible.
-
-This is arguably a fairly comprehensive starting list. TorrentFreak staff seem dedicated and knowledgeable, and their earlier surveys attracted the attention of many providers that had been omitted. But there are two key limitations. First, more obscure and low-key privacy-friendly VPN services don't appear on the TorrentFreak lists (e.g. cryptostorm). Some providers don't cater to BitTorrent users and have no motivation to appear on this list. Second, TorrentFreak is, for the most part, merely summarizing VPN providers' responses, and has not verified any of their claims. Comments in both reviews are also worth reading, by the way, but can't always be taken seriously.
-
-Even so, revelations about three providers – EarthVPN.com, Proxy.sh and PureVPN – demonstrate the risk of relying on providers' privacy claims. In early 2013, an EarthVPN customer was reportedly arrested based on logs kept by its hosting provider in the Netherlands. EarthVPN denied responsibility, maintaining that they 'do not keep logs', and said that they no longer use that provider. Although the actual dialog between EarthVPN and its customer ([here](https://web.archive.org/web/20130626030500/http://lowendtalk.com/discussion/11348/problems-with-my-life-situation/) (in comments) and [here](https://web.archive.org/web/20130731123057/http://lowendtalk.com/discussion/11348/problems-with-my-life-situation/p2)), the pages aren't accessible anymore but they were archived by the [Wayback Machine](https://wayback.archive.org), there are quotes and discussion in the [AirVPN](https://airvpn.org/topic/9958-importance-of-partition-of-trust-for-critical-data-exchanges/) forums.  Also, keep in mind that ISPs can log as easily as hosting providers can.
-
-In TorrentFreak's 2011 and 2013 surveys, Proxy.sh responded: 'No information whatsoever is being recorded or held in our facilities. Our services are run from RAM and all our system services come with state-of-the-art configuration that ensures nothing is left after usage.' However, in late September 2013, they installed [Wireshark](https://www.wireshark.org) on one of their US servers, and retained packet captures for several hours. This was reportedly a voluntary response to complaints about hacking and harassment by one of their customers. For more specifics, see these TorrentFreak articles ([here](https://torrentfreak.com/proxy-sh-vpn-provider-monitored-traffic-to-catch-hacker-130930/) and [here](https://torrentfreak.com/vpns-is-it-ok-to-monitor-bad-users-on-ethical-grounds-131006/)). In TorrentFreak's 2014 survey, Proxy.sh answered as follows to the first question:
-
-> We do not keep any logs and we do not record any IP-address, headers or anything. In terms of time stamp, we only record those associated with support tickets creation and update (invoices and renewals are only recorded by date) for management purposes. The only personal information we do record is an email address and a payment type, that corresponds to either the word “Money” or “Bitcoin”. This is made clear in our privacy policy. Our system will also hold services credentials, namely the account password and network login/password pair. All this data can be permanently removed at any time on customer’s request. All other data and information involved in our operations (connections, traffic, etc.) is neither monitored nor recorded.
-
-A more recent example of VPN provider caught lying about keeping no logs came in 2017. As reported in [BleepingComputer](https://www.bleepingcomputer.com/news/security/cyberstalking-suspect-arrested-after-vpn-providers-shared-logs-with-the-fbi/) the FBI have arrested a cyberstalking suspect with the help of IP address logs obtained from PureVPN. PureVPN claimed (and still claims) they keep no logs about customer activities. 
-
-Conversely, these incidents also demonstrate that news spreads very quickly on the Internet. With all of that in mind, I recommend starting with VPN services that meet the following criteria:
-
-  1. It appears in TorrentFreak's survey (adding others to your shortlist that you think were improperly omitted).
-  2. It's not listed as logging in TorrentFreak's surveys.
-  3. It has been in business for at least three years.
-  4. An hour or so of Web searching reveals no evidence of privacy violations.
-
-Further positive signals you can look for:
-
-  5. Open source VPN applications.
-  6. Use of open source VPN protocols.
-  7. Publicly available audit results from independent, third-party auditors that investigate no-logs claims. Audits however, are constrained by their scope and provide only a temporary view, they are not persistent proofs about claims.
-
-Nowadays, all of the VPN services in TorrentFreak's survey deny keeping persistent logs. Assessing the plausibility of such claims in the context of pursuant data-retention requirements is a can of worms. Claims that there are no data-retention requirements in the US seem laughable in light of NSA documents released by Edward Snowden. The situation in Europe is complicated since the passing of [GDPR](https://en.wikipedia.org/wiki/General_Data_Protection_Regulation) and tensions between the 1995 Data Protection Directive and national legislations. The exact extent of NSA spying and EU collaboration with US operations is unknown and adds more uncertainty. For more about this issue generally, see [EFF's summary page][7].
-
-### Presales Questions
-
-In focusing your search, it's important to select VPN providers that support your specific privacy goals. I recommend carefully browsing providers' websites, and carefully reading their terms of service and privacy policy. Look for clear and unambiguous language, and be suspicious of legalese boilerplate.
-
-For example, if you plan to share copyrighted media via BitTorrent, it's obviously best to avoid providers that explicitly discourage such use. If the availability of numerous exit IP addresses is important, choose accordingly, but consider the tension between variety and security. It's arguably more likely that providers with numerous exits are using virtual private servers.
-
-In contacting providers with presales questions, start with basic questions, such as #1, #3, #5 and #7 from the TorrentFreak list. It's generally best to ask questions for which you have reliable and independent answers. However, at least initially, it's also best to ask without revealing what you've already learned.
-
-How prospective VPN providers answer your questions can be as informative as the answers they give. You want answers that are prompt, complete, clear and accurate. Vague or incorrect answers to technical questions imply dishonesty and/or incompetence. Delayed answers don't bode well for future customer support.
-
-Here are some additional questions that you might ask, followed by expected answers and explanations. For technical questions, the OpenVPN [manual][9] and [How-to][10], and WireGuard's [official page](https://www.wireguard.com) are useful resources.
-
-  1. [Is there a monthly bandwidth-usage limit?][11]
-  2. [Do you throttle connections that use excessive bandwidth?][12]
-  3. [How many concurrent connections are allowed per account?][13]
-  4. [How many hops are there in your VPN connections?][14]
-  5. [What type(s) of VPN encryption do you use? Why?][15]
-  6. [Do you support perfect forward secrecy? If so, how?][16]
-  7. [Do you provide users with Diffie Hellman key files?][17]
-  8. [How do you authenticate clients – certificates/keys, or usernames/passwords?][18]
-  9. [Do you employ HMAC-Based TLS Authentication? If so, why?][19]
- 10. [Do you ever email usernames and passwords to customers?][20]
- 11. [Does each customer have a unique client certificate and key?][21]
- 12. [Are your VPN gateway servers hosted, co-located or in-house?][22]
- 13. [Are any of your VPN gateway servers running on VPS or cloud servers?][23]
- 14. [How are your VPN gateway servers protected?][24]
- 15. [Where is user account information stored?][25]
- 16. [How is communication between servers secured?][26]
- 17. [Do you allow port forwarding by users?][27]
- 18. [Are all client ports ever forwarded by default? If so, on which servers?][28]
-
-### Answers
-
-  1. {{< raw-html >}} {{< raw-html >}} <a name="q1"></a> {{< / raw-html >}}  {{< / raw-html >}} **Is there a monthly bandwidth-usage limit?** This restriction has become less common in recent years. Some providers use them for free tiers so prospective customers can sample their service before committing to a paid plan.  Usage limits for paid subscriptions are more common for VPN resellers, so it's probably best to avoid providers that impose them.
-  2. {{< raw-html >}} <a name="q2"></a> {{< / raw-html >}} **Do you throttle connections that use excessive bandwidth?** The best answer here depends on your goals. It's natural to want the fastest possible connections. However, if you have a very fast ISP link, you might be moving far more traffic than anyone else sharing your VPN exit. And that reduces your anonymity.
-  3. {{< raw-html >}} <a name="q3"></a> {{< / raw-html >}} **How many concurrent connections are allowed per account?** For VPN services with many exits, it's sometimes convenient to simultaneously work as multiple pseudonyms, each using its own exit. Also, you may want to simultaneously connect from multiple devices. However, this also facilitates account-sharing abuse, which may overload VPN servers and slow your connections.
-  4. {{< raw-html >}} <a name="q4"></a> {{< / raw-html >}} **How many hops are there in your VPN connections?** Most VPN services offer just one-hop connections. That is, you connect to a VPN gateway server, and your traffic exits to the Internet from the same server, or perhaps from another server on the same local network. With one-hop connections, it's easy for adversaries to log traffic entering and leaving the VPN server.
-  5. {{< raw-html >}} <a name="q5"></a> {{< / raw-html >}} **What type(s) of VPN encryption do you use? Why?** OpenVPN can operate in two distinct modes. One authenticates and encrypts using a shared static key. While that's very simple to set up, key compromise allows an adversary to decrypt all prior traffic. No reputable provider uses this. But if you receive just one key file from a provider, open it in a text editor, and look at the last line. If it includes 'CERTIFICATE', you're OK. But if it includes 'KEY', request a refund.The other OpenVPN mode uses SSL/TLS as a control channel, and encrypts the data channel with periodically changing static keys. If an adversary manages to compromise one of those data-channel keys, they can decrypt only that traffic, and not any past or future traffic. In other words, there is 'perfect forward secrecy'. By default, OpenVPN uses 1024-bit RSA for the certificates that authenticate SSL/TLS control-channel handshakes, and BF-CBC (128-bit) as the data-channel cipher. This is probably good enough in most cases, given perfect forward secrecy. However, it's arguable that providers using 2048-bit RSA and AES-256-CBC (256-bit) are generally more security conscious. 
-  Both BF-CBC and AES-256-CBC operate in Cipher Block Chaining (CBC) mode. If your provider uses something else (CFB, OFB, etc) they're either incompetent or have some very good reason. Ask them.\
-  New-kid-on-the-block VPN protocol WireGuard has seen a rapid adoption among VPN providers recently. The protocol was not designed with commercial VPN services and their privacy considerations in mind. Capable providers need to demonstrate they have solutions to the following problems: 1. Public IP address of peers are stored in memory (e.g. adding key management that deleted/reinstates configuration) 2. Tunnel IP address allocation/rotation (e.g. using backend calls generating new IP adresses that are distributed to all servers) 3. No perfect forward secrecy (e.g. use automatic key pair regeneration in regular time intervals).
-  6. {{< raw-html >}} <a name="q6"></a> {{< / raw-html >}} **Do you support perfect forward secrecy? If so, how?** Any provider using OpenVPN in SSL/TLS mode provides perfect forward secrecy. Additional hand waving beyond that should make you suspicious. As noted before, WireGuard implementation requires specific measures to support forward secrecy. 
-  7. {{< raw-html >}} <a name="q7"></a> {{< / raw-html >}} **Do you provide users with Diffie Hellman key files?** T his is a trick question. It's true that OpenVPN uses static Diffie Hellman key files in providing perfect forward secrecy. But that static Diffie Hellman key file ('dh1024.pem' or 'dh2048.pem') is needed only on the server. Any provider that supplies them to users is incompetent.
-  8. {{< raw-html >}} <a name="q8"></a> {{< / raw-html >}} **How do you authenticate clients – certificates/keys, or usernames/passwords?** In SSL/TLS mode, OpenVPN clients authenticate servers by checking whether a server has a certificate signed by the certificate authority certificate ('a.crt') that the provider has given them. OpenVPN supports two methods for servers to authenticate clients. One relies on certificates and keys (such as 'client.crt' and 'client.key'). The other relies on usernames and passwords (via auth-user-pass). Servers can use both, but that borders on overkill. For point-to-point connections, where full network access may be at stake, it's very important for servers to authenticate clients using certificates and keys. For VPN services, that's not an issue, because clients just get to see the Internet. Also, for VPN services, giving each client a unique certificate is a privacy risk.
-  9. {{< raw-html >}} <a name="q9"></a> {{< / raw-html >}} **Do you employ HMAC-Based TLS Authentication? If so, why?** With TLS authentication enabled (via tls-auth), servers ignore SSL/TLS handshake packets from clients that lack the correct HMAC signature. This feature protects VPN servers from DoS attacks, port scanning and other exploits. If implemented, providers may supply a key (typically 'ta.key') or one can be negotiated on the fly. This is partly a trick question. Any provider claiming that this is essential for perfect forward secrecy is either dishonest or incompetent.
-  10. {{< raw-html >}} <a name="q10"></a> {{< / raw-html >}} **Do you ever email usernames and passwords to customers?** This is a dangerous practice, but primarily for the provider. Adversaries that compromise usernames and passwords in transit can obtain free access, or even lock out paying users by changing passwords. There's also the risk that adversaries could implicate users in criminal activity.Even so, if you successfully change your password immediately after receipt, you're safe. If you can't login to change the password, complain and demand a new account. For providers that are otherwise attractive, I don't consider this a fatal error.
-  11. {{< raw-html >}} <a name="q11"></a> {{< / raw-html >}} **Does each customer have a unique client certificate and key?** This is another trick question. Privacy-friendly answers are using the same client certificate for all customers, or not providing one at all, and relying on username and password for authentication.It might seem like a good idea for each user to have their own certificate and key. And that's true in an enterprise context. But for VPN services it's very dangerous, because it potentially links user accounts to logged traffic. Some providers explain that they issue unique client certificates in order to facilitate nuking evil clients. However, it's just as easy to do that with usernames, and usernames are arguably more readily repudiated than certificates If this is a key issue for you, it's easy to test by purchasing two short-term subscriptions, paying with Bitcoins via Tor, and using temporary email addresses from [anonbox](https://anonbox.net/) etc.
-  12. {{< raw-html >}} <a name="q12"></a> {{< / raw-html >}} **Are your VPN gateway servers hosted, co-located, or in-house?** This is partially a trick question. I would be very suspicious of any VPN provider claiming that its servers are managed in-house. You could ask how they cover the cost of maintaining facilities with high-speed uplinks in multiple countries. The best plausible answer is that they build their own servers, and ship them to co-location facilities. Give extra points for server hardening. Typical physical hardening measures include embedding RAM in silicone rubber or thermal adhesive, and disabling USB ports.The most likely acceptable answer is that they use hosted dedicated servers. Give extra points for server hardening, such as using full-disk encryption, and keeping short-term logs in RAM (tempfs).
-  13. {{< raw-html >}} <a name="q13"></a> {{< / raw-html >}} **Are any of your VPN gateway servers running on VPS or cloud servers?** Providers should never deploy VPN gateway servers on virtual private servers (VPS) or cloud servers. Being virtual machines, they are fully controlled by the host operating system, and all activity and data is readily available through the host. Providers should always use dedicated servers that have been properly secured against unauthorized access.
-  14. {{< raw-html >}} <a name="q14"></a> {{< / raw-html >}} **How are your VPN gateway servers protected?** VPN services typically need servers playing three roles. There are gateway servers that establish VPN connections with clients, and also route client traffic to the Internet. For one-hop connections, one server may handle all of that. There are servers that host the service's website. And there are servers that manage user account information, and provide authentication services to gateway servers and web servers. All client traffic is routed through the gateway servers. Unless those servers are adequately secured, adversaries could compromise them, and so compromise users' privacy by logging their traffic. VPN gateway servers should be hardened according to industry standards such as the [CIS benchmarks][30] or the [NSA baseline guides][31].Most importantly, VPN gateway servers should not be running other network services, such as website hosting, or user accounting and authentication. Doing so substantially increases VPN gateway servers' attack service. You can verify what ports and services are accessible on a VPN gateway by using a port scanner such as nmap. However, keep in mind that many providers expose VPN servers on non-standard ports such as 80 (HTTP) and 443 (HTTPS) to evade firewall blocking.
-  15. {{< raw-html >}} <a name="q15"></a> {{< / raw-html >}} **Where is user account information stored?** Providers should ideally be storing this information on colocated or in-house servers that are suitably encrypted, hardened and protected against adversaries. Also, they should be segregating authentication data, which must be available to gateway servers, from accounting data, which may include users' private information, such as usage logs, email addresses and payment records.
-  16. {{< raw-html >}} <a name="q16"></a> {{< / raw-html >}} **How is communication between servers secured?** Well designed VPN services comprise networks of specialized servers with distinct roles that communicate securely with each other. For example, gateway servers must contact authentication servers to verify that users are authorized to connect. There are also backend provisioning systems that use rely on sales data from websites to create and update user accounts, and then update the authentication servers. Given the sensitivity of this data, and its value to adversaries, all communication among these servers must be securely encrypted. Most commonly, this relies on persistent OpenVPN or IPSec tunnels between servers.
-  17. {{< raw-html >}} <a name="q17"></a> {{< / raw-html >}} **Do you allow port forwarding by users?** When you are connected to a VPN service, the VPN gateway server protects your device from potentially hostile incoming connections in the same way that your LAN router or firewall does. However, allowing incoming connections on particular ports is essential for operating servers, or for participating in P2P networks where your node must be visible to other nodes. That process is called port forwarding. When port forwarding is enabled, your device is directly exposed to the Internet on the ports that have been forwarded, with no protection by the VPN service. An adversary may successfully exploit a vulnerability in a service that's listening on a forwarded port, and compromise your device. In addition to typical consequences such as botnet membership and data theft, an adversary may compromise your privacy and anonymity by 'phoning home' when when you're not using the VPN service.
-  18. {{< raw-html >}} <a name="q18"></a> {{< / raw-html >}} **Are all client ports ever forwarded by default? If so, on which servers?** Some VPN services forward all client ports by default. Some do so only on designated servers. For some services, it appears that port forwarding varies among servers with no pattern or documentation. Although it's possible to check for this using port scanning, it's complicated by the fact that many different clients using the same exit IP address may have the same ports forwarded.
-
- [1]: https://www.wilderssecurity.com/
- [2]: https://tor.stackexchange.com/
- [3]: https://www.torproject.org/projects/torbrowser.html.en
- [4]: http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/
- [5]: https://torrentfreak.com/which-vpn-providers-really-take-anonymity-seriously-111007/
- [6]: https://torrentfreak.com/best-vpn-anonymous-no-logging/
- [7]: https://www.eff.org/issues/mandatory-data-retention/
- [9]: https://openvpn.net/index.php/open-source/documentation/manuals/65-openvpn-20x-manpage.html
- [10]: https://openvpn.net/index.php/open-source/documentation/howto.html
- [11]: #q1
- [12]: #q2
- [13]: #q3
- [14]: #q4
- [15]: #q5
- [16]: #q6
- [17]: #q7
- [18]: #q8
- [19]: #q9
- [20]: #q10
- [21]: #q11
- [22]: #q12
- [23]: #q13
- [24]: #q14
- [25]: #q15
- [26]: #q16
- [27]: #q17
- [28]: #q18
- [29]: http://xy5d2mmnh6zjnroce4yk7njlkyafi7tkrameybxu43rgsg5ywhnelmad.onion
- [30]: https://benchmarks.cisecurity.org/en-us/?route=downloads.browse.category.benchmarks.os.linux.redhat
- [31]: https://nsacyber.github.io/publications.html
diff --git a/src/content/es/pages/privacy-guides/_index.md b/src/content/es/pages/privacy-guides/_index.md
deleted file mode 100644
index 07731a6e7..000000000
--- a/src/content/es/pages/privacy-guides/_index.md
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: IVPN Privacy Guides
-url: /privacy-guides/
-layout: guides
----
-# IVPN Privacy Guides
diff --git a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-1.md b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-1.md
deleted file mode 100644
index a4280ea2e..000000000
--- a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-1.md
+++ /dev/null
@@ -1,217 +0,0 @@
----
-title: Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 1
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/advanced-privacy-and-anonymity-part-1/
-section: Advanced
-weight: 10
-articles: [
-  {
-    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 2",
-    url: "/privacy-guides/advanced-privacy-and-anonymity-part-2/"
-  },
-  {
-    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 3",
-    url: "/privacy-guides/advanced-privacy-and-anonymity-part-3/"
-  },
-  {
-    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 4",
-    url: "/privacy-guides/advanced-privacy-and-anonymity-part-4/"
-  }
-]
-date: 2013-10-23T12:33:33+00:00
-layout: guides-details
----
-## Introduction
-
-If you're here, you may be using (or considering) a VPN service to provide online privacy and anonymity, and perhaps to circumvent Internet censorship. This series of guides goes far beyond that. It explains how to obtain vastly greater freedom, privacy and anonymity through [compartmentalization][1] (aka [compartmentation][2]) and [isolation][3], by using multiple virtual machines (VMs) with Internet access through nested chains of VPNs and Tor.
-
-These are advanced guides, and the full setup will require at least a few days of focused work. Before choosing which aspects to implement, it's best to consider your [threat model][4]. Start by reading [An Introduction to Privacy & Anonymity](/privacy-guides/an-introduction-to-privacy-anonymity/) and [Applying Risk Management to Privacy][5]. What are you protecting? Who are you protecting it from? What might happen if you were compromised?
-
-> **Note:** I wrote this series in 2013, well over six years ago. Although I've updated stuff a few times since, it's been a while. I'll be doing a total rewrite soon, but that will take some time.
-> 
-> So for now, I just have a few comments. First, pfSense has changed considerably since my last update. The basic approach still works, and I still use it. But much of Part 6 needs revised. Second, privacy in meatspace is basically dead, given increasingly pervasive surveillance. So there's a lot in Part 7 to be revised. Using giftcards, mailing cash, etc are far more risky. Also, Electrum is now the best Bitcoin wallet in Linux. And I have updated recommendations for Bitcoin mixers.
-
-The key threats, and corresponding defenses, are:
-
-{{< raw-html >}}
-<table class="table--data">
-  <tr>
-    <th>
-      Threat
-    </th>
-    <th>
-      Defense
-    </th>
-  </tr>
-  <tr>
-    <td>
-      Tracking and profiling
-    </td>
-    <td>
-      Compartmentalize and isolate activity using multiple pseudonyms, workspace VMs, VPN services and Tor. Block WebGL to prevent VM graphics fingerprinting. Diversify VMs, choosing OS with different video drivers.
-    </td>
-  </tr>
-  <tr>
-    <td>
-      Leaks and exploits that circumvent VPNs or Tor
-    </td>
-    <td>
-      Compartmentalize and isolate workspace and networking in separate VMs.
-    </td>
-  </tr>
-  <tr>
-    <td>
-      VPN compromise via traffic analysis or provider collusion
-    </td>
-    <td>
-      Compartmentalize Internet access and distribute trust using nested chains of VPNs and Tor.
-    </td>
-  </tr>
-  <tr>
-    <td>
-      Heightened surveillance of Tor users
-    </td>
-    <td>
-      Connect to Tor network through VPN(s).
-    </td>
-  </tr>
-  <tr>
-    <td>
-      Heightened surveillance of VPN users
-    </td>
-    <td>
-      Connect to VPN server(s) via secure, private proxies (not yet included in these guides).
-    </td>
-  </tr>
-  <tr>
-    <td>
-      Unauthorized local access
-    </td>
-    <td>
-      Use full disk encryption (FDE) on host machines (and VMs).
-    </td>
-  </tr>
-  <tr>
-    <td>
-      Forensic detection of encrypted data
-    </td>
-    <td>
-      Use hidden VeraCrypt volumes for plausible deniability (not included in these guides).
-    </td>
-  </tr>
-</table>
-{{< / raw-html >}}
-
-For example, if you just want to circumvent Internet censorship and data retention by your ISP, you don't need more than a good VPN service (unless consequences of getting caught are serious). If you just want to circumvent commercial tracking and behavioral marketing, you don't need the full setup described here. However, if you want better privacy and anonymity than browser extensions can provide, you might consider a basic setup (covered in Part 2) to compartmentalize your activities using VMs and VPN services.
-
-Conversely, if you're a political dissident who might suffer serious consequences if compromised, using the full setup (covered in Parts 3-8) would be prudent. The approaches described there would probably protect against non-targeted surveillance by national-scale government agencies. For such agencies with limited resources, they might even protect against targeted surveillance.
-
-Although it appears that global-scale intelligence agencies intercept virtually all Internet traffic, the approaches described here _might_ protect against routine non-targeted surveillance, given the need to correlate traffic through multiple VPN tunnels and Tor. While there's no way to be sure of that, it's clear that nothing less would suffice.
-
-However, it's unlikely that even the full setup described here would protect against directed surveillance by global-scale intelligence agencies. That would require far more resources and expertise than most nations (let alone individuals) possess.
-
-### Using Tor
-
-As I write this, the Tor network is under extreme stress. Since August 20, [the number of Tor clients][6] has increased from about 0.5 million to over 4.0 million (as of November 2021, 2.0 million per day on average). Based on reports from [Fox-IT][7] and [TrendLabs][8], it appears that the approximately 3.5 million new Tor clients are part of a Mevade botnet. So far, these Mevade bots are not sending much traffic, and are stressing Tor primarily by querying its directory servers. 
-
-At this point, this has probably not reduced the level of anonymity that Tor can provide. It's just made Tor slower and less reliable. However, if more than a few thousand of these bots were to become relays, there would be cause for concern, because they could collude to deanonymize other Tor users. A paper by Tor researchers, [Johnson et al (2013) Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries][11] analyzes the network's vulnerability to potential adversaries. I recommend periodically checking [the Tor Project blog][12] for status updates, and also checking [Tor metrics][6] of client and relay counts.
-
-### Summary
-
-{{< raw-html >}}
-<table class="table--data">
-  <tr>
-    <th>
-      <a title="Part 2 - Basic Setup Using VMs, VPNs and Tor" href="/privacy-guides/advanced-privacy-and-anonymity-part-2/" target="_blank" rel="noopener noreferrer">Part 2 - Basic Setup Using VMs, VPNs and Tor</a>
-    </th>
-  </tr>
-  <tr>
-    <td>
-      This guide covers a basic setup to protect online privacy and anonymity. There are multiple workspace VMs to compartmentalize and isolate activity. Each VM has its own Internet connectivity, and firewall rules to prevent leaks. It uses simple nested chains of VPNs and Tor to mitigate risks of tracking and profiling, and to distribute trust among multiple providers. But it does not protect against exploits that circumvent VPNs, Tor and/or firewall rules by isolating workspace and networking in separate VMs. Using diverse OS for workspace VMs, with different video drivers, is crucial to prevent association through WebGL fingerprinting.
-    </td>
-  </tr>
-  <tr>
-    <th>
-      <a title="Part 3 - Planning Advanced VM and VPN Setup" href="/privacy-guides/advanced-privacy-and-anonymity-part-3/" target="_blank" rel="noopener noreferrer">Part 3 - Planning Advanced VM and VPN Setup</a>
-    </th>
-  </tr>
-  <tr>
-    <td>
-      This guide presents relevant considerations for planning an advanced setup to protect online privacy and anonymity. As in the basic setup, there are multiple workspace VMs to compartmentalize and isolate activity, and each VM has its own Internet connectivity. The nested chains of VPNs and Tor are more complex, to better mitigate risks of tracking and profiling, and to distribute trust among more providers. The setup isolates workspace and networking in separate VMs to defeat exploits that circumvent VPNs, Tor and/or firewall rules.
-    </td>
-  </tr>
-  <tr>
-    <th>
-      <a title="Part 4 - Setting Up Secure Host Machines" href="/privacy-guides/advanced-privacy-and-anonymity-part-4/" target="_blank" rel="noopener noreferrer">Part 4 - Setting Up Secure Host Machines</a>
-    </th>
-  </tr>
-  <tr>
-    <td>
-      This guide explains how to set up Linux host machines for securely running numerous VMs. Linux distributions are open-source and free, so there's less risk of <a href="https://en.wikipedia.org/wiki/Backdoor_%28computing%29">backdoors</a>, and no money trail to one's <a href="https://en.wikipedia.org/wiki/True_Names">true name</a>. With clean installations, there's little (if any) risk from prior compromise. <a href="https://en.wikipedia.org/wiki/RAID">RAID arrays</a> provide faster disk I/O, greater capacity and better reliability. Using full disk encryption (FDE) prevents forensic analysis, unless the host is accessed while in use.
-    </td>
-  </tr>
-  <tr>
-    <th>
-      <a title="Part 5 - Installing VirtualBox and Creating Linux VMs" href="/privacy-guides/advanced-privacy-and-anonymity-part-5/" target="_blank" rel="noopener noreferrer">Part 5 - Installing VirtualBox and Creating Linux VMs</a>
-    </th>
-  </tr>
-  <tr>
-    <td>
-      This guide covers installing VirtualBox, and creating Linux workstation VMs and read-only LiveCD VMs. Using diverse OS for workspace VMs, with different video drivers, is crucial to prevent association through WebGL fingerprinting.
-    </td>
-  </tr>
-  <tr>
-    <th>
-      <a title="Part 6 - Creating pfSense VMs as VPN Clients" href="/privacy-guides/advanced-privacy-and-anonymity-part-6/" target="_blank" rel="noopener noreferrer">Part 6 - Creating pfSense VMs as VPN Clients</a>
-    </th>
-  </tr>
-  <tr>
-    <td>
-      This guide covers creating pfSense router/firewall VMs, and configuring them as secure VPN clients, with routing and firewall rules to prevent leaks. It also explains how to test for leaks using Wireshark.
-    </td>
-  </tr>
-  <tr>
-    <th>
-      <a title="Part 7 - Paying Anonymously with Cash and Bitcoins" href="/privacy-guides/advanced-privacy-and-anonymity-part-7/" target="_blank" rel="noopener noreferrer">Part 7 - Paying Anonymously with Cash and Bitcoins</a>
-    </th>
-  </tr>
-  <tr>
-    <td>
-      This guide explains how to anonymously buy VPN services using cash by mail and anonymized Bitcoins. It also covers how to buy Bitcoins, and how to anonymize them using Multibit clients and mixing services, with all connections via Tor.
-    </td>
-  </tr>
-  <tr>
-    <th>
-      <a title="Part 8 - Creating Nested Chains of VPNs and Tor" href="/privacy-guides/advanced-privacy-and-anonymity-part-8/" target="_blank" rel="noopener noreferrer">Part 8 - Creating Nested Chains of VPNs and Tor</a>
-    </th>
-  </tr>
-  <tr>
-    <td>
-      This tutorial explains how to create arbitrarily complex nested chains of VPNs and Tor through virtual networking, with pfSense VPN-client VMs and Tor-client VMs.
-    </td>
-  </tr>
-</table>
-{{< / raw-html >}}
-
-### Acknowledgement
-
-These guides reflect my participation at [Wilders Security Forums][13] for the past few years. I acknowledge the administrators and moderators for the venue, and for their care and guidance. But mostly I acknowledge the Wilders' user community (especially fellow privacy lovers) for great answers, tough questions, and lively discussions.
-
-I also acknowledge [IVPN][14] for invaluable support and encouragement.
-
-Finally, I acknowledge the global open source community, without which none of this would have been possible.
-
- [1]: https://en.wikipedia.org/wiki/Compartmentalization_%28information_security%29
- [2]: http://www.cl.cam.ac.uk/~rja14/Papers/SE-08.pdf
- [3]: http://theinvisiblethings.blogspot.ru/2008/09/three-approaches-to-computer-security.html
- [4]: https://en.wikipedia.org/wiki/Threat_model
- [5]: /privacy-guides/applying-risk-management-to-privacy/
- [6]: https://metrics.torproject.org
- [7]: http://blog.fox-it.com/2013/09/05/large-botnet-cause-of-recent-tor-network-overload/
- [8]: http://blog.trendmicro.com/trendlabs-security-intelligence/the-mysterious-mevade-malware/
- [9]: https://blog.torproject.org/blog/how-to-handle-millions-new-tor-clients
- [10]: https://metrics.torproject.org/network.html?graph=networksize&start=2013-01-01&end=2013-12-31#networksize
- [11]: http://www.ohmygodel.com/publications/usersrouted-ccs13.pdf
- [12]: https://blog.torproject.org/blog/
- [13]: https://www.wilderssecurity.com/
- [14]: /
diff --git a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-2.md b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-2.md
deleted file mode 100644
index 7efd9f59a..000000000
--- a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-2.md
+++ /dev/null
@@ -1,183 +0,0 @@
----
-title: Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 2
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/advanced-privacy-and-anonymity-part-2/
-section: Advanced
-weight: 20
-articles: [
-  {
-    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 3",
-    url: "/privacy-guides/advanced-privacy-and-anonymity-part-3/"
-  },
-  {
-    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 4",
-    url: "/privacy-guides/advanced-privacy-and-anonymity-part-4/"
-  },
-  {
-    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 5",
-    url: "/privacy-guides/advanced-privacy-and-anonymity-part-5/"
-  }
-]
-date: 2022-02-04T00:00:00+00:00
-layout: guides-details
----
-## Basic Setup Using VMs, VPNs and Tor
-
-### Introduction
-
-This guide covers a basic setup to protect online privacy and anonymity. It's appropriate for reliably circumventing Internet censorship and data retention by ISPs, and for reliably circumventing commercial tracking and behavioral marketing. It may be adequate for political dissidents in countries that respect human rights. However, it is _not_ adequate for political dissidents who might suffer serious consequences if compromised. For them, using the full setup (covered in Parts 3-8) would be prudent.
-
-In this setup, the host machine reaches the Internet through a VPN service, with firewall rules to prevent leaks. The host runs VirtualBox, and there are multiple Linux workspace VMs to compartmentalize and isolate activity. Each Linux workspace VM initially reaches the Internet through the host machine's VPN service. It then connects through a different VPN service, or through the Tor network, to reach Internet sites. There are firewall rules to prevent leaks. For Tor connectivity, the guide uses [Whonix][1], which comprises Tor gateway and workstation VMs that are based on Linux (Debian).
-
-VirtualBox by default isolates resources (storage, memory and processing) that each VM is using, both from itself and from other VMs. Although the Linux workspace VMs (and the Whonix gateway VM) all use the host machine's VPN connection through [network address translation (NAT)][2], VirtualBox doesn't permit VM-to-VM traffic in that arrangement. Linux workspace VMs (and the Whonix workstation VM) are also isolated from each other on the Internet, because they have different IP addresses and network latencies.
-
-Because Whonix isolates workspace and networking in separate VMs, it resists attacks that compromise or circumvent Tor and/or firewall rules. However, the VPN client running in each Linux workspace VM is vulnerable to such attacks. Even so, the VPN client running on the host is isolated, and so damage is limited. In the full setup (covered in Parts 3-8), all workspaces and networking (VPN and Tor clients) are isolated in separate VMs.
-
-### Setting Up VPN on Host Machine
-
-If you're already using a VPN service, you can skip to the next step. If you're not already using a VPN service, [choose one][3] and install the client following the provider's instructions. For Linux, you can use the instructions below, in `Setting Up VPN on Linux Workstation VM`.
-
-Unless you've already set up firewall rules to prevent leaks, it's prudent to do so. All traffic (including DNS queries) should go through the VPN tunnel, and there should be no Internet connectivity if the VPN connection fails. Also, just in case, DNS queries should use the VPN provider's DNS server(s), or reliable [third-party DNS servers][4], and **not** your ISP's DNS servers.
-
-There are instructions below (in `Installing and Checking VPN-Firewall on Linux Workstation`) for using adrelanos' firewall setup in Linux. For Windows, you can ask your provider, or use (for example) [Comodo][5]. For OS X, you can ask your provider, or use (for example) [PF][6].
-
-It's also prudent to test for leaks. There are instructions below (in `Installing and Checking VPN-Firewall on Linux Workstation`) for leak testing in Linux. The same approach applies in Windows or OS X, except for installing and configuring Wireshark. For Windows, see (for example) [HOW TO : Install Wireshark on Windows 7][7]. For OS X, see (for example) [WireShark Install on Mac OS X][8].
-
-### Installing VirtualBox
-
-This step is trivial. Download the version of VirtualBox for your host machine OS from <https://www.virtualbox.org/wiki/Downloads>. For Windows hosts, install by executing the downloaded file. For OS X hosts, double click the downloaded file, and drag the app to the Applications icon. For Ubuntu hosts, open the downloaded package with Ubuntu Software Center, and install. For Debian hosts, use dpkg in a terminal. After installing VirtualBox, download the Extension Pack, and open it with VirtualBox to install. That's it. With VirtualBox running, hitting F1 opens the user manual, which is excellent and comprehensive.
-
-### Creating Linux Workstation VM
-
-Creating VMs is very easy, and section 1.7 of the VirtualBox manual (hit F1) explains it well. It's a two-stage process. First, you configure the new VM in VirtualBox. Second, you start the VM, and install the OS, just as you would on a physical machine.
-
-Linux is the best choice for a secure and private workstation VM. It's open-source and free, so there's no money trail linking you to a product ID. [Ubuntu][9] is a good choice for new Linux users. It's best to use releases with long-term support (currently 12 .04). For those who dislike the Unity desktop, [Xubuntu][10] and [Mint][11] (both based on Ubuntu) are good alternatives. [Debian][12] is arguably more secure, but not as user-friendly.
-
-
-First download the 32-bit (aka i386) installer image file for the Linux distro that you've chosen. Then open VirtualBox, and click the `New` icon. Enter your desired VM name, and select the proper OS type (Linux) and version (Ubuntu for Ubuntu, Mint or Xubuntu) or Debian. Specify 1 GB memory to avoid disk swapping. If host RAM is limited, you can reduce it later. Use the defaults for virtual hard disk type (dynamically allocated VDI) and location, but specify at least 100-200 GB maximum size. The initial size of the virtual disk will be at most 5-6 GB. But with large maximum size, it's very easy to accommodate unplanned growth. After reviewing the final summary screen, hit `Create`.
-
-Next, tweak the new VM's settings. In the `General/Advanced` tab, leave `Shared Clipboard` and `Drag'n'Drop` set to `Disabled` (for security). Under `System/Motherboard`, change the boot order to `Hard Disk, CD/DVD`, and deselect `Enable absolute pointing device`. Under `System/Processor`, select `Enable PAE/NX` (if your host supports it). Under `Display/Video`, increase video memory to 128 MB (unless host RAM is limited). Under `USB` settings, deselect `Enable USB Controller` (for security).
-
-Now add the OS installer image. Under `Storage`, highlight the CD icon (named `Empty`) under `IDE Controller`. Then hit the CD icon to the far right of `CD/DVD Drive`, and select `Choose a virtual CD/DVD disk file`. Navigate to wherever you put your installer image, and select it. Then click `OK` to exit the settings screen.
-
-Then double click on the new VM, and go through the install process. It's OK to accept all defaults. But you can select the encrypted LVM option for disk partitioning , if you like. Although whole-disk encrypted VMs may leave plaintext on host machines, that's better than nothing if the host is compromised while running. As the VM is rebooting after installation completes, click `Devices` in the main menu, highlight `CD/DVD Devices`, and select `Remove disk from virtual drive`.
-
-To get better VM performance, you may want to install VirtualBox guest additions (customized kernel modules). Guest additions also provide better display and mouse integration, and enable mounting host folders (aka `shared folders`) in the VM. However, some of the kernel customizations may reduce guest-host isolation, and using shared folders definitely does. It's a typical convenience vs security trade-off.
-
-Ubuntu or Xubuntu will prompt you to install the guest-additions kernel-module package as `additional drivers`. If not, use the Settings menu. You can also install guest additions by clicking `Devices` in the VirtualBox menu, and then `Install Guest Additions`. But don't do both. Debian 7.10 automatically installs the guest-additions kernel-module package.
-
-Use Update Manager to download and install updates. Then reboot the system.
-
-Before using Firefox, it's prudent to disable WebGL, in order to prevent graphics fingerprinting (see last paragraph). First take VM offline. In VirtualBox Network settings, change `Adapter 1` to `Not attached`. Then start Firefox in the VM, open `about:config`, and toggle `webgl.disabled` to `true`. Now change `Adapter 1` back to `NAT`. As backup protection, you can install NoScript, and check `Forbid WebGL` in the `Embeddings` tab of Options.
-
-### Setting Up VPN on Linux Workstation VM
-
-These instructions are for OpenVPN-based services. For IPsec-based VPN services, follow your provider's instructions. Avoid PPTP-based VPN services, because that protocol is extremely insecure.
-
-Start by setting up Network Manager with OpenVPN. Open a Terminal window, and run these commands:
-
-    user@ubuntu:~$ sudo apt-get install network-manager-openvpn
-    user@ubuntu:~$ sudo restart network-manager
-
-Then review your VPN credentials – certificates (\*.crt) and keys (\*.key) – and configuration files (\*.conf or \*.ovpn). Some VPN services provide configuration files with embedded credentials, with each of the credentials bracketed by corresponding [name] and [/name] tags. In that case, copy each of the credentials, and save as an appropriately-named text file. There may be as many as four credentials:
-
-  * ca.crt
-  * client.crt
-  * client.key
-  * ta.key
-
-All of these files should be downloaded via HTTPS, and kept private. You might want to avoid providers that don't use HTTPS for this. Establishing a VPN connection may also require a username and password, which may differ from the account name and password for the VPN service's website. Some low-end services email connection username and password. In that case, immediately go to the provider's website, and change the password.
-
-Virtually all VPN services provide a ca.crt (certificate authority) certificate. These certificates enable clients to verify the authenticity of VPN servers before connecting. Most VPN services also provide a client.crt (client certificate) and client.key (for unlocking and using the client certificate). Client certificates allow VPN servers to verify the authenticity of clients before accepting connections. A few high-end VPN services also provide a ta.key to enable TLS authentication, which [increases connection security][13].
-
-You'll also need other information from the OpenVPN configuration file. First, you'll need to choose the VPN server that you'll be connecting to. Avoid the United States, United Kingdom and France. Germany and the Netherlands are OK. It's probably good to avoid Eastern Europe, Russia, China etc, which might attract attention. You'll need the IP address of the server, rather than the hostname, in order for VPN-Firewall (see below) to work properly. If you just have hostnames, you can get the IP address by running this command:
-
-    user@ubuntu:~$ host hostname.that.you.have
-
-Second, you'll need to know the server port number and connection type (UDP or TCP). It's generally best to use UDP (unless you're routing via Tor). You'll also need to know the cipher type (from the cipher ... line) and whether LZO compression should be enabled (if you see comp-lzo). If cipher type isn't specified, use the Network Manager default. For VPNs that provide ta.key, you'll need to know the key direction, which is the number at the end of the tls-auth line (typically 1).
-
-Start the setup by copying all of the VPN certificate and key files to /etc/openvpn. Open a Terminal window, and run these commands:
-
-    user@ubuntu:~$ cd /home/user/path-to-the-files
-    user@ubuntu:~$ sudo cp ca.crt client.crt client.key ta.key /etc/openvpn/
-
-Of course, edit the second command for the files that you actually have.
-
-Then open Network Manager, select the `VPN` tab, and click the `Add` button. Select OpenVPN as type, and click the `Create` button. Enter a short name for the connection, and the IP address of the server that you'll be accessing. The next steps depend on the configuration of the VPN service.
-
-There are three common VPN-configuration setups. Some VPN services (such as Private Internet Access) provide only ca.key, and require username and password for connection. For them, select `Password` as authentication type, enter your username and password, and click the `CA Certificate` button. In the `Places` window, click `File System`. Double click `etc`, and then double click `openvpn`. Finally, select `ca.crt` and click `Open`.
-
-Now click the `Advanced` button. In the `General` tab, check `Use custom gateway port` and enter the appropriate port number. If appropriate, check `Use LZO data compression` (typical) and `Use a TCP connection` (rarely appropriate unless you're routing via Tor). If you know the cipher type, click `Cipher` in the `Security` tab, select the appropriate one, and click `OK`. Now click `Save` in the VPN window, and close Network Manager.
-
-Some VPN services (such as AirVPN) provide ca.key, client.crt and client.key, but not ta.key, and don't require username and password for connection. For them, select `Certificates (TLS)` as authentication type, and then specify `User Certificate` (client.crt), `CA Certificate` (ca.crt) and `Private Key` (client.key) as described above. Then complete the same steps in the `Advanced` window as described above, save the VPN configuration, and close Network Manager.
-
-Some VPN services (such as IVPN) provide ca.key, client.crt, client.key and ta.key, and also require username and password for connection. For them, select `Password with Certificates (TLS)` as authentication type, and enter your username and password. Then specify `User Certificate` (client.crt), `CA Certificate` (ca.crt) and `Private Key` (client.key) as described above. Complete the same steps in the `Advanced` window as described above. In the `TLS Authentication` window, check `Use additional TLS authentication`, and specify `Key File` (ta.key) and `Key Direction` (typically 1). Then save the VPN configuration, and close Network Manager.
-
-Now use Network Manager to establish the new VPN connection. Once it connects, verify that it works by visiting <https://whatismyipaddress.com>. If it doesn't connect, or doesn't work, recheck the configuration.
-
-### Installing and Checking VPN-Firewall on Linux Workstation
-
-Install adrelanos' VPN-Firewall scripts as described at <https://github.com/adrelanos/VPN-Firewall>. You want the firewall (iptables rules) to load at bootup, so install both the firewall and init scripts. Reboot the VM, but don't reconnect the VPN via Network Manager. Check VPN-Firewall status by running the following in a Terminal window:
-
-    user@ubuntu:~$ sudo service vpnfirewall status
-
-It should reply. Then verify that the VM has no Internet connectivity by trying to visit <https://whatismyipaddress.com>. If it connects, there's something wrong with the VPN-Firewall setup.
-
-Now use Network Manager to establish your VPN connection, and verify that it works by visiting <https://whatismyipaddress.com>. If it doesn't connect, recheck the configuration. If it does connect, test VPN-Firewall by killing the openvpn process (run `sudo killall openvpn` in a Terminal window) and verifying that the VM has no Internet connectivity. Then use Network Manager to reestablish the VPN connection, and verify that it works by visiting <https://whatismyipaddress.com>.
-
-Check your DNS servers by running the standard DNS test at <https://www.grc.com/dns/>. It should report only the DNS servers that your VPN service is pushing. It should not report any DNS servers that are associated with your ISP, or are specified by your LAN router. If it does, there's something wrong with the VPN setup.
-
-You can also check for leaks using Wireshark. To install Wireshark, open a Terminal window in the VM, and run these commands:
-
-    user@ubuntu:~$ sudo apt-get update
-    user@ubuntu:~$ sudo apt-get install wireshark
-
-Then configure wireshark to allow a non-root user to sniff packets. As described [here][14], run these commands in a Terminal window:
-
-    user@ubuntu:~$ sudo dpkg-reconfigure wireshark-common
-    user@ubuntu:~$ sudo adduser $USER wireshark
-
-Reboot the VM, and establish your VPN connection. Then open Wireshark, and start capturing on eth0. Use Firefox to check <https://whatismyipaddress.com>, run the DNS test at <https://www.grc.com/dns/>, etc. Now stop the capture, and run Statistics/Endpoints. You should only see one [non-private][15] aka [public IP address][16], that of the VPN server that you're connected to.
-
-Now kill the openvpn process (run `sudo killall openvpn` in a Terminal window) and start a fresh capture on eth0. Verify that Firefox can't see anything. VPN-Firewall blocks pings, by the way. Stop the capture, and run Statistics/Endpoints. You should only see traffic with local private IP addresses, and reconnection attempts from the VPN server that you were connected to.
-
-Finally, reestablish the VPN connection in Network Manager, and verify that it's working. Then start Update Manager, download and install updates, and let the VM reboot.
-
-### Installing Whonix
-
-[Whonix][1] comprises a pair of Debian VMs: a gateway VM that connects to the Tor network, and a workstation VM that connects through the gateway VM. Installing Whonix is easy. Start by downloading Whonix-Gateway and Whonix-Workstation to your host machine, using your VPN service. It's best to verify the downloads as instructed using the OpenPGP signatures and the Whonix signing key. If you can't be bothered with that, at least download them using BitTorrent (which is more secure, as explained).
-
-Import the gateway and workstation VMs, using `File / Import Appliance` in VirtualBox (reinitializing MAC addresses). If you'll be using just one Whonix instance, just start the Whonix gateway, and then the workstation. Download and install updates as instructed. After rebooting both VMs, you're done. Enjoy!
-
-If you'll be using multiple Whonix instances, each gateway and workstation VM must have a unique name (which determines the name of its folder). After importing the first pair of gateway and workstation VMs, edit their names in the VirtualBox GUI, adding a unique suffix (or whatever) to distinguish them from others that you'll be importing (and to facilitate keeping track of them).
-
-Also, the gateway and workstation VMs of each Whonix instance must share a uniquely named internal network. First edit the settings for Adapter 2 of the gateway VM (under `Network`). Change `Whonix` to `Whonix-1` or whatever. Don't change the settings for Adapter 1. The default (`NAT`) will have it connect through your host's VPN service. Then edit the settings for Adapter 1 of the workstation VM, changing `Whonix` to whatever you just used for Adapter 2 of the gateway VM.
-
-Now start the first Whonix gateway, and then the workstation. Download and install updates as instructed. After rebooting both VMs, you're done. Enjoy!
-
-### OS Diversity is Crucial for Compartmentalization Safety
-
-WebGL fingerprinting is a serious risk when using VMs for compartmentalization. WebGL uses the GPU via the OS graphics driver. On a given host, all VMs that use a given graphics driver will have the same WebGL fingerprint, because they all use the same virtual GPU. So let's say that you have a Debian VM that connects through a nested VPN chain, and a Lubuntu VM that connects directly, or through a different one. Default Firefox in both VMs will have the same WebGL fingerprint! That could link the two VMs, and break compartmentalization.
-
-One can readily disable WebGL in browsers. But accidents happen. Maybe you'll install a new browser, and forget to disable WebGL. Any sites that you visit while WebGL is working can fingerprint the VM. And potentially that VM is linked by WebGL fingerprint to other VMs that use the same graphics driver.
-
-Given that, it's best to compartmentalize across VMs with different graphics drivers. Browsers on all distros that use the Debian graphics driver (Debian, Ubuntu, Lubuntu, Mint, Xubuntu, etc) apparently have the same WebGL fingerprint. But VMs using different graphics drivers (such as Arch, Fedora, PCBSD, Windows and Yosemite Zone) have different WebGL fingerprints.
-
-The host and VMs use different GPUs (real vs virtual) so there is no overlap in WebGL fingerprints. However, it does appear that systems using a given graphics driver will have the same WebGL fingerprint on given hardware, with a given GPU. And so reinstalling the OS, or using a related OS with the same graphics driver, may not change the WebGL fingerprint.
-
- [1]: https://www.whonix.org/wiki/Main_Page
- [2]: https://en.wikipedia.org/wiki/Network_address_translation
- [3]: https://torrentfreak.com/best-vpn-anonymous-no-logging/
- [4]: https://www.wikileaks.org/wiki/Alternative_DNS
- [5]: https://forums.comodo.com/firewall-help-cis/configuring-to-block-all-nonvpn-traffic-t91413.15.html
- [6]: https://web.archive.org/web/20120827084446/https://thenewtech.tv/it/openbsd-pf-on-mac-osx-lion
- [7]: https://kudithipudi.org/2009/07/17/how-to-install-wireshark-on-window-7/
- [8]: https://networkstatic.net/wireshark-install-on-mac-os-x/
- [9]: https://www.ubuntu.com/download/desktop
- [10]: https://xubuntu.org/getxubuntu/
- [11]: https://www.linuxmint.com/download.php
- [12]: https://www.debian.org/CD/netinst/
- [13]: https://community.openvpn.net/openvpn/wiki/SecurityOverview
- [14]: https://askubuntu.com/questions/74059/how-do-i-run-wireshark-with-root-privileges
- [15]: https://en.wikipedia.org/wiki/Private_network
- [16]: https://en.wikipedia.org/wiki/IP_address#Public_address
diff --git a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-3.md b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-3.md
deleted file mode 100644
index bd76fd814..000000000
--- a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-3.md
+++ /dev/null
@@ -1,199 +0,0 @@
----
-title: Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 3
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/advanced-privacy-and-anonymity-part-3/
-section: Advanced
-weight: 30
-articles: [
-  {
-    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 4",
-    url: "/privacy-guides/advanced-privacy-and-anonymity-part-4/"
-  },
-  {
-    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 5",
-    url: "/privacy-guides/advanced-privacy-and-anonymity-part-5/"
-  },
-  {
-    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 6",
-    url: "/privacy-guides/advanced-privacy-and-anonymity-part-6/"
-  }
-]
-date: 2013-10-23T12:36:02+00:00
-layout: guides-details
----
-## Planning Advanced VM and VPN Setup
-
-### Introduction
-
-This guide introduces an advanced setup (implemented in Parts 4-8) which provides vastly greater privacy, anonymity and freedom than the basic setup presented in [Part 2. Basic Setup Using VMs, VPNs and Tor](/privacy-guides/advanced-privacy-and-anonymity-part-2/). It employs [compartmentalization][1] (aka [compartmentation][2]) and [isolation][3], by using multiple virtual machines (VMs) with Internet access through arbitrarily complex nested and branched chains of VPNs and Tor. The full setup will require at least a few days of focused work. Please review [Part 1. Introduction](/privacy-guides/advanced-privacy-and-anonymity-part-1/) and consider your [threat model][4] before choosing which aspects to implement.
-
-This advanced setup broadly resembles the basic setup presented in Part 2. The host machine reaches the Internet through a VPN service, with firewall rules to prevent leaks. There are multiple Linux workspace VMs to compartmentalize and isolate activity, and the various workspace VMs independently reach the Internet through VPN services or the Tor network. It's easy to deter profiling and tracking by using multiple pseudonyms in multiple workspace VMs, with different Internet IP addresses. Impacts of malware and hacking are limited, as long as the VMs networking services and VPN client are not compromised or circumvented.
-
-However, the advanced setup goes far beyond the basic setup in a few key ways. Rather than using an existing and potentially compromised system (typically Windows or OS X) as VM host, this setup uses a fresh Linux installation. Because Linux is open-source, there is also less risk of [backdoors][5]. Furthermore, because most Linux distributions are free, there is no money trail that might link you to a product key, or other unique information in the installation.
-
-In the basic setup, the Linux workspace VMs (except Whonix) contain both applications and networking services (routing, firewall, VPN client, etc). By exploiting vulnerabilities in applications and users, attacks may readily compromise or circumvent the VPN client, and then deanonymize users by contacting a monitoring server directly, rather than through the VPN tunnel. Attacks may also install malware that deanonymizes by `calling home` when the VPN is not connected. Indeed, any document that automatically loads remote resources, such as this logo, can do the same.
-
-![IVPN Logo](/images/logo.svg)
-
-In this advanced setup, all workspaces and networking services (VPN and Tor clients) are isolated in separate workspace and gateway VMs (pfSense VPN-client VMs and Tor-client VMs). Attacks that exploit vulnerabilities in applications and users can't reach networking services unless they can also compromise or circumvent VM-host barriers. And because workspace VMs can only reach the Internet through their gateway VMs, there's no access to remote resources when the gateway is down or broken, except through deliberate user error.
-
-Furthermore, in this setup, the arrangement of gateway VMs and VirtualBox internal networks transparently creates layers of encrypted routing instructions, which then direct packets through specified chains of VPN servers and Tor entry relays. That is, packet routing through the Internet reflects local routing of gateway VMs in VirtualBox. Using the VirtualBox GUI, it's trivial to create and modify arbitrarily complex nested and branched chains of VPN and Tor connections. It's also possible, using the VBoxManage command-line interface, to automate changes in routing topology (not included in these guides).
-
-Indeed, this is a simple (and static) implementation of [onion routing][6]:
-  
-> Onion routing is a technique for anonymous communication over a computer network. Messages are repeatedly encrypted and then sent through several network nodes called onion routers. Like someone peeling an onion, each onion router removes a layer of encryption to uncover routing instructions, and sends the message to the next router where this is repeated. This prevents these intermediary nodes from knowing the origin, destination, and contents of the message.
-
-### Initial Privacy Considerations
-
-If you're, for example, a political dissident who might suffer serious consequences if compromised, it would be prudent to read these guides, and download required software, using a secure VPN service. Otherwise, your ISP and other local observers can see what you're doing, and you might be flagged for increased scrutiny. Ideally, local observers should see only that you're using a VPN service, and nothing else. If you'll be chaining multiple VPNs, as described below, it's best to pick one now that you will connect to directly. Consistently using just one direct-connect VPN service arguably attracts less attention than using many VPN services and Tor.
-
-If you're currently using a VPN service, adopting it as your direct-connect VPN would be best, as long as it's privacy-friendly and its performance is adequate. Unbiased sources for information about VPN services include discussions at [Wilders Security Forums][7] (which uses a self-signed certificate) and annual reviews at [TorrentFreak][8]. Connecting indirectly to your current VPN service through a new direct-connect VPN would arguably be pointless, because there are potentially records associating your account there with your ISP-assigned IP address.
-
-If you're not currently using a VPN service, now is a good time to pick one that you'll be connecting to directly. For direct-connect VPNs, the key features are speed (high bandwidth and low latency), uncapped usage (throughput) and mainstream popularity (so you stand out less). You'll typically be using just one direct VPN connection, and so it's arguably better to reserve services that permit multiple simultaneous connections, and have exit servers in many countries, for use as indirect VPNs (which you will access through your direct-connect VPN).
-
-Unless you're already using a VPN service and/or Tor, install your chosen direct-connect VPN client on the machine that you're reading this on, following the provider's instructions. Also download all required software on this machine, so your ISP etc can't see what you're doing.
-
-At the cost of increased complexity, by choosing the high-privacy option in the next tutorial ([Part 4. Setting Up Secure Host Machines](/privacy-guides/advanced-privacy-and-anonymity-part-4/)), you can hide all evidence of your new setup from your ISP and other local observers. They'll just see downloading through your direct-connect VPN service.
-
-### Using Nested Chains of VPNs and Tor to Distribute Trust
-
-It's crucial to keep in mind that, by using VPN services, we are merely choosing to trust our VPN providers, instead of our ISPs and governments. We can choose VPN providers that use multiple hops, promise not to keep logs, carefully segregate our account data and their VPN servers, and even claim that they will move or shut down before compromising our privacy. But there is no reliable way to know whether our trust has been warranted, unless we discover that it hasn't.
-
-If privacy and pseudonymity really matter to us, therefore, it's not prudent to rely merely on a single VPN provider. Instead, we can distribute our trust by routing one VPN tunnel through another, from a different provider. More generally, we can create nested chains of VPN tunnels from multiple providers. In order to compromise our privacy, an adversary would need to compromise or subvert most (if not all) of the VPN services in our chain(s).
-
-This approach is vulnerable in at least two ways. First, there may be money trails to `inner` (in a topological sense) VPN services that we access indirectly through other VPN services. Using free VPN services is an option, but they typically cap bandwidth and throughput. The best option is paying with cash by anonymous snail mail. Another option is paying with Bitcoins that have been thoroughly anonymized using multiple anonymous accounts and mixing services.
-
-Second, some (or all) of the VPN services in our chain(s) may be vulnerable to compromise or subversion by broadly resourceful adversaries. To mitigate this risk, it's prudent to choose providers that operate from poorly-cooperating geopolitical [spheres of influence (SOIs)][9]. It's best to avoid providers in the SOI where you live. For your direct-connect VPN, it's arguably best to choose a provider in a relatively-neutral SOI, which doesn't attract too much attention, and yet is at least somewhat hard to subvert. For your terminal/innermost VPN, it's arguably best to choose a provider in an effectively non-cooperating SOI. If you're using three or more VPNs overall, it's arguably best to alternate between distinct poorly-cooperating SOIs for the middle VPNs.
-
-We can also rely on [Tor][10], a highly sophisticated implementation of [onion routing][6], where trust by design is distributed among numerous participants with disparate goals. It provides far greater anonymity than VPNs (even complex nested chains of VPNs) could ever manage. However, configuring applications to use Tor properly (with no leaks) is nontrivial, and it's best to use packaged setups.
-
-The [Tor Browser Bundle][11] comprises Tor and the Tor Project's version of Firefox, which is optimized for anonymity. Although it's very easy to install and use, it's vulnerable to [malware exploits][12] and leaks from applications misconfigured by users. [The Amnesic Incognito Live System (Tails)][13] is a LiveCD (read-only by default) which can also be run as a VM. It's preconfigured with many applications. But it's still vulnerable to malware exploits that circumvent Tor. Both [Whonix][14] and [Incognito][15] isolate workspace and networking services in separate gateway and workstation VMs. That protects against deanonymization through user error, misconfigured applications or malware exploits.
-
-It's best to incorporate Tor at or near the end of nested VPN chains. VPN services are popular for P2P file sharing, and using them arguably attracts less unwanted attention than using Tor, except where file sharing and dissent are both forbidden. Indeed, access to the Tor network is blocked in some places. One can circumvent blocks by connecting through [bridge relays][16]. However, as bridge relays are identified and blocked, users must switch to new ones. Given the trial and error process of using bridge relays, they do not reliably hide Tor use. It would be safest to use both VPNs and [obfuscated bridges][17], which obfuscate Tor traffic patterns.
-
-Some Internet sites don't accept connections from Tor exit relays. Some sites block all Tor exits, while others block only those that appear on various blacklists. A simple solution is routing a VPN service through Tor. Tor can carry only TCP traffic, so one must use TCP mode for the VPN connection. But the resulting VPN tunnel carries both TCP and UDP traffic, increasing application compatibility and reducing the chance of leaks.
-
-### Preventing VPN Leaks
-
-VPN connections are prone to (at least) two types of leaks. One type involves DNS servers. Normally, after a VPN client requests a connection, the server configures the tunnel, and pushes required information to the client. Included are changes in network routing, so all Internet traffic uses the VPN tunnel, and DNS servers to be queried for translating hostnames to IP addresses.
-
-But if something goes wrong, the client machine may instead query DNS servers provided by the user's ISP. And that may reveal the ISP's identity to those observing the VPN exit server. It may also reveal to the ISP what domains are being accessed. If the user's ISP can see both user traffic to the VPN entry server and queries to its DNS servers, timing analysis could readily reveal what domains the user is accessing. In other words, the VPN would be compromised for that user.
-
-Preventing such DNS leaks may be nontrivial. It may require temporarily hard coding the VPN's DNS servers in the client machine's network configuration, and undoing that after the VPN connection is closed. That's what the VPN client should be doing, by the way, but sometimes it doesn't work, especially with uncommon operating systems that the VPN configuration doesn't fully support.
-
-The other type of leak involves traffic bypassing the VPN tunnel to reach the Internet directly. The operating system may not properly implement changes in network routing pushed by the VPN server to direct all Internet traffic through the VPN tunnel. Or the VPN connection may fail in some way. For example, VPN servers may go offline, or VPN client software may hang or die, perhaps after intermittent network outages. Whatever the cause, it's crucial that there be no Internet connectivity except through the VPN tunnel, even if the VPN connection is improperly configured, or fails in any way.
-
-Unfortunately, OpenVPN was designed to provide secure connectivity to remote networks, but not Internet anonymity. Indeed, Internet traffic exits locally by default in OpenVPN, in order to conserve VPN bandwidth. While it's easy to configure VPN tunnels to carry all network traffic, it's difficult to prevent traffic from using the client machine's physical adapter after the VPN client software terminates. By default, all changes to network routing made during VPN connection are reversed when the VPN disconnects. That's generally a good thing, because users might otherwise be left without Internet access (even to reconnect the VPN).
-
-Some VPN providers use proprietary clients that reportedly fail closed. But generally, the only reliable protections are network routing and firewall rules that restrict network connectivity to the VPN tunnel. In Windows and OS X, you can use, respectively, [Comodo][18] and [PF][19]. In Linux, you can use [VPN-Firewall][20]. It's a bash script that creates iptables rules which block all Internet connections except through the designated OpenVPN server, and yet permit transparent VPN reconnection. It's part of the high-privacy option in the next tutorial, [Part 4. Setting Up Secure Host Machines](/privacy-guides/advanced-privacy-and-anonymity-part-4/). Whatever method you use, it's prudent to test for leaks. That's also covered in the next tutorial.
-
-### Using pfSense VMs as VPN Clients
-
-Advanced networking expertise is required to securely route one VPN tunnel through another, with no leaks, on an individual machine. However, doing that is trivial by networking virtual machines (VMs) that serve as gateway routers. Indeed, it's possible to create arbitrarily complex nested and branched chains of VPNs (and Tor).
-
-pfSense, a hardened router/firewall operating system based on FreeBSD and its stateful packet filter [PF][21], is an excellent choice for VPN-client VMs. pfSense VMs are small and resource-light. Creating VPN connections and preventing leaks is very easy in pfSense. The pfSense WebGUI is highly intuitive, and yet exposes virtually all pfSense capabilities. Using pfSense VMs as VPN clients is covered in [Part 6. Creating pfSense VMs as VPN Clients](/privacy-guides/advanced-privacy-and-anonymity-part-6/).
-
-### Visualizing Nested VPN Tunnels
-
-Chains of nested VPN tunnels provide better privacy and anonymity for accessing content servers, Tor entry relays, peers of P2P networks (such as BitTorrent, Freenet and I2P) and other remote servers. With no VPN, remote servers see your ISP-assigned IP address. Also, your ISP and other local observers see the IP addresses of remote servers. And unless connections are end-to-end encrypted, they can eavesdrop and carry out man-in-the-middle (MITM) attacks.
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/Connection-No-VPN-light.png"
-        srcset="/images-static/uploads/Connection-No-VPN-light.png 1x, /images-static/uploads/Connection-No-VPN-light@2x.png 2x"
-        alt="Connection Without VPN" />
-    <img class="features__image--dark" src="/images-static/uploads/Connection-No-VPN-dark.png"
-        srcset="/images-static/uploads/Connection-No-VPN-dark.png 1x, /images-static/uploads/Connection-No-VPN-dark@2x.png 2x"
-        alt="Connection Without VPN" />
-</figure>
-{{< / raw-html >}}
-
-With one VPN, remote content servers instead see the VPN's exit IP address. Your ISP and other local observers see the VPN's entry IP address, and the VPN tunnel is encrypted. However, the VPN provider knows both your ISP-assigned IP address and the IP addresses of remote servers.
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/Connection-One-VPN-light.png"
-        srcset="/images-static/uploads/Connection-One-VPN-light.png 1x, /images-static/uploads/Connection-One-VPN-light@2x.png 2x"
-        alt="Connection With VPN" />
-    <img class="features__image--dark" src="/images-static/uploads/Connection-One-VPN-dark.png"
-        srcset="/images-static/uploads/Connection-One-VPN-dark.png 1x, /images-static/uploads/Connection-One-VPN-dark@2x.png 2x"
-        alt="Connection With VPN" />
-</figure>
-{{< / raw-html >}}
-
-With two nested VPNs, remote content servers see the second (inner) VPN's exit IP address. Your ISP and other local observers see the first (outer) VPN's entry IP address. Both VPN tunnels are encrypted. Neither VPN provider knows both your ISP-assigned IP address and the IP addresses of remote servers. The first (outer) VPN provider knows your ISP-assigned IP address, and also the second (inner) VPN's entry IP address. The second (inner) VPN provider knows the IP addresses of remote content servers, and also the first (outer) VPN's exit IP address.
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/Connection-Two-VPNs-light.png"
-        srcset="/images-static/uploads/Connection-Two-VPNs-light.png 1x, /images-static/uploads/Connection-Two-VPNs-light@2x.png 2x"
-        alt="Connection with Two VPNs" />
-    <img class="features__image--dark" src="/images-static/uploads/Connection-Two-VPNs-dark.png"
-        srcset="/images-static/uploads/Connection-Two-VPNs-dark.png 1x, /images-static/uploads/Connection-Two-VPNs-dark@2x.png 2x"
-        alt="Connection with Two VPNs" />
-</figure>
-{{< / raw-html >}}
-
-With three or more nested VPNs, information about your Internet activity would be further fragmented, and harder to compromise. However, as VPN tunnels are nested more deeply, two factors limit usability. First, each VPN level adds 50-100 ms latency, and may also restrict bandwidth. Second, overall reliability (being the product of the individual VPN reliabilities) is lower.
-
-### Planning Initial Setup
-
-You might want to start by creating a setup such as this.
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/Chains-light.png"
-        srcset="/images-static/uploads/Chains-light.png 1x, /images-static/uploads/Chains-light@2x.png 2x"
-        alt="Cloud showing Chained VPNs and TOR" />
-    <img class="features__image--dark" src="/images-static/uploads/Chains-dark.png"
-        srcset="/images-static/uploads/Chains-dark.png 1x, /images-static/uploads/Chains-dark@2x.png 2x"
-        alt="Cloud showing Chained VPNs and TOR" />
-</figure>
-{{< / raw-html >}}
-
-Each star denotes a VPN exit, with an invariant IP address that's shared by all users. Two VPN services (VPN{{< sub >}}1{{< / sub >}} and VPN{{< sub >}}2{{< / sub >}}) form the backbone. A third VPN service, routed through VPN{{< sub >}}2{{< / sub >}}, provides multiple simultaneous exits (VPN{{< sub >}}3a{{< / sub >}} and VPN{{< sub >}}3b{{< / sub >}}). A Tor client, also routed through VPN{{< sub >}}2{{< / sub >}}, provides Internet access through a cloud of frequently changing exit IP addresses that are shared by many other users. Finally, a fourth VPN service (VPN{{< sub >}}4{{< / sub >}}) is routed through the Tor connection.
-
-Each VPN tunnel in a nested chain provides some degree of separation and anonymity. How much depends on such factors as the number of concurrent users, what the service logs, and the availability of any logs to adversaries. But generally, your risk of association is greatest with the VPN{{< sub >}}1{{< / sub >}} exit, less with the VPN{{< sub >}}2{{< / sub >}} exit, and even less with the VPN{{< sub >}}3a{{< / sub >}} and VPN{{< sub >}}3b{{< / sub >}} exits. Tor connections arguably provide far more separation and anonymity, so your risk of association through the Tor exit cloud is far less than through the VPN{{< sub >}}3{{< / sub >}} exits.
-
-Routing VPN{{< sub >}}4{{< / sub >}} through the Tor connection, however, weakens anonymity. That's obviously so if there are email or money trails from you to VPN{{< sub >}}4{{< / sub >}}. But even free VPN services, with no such linkages, weaken Tor anonymity. Tor clients plan and test numerous circuits, with diverse paths and exit relays. They normally use multiple concurrent circuits to isolate application data streams, and they change circuits frequently. But once a VPN tunnel is established using a particular circuit, the Tor client can't move it to a new circuit, until the VPN disconnects and reconnects. Even so, the VPN{{< sub >}}4{{< / sub >}} exit is still potentially far less associated with the VPN{{< sub >}}2{{< / sub >}} exit than the VPN{{< sub >}}2{{< / sub >}} exit is with you.
-
-Everyone using a given VPN exit server has the same IP address. That's good, because crowding increases anonymity. However, using a particular VPN exit for multiple pseudonyms is somewhat counterproductive, given the shared IP address. It's best, therefore, to use just one primary pseudonym with each pfSense VPN-client VM, and its corresponding VPN exit and position in the overall nested VPN chain.
-
-It's also best for each pseudonym to consistently use a particular VPN exit. Changes in IP address can trigger account-verification requirements by some providers, such as Facebook and Google, and may even lead to blacklisting. That's hard to avoid with Tor, because clients use multiple concurrent circuits (including exit relays) to isolate application data streams, and they change circuits frequently. VPNs can be routed through Tor, but that decreases anonymity.
-
-In creating and using these setups, it's crucial to keep in mind that associations among you and the various elements – exit IP addresses, and the pseudonyms and workstations that use them – can never be decreased, but only increased. For example, consider VPN{{< sub >}}4{{< / sub >}} that's been routed through Tor. If you use that connection with a pseudonym or workstation that's more closely associated with you, it's prudent to assume that the association persists. Or consider a pseudonym created using VPN{{< sub >}}4{{< / sub >}}. Using that pseudonym without Tor, even through nested VPNs, permanently associates it more closely with you.
-
-Multiple pseudonyms should never share a workstation VM, given the risk of cross-correlation through routine tracking, malware and active attacks. It's also prudent to compartmentalize information for a given pseudonym among multiple workstation VMs. One workstation VM might serve for routine online activity. Using a diskless LiveCD VM would provide some protection for visiting questionable websites or opening questionable files (but not as much as a diskless machine booting from a LiveCD). Another workstation VM might host a Bitcoin client, and hold other financial information. Highly sensitive information might be secured in one or more VMs that are routinely offline, and never share LANs with potentially compromised VMs.
-
-In particular, a workstation should not contain information about the VPN account that it's connecting through. The identity of the VPN service is obvious. Remote servers see VPN exit IP addresses, and may even reveal them in forum posts or email headers. However, account details such as email address and payment method may reveal true identity (or, at least, a weaker pseudonym). Although information about VPN service(s) purchased for extending the nested VPN chain is less sensitive, it's prudent to segregate it (with other financial information) from routine online activity.
-
-That's a problematic issue, because configuration and management of pfSense VMs require workstation VMs for accessing the pfSense webGUI. For VPN-client setup, workstation VMs must have VPN credentials, which may be linked to email address and payment method. To reduce the risk of compromise and cross-correlation, it's best to administer each pfSense VPN-client VM with a dedicated workstation VM, which contains no information about any pseudonyms that connect through that pfSense VM. Alternatively, you can use a diskless LiveCD VM for administering all of your pfSense VMs, and download VPN configuration files when needed.
-
-As discussed in [Part 2. Advanced Privacy and Anonymity Using VMs, VPN’s, Tor][22], WebGL fingerprinting is a serious risk when using VMs for compartmentalization. On a given host, all VMs that use a given graphics driver will have the same WebGL fingerprint, because they all use the same virtual GPU.
-
-It's best to compartmentalize across VMs with different graphics drivers. Use Debian or Lubuntu, perhaps, but not both (where it matters, anyway). For compartments where separation is crucial, use VMs with different graphics drivers. Possibilities include Arch, Fedora, PCBSD, Windows and Yosemite Zone.
-
-It's also prudent to disable WebGL in browsers before using them online. Take the VM offline, by changing `Adapter 1` to `Not attached` in VirtualBox Network settings. Then start Firefox in the VM, open `about:config`, and toggle `webgl.disabled` to `true`. Now change `Adapter 1` back to `NAT` (`Internal Network`, when you're using pfSense VPN-gateway VMs). You can also install NoScript, and check `Forbid WebGL` in the `Embeddings` tab of `Options`.
-
- [1]: https://en.wikipedia.org/wiki/Compartmentalization_%28information_security%29
- [2]: http://www.cl.cam.ac.uk/~rja14/Papers/SE-08.pdf
- [3]: http://theinvisiblethings.blogspot.ru/2008/09/three-approaches-to-computer-security.html
- [4]: /privacy-guides/will-a-vpn-protect-me/
- [5]: https://en.wikipedia.org/wiki/Backdoor_%28computing%29
- [6]: https://en.wikipedia.org/wiki/Onion_routing
- [7]: https://www.wilderssecurity.com/
- [8]: https://torrentfreak.com/vpn-services-that-take-your-anonymity-seriously-2013-edition-130302/
- [9]: https://en.wikipedia.org/wiki/Sphere_of_influence
- [10]: https://www.torproject.org/
- [11]: https://www.torproject.org/projects/torbrowser.html.en
- [12]: https://blog.torproject.org/tor-weekly-news-august-7th-2013/
- [13]: https://tails.boum.org/
- [14]: https://www.whonix.org/wiki/Main_Page
- [15]: https://bitbucket.org/ra_/
- [16]: https://support.torproject.org/#censorship-7
- [17]: https://support.torproject.org/#operators-6
- [18]: https://forums.comodo.com/firewall-help-cis/configuring-to-block-all-nonvpn-traffic-t91413.15.html
- [19]: https://en.wikipedia.org/wiki/PF_%28firewall%29
- [20]: https://github.com/adrelanos/VPN-Firewall
- [21]: https://en.wikipedia.org/wiki/PF_%28firewall%29
- [22]: /privacy-guides/advanced-privacy-and-anonymity-part-2/
\ No newline at end of file
diff --git a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-4.md b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-4.md
deleted file mode 100644
index ef91f0115..000000000
--- a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-4.md
+++ /dev/null
@@ -1,369 +0,0 @@
----
-title: Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 4
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/advanced-privacy-and-anonymity-part-4/
-section: Advanced
-weight: 40
-articles: [
-  {
-    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 5",
-    url: "/privacy-guides/advanced-privacy-and-anonymity-part-5/"
-  },
-  {
-    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 6",
-    url: "/privacy-guides/advanced-privacy-and-anonymity-part-6/"
-  },
-  {
-    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 7",
-    url: "/privacy-guides/advanced-privacy-and-anonymity-part-7/"
-  }
-]
-date: 2020-01-28T00:00:00+00:00
-layout: guides-details
----
-## Setting Up Secure Host Machines
-
-### Introduction
-
-This guide explains how to set up full-disk encrypted host machines for securely running multiple VMs. Using hardened router/firewall VMs (such as pfSense) as VPN clients, it's easy to route one VPN tunnel through another. With multiple workstation VMs, we can maintain multiple pseudonyms that complicate profiling and tracking, and we can mitigate the impact of malware and hacking. We can easily route Tor through VPNs to avoid attracting unwanted attention. And we can easily route VPNs through Tor to evade Tor exit blocking, increase application compatibility, and reduce the chance of leaks.
-
-As discussed in [Part 3. Planning Advanced VM and VPN Setup](/privacy-guides/advanced-privacy-and-anonymity-part-3/), it's prudent to read these guides, and download required software, through a VPN service and/or TOR. That way, your ISP and other local observers can't see what you're doing. Furthermore, consistently using a particular VPN service arguably attracts less attention than switching among several. If you haven't yet chosen a direct-connect VPN service, now is a good time. Please see `Initial Privacy Considerations` in Part 3 for more on this recommendation.
-
-Depending on your risk model, it may also be prudent to restrict your new host machine's Internet traffic to the direct-connect VPN service, even while you're setting it up. Using this high-privacy option would prevent your ISP and other local observers from seeing software downloads and other Internet connections that occur during installation of the operating system.
-
-As an example, this guide includes a high-privacy option using Ubuntu as the host operating system. With this option, the new host machine would have no Internet connectivity during Ubuntu installation. Before providing Internet connectivity, you would install your direct-connect VPN service, and then configure iptables to block all non-VPN connections. After providing Internet connectivity, you would establish the VPN connection, and update the system.
-
-With this approach, your ISP and other local observers would see only downloading (albeit increased, perhaps) through your direct-connect VPN service. Because the iptables rules take effect before network configuration during bootup, the new host machine will only have direct non-VPN Internet connectivity if you disable the iptables rules. Unless you did that, your ISP and other local observers would see no specific evidence of the new host machine's existence.
-
-### Hardware
-
-Gaming-class machines or workstations are best for simultaneously running more than a few VMs. Servers are good too, but normally lack audio and high-resolution video. If you'll be maxing out RAM and hard disks, you may need to upgrade the power supply to at least 600 W.
-
-Midrange quad-core CPUs (such as Intel i5 Quad, Intel Core 2 Quad and AMD Athlon Quad) can simultaneously run at least ten VMs, each configured with one core. CPU cores are only a soft limit for VM capacity, and overloading the CPU(s) just slows everything down. The CPU(s) must support virtualization. It's typically disabled by default, and must be enabled in the BIOS.
-
-Memory, on the other hand, is a hard limit for VM capacity. VMs can crash without warning if host memory becomes over-committed. However, RAM is currently quite inexpensive, and it's best to install as much as you can. That's especially important if you plan to run Windows VMs, which require substantially more memory than Linux or BSD VMs. With a 64-bit host OS, by the way, there's no 4 GB memory limit.
-
-You also want fast storage, because multiple VMs will be competing for disk access. It's tempting to use solid state drives (SSDs), given their breathtaking speed, increasing capacity and declining cost. However, it may be problematic to secure SDDs, because their wear-leveling mechanisms may compromise full-disk encryption by leaving plaintext data in the clear after shutdown. While some SDDs may be securable, if you implement full-disk encryption at first use, thorough research and testing would be prudent.
-
-The safest option is still probably RAID with multiple SATA (or SAS, if your budget allows) hard disk drives (HDDs). If you have a SATA optical drive, you can remove it to free up a SATA port, and use an external USB optical drive when needed.
-
-It's best to avoid consumer HDDs because they do extended error recovery (which doesn't play well with RAID) and also because they're not designed to be hammered. Older RAID-ready enterprise 7.2 Krpm SATA HDDs (such as Western Digital RE3s and RE4s) don't cost much more than consumer HDDs, and they perform well.
-
-If you only have four free SATA ports, RAID10 with four HDDs is the best option. RAID10 with four 1 TB 7.2 Krpm WD RE3 HDDs provides 2 TB capacity. You'd see ~170 MBps disk bandwidth with seek time ~12 ms, and you could lose one disk (or perhaps two, if you're lucky) without data loss. The use of RAID5 is no longer recommended, by the way.
-
-If you have five free SATA ports, RAID6 with five 1 TB 7.2 Krpm WD RE3 HDDs provides 3 TB capacity. You'd see ~270 MBps disk bandwidth with seek time ~7 ms, and you could lose any two disks without immediate data loss. However, RAID6 arrays rebuild slowly after failed disks have been replaced, and read errors can hose rebuilds.
-
-Using five HDDs for RAID10 with one hot spare would provide less capacity (2 TB) and less speed (~170 MBps with seek time ~12 ms) but substantially better reliability. Although you could lose only one disk (or perhaps two, if you're lucky) without data loss, RAID10 arrays rebuild far faster than RAID6 arrays do. Once the array had finished rebuilding, you'd have RAID10 with no hot spares. At that point, you could lose another disk (or perhaps two, if you're lucky) without data loss.
-
-You may want to enable booting with degraded RAID. If you don't, and one of the disks fails, you might need to boot with a LiveCD and repair the damage before the machine will boot. If you just boot with degraded RAID, on the other hand, you may not realize that the RAID array is degraded until it entirely fails (which is too late). It's prudent to periodically check HDD SMART and RAID status in Disk Utility.
-
-Effective cooling is essential, especially for RAID with multiple HDDs. With consumer-grade hardware, adding a high-capacity rear case fan is wise. Some models provide little ventilation for drives, and are notorious for baking HDDs. It may be necessary to drill an array of small holes in the case, in front of the HDD cage, making sure not to leave metal fragments inside. You can also add a grill, if appearance matters.
-
-### Choosing an Operating System
-
-Linux is the best choice for a secure and private host OS. It's open-source and free, so there's no money trail linking you to a product ID. Its software RAID implementation is fast, efficient and reliable. The LUKS package provides native full-disk encryption, with everything encrypted except for the boot partition. And finally, VirtualBox runs very well under it.
-
-Unless carefully configured, all operating systems leave disk caches and logs behind. With Windows or OS X, which are closed-source, it's very difficult to even know what's being left behind. Knowledge of Windows shellbags, for example, was until recently largely restricted to the computer forensics community.
-
-Ubuntu is a good choice for new Linux users. The Ubuntu Software Center simplifies package management. And the alternate install ISO provides full access to Debian's disk partitioning tools, including LUKS full-disk encryption, and LVM for flexible partition management. It's best to use releases with long-term support (currently 20.04 LTS). For those who dislike the Unity desktop, Xubuntu (based on Ubuntu) is the best alternative. Mint (also based on Ubuntu) doesn't provide an alternate install ISO. Debian is probably the most secure option, and Debian 7.0 was just released. As noted above, there is no 4GB memory limit with a 64-bit OS, so use that if your hardware supports it.
-
-Although the high-privacy option (explained below) is written for Ubuntu 12.04.2, it should work for any Linux distribution, if suitably tweaked. In principle, an analogous approach should work for Windows and OS X, but avoiding compromise through required authentication would be problematic.
-
-### VM Security Issues
-
-To protect VM privacy, and limit access to log files and disk-cache residue, it's prudent to use dedicated host machines with full-disk encryption. However, encrypted disks are decrypted while in use, and keys are stored in memory, so it's prudent to shut down hosts when idle. Using full-disk encryption for individual VMs would limit access to idle VMs while other VMs are in use, but it won't prevent access to information that's been logged or cached on the host machine.
-
-Under most circumstances, it's safe to assume that VMs are isolated from each other, unless they have direct network connectivity or share disks (including USB and other removable drives) or clipboard. However, the possibility of malware breakout from VM to host can't be excluded. If that occurred, other VMs would be readily compromised. Other machines with direct network connectivity or shared disks would also be compromised. When isolation is crucial or malware risk is high, it's prudent to segregate VMs on different host machines, and to avoid direct network connectivity and disk sharing.
-
-### Plausible Deniability
-
-Although encrypted data appears random, files, partitions and disks containing random data may engender suspicion, especially when there's evidence that they're in use. Also, there may be header information that flags the data as encrypted. In particular, the Linux Unified Key Setup (LUKS) for dm-crypt writes headers that begin with `LUKS`, and that disclose such information as the type of encryption being used.
-
-Conversely, a well-known feature of TrueCrypt is the ability to write hidden partitions, and even to run hidden operating systems. If challenged, one can disclose the passphrase for the decoy partition. Adversaries can mount the decoy partition, and run a decoy OS that's installed on it, but they can't detect any hidden partition or OS that may exist. And so it's arguably plausible to deny that any hidden partition exists.
-
-However, merely having decoy partitions doesn't make them plausible, unless they contain plausible information, and are used daily. If an adversary knows that you were online yesterday, based on information from your ISP, but your hidden OS hasn't been used for a week, it seems odd. Also, even if you have disclosed the passphrase for a hidden TrueCrypt partition, or even if you use TrueCrypt without hidden partitions, an adversary may not believe you.
-
-This tutorial uses Linux with LUKS and dm-crypt full-disk encryption. That may be unworkable if your circumstances require plausible deniability. Future tutorials will cover strategies for plausible deniability.
-
-### Installing Ubuntu with RAID, LUKS Encryption and LVM
-
-First download the [Ubuntu 12.04.2 alternate (64-bit) installer image](http://www.ubuntu.com/download/alternative-downloads), using the BitTorrent link or the nearest mirror. Use another machine that's protected by a VPN service and/or Tor for all of these downloads. If you don't have them already, download the credentials for your direct-connect VPN service. Also download [adrelanos][12] `VPN-Firewall` scripts.
-
-If you'll be going with the high-privacy option, you'll also need the package files required for setting up Network Manager with OpenVPN. Get them through a VPN service and/or Tor. The installer would normally download them from the Ubuntu repository, but that won't be possible without Internet connectivity. There are seven files to get:
-
-  * [openvpn package][1]
-  * [network-manager-openvpn-gnome][2]
-  * [openconnect package][3]
-  * [libopenconnect1 package][4]
-  * [network-manager-openconnect package][5]
-  * [liblzo2-2 package][6]
-  * [libpkcs11-helper1 package][7]
-
-Those are the package files needed to set up Network Manager with OpenVPN in a fresh Ubuntu 12.04.2 64-bit installation. You could get them from a non-US archive, if you like. It's possible that this hack won't work with an updated Ubuntu bug-fix release (e.g., 12.04.3). In that case, error messages from the package installer (which you'll use near the end of this tutorial) will tell you what's wrong.
-
-Connect the machine to your LAN router. Otherwise, networking won't get set up properly. If you're going with the high-privacy option, just disable Internet connectivity to your LAN. After finishing the installation, you'll install VPN-Firewall and your direct-connect VPN client, restore Internet connectivity, and establish the VPN connection. Then you'll download and install updates, reboot and proceed to the next tutorial for VirtualBox setup.
-
-If you're not going with the high-privacy option, just proceed with normal Internet connectivity via LAN. And don't bother downloading the package files for Network Manager with OpenVPN.
-
-Installing Ubuntu (or Xubuntu or Debian) is quite easy, even using the old-school Debian wizard on the alternate install ISO. Create an install CD, and then boot your host machine with it. You can also use a USB flash drive, if your machine will boot from it.
-
-Just use defaults until you reach the hostname screen. Although hostname isn't visible beyond LAN, that will change with IPv6, so it may be prudent to go with the default `ubuntu` (or `xubuntu` or `debian`). Just hit enter after typing the hostname.
-
-The most anonymous username is probably `User`, and it's probably counterproductive to use something cute like `Anne O. Nymous`. A strong password is always prudent, but it matters less here because full-disk encryption is the primary defense. Don't encrypt your home directory, because that can conflict with full-disk encryption.
-
-On the clock screen, select `No` and set the time zone to UTC (the last choice). The host machine will generally be accessing the Internet directly, so there's no point in picking a non-local time zone. However, picking UTC is not uncommon, and it might prevent information leaks.
-
-On the disk partitioning screen, select `Manual` and hit enter. While the following may seem complicated, it's really not. Also, the installer remembers your preferences, so repeating steps on multiple partitions goes quickly. Read it through a few times, so you have a general idea of what you're doing, and are not just following the steps. Basically, you'll be creating two partitions on each disk: 1) a small one for the boot RAID array; and, 2) a large one for the RAID array that will be encrypted using dm-crypt with LUKS, and then split into logical volumes (swap, root and home) using the Logical Volume Manager (LVM).
-
-Start with the boot-array partitions. We put them at the beginning of each disk, furthest out where access is faster. Here are the steps for each of the physical disks:
-
-  1. highlight disk, hit enter, select `Yes` and hit enter to create partition table
-  2. highlight `FREE SPACE` line under disk and hit enter
-  3. highlight `Create a new partition` (default) and hit enter
-  4. you want 300 MB total boot space, so use these partition sizes: 
-      * 300MB for RAID1 with two disks
-      * 150MB for RAID10 with four disks
-      * 100MB for RAID5 with four disks
-      * 100MB for RAID6 with five disks
-  5. hit enter after typing desired partition size
-  6. select `Primary` as partition type (default) and hit enter
-  7. select `Beginning` as location (default) and hit enter
-  8. select `Use as` line, hit enter, select `physical volume for RAID` and hit enter
-  9. highlight `Bootable flag` and hit enter to set `on`
- 10. highlight `Done setting up the partition` and hit enter
-
-Repeat the above steps for each of the other physical disks.
-
-Now create a second partition on each physical disk, using the remaining space. We will use them for a RAID array that will hold everything else except boot. Here are the steps for each disk:
-
-  1. highlight `FREE SPACE` line under disk and hit enter
-  2. highlight `Create a new partition` (default) and hit enter
-  3. accept default size (because you're using all remaining free space) and hit enter
-  4. select `Logical` as partition type (default) and hit enter
-  5. select `Use as` line, hit enter, select `physical volume for RAID` and hit enter
-  6. highlight `Done setting up the partition` and hit enter
-
-Repeat the above steps for each of the other physical disks.
-
-You should be back at the main disk partitioning screen. Configuring software RAID is next. Here are the steps for the boot RAID array:
-
-  1. select `Configure software RAID` and hit enter
-  2. select `Yes` to `Write changes to the storage devices and configure RAID` and hit enter
-  3. select `Create MD device` (default) and hit enter (this will be md0, by the way)
-  4. select desired RAID type and hit enter
-  5. enter number of active devices (total disks, less any hot spares that you decide to use) and hit enter
-  6. enter number of hot spares (typically zero unless you have five HDDs, and are going with RAID10) and hit enter
-  7. check (using space bar) which partitions to use (the small ones, sda1 etc)
-  8. hit enter to get back to the RAID configuration screen
-
-Now repeat that process to create md1 from the set of large partitions (sda5 etc). We will encrypt that using dm-crypt with LUKS, and then use it for LVM.
-
-Select `Finish` and hit enter to get back to the main disk partitioning screen.
-
-At this point, you should see two RAID devices on the main disk partitioning screen: "RAID... device #0" (aka md0) being the boot array, and "RAID... device #" (aka md1) being the array for encryption and LVM. Let's do RAID device md1 first.
-
-  1. select `#1` line below main "RAID... device #1" partition line, and hit enter
-  2. select `Use as` line, hit enter, choose use as `physical volume for encryption`, and hit enter
-  3. select `Done setting up the partition` and hit enter
-  4. you should be back at main disk partitioning screen
-  5. select `Configure encrypted volumes` and hit enter
-  6. select `Yes` to `Keep current partition layout and configure encrypted volumes` and hit enter
-  7. select `Create encrypted volumes` and hit enter
-  8. check `/dev/md1` (using space bar) and hit enter
-  9. select `Finish` and hit enter
-
-Now you'll be asked for your passphrase. Use a complex one, at least 25 characters long with lowercase and uppercase letters, numbers and other printable characters. Record it in a private and secure place, because there is truly no way to recover it if it's lost.
-
-You should be back at the main disk partitioning screen, and should now see the encrypted volume `md1_crypt` at the top of the list. Now we configure logical volumes in that partition, as follows:
-
-  1. select `#1` line below main `md1_crypt` partition line, and hit enter
-  2. select `Use as` line, hit enter, choose use as `physical volume for LVM`, and hit enter
-  3. select `Done setting up the partition` and hit enter
-  4. you should be back at main disk partitioning screen
-  5. select `Configure the Logical Volume Manager` and hit enter
-  6. select `Yes` to `Keep current partition layout and configure LVM`, and hit enter
-  7. select `Create volume group` and hit enter
-  8. name it (e.g., `cryptovg`) and hit enter
-  9. check `/dev/mapper/md1_crypt` (using space bar) and hit enter
-
-Now you create your logical volumes. Although you can get fancy, swap, root (“/”) and home are enough. We do swap first to put it at the beginning of the logical volume, further out on the disk where access is faster. The steps for swap are:
-
-  1. select `Create logical volume` and hit enter
-  2. hit enter to accept default volume group `cryptovg`
-  3. name it `swap` and hit enter
-  4. set size as twice your installed memory and hit enter
-
-The steps for root are:
-
-  1. select `Create logical volume` and hit enter
-  2. hit enter to accept default volume group `cryptovg`
-  3. name it `root` and hit enter
-  4. set size as 20 GB and hit enter
-
-The steps for home are:
-
-  1. select `Create logical volume` and hit enter
-  2. hit enter to accept default volume group `cryptovg`
-  3. name it `home` and hit enter
-  4. accept default size (remaining space) and hit enter
-  5. select `Finish` and hit enter
-  6. you should be back at main disk partitioning screen
-
-Now you finish configuring your home volume, as follows:
-
-  1. select `#1` line below main `home` partition line, and hit enter
-  2. select `Use as` line, hit enter, choose use as `Ext4 journaling file system`, and hit enter
-  3. select `Mount point` line, hit enter, choose `/home` and hit enter
-  4. select `Done setting up the partition` and hit enter
-
-Now you finish configuring your root (aka `/`) volume, as follows:
-
-  1. select `#1` line below main `root` partition line, and hit enter
-  2. select `Use as` line, hit enter, choose use as `Ext4 journaling file system`, and hit enter
-  3. select `Mount point` line, hit enter, choose `/` and hit enter
-  4. select `Done setting up the partition` and hit enter
-
-Now you finish configuring your swap volume, as follows:
-
-  1. select `#1` line below main `swap` partition line, and hit enter
-  2. select `Use as` line, hit enter, choose use as `swap area`, and hit enter
-  3. select `Done setting up the partition` and hit enter
-
-Then, page down the main disk partitioning screen to your boot RAID array ("RAID... device #0" aka `md0`), and finish configuring it:
-
-  1. select `#1` line below main "RAID... device #0" partition line, and hit enter
-  2. select `Use as` line, hit enter, choose use as `Ext4 journaling file system`, and hit enter
-  3. select `Mount point` line, hit enter, choose `/boot` and hit enter
-  4. select `Done setting up the partition`
-
-Finally, go to the bottom of the main disk partitioning screen, select `Finish partitioning and write changes to disk`, and hit enter. After rechecking the partition configuration, select `Yes` to write changes to the disks, and hit enter.
-
-The rest of the install process should complete with little input. If you need an HTTP proxy, you'll probably know what it is. You do want to install the GRUB bootloader, unless you're doing a dual-boot system (and know what you're doing). The system clock is set for UTC.
-
-Now remove the installation CD, and let the machine reboot.
-
-### Setting Up Network Manager with OpenVPN
-
-It's convenient to configure your direct-connect VPN on the host machine before installing drivers and updates, and setting up VirtualBox. If you've chosen the high-privacy option, doing that is essential, and it's somewhat more complicated. In that case, your new host machine (and its LAN) shouldn't have Internet connectivity now .
-
-First you'll need to set up Network Manager with OpenVPN. If you **have not** chosen the high-privacy option, just open a Terminal window, and run these commands:
-
-    user@ubuntu:~$ sudo apt-get install network-manager-openvpn
-    user@ubuntu:~$ sudo restart network-manager
-
-That's all.
-
-If you **have** chosen the high-privacy option, open a Terminal window, and run these commands:
-
-    user@ubuntu:~$ cd /home/user
-    user@ubuntu:~$ mkdir nmo
-
-Then copy the seven Network Manager and OpenVPN package files (which you've downloaded previously via a VPN service or Tor) to /home/user/nmo/ using your preferred method. Then run these commands in a Terminal window:
-
-    user@ubuntu:~$ sudo dpkg -R -i /home/user/nmo
-    user@ubuntu:~$ sudo apt-get install -f
-    user@ubuntu:~$ sudo restart network-manager
-
-The first command installs the packages, and the second command corrects errors caused by not installing them in the proper sequence. If the second and third commands complete without errors, you're good to go.
-
-If the second command fails, the errors should tell you what package files are missing. Just get them through a private channel, add them to /home/user/nmo/ and rerun the previous three commands.
-
-### Installing Direct-Connect VPN
-
-First review your VPN credentials – certificates (\*.crt) and keys (\*.key) – and configuration files (\*.conf or \*.ovpn). Some VPN services provide configuration files with embedded credentials, with each of the credentials bracketed by corresponding [name] and [/name] tags. In that case, copy each of the credentials, and save as an appropriately-named text file. There may be as many as four credentials:
-
-  * ca.crt
-  * client.crt
-  * client.key
-  * ta.key
-
-All of these files should be downloaded via HTTPS, and kept private. You might want to avoid providers that don't use HTTPS for this. Establishing a VPN connection may also require a username and password, which may differ from the account name and password for the VPN service's website. Some low-end services email connection username and password. In that case, immediately go to the provider's website, and change the password.
-
-Virtually all VPN services provide a ca.crt (certificate authority) certificate. These certificates enable clients to verify the authenticity of VPN servers before connecting. Most VPN services also provide a client.crt (client certificate) and client.key (for unlocking and using the client certificate). Client certificates allow VPN servers to verify the authenticity of clients before accepting connections. A few high-end VPN services also provide a ta.key to enable TLS authentication, which [increases connection security][8].
-
-You'll also need other information from the OpenVPN configuration file. First, you'll need to choose the VPN server that you'll be connecting to. Avoid the United States, United Kingdom and France. Germany and the Netherlands are OK. It's probably good to avoid Eastern Europe, Russia, China etc, which might attract attention. You'll need the IP address of the server, rather than the hostname, in order for VPN-Firewall (see below) to work properly. If you just have hostnames, you can get the IP address by running this command:
-
-    user@ubuntu:~$ host hostname.that.you.have
-
-Second, you'll need to know the server port number and connection type (UDP or TCP). It's generally best to use UDP (unless you're routing via Tor). You'll also need to know the cipher type (from the cipher ... line) and whether LZO compression should be enabled (if you see comp-lzo). If cipher type isn't specified, use the Network Manager default. For VPNs that provide ta.key, you'll need to know the key direction, which is the number at the end of the tls-auth line (typically 1).
-
-Start the setup by copying all of the VPN credential files to /etc/openvpn. Open a Terminal window, and run these commands:
-
-    user@ubuntu:~$ cd /home/user/path-to-the-files
-    user@ubuntu:~$ sudo cp ca.crt client.crt client.key ta.key /etc/openvpn/
-
-Of course, edit the second command for the files that you actually have.
-
-Then open Network Manager, select the `VPN` tab, and click the `Add` button. Select OpenVPN as type, and click the `Create` button. Enter a short name for the connection, and the IP address of the server that you'll be accessing. The next steps depend on the configuration of the VPN service.
-
-There are three common VPN-configuration setups. Some VPN services (such as Private Internet Access) provide only ca.key, and require username and password for connection. For them, select `Password` as authentication type, enter your username and password, and click the `CA Certificate` button. In the `Places` window, click `File System`. Double click `etc`, and then double click `openvpn`. Finally, select `ca.crt` and click `Open`.
-
-Now click the `Advanced` button`. In the `General` tab, check `Use custom gateway port` and enter the appropriate port number. If appropriate, check `Use LZO data compression` (typical) and `Use a TCP connection` (rarely appropriate unless you're routing via Tor). If you know the cipher type, click `Cipher` in the `Security` tab, select the appropriate one, and click `OK`. Now click `Save` in the VPN window, and close Network Manager.
-
-Some VPN services (such as AirVPN) provide ca.key, client.crt and client.key, but not ta.key, and don't require username and password for connection. For them, select `Certificates (TLS)` as authentication type, and then specify `User Certificate` (client.crt), `CA Certificate` (ca.crt) and `Private Key` (client.key) as described above. Then complete the same steps in the `Advanced` window as described above, save the VPN configuration, and close Network Manager.
-
-Some VPN services (such as IVPN) provide ca.key, client.crt, client.key and ta.key, and also require username and password for connection. For them, select `Password with Certificates (TLS)` as authentication type, and enter your username and password. Then specify `User Certificate` (client.crt), `CA Certificate` (ca.crt) and `Private Key` (client.key) as described above. Complete the same steps in the `Advanced` window as described above. In the `TLS Authentication` window, check `Use additional TLS authentication`, and specify `Key File` (ta.key) and `Key Direction` (typically 1). Then save the VPN configuration, and close Network Manager.
-
-### Installing and Checking VPN-Firewall
-
-Install adrelanos' VPN-Firewall scripts as described at [https://github.com/adrelanos/VPN-Firewall][12]. You want the firewall (iptables rules) to load at bootup, so install both the firewall and init scripts. Reboot the machine, and check VPN-Firewall status by running `sudo service vpnfirewall status` in a Terminal window. It should reply ``.
-
-If you've chosen the high-privacy option, now restore Internet connectivity to your new VM host. Then verify that your new machine has no Internet connectivity by trying to visit <https://duckduckgo.com/>. If it connects, there's something wrong with the VPN-Firewall setup.
-
-Now use Network Manager to establish your direct-connect VPN connection, and verify that it works by visiting [https://www.dnsleaktest.com/][10]. If it doesn't connect, recheck the configuration. If it does connect, test VPN-Firewall by killing the openvpn process (run `sudo killall openvpn` in a Terminal window) and verifying that the machine has no Internet connectivity. Then use Network Manager to reestablish the VPN connection, and verify that it works again by visiting [https://www.dnsleaktest.com/][10].
-
-Check your DNS servers by running the standard DNS leak test at [https://www.grc.com/dns/][11]. It should report only the DNS servers that your direct-connect VPN service specified. And it should not report any DNS servers associated with your ISP, or specified by your LAN router. If it does, there's something wrong with the VPN setup.
-
-You can also check for leaks using Wireshark. To install Wireshark, open a Terminal window, and run these commands:
-
-    user@ubuntu:~$ sudo apt-get update
-    user@ubuntu:~$ sudo apt-get install wireshark
-
-Then configure wireshark to allow a non-root user to sniff packets. As described [here][9], just run these commands in a Terminal window:
-
-    user@ubuntu:~$ sudo dpkg-reconfigure wireshark-common
-    user@ubuntu:~$ sudo adduser $USER wireshark
-
-Reboot the machine, and establish your direct-connect VPN connection. Then open Wireshark, and start capturing on eth0. Use Firefox to check [https://www.dnsleaktest.com/][10], run the DNS test at [https://www.grc.com/dns/][11], etc. Now stop the capture, and run Statistics/Endpoints. You should only see only local non-public IPs and the VPN server that you're connected to.
-
-Now kill the openvpn process (run `sudo killall openvpn` in a Terminal window) and start a fresh capture on eth0. Verify that Firefox can't see anything. The iptables setup blocks pings, by the way. Stop the capture after about 10 minutes, and run Statistics/Endpoints. You should only see traffic with local non-public IPs, and reconnection attempts from the VPN server that you were connected to.
-
-Finally, reestablish your direct-connect VPN connection, and verify that it's working again.
-
-### Viewing Network Manager OpenVPN Logs
-
-If there are problems with the OpenVPN connection, it may help to have debugging information from Network Manager. Getting that takes a little work, however. First, you must edit its configuration file to maximize logging. Run the following command in a terminal window:
-
-    user@ubuntu:~$ sudo nano /etc/NetworkManager/NetworkManager.conf
-
-Add these two lines at the end of the file, after a blank line:
-
-    [logging]
-    level=DEBUG
-
-Save the altered file by typing Ctrl-O, and exit nano by typing Ctrl-X. Then restart Network Manager by running the following command in a terminal window:
-
-    user@ubuntu:~$ sudo service network-manager restart
-
-Finally, connect the VPN using the Network Manager icon in the top panel bar. Wait until it either connects, or gives up. In order to see the openvpn connection log, run the following command in a terminal window:
-
-    user@ubuntu:~$ grep nm-openvpn /var/log/syslog
-
-### Completing the Installation
-
-You're almost done. If desired, activate proprietary drivers and reboot. Then start Update Manager, download and install updates, and let the machine reboot.
-
-Your VM host machine will have no Internet connectivity whenever it boots, given that VPN-Firewall is active and no VPN is running. That's arguably the best default, because you must actively choose how to proceed.
-
- [1]: https://packages.ubuntu.com/search?keywords=openvpn&searchon=names&suite=all&section=all
- [2]: https://packages.ubuntu.com/search?suite=all&section=all&arch=any&keywords=network-manager-openvpn-gnome&searchon=names
- [3]: https://packages.ubuntu.com/search?suite=all&section=all&arch=any&keywords=openconnect&searchon=names
- [4]: https://packages.ubuntu.com/search?suite=all&section=all&arch=any&keywords=libopenconnect5&searchon=names
- [5]: https://packages.ubuntu.com/search?suite=all&section=all&arch=any&keywords=network-manager-openconnect&searchon=names
- [6]: https://packages.ubuntu.com/search?suite=all&section=all&arch=any&keywords=liblzo2-2&searchon=names
- [7]: https://packages.ubuntu.com/search?suite=all&section=all&arch=any&keywords=libpkcs11-helper1&searchon=names
- [8]: https://community.openvpn.net/openvpn/wiki/SecurityOverview
- [9]: http://askubuntu.com/questions/74059/how-do-i-run-wireshark-with-root-privileges
- [10]: https://www.dnsleaktest.com/
- [11]: https://www.grc.com/dns/
- [12]: https://github.com/adrelanos/VPN-Firewall
diff --git a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-5.md b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-5.md
deleted file mode 100644
index c47c68a1d..000000000
--- a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-5.md
+++ /dev/null
@@ -1,105 +0,0 @@
----
-title: Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 5
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/advanced-privacy-and-anonymity-part-5/
-section: Advanced
-weight: 50
-articles: [
-  {
-    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 6",
-    url: "/privacy-guides/advanced-privacy-and-anonymity-part-6/"
-  },
-  {
-    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 7",
-    url: "/privacy-guides/advanced-privacy-and-anonymity-part-7/"
-  },
-  {
-    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 8",
-    url: "/privacy-guides/advanced-privacy-and-anonymity-part-8/"
-  }
-]
-date: 2013-10-23T12:38:21+00:00
-layout: guides-details
----
-## Installing VirtualBox and Creating Linux VMs
-
-### Introduction
-
-This tutorial covers installing VirtualBox, and creating Linux (Ubuntu, Xubuntu or Debian) workstation and LiveCD VMs. Installing VirtualBox is trivial. Download the version of VirtualBox for your host machine OS from <https://www.virtualbox.org/wiki/Downloads>. Then open the downloaded package with the Ubuntu Software Center, and install. For Debian hosts, use dpkg in a terminal. Finally, download the Extension Pack, and open it with VirtualBox to install. That's it. With VirtualBox running, hitting F1 opens the user manual, which is excellent and comprehensive.
-
-### VirtualBox Networking Basics
-
-By default, VM network adapters are attached to `NAT`. That is, they use the host machine's active network gateway (wired, wireless, VPN, etc) with network address translation (NAT) and VirtualBox's built-in DHCP server. Multiple VMs using VirtualBox NAT are isolated from each other. VM network adapters can also be attached to VirtualBox internal networks, and multiple VMs can communicate through shared internal networks. But there is no network connectivity with the host machine for VMs that are attached to either NAT or internal networks.
-
-Router/firewall VMs (such as pfSense and OpenWRT) have at least two network adapters, WAN and LAN, and typically run a DHCP server on LAN. For example, you can attach the WAN adapter to the host via NAT, and the LAN adapter to an internal network. You can also use router/firewall VMs to establish connections with remote VPN servers or Tor through WAN, and route those connections to LAN. That's the basis of the setup that we're creating.
-
-VM network adapters can be attached to the host machine in two other ways. First, through selecting `Bridged Adapter`, they can be bridged to the host's physical network adapters. For example, VMs with WAN bridged to the host's LAN adapter behave just like other machines on the host's LAN, perhaps with IP addresses from the LAN router. Conversely, by bridging the LAN adapter of a router/firewall VM to another host network adapter, you can provide routed resources (such as a VPN or Tor tunnel) to other physical machines or networks.
-
-Second, through selecting `Host-only Adapter`, VM network adapters can be bridged to virtual network adapters on the host. The two bridging modes work well together. In particular, it's possible to route traffic from the host machine's LAN (with `Bridged Adapter`) to a VM (or even a network of VMs) and then back to the host (with `Host-only Adapter`) through a virtual network adapter. For example, you could have the host machine access the Internet through an intrusion prevention system (IPS) and/or a nested chain of VPNs and Tor. Although that's not part of this series of guides, it's discussed [here][1] in some detail.
-
-### Creating Linux Workstation VM
-
-Creating VMs is very easy, and section 1.7 of the VirtualBox manual (hit F1) explains it well. It's a two-stage process. First, you configure the new VM in VirtualBox. Second, you start the VM, and install the OS, just as you would on a physical machine.
-
-Linux is the best choice for a secure and private workstation VM. It's open-source and free, so there's no money trail linking you to a product ID. [Ubuntu][2] is a good choice for new Linux users. It's best to use releases with long-term support (currently 12.04). For those who dislike the Unity desktop, [Xubuntu][3] and [Mint][4] (both based on Ubuntu) are good alternatives. [Debian][5] is arguably more secure, but not as user-friendly.
-
-You can use the same 64-bit alternative installer image file (Ubuntu, Xubuntu or Debian) that you used for the host machine. Or you can download a 32-bit (aka i386) regular desktop installer image file for the Linux distro that you've chosen. In any case, you'll need the standard desktop installer image file for creating LiveCD VMs (explained below).
-
-As discussed in [Part 2. Advanced Privacy and Anonymity Using VMs, VPN’s, Tor][6], WebGL fingerprinting is a serious risk when using VMs for compartmentalization. On a given host, all VMs that use a given graphics driver will have the same WebGL fingerprint, because they all use the same virtual GPU.
-
-It's best to compartmentalize across VMs with different graphics drivers. Use Debian or Lubuntu, perhaps, but not both (where it matters, anyway). For compartments where separation is crucial, use VMs with different graphics drivers. Possibilities include Arch, Fedora, PCBSD, Windows and Yosemite Zone.
-
-First open VirtualBox, and click the `New` icon. Enter your desired VM name, and select the proper OS type (Linux) and version (Ubuntu for Ubuntu, Mint or Xubuntu) or Debian, choosing 32-bit or 64-bit as appropriate. Specify 1 GB memory to avoid disk swapping. If host RAM is limited, you can reduce it later. Use the defaults for virtual hard disk type (dynamically allocated VDI) and location, but specify at least 100-200 GB maximum size. The initial size of the virtual disk will be at most 5-6 GB. But with large maximum size, it's very easy to accommodate unplanned growth. After reviewing the final summary screen, hit `Create`.
-
-Next, tweak the new VM's settings. In the `General/Advanced` tab, leave `Shared Clipboard` and `Drag'n'Drop` set to `Disabled` (for security). Under `System/Motherboard`, change the boot order to `Hard Disk, CD/DVD`, and deselect `Enable absolute pointing device`. Under `System/Processor`, select `Enable PAE/NX` (if your host supports it). Under `Display/Video`, increase video memory to 128 MB (unless host RAM is limited). Under `USB` settings, deselect `Enable USB Controller` (for security).
-
-Now add the OS installer image. Under `Storage`, highlight the CD icon (named `Empty`) under `IDE Controller`. Then hit the CD icon to the far right of `CD/DVD Drive`, and select `Choose a virtual CD/DVD disk file`. Navigate to wherever you put your installer image, and select it. Then click `OK` to exit the settings screen.
-
-Then double click on the new VM, and go through the install process. It's OK to accept all defaults. But you can select the encrypted LVM option for disk partitioning , if you like. Although whole-disk encrypted VMs may leave plaintext on host machines, that's better than nothing if the host is compromised while running. As the VM is rebooting after installation completes, click `Devices` in the main menu, highlight `CD/DVD Devices`, and select `Remove disk from virtual drive`.
-
-To get better VM performance, you may want to install VirtualBox guest additions (customized kernel modules). Guest additions also provide better display and mouse integration, and enable mounting host folders (aka `shared folders`) in the VM. However, some of the kernel customizations may reduce guest-host isolation, and using shared folders definitely does. It's a typical convenience vs security trade-off.
-
-Ubuntu or Xubuntu will prompt you to install the guest-additions kernel-module package as `additional drivers`. If not, use the Settings menu. You can also install guest additions by clicking `Devices` in the VirtualBox menu, and then `Install Guest Additions`. But don't do both. Debian 7.10 automatically installs the guest-additions kernel-module package.
-
-It's prudent to disable WebGL in browsers before using them online. Take the VM offline, by changing `Adapter 1` to `Not attached` in VirtualBox Network settings. Then start Firefox in the VM, open `about:config`, and toggle `webgl.disabled` to `true`. Now change `Adapter 1` back to `NAT` (`Internal Network`, when you're using pfSense VPN-gateway VMs). You can also install NoScript, and check `Forbid WebGL` in the `Embeddings` tab of `Options`.
-
-Now reboot, use Update Manager to download and install updates, and let the system reboot again. You're done.
-
-### Creating Diskless Linux LiveCD VM
-
-Diskless LiveCD VMs are useful whenever isolation matters, because VM storage in ramdisk doesn't survive rebooting (although traces may remain in host memory cache). Using them may be prudent for some online work, and they're definitely useful for administering multiple pfSense VPN-client VMs. For example, you could download configuration files for a new VPN service through the appropriate nested VPN chain, and then configure and test the new pfSense VM. After rebooting the LiveCD VM, you could safely get configuration files for another new VPN service (even from a shared host folder) and then configure and test its new pfSense VM.
-
-Although you might want a few diskless LiveCD VMs for convenience, you'll still need less workstation VMs overall. Also, they don't require updating, and upgrading them to a new release is simple. The LiveCD image is read-only, and loads to ramdisks during boot, so at least two or three VMs can typically share an image.
-
-You must use a regular Ubuntu (or Xubuntu or Debian) desktop installer image, which works as a LiveCD. As described above, select the proper OS type and version, and specify 1 GB memory to avoid disk swapping. Then specify `Do not add a virtual hard drive`, and hit `Create`. Tweak the new VM's settings as described above, except for the `Storage` tab.
-
-Under `Storage`, delete the IDE controller and attached CD/DVD drive. Under the SATA controller, create two CD/DVD drives. For the SATA port 0 drive, add the installer image, and enable `Live CD/DVD`. For the SATA port 1 drive, add VBoxGuestAdditions.iso (located in /usr/share/virtualbox/). Then click `OK` to exit the settings screen.
-
-Start the new VM, and choose the option to try without installing. That's it.
-
-Installing VirtualBox guest additions will improve performance, and is necessary for using shared host folders. But you'll need to repeat the installation after each reboot, because the VM intentionally has no persistent storage. Once the VM has finished booting, open a terminal and run these commands:
-
-    ubuntu@ubuntu:~$ sudo mkdir /media/cdrom1
-    ubuntu@ubuntu:~$ sudo mount /dev/sr1 /media/cdrom1
-    ubuntu@ubuntu:~$ cd /media/cdrom1
-    ubuntu@ubuntu:~$ sudo ./VBoxLinuxAdditions.run
-
-The installer will complain about missing headers for the running kernel, but will succeed anyway. Installation worked if the mouse pointer is no longer captured.
-
-If you want a shared folder, start by creating a new folder on the host, for example `/home/user/LiveCD`. Then click `Devices` in the top menu bar, and select `Shared Folders`. Click the `+` icon (upper right) and navigate to the host folder that you just created. Note the folder name, here `LiveCD`, and `OK` out.
-
-Now open a terminal in the VM, and run these commands, replacing `LiveCD` with the name of your shared folder:
-
-    ubuntu@ubuntu:~$ sudo mkdir /home/ubuntu/host
-    ubuntu@ubuntu:~$ sudo mount -t vboxsf LiveCD /home/ubuntu/host
-
-The VM folder `/home/ubuntu/host` is now linked to the host folder `/home/user/LiveCD`. The link (and its configuration) will be gone after rebooting. To unmount before rebooting, open a terminal in the VM and run this command:
-
-    ubuntu@ubuntu:~$ sudo umount /home/ubuntu/host
-
- [1]: https://www.wilderssecurity.com/showthread.php?t=339051&page=11
- [2]: http://www.ubuntu.com/download/desktop
- [3]: http://xubuntu.org/getxubuntu/
- [4]: http://www.linuxmint.com/download.php
- [5]: http://www.debian.org/CD/netinst/
- [6]: /privacy-guides/advanced-privacy-and-anonymity-part-2/
diff --git a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-6.md b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-6.md
deleted file mode 100644
index 608e35c53..000000000
--- a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-6.md
+++ /dev/null
@@ -1,456 +0,0 @@
----
-title: Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 6
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/advanced-privacy-and-anonymity-part-6/
-section: Advanced
-weight: 60
-articles: [
-  {
-    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 7",
-    url: "/privacy-guides/advanced-privacy-and-anonymity-part-7/"
-  },
-  {
-    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 8",
-    url: "/privacy-guides/advanced-privacy-and-anonymity-part-8/"
-  }
-]
-date: 2013-10-23T12:39:07+00:00
-layout: guides-details
----
-## Creating pfSense® 2.2.6 VMs as VPN Clients
-
-### Introduction
-
-At this point, if you've followed [Setting Up Secure Host Machines](/privacy-guides/advanced-privacy-and-anonymity-part-4/), your new VM host machine can only access the Internet through your chosen direct-connect VPN service. If you've followed [Installing VirtualBox and Creating Linux VMs](/privacy-guides/advanced-privacy-and-anonymity-part-5/), you've created Linux workspace and LiveCD VMs. By default, their network adapters are NATed to the host machine, and they reach the Internet through your chosen direct-connect VPN service.
-
-This tutorial covers creating pfSense® 2.2.6 (hereinafter `pfSense`) router/firewall VMs, configuring them as VPN clients, and testing for leaks using Wireshark. Your Linux workspace and LiveCD VMs will access the Internet through nested chains of these VPN gateway VMs and Tor gateway VMs, as discussed in [Planning Advanced VM and VPN Setup](/privacy-guides/advanced-privacy-and-anonymity-part-3/). Using Tor gateway VMs is covered in [Paying Anonymously with Cash and Bitcoins](/privacy-guides/advanced-privacy-and-anonymity-part-7/) and [Creating Nested Chains of VPNs and Tor](/privacy-guides/advanced-privacy-and-anonymity-part-8/).
-
-> Note: I wrote this series in 2013, well over six years ago. Although I’ve updated stuff a few times since, it’s been a while. I’ll be doing a total rewrite soon, but that will take some time.
-> 
-> So anyway, pfSense has changed considerably since my last update. The basic approach still works, and I still use it. But much of this needs revised.
-
-If you want the host machine to routinely access the Internet directly, you can create a pfSense VM client for your chosen direct-connect VPN service. You can use that in your nested VPN chains, instead of the VPN client on the host machine, and connect via the VPN client on the host machine only when you want to hide software downloads or whatever. However, if you've chosen the high-privacy option, it's crucial to continue using the host machine client for your direct-connect VPN.
-
-### Create New VPN Account
-
-Your VM host machine is still using your direct-connect VPN service. The first pfSense VPN-client VM that you create can use either that VPN service, or another that will connect through it. It's best to use a second VPN service for your first pfSense VM, in order to avoid leaks during the host-client to VM-client transition.
-
-You'll need an account with another VPN provider. It's best to start with a free VPN service, because there's no money trail. There are bandwidth and usage limits, however. [Paying Anonymously with Cash and Bitcoins](/privacy-guides/advanced-privacy-and-anonymity-part-7/) covers methods for anonymously buying VPN services.
-
-Although [SecurityKISS](http://www.securitykiss.com/) has a good free option, it does require an email address. But you can use free webmail accounts. The fastest (and perhaps most anonymous) option is [AnonBox](https://anonbox.net/) from the Chaos Computer Club. But accounts last at most one day, and are deleted after messages have been read. For persistent accounts, [VFEmail](https://vfemail.net/) is a good choice, because it only asks for a name.
-
-It's OK to use the host machine (running the direct-connect VPN) for this. For better isolation, you could dedicate a Linux VM (possibly full-disk encrypted) for this and other sensitive work on the host machine. Once you have a client ID and password from SecurityKISS, download the OpenVPN configuration files for Linux.
-
-### Creating & Configuring pfSense VM
-
-Download `pfSense-LiveCD-2.1.5-RELEASE-amd64.iso.gz` from [pfSense's Coltex (Amsterdam, NL) mirror][1] to the host machine (using the direct-connect VPN) and extract the installer image.
-
-Create a pfSense VM, basically as described for Linux VMs in Installing VirtualBox and Creating Linux VMs.
-
-  1. Select BSD as the OS, and FreeBSD (64 bit) as the version.
-  2. Specify 512MB memory.
-  3. Create a new hard disk using the defaults (VDI, dynamically allocated, 2GB) and finish.
-  4. Then tweak the settings. Change the boot order to Hard Disk, CD/DVD and enable PAE/NX.
-  5. Add the installer image to the virtual CD/DVD drive.
-  6. Disable audio and USB support.
-  7. Leave the default network adapter «Adapter 1» attached to NAT (host) and don't change advanced settings. If this VM will connect through another pfSense VPN-gateway VM, however, attach this adapter to its internal network.
-  8. Add a second network adapter «Adapter 2» and attach it to an internal network named, for example, pfS-SK (but don't change advanced settings).
-  9. Start the pfSense VM. In the console window, hit `1` to boot, and then hit `i` to start the installer.
- 10. On the `Configure Console` screen, select `Accept these Settings`.
- 11. On the `Select Task` screen, select `Quick/Easy Install`.
- 12. Under `Are you SURE?`, select `OK`. Wait a while.
- 13. On the `Install Kernel(s)` screen, select `Standard kernel`.
- 14. On the `Reboot` screen, select `Reboot`.
- 15. While it's rebooting, using the `Devices | CD/DVD Devices` menu at the top, select `Remove disk from virtual drive`. To speed booting, you can hit `F1` and then `1` in the console. Then wait for pfSense to finish booting.
-
-Edit the settings for the LiveCD VM, attaching the network adapter «Adapter 1» to the same internal network as the new pfSense VM (for example, `pfS-SK`). Then start the LiveCD VM, and download your OpenVPN configuration files for Linux from SecurityKISS. Don't visit any other websites, to mitigate tracking risk. If necessary, you could also access your initial download (above) via shared folders, but that would require installing VirtualBox Guest Additions.
-
-Freshly installed, pfSense routes all outbound connections (from computers on its LAN) through its WAN. But it blocks all new inbound connections from WAN, allowing only those that were established from LAN. If the LiveCD VM can't see the Internet, recheck your host and the pfSense VM settings.
-
-#### Configuring pfSense and Creating VPN Client
-
-Now browse to the WebGUI at <https://192.168.1.1> and create a server certificate exception. Login as `admin` with password `pfsense`, and complete the setup wizard. Decline the Gold support option, unless you have an anonymous credit/debit card. The next screen asks for DNS servers that pfSense should use internally, and whether to `[a]llow DNS servers to be overridden by DHCP/PPP on WAN`. I prefer to hard code DNS servers. Using DNS servers pushed by WAN can also be OK, but there are two risks. First, it may not work for some VPN combinations in nested VPN chains. Second, there is the risk that pfSense will end up using your ISP's DNS servers (if they've been passed along to pfSense WAN). Even so, as long as you specify DNS servers in `Services: DHCP server`, the DNS servers that pfSense uses internally will not be pushed to DHCP clients (that is, your workspace VM, and other gateway VMs that connect through this one).
-
-I recommend specifying reliable third-party DNS servers, such as those listed by [WikiLeaks][2] or [JonDoNYM](https://anonymous-proxy-servers.net/wiki/index.php/Censorship-free_DNS_servers). If you've chosen the high-privacy option, you could specify DNS server(s) pushed by your direct-connect VPN service, or allow DNS servers to be overridden by DHCP on WAN. The key points are: 1) avoid using DNS servers pushed by your ISP; and 2) avoid using the same DNS servers at multiple levels of your VPN chain.
-
-Accept the default timeserver and timezone, and hit `Next`. On the WAN screen, accept defaults, except for unchecking `Block private networks` and `Block bogon networks`, and hit `Next`. Accept all defaults on the LAN screen, and hit `Next`. Set a strong password on the next screen, and let pfSense reload. Now you're at the pfSense WebGUI Dashboard. It's best to reboot pfSense before proceeding. In the pfSense VM console window, reboot by entering `5` and then `y` to confirm.
-
-Before creating an iVPN client, tweak pfSense settings. In `System: General Setup`, check “Do not use the DNS Forwarder as a DNS server for the firewall”, and save. That prevents propagation of DNS server specifications through pfSense. In the webGUI in `System: Advanced: Networking`, uncheck “Allow IPv6″ and check “Prefer to use IPv4 even if IPv6 is available”, and save. In `System: Advanced: Miscellaneous`, check `Skip rules when gateway is down`. That provides backup protection against leaks to WAN if the iVPN connection goes down. Now reboot pfSense again, from the console, by entering `5` and then `y` to confirm.
-
-Although I have never seen outbound traffic use the WAN interface when a VPN is down, pfSense documentation does say this: “By default, when a rule has a specific gateway set and this gateway is down, a rule is created and traffic is sent to the default gateway. This option overrides that behavior and the rule is not created when gateway is down, so instead of flowing via the default gateway, the traffic will continue to attempt to use the gateway that is in a down state, and it will most likely not proceed. This is useful if you have traffic that should only ever use one specific WAN and never flow over any other WAN, regardless of how the firewall’s routing table has for the default route.”
-
-For `normal` network setups, it's important to specify good DNS servers, and to minimize the need for hard coding. In such cases, it's best to allow system DNS servers to be overridden by DHCP/PPP on WAN, and to enable DNS forwarding. That allows DNS server specifications to transparently propagate through complex networks of pfSense routers. However, in nesting VPNs using pfSense VMs, it's crucial to use different DNS servers at each level. Using the same DNS servers across levels would be a serious information leak.
-
-Review the `Setting Up VPN on Linux Workstation VM` section of [Basic Setup Using VMs, VPNs and Tor](/privacy-guides/advanced-privacy-and-anonymity-part-2/). Then, in the pfSense WebGUI Dashboard, go to `System: Certificate Authority Manager`. Add `ca.crt` in the `CAs` tab. If you have `client.crt` and `client.key`, add them in the `Certificates` tab.
-
-Go to VPN: OpenVPN: Client and hit the `+` icon to create a client. The specifics depend on what the OpenVPN server supports, and what it expects from its clients. Use an OpenVPN configuration file (with extension .conf or .ovpn) from the service as a guide. In particular, note the server address and port, and the encryption algorithm. In chaining VPNs, it's simpler to use IP addresses, rather than hostnames, although reliability may be lower (because you've broken failover for the VPN service).
-
-For SecurityKISS, accept the defaults in `VPN: OpenVPN: Client` setup, except as noted:
-
-Server host or address: 46.165.197.1 or 46.165.221.230 or 62.75.181.139 (Germany)
-  
-Server port: 123
-  
-Server host name resolution: enable (check) `Infinitely resolve server`
-  
-TLS Authentication: disable (uncheck) `Enable authentication of TLS packets.`
-  
-Client Certificate: client
-  
-Encryption algorithm: BF-CBC (128-bit)
-  
-Compression: enable (check) `Compress tunnel packets using the LZO algorithm.`
-  
-Advanced: remote-cert-tls server;verb 5
-
-VPN services generally authenticate using either username and password, or `client.crt` and `client.key`. As noted above, SecurityKISS uses `client.crt` and `client.key`. But iVPN uses only username and password. A few VPN services use both. It's unlikely that they would use no authentication.
-
-If username and password are required, enter them under User Authentication Settings. For VPN services that use only username and password, such as iVPN, use `None (Username and Password required)` for `Client Certificate`. If there's no authentication, instead use `webConfigurator default`.
-
-Many services, such as IVPN, use TLS authentication with a shared key. Under `TLS Authentication`, leave `Enable authentication of TLS packets.` checked, but disable (uncheck) `Automatically generate a shared TLS authentication key`. Then paste `ta.key` in the text box.
-
-For iVPN, enter the following in the `Advanced` box:
-
-    persist-tun;persist-key;persist-remote-ip;tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-DSS-WITH-AES-256-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA;ns-cert-type server;verify-x509-name de name-prefix
-
-Save the client configuration, and check `Status: OpenVPN`. The status should be `up`. Then check `Status: System logs: OpenVPN`. You should see `Initialization Sequence Completed` near the bottom. A few lines above, you should see a line that starts (after the timestamp) with `PUSH: Received control message ...`. If you don't see `redirect-gateway def1` in that line, edit the `VPN: OpenVPN: Client` setup, and add `redirect-gateway def1;` to the `Advanced` text box. If the VPN isn't connecting, look for errors in `Status: System logs: OpenVPN`. You may need to tweak the `Advanced` string by adding other options from the service's configuration file. If you see it complain about cipher mismatch, use the one it wants in your client configuration.
-
-Once the VPN is connecting, check `Status: System logs: OpenVPN` again, find the `PUSH: Received control message ...` line, and look for `dhcp-option DNS server` followed by an IP address. Then go to `Services: DHCP server`, and specify that IP address as `DNS server`. That works for most VPN services. But if it doesn't, which you'll discover soon, you'll need to instead use third-party DNS servers, such as those from WikiLeaks or JonDoNYM. However, do not use any of the ones that you used above in the setup wizard (which appear in `System: General Setup`) because you don't want to `short-circuit` VPN anonymity by using the same DNS server(s) for both entry and exit traffic.
-
-At this point, pfSense is not routing anything through iVPN, and your LiveCD VM has no Internet connectivity. That's normal. Don't worry. Go to `Interfaces: Assign network ports`, and hit the `+` icon to add `OPT1`. Then go to `Interfaces: OPT1`, enable it, rename it as `SKISS` or whatever, save and apply changes. In `Firewall: NAT: Outbound`, select `Manual Outbound NAT rule generation`, save, and then apply changes. In the same tab, edit each of the four rules (two for localhost to WAN, and two for LAN to WAN). For each rule, click the `e` icon at the right, and use the toggle to change the `Interface` from `WAN` to SKISS (or whatever you've named it). Then hit the `Apply Changes` button.
-
-In `Firewall: Rules: LAN`, edit the existing rule `Default allow LAN to any rule`. Using the `Gateway` toggle in the lower `Advanced features` section, select SKISS as gateway. Rename the rule as `Allow LAN to any rule via SKISS` and save. In the rule list, it should look like `<code>* LAN net * * * SKISS_VPNV4 none</code>`. Also edit the existing rule for IPv6 traffic. At the top, toggle `Action` from `Pass` to `Block`, and rename it as `Block LAN IPv6 to any rule`. Then apply changes.
-
-Back in the pfSense VM console window, reboot by entering `5` and then `y` to confirm. After bootup, there should be an IP address after `ovpnc1`. If it shows `NONE`, hit enter once or twice. If it still shows `NONE`, recheck the pfSense configuration using the WebGUI. Start by looking for errors in `Status: System logs: OpenVPN`. It's also possible that the direct-connect VPN connection has gone MIA. Check for that, and reconnect if necessary.
-
-At this point, all outbound traffic from LAN will use the VPN gateway (SKISS or whatever) rather than the WAN gateway. Browse <http://whatismyipaddress.com> or another such site. The IP address should match the iVPN exit server for the route that you’re using. It may take a minute or two for the routing to stabilize.
-
-There are two straightforward tweaks that help prevent leaks. First, in `System: Routing: Gateways`, edit the VPN gateway. Check `Default Gateway` to set, save, and then apply changes. Second, in `System: General Setup`, set the gateway for all DNS servers listed there as WAN. This is necessary because the VPN is now the default gateway. You might think that this setup would prevent the VPN link from coming up, but it doesn't.
-
-By default in pfSense, all outbound traffic is allowed on WAN. However, it is more secure to specify the hosts that pfSense can connect to via WAN, and to block everything else. This is rather more complicated, because one must use aliases. Using aliases in restricting outbound traffic on WAN is necessary because there can be multiple values, and because hosts may be specified by hostname, rather than by IP address. If this is your first pfSense setup, it's best to verify that pfSense is working properly before attempting these steps.
-
-Aliases are needed for four types of outbound traffic: 1) the DNS server IPs specified in `System: General Setup`; 2) the pfSense NTP server hostname specified in `System: General Setup`; 3) the OpenVPN server hostname or IP specified in `OpenVPN: Client`; and 4) the pfSense servers needed for updating. In `Firewall: Aliases: IP`, create four aliases, using the `+` button to add the values:
-
-{{< raw-html >}}
-<table class="table--data">
-  <tr>
-    <th>
-      Name
-    </th>
-    <th>
-      Values
-    </th>
-    <th>
-      Description
-    </th>
-  </tr>
-  <tr>
-    <td>
-      dnssvr
-    </td>
-    <td>
-      1.2.3.4 5.6.7.8 ...
-    </td>
-    <td>
-      DNS server IP addresses
-    </td>
-  </tr>
-  <tr>
-    <td>
-      ntpsvr
-    </td>
-    <td>
-      0.pfsense.pool.ntp.org
-    </td>
-    <td>
-      default pfSense NTP server
-    </td>
-  </tr>
-  <tr>
-    <td>
-      vpnsvr
-    </td>
-    <td>
-      vpn.entry.server.net
-    </td>
-    <td>
-      OpenVPN server hostnames or IP addresses
-    </td>
-  </tr>
-  <tr>
-    <td>
-      update
-    </td>
-    <td>
-      www.pfsense.org updates.pfsense.org
-    </td>
-    <td>
-      pfSense update server
-    </td>
-  </tr>
-</table>
-{{< / raw-html >}}
-
-Using these aliases, you then add rules for the WAN interface to pass necessary outbound traffic, and then a final rule to block everything else. In `Firewall: Rules: WAN`, create these rules, specifying `Single host or address` for the pass rules:
-
-{{< raw-html >}}
-<table class="table--data">
-  <tr>
-    <th>
-      Action
-    </th>
-    <th>
-      TCP/IP Version
-    </th>
-    <th>
-      Protocol
-    </th>
-    <th>
-      Source
-    </th>
-    <th>
-      Port
-    </th>
-    <th>
-      Destination
-    </th>
-    <th>
-      Port
-    </th>
-    <th>
-      Gateway
-    </th>
-    <th>
-      Queue
-    </th>
-    <th>
-      Description
-    </th>
-  </tr>
-  <tr>
-    <td>
-      pass
-    </td>
-    <td>
-      IPv4
-    </td>
-    <td>
-      TCP/UDP
-    </td>
-    <td>
-      WAN address
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      dnssvr
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      none
-    </td>
-    <td>
-      Allow to DNS server(s)
-    </td>
-  </tr>
-  <tr>
-    <td>
-      pass
-    </td>
-    <td>
-      IPv4
-    </td>
-    <td>
-      UDP
-    </td>
-    <td>
-      WAN address
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      ntpsvr
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      none
-    </td>
-    <td>
-      Allow to NTP server
-    </td>
-  </tr>
-  <tr>
-    <td>
-      pass
-    </td>
-    <td>
-      IPv4
-    </td>
-    <td>
-      TCP/UDP
-    </td>
-    <td>
-      WAN address
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      vpnsvr
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      none
-    </td>
-    <td>
-      Allow to OpenVPN server
-    </td>
-  </tr>
-  <tr>
-    <td>
-      pass
-    </td>
-    <td>
-      IPv4
-    </td>
-    <td>
-      TCP/UDP
-    </td>
-    <td>
-      WAN address
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      update
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      none
-    </td>
-    <td>
-      Allow to pfSense update server
-    </td>
-  </tr>
-  <tr>
-    <td>
-      block
-    </td>
-    <td>
-      IPv4
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      WAN address
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      none
-    </td>
-    <td>
-      Block all other IPv4
-    </td>
-  </tr>
-  <tr>
-    <td>
-      block
-    </td>
-    <td>
-      IPv6
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      WAN address
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      *
-    </td>
-    <td>
-      none
-    </td>
-    <td>
-      Block all IPv6
-    </td>
-  </tr>
-</table>
-{{< / raw-html >}}
-
-Then reboot from the console window, by entering `5` and then `y` to confirm.
-
-Once the pfSense VPN-client VM is working properly, edit the settings for the workstation VM that will be using it. Attach its network adapter (`Adapter 1`) to the internal network that's attached to the pfSense VM's LAN adapter. Then start the workstation VM, and browse <http://whatismyipaddress.com>. The IP address should match the OpenVPN server that you're using.
-
-If the site doesn't load, open a terminal and run `ping 4.2.2.2`. If you get no responses, recheck the VPN connection using the pfSense WebGUI. If `Status: OpenVPN` shows that it's up, it's probably DNS resolution that's not working. Edit `Services: DHCP server` and specify reliable third-party DNS servers. But make sure not to use any of the DNS servers that you're already using for the host machine, the direct-connect VPN, or pfSense itself (as specified in `System: General Setup`).
-
-Next, check your DNS servers by running the standard DNS spoofability test at <https://www.grc.com/dns/> in the workstation VM. It should report only the DNS server(s) that you have specified in pfSense under `Services: DHCP server`. If it reports others, there's something wrong with the pfSense setup.
-
-### Leak Testing with Wireshark
-
-After reviewing the section on installing and using Wireshark at the end of [Basic Setup Using VMs, VPNs and Tor](/privacy-guides/advanced-privacy-and-anonymity-part-2/), install Wireshark and configure it on the workstation VM that you're using. Then reboot the workstation VM. Also start the LiveCD VM. Both should be attached to the internal network that's attached to the pfSense VM's LAN adapter.
-
-In testing for leaks, you'll be capturing on the WAN interface in pfSense (using the WebGUI via the LiveCD VM), and also on eth0 in both the host machine and the workstation VM. If everything is working properly, you should see only traffic with the direct-connect VPN server on host eth0, and only traffic with the indirect-connect VPN server on pfSense WAN. On workstation eth0, you should see traffic with whatever websites that you use while testing.
-
-In order to analyze the pfSense WAN capture with Wireshark, you'll need to copy the capture file from the LiveCD VM to the host. And, in order to do that, you'll need to (temporarily) install guest additions in the LiveCD VM, and create a temporary shared folder for the LiveCD VM, as explained in the `Creating Diskless Linux LiveCD VM` section of [Installing VirtualBox and Creating Linux VMs](/privacy-guides/advanced-privacy-and-anonymity-part-5/). Alternatively, you can (temporarily) install and configure Wireshark in the LiveCD VM.
-
-To begin the leak test, first go to `Diagnostics: Packet Capture` in the WebGUI for the pfSense VPN-client VM, which you're accessing on the LiveCD VM. Accept the defaults for capturing on WAN, but specify `` for `Count` (to set no limit). Then open Wireshark on both the host machine and workstation VM. You'll be capturing on eth0 in both. Now start all three captures.
-
-On the workstation VM, use Firefox to check <http://whatismyipaddress.com>, run the DNS test at <https://www.grc.com/dns/>, and browse for a while. After 10-20 minutes, stop all three captures, and save the pfSense capture on the LiveCD VM to the temporary shared folder on the host (unless you're also running Wireshark in the LiveCD VM).
-
-Run Statistics/Endpoints on all three captures, using Wireshark in the host (or LiveCD VM) for the pfSense capture. You should see only local IPs and the direct-connect VPN server on host eth0, only local IPs and the indirect-connect VPN server on pfSense WAN, and both local IPs and remote IPs used in testing on workstation eth0.
-
-Now go to `Diagnostics: Command prompt` in the pfSense WebGUI that you're accessing on the LiveCD VM. In the box under `Execute Shell command`, enter `killall openvpn` and hit `Execute`. Then start all three captures as explained above. Verify that Firefox on the workstation VM can't see anything, and that pinging the IP address of your VPN server etc fails. After 10-20 minutes, stop all three captures, and save the pfSense capture on the LiveCD VM to the shared folder as above.
-
-Run Statistics/Endpoints on all three captures. You should see only local IPs and the direct-connect VPN server on host eth0. On pfSense WAN, you should only see traffic with local IPs, and perhaps reconnection attempts **from** the indirect-connect VPN server that you were connected to. On workstation eth0, you should see only local IPs and connection attempts for whatever sites that you use while testing.
-
-Finally, go to the pfSense console window, and reboot by hitting `5` and `y`. On the workstation VM, check <http://whatismyipaddress.com> to verify that it's all working again.
-
-That's it.
-
- [1]: http://files.nl.pfsense.org/mirror/downloads/
- [2]: https://www.wikileaks.org/wiki/Alternative_DNS
diff --git a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-7.md b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-7.md
deleted file mode 100644
index 0b619f94f..000000000
--- a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-7.md
+++ /dev/null
@@ -1,153 +0,0 @@
----
-title: Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 7
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/advanced-privacy-and-anonymity-part-7/
-section: Advanced
-weight: 70
-articles: [
-  {
-    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 8",
-    url: "/privacy-guides/advanced-privacy-and-anonymity-part-8/"
-  }
-]
-date: 2013-10-23T12:39:49+00:00
-layout: guides-details
----
-## Paying Anonymously with Cash and Bitcoins
-
-### Introduction
-
-In using nested chains of VPN services and Tor for anonymity, the weakest links are arguably the money trails to VPN services that are routed through other VPN services. That's especially problematic for VPN services to be routed through Tor. Using free VPN services is an option, but they typically cap bandwidth and throughput. The best option for anonymously buying VPN services is sending cash by mail. Using Bitcoins that have been well anonymized through multiple accounts and mixing services is another option. This tutorial covers both.
-
-> Note: I wrote this series in 2013, well over six years ago. Although I’ve updated stuff a few times since, it’s been a while. I’ll be doing a total rewrite soon, but that will take some time.
-> 
-> So anyway, privacy in meatspace is basically dead, given increasingly pervasive surveillance. So there's a lot that needs revised. Using giftcards, mailing cash, etc are far more risky. Also, Electrum is now the best Bitcoin wallet in Linux. And I have updated recommendations for Bitcoin mixers.
-
-### Cash by Mail
-
-Several VPN providers accept cash payments by mail. Check their payment options, or email support. It's the most anonymous option, as long as you're not under active surveillance. However, there are two disadvantages: 1) time (especially for international surface mail); and 2) risk of loss or theft in transit.
-
-Take care to avoid attracting attention. Include a valid return address that's not associated with you in any way. Use a computer printer, rather than printing by hand. However, do not use a color laser printer, because the printer serial number and a timestamp may be [encoded in a pattern of faint yellow dots][1]. Add enough postage, but not way too much. Use large denominations (no coins) and wrap the cash in a sheet of paper, with your account username printed on it. Also, use cash given anonymously as change, rather than from an ATM or bank withdrawal.
-
-> Note: This is far riskier than it was six years ago.
-
-Use a public drop box located at least 200 Km away. Go in the evening, and avoid bright lighting. Before approaching, look for security cameras, and avoid looking directly at them. Look downward as much as possible, and wear something seasonably appropriate to conceal your face (such as a hooded shirt or jacket, or a wide-brimmed hat). If driving, park at a reasonable distance to avoid sharing your license tag, but not implausibly far.
-
-Use disposable gloves to avoid fingerprints. Although it's probably overkill, you can also take steps to confound DNA analysis. Accumulate dust from public places, containing the DNA of many people. Using toilet paper and wearing disposable gloves, lightly rub the dust into each component (cash, cover sheet and envelope).
-
-### Bitcoins
-
-Many VPN providers now accept Bitcoin payments. However, contrary to what you might have read, Bitcoins are not at all anonymous, unless you use them prudently. First, to comply with laws against money laundering, mainstream exchanges and purchasing channels now typically require documented identification. Second, the Bitcoin network by design records every transaction in a public accounting log, called the [blockchain][2].
-
-Another risk in using Bitcoins is price volatility. While that has been profitable for some speculators, it discourages routine use. For now, it's safest to limit Bitcoin holdings to current requirements.
-
-#### Buying Bitcoins
-
-In order to use Bitcoins, you'll need a wallet. Although convenient, online wallets are not very safe, because they're far too likely to disappear, get hacked, or be shut down. The [Blockchain wallet][4] is probably the safest online wallet. The Bitcoin Project now recommends the standalone [MultiBit client][5] for new users. The original Bitcoin client (Bitcoin-Qt) has become too resource intensive for casual use. It synchronizes the full [blockchain][6], which is currently over 9 GB, and growing at ~630 MB per month. That's especially problematic when running multiple clients via Tor for Bitcoin anonymization (as discussed below). Although MultiBit is a Java app, that's secure as long as the Java browser plug-in is not installed.
-
-There are [many ways][7] to buy Bitcoins. Although cash deposits are still possible in some places, transactions generally involve bank wires or commercial money-transfer services. Most services don't accept credit and debit cards, and those that do charge very large transaction fees to cover chargeback risk.
-
-{{< del >}}The most anonymous option is buying with cash from private sellers by mail. One reputable option is [Nanaimo Gold](https://www.nanaimogold.com/buy.php).{{< / del >}} Paying cash to private sellers in person is less anonymous. But it's easy to find sellers using [LocalBitcoins][8], and there's an escrow service to reduce the risk of fraud. Other (riskier) options for finding private sellers include [Bitcoin Forum /.../ Currency exchange][9] and [#bitcoin-otc][10].
-
-Before buying your Bitcoins, set up an initial wallet. The best place for it depends on how anonymously you're purchasing your Bitcoins. Anonymity levels should be comparable, so your Bitcoins don't compromise the location, and vice versa. If you must identify yourself to buy Bitcoins, it's OK to just use the Blockchain browser plug-in wallet, without any VPN. If you're paying with cash in person, but without identifying yourself, it's best to run a Multibit client through your direct-connect VPN, either on the host machine or on a workstation VM that's dedicated to that VPN exit. If you're paying with cash through the mail, it's best to use a Electrum client in [Whonix][11] (a pair of Linux VMs that connects via Tor) as your initial wallet. Using Whonix is explained below.
-
-> Note: See <https://electrum.org/#download> and use the Appimage.
-
-#### Anonymizing Bitcoins
-
-Once you have your Bitcoins, it's prudent to anonymize them appropriately before use. All Bitcoin transactions are recorded in the blockchain, and there's no way to prevent that (without totally breaking the system). However, there are several Bitcoin mixing services. Deposits go into a pool, and payments come randomly from the pool. You transfer Bitcoins through a chain of anonymous Bitcoin wallets, using different mixing services for successive transfers. If the wallets aren't otherwise associated, your Bitcoins become less and less associated with you as they move through the chain, and no meaningful association remains after a few mixing transfers.
-
-Using multiple anonymous MultiBit clients via Tor is the best option. Multibit clients are fast, because they don't download the Bitcoin blockchain. And they are secure, because they're not hosted by a third party. For better anonymity, each Multibit client should have a wallet with several several sending and receiving addresses, or even several wallets. For each transfer from one client to another through a mixing service, you randomly spread the Bitcoins among several address combinations. That increases the anonymity that each transfer provides, by reducing correlation based on quantities transferred.
-
-Using Electrum via Tor is easy using [Whonix][11]. Reputable mixing services include ...
-
-> Note: I tested and verified four mixing services in late Jan-2020.
-> 
-> **BitCloak** only has a Tor onion, at http://bitcloak43blmhmn.onion/. It requires five confirmations.
-> 
-> **Bitcoin Fog** only has a Tor onion, at http://foggeddriztrcar2.onion/. It had a clearnet site, at http://www.bitcoinfog.com/, but that's gone. **Do not** trust other URLs, as there are many scammers. If that one goes down, check https://twitter.com/bitcoinfog (but **not** @BitcoinfogG, which is a scammer). It's not a pass-through mixer, and requires an account. Deposits complete after six confirmations, and withdrawals should complete after ~2 minutes. Some have said that it's unreliable, but that may have reflected software glitches, or perhaps confusion with scammers.
-> 
-> **Blender** is at both https://blender.io/ and http://blenderiocpxfema.onion/. It requires three confirmations.
-> 
-> **CryptoMixer** is at both https://cryptomixer.io/ and http://cryptomixns23scr.onion/. It requires just 1 confirmation.
-
-After each mixing step, it's crucial to check the receiving address for taint from the sending address. On the [Blockchain explorer page][12], enter your receiving address in the `Search` field, and hit enter. Then click `Taint Analysis`, and search for your sending address in the results page. If it appears, you need to remix.
-
-A Bitcoin mixing setup might look like this:
-
-  * initial wallet 
-      * Blockchain wallet for Bitcoins purchased non-anonymously
-      * MultiBit client via direct-connect VPN for Bitcoins purchased in-person with cash
-      * MultiBit client in Whonix via Tor for Bitcoins purchased with cash by mail
-  * first Whonix/MultiBit mixing client: don't use for purchases
-  * second Whonix/MultiBit mixing client: use for first indirect-connect VPN (e.g., to replace SecurityKISS)
-  * third Whonix/MultiBit mixing client: use for second indirect-connect VPN
-  * fourth Whonix/MultiBit mixing client: don't use for purchases
-  * fifth Whonix/MultiBit mixing client: use for VPN to route through Tor
-
-You can spend Bitcoins from anywhere in the wallet chain. In doing so, it's important to match the anonymity levels of Bitcoins and purchases. Your Bitcoins embody a money trail back to you, which becomes increasingly tenuous along the wallet chain. However, your purchases may independently create associations. That's obvious for items that are shipped to you. But VPN services are also more or less associated with you, depending on their location in the nested chain. You don't want your Bitcoins to compromise the anonymity of your purchases. And you don't want your purchases to compromise the anonymity of your Bitcoin wallet, and in turn other purchases that you make from it.
-
-#### MultiBit Clients in Whonix
-
-[Whonix][11] comprises a pair of Debian VMs: a gateway VM that connects to the Tor network, and a workstation VM that connects through the gateway VM. Installing Whonix and setting up MultiBit wallets is easy. Start by downloading Whonix-Gateway and Whonix-Workstation to your host machine, via the direct-connect VPN service. It's best to verify the downloads as instructed using the OpenPGP signatures and the Whonix signing key. If you can't be bothered with that, at least download them using BitTorrent (which is more secure, as explained).
-
-Each Whonix gateway and workstation VM must have a unique name (which determines the name of its folder). Also, the gateway and workstation VMs of each Whonix instance must share a uniquely named internal network. For example, import the first Whonix pair, using `File / Import Appliance` in VirtualBox (reinitializing MAC addresses). Then edit the names of both VMs, adding a unique suffix to distinguish that pair from the rest that you'll be importing, and to facilitate keeping track of them.
-
-You want these Whonix instances to connect through your terminal indirect-connect VPN service. Initially, that's SecurityKISS. Change Adapter 1 of the gateway VM from `NAT` to, for example, the internal network `pfS-SK`. In both Adapter 2 of the gateway VM and Adapter 1 of the workstation VM, rename internal network `Whonix` to match the edited VM names.
-
-Start the first Whonix gateway, and then the workstation. Download and install updates as instructed. After rebooting both VMs, download and install MultiBit as described above, and start MultiBit. It should report being `Online` (at bottom left). There's no need for MultiBit clients to be running except when you're actively using them, because they synchronize very quickly.
-
-Then repeat the process – importing Whonix, renaming the VMs and their shared internal networks, and installing MultiBit – as needed for your mixing chain. However, start the first transfer (see below) before updating the rest of your Whonix instances and installing MultiBit. With the free option, SecurityKISS allows just 300 MB per day, and that's barely enough for downloading updates on two Whonix instances.
-
-#### Bitcoin Anonymization Specifics
-
-The best place for setting up the first transfer depends on the location of the initial Bitcoin wallet. For the Blockchain browser plug-in wallet, it's best use BitLaundry on a LiveCD VM connecting through your direct-connect VPN. That way, your ISP at least doesn't see that you're using BitLaundry, even though the wallet itself is funded non-anonymously and therefore always accessed without any VPN. Otherwise, and for subsequent transfers in the mixing chain, use the workstation VM (or Whonix instance) that's running the Multibit client which is sending the Bitcoins.
-
-As noted above, it's best to use multiple sending and receiving addresses (or even multiple wallets) for transfers via mixing services. For each transfer from one client to another through a mixing service, you randomly spread the Bitcoins among several address combinations. That increases the anonymity that each transfer provides, by reducing correlation based on quantities transferred.
-
-There's no need to create a wallet at BitLaundry. Create a separate mixing scheme for Bitcoins from each of the appropriate Send addresses in your wallet(s). For destination addresses, use the Request (receiving) addresses of the next wallet(s) in your mixing chain. Specify the desired number of days, and transactions per recipient per day. After reviewing and confirming the scheme, send your Bitcoins to the funding address provided by BitLaundry. Repeat for each sending address.
-
-[Bitcoin Fog][14] requires an account, but not an email address. [Blockchain][15] requires both. You send your Bitcoins from MultiBit to the deposit address for your mixing-service account. After (at least) several hours, send your Bitcoins to the Request (receiving) addresses for the next client in your mixing chain. With Bitcoin Fog, transfers are split over time (by at least six hours) and you can delay them. For increased anonymity, you can use multiple Bitcoin Fog accounts, one for each of your sending addresses.
-
-To avoid associating Bitcoin wallets with purchases, you can pay through BitLaundry or Blockchain, rather than directly from the wallet. However, a recipient might blacklist mixing services, so there's some risk of payments being lost. With BitLaundry, don't split transfers over time, because receiving addresses are sometimes deleted after receiving just one payment. And do not use Bitcoin Fog, because all transfers are split over time by at least six hours.
-
-As you extend your nested VPN chain, it's arguably best to reconfigure your Whonix instances to connect through the new terminal indirect-connect VPN service. However, if you're using 3-4 VPN services in your nested chain, especially if it's a branched chain, having your Whonix instances connect at different nodes would isolate them better from each other. But I don't recommend using Whonix with less than a two-VPN nested chain.
-
-In any case, there is a risk (albeit small) in moving Whonix instances to longer nested VPN chains. To help protect against attacks involving evil relays, Tor uses [persistent entry guards][16]. And so a client's entry-guard selection might serve as a fingerprint for correlating activity from multiple VPN-exit IP addresses.
-
-On the other hand, changing entry guards more frequently increases vulnerability to adversaries that run relays (in particular, entry guard relays). In light of a recent paper from the Tor research community, [Johnson et al (2013) Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries][17], there's been talk of rotating entry guards even **less** frequently.
-
-If you decide to force Tor to choose new entry guards, it's easily accomplished. Before switching one of your Whonix gateway VMs to a different VPN exit, run these commands:
-
-    sudo su
-    cd /var/lib/tor
-    cat state | more
-
-Note the names of the entry guards (typically three). Then run these commands:
-
-    service tor stop
-    rm *
-
-It's important to stop Tor before clearing /var/lib/tor. Otherwise, it may all get rebuilt during normal shutdown. After rebooting the gateway, give it a few minutes to connect to the Tor network and fix itself, and then run these commands:
-
-    sudo su
-    cd /var/lib/tor
-    cat state | more
-
-You should now see a different set of entry guards.
-
- [1]: http://en.wikipedia.org/wiki/Printer_steganography
- [2]: https://www.blockchain.com/explorer
- [4]: https://www.blockchain.com/wallet
- [5]: http://bitcoin.org/en/choose-your-wallet
- [6]: https://www.blockchain.com/charts/blocks-size
- [7]: https://en.bitcoin.it/wiki/Buying_bitcoins
- [8]: https://localbitcoins.com/
- [9]: https://bitcointalk.org/index.php?board=53.0
- [10]: http://bitcoin-otc.com/
- [11]: https://www.whonix.org/wiki/Main_Page
- [12]: https://www.blockchain.com/explorer
- [14]: http://fogcore5n3ov3tui.onion/
- [15]: https://www.blockchain.com/wallet
- [16]: https://support.torproject.org/about/entry-guards/
- [17]: http://www.ohmygodel.com/publications/usersrouted-ccs13.pdf
diff --git a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-8.md b/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-8.md
deleted file mode 100644
index 79f27972d..000000000
--- a/src/content/es/pages/privacy-guides/advanced-privacy-and-anonymity-part-8.md
+++ /dev/null
@@ -1,215 +0,0 @@
----
-title: Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 8
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/advanced-privacy-and-anonymity-part-8/
-section: Advanced
-weight: 80
-date: 2022-01-14T00:00:00+00:00
-layout: guides-details
----
-## Creating Nested Chains of VPNs and Tor
-
-### Introduction
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/Chains-light.png"
-        srcset="/images-static/uploads/Chains-light.png 1x, /images-static/uploads/Chains-light@2x.png 2x"
-        alt="Cloud showing Chained VPNs and TOR" />
-    <img class="features__image--dark" src="/images-static/uploads/Chains-dark.png"
-        srcset="/images-static/uploads/Chains-dark.png 1x, /images-static/uploads/Chains-dark@2x.png 2x"
-        alt="Cloud showing Chained VPNs and TOR" />
-</figure>
-{{< / raw-html >}}
-
-This tutorial covers using multiple pfSense VPN-client VMs and Tor-client VMs to create arbitrarily complex nested and branched chains of VPNs and Tor, such as the setup (reproduced above) suggested in the `Planning Initial Setup` section of [Planning Advanced VM and VPN Setup](/privacy-guides/advanced-privacy-and-anonymity-part-3/). Doing that is relatively easy, once you have planned your setup, [set up a secure host machine](/privacy-guides/advanced-privacy-and-anonymity-part-4/), and created [pfSense VMs](/privacy-guides/advanced-privacy-and-anonymity-part-6/) as clients for multiple [anonymously-purchased](/privacy-guides/advanced-privacy-and-anonymity-part-7/) VPN services, Tor-client VMs (more on that below) and [Linux workstation VMs](/privacy-guides/advanced-privacy-and-anonymity-part-5/) that access the Internet through them. The various VirtualBox VMs that you create are relatively-independent modules. Setting up nested and branched chains of nested VPN tunnels and Tor connections, and workstation VMs that use them, requires little more than changing how these VMs are networked in VirtualBox.
-
-### Basic Nested VPN Chains
-
-This section is written for the case where you're using your direct-connect VPN service in the first pfSense VPN-client VM, and no VPN service on the VM host machine. If you continue using your direct-connect VPN service on the VM host, and use another anonymously-purchased, indirect-connect VPN service in the first pfSense VPN-client VM, you will have a nested chain of two VPNs.
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/Connection-One-VPN-light.png"
-        srcset="/images-static/uploads/Connection-One-VPN-light.png 1x, /images-static/uploads/Connection-One-VPN-light@2x.png 2x"
-        alt="Connection With VPN" />
-    <img class="features__image--dark" src="/images-static/uploads/Connection-One-VPN-dark.png"
-        srcset="/images-static/uploads/Connection-One-VPN-dark.png 1x, /images-static/uploads/Connection-One-VPN-dark@2x.png 2x"
-        alt="Connection With VPN" />
-</figure>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/Connection-Two-VPNs-light.png"
-        srcset="/images-static/uploads/Connection-Two-VPNs-light.png 1x, /images-static/uploads/Connection-Two-VPNs-light@2x.png 2x"
-        alt="Connection with Two VPNs" />
-    <img class="features__image--dark" src="/images-static/uploads/Connection-Two-VPNs-dark.png"
-        srcset="/images-static/uploads/Connection-Two-VPNs-dark.png 1x, /images-static/uploads/Connection-Two-VPNs-dark@2x.png 2x"
-        alt="Connection with Two VPNs" />
-</figure>
-{{< / raw-html >}}
-
-In that case, you can just apply the above difference (one VPN vs two VPNs) to the other diagrams and discussion that follow.
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/VBox-One-VPN-light.png"
-        srcset="/images-static/uploads/VBox-One-VPN-light.png 1x, /images-static/uploads/VBox-One-VPN-light@2x.png 2x"
-        alt="Setup for one pfSense VPN-client VM and workstation VM" />
-    <img class="features__image--dark" src="/images-static/uploads/VBox-One-VPN-dark.png"
-        srcset="/images-static/uploads/VBox-One-VPN-dark.png 1x, /images-static/uploads/VBox-One-VPN-dark@2x.png 2x"
-        alt="Setup for one pfSense VPN-client VM and workstation VM" />
-</figure>
-{{< / raw-html >}}
-
-The first pfSense VPN-client VM typically has its WAN adapter NATed to the host via the VirtualBox router, and its LAN adapter attached to a VirtualBox internal network. The pfSense VM runs a DHCP server for that internal network, just as gateway routers typically do for physical LANs. When the OpenVPN client in pfSense establishes a VPN connection, it creates a virtual network adapter (aka `tun` for tunnel). There are routing and firewall rules that restrict all LAN (and attached VirtualBox internal network) traffic to this VPN tun adapter (instead of WAN) for Internet access, and also block incoming connections, just as gateway routers typically do for physical LANs.
-
-Anything running in workstation VMs attached to this VirtualBox internal network can only access the Internet through the pfSense VM and its VPN tunnel. Applications and VPN networking are isolated in separate VMs (workstation and pfSense VMs, respectively). Exploits that manage to compromise workstation VMs can't get at VPN networking unless they break out to the host or compromise pfSense. While either is possible, neither is arguably likely, unless you've attracted a highly-skilled adversary.
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/VBox-Two-VPNs-light.png"
-        srcset="/images-static/uploads/VBox-Two-VPNs-light.png 1x, /images-static/uploads/VBox-Two-VPNs-light@2x.png 2x"
-        alt="Setup for two pfSense VPN-client VMs and workstation VMs" />
-    <img class="features__image--dark" src="/images-static/uploads/VBox-Two-VPNs-dark.png"
-        srcset="/images-static/uploads/VBox-Two-VPNs-dark.png 1x, /images-static/uploads/VBox-Two-VPNs-dark@2x.png 2x"
-        alt="Setup for two pfSense VPN-client VMs and workstation VMs" />
-</figure>
-{{< / raw-html >}}
-
-To add another VPN tunnel (VPN2) to the nested chain, you just create another pfSense VPN-client VM, which connects to another anonymously-purchased VPN service. You attach its WAN adapter to the internal network attached to the LAN adapter of the first pfSense VPN-client VM (VPN1). The VPN tunnel from the second pfSense VPN-client VM (VPN2) reaches the Internet through the first pfSense VPN-client VM and its VPN tunnel (VPN1). You attach the LAN adapter of the second pfSense VPN-client VM (VPN2) to another VirtualBox internal network, for which it is the DHCP server. Its VPN tunnel (VPN2) is routed through its LAN adapter to its internal network (and firewalled). Workstation VMs attached to this second VirtualBox internal network access the Internet through the nested VPN chain, as shown above (VPN2 routed through VPN1).
-
-You can add additional VPN tunnels to your nested chain in the same way, either at the end, or further in to create branches. In choosing additional VPN services, there are two key and potentially-conflicting criteria. First, as discussed in the section `Using Nested Chains of VPNs and Tor to Distribute Trust` of [Part 3. Planning Advanced VM and VPN Setup](/privacy-guides/advanced-privacy-and-anonymity-part-3/), choosing providers in poorly-cooperating spheres of influence arguably mitigates the risk of joint compromise or subversion.
-
-Second, network latency increases as you add VPNs to the nested chain. As long as you have a broadband Internet connection, and are using VPN services that have fast Internet connections, network latency will be the limiting factor for overall throughput. Even with careful design, latency for nested chains with more than four VPNs will likely make them unusable. Conversely, terminal nodes in branched VPN chains don't compete very much with each other for bandwidth, unless you push it too far and saturate the shared proximal VPN tunnel.
-
-Also, in chaining multiple pfSense VPN-client VMs, it's crucial that adjacent pfSense VMs have different LAN IP address ranges. Otherwise, no traffic will flow, because pfSense is a NAT router, not a switch. The simplest approach is using 192.168.1.0/24 for the first pfSense VPN-client VM, 192.168.2.0/24 for the second, 192.168.3.0/24 for the third, and so on. It's true that routing local resources through VirtualBox internal networks with distinct IP ranges would be difficult, but that's less important than ensuring security through full isolation.
-
-First review the `Creating pfSense VM and Configuring VPN Client` section of [Part 6. Creating pfSense VMs as VPN Clients](/privacy-guides/advanced-privacy-and-anonymity-part-6/). As described, you start by creating the new pfSense VM, installing pfSense, and configuring `em0` as the WAN interface and `em1` as the LAN interface. However, after pfSense finishes rebooting, and before configuring and setting up a VPN client, you need to change pfSense's LAN IP address range.
-
-In the pfSense console window (not the webGUI), start by typing `2` in order to `Set interface(s) IP address` and hit enter. Then type `2` for `LAN`, and hit enter. Now type the new LAN IPv4 address (e.g., 192.168.2.1) and hit enter. Type `24` as the subnet bit count, and hit enter. Answer `y` for `Do you want to enable the DHCP server on LAN?`, and hit enter. Type the start address (e.g., 192.168.2.100) and hit enter. Then type the end address (e.g., 192.168.2.199) and hit enter. Answer `n` for `Do you want to revert to HTTP as the webConfigurator protocol?` and hit enter. Finally, reboot pfSense by typing `5`, hitting enter, typing `y`, and hitting enter. Finally, configure a LiveCD VM to access the new pfSense's webGUI, and use it to finish configuring the new pfSense VM with a client for your new VPN service, as described in Part 6.
-
-In bringing up a nested VPN chain, you must start with the direct-connect VPN client, because it provides Internet connectivity for the rest of the VPN clients. After the direct-connect VPN has connected, start the pfSense client for the VPN that connects through it, and wait for it to finish booting. For pfSense VPN clients, you'll see an IP address to the right of `ovpnc1` if the VPN connection has been established. If you don't see that, you can hit return once or twice to refresh the display. Once each pfSense VPN-client VM has connected, start the next one, and so on.
-
-Once all of the pfSense VPN-client VMs are up, you can start whatever workstation VMs that will connect through them. If any of the pfSense VPN-client VMs are not connecting properly, you can use your Linux LiveCD VM to login to its webGUI and figure out what's broken, as described in Part 6. Generally, you can leave all of the pfSense VMs running while you're working/playing, and even whatever associated workstation VMs you'll be using. However, it may be prudent (depending on your risk model) to shut down all VMs and the host machine when you're done (and thereby deny access by adversaries to unencrypted data).
-
-Nested VPN chains occasionally stop working, especially on weekends (when maintenance is typically scheduled). First try restarting each of the VPN clients in order, from direct to increasingly indirect. If you find that one of the VPNs isn't connecting, review its connection log for errors. There may be interactions among VPN connections. For example, if the DNS server used by a VPN client dies or gets overloaded, VPN(s) tunneled through that VPN won't connect if you've specified servers by hostname, rather than by IP address (because DNS lookups will fail ). You may need to switch servers and/or ports for one of your VPNs.
-
-### Tor Gateway VMs
-
-There are two easy ways to add Tor connections to nested chains. One is [ra's Tor gateway VM][1]. It's an OpenWRT-based router VM that provides Tor connections using transproxy, and it's very easy to network with pfSense VPN-client VMs. The other is [Whonix][2]. It's an integrated pair of Debian-based VMs, comprising a gateway and a workstation. The Whonix gateway VM isn't a router, however, so networking with pfSense VPN-client VMs is nontrivial. But it's easy to run VPN clients in the Whonix workstation. And by the way, in case you're wondering, it's probably unworkable to route Tor through a VPN that's routed through Tor.
-
-#### Whonix
-
-Using Whonix is covered in the `MultiBit Clients in Whonix` section of [Part 7. Paying Anonymously with Cash and Bitcoins](/privacy-guides/advanced-privacy-and-anonymity-part-7/). Start by downloading Whonix-Gateway and Whonix-Workstation to your host machine, via your current best VPN chain. It's best to verify the downloads as instructed using the OpenPGP signatures and the Whonix signing key. If you can't be bothered with that, at least download them using BitTorrent (which is more secure, as explained).
-
-Then import both of the Whonix VMs, using `File / Import Appliance` in VirtualBox (reinitializing MAC addresses). If you'll be using multiple Whonix instances, each Whonix gateway and workstation VM must have a unique name (which determines the name of its folder). It's good practice to edit the names of both Whonix VMs right after importing them, adding a unique suffix (or whatever) to distinguish them from others that you may import later.
-
-Before running a Whonix gateway VM, it's crucial to change its first (WAN) adapter from NAT to a VirtualBox internal network sourced by one of your pfSense VPN-gateway VMs, using the Network tab in the VirtualBox GUI. Otherwise, the Whonix gateway would reveal to your ISP that you're using Tor. It would also provide your ISP-assigned IP address to Tor's directory authorities, and as well to the entry guards that it chooses. Also, each Whonix gateway VM must have a uniquely-named internal network attached to its second (LAN) adapter. In order for the workstation VM to connect via the gateway VM, the workstation VM's network adapter and the gateway VM's second (LAN) adapter must share a uniquely named internal network. It's helpful to name the gateway VM, workstation VM and internal network for each Whonix instance in a logical and memorable way, to avoid confusion and mistakes.
-
-Adding Whonix instances to VPN chains is trivial. Using the VirtualBox GUI, edit the first (WAN) adapter in the Whonix gateway VM, and specify the internal network sourced by the desired pfSense VPN-gateway VM. In order to further isolate multiple Whonix instances from each other, you may want the gateway VMs to connect at different points in your nested VPN chain. That reduces the chance that adversaries controlling parts of the Tor network will associate the two Whonix instances.
-
-Installing VPN clients in Whonix workstation VMs is also trivial, as described in the `Setting Up VPN on Linux Workstation VM` section of [Part 2. Basic Setup Using VMs, VPNs and Tor](/privacy-guides/advanced-privacy-and-anonymity-part-2/). Whonix workstations are based on Debian, customized to securely use Tor. However, given that Tor only routes TCP traffic, the Network Manager settings are different. In the `General` tab of the `Advanced` window, check `Use a TCP connection` and `Use custom gateway port`, and specify the appropriate TCP port number from your VPN provider. It's crucial to use a VPN service that's not associated with you. See [Part 7. Paying Anonymously with Cash and Bitcoins](/privacy-guides/advanced-privacy-and-anonymity-part-7/).
-
-As everything else does, VPN connections will probably take longer to establish through Tor. Also, given that all applications in the Whonix workstation VM are configured to use Tor through the gateway VM, you'll need to modify their preferences in order to connect through the VPN tunnel. In Firefox, for example, you navigate `Edit / Properties / Advanced / Network / Connection..Settings`, and select `No proxy`. And you'll need to reverse the change if you later want to browse through Tor without the VPN connected.
-
-#### OpenWRT Tor gateway
-
-To use ra's OpenWRT Tor gateway VM, first download the latest version, currently [Tor gateway 0.6.3.ova][3]. Import it using `File / Import Appliance` in VirtualBox (reinitializing MAC addresses). As with the Whonix gateway VM, edit its first (WAN) adapter from NAT to a internal network sourced by one of your pfSense VPN-gateway VMs, and uniquely rename the internal network attached to its second (LAN) adapter. That's it.
-
-Because ra's Tor gateway VM is (like pfSense) a router running a DHCP server, you can attach any workstation VM to the internal network attached to its second (LAN) adapter, and so reach the Internet through Tor. As with the Whonix workstation, workstation VMs can only reach the Internet through the Tor gateway, so there's negligible risk that improperly configured applications will bypass Tor. However, given that Tor only routes TCP traffic, applications that depend on UDP traffic will not work properly. Also, browsing with stock Firefox is far less anonymous than with the Tor-optimized version in the Tor Browser Bundle, Tails and Whonix.
-
-You can also attach a pfSense VPN-gateway VM to the internal network attached to the Tor gateway's second (LAN) adapter. As with the OpenVPN client in the Whonix workstation VM, you'll need to configure the pfSense OpenVPN client with the proper server address and port number for connecting in TCP mode. See [Part 6. Creating pfSense VMs as VPN Clients](/privacy-guides/advanced-privacy-and-anonymity-part-6/). As with the OpenVPN client in the Whonix workstation VM, the OpenVPN client in pfSense will probably take longer to connect through Tor. As noted above, it's crucial to use a VPN service that's not associated with you.
-
-When routed through Tor, pfSense VMs can't resolve hostnames to IP addresses. That prevents pfSense from getting the correct time from <0.pfsense.pool.ntp.org>. However, given that the Tor exit IP address changes frequently, it is unwise to specify specific NTP servers by their IP addresses, because that would reduce anonymity.
-
-### Testing and Optimization
-
-The various VirtualBox VMs that you create – pfSense VPN-client, OpenWRT Tor gateway, Linux workstation and LiveCD, and Whonix VMs – are relatively-independent modules. Setting up arbitrarily complex nested and branched chains of nested VPN tunnels and Tor connections, and workspaces that access the Internet through them, requires little more than changing how they're networked in VirtualBox. However, creating setups that are usable and reliable requires testing and optimization. With complex setups, that can be quite challenging, because there are so many different ways to fail.
-
-It's best to start with a simple setup. Once it's usable and reliable, you'll have a reliable core that you can build on, and you will also have acquired requisite experience and skills. For the setup suggested in the section `Planning Initial Setup` of [Planning Advanced VM and VPN Setup](/privacy-guides/advanced-privacy-and-anonymity-part-3/), which is pictured at the top of this page, it's best to start with just two VPNs: VPN{{< sub >}}1{{< / sub >}} and VPN{{< sub >}}2{{< / sub >}}. If you're running the direct-connect VPN (VPN{{< sub >}}1{{< / sub >}}) in the host machine, start with just one pfSense VPN-client VM (VPN{{< sub >}}2{{< / sub >}}).
-
-To provide context for testing your nested VPN chain(s), periodically check the latency (ping) and speed of your native ISP connection at [Speedtest][4] and [Fast][6]. If at all possible, don't use your VM host machine for that. Also, avoid checking your ISP connection while actively testing nested VPN chain(s), because that would associate their IP addresses in Speedtest's logs. For the same reason, don't check multiple VPN-chain nodes simultaneously. Wait at least several minutes between tests from different IP addresses.
-
-If you're running the direct-connect VPN in the host machine, and have gotten this far, it's probably working well enough. If there are connection problems, review the Network Manager connection log, as described in the section `Viewing Network Manager OpenVPN Logs` of [Part 4. Setting Up Secure Host Machines](/privacy-guides/advanced-privacy-and-anonymity-part-4/). You'll need a Linux LiveCD VM for testing each VPN that you're running in a pfSense VM, which you attach to that pfSense VM's internal network. I recommend using multiple LiveCD VMs here for two reasons: 1) to avoid leaking VPN account information from pfSense to workspace VMs; and 2) to limit access to pfSense from potentially-compromised workspace VMs. If you have added `verb 5` in the `Advanced` box in OpenVPN client setup at `VPN: OpenVPN: Client`, a detailed connection log is available at `Status: System logs: OpenVPN`.
-
-To optimize your nested VPN chain, start with the direct-connect VPN, and work methodically through the rest of the VPNs. For each VPN connection in the chain, check latency (ping) and speed at Speedtest. If you can't connect, review the connection log at `Status: System logs: OpenVPN` in the pfSense webGUI (or Network Manager OpenVPN Logs, on the host machine) for errors. It's normal for latency (ping) to increase as you add more VPNs to the nested chain. That primarily reflects additional processing delay in networking hardware, and not simply longer path length. Although speed typically decreases as you add more VPNs, due to both increased latency and network throttling, you may occasionally see it increase. As noted, wait at least several minutes between tests from different IP addresses. Once you're satisfied with each VPN connection, repeat the process with the next one in the nested chain.
-
-If you have a typical broadband Internet connection, reasonable targets for VPN{{< sub >}}1{{< / sub >}}, VPN{{< sub >}}2{{< / sub >}} and VPN{{< sub >}}3{{< / sub >}} are as follows:
-
-{{< raw-html >}}
-<table class="table--data">
-  <tr>
-    <th>
-      VPN Level
-    </th>
-    <th>
-      Latency (msec)
-    </th>
-    <th>
-      Speed (Mbps)
-    </th>
-  </tr>
-  <tr>
-    <td>
-      VPN{{< sub >}}1{{< / sub >}}
-    </td>
-    <td>
-      150-200
-    </td>
-    <td>
-      5-10
-    </td>
-  </tr>
-  <tr>
-    <td>
-      VPN{{< sub >}}2{{< / sub >}}
-    </td>
-    <td>
-      200-250
-    </td>
-    <td>
-      2-5
-    </td>
-  </tr>
-  <tr>
-    <td>
-      VPN{{< sub >}}3{{< / sub >}}
-    </td>
-    <td>
-      250-350
-    </td>
-    <td>
-      1-3
-    </td>
-  </tr>
-</table>
-{{< / raw-html >}}
-
-If you're seeing lower speeds, especially for downloading, try using different VPN servers, different port numbers, TCP mode vs UDP mode, etc. Some ISPs throttle traffic on nonstandard ports. Also, in order to meet your design goals, as discussed in section `Using Nested Chains of VPNs and Tor to Distribute Trust` of [Part 3: Planning Advanced VM and VPN Setup](/privacy-guides/advanced-privacy-and-anonymity-part-3/), it may be necessary to accept slower connections.
-
-If nothing seems to help, get support as anonymously as possible. Anonymity is especially important for your indirect-connect VPNs. Seek support while connecting through the VPN that the problematic VPN connects through. It's best to use online forums that support HTTPS. Start with your provider's support forum. You can also post in the [privacy problems section of Wilders Security Forums][5]. If you must submit a support ticket to the VPN provider, be sure to use an anonymous email address. And keep in mind that support tickets typically generate unencrypted replies, which may quote the support request.
-
-#### Leak Testing with Wireshark
-
-The section `Installing and Checking VPN-Firewall` in [Part 4. Setting Up Secure Host Machines](/privacy-guides/advanced-privacy-and-anonymity-part-4/) explains how to test the host machine's VPN connection and firewall setup using Wireshark. The section `Leak Testing with Wireshark` in [Part 6. Creating pfSense VMs as VPN Clients](/privacy-guides/advanced-privacy-and-anonymity-part-6/) does the same for the first pfSense VPN-client VM (in that case, running an indirect-connect VPN). It's crucial to verify that no traffic bypasses the VPN tunnel, even after the VPN connection is killed.
-
-You can apply the same approach to each of the gateway VMs (pfSense VPN-client, Whonix Tor-gateway or OpenWRT Tor-gateway) in a nested chain. Using Wireshark instances, you capture traffic at three points:
-
-  1. eth0 adapter of a workstation VM that accesses the Internet through the gateway VM being tested
-  2. WAN adapter of the gateway VM being tested
-  3. LAN adapter of the gateway VM through which the gateway VM being tested connects
-
-The first capture shows you what Internet sites the workstation is accessing (or trying to access). The second and third captures show you what traffic is leaving the gateway VM for the Internet. They should be identical, and it's only necessary to use one of them, if the other is hard to get at (e.g., the WAN adapter on an OpenWRT Tor-gateway VM). When the gateway VM is working properly, the second and third captures should show only local IPs and the servers (OpenVPN or Tor) that the gateway is using, and they should not show any of the remote IPs seen in the first capture.
-
-When the gateway VM is broken, the second and third captures should show only local IPs and reconnection attempts from servers that the gateway was using. They should definitely not show any of the remote IPs seen in the first capture. If the second or third captures show any of the remote IPs seen in the first capture, whether the gateway VM is functional or not, there are leaks that must be fixed.
-
-There are instructions for killing the openvpn process in the sections of Part 4 (for the host machine) and Part 6 (for pfSense) cited above. Basically, you run `killall openvpn` at a command prompt. To re-establish the VPN, use Network Manager in the host machine, and just restart the pfSense VM. To kill the tor process in the OpenWRT Tor-gateway VM, you run `killall tor` at the command prompt. For the Whonix Tor-gateway VM, it's `sudo killall tor`. To restart Tor, it's best to just reboot the gateway VM.
-
- [1]: https://bitbucket.org/ra_/tor-gateway
- [2]: https://www.whonix.org/wiki/Main_Page
- [3]: https://bitbucket.org/ra_/tor-gateway/downloads/Tor%20gateway%200.6.3.ova
- [4]: https://www.speedtest.net/
- [5]: https://www.wilderssecurity.com/forumdisplay.php?f=41
- [6]: https://fast.com/
diff --git a/src/content/es/pages/privacy-guides/adversaries-and-anonymity-systems-the-basics.md b/src/content/es/pages/privacy-guides/adversaries-and-anonymity-systems-the-basics.md
deleted file mode 100644
index a1ccb9a9b..000000000
--- a/src/content/es/pages/privacy-guides/adversaries-and-anonymity-systems-the-basics.md
+++ /dev/null
@@ -1,128 +0,0 @@
----
-title: 'Adversaries and Anonymity Systems: The Basics'
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/adversaries-and-anonymity-systems-the-basics/
-section: Basic
-weight: 20
-date: 2014-09-04T08:10:03+00:00
-layout: guides-details
----
-There are three sorts of players in this game. First, there are **users** who communicate with other users and/or destinations. Second, there are **adversaries** (archetypic attackers) with goals such as observing communications, blocking communications, identifying users, associating users with other users and/or destinations, impersonating and/or compromising users and destinations, and so on.
-
-Third, there are services and systems that protect users' communications, providing some mix of anonymity, freedom, privacy and security. Given how anonymity reduces the risk of targeted attack, it's useful to consider these as primarily **anonymity systems**. In this discussion, we first summarize background information about available anonymity systems. We then explore how each is vulnerable to adversaries with various capabilities.
-
-It's crucial to keep in mind that none of these anonymity systems provide end-to-end encryption between users and Internet destinations. All traffic between users and system exit nodes is encrypted, of course. But traffic between exit nodes and destinations is not encrypted, unless users and destinations are employing end-to-end encryption (such as HTTPS for websites, TLS for email or SSH for remote login).
-
-For email messages, anonymity systems do obscure the user's ISP-assigned IP address, but they don't affect other metadata, such as user's and correspondent's email addresses, message subject, and time. Even with end-to-end encryption between users and their email servers, message content is not encrypted between users' email servers and their correspondents, unless users and their correspondents are employing end-to-end encryption, such as OpenPGP.
-
-## Anonymity Systems
-
-Three types of low-latency anonymity systems are available for general Internet access. There are numerous VPN services, mix networks ([definition](https://en.wikipedia.org/wiki/Mix_network)) and [onion-routing networks](https://en.wikipedia.org/wiki/Onion_routing) (Tor, Lokinet). All employ encryption to provide privacy and security between users and system exits. Even so, it's always prudent to use end-to-end encryption, because system exits (and adversaries observing them and/or destinations) can otherwise see unencrypted traffic.
-
-Each of these anonymity systems provides anonymity in a particular way, more or less effectively against various adversaries. Excluded from this discussion are various proxy services, such as SSH tunnels (which are harder to use), and web proxies and browser plug-ins (which are far easier to compromise). Also excluded are Freenet and I2P. Freenet is a P2P network designed for anonymous and takedown-resistant publishing, often among closed groups of trusted participants. I2P is a [garlic-routing network](https://en.wikipedia.org/wiki/Garlic_routing) that focuses primarily on content sharing between I2P users. Neither Freenet nor I2P focus on general Internet access, although I2P does have Internet gateways.
-
-### VPN Services
-
-VPN services are the simplest type of anonymity system. Once a user client and remote VPN server have negotiated an encrypted virtual network connection, the server acts as a proxy for all the client's Internet traffic. Those services employing properly configured IPSec, OpenVPN or WireGuard protocols (and not the obsolete PPTP protocol) provide strong security and privacy (when [perfect forward secrecy](https://en.wikipedia.org/wiki/Forward_secrecy) is used) between users and system exits.
-
-VPN services provide privacy by hiding Internet destinations from ISPs. And they provide anonymity by hiding user information (such as ISP, IP address and geolocation) from destinations. That is, both ends (and associated network observers) see only a VPN server's IP address. Network latency is far lower than with either mixnets or Tor, and speed (bandwidth) is less likely to be limited.
-
-Reputable VPN services use perfect forward secrecy. For OpenVPN, that relies on TLS with transient symmetric session keys. The keys are negotiated on-the-fly, after the server and client have authenticated themselves. They are unpredictable, and frequently changed (by default, hourly). On the other hand, the [WireGuard](https://www.wireguard.com/) VPN protocol has perfect forward secrecy built in its protocol, every few minutes the negotiated temporary symmetric keys used between the peers are rotated with newly generated ones. An adversary that compromises a particular session can decrypt only traffic from that session. Traffic from retained intercepts and traffic from future sessions remain secure, because they're encrypted with different session keys. If an adversary wanted to decrypt snooped traffic by using a brute force technique, in case of success it would only work for a particular session before keys are rotated, which make this technique expensive not viable, especially if the VPN uses a [post-quantum resistant](https://www.ivpn.net/knowledgebase/general/quantum-resistant-vpn-connections/) encryption algorithm.
-
-VPN services are very easy to set up and use, because providers handle the technical aspects. However, the privacy and anonymity that VPN services provide hinges entirely on the operator's integrity and discretion, on its technical competence, and on its ability to prevent adversaries from observing, manipulating and/or compromising its servers.
-
-VPN services provide strong protection against local adversaries, and good protection against censorship and routine mass surveillance, even at the national level. However, they provide limited protection against adversaries with international reach. Such adversaries may coerce providers and/or their hosting providers or ISPs, and so may observe, manipulate and/or compromise their servers. They also provide limited protection against determined and resourceful censors. We discuss that further below, under `Passive Adversaries with Limited Network Reach`.
-
-In some jurisdictions, VPN providers may be served with court orders that can not be disclosed without serious penalties. But there's a workaround: the warrant canary. As long as no such court order has been received, the provider may regularly publish a statement to that effect. If the warrant canary isn't renewed on schedule, users may safely infer that the provider has received such a court order. There is no need for the provider to take active steps that would violate the order. Canaries are often web pages, cryptographically signed and displaying the date of signature, so users can verify the authenticity of the canary, the signature prevents anyone from publishing a fake canary.
-
-Some VPN services provide multi-hop routing. Users' traffic is proxied, in turn, through multiple servers, it's best when those are located in different nations. Given that, users sharing a given entry node are typically using different exit nodes, and users sharing a given exit node are typically using different entry nodes. Other VPN services rotate users' traffic among multiple exit servers. Such approaches protect better against adversaries with limited international reach. Even so, all bets are off for those who are targeted by more resourceful state adversaries.
-
-### Tor
-
-[Tor](https://www.torproject.org/) is a second-generation onion-routing anonymity system, currently comprising about 8000 anonymizing relays (as of January 2024) ([Tor Servers Metrics](https://metrics.torproject.org/networksize.html)). It is an open system, with highly distributed trust, and no centralized ownership. It provides anonymity through dynamic, unpredictable and hard-to-trace routing through a large network of untrusted relays. Unlike VPN services, adversaries are free to participate by running relays. Even so, there is oversight by a core group of trusted developers and relay operators, and there is a vetting process for new relays.
-
-User clients connect through the Tor network, creating encrypted three-relay circuits at random, and changing them frequently. Circuit traffic is relayed in fixed-size (512-byte) cells. At each step, relays remove a layer of encryption. That prevents non-adjacent relays from identifying each other, and helps protect against malicious relays. Traffic between relays is TLS encrypted, on top of the onion-routing circuit encryption. That somewhat obscures the circuit's cell pattern (number and timing) from external adversaries. However, unlike mixnets, Tor relays do not explicitly mix traffic.
-
-Although the Tor network is large, many of its 8000 relays have limited uptime, limited usable bandwidth, and/or exit restrictions (e.g., blocking IRC). Such limitations reduce the network's effective size, and they also increase its vulnerability to adversaries who can introduce numerous attractive relays.
-
-### Mix networks
-
-A Mix network ([detailed explanations](https://blog.nymtech.net/a-simple-introduction-to-mixnets-6783a103d20e)), commonly called "mixnet", is a system that routes network traffic between peers but hides the metadata associated with the traffic, mostly by routing fake traffic and adding delay in the transmission to prevent traffic correlation if an adversary monitors multiple nodes. There are two implementations of mix networks in an early stage of adoption at the time of writing of this guide: [NymTech](https://nymtech.net/docs) and [Lokinet](https://lokinet.org/). In order to offer a high quality of service those networks make use of blockchain tokens, both to incentivize hosting highly available routers by rewarding operators, and to fully decentralize the network management. This also mean the network isn't free as you need to spend tokens to use them.
-
-A mix network should provide full anonymity as the network packets are mixed between different layers of routers, cover packets can be created to reach the desired [level of anonymity](https://blog.nymtech.net/an-empirical-study-of-privacy-scalability-and-latency-of-nym-mixnet-ff05320fb62d), fake bouncing packets create fake inbound traffic to reduce correlation possibility, and packets are delayed in each layer of routers, so the timing can't be analyzed by an observer to trace a packet from the destination to its origin. The only fact that could be known would be that a user is connected to the mix network. However, we still lack feedback about these networks in a real world usage as they are quite recent, compared to Tor which has been successfully running for decades.
-
-## Adversaries
-
-All low-latency anonymity systems are broken against adversaries that can observe, manipulate and/or compromise both ends of a connection. That is certainly so for VPN services, mixnets and Tor. Increasing the number of intervening system nodes doesn't prevent such compromise. Conversely, all three systems protect well against weak local adversaries. However, one can distinguish them by considering their vulnerability to three canonical classes of attackers, or adversaries, each resourceful in distinct ways.
-
-Passive adversaries simply intercept and analyze network traffic, seeking to correlate streams entering and exiting anonymity systems. Byzantine adversaries can mark or otherwise modify traffic, primarily to facilitate traffic correlation. Realistic passive adversaries are Byzantine, and so we lump them together. However, there is a key distinction: anonymity systems can't detect purely passive adversaries, except through consequent Byzantine activity, and so active defense against them is problematic.
-
-There are two sorts of active adversaries. [Sybil adversaries](https://en.wikipedia.org/wiki/Sybil_attack) focus on system-level vulnerabilities, and exploit them by running numerous malicious clients and/or network nodes. Sybil is the pseudonym of the patient in a well-known book about multiple-personality disorder. In this context, its use puns on the strategy of using numerous, apparently independent puppets in a collective attack.
-
-Coercive adversaries focus on security vulnerabilities of particular network nodes, and exploit them appropriately, seeking system compromise. They may also go after system operators, employing social engineering or phishing attacks, physical attacks, political or legal authority, and so on. They may also carry out such attacks against high-value users. These are highly complex topics, and not at all specific to anonymity systems, and so we don't discuss them further.
-
-These distinctions are clearly artificial, and some actual attackers (prototypically, the NSA) are obviously strong in all three areas. Even so, there are realistic examples for each canonical adversary. And in any case, they serve as a useful framework for analysis and discussion.
-
-### Passive Adversaries with Limited Network Reach
-
-For passive and Byzantine adversaries, key resources are network reach to obtain intercepts, data storage, and computing capacity for traffic correlation (and for Byzantine adversaries, modification). For governments, network reach typically depends on legal authority and/or political influence, supplemented through agreements with peers. Finally, the non-governmental passive adversaries, such as schools, businesses and ISPs at various levels, ownership and/or management authority typically limit network reach. And for those adversaries with requisite expertise and resources, stealth is always an option.
-
-All low-latency anonymity systems arguably protect against passive adversaries that can access just one end of a connection. That's typically the case for most non-governmental passive adversaries, except for Tier 1 ISPs. Most governments (excepting the NSA and collaborators, such as the Five Eyes) can only see one end of international connections. In such cases, the hardest part is typically penetrating a perimeter firewall. It might be an enterprise firewall, or the Great Firewall (GFW) of China. But without additional intercepts, traffic correlation and modification can't accomplish very much.
-
-While China is obviously a very formidable adversary, its international network reach has apparently remained quite limited. If that assessment is accurate, all low-latency anonymity systems that manage to connect through the GFW will arguably protect users in China for accessing destinations located outside China, with three exceptions. First, all of them are easily broken for destinations that are under Chinese control. Second, all are broken for destinations that are vulnerable to Chinese man-in-the-middle (MitM) attacks, perhaps relying on counterfeit SSL certificates or protocol vulnerabilities. Third, all are more-or-less vulnerable to Sybil attacks, as we discuss below.
-
-The GFW blocks anonymity systems in at least four ways. First, it blocks access to known entry servers. Second, it blocks traffic based on connection protocol, determined from characteristic headers and packet patterns. Third, it probes suspected entry servers, trying to detect anonymity systems by posing as a client. Fourth, as a last resort, it may simply throttle or block all encrypted traffic.
-
-Anonymity systems can evade the GFW (and other firewalls) by encapsulating their traffic in more generic connections routed via proxy servers. Some VPN services offer obfuscation proxy protocols such as [V2RAY](https://www.v2ray.com/en/) or [Obfsproxy](https://trac.torproject.org/projects/tor/wiki/doc/AChildsGardenOfPluggableTransports) (developed by the Tor project), SSH and/or TLS (stunnel) proxies, and a few use proprietary closed-source transport protocols.
-
-However, against resourceful adversaries, obfuscating the transport protocol is just a temporary fix. Once an adversary has identified a proxy server, it can simply block traffic to that IP address. More seriously, the adversary can also readily identify all users connecting to that proxy server. Furthermore, by investigating hosts that those users subsequently connect to, it can readily identify additional proxy servers.
-
-Distributing proxies is a hard problem. Adversaries can enumerate proxies by posing as users, and resourceful adversaries can field numerous malicious users. Tor bridges are distributed in several ways. Volunteers can create bridges, and share addresses on an ad hoc basis. There's a central BridgeDB but the bridges list isn't public information, but there are [different methods](https://tb-manual.torproject.org/bridges/) to obtain a bridge address in an automated way.
-
-The recently proposed [Raceboat](https://petsymposium.org/popets/2024/popets-2024-0027.pdf) framework, inspired by [CloudTransport bridge](https://www.petsymposium.org/2014/papers/Brubaker.pdf) design takes a different approach. Raceboat purpose is to offer a censorship resistant service helping end users to get access to bridges with a large choice of protocols, instead of having each software embedding their own [Pluggable Transport](https://www.pluggabletransports.info/).
-
-### Passive Adversaries with International Network Reach
-
-Tor is generally far less vulnerable than are most VPN services to passive adversaries with international network reach. It is far larger, and far less vulnerable to coercion. There are many more simultaneous users, and many more nodes (relays). Relays are distributed globally, in numerous data centers, among many nations, and with no central ownership or management. Furthermore, traffic paths change, frequently and unpredictably. Given that, it is arguably impractical for most adversaries to obtain enough intercepts.
-
-Global passive adversaries would, by definition, have enough intercepts. However, there are typically about [four million Tor users](https://metrics.torproject.org/userstats-relay-country.html), and on the order of several million concurrent circuits. Tracing a particular Tor circuit would entail correlating conversations in one intercept (presumably starting with an exit relay or entry guard) with several million conversations intercepted from at most a few thousand other relays. That would be trivial for a global adversary. However, cross correlating all the several million concurrent conversations from all Tor relays would involve on the order of 10{{< sup >}}13{{< / sup >}} comparisons, which is arguably not so trivial. In other words, all but the most resourceful global passive adversaries may be computationally bounded. And in any case, as discussed below, Sybil attacks against Tor are far easier.
-
-Against adversaries with enough network reach to observe a given fraction of the system's nodes, mixnets resist compromise better than Tor does. That is so because mixnets distort traffic patterns, whereas Tor relays do not. That distortion hinders correlation of traffic flows captured in different network segments.
-
-Against adversaries with limited international network reach, Tor resists compromise correctly. That is so for two reasons. First, as noted, observing all system nodes is hard for Tor. Second, cross correlating user conversations between entry and exit intercepts involves a lot of comparisons. Conversely, cross correlating all Tor conversations would require on the order of 10{{< sup >}}13{{< / sup >}} comparisons.
-
-Most VPN services are vulnerable against international reach adversaries. There are typically 10–100 servers, located in 5-20 data centers, in perhaps as many nations, with a hundred users per server. All servers are typically under common ownership and/or management. For providers offering only one-hop routes, an adversary only needs to correlate entry and exit conversations on one server. For all but the largest VPN services, cross correlating all entry and exit conversations would involve far less than a million comparisons.
-
-A few large VPN services have several thousands or more servers, with numerous IP addresses per server, located in perhaps more than 100 data centers. But even for the largest, cross correlating all entry and exit conversations would involve at most a few million comparisons. It all depends on where entry and exit nodes are located, where an adversary can observe traffic, and how many comparisons among concurrent conversations would be required. However, given common ownership and/or management of VPN services, social engineering, or legal and/or political coercion, would be more-likely approaches.
-
-Some VPN services offer multi-hop routes. For example, there might be three servers (A,B,C) in different countries, with six available two-hop routes (A-B,A-C,B-A,B-C,C-A,C-B). Multi-hop routes can offer better protection against passive adversaries with limited network reach, because all users' traffic transits two or more nations. Also, as the entry and exit servers connect using VPNs, adversaries can't intercept individual user connections between servers. But again, common ownership and/or management is the key vulnerability. Multi-hop providers are less vulnerable when the servers are not all in the reach of the adversary who would either know from the VPN entry point that a user is using a multi hop VPN, or from the VPN exit point that a request was done from a multi hop setup.
-
-### Sybil Adversaries
-
-For Sybil adversaries, key assets are large server clusters and fast uplinks. That allows them to run numerous malicious clients and/or attractive network nodes, to efficiently analyze collected data, and to exploit what they learn. They are strongest when they own both clients and network nodes of anonymity systems, because they can use them synergetically. There is no requirement for broad network reach, just bandwidth. We conservatively assume that Sybil adversaries are computationally unbounded.
-
-Even with limited organizational support, anyone with the financial resources and expertise to wield large cloud server clusters (such as public cloud cluster compute instances) can be a strong Sybil adversary, at least for limited periods of time. Given typical cloud pricing structures, enormous resources are very affordable on limited terms. China is undoubtedly a formidable Sybil adversary, given its immense technical (and human) resources. But other plausible examples range from skilled individuals to small academic research groups to non-government gangs to state-level intelligence agencies (such as the NSA).
-
-### Sybil Adversaries vs VPN Services
-
-Introducing malicious VPN servers is both difficult (because one entity owns and/or manages all the servers) and immediately fatal to anonymity (because there's usually just one server between users and destinations). Given that, Sybil attacks involving malicious VPN servers amount to coercion, which we do not discuss.
-
-Consider an adversary, with limited network reach, that seeks to deanonymize those using VPN services to access an Internet destination, such as a social networking site, a discussion forum or an IRC channel. While engaging targeted users there, it could carry out distributed denial of service (DDoS) attacks on various VPN servers, perhaps by initiating bogus TLS handshakes from numerous malicious clients. Unless those VPN servers were protected by intervening firewalls that limited the rate of new connections, this would tie up CPU capacity needed for handling traffic of already-connected clients, and might even crash them.
-
-An effective DDoS attack on a particular VPN server would interfere with its users' activity, and might even take them offline. Given enough testing, the Sybil adversary would know which VPN server each targeted user was connecting through. Knowing that, the adversary might try to directly compromise the server, or go after the operator and/or hosting provider. Depending on its resources, it might use such approaches as political or legal coercion, spearfishing and social engineering.
-
-For adversaries that can observe traffic at Internet exchange points between users and VPN servers, there may be no need to compromise VPN servers or their operators. Given an effective DDoS attack on the right VPN server, the adversary would see impacts on both a user's online activity and their connection to the server. State-level adversaries are canonically resourceful for such attacks against all low-latency anonymity systems, but especially against VPN services.
-
-### Sybil Adversaries vs Tor
-
-Although Tor is much larger than VPN services, it is an open system, where Sybil adversaries can readily wield both clients and relays. Given that, Tor is arguably more vulnerable to pure Sybil adversaries, which we consider to have very limited network reach and no coercive authority. Indeed, Sybil attacks by academic research groups have apparently compromised substantial percentages of Tor users over several months.
-
-Given that state level actors have orders of magnitude more resources, one might expect that Tor is entirely defenseless against them. However, even though Tor is an open system of untrusted relays, entry and behavior of relays are subject to oversight by a core group of trusted developers and relay operators. Also, there is a vetting process for new relays, which seeks to limit disruptive and malicious behavior.
-
-In other words, Sybil attacks on Tor aren't so much limited by an adversary's resources as they are by oversight. While that largely mitigates the resource advantage possessed by nation-state adversaries such as the NSA and China, it does so only for Sybil attacks. There is no such defense against passive network analysis by nation-state adversaries with adequate network reach, because it's not readily detectable.
-
-Consider a pure Sybil adversary, which can wield numerous malicious Tor clients and relays, but lacks other resources. It fields two groups of malicious relays, one targeted for use as entry guards, and the other targeted for use as exit relays. By comparing traffic through circuits handled by member of those groups, it can identify circuits where it provides both an entry guard and an exit relay. That compromises clients, because the adversary knows both their IP address and the Internet destinations that they are accessing.
-
-For malicious entry guards, the strategy involves avoiding the Exit flag by blocking connections to the Internet, and getting the Guard flag by being online continuously for at least eight days. In practice, malicious entry guards would remain online continuously during an attack, to maximize their usage. For malicious exit relays, the strategy involves getting the Exit flag by allowing connections to the Internet, and avoiding the Guard flag by being continuously online for periods of a week or less.
-
-An adversary can increase the speed and breadth of this Sybil attack by employing malicious clients in DDoS attacks against honest relays. By attacking honest entry guards, the adversary can gradually push user clients to its malicious entry guards. Similarly, by attacking honest exit relays, the adversary can push user clients to its malicious exit relays.
diff --git a/src/content/es/pages/privacy-guides/an-introduction-to-privacy-anonymity.md b/src/content/es/pages/privacy-guides/an-introduction-to-privacy-anonymity.md
deleted file mode 100644
index 9201186a7..000000000
--- a/src/content/es/pages/privacy-guides/an-introduction-to-privacy-anonymity.md
+++ /dev/null
@@ -1,53 +0,0 @@
----
-title: 'An Introduction to Privacy & Anonymity'
-author: Ed Holden
-url: /privacy-guides/an-introduction-to-privacy-anonymity/
-section: Basic
-weight: 30
-articles: [
-  {
-    title: "An Introduction to Tor vs I2P",
-    url: "/privacy-guides/an-introduction-to-tor-vs-i2p/"
-  },
-  {
-    title: "Applying Risk Management to Privacy",
-    url: "/privacy-guides/applying-risk-management-to-privacy/"
-  },
-]
-date: 2021-10-30T12:42:14+00:00
-layout: guides-details
----
-## Introduction
-
-Living in today's interconnected world has brought with it significant advantages. Most apparently, the velocity of communication and information interchange has opened new avenues for the propagation of ideas and new businesses in ways that were in the domain of science fiction only a few generations ago. However, along with the benefits this new world provides, there are significant new challenges raised. The same technology that allows families to communicate in realtime across continents also enables widespread cataloguing of those conversations' contents. The same technology that allows online retailers to customize your shopping experiences in such a way as to give you exactly what you want from the comfort of your own home also allows data brokers a form a highly detailed profile of you. These are constructed not just by using information you have provided, but the massive amounts of consumer data they harvest and acquire from other partners. Data has been dubbed the new oil and the most important resource to harvest. Its availability, abundance and usefuleness is increasing, and business models built on exploiting these trends have generated trillions of dollars in market capitalisation for a handful of companies. 
-
-## Privacy vs Anonymity
-
-This complex system that we find ourselves in demands precision of thought and language to ensure that we are able to achieve our individual privacy goals. It is therefore important to analyze and differentiate between two different, though closely intertwined notions: privacy vs. anonymity.
-
-### Privacy
-
-Privacy lies at the intersection of two fundamental social notions: control and trust. That is, who has control over information about you, and do you trust him or her to keep that information secret? When students enter a university, they know that the university will be cataloging their performance in class. That catalogue of performance can function as a proxy for a student's intelligence, work ethic, or even just their interest (or lack thereof) in a given field of study. This is intimate data about an individual that a person rightfully would like to be kept private. Unfortunately for the students, they lack control of this data - it exists in their university's database. However, due to local laws and contractual obligations, the student is aware that the university would face substantial sanctions and liability were it to reveal their private data to others without their prior authorization.   
-
-### Trust
-
-Because of these safeguards, the student has 'trust' that their private information will be protected by the university; interests are aligned. The students then can say that their grades or marks at university are still 'private'. The fact of the matter is that we face situations like this every day. We often are coerced, either out of convenience, law, or some other force, into giving up some element of control over our private information. In the case the students above, their only way to receive some sort of certification in their field is to submit to the system of the university. Usually this is marked with some assurances that the information will only be used for agreed-upon purposes: we enter a trust relationship with the entity to whom we give control of our information. Unfortunately, many of these entities have shown themselves to be less than trustworthy. Whether it is governments [wiretapping its own citizens][1] without following necessary legal requirements, social media corporations playing [fast and loose][1] when interpreting privacy policies, or your ISP [selling your browsing history][2] to marketers and data brokers, we cannot trust those gain control of our private information through coercion.
-
-### Anonymity
-
-We are now faced with a predicament: how do we maintain our privacy when we are forced to give up control of our private information and we know that we cannot trust the entities to whom we give the information? Here is where the concept of anonymity comes into play. Consider a political dissident posting blog entries that are critical of the regime currently in control of their nation. In any nation, it can be assumed that there is at a subset of the population that does not support the current leadership. The difficulty comes into play when the dissident's ISP provides the government with logs tying the blog post to the their home internet connection. If they could somehow bifurcate their physical-world identity from their blog entries, then the fact that he cannot trust their ISP ceases to be relevant. This could be as simple as using open Wi-Fi access points from which to make their posts - this can be risky however, as one tries to avoid patterns of access that could give clues to one's identity. While the outcomes you might face from the loss of privacy are possibly different or less grave, this concept can be adapted to your specific situation.
-
-### Regaining control
-
-Essentially, we see that anonymity allows us to extract the need for control and trust from all of our private information and consolidate it into one very special piece of information: our identity. The dissident blogger does not care if his government knows that there are those who oppose them - as long as they do not know that he is one of them. Anonymity, then, can be thought of as a function applied to a given set of private data. It factors out the term of 'identity' from the set of data to which it is applied. However, just as a factored term can be multiplied back into a mathematical equation easily, so can the 'identity' that has been factored out from a set of data. Given that routing on the internet is a complicated process and there are no guarantees of trust along the way, it makes sense to drop the 'identity' term as quickly as possible from the equation in order to permanently bifurcate who you are from your information. 
-
-Achieving this separation and attaining 'anonimity' online is becoming harder with the increase in range and effectiveness of capabilities to identify you. To get started with basic steps you can consult EFF's [Surveillance Self-Defense documents][3]. As a next step we recommend reading the rest of our [Privacy Guides][4], working your way up to Advanced guides that discuss compartmentalization and isolation using virtual machines, nested VPN chains and Tor.
-
-As you choose technical safeguards to put in place to protect your privacy online, remember that there are significant economic and political entities who are trying to catalogue your every action online: everything from your latest email to your grandmother to the anonymous (or so you thought) report you made as a whistleblower to your nation's trade commission. Vigilance is advised. 
-
-
-
-[1]: https://www.ftc.gov/news-events/press-releases/2021/10/ftc-staff-report-finds-many-internet-service-providers-collect
-[2]: https://www.nationalreview.com/2017/05/nsa-illegal-surveillance-americans-obama-administration-abuse-fisa-court-response/
-[3]: https://ssd.eff.org
-[4]: https://www.ivpn.net/privacy-guides/
diff --git a/src/content/es/pages/privacy-guides/an-introduction-to-tor-vs-i2p.md b/src/content/es/pages/privacy-guides/an-introduction-to-tor-vs-i2p.md
deleted file mode 100644
index 3dac9c2ad..000000000
--- a/src/content/es/pages/privacy-guides/an-introduction-to-tor-vs-i2p.md
+++ /dev/null
@@ -1,48 +0,0 @@
----
-title: An Introduction to Tor vs I2P
-author: Ed Holden
-url: /privacy-guides/an-introduction-to-tor-vs-i2p/
-section: Basic
-weight: 40
-articles: [
-  {
-    title: "Applying Risk Management to Privacy",
-    url: "/privacy-guides/applying-risk-management-to-privacy/"
-  },
-  {
-    title: "Creating a VM within a hidden truecrypt partition",
-    url: "/privacy-guides/creating-a-vm-within-a-hidden-truecrypt-partition/"
-  },
-  {
-    title: "How to perform a VPN leak test",
-    url: "/privacy-guides/how-to-perform-a-vpn-leak-test/"
-  }
-]
-date: 2020-11-11T13:48:54+00:00
-layout: guides-details
----
-Darknet. The word in and of itself brings to mind visions of the seedy underbelly of the internet; a virtual red-light district, back alley, and digital ghetto all rolled into one. Despite this threatening image that the media and many governments would like to imprint on the public consciousness, privacy-aware individuals know that in todays world of ISP data retention being measured in petabytes and massive supercomputing resources being thrown at traffic analysis by both governments and private industry alike, individuals must take it upon themselves to ensure the freedoms that come with anonymous information access and communication. Two of the most popular tools for doing so on the internet are Tor and I2P. Both will be compared and contrasted below.
-
-## Tor
-
-We will begin by examining the underlying technology of the [Tor network][1] with an eye towards how it works to protect your anonymity online. The Tor network is comprised of three different types of nodes: directory servers, exit points (also referred to as exit relays), and internal relays. When you connect to Tor, the first thing your client does is acquire a current list of relays from one of the trusted directory servers. The addresses of these servers are included with the basic configuration files shipped with the client (of course, as with any reputable privacy tool, you have the option to alter what directory servers you trust to provide you with valid relays).
-
-After retrieving a list of currently operational relays from the directory servers, your client then determines the optimal route for your traffic across the Tor network and finally terminating (from the Tor network perspective) at an exit node. This circuit created consists of your computer, the relay to which you are connecting and multiple internal relays before reaching an exit node. Note that this is substantially different that the traditional IP forwarding that occurs between routers on the internet. Traditional IP routers follow a best possible route on a per-packet basis, there are no 'stateful' circuits from an IP perspective (as a qualifier to this statement, it is necessary to grant that it is within the technical realm of possibility that every router between you and the computer you are connecting to could have single, static routes to one another, though in practice this is a near impossibility). In short, for the life of a circuit, all of your traffic will follow the same route within the Tor network and exit at the same point. Later, we will see how this is fundamentally different that the way the I2P network operates.
-
-During the circuit creation process, your client exchanges cryptographic keys with the first relay it connects to and begins encrypting traffic back and forth. Further each hop in transit between the various relays is encrypted using those relays' cryptographic keys. You can visualize this as layers of encryption being wrapped around your data: this is where the phrase 'onion routing' comes from when describing the type of network Tor establishes. Finally, your encrypted traffic is decrypted at the exit relay where it is then forwarded out onto the 'regular' internet. This is one of the ways that Tor helps maintain your privacy online - each exit node is aggregating traffic from many other Tor users and putting it out onto the internet all at once. Your traffic becomes a small stream in the giant swath of data coming from and entering back into any given exit node. It is also important to note that your exit node only knows which intermediate node to send receiving data back to (this is also true for each internal to internal leg of the circuit). What this means is that your identity and the content of your traffic are cryptographically bifurcated - your entry node knows who you are but not what you are doing and your exit node knows what you are doing but not who you are. All the relays in between only know to forward the encrypted payload to the next relay on the circuit. Assuming that the content of your traffic does not reveal your identity, this permits you to browse the internet completely anonymously.
-
-As a side note, Tor also allows you to run and access what are called ''hidden services'. These are servers that are accessible only from within the Tor network itself. While this is not the primary purpose for Tor, it does provide an opportunity for one to use dedicated in-network services in a cryptographically secure manner. Among the various hidden services are various blogs, email servers, and forums. We will see later how I2P provides a better framework for providing these hidden services, but if one's primary goal is to access 'regular' internet services in a anonymous fashion, Tor is a vital tool in one's arsenal.
-
-## I2P
-
-On the surface, [I2P](https://geti2p.net/) appears to provide many of the same benefits that Tor does. Both allow anonymous access to online content, both make use of a peer-to-peer-like routing structure, and both operate using layered encryption. However, I2P was designed from the ground up to provide a different set of benefits. As we saw above, the primary use case for Tor is enabling anonymous access of the public internet with hidden services as an ancillary benefit. I2P on the other hand, was designed from day one to be a true 'darknet'. Its primary function is to be a 'network within the internet', with traffic staying contained in its borders. Very few outbound relays exist in the I2P network, and the few that do exist are rarely usable.
-
-As mentioned above, I2P routes traffic differently than Tor. At its heart, I2P performs packet based routing as opposed to Tor's circuit based routing. This has the benefit of permitting I2P to dynamically route around congestion and service interruptions in a manner similar to the internet's IP routing. This provides a higher level of reliability and redundancy to the network itself. Additionally, I2P does not rely on a trusted directory service to get route information. Instead, network routes are formed and constantly updated dynamically, with each router constantly evaluating other routers and sharing what it finds. Finally, I2P establishes two independent simplex tunnels for traffic to traverse the network to and from each host as opposed to Tor's formation of a single duplex circuit. This provides the additional benefit of only disclosing half the traffic in the case of an in-network eavesdropper.
-
-From an application-level perspective there is a fundamental difference between the I2P and Tor networks as well. Tor functions by providing a proxy on your local machine that you must configure your applications to use (of download specially configured application bundles). In contrast, I2P is generally used by applications that are written specifically to run on the I2P network. These include, but are not limited to, instant message, file sharing, email, and distributed storage applications (yes, you can store encrypted data in the I2P `cloud,` similar to Freenet).
-
-## Conclusion
-
-We see that both Tor and I2P provide cryptographically sound methods to anonymously access information and communicate online. Tor provides one with better anonymous access to the open internet and I2P provides one with a more robust and reliable 'network within the network', a true darknet, if you will. Of course, when implementing either of these two tools, one must always be aware that one's ISP can see that he or she is using Tor or I2P (though they cannot determine the content of the traffic itself). In order to hide this knowledge from one's ISP, a trustworhty VPN service can act as an entry point to one's anonymous network of choice.
-
- [1]: https://www.torproject.org/
diff --git a/src/content/es/pages/privacy-guides/applying-risk-management-to-privacy.md b/src/content/es/pages/privacy-guides/applying-risk-management-to-privacy.md
deleted file mode 100644
index cf1aeaf42..000000000
--- a/src/content/es/pages/privacy-guides/applying-risk-management-to-privacy.md
+++ /dev/null
@@ -1,83 +0,0 @@
----
-title: Applying Risk Management to Privacy
-author: Ed Holden
-url: /privacy-guides/applying-risk-management-to-privacy/
-section: Basic
-weight: 50
-articles: [
-  {
-    title: "Creating a VM within a hidden truecrypt partition",
-    url: "/privacy-guides/creating-a-vm-within-a-hidden-truecrypt-partition/"
-  },
-  {
-    title: "How to perform a VPN leak test",
-    url: "/privacy-guides/how-to-perform-a-vpn-leak-test/"
-  },
-  {
-    title: "How to verify physical locations of Internet servers",
-    url: "/privacy-guides/how-to-verify-physical-locations-of-internet-servers/"
-  }
-]
-date: 2013-10-23T13:53:54+00:00
-layout: guides-details
----
-Here is a startling fact: **there is no perfect privacy solution on the internet**. The truth is that every time you send bits down the wire, there is a chance that someone along the way is tying those bits back to your real-world identity. My guess is that now you are telling yourself, `Of course, I've always known that.` Good, because we are not going to spend the time to establish the validity of this claim - others have done that in more detail and with more direct evidence than I have access to (just ask former AT&T technician Mark Klein{{< sup >}}[1](#ref1){{< / sup >}}).
-
-## Why risk management
-
-Despite knowing that fact, we in the privacy-aware community often haphazardly apply whatever internet privacy safeguards we have access to, without regard for addressing specific threats. Sometimes this leads to missing certain essential safeguards, such as ensuring that we are connecting to our email servers using SSL/TLS, but then not thinking about the fact that our emails are then usually sent without encryption over the wire to the recipient's email server. More often than that, though, we end up throwing every tool at every problem, thus degrading the quality of our online experience unnecessarily. Imagine here the case of an individual with a trusted laptop accessing his email server through an untrusted local network. Knowing that the network is untrusted and believing that the network owner has an interest in reading the user's email, the user ensures he is using email encryption such as GPG and that he is connecting to his server over a SSL/TLS wrapped connection. Now, this is a solution that will in fact mitigate against the threat of eavesdropping by the network owner but it also carries with it a fairly high price in terms of convenience: the person you are sending the email to must also be a GPG user (and those of us who have tried to use GPG regularly know how big of an uphill battle it is to convince others to do the same). Essentially, the point is that all privacy and security assurances come with a cost in terms of convenience. Given that fact, it makes sense that we take the time to analyze what specific privacy risks we are trying to mitigate and apply the minimum necessary solution the address those risks. In short, we should apply risk management techniques to our online privacy concerns, lest we end up creating systems that are unnecessarily onerous that we, in all honesty, are unlikely to comply with in the long run due to the convenience factor.
-
-## Risk management steps
-
-We are going to take an example-driven simplified view at applying a well-known risk management framework to the question of securing one's privacy on the internet. We will be using the US National Institute of Standards and Technology Risk Management Framework, a system that serves as a model for many other proprietary risk management systems and is well known to many who operate in the information security world. This framework includes the following steps:
-
-  1. Categorize the information based on importance or impact
-  2. Select a baseline set of controls to protect that information from the known set of relevant threats
-  3. Implement those controls
-  4. Authorize the system based on the evidence that the residual (unmitigated) risk is acceptable
-  5. Monitor the implemented controls on a continuous basis to ensure that they are functioning to truly mitigate the targeted risks.
-
-### Categorize
-
-Consider the case of a political dissident in a nation with an oppressive regime. He holds a regular job, attends the expected social functions, but at night he posts to a non-domestically hosted blog about the injustices he witnesses in his home country. This is the only subversive action he takes. In this situation, the dissident would categorize only his identity in the blog posts as essential to be kept private - the government, at least putatively, has no interest in his regular emails and other internet-based activity. Further, he knows that there is collusion between the companies that provide internet access in his country and the government, and that this collusion entails tracking the source of blog posts that undermine the current regime.
-
-### Select
-
-Based on the facts our dissident is aware of listed above, he decides that the best way to protect his identity is to ensure that all of his blogging activity happens over an encrypted connection that terminates outside of his country. To accomplish this, he selects an international VPN service that allows him to choose an exit point in a different country{{< sup >}}[2](#ref2){{< / sup >}}. He now knows that the government, through its collusion with his ISP, can only see an encrypted stream of traffic from his computer to the VPN server: no data and no final destinations are available to them.
-
-### Implement
-
-This is where the user's technical expertise is put to the test. With every risk mitigation technique, there are key items that must be implemented correctly or the mitigation will fail. For the dissident, one of these key items is to ensure that his computer is in fact sending all internet-bound traffic over the VPN tunnel, including DNS requests. If his DNS requests are going to his home router instead, it is likely that this router gets its DNS info from the ISP's server, thus providing knowledge to his ISP that he is accessing anti-government web sites. This becomes the most dangerous type of situation - one where you believe a risk is adequately mitigated, but in fact, this belief is just an illusion. If this were the case for our dissident, he would carry on making his blog posts until his door was kicked in and he was `disappeared,` all the while, wondering what went wrong. The take-away point here is to make sure that you have the technical expertise to implement the risk mitigation technologies you choose.
-
-### Assess
-
-During this step, our political dissident would run tests to validate that his VPN service is actually encrypting and forwarding all of the traffic that could provide information leak. He might run tcpdump or Wireshark on his network interface to ensure that all internet-bound traffic was in fact tunneled through the encrypted VPN connection. He could also watch the handshake connection with the VPN server to ensure that a cypher of sufficient strength to prevent cracking was being used. In big-picture terms, this is where you verify that your protection scheme is working the way you intended it to.
-
-### Authorize
-
-Now, in a large organization or government, this is the step where a system would be evaluated by a supervisory person or group to ensure that the risk/payoff ratio was minimized to a sufficient degree given the goals of the organization. Of course our dissident has no such supervisor. Instead, on an individual user basis, this is where our dissident would step back and think again about what he is risking (threat of violence for speaking out about his government) and whether or not the mitigating technologies do in fact reduce that risk to an acceptable level. It is easy to want to gloss over this step and just run with the system as it has been configured. However, it is always prudent to take one last moment before taking the risk to step back and ask oneself again, `Have I articulated all the risks I can think of and do my mitigation strategies actually address all of those risks?`
-
-### Monitor
-
-This is the final and continuous step in the risk management process. For our dissident, this involves not just spot checking his VPN connection to ensure that it is working correctly, but also keeping aware and informed of new risks that may emerge. For instance, the encryption certificates for his VPN service could be compromised or there may be a flaw discovered in the cryptographic cipher being used. Maybe no new technological risk emerges but instead his government just decided to begin searching the homes of anyone who they detect connecting to a non-domestic VPN service. Either way, it is vital to understand that the risk landscape is constantly in flux and one must continue to be aware of those changes in order to maintain the level of privacy one has established.
-
-In conclusion, remember that this is a highly simplified example of how the risk management process is carried out. Each individual will likely identify many risks with varying levels of likelihood, each requiring different strategies to mitigate. Even if you choose not to follow this process in a formal manner, it is still useful to practice thinking of threats to one's privacy in these general terms - it will help guide your thinking towards finding optimal solutions that are both effective and easy enough to live with.
-
-{{< raw-html >}}
-<div class="footnotes">
-  <hr />
-  
-  <h2>
-    Footnotes
-  </h2>
-  
-  <ol>
-    <li id="ref1">
-      <a href="http://en.wikipedia.org/wiki/Mark_Klein" target="_blank">http://en.wikipedia.org/wiki/Mark_Klein</a>
-    </li>
-    <li id="ref2">
-      For the purposes of this article, we are assuming a simplified threat model; of course a real-world risk management process would involve more complex and varied risks including the possibility of a man-in-the-middle attack and local computer compromise, among others.
-    </li>
-  </ol>
-</div>
-{{< / raw-html >}}
\ No newline at end of file
diff --git a/src/content/es/pages/privacy-guides/comparing-dvpns-centralized-vpns-privacy-protection.md b/src/content/es/pages/privacy-guides/comparing-dvpns-centralized-vpns-privacy-protection.md
deleted file mode 100644
index bd19e3476..000000000
--- a/src/content/es/pages/privacy-guides/comparing-dvpns-centralized-vpns-privacy-protection.md
+++ /dev/null
@@ -1,130 +0,0 @@
----
-title: "Comparing dVPNs and centralized VPNs for privacy protection"
-author: Viktor Vecsei
-url: /privacy-guides/comparing-dvpns-centralized-vpns-privacy-protection/
-section: Basic
-weight: 10
-articles: [
-  {
-    title: "18 Questions to ask your VPN Service provider",
-    url: "privacy-guides/18-questions-to-ask-your-vpn-service-provider/"
-  },
-  {
-    title: "Advanced Privacy and Anonymity Using VMs, VPN’s, Tor – Part 1",
-    url: "/privacy-guides/advanced-privacy-and-anonymity-part-1/"
-  },
-  {
-    title: "How to perform a VPN leak test",
-    url: "/privacy-guides/how-to-perform-a-vpn-leak-test/"
-  }
-]
-date: 2021-02-11T06:33:33+00:00
-layout: guides-details
----
-
-This introductory guide compares two type of VPN services: a legacy model built by centralized businesses, and distributed VPNs that have come to the market recently with a goal of disrupting it.
-As we have covered in earlier [blog posts][1] and [guides][2] the most important reason to use a VPN service from a privacy perspective is to obscure your internet traffic and browsing history from your ISP. Internet service providers and mobile network operators are incentivized to log, analyze, reuse and [sell this information][3], and/or are bound by data retention [requirements from governments][4]. Routing your traffic through a VPN on untrusted networks and masking your IP when accessing websites and services can offer further privacy benefits.
-
-Most commercial, centralized VPNs are designed to fulfil these use cases, and they are fit for purpose if (and only if) you trust your VPN provider more than your ISP. A recent wave of blockchain based projects promise to improve on the centralized VPN model by offering better transparency, multi-hop functionality, distributed nodes to connect to and pay-per-use compensation models. In this post we take a deeper look at both approaches to evaluate their pros and cons. The aim of this writeup is to help you decide if going with a decentralized solution makes sense for you.
-
-### What is not addressed in this guide?
-Commercial VPN services and other tools that shift your IP location and encrypt your traffic have other use cases besides privacy protection and evading dragnet surveillance. Chief among these are enabling connection to websites and services that are blocked by censorship or a firewall. Another benefit is the ability to unlock streaming content restricted to one geographical area. In these scenarios a decentralized VPN might do well, or perform better than a centralized service. This post focuses on the privacy protection aspects of VPNs. 
-
-### Introduction to dVPNs
-dVPNs use blockchain technology to operate a network of distributed nodes to connect to, and aim to improve on VPN service design in [other ways][5]. Current solutions promise proven inability for centralized logging, distribution of trust without one entity making decisions, and more fair payment systems. They aim for these improvements and highlight them as selling points while [promising to deliver][6] the same benefits as a centralized VPN service.
-
-When evaluating dVPNs, we consider the follow criteria as a baseline implementation:
-1. Traffic encryption between end points using the latest, verifiable cryptographic standards and protocols
-2. Many (ideally thousands of) nodes available for connections, not controlled by the same/small number of entities
-3. After connecting, traffic goes through at least three nodes - entry, relay and exit peers acting in coordination for their VPN traffic routing. An ideal dVPN setup mirrors [Tor's implementation][7], where the entry server you connect to knows who you are (IP address), but not what you do, since your traffic is encrypted and passed on to the next peer. The relay server(s) have no information about data source and its content. The exit server receives the encrypted traffic, decrypts it and routes it to the destination, knowing what you do, but not who you are. Having this three node implementation as a baseline is important for future evaluations, as it's a necessary to deliver on the promise of 'no logging is possible due to decentralized network design'.
-
-For the sake of comparison, we assume solutions meeting the above criteria are available on the market. In the upcoming sections we will discuss whether this assertion is true. 
-
-As a starting point, we will discuss the characteristics of a good VPN service for privacy protection, taking the properties we recommend people to look at when picking a solution. These are, in rough order of importance:
-
-### 1. Trust
-
-When picking a centralized VPN a key consideration is whether you can trust those running the service. Do they operate transparently with declared ownership? Do they have a long track record of doing their job without any problems and slip-ups? Do they have clear policies and legal guidelines to protect customers from undue scrutiny? These questions are important, as the answers will decide the trustworthiness of the service. This trust is required as you won’t be able to monitor with total certainty what the company is doing with the data you are passing on to them. If you can’t trust the operators of centralised VPN service, you should not use their product.
-
-The lack of need to trust one entity is one of the selling points of dVPNS. While this idea has merits due to their infrastructure design with no centralized entity capable of logging, your data does pass through one or more nodes in the system that are operated by companies or individuals that might be untrustworthy. They can observe the source and content of your traffic, or both, depending on their position in the network. The issue is that while the design of the most popular dVPNs (Orchid, Sentinel, Mysterium) rely on the multi-hop model described earlier for distributed trust, current implementation of these services default to direct connection to one node. In this setup you rely on a single node; most services don’t even offer multi-hop functionality. 
-
-With a single node acting as an entry and exit node, you need to know and trust its operator to not log your activities. Exit nodes can use the decrypted data for observation, identification and correlation attacks in cooperation with other entities. The Tor network, where your connection is routed through four nodes, suffer from unknown actors running [hundreds of malicious relays][8]. These potential drawbacks are even more prominent if a distributed network has many nodes, but a low number of users connecting to them. Crowding effects due to VPN users sharing the same exit IP make identification [more difficult][9]. Some dVPNs attempt to solve the issue of malicious nodes by routing your traffic to a new node with each new initiated connection, or by connecting to multiple nodes for [different requests][10]. Another approach to improve node trust, used by Orchid, is to enable and curate lists of "trusted nodes", but in that case you either need to vet nodes yourself, or outsource the assessment to a [third party][11]. The latter is not dissimilar to the trust you have to put into a centralized provider ‘curating’ their own list of servers after vetting infrastructure partners. 
-
-Regarding trust, we can conclude the design of dVPN infrastructure can provide a setup where trust in a centralized entity is not required, which would make it a better choice than centralized VPNs. On the other hand, dVPN exit node operators have the ability to keep detailed logs of your activities, which makes current implementations of the concept sub-par. Specifically with one-node setups, your IP address and unencrypted data is available for observation. In contrast, server hosting providers for centralized VPNs (ideally) don’t have direct access to data stored on servers, and thus cannot simply start monitoring connection and user activity. However, if they have physical access to the servers, with sufficient motivation and resources they can get access to the data.
-
-Since all dVPN providers we have looked at (Orchid, Sentinel, Mysterium and Deeper) default to a one-hop connection as of February 2022, we can state dVPNs are currently not better choices from trust perspective. Some providers go as far as promising ["hiding your IP from everyone"][12], which is a misconception.
-
-
-### 2. Sound technical implementation
-
-No matter how much you trust the operators of a centralized service, if their competence does not meet the requirements to run a VPN your privacy will be at risk. Implementation and upgrade of proven VPN protocols and standards are important criteria to evaluate against. We consider the minimum to be OpenVPN with SHA-256 authentication, RSA-2048 handshakes or better, AES-256 ciphers, or implementation of WireGuard, along with added [perfect forward secrecy][13]. Certainty around backend and infrastructure design that ensures no activity logging is critical. Centralized VPNs often fall short in demonstrating whether this condition is met; open sourced applications, regular audits and pentest reports are positive signals. Audits, however, are just a snapshot in time, and there is no way to verify the running code of a centralized service. This is where step 1. comes into play: you need sufficient trust towards the service.
-
-For decentralized VPNs soundness of implementation can be verified by you or an analyst you trust. dVPNs default to transparency, come with open source code and [open infrastructure design][5]. You can check against the claims of no system-wide logging or backdoors existing in the network, which makes the node behavior the only remaining aspect of the service you can't verify. Analyzing specific services is beyond the scope of this guide, we assume that years after launching there are services that deliver on their promises without obvious security flaws. As always, do your own research before using a service.
-
-### 3. Stability and Speed
-
-For centralized providers, stability comes from proper infrastructure design and fast resolution of networking issues in tandem with hosting providers that house their servers. Availability and uptime depend on these factors. You can only rely on the past performance of the network to judge whether it provides you with the level of resilience you need.
-Speed is another an important consideration - centralized VPNs that don't oversell their services can achieve minimal drops in speed even on a gigabit connection for customers located close to one of the server locations. This is a high bar, and many providers onboard too many users, creating a supply problem for capacity. If you choose to go with centralized services, it is a good idea to test multiple VPN providers for stability and speed before long-term commitments.
-
-In a decentralized network if one or even a large number of nodes go down your traffic is routed through different ones. This means that a well-designed dVPN network cannot be taken down as long as there are available nodes. The stability of the service with a working-as-intended decentralized infrastructure with a high number of available nodes could only be compromised because of issues with the application you use to interface with the network.
-
-Using the three-hop, ideal setup as a starting point for assessing speed, a degradation of speed is inevitable due to packets having to travel in different physical locations. Tor suffers from a similar user experience problem and speed issues are often cited in [assessments of the network][14]. Further, most dVPNs utilise residential nodes, often end-users in their networks, to act as peers. Bandwidth for retail customers [is improving][15], but limited compared to what professional infrastructure providers can offer to centralized VPN nodes. This is one potential reason why dVPN providers currently default to one-hop setups in their apps to improve usability and speed, even though they undermine the distributed trust promise in the process. One provider mitigates the issue by admitting that '10mbps to 40mbps' is the realistically achievable [average speed][16], while others partner with VPN services to act as exit (or single) nodes to [improve on this aspect][17].
-We can conclude that for speed, a centralized VPN has a good chance to win out against dVPNs. Making a similar comparison between a multi-hop setup of a centralized VPN and a three-hop dVPN is less straightforward. We can also argue that a centralized, capable provider who controls the servers in hand-picked location can better optimize for speed; results will vary based on your location, infrastructure and network conditions. In terms of resilience, in theory, dVPNs should perform better with regards to downtime and network-wide failures.
-
-### 4. Price
-
-Most commercial VPN services use a monthly/yearly recurring payment model. Some have flat pricing, some use discounts, but most get users to pay an annual fee. Such an approach can put customers with intermittent use or short-term plans at a disadvantage, having to overpay for a service they don't utilize or don't wish to commit to long term. Recurring subscriptions can also result in renewal payments for unused services that are not noticed.
-
-Decentralized providers, to improve fairness use a "pay per use" method, which, for most services is  heavily subsidised to be free or cheap. While we can find examples of this model getting adopted in the ‘meatspace', such as with gas pumps and calling cards, we suggest that the actual usability for a VPN service is subpar and unlikely to be an improvement over recurring subscriptions. Most customers don't know how much traffic they need, and rather not spend time topping up regularly. Having said that, if providers can nail better usability for purchases, this approach can result in fair pricing for customers. 
-
-One potential improvement over the centralized VPN model is the lack of personal data required when subscribing to dVPNs - you just need some tokens to use them. This upside is limited by the fact that multiple centralized VPNs don’t even need an email address to sign up, while also [accepting cryptocurrencies and cash][24]. 
-
-
-|            dVPN network            |                          Hops (default)                          |                                                           Exit nodes                                                          |        Data costs        | Device required  |                           Logs                          |
-|:----------------------------------:|:-------------------------------------------------------------------------:|:-----------------------------------------------------------------------------------------------------------------------------:|:------------------------:|:-----------------:|:-------------------------------------------------------:|
-| Deeper Network                     | 1 (with 'Full routing') | Each node is an exit by default. Mandatory for mining and full routing.  | 1 TB = 1 DPN ≈ $0,13     | Yes               | Exit nodes keep logs [on device][23]  |
-| Sentinel VPN                     | 1 - No multi-hop                                                      | Dedicated, incentivised, open to anyone.                                                                                       | Free                     | No                | No centralized logging, nodes can keep logs             |
-| OrchidVPN                          | 1 - Optional multi-hop                                | Whitelisted partners (VPN and hosting companies)                                                                              | 1 GB ≈ 0,06$             | No                | No centralized logging, nodes can keep logs             |
-| Mysterium                          | 1 - No multi-hop option                                                     | Dedicated, incentivised, open to anyone                                                                                       | 1 GB ≈ 0,01 MYST ≈ 0,04$ | No                | No centralized logging, nodes can keep logs             |
-
-### Further considerations for dVPNs
-
-The following points do not apply to all services, but are important to mention when evaluating distributed VPNs.
-
-1. As discussed before, exit nodes are important participants in a distributed VPN network, responsible for the decryption and routing of data packets to their next destination. For this reason they are liable for any abuse happening on the network, as their IP address will be associated with any such activity exiting through them. Depending on network design and go-to-market strategy, dVPNs approach them in different ways:
-    1. They incentivise end-users to acts as exit nodes, earning money or credits (Sentinel, Mysterium). These providers distribute guides for participants on how to deal with the ['exit node problem'][18]. 
-    2. Use 'trusted partners' as exit nodes, for example VPN providers and hosting companies to provide exit nodes (Orchid). Orchid's choice points to an issue of residential nodes acting as exits: when the law enforcement comes knocking, a decentralized network won't take end-user liability or provide legal assistance. Activists running exit nodes for Tor have been battling with this issue since the [inception of the network][19]. We recommend assessing whether the system is sustainable if exit node operators are not protected from or don't understand the ramifications of potential abuse.
-2. Certain dVPNs prioritise other use cases over privacy and don’t mask your IP address by default. One example is Deeper Network, where only connection requests that the system deems qualifying pass through the nodes in the network ("smart route"). Masking of your IP and encrypted connection can be achieved only by switching to a "DPN full route" mode, which forces you to become an exit node, resulting in a [tricky tradeoff][20]. The "smart route" option might come handy for P2P downloading and geo shifting for streaming services, but their design choices show that Deeper Network is not a good choice for privacy.
-3. When you are evaluating centralized VPNs, it's important to keep in mind that in most cases if the service is free, your data is the product sold to someone else. While this warning might not apply to all dVPNs, they reward nodes with token distribution and customers with free access when they are starting out. As the service matures and supply and demand starts to grow organically, there is no need for incentivisation. However, if there is no money coming into a closed system it cannot sustain itself for long - subscription fees are an obvious solution for this. Don't pick a service just because it's free right now.
-4. Some dVPNs, like the Deeper network rely on [proprietary devices][21] that sit between your modem and your device/router. If you need a VPN solution on the road their solution might not be a good fit.
-
-### Comparison summary 
-
-With centralized VPNs you have to trust those running the service that the implementation of all parts of their system reflect their privacy-protecting promises. This trust is the key point of failure: you don't need to additionally consider details like traffic routing rules and potential malicious nodes. In case of dVPN, you don't need to trust a central entity, but you face challenges of achieving a practical multi-hop setup and vetting of nodes (or list of nodes).
-
-Decentralized VPNs offer a vision where trust in a single entity is not required, making them potentially better choices for evading ISP and dragnet surveillance. Current solutions in this segment, however, fall short of these promises because of implementation choices around one-hop routing, questions around exit node trust and liability and [low adoption rates][22]. For privacy protection, a centralized VPN service is a better choice if you are ready to trust a provider with handling your data. If that trust leap is too big for you, or you care deeply about decentralisation, going with a dVPN is a better idea - just consider the tradeoffs detailed in this guide.
-
-[1]:https://www.ivpn.net/blog/vpn-imperfect-necessary-privacy-enhancing-tools/
-[2]:https://www.ivpn.net/privacy-guides/will-a-vpn-protect-me/
-[3]:https://www.ftc.gov/news-events/press-releases/2021/10/ftc-staff-report-finds-many-internet-service-providers-collect
-[4]:https://privacyinternational.org/sites/default/files/2017-12/Data%20Retention_2017.pdf
-[5]:https://docs.sentinel.co/assets/files/whitepaper-513665f81a5d6c4b462e111926d26f57.pdf
-[6]:https://blog.orchid.com/everything-you-need-to-know-about-centralized-decentralized-and-opensource-vpns/
-[7]:https://www.eff.org/pages/what-tor-relay
-[8]:https://tech.slashdot.org/story/21/12/03/2237223/a-mysterious-threat-actor-is-running-hundreds-of-malicious-tor-relays
-[9]:https://www.ivpn.net/knowledgebase/general/do-you-offer-dedicated-or-static-ip-addresses/
-[10]:https://www.orchid.com/whitepaper/english.pdf
-[11]:https://blog.orchid.com/orchids-network-random-selection-stake-weighting/
-[12]:https://www.mysteriumvpn.com/post/unblocking-the-internet
-[13]:https://privacyguides.org/vpn/
-[14]:https://support.torproject.org/tbb/tbb-22/
-[15]:https://www.nngroup.com/articles/law-of-bandwidth/
-[16]:https://deeper-network.medium.com/a-101-on-dpns-bd5e2b7c9e25
-[17]:https://blog.orchid.com/orchid-partners-with-liquidvpn/
-[18]:https://dvpnalliance.org/exit-node/
-[19]:https://www.accessnow.org/a-torifying-tale-our-experiences-building-and-running-tor-servers/
-[20]:https://deepernetwork.cc/d/273-advice-on-settings-for-browsing-anonymity-and-security/10
-[21]:https://shop.deeper.network/buy
-[22]:https://stats.sentinel.co/stats
-[23]:https://deeper-network-inc.gitbook.io/deeper-connect-knowledge-base/atom-os-functions/device/device-log
-[24]:https://mullvad.net/en/blog/2017/1/13/clarifying-our-no-logging-policy/
diff --git a/src/content/es/pages/privacy-guides/creating-a-vm-within-a-hidden-truecrypt-partition.md b/src/content/es/pages/privacy-guides/creating-a-vm-within-a-hidden-truecrypt-partition.md
deleted file mode 100644
index 0ed1979aa..000000000
--- a/src/content/es/pages/privacy-guides/creating-a-vm-within-a-hidden-truecrypt-partition.md
+++ /dev/null
@@ -1,122 +0,0 @@
----
-title: Creating a VM within a hidden veracrypt partition
-author: Ed Holden
-url: /privacy-guides/creating-a-vm-within-a-hidden-veracrypt-partition/
-section: Misc
-weight: 10
-date: 2013-10-23T13:54:43+00:00
-layout: guides-details
----
-In March of 2011, the US 9th Circuit Court of Appeals ruled that Border Patrol agents have the authority to seize, copy, and inspect the contents of any electronic storage device crossing into the United States. To make matters worse, you have no control over what happens to the copies of your data created when (or if) your device is returned to you. Perhaps your online banking password is stored on your hard drive. Or perhaps you have confidential business correspondence in your email client. Maybe all you have stored is a collection of family photos that you'd rather not see a bunch of strangers thumbing through. How do you protect your privacy while still complying with these (albiet onerous) requirements?
-
-The obvious solution to this problem is to encrypt the data. This, however, may not be enough to protect your privacy. Courts (at least in the US) have also ruled that a person can be forced to give up encryption keys to facilitate access to private data. Therefore, the key is not just to encrypt your data, but also to have plausible deniability that the data even exists in the first place. The solution? A hidden encrypted virtual machine.
-
-## Overview
-
-The big-picture view of the procedure to set up a hidden encrypted virtual machine are as follows:
-
-  1. Download and install the required software: 
-      * [VeraCrypt](https://veracrypt.fr/en/Downloads.html)
-      * [Oracle VirtualBox](https://www.virtualbox.org/)
-      * Your operating system of choice (this guide will demonstrate FreeBSD but most other operating systems will work, including Windows and Linux distros such as Ubuntu)
-  2. Create a VeraCrypt encrypted container and a hidden volume within the container.
-  3. Launch VirtualBox and install your private OS into the hidden volume in the VeraCrypt container.
-
-## Downloading and installing the software
-
-We are going to assume that you already know how to download and install software in your host operating system. Here are a few items to note as you install the software. As of this writing, the latest stable versions of the required software are VeraCrypt v. 1.25.4, VirtualBox v. 4.1.20, and FreeBSD 9.0. Be sure to use the latest versions of these applications to ensure that known bugs and security issues have been addressed. Also, since VeraCrypt will be the crux of your secure operating environment, be sure to validate the downloaded file with VeraCrypt's PGP signature to ensure that the application has not been tampered with (available from [https://veracrypt.fr/en/Downloads.html](https://veracrypt.fr/en/Downloads.html)).
-
-## Creating the Hidden Volume
-1. Launch the VeraCrypt application and select `Create Volume`<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-00.png)
-
-2. Select the option to create an encrypted file container. This will give you the ability to keep the entire system portable (you can keep it on your hard drive, place it on a USB stick, etc.) Optionally, you can choose instead to actually create an encrypted partition on one of your devices.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-01.png)
-
-3. At this screen, select the option to create a hidden VeraCrypt volume.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-02.png)
-
-4. Here you choose a filename for your container and a location to store it. Do not worry too much about hiding this file, its location is not a factor in protecting the plausible deniability of the existence of your virtual machine.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-03.png)
-
-5. Here, you are to select the encryption and hash functions. Unless you have compelling reasons otherwise, it is recommended to use the default settings.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-04.png)
-
-6. Select the size for your outer container. This should be large enough to accomodate both your decoy files and your hidden container that will hold your virtual machine.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-05.png)
-
-7. Now you are prompted to set the password for your outer container. It is important to heed the password recommendations provided by VeraCrypt on this screen. This password is the first layer in the `defense-in-depth` model provided by this system.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-06.png)
-
-8. Now it is time to generate some entropy to base the cryptographic keys upon. Keep your mouse moving for a bit, but do not get carried away and waste too much time here.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-07.png)
-
-9. You have now created the outer volume; follow VeraCrypt's recommendations about placing decoy files within the volume. After completing that step, continue on until you get to the hidden volume encryption options box.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-08.png)
-
-10. Again you are to select the encryption and hash functions, this time for the hidden volume. Unless you have compelling reasons otherwise, it is recommended to use the default settings.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-09.png)
-
-11. When selecting the size for the hidden volume, be sure to leave enough space outside of it for any additional decoy files you would like to place in the outer container.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-10.png)
-
-12. Now you are prompted to set the password for your hidden inner container. Make sure to set a password that is different from the outer volume password. Depending on which password you enter during usage, VeraCrypt will either mount the outer or hidden inner volume. This is the final layer of security before a person has access to your secret virtual machine: take that into consideration when creating you password.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-11.png)
-
-13. When choosing the filesystem to format your hidden container with, it is recommended to choose FAT for compatibility reasons (this may get changed during the installation of whatever OS you decide to install in the hidden partition).<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-12.png)
-
-14. Again, we need to create some entropy for the encryption keys of the hidden volume. The more the better, but again, do not get carried away and waste too much time - remember, you are just trying to add some `true` randomness to the pseudo-random number generator being used to create the keys.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-13.png)
-
-15. You are now done creating the outer encrypted volume (which will hold the decoy and your hidden volume) and the hidden volume itself. Click `Exit.` Now we move on to installing your virtual machine inside of the hidden volume.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-14.png)
-
-## Installing your OS of choice using VirtualBox and VeraCrypt
-
-1. Make sure that you have unmounted any VeraCrypt volumes. Launch the VeraCrypt application if it is not already loaded and select your encrypted container file to mount. After clicking `Mount`, you will be prompted to enter your password. Be sure to enter the password you selected for the hidden container, not the outer container, since this is where we will be storing your new virtual machine.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-15.png)
-
-2. The main VeraCrypt screen should show that the hidden volume is mounted.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-16.png)
-  
-3. Now launch VirtualBox and select `New` to create a new virtual machine.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-17.png)
-  
-4. Continue through the wizard and enter the name and type of OS you will be installing<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-18.png)
-  
-5. Select an appropriate amount of RAM to be allocated to your virtual machine; the more, the better, but remember not to choke out your host OS.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-19.png)
-  
-6. Here you will create the file that will represent your virtual machine disk. Feel free to use the default option unless you will need to be able to open the virtual machine using another VM manager (such as Parallels if you are on a Mac).<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-20.png)
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-21.png)
-  
-7. A dynamically allocated file will be fine - your space is already allocated during the VeraCrypt hidden volume creation process.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-22.png)
-  
-8. Now you will set the location of the file. Put it in the volume mounted by VeraCrypt (remember, this is automatically your hidden volume because you used the hidden volume password when you mounted the file in VeraCrypt). It is recommended that you set the max size to be slightly smaller than the amount of space that you reserved for your hidden volume in VeraCrypt.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-23.png)
-  
-9. The new virtual machine should be created and appear in the main VirtualBox screen. Select the new VM and power it on.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-24.png)
-  
-10. On the first launch of the new VM, you will be met with an installer wizard to help you get your new OS installed in the VM. Continue with the process for installing your OS of choice (either from a downloaded iso or CD/other install media).<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-25.png)
-  
-11. After getting your new system up and running, shut down the VM and right click on the VM in the main VirtualBox screen and click `Settings`. Select `Advanced` under the System heading and change the snapshots storage location to be the mounted hidden VeraCrypt volume. Additionally, you should move the VM's .vbox file from its normal location (usually in the `Virtual Box VMs` directory in your home directory) into the hidden VeraCrypt volume with the .vdi file that represents your virtual machine itself.<br></br>
-  ![](/images-static/uploads/how-to-create-VM-within-hidden-truecrypt-partition-26.png)
-
-## Usage
-
-To launch your new hidden VM, mount your VeraCrypt hidden volume by opening the container file in VeraCrypt, but supply your hidden volume password instead of your outer volume password. Then double click the .vbox file. This will launch VirtualBox and start up the secret VM.
-
-Be sure to unmount the hidden volume in VeraCrypt when you are done using your VM.
-
-The fact that you have a block of encrypted data on your hard drive will be apparent to anyone who inspects your computer. If you are forced to decrypt it, simply provide the outer container password instead of the inner container password and all that will be visible is the decoy files you placed there earlier. There is no way to tell that the remaining encrypted data is not just filler created when VeraCrypt generated the outer container. You now have plausible deniability that there is anything else, let alone a separate virtual machine, on your computer. To read more on why this works, visit <https://veracrypt.fr/en/Documentation.html>
-
-### Caveats
-
-  1. After you are done using your secret VM and have shut it down, be sure to right-click on it in the main VirtualBox screen and select Remove (but not delete all data). This will keep it from being listed if someone launches VirtualBox (though it would not boot anyway if your hidden volume is not mounted). Again, this helps to add to the plausible deniability of the hidden VM's existence.
-  2. Be sure not to create any shared directories or folders between the secret VM and your host OS. You want this VM to be completely segregated from the rest of your computer to eliminate the possibility of data leaking either way.
diff --git a/src/content/es/pages/privacy-guides/how-to-perform-a-vpn-leak-test.md b/src/content/es/pages/privacy-guides/how-to-perform-a-vpn-leak-test.md
deleted file mode 100644
index 6bbaf540a..000000000
--- a/src/content/es/pages/privacy-guides/how-to-perform-a-vpn-leak-test.md
+++ /dev/null
@@ -1,152 +0,0 @@
----
-title: How to perform a VPN leak test
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/how-to-perform-a-vpn-leak-test/
-section: Misc
-weight: 20
-date: 2021-12-14T00:00:00+00:00
-layout: guides-details
----
-OK, so you've setup your VPN client. It runs, and there are no error messages. You can reach the Internet. But how can you ensure that all of your traffic is routed through the VPN tunnel? And even if everything seems OK now, what will happen if the machine sleeps, and then resumes? What if there's an interruption in network connectivity? Or what if you're using Wi-Fi, and switch to a new access point and network? Or if you connect to a network that's fully IPv6 capable? This guide demonstrates how you can conduct a comprehensive VPN leak test.
-
-First, verify that your computer has configured a VPN tunnel. In Windows, open a command prompt, and run `ipconfig /all`. You'll see an ethernet adapter section with the Description "WireGuard Tunnel" or "TAP-Windows Adapter V9". The IPv4 Address will be something like `172.x.y.z` or `10.x.y.z`. In macOS and Linux, open a terminal, and run `ifconfig`. The VPN tunnel adapter is `utun0` in macOS, and `wg0` or `tun0` in Linux.
-
-## Risks from Browser Fingerprinting and IPv6 Leaks
-
-The only way to know whether all traffic is using the VPN tunnel is through testing. But there is some risk in testing for VPN leaks. Browsers can be fingerprinted in various ways. And so sites that you use in testing may see the same browser fingerprints from both your ISP-assigned IP address and your VPN exit IP address. Any adversary that learned your browser's fingerprints could later identify you, even if you were connecting through a VPN and/or Tor, as long as you were using the same browser. A [recent W3C draft guidance][1] states: "elimination of the capability of browser fingerprinting by a determined adversary through solely technical means that are widely deployed is implausible".
-
-WebGL fingerprinting and IPv6 leaks are far worse. WebGL uses the GPU via the OS graphics driver. On a given system, it appears that all browsers with WebGL enabled will have the same WebGL fingerprint. When using VPN services, I recommend blocking WebGL. In Firefox, for example, open "about:config" and toggle "webgl.disabled" to "true". In NoScript options, check "Forbid WebGL" in the "Embeddings" tab.
-
-It appears that systems using a given graphics driver can have the same WebGL fingerprint on hardware with a given GPU. So reinstalling a given OS, or even switching to another OS that uses the same graphics driver, won't change the WebGL fingerprint. This is clearly the case for VirtualBox VMs using the default virtual GPU. For example, browsers on Debian and Lubuntu VMs have the same WebGL fingerprint. But browsers on other OS (unrelated Linux distros, FreeBSD, Windows and macOS) have different WebGL fingerprints. However, the host and VMs use different GPUs (real vs virtual) so there is no overlap in WebGL fingerprints.
-
-It's not uncommon for VPN clients to [leak IPv6 traffic][2]. That's serious, because IPv6 addresses are typically device-specific. And so it's prudent to disable IPv6 in both your OS and your LAN router. It's also prudent to use VPN clients that block IPv6 traffic, or block IPv6 in your firewall. And whenever you first connect through a new LAN or Wi-Fi network, [check IPv6 connectivity][3].
-
-By the way, WebGL fingerprinting is a crucial issue when compartmentalizing across multiple VMs. It's true that you can easily block WebGL fingerprinting in browsers. But it's also prudent to compartmentalize across VMs with different WebGL fingerprints. Whonix instances are another good option, because Tor browser has been hardened to fully block WebGL fingerprinting.
-
-## VPN Leak Test
-
-While doing your VPN leak test, you can use tcpdump to check for traffic that's not using the VPN tunnel. In Windows, you'll need [Wireshark][22] and [wintee][4]. Just put a copy in your user folder. Now list network interface numbers:
-
-Windows:
-
-    tshark -D
-
-macOS:
-
-    sudo tcpdump -D
-
-Linux:
-
-    sudo tcpdump -D
-
-You want the physical network interface. It's typically "1". So to start capturing:
-
-Windows: 
-
-    tshark -i 1 -n -T text -w "C:\tshark-capture.log" -f "not host a.b.c.d" 2>&1 | wtee tcpdump.log
-
-macOS: 
-
-    sudo tcpdump -n -i 1 not host a.b.c.d 2>&1 | tee tcpdump.log
-
-Linux: 
-
-    sudo tcpdump -n -i 1 not host a.b.c.d 2>&1 | tee tcpdump.log
-
-Host a.b.c.d is the VPN server that you're using. Keep the command/terminal window open while you do the following tests, and look for packets with addresses outside your local LAN and/or Wi-Fi networks.
-
-Start by checking your IP address. It's safest to use your VPN provider's website. If they don't report IP address, the next safest bet is arguably [check.torproject.org][5]. If you intend to test for VPN leaks using other sites, I recommend using Tor browser, because it's been hardened to block WebGL fingerprinting, and to otherwise report the same fingerprints for all users. But for now, it's OK to use your default browser. Anyway, you should see your VPN exit IP address.
-
-You also want an ongoing source of network traffic. In a second command/terminal window:
-
-Windows:
-
-    ping -t a.b.c.d 2>&1 | wtee ping.log
-
-macOS:
-
-    ping -n a.b.c.d 2>&1 | tee ping.log
-
-Linux: 
-
-    ping -n a.b.c.d 2>&1 | tee ping.log
-
-If you want pinging with timestamps in Windows or macOS, hacks (more or less ugly) are required:
-
-[Windows:][6]
-
-    ping -t a.b.c.d | cmd /q /v /c "(pause&pause)>nul & for /l %a in () do (set /p "data=" && echo(!time! !data!)&ping -n 2 localhost>nul" 2>&1 | wtee ping.log
-  
-[macOS:][7]
-  
-    ping -n a.b.c.d | while read pong; do echo "$(date): $pong"; done 2>&1 | tee ping.log
-    
-Linux:
-
-    ping -D -n a.b.c.d 2>&1 | tee ping.log
-      
-Custom clients of some VPN providers block pings to their servers through their VPN tunnels. If you see no output, hit Ctrl-C and try pinging a.b.c.1 instead. If that also doesn't work, try 38.229.82.25 (torproject.org). In the traffic capture window, you should see no packets with addresses outside your local LAN and/or Wi-Fi networks (i.e., no non-local traffic captures).
-      
-Now disconnect the machine from the network. That will prevent pings from completing. In Windows, you will see "Request timed out." In macOS and Linux, ping output will just stop. Then reconnect the machine to the network. If all goes well, ping replies should start appearing again. Refresh the IP-check site in your browser. You should still see your VPN exit address. In the traffic capture window, you should still see no non-local captures. In Windows, you may see lots of local traffic. To check more thoroughly, you can view tcpdump.log in a test editor.
-      
-## Failure Modes and Options
-      
-Failure shows up in a few main ways. Most blatantly, the openvpn process (not just the VPN connection) may die after loss of network connectivity. So after network connectivity is restored, the IP-check site will report your ISP-assigned IP address. And you will see numerous non-local traffic captures. Network Manager in Linux is prone to this failure mode, by the way, and should be avoided.
-
-Less blatantly, but more insidiously, the VPN client may reconnect after network connectivity is restored, and the IP-check site will still report your VPN exit IP address. You might not notice any interruption. But you will see non-local traffic captures, generated by pings that succeeded before the VPN tunnel came back up. Just one leaked packet is enough to reveal your ISP-assigned IP address.
-      
-Plain vanilla OpenVPN tends to fail in a way that's somewhat easier to manage, but still dangerous. If a network interruption lasts long enough to kill the VPN connection, OpenVPN can't reestablish the connection. As long as OpenVPN is running, all traffic is routed through the VPN gateway, which is dead. And so there's no network connectivity. Pings will fail, and you will see no traffic captures. Default routing isn't restored until the openvpn process is killed. So one could close apps accessing sensitive network resources, kill the openvpn process, and then reconnect the VPN. Or one could just reboot. But those are tedious hacks, and prone to error.
-      
-You can use the same approach to see how your VPN client responds to other perturbations. Sleep and resume. Change Wi-Fi access points. Use a network with full IPv6 connectivity. Whatever. Inspection of tcpdump.log and ping.log should reveal any leaks.
-      
-If you find that your VPN client leaks, one option is to try another VPN provider, and test their client. However, blocking leaks in Linux is easy with [adrelanos' vpn-firewall][8]. I recommend using it with the built-in openvpn service, not Network Manager. Basically, it allows all apps to use the VPN tunnel, and blocks everything on the physical interface except for connections to the VPN server. You can use the same firewall logic in Windows and macOS. In Windows, you can just use Windows Firewall. In macOS, you can use [IceFloor][9], which is a GUI front end for OpenBSD's PF firewall.
-      
-## Other Kinds of Leaks
-      
-Even if all traffic is being routed through your VPN, it's possible that [DNS requests][10] are going to a DNS server that's operated by, or associated with, your ISP. Even though your requests are coming from the VPN exit, an adversary observing both the DNS server and your ISP traffic could correlate activity. If the VPN server uses the same IP address for access and exit, correlation becomes trivial. Now the adversary knows what sites you are accessing.
-      
-The HTML5 Geolocation API enables a potentially serious leak. It caches and reports available location data. Perhaps you've provided your location, in order to get local weather information. If you use Wi-Fi, your location can be triangulated from accessible access points. If you're using a smartphone, the ID of the base station locates you approximately. And maybe you have GPS turned on. But there's no problem as long as only IP address information is available. The simplest option is to disable geolocation, as explained the [IVPN knowledge base][11].
-      
-WebRTC is another indiscreet HTML5 feature. If enabled in the browser, it reports local IP address. And if IPv6 is functional, it reports local IPv6 address, which is typically device-specific. So it's prudent to prevent WebRTC leaks by installing the "WebRTC Control" browser addon. Also, as noted above, it's prudent to disable IPv6 in the OS, and to block all IPv6 traffic in the firewall.
-      
-Sites that you visit can also estimate the number of intervening routers by inspecting received SYN packets. The default initial time to live (TTL) for SYN packets varies by OS. The browser User-Agent string identifies the OS. And the TTL value is decreased each time the packet passes through a router. The difference between expected and observed TTL provides an estimate for the number of intervening routers.
-      
-If you intend to test for leaks using other third-party sites, I recommend using Tor browser, because it's been hardened to block WebGL fingerprinting, and otherwise to report the same fingerprints for all users. But you obviously don't want to use Tor while testing your VPN. First, download [Tor browser][12] for your OS. Do that with your VPN connected, so your ISP doesn't see. After extracting, start Tor browser. You can probably accept all defaults. Go to advanced network settings, and select "No proxy". Browse about:config, and toggle both "extensions.torlauncher.start_tor" and "network.proxy.socks_remote_dns" to "false". Then browse [check.torproject.org][13]. You should see "Sorry. You are not using Tor." and your VPN exit IP address.
-      
-It's true that you can't investigate WebGL and other fingerprinting using Tor browser. If you choose to test using other browsers, you should be very careful. As noted above, all WebGL-capable browsers on a given system will have the same WebGL fingerprint. So you should avoid using the same system with and without a VPN connected. You should also avoid using different VPN services, unless you don't care that the system will be associated with both. Furthermore, if you use VMs, you should not use related operating systems with and without a VPN, or with different VPN services.
-      
-## Summary
-      
-Bottom line, here are the key tests, and the results that you should get:
-
-* [IPv6 address test][14]: No IPv6 address detected
-* [IP address test][15]: expected IP addresses with and without VPN connected
-* [Geolocation test][16]: browser doesn't support geolocation API
-* [Java test][17]: not found, or disabled
-* [WebGL test][18]: WebGL blocked by NoScript
-* [WebRTC test][19]: not enabled
-* [Panopticlick][20]: browser protects from fingerprinting
-* [DNS Leak Test (use extended test)][21]: different DNS server(s) with and without VPN connected
-
- [1]: https://w3c.github.io/fingerprinting-guidance/
- [2]: https://haddadi.github.io/papers/PETS2015VPN.pdf
- [3]: https://test-ipv6.com/
- [4]: https://code.google.com/archive/p/wintee/
- [5]: https://check.torproject.org/
- [6]: https://stackoverflow.com/questions/24906268/ping-with-timestamp
- [7]: https://stackoverflow.com/questions/10679807/how-to-timestamp-every-ping-result
- [8]: https://github.com/adrelanos/VPN-Firewall
- [9]: https://www.hanynet.com/icefloor/
- [10]: https://en.wikipedia.org/wiki/Domain_Name_System
- [11]: https://www.ivpn.net/knowledgebase/troubleshooting/my-real-location-is-detected-when-connected-to-vpn-how-to-disable-geolocation/
- [12]: https://www.torproject.org/download/download
- [13]: https://check.torproject.org/
- [14]: https://test-ipv6.com/
- [15]: https://www.browserleaks.com/whois
- [16]: https://www.browserleaks.com/geo
- [17]: https://www.browserleaks.com/java
- [18]: https://www.browserleaks.com/webgl
- [19]: https://www.browserleaks.com/webrtc
- [20]: https://panopticlick.eff.org/
- [21]: https://dnsleaktest.com/
- [22]: https://www.wireshark.org/
diff --git a/src/content/es/pages/privacy-guides/how-to-verify-physical-locations-of-internet-servers.md b/src/content/es/pages/privacy-guides/how-to-verify-physical-locations-of-internet-servers.md
deleted file mode 100644
index 0474e41cc..000000000
--- a/src/content/es/pages/privacy-guides/how-to-verify-physical-locations-of-internet-servers.md
+++ /dev/null
@@ -1,922 +0,0 @@
----
-title: How to verify physical locations of Internet servers
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/how-to-verify-physical-locations-of-internet-servers/
-section: Misc
-weight: 30
-date: 2018-04-18T09:10:09+00:00
-layout: guides-details
----
-## Introduction
-
-VPN services compete in many ways. On speed, torrent-friendliness, privacy and no-logging, edginess, price, technical elegance, multi-hop routing, customer support, and so on. However, choice of server locations remains a major issue for many users. IVPN has 77 servers in 44 cities in 31 countries. AirVPN has appreciably more, with 216 servers in 35 cities in 19 countries. But HideMyAss (HMA) is mind-bogglingly huge, with over 700 servers in over 280 locations, in over 210 countries. That's basically every country on the planet. And it costs less than either IVPN or AirVPN.
-
-OK, but how do users know whether VPN servers are located where providers claim? People commonly use such sites as [whatismyipaddress.com][1], [ipinfo.io][2], [browserleaks.com][3] or [mycurrentlocation.net][4]. But they just provide information from various geolocation databases, such as [maxmind.com][5]. And if you're connected through a VPN server, you can search [google.com][6] for `my location` to see where Google considers it to be.
-
-Still, how can you verify that? Well, you can ping VPN servers, to get round-trip travel time (rtt). The speed of light in vacuum is 300 km/msec, and about 180 km/msec in fiber optic cable. And about 150 km/msec for electrons in copper wire. See [here][7]. However, rtt doesn't depend just on distance and transmission speed. It [also depends][8] on `the number of hops (routers and switches) between the` probe and target. There are delays from both processing and caching, and those delays are typically substantial, relative to transmission times. For example, the rtt to my LAN router is 0.3 msec, which implies a physical distance of 45 km (not 90 km, because ping is a round trip). That's much greater than the actual distance, which is ~15 m.
-
-Also, connections [don't][8] always take the shortest path, because paths depend on peering agreements between ISPs: `Two computers in the same city, but connected to the internet via different ISPs may route through a city hundreds of miles away.` Because those two ISPs don't peer directly with each other.
-
-Bottom line, given unknown routing and equipment latencies, it's generally not feasible to triangulate using multiple rtt measurements. Actually, [peering][9] isn't unknown. However, projecting actual routing and minimum rtt from Border Gateway Protocol (BGP) information is utterly nontrivial. 
-
-OK, so what _can_ you do? Well, I hadn't thought much about the issue, until seeing [this][10] by Restore Privacy. It turns out that there are services for pinging target servers from numerous probes, such as [ping.pe][11], [asm.ca.com][12] and [maplatency.com][13]. The probe with the smallest minimum rtt is typically closest to the target. Arguably, because confounding factors all increase rtt, and speed can not exceed that of light in a vacuum.
-
-In my experience, you can be especially confident when the smallest minimum rtt is a few msec. When the smallest minimum rtt is greater than that, and another minimum rtt is just a little greater, differences in routing and equipment latencies may account for the difference. So the probe with the smallest minimum rtt may not actually be closest to the server, and no firm conclusions about geolocation can be drawn. However, while geolocation can be ambiguous, one thing is clear. The speed of signal transmission _can not_ exceed the speed of light in a vacuum, and such speed violations indicate discrepancies in probe or server geolocation, or errors in minimum rtt measurements.
-
-I will show some results for AirVPN, HMA and IVPN servers, but only as examples. I collected data in mid-late 2017, and providers may have made changes since then. Generally, I found that AirVPN and IVPN servers are apparently located where providers claim. But many HMA servers are apparently located in a few data centers. I also found a few probes that are apparently mislocated. And a few interesting artifacts of peering and routing.
-
-## Methods
-
-It's crucial to identify VPN servers by IPv4 address, and not hostname. Because each hostname may point to multiple servers with different IPv4, and you may get confusing results. Also, providers may weak primary name servers to specify the least-loaded server for each hostname. So anyway, just test each IP address explicitly.
-
-Collect minimum rtt aka ping data from such services as [ping.pe][14], [asm.ca.com][12] and [maplatency.com][13]. In collecting ping data, I used Firefox with the iMacros plug-in forping.pe and asm.ca.com. I paid for maplatency.com access, and used their command-line tools, because that provides far better probe coverage, and more information about probes (including latitude and longitude). However, this was months ago, and subsequent changes in Firefox, iMacros and the ping websites may have complicated things. I see that asm.ca.com had added a CAPTCHA, but perhaps one can purchase access. I also see that ping.pe is often overloaded. Anyway, I'll not get into automation methods. It's not too tedious to check a few servers using ping.pe and asm.ca.com manually.
-
-Initially, I calculated probe-server distances using various sites that use Google Maps data. But that quickly became very tedious, because I had to get each city-city distance individually. And so I switched to calculating great-circle distances between servers and probes, from latitude and longitude, using the [spherical law of cosines][15]. With paid access, maplatency.com provides latitude and longitude for probes. For VPN server and other probes, I got latitude and longitude from [ipinfo.io][2]. If the VPN provider lists locations for its servers, use those initially. If it doesn't, get locations from [whatismyipaddress.com][1] or whatever. Now you have minimum rtt (msec) and distance (km) for each combination of server and probe.
-
-For analyzing data, I primarily used MySQL with MySQL Workbench, and then LibreOffice Calc for final analysis and charting. For humongous spreadsheets, I used Microsoft Excel. For massaging text files, I used mainly Linux gedit, grep and sed. For massaging humongous text files, I used UltraEdit in Windows.
-
-Some asm.ca.com probes are apparently mislocated. It's pretty clear that the probe `United Kingdom - Edinburgh (gbedi01)` is in London, UK. And that the probe `France - Lille (frlle02)` is in Paris, FR. So I've generally adjusted results accordingly. There are also some less clear mislocations. The probe `Ukraine - Kharkov (uahrk02)` is perhaps in Kiev, UA. And the probe `Panama - Panama City (papty02)` is perhaps somewhere in Florida, US. Also, maplatency.com doesn't report latitude and longitude for a few probes, and values for others are clearly wrong.
-
-## Analysis
-
-It's instructive to look at minimum rtt vs server-probe distance data for all VPN servers and all probes. Note that data for AirVPN and IVPN generally fall above a line corresponding to signal transmission at about half lightspeed. But there's data for HMA at ~0 msec for distances under 12000 km. That is, the HMA data implies substantial signal transmission that's implausibly fast (greater than 300 km/msec, the speed of light in a vacuum).
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/All-IVPN-All-Probes-rtt-under-500-msec-light.png"
-        srcset="/images-static/uploads/All-IVPN-All-Probes-rtt-under-500-msec-light.png 1x, /images-static/uploads/All-IVPN-All-Probes-rtt-under-500-msec-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/All-IVPN-All-Probes-rtt-under-500-msec-dark.png"
-        srcset="/images-static/uploads/All-IVPN-All-Probes-rtt-under-500-msec-dark.png 1x, /images-static/uploads/All-IVPN-All-Probes-rtt-under-500-msec-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/All-AirVPN-All-Probes-rtt-under-500-msec-light.png"
-        srcset="/images-static/uploads/All-AirVPN-All-Probes-rtt-under-500-msec-light.png 1x, /images-static/uploads/All-AirVPN-All-Probes-rtt-under-500-msec-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/All-AirVPN-All-Probes-rtt-under-500-msec-dark.png"
-        srcset="/images-static/uploads/All-AirVPN-All-Probes-rtt-under-500-msec-dark.png 1x, /images-static/uploads/All-AirVPN-All-Probes-rtt-under-500-msec-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/All-HMA-All-Probes-rtt-under-500-msec-light.png"
-        srcset="/images-static/uploads/All-HMA-All-Probes-rtt-under-500-msec-light.png 1x, /images-static/uploads/All-HMA-All-Probes-rtt-under-500-msec-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/All-HMA-All-Probes-rtt-under-500-msec-dark.png"
-        srcset="/images-static/uploads/All-HMA-All-Probes-rtt-under-500-msec-dark.png 1x, /images-static/uploads/All-HMA-All-Probes-rtt-under-500-msec-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-I calculated the maximum ping transmission speed (which is twice distance, divided by minimum rtt) observed for each server IPv4 address. Then I aggregated speed in suitable bins, and charted as histograms. For a given server-probe distance, server-probe combinations with the smallest rtt have the greatest ping transmission speed.
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/AirVPN-IVPN-PIA-speed-histograms-light.png"
-        srcset="/images-static/uploads/AirVPN-IVPN-PIA-speed-histograms-light.png 1x, /images-static/uploads/AirVPN-IVPN-PIA-speed-histograms-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/AirVPN-IVPN-PIA-speed-histograms-dark.png"
-        srcset="/images-static/uploads/AirVPN-IVPN-PIA-speed-histograms-dark.png 1x, /images-static/uploads/AirVPN-IVPN-PIA-speed-histograms-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-I found just three IVPN server IPv4, and five AirVPN server IPv4, with maximum ping transmission speeds apparently faster than light.
-
-{{< raw-html >}}
-<table class="table-container" cellspacing="3" style="max-width: 100%;">
-  <tr>
-    <td>
-      <b>VPN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</b>
-    </td>
-    <td>
-      <b>Server</b>
-    </td>
-    <td>
-      <b>IPv4&nbsp;Address</b>
-    </td>
-    <td>
-      <b>Server&nbsp;Location</b>
-    </td>
-    <td>
-      <b>Ping&nbsp;Service</b>
-    </td>
-    <td>
-      <b>Probe</b>
-    </td>
-    <td>
-      <b>Distance</b>
-    </td>
-    <td>
-      <b>Min&nbsp;rtt</b>
-    </td>
-    <td>
-      <b>Max&nbsp;Speed</b>
-    </td>
-  </tr>
-  <tr>
-    <td>
-      <b></b>
-    </td>
-    <td>
-      <b></b>
-    </td>
-    <td>
-      <b></b>
-    </td>
-    <td>
-      <b></b>
-    </td>
-    <td>
-      <b></b>
-    </td>
-    <td>
-      <b></b>
-    </td>
-    <td>
-      <b>(km)</b>
-    </td>
-    <td>
-      <b>(msec)</b>
-    </td>
-    <td>
-      <b>(km/msec)</b>
-    </td>
-  </tr>
-  <tr>
-    <td>
-      IVPN
-    </td>
-    <td>
-      gb3.gw.ivpn.net
-    </td>
-    <td>
-      88.202.186.42
-    </td>
-    <td>
-      London, UK
-    </td>
-    <td>
-      asm.ca.com
-    </td>
-    <td>
-      United_Kingdom_Edinburgh_gbedi01
-    </td>
-    <td>
-      534
-    </td>
-    <td>
-      1.9
-    </td>
-    <td>
-      563
-    </td>
-  </tr>
-  <tr>
-    <td>
-      IVPN
-    </td>
-    <td>
-      gb1.gw.ivpn.net
-    </td>
-    <td>
-      109.123.101.190
-    </td>
-    <td>
-      London, UK
-    </td>
-    <td>
-      asm.ca.com
-    </td>
-    <td>
-      United_Kingdom_Edinburgh_gbedi01
-    </td>
-    <td>
-      534
-    </td>
-    <td>
-      2.1
-    </td>
-    <td>
-      520
-    </td>
-  </tr>
-  <tr>
-    <td>
-      IVPN
-    </td>
-    <td>
-      gb2.gw.ivpn.net
-    </td>
-    <td>
-      46.28.49.140
-    </td>
-    <td>
-      London, UK
-    </td>
-    <td>
-      asm.ca.com
-    </td>
-    <td>
-      United_Kingdom_Edinburgh_gbedi01
-    </td>
-    <td>
-      534
-    </td>
-    <td>
-      2.1
-    </td>
-    <td>
-      512
-    </td>
-  </tr>
-  <tr>
-    <td>
-      AirVPN
-    </td>
-    <td>
-      eridanus.airvpn.org
-    </td>
-    <td>
-      185.183.106.2
-    </td>
-    <td>
-      Barcelona, ES
-    </td>
-    <td>
-      asm.ca.com
-    </td>
-    <td>
-      Spain_Madrid_esmad02
-    </td>
-    <td>
-      505
-    </td>
-    <td>
-      0.4
-    </td>
-    <td>
-      2525
-    </td>
-  </tr>
-  <tr>
-    <td>
-      AirVPN
-    </td>
-    <td>
-      alcor.airvpn.org
-    </td>
-    <td>
-      91.231.84.39
-    </td>
-    <td>
-      Kiev, UA
-    </td>
-    <td>
-      asm.ca.com
-    </td>
-    <td>
-      Ukraine_Kharkov_uahrk02
-    </td>
-    <td>
-      409
-    </td>
-    <td>
-      0.8
-    </td>
-    <td>
-      1023
-    </td>
-  </tr>
-  <tr>
-    <td>
-      AirVPN
-    </td>
-    <td>
-      asterion.airvpn.org
-    </td>
-    <td>
-      217.151.98.167
-    </td>
-    <td>
-      London, UK
-    </td>
-    <td>
-      asm.ca.com
-    </td>
-    <td>
-      United_Kingdom_Edinburgh_gbedi01
-    </td>
-    <td>
-      534
-    </td>
-    <td>
-      1.9
-    </td>
-    <td>
-      562
-    </td>
-  </tr>
-  <tr>
-    <td>
-      AirVPN
-    </td>
-    <td>
-      alshain.airvpn.org
-    </td>
-    <td>
-      217.151.98.162
-    </td>
-    <td>
-      London, UK
-    </td>
-    <td>
-      asm.ca.com
-    </td>
-    <td>
-      United_Kingdom_Edinburgh_gbedi01
-    </td>
-    <td>
-      534
-    </td>
-    <td>
-      2.0
-    </td>
-    <td>
-      534
-    </td>
-  </tr>
-  <tr>
-    <td>
-      AirVPN
-    </td>
-    <td>
-      algedi.airvpn.org
-    </td>
-    <td>
-      80.84.49.4
-    </td>
-    <td>
-      London, UK
-    </td>
-    <td>
-      asm.ca.com
-    </td>
-    <td>
-      United_Kingdom_Edinburgh_gbedi01
-    </td>
-    <td>
-      534
-    </td>
-    <td>
-      3.1
-    </td>
-    <td>
-      345
-    </td>
-  </tr>
-</table>
-{{< / raw-html >}}
-
-However, I found 381 HMA server IPv4 with maximum ping transmission speeds apparently faster than light in a vacuum. Although there are too many to list, it's interesting that many involve probes in Miami, FL, US; Seattle, WA, US; and Prague, CZ. That is, many of these 381 HMA servers, supposedly located all over the world, have minimum observed rtt for probes in a few cities. And impossibly huge maximum ping transmission speeds. This would be expected if those HMA servers were actually located in data centers in those cities. But more about that, later.
-
-All three IVPN server IPv4 with implausibly fast ping transmission speeds, and three of the five for AirVPN, involve the asm.ca.com probe `gbedi01`, reportedly located in Edinburgh, UK. However, that probe seems actually to be located in London, UK. 
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/AirVPN-IVPN-PIA-gbedi01-light.png"
-        srcset="/images-static/uploads/AirVPN-IVPN-PIA-gbedi01-light.png 1x, /images-static/uploads/AirVPN-IVPN-PIA-gbedi01-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/AirVPN-IVPN-PIA-gbedi01-dark.png"
-        srcset="/images-static/uploads/AirVPN-IVPN-PIA-gbedi01-dark.png 1x, /images-static/uploads/AirVPN-IVPN-PIA-gbedi01-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-Regarding the AirVPN server `eridanus.airvpn.org`, either of two adjustments resolves the speed violation: 1) assuming that the asm.ca.com probe `esmad02` is closer to Barcelona, ES than to Madrid, ES; or 2) assuming that the server is closer to Madrid, ES than to Barcelona, ES. However, locating the asm.ca.com probe `esmad02` in Barcelona, ES would create discrepancies for other servers reportedly in Madrid, ES: AirVPN server `mekbuda.airvpn.org`, IVPN server `es1.gw.ivpn.net`, and five IPVanish servers. 
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-light.png"
-        srcset="/images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-light.png 1x, /images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-dark.png"
-        srcset="/images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-dark.png 1x, /images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Server-light.png"
-        srcset="/images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Server-light.png 1x, /images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Server-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Server-dark.png"
-        srcset="/images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Server-dark.png 1x, /images-static/uploads/AirVPN-eridanus.airvpn.org-All-Probes-under-4000-km-Tweak-Server-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-Regarding the AirVPN server `alcor.airvpn.org`, either of two adjustments similarly resolves the speed violation: 1) assuming that the asm.ca.com probe `uahrk02` is in Kharkivska, Kiev, UA instead of Kharkov, UA; or 2) assuming that the server is closer to Kharkov, UA than to Kiev, UA. However, there are no other nearby VPN servers in my data.
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-light.png"
-        srcset="/images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-light.png 1x, /images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-dark.png"
-        srcset="/images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-dark.png 1x, /images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Probe-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Server-light.png"
-        srcset="/images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Server-light.png 1x, /images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Server-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Server-dark.png"
-        srcset="/images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Server-dark.png 1x, /images-static/uploads/AirVPN-alcor.airvpn.org-All-Probes-under-4000-km-Tweak-Server-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-There are far too many HMA server IPv4 to discuss individually, so I'll do four that are representative: `fun-tv.prcdn.net`, `ppg-as.prcdn.net`, `bue-ar.prcdn.net` and `cys-wy-us.prcdn.net`.
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/HMA-fun-tv.prcdn_.net-5.62.58.220-All-Probes-Tweak-Server-light.png"
-        srcset="/images-static/uploads/HMA-fun-tv.prcdn_.net-5.62.58.220-All-Probes-Tweak-Server-light.png 1x, /images-static/uploads/HMA-fun-tv.prcdn_.net-5.62.58.220-All-Probes-Tweak-Server-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/HMA-fun-tv.prcdn_.net-5.62.58.220-All-Probes-Tweak-Server-dark.png"
-        srcset="/images-static/uploads/HMA-fun-tv.prcdn_.net-5.62.58.220-All-Probes-Tweak-Server-dark.png 1x, /images-static/uploads/HMA-fun-tv.prcdn_.net-5.62.58.220-All-Probes-Tweak-Server-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/HMA-ppg-as.prcdn_.net-5.62.58.4-All-Probes-Tweak-Server-light.png"
-        srcset="/images-static/uploads/HMA-ppg-as.prcdn_.net-5.62.58.4-All-Probes-Tweak-Server-light.png 1x, /images-static/uploads/HMA-ppg-as.prcdn_.net-5.62.58.4-All-Probes-Tweak-Server-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/HMA-ppg-as.prcdn_.net-5.62.58.4-All-Probes-Tweak-Server-dark.png"
-        srcset="/images-static/uploads/HMA-ppg-as.prcdn_.net-5.62.58.4-All-Probes-Tweak-Server-dark.png 1x, /images-static/uploads/HMA-ppg-as.prcdn_.net-5.62.58.4-All-Probes-Tweak-Server-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/HMA-bue-ar.prcdn_.net-5.62.58.16-All-Probes-Tweak-Server-light.png"
-        srcset="/images-static/uploads/HMA-bue-ar.prcdn_.net-5.62.58.16-All-Probes-Tweak-Server-light.png 1x, /images-static/uploads/HMA-bue-ar.prcdn_.net-5.62.58.16-All-Probes-Tweak-Server-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/HMA-bue-ar.prcdn_.net-5.62.58.16-All-Probes-Tweak-Server-dark.png"
-        srcset="/images-static/uploads/HMA-bue-ar.prcdn_.net-5.62.58.16-All-Probes-Tweak-Server-dark.png 1x, /images-static/uploads/HMA-bue-ar.prcdn_.net-5.62.58.16-All-Probes-Tweak-Server-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/HMA-cys-wy-us.prcdn_.net-5.62.59.72-All-Probes-Tweak-Server-light.png"
-        srcset="/images-static/uploads/HMA-cys-wy-us.prcdn_.net-5.62.59.72-All-Probes-Tweak-Server-light.png 1x, /images-static/uploads/HMA-cys-wy-us.prcdn_.net-5.62.59.72-All-Probes-Tweak-Server-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/HMA-cys-wy-us.prcdn_.net-5.62.59.72-All-Probes-Tweak-Server-dark.png"
-        srcset="/images-static/uploads/HMA-cys-wy-us.prcdn_.net-5.62.59.72-All-Probes-Tweak-Server-dark.png 1x, /images-static/uploads/HMA-cys-wy-us.prcdn_.net-5.62.59.72-All-Probes-Tweak-Server-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-In all four cases, the rtt vs distance data have a roughly `V` shape. Minimum rtt tends to decrease with increasing distance, intercepts (or nearly so) the distance axis, and then tends to increase as distance increases further. Where the intercept distance is greater than about 10,000 km, the linear least-squares fit actually has a negative slope. In any case, the intercept probe is arguably closest to the server. Making that assumption, one can recalculate server-probe distances. In each case, doing so leads to a more-or-less linear distance-rtt relationship, with a least-squares fit having a better coefficient of determination (R&sup2;).
-
-For all four HMA examples, the lowest rtt probe is in Miami, FL, US. And generally for other HMA server IPv4, lowest rtt probes are commonly in Miami, FL, US; Seattle, WA, US; or Prague, CZ. So perhaps many HMA server IPv4 are actually located in a relatively small number of data centers, rather they're claimed to be. To test for that, one can look at a VPN's server IPv4 pinged from probes in a particular city, such as Vancouver, BC, CA. 
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/All-IVPN-Vancouver-Probes-light.png"
-        srcset="/images-static/uploads/All-IVPN-Vancouver-Probes-light.png 1x, /images-static/uploads/All-IVPN-Vancouver-Probes-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/All-IVPN-Vancouver-Probes-dark.png"
-        srcset="/images-static/uploads/All-IVPN-Vancouver-Probes-dark.png 1x, /images-static/uploads/All-IVPN-Vancouver-Probes-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/All-AirVPN-Vancouver-Probes-light.png"
-        srcset="/images-static/uploads/All-AirVPN-Vancouver-Probes-light.png 1x, /images-static/uploads/All-AirVPN-Vancouver-Probes-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/All-AirVPN-Vancouver-Probes-dark.png"
-        srcset="/images-static/uploads/All-AirVPN-Vancouver-Probes-dark.png 1x, /images-static/uploads/All-AirVPN-Vancouver-Probes-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/All-HMA-Vancouver-Probes-light.png"
-        srcset="/images-static/uploads/All-HMA-Vancouver-Probes-light.png 1x, /images-static/uploads/All-HMA-Vancouver-Probes-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/All-HMA-Vancouver-Probes-dark.png"
-        srcset="/images-static/uploads/All-HMA-Vancouver-Probes-dark.png 1x, /images-static/uploads/All-HMA-Vancouver-Probes-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-HMA server IPv4 clearly fall in several bands. Each band has similar minimum rtt, within about 1-2 msec, but distances that span about 8,000-10,000 km. But there's little of that in either the IVPN or AirVPN data. Doing the same analysis for probes in many cities, similar bands are evident, at various minimum rtt levels. But what's interesting is that bands from multiple probes include largely the same set of server IPv4.
-
-I've identified four such largely invariant bands. Based on the probes where each band has minimum rtt ~0 msec, those arguably represent data centers in London, UK; Miami, FL, US; Prague, CZ; and Seattle, WA, US. Some servers apparently have IPv4 in multiple data centers. If I assume that each server IPv4 is located in its apparent data center, rather than where it's asserted to be, I get the expected relationship between server-probe distance and minimum rtt. With no lightspeed violations.
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/HMA-London-Miami-Prague-Seattle-DCs-All-Probes-light.png"
-        srcset="/images-static/uploads/HMA-London-Miami-Prague-Seattle-DCs-All-Probes-light.png 1x, /images-static/uploads/HMA-London-Miami-Prague-Seattle-DCs-All-Probes-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/HMA-London-Miami-Prague-Seattle-DCs-All-Probes-dark.png"
-        srcset="/images-static/uploads/HMA-London-Miami-Prague-Seattle-DCs-All-Probes-dark.png 1x, /images-static/uploads/HMA-London-Miami-Prague-Seattle-DCs-All-Probes-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-There are six IVPN and AirVPN server IPv4 where the nearest probe doesn't have the smallest minimum rtt, although there are no lightspeed violations. 
-
-{{< raw-html >}}
-<table cellspacing="3">
-  <tr>
-    <td>
-      <b>VPN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</b>
-    </td>
-    <td>
-      <b>Server</b>
-    </td>
-    <td>
-      <b>IPv4&nbsp;Address</b>
-    </td>
-    <td>
-      <b>Server&nbsp;Location&nbsp;</b>
-    </td>
-    <td>
-      <b>Probe&nbsp;Location&nbsp;</b>
-    </td>
-    <td>
-      <b>Distance&nbsp;</b>
-    </td>
-    <td>
-      <b>Min&nbsp;rtt&nbsp;</b>
-    </td>
-    <td>
-      <b>Max&nbsp;Speed</b>
-    </td>
-  </tr>
-  <tr>
-    <td>
-      <b></b>
-    </td>
-    <td>
-      <b></b>
-    </td>
-    <td>
-      <b></b>
-    </td>
-    <td>
-      <b></b>
-    </td>
-    <td>
-      <b></b>
-    </td>
-    <td>
-      <b>(km)</b>
-    </td>
-    <td>
-      <b>(msec)</b>
-    </td>
-    <td>
-      <b>(km/msec)</b>
-    </td>
-  </tr>
-  <tr>
-    <td>
-      IVPN
-    </td>
-    <td>
-      is1.gw.ivpn.net
-    </td>
-    <td>
-      82.221.107.178
-    </td>
-    <td>
-      Reykjavik, IS
-    </td>
-    <td>
-      Amsterdam, NL
-    </td>
-    <td>
-      2011
-    </td>
-    <td>
-      36.0
-    </td>
-    <td>
-      112
-    </td>
-  </tr>
-  <tr>
-    <td>
-      IVPN
-    </td>
-    <td>
-      ch2.gw.ivpn.net
-    </td>
-    <td>
-      136.0.0.194
-    </td>
-    <td>
-      Zurich, CH
-    </td>
-    <td>
-      Geneva, CH
-    </td>
-    <td>
-      224
-    </td>
-    <td>
-      4.4
-    </td>
-    <td>
-      101
-    </td>
-  </tr>
-  <tr>
-    <td>
-      IVPN
-    </td>
-    <td>
-      ch3.gw.ivpn.net
-    </td>
-    <td>
-      141.255.166.194
-    </td>
-    <td>
-      Zurich, CH
-    </td>
-    <td>
-      Milan, IT
-    </td>
-    <td>
-      218
-    </td>
-    <td>
-      7.5
-    </td>
-    <td>
-      58
-    </td>
-  </tr>
-  <tr>
-    <td>
-      IVPN
-    </td>
-    <td>
-      ch1.gw.ivpn.net
-    </td>
-    <td>
-      141.255.164.66
-    </td>
-    <td>
-      Zurich, CH
-    </td>
-    <td>
-      Milan, IT
-    </td>
-    <td>
-      218
-    </td>
-    <td>
-      7.6
-    </td>
-    <td>
-      58
-    </td>
-  </tr>
-  <tr>
-    <td>
-      AirVPN
-    </td>
-    <td>
-      virginis.airvpn.org
-    </td>
-    <td>
-      46.19.137.114
-    </td>
-    <td>
-      Bern, CH
-    </td>
-    <td>
-      Milan, Italy
-    </td>
-    <td>
-      213
-    </td>
-    <td>
-      1.8
-    </td>
-    <td>
-      237
-    </td>
-  </tr>
-  <tr>
-    <td>
-      AirVPN
-    </td>
-    <td>
-      nunki.airvpn.org
-    </td>
-    <td>
-      78.129.153.40
-    </td>
-    <td>
-      Manchester, UK
-    </td>
-    <td>
-      London, UK
-    </td>
-    <td>
-      262
-    </td>
-    <td>
-      2.4
-    </td>
-    <td>
-      218
-    </td>
-  </tr>
-</table>
-{{< / raw-html >}}
-
-Most notably, the lowest-rtt probe for IVPN server `is1.gw.ivpn.net` is in Amsterdam, NL. The data is somewhat `V` shaped, with the lowest minimum rtt at ~2,000 km. And indeed, the distance between Reykjavik, IS and Amsterdam, NL is 2013 km. However, given my long-term working relationship with IVPN, one of their network engineers verified that this server is indeed in Reykjavik, IS. It's also unlikely that the maplatency.com probe `IS midlar ehf` is actually in Amsterdam, because that's an AS in [Iceland][16]. It's arguably most likely that the probe (in [Iceland AS60300][16]) and `is1.gw.ivpn.net` (in [Iceland AS44515][17]) just weren't peering directly, but instead through an AS near Amsterdam. 
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/IVPN-is1.gw_.ivpn_.net-All-Probes-under-4000-km-light.png"
-        srcset="/images-static/uploads/IVPN-is1.gw_.ivpn_.net-All-Probes-under-4000-km-light.png 1x, /images-static/uploads/IVPN-is1.gw_.ivpn_.net-All-Probes-under-4000-km-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/IVPN-is1.gw_.ivpn_.net-All-Probes-under-4000-km-dark.png"
-        srcset="/images-static/uploads/IVPN-is1.gw_.ivpn_.net-All-Probes-under-4000-km-dark.png 1x, /images-static/uploads/IVPN-is1.gw_.ivpn_.net-All-Probes-under-4000-km-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-Less dramatically, the lowest-rtt probes for four server IPv4 in Switzerland are at ~200 km. I've verified with IVPN that its Swiss servers are actually located in Zurich, CH. However, an engineer did find that minimum rtt for `ch1.gw.ivpn.net`-`ch2.gw.ivpn.net` and `ch3.gw.ivpn.net`-`ch2.gw.ivpn.net` are greater than that for `ch1.gw.ivpn.net`-`ch3.gw.ivpn.net`. Again, it appears that there are peering issues.
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/IVPN-ch1.gw_.ivpn_.net-All-Probes-under-4000-km-light.png"
-        srcset="/images-static/uploads/IVPN-ch1.gw_.ivpn_.net-All-Probes-under-4000-km-light.png 1x, /images-static/uploads/IVPN-ch1.gw_.ivpn_.net-All-Probes-under-4000-km-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/IVPN-ch1.gw_.ivpn_.net-All-Probes-under-4000-km-dark.png"
-        srcset="/images-static/uploads/IVPN-ch1.gw_.ivpn_.net-All-Probes-under-4000-km-dark.png 1x, /images-static/uploads/IVPN-ch1.gw_.ivpn_.net-All-Probes-under-4000-km-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/IVPN-ch2.gw_.ivpn_.net-All-Probes-under-4000-km-light.png"
-        srcset="/images-static/uploads/IVPN-ch2.gw_.ivpn_.net-All-Probes-under-4000-km-light.png 1x, /images-static/uploads/IVPN-ch2.gw_.ivpn_.net-All-Probes-under-4000-km-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/IVPN-ch2.gw_.ivpn_.net-All-Probes-under-4000-km-dark.png"
-        srcset="/images-static/uploads/IVPN-ch2.gw_.ivpn_.net-All-Probes-under-4000-km-dark.png 1x, /images-static/uploads/IVPN-ch2.gw_.ivpn_.net-All-Probes-under-4000-km-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/IVPN-ch3.gw_.ivpn_.net-All-Probes-under-4000-km-light.png"
-        srcset="/images-static/uploads/IVPN-ch3.gw_.ivpn_.net-All-Probes-under-4000-km-light.png 1x, /images-static/uploads/IVPN-ch3.gw_.ivpn_.net-All-Probes-under-4000-km-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/IVPN-ch3.gw_.ivpn_.net-All-Probes-under-4000-km-dark.png"
-        srcset="/images-static/uploads/IVPN-ch3.gw_.ivpn_.net-All-Probes-under-4000-km-dark.png 1x, /images-static/uploads/IVPN-ch3.gw_.ivpn_.net-All-Probes-under-4000-km-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/AirVPN-virginis.airvpn.org-All-Probes-under-4000-km-light.png"
-        srcset="/images-static/uploads/AirVPN-virginis.airvpn.org-All-Probes-under-4000-km-light.png 1x, /images-static/uploads/AirVPN-virginis.airvpn.org-All-Probes-under-4000-km-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/AirVPN-virginis.airvpn.org-All-Probes-under-4000-km-dark.png"
-        srcset="/images-static/uploads/AirVPN-virginis.airvpn.org-All-Probes-under-4000-km-dark.png 1x, /images-static/uploads/AirVPN-virginis.airvpn.org-All-Probes-under-4000-km-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-Also problematic are the AirVPN server `nunki.airvpn.org`, with the lowest-rtt probe at ~250 km, and the IVPN server `ut1.gw.ivpn.net`, with the lowest-rtt probe at ~600 km. I've verified with IVPN that its server is actually located in Salt Lake City. It's apparently peering again. That is, the server and probe ISPs don't peer directly, but only through a distant ISP. So the probe that's closest physically doesn't have the smallest rtt.
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/AirVPN-nunki.airvpn.org-All-Probes-under-4000-km-light.png"
-        srcset="/images-static/uploads/AirVPN-nunki.airvpn.org-All-Probes-under-4000-km-light.png 1x, /images-static/uploads/AirVPN-nunki.airvpn.org-All-Probes-under-4000-km-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/AirVPN-nunki.airvpn.org-All-Probes-under-4000-km-dark.png"
-        srcset="/images-static/uploads/AirVPN-nunki.airvpn.org-All-Probes-under-4000-km-dark.png 1x, /images-static/uploads/AirVPN-nunki.airvpn.org-All-Probes-under-4000-km-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/IVPN-ut1.gw_.ivpn_.net-All-Probes-under-4000-km-light.png"
-        srcset="/images-static/uploads/IVPN-ut1.gw_.ivpn_.net-All-Probes-under-4000-km-light.png 1x, /images-static/uploads/IVPN-ut1.gw_.ivpn_.net-All-Probes-under-4000-km-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/IVPN-ut1.gw_.ivpn_.net-All-Probes-under-4000-km-dark.png"
-        srcset="/images-static/uploads/IVPN-ut1.gw_.ivpn_.net-All-Probes-under-4000-km-dark.png 1x, /images-static/uploads/IVPN-ut1.gw_.ivpn_.net-All-Probes-under-4000-km-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-Peering issues can also impact multiple probes. One of the three AirVPN servers in London, UK (`algedi.airvpn.org`) shows a normal relationship between minimum rtt and distance. But for the other two (`alshain.airvpn.org` and `asterion.airvpn.org`) there are at least 13 probes with minimum rtt that's anomalously 80-100 msec too large (in Belgium, Bulgaria, Germany, Greece, Hungary, Italy, Netherlands, Sweden, Switzerland and Ukraine). For those probes, routing to `alshain.airvpn.org` and `asterion.airvpn.org` is apparently far less direct than routing to `algedi.airvpn.org`.
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/AirVPN-London-algedi-All-Probes-under-4000-km-light.png"
-        srcset="/images-static/uploads/AirVPN-London-algedi-All-Probes-under-4000-km-light.png 1x, /images-static/uploads/AirVPN-London-algedi-All-Probes-under-4000-km-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/AirVPN-London-algedi-All-Probes-under-4000-km-dark.png"
-        srcset="/images-static/uploads/AirVPN-London-algedi-All-Probes-under-4000-km-dark.png 1x, /images-static/uploads/AirVPN-London-algedi-All-Probes-under-4000-km-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/AirVPN-London-alshan-asterion-All-Probes-under-4000-km-light.png"
-        srcset="/images-static/uploads/AirVPN-London-alshan-asterion-All-Probes-under-4000-km-light.png 1x, /images-static/uploads/AirVPN-London-alshan-asterion-All-Probes-under-4000-km-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/AirVPN-London-alshan-asterion-All-Probes-under-4000-km-dark.png"
-        srcset="/images-static/uploads/AirVPN-London-alshan-asterion-All-Probes-under-4000-km-dark.png 1x, /images-static/uploads/AirVPN-London-alshan-asterion-All-Probes-under-4000-km-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-More dramatically, for AirVPN servers in Hong Kong, minimum rtt for all probes in mainland China are anomalously more than 300 msec too large. Minimum rtt for a probe in Bankok, TH is ~250 msec too large. Perhaps the probes in mainland China peer to Hong Kong through Bankok.
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/AirVPN-Hong-Kong-All-Probes-in-China-light.png"
-        srcset="/images-static/uploads/AirVPN-Hong-Kong-All-Probes-in-China-light.png 1x, /images-static/uploads/AirVPN-Hong-Kong-All-Probes-in-China-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/AirVPN-Hong-Kong-All-Probes-in-China-dark.png"
-        srcset="/images-static/uploads/AirVPN-Hong-Kong-All-Probes-in-China-dark.png 1x, /images-static/uploads/AirVPN-Hong-Kong-All-Probes-in-China-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/AirVPN-Hong-Kong-All-Probes-outside-China-light.png"
-        srcset="/images-static/uploads/AirVPN-Hong-Kong-All-Probes-outside-China-light.png 1x, /images-static/uploads/AirVPN-Hong-Kong-All-Probes-outside-China-light@2x.png 2x"
-        alt="Image" />
-    <img class="features__image--dark" src="/images-static/uploads/AirVPN-Hong-Kong-All-Probes-outside-China-dark.png"
-        srcset="/images-static/uploads/AirVPN-Hong-Kong-All-Probes-outside-China-dark.png 1x, /images-static/uploads/AirVPN-Hong-Kong-All-Probes-outside-China-dark@2x.png 2x"
-        alt="Image" />
-</figure>
-{{< / raw-html >}}
-
-## Discussion
-
-As you can see, based on this data, the probe with the smallest rtt is typically physically closest to the server. If you have data from enough probes, and find a minimum rtt under ~3 msec, you can often pin down server location within 100 km or less. And whenever the apparent speed of signal transmission exceeds the speed of light in a vacuum, there _must_ be a discrepancy in geolocation. Or an error in minimum rtt measurements or data manipulation, of course.
-
-However, there are pitfalls. Before concluding that a server is mislocated, you need to check whether it's actually a probe that's mislocated. As I found for `asm.ca.com` probe gbedi01. Although it's reportedly in Edinburgh, it's actually in London. And that mislocation made AirVPN's and IVPN's London servers seem to be in Edinburgh. But it's usually possible to identify mislocated probes. If you see apparent mislocation for servers from multiple providers, involving a particular probe, it's safe to conclude that it's the probe that's mislocated.
-
-There are other ambiguities. When the smallest minimum rtt is greater than a few msec, and another minimum rtt is just a little greater than that, differences in routing and equipment latencies may account for the difference. So the probe with the smallest minimum rtt may not actually be closest to the server, and no firm conclusions about geolocation can be drawn. As I found for IVPN server `is1.gw.ivpn.net` where a probe in Iceland had higher minimum rtt than probes in northern Europe. Apparently, the Icelandic ISPs for server and probe peer through Amsterdam.
-
-Finally, when many of a provider's server IPv4 are mislocated, it's likely that they're actually in a relatively small number of data centers. There are two approaches for identifying data centers. You can focus on server IPv4 with maximum ping transmission speeds apparently faster than light in a vacuum. For each, the probe with the smallest rtt is likely closest to the data center. Doing that, I found that `fun-tv.prcdn.net`, `ppg-as.prcdn.net`, `bue-ar.prcdn.net` and `cys-wy-us.prcdn.net` are likely in Miami. 
-
-Alternatively, you can consider data for all server IPv4 pinged from particular probes. For a given probe, you'll likely see a band of server IPv4 with minimum rtt near zero. So those server IPv4 are likely in a data center near that probe. If you look at data for enough probes, you can likely identify most of the data centers. And you can check results by looking at rtt vs distance for all probes, using apparent data center locations instead of purported server IPv4 locations.
-
- [1]: https://whatismyipaddress.com/
- [2]: https://ipinfo.io/
- [3]: https://browserleaks.com/ip
- [4]: https://mycurrentlocation.net/
- [5]: https://www.maxmind.com
- [6]: https://www.google.com/
- [7]: https://physics.stackexchange.com/questions/80043/how-fast-does-light-travel-through-a-fibre-optic-cable
- [8]: https://electronics.stackexchange.com/questions/68619/triangulate-with-ping
- [9]: https://bgp.he.net/
- [10]: https://restoreprivacy.com/vpn-server-locations/
- [11]: http://ping.pe/
- [12]: https://asm.ca.com/en/ping.php
- [13]: https://maplatency.com/
- [14]: https://ping.pe/
- [15]: https://www.movable-type.co.uk/scripts/latlong.html
- [16]: https://bgp.he.net/AS60300
- [17]: https://bgp.he.net/AS44515
\ No newline at end of file
diff --git a/src/content/es/pages/privacy-guides/isp-netflow-surveillance-and-vpn.md b/src/content/es/pages/privacy-guides/isp-netflow-surveillance-and-vpn.md
deleted file mode 100644
index 88cccf5c7..000000000
--- a/src/content/es/pages/privacy-guides/isp-netflow-surveillance-and-vpn.md
+++ /dev/null
@@ -1,122 +0,0 @@
----
-title: Can ISPs NetFlow data be used to track traffic going through VPNs?
-author: Solène Rapenne
-url: /privacy-guides/isp-netflow-surveillance-and-vpn/
-section: Basic
-weight: 10
-date: 2024-01-08T00:00:00+00:00
-update: 2024-01-29T00:00:00+00:00
-layout: guides-details
-articles: [
-  {
-    title: "What is a VPN?",
-    url: "/privacy-guides/what-is-a-vpn/"
-  },
-  {
-    title: "Will a VPN Protect Me? Defining Your Threat Model",
-    url: "/privacy-guides/will-a-vpn-protect-me/"
-  },
-  {
-    title: "Tor vs I2P",
-    url: "/privacy-guides/an-introduction-to-tor-vs-i2p/"
-  }
-]
----
-## Introduction
-
-This privacy guide will help you understand what information your [Internet Service Provider][isp] (ISP) can view regarding your network activity and the implications if you are using a [Virtual Private Network][what_is] (VPN). In fact, many ISPs utilize [NetFlow][netflow], a protocol developed by [Cisco][cisco], to store the data concerning the traffic they route throughout the day.
-
-NetFlow allows the storage and efficient processing of network information including:
-
-- Date and Time with millisecond resolution
-- Source [IP][ip] address
-- Destination [IP][ip] address
-- IP protocol number (most common protocols are [TCP][tcp] and [UDP][udp])
-- Source port
-- Destination port
-- IP field "[Type of Service][ToS]"
-
-A NetFlow dataset does not include any [packets capture][pcap] data, it simply presents a list of the routing information, including the source and destination's addresses and ports, and when the routing occurred.
-
-## Is a VPN vulnerable to NetFlow analysis?
-
-As you may be aware, a VPN creates an encapsulated connection between your VPN client and the VPN server. All the [network traffic][network] between these two machines travels over the Internet in encrypted form, and your ISP can't use classic techniques such as [Deep Packet Inspection][dpi] for snooping the VPN content.
-
-Nonetheless, it's crucial to note that, besides the encrypted data, your ISP obtains a lot of information about your VPN from the NetFlow data. As the VPN service providers IP ranges are well known, your ISP can easily figure you are using a VPN, in addition to knowing the time you connect, the amount of data you transfer over the VPN and the location of the remote VPN server.
-
-Although this information may seem insignificant, it can be exploited. For instance, it's easy to determine your computer time habits, and potentially the number of people in your house, and how people consume the Internet.
-
-Please note that it's impossible to hide your network activity from your ISP, as they are the ones who provide your connection to remote servers, but if you use a VPN, your ISP will only see a single encrypted connection.
-
-## Internet is a giant puzzle
-
-The Internet could be compared to a vast puzzle composed of many pieces, each representing an ISP. Every ISP has knowledge of its own part of the puzzle and the connections to other pieces.
-
-If your VPN service provider is located in a different part of the puzzle than your own ISP, this means that your actions through the VPN cannot be accurately determined by your ISP. Similarly, the ISP of the VPN server has no way of identifying you using only your IP address, they would need to collaborate with your ISP to identify you.
-
-![](/img/diagram-vpn-transit.png)
-
-## Worldwide NetFlow database
-
-Unfortunately, a 2022 [article from Vice][Augury] has reveled that a US-based private company has been collecting NetFlow exports from many ISPs worldwide in exchange for Threat Intelligence analysis. The number of involved ISPs suggests that, from the article, it may represent roughly ninety percent of the global Internet traffic. Information about [Team Cymru][cymru], the company that sells access to the consolidated NetFlows database, remains limited. It was found that their website contains a list of [facts and myths][cymru_facts] about their services, though their claims cannot be verified. Nevertheless, it is evident that they are working on NetFlow aggregation.
-
-Using the puzzle analogy again, Team Cymru has access to most of the puzzle pieces. While a single piece doesn't hold enough information in the context of using a VPN, having many of them could potentially expose your Internet usage **if they receive NetFlow exports from both your ISP and your VPN provider ISP**. For example, traffic correlation using the packets timing becomes a lot easier when you know the delay between the user and their VPN provider acting as a proxy.
-
-In 2024, the NSA [stated to a senator][senate] that they were buying NetFlow exports from ISPs as long as it involves traffic to or from the United States.
-
-### NetFlow and anonymization
-
-It is not possible to say which ISP shares their NetFlow data.
-
-For European based ISPs, the [GDPR][gdpr] compliance dictates that personal data should not be shared. It is not our place to discuss if NetFlow datasets qualify as are personal data, but GDPR compliance implies that ISPs must not permit any third party to associate a NetFlow export with personal information such as names, addresses or, phone numbers.
-
-Two possibilities exist regarding NetFlow exports:
-
-1. ISPs sharing anonymized NetFlow datasets.
-2. ISPs sharing customer information.
-
-In the first case, the network activity for a VPN user would appear as follows: [anonymous IP A] connected to [anonymous IP B] web server on [date] via a VPN of type [protocol] on [anonymous IP C].
-
-In the second case, the network activity would be much more specific: [identified person A] connected to [identified company B]'s web server on [date] through a VPN of type [protocol] on [identified company C].
-
-## Possible mitigation
-
-With someone able to view most of the global Internet traffic, as previously mentioned, a VPN alone would be insufficient to protect your privacy. Does it render VPNs useless? VPNs are effective at protecting against data snooping while using public networks, bypassing firewalls or preventing your ISP to know what you use Internet for, but its efficacy can be limited against a state-level actor.
-
-In the worst case scenario of a NetFlow analysis, the data passing through the VPN remains encrypted and unusable, but it may be possible to reveal to which servers you connected, the protocol you used (HTTPS, emails etc.) and maybe infer visited websites.
-
-However, using a VPN service offering multiple hops passing through different countries/ISPs can still protect your privacy, but only if the ISPs do not all share their NetFlow data. In order to increase the NetFlow analysis resistance, at the cost of both higher latency and reduced bandwidth, it's possible to chain multiple VPNs from different VPN providers, but at the condition that the VPN providers are trustworthy and that their servers aren't all part of the NetFlow exports.
-
-To protect your privacy efficiently, it's important that you [define your threat model][threat_model] and check if it suits your needs.
-
-An alternative mitigation would be to use the [I2P protocol][i2p_wiki], although its usage is a bit restrictive, [contrary to Tor][tor_vs_i2p]. I2P is intended to be used as a "network layer on top of the Internet", rather than a substitute for a VPN. For more information, visit the [official project website][i2p].
-
-A more realistic mitigation would be the use of a [mix network](https://www.ivpn.net/privacy-guides/adversaries-and-anonymity-systems-the-basics/#anonymity-systems), but as of the time of writing, they are complicated to use and require blockchain tokens to work, which is a challenge to buy anonymously. We also lack feedback about their efficiency in a real world usage.
-
-## Exercise: monitor your own network activity
-
-For our readers with some network skills, here is a simple experiment to understand what your ISP can observe from your VPN usage. You can assess your own VPN activity by monitoring the network traffic on your local VPN interface using software such as [Wireshark][wireshark] (a graphical tool), [ntopng][ntopng] (web-based, mostly used on routers) or [tcpdump][tcpdump] (a command line tool). These software are available on most operating systems (Windows, macOS, Linux, Android, dd-wrt, *BSD), however their usage is not within the scope of this guide.
-
-[isp]: https://en.wikipedia.org/wiki/Internet_service_provider
-[netflow]: https://en.wikipedia.org/wiki/NetFlow
-[network]: https://en.wikipedia.org/wiki/Network_traffic
-[dpi]: https://www.fortinet.com/resources/cyberglossary/dpi-deep-packet-inspection
-[wireshark]: https://www.wireshark.org/
-[tcpdump]: https://en.wikipedia.org/wiki/Tcpdump
-[ntopng]: https://www.ntop.org/products/traffic-analysis/ntop/
-[tcp]: https://en.wikipedia.org/wiki/Transmission_Control_Protocol
-[udp]: https://en.wikipedia.org/wiki/User_Datagram_Protocol
-[ip]: https://en.wikipedia.org/wiki/IP_address
-[ToS]: https://en.wikipedia.org/wiki/Type_of_service
-[Augury]: https://www.vice.com/en/article/y3pnkw/us-military-bought-mass-monitoring-augury-team-cymru-browsing-email-data
-[pcap]: https://en.wikipedia.org/wiki/Pcap
-[i2p_wiki]: https://en.wikipedia.org/wiki/I2P
-[i2p]: https://geti2p.net/en/about/intro
-[tor_vs_i2p]: https://www.ivpn.net/privacy-guides/an-introduction-to-tor-vs-i2p/
-[cisco]: https://www.cisco.com/
-[cymru]: https://www.team-cymru.com/
-[what_is]: https://www.ivpn.net/privacy-guides/what-is-a-vpn/
-[threat_model]: https://www.ivpn.net/privacy-guides/will-a-vpn-protect-me/
-[cymru_facts]: https://www.team-cymru.com/post/team-cymru-myth-vs-fact
-[gdpr]: https://en.wikipedia.org/wiki/General_Data_Protection_Regulation
-[senate]: https://www.wyden.senate.gov/news/press-releases/wyden-releases-documents-confirming-the-nsa-buys-americans-internet-browsing-records-calls-on-intelligence-community-to-stop-buying-us-data-obtained-unlawfully-from-data-brokers-violating-recent-ftc-order
diff --git a/src/content/es/pages/privacy-guides/mac-address.md b/src/content/es/pages/privacy-guides/mac-address.md
deleted file mode 100755
index 7f1c5da64..000000000
--- a/src/content/es/pages/privacy-guides/mac-address.md
+++ /dev/null
@@ -1,147 +0,0 @@
----
-title: Privacy issues related to MAC addresses
-author: Solène Rapenne
-url: /privacy-guides/mac-address-privacy/
-section: Misc
-weight: 10
-date: 2024-03-08T00:00:15+00:00
-layout: guides-details
-articles: [
-  {
-    title: "What is a VPN?",
-    url: "/privacy-guides/what-is-a-vpn/"
-  },
-  {
-    title: "Will a VPN Protect Me? Defining Your Threat Model",
-    url: "/privacy-guides/will-a-vpn-protect-me/"
-  },
-]
----
-In this guide, you will learn what type of tracking is done using MAC addresses, and what steps you can take to protect your privacy against such threats.
-
-## Introduction to MAC addresses
-
-The MAC address is used within local networks, at the Ethernet level, to identify network devices when exchanging data.
-
-The MAC mechanism was developed during Ethernet protocol specification at Xerox in the late 70s. Read more [on Ethernet history](https://akapugs.blog/2020/02/12/676/).
-
-The acronym MAC stands for **M**edium **A**ccess **C**ontrol ([MAC](https://en.wikipedia.org/wiki/MAC_address)), the name "physical address" is also widely used in place of MAC address. It is composed of 6 hexadecimals (from 0 to F) two digits numbers. The numbers are not random as there are some rules for valid MAC addresses. In order to illustrate what a MAC address looks like, here is a valid random one: `9A:E6:14:71:B3:AE`, note that the colons are commonly used between each two hexadecimals digits to improves readability.
-
-All Ethernet, Wi-Fi and even Bluetooth devices have a unique address among the 180 trillions addresses possible due to the 48 bits size of MAC addresses. In comparison, there are only 4 billions (more exactly 2^32 or 4 294 967 296) IPv4 addresses, and only a subset is usable over the Internet.
-
-Network switches are relying on MAC address to figure which port to use when relaying a packet between two devices. Previously, the legacy network hubs were not aware of MAC addresses, and therefore were relaying packets on all its ports.
-
-There is [a giant database](https://regauth.standards.ieee.org/standards-ra-web/pub/view.html) containing the MAC addresses of every individual device sold on the market. However, you may prefer to use a service with a simpler interface, just search for "MAC address database browser" in a search engine. Please mind that this database does not contain any personal information about people buying the devices, it is only a registry of all produced devices, their manufacturer and their identifier.
-
-## MAC address applications
-
-The MAC address exists in the first place to allow network devices to exchange data between each other.
-
-However, as it identifies a machine on a local network, we have seen uses for wider purpose like tracking people in shopping centers, restrict networks to some machines or user identification in captive portals.
-
-### Quota and captive portals
-
-Certain mechanisms rely on a MAC address to identify devices on a network, but such applications have shortcomings. It is easy to change your system MAC to another, and also easy to spoof someone's device MAC.
-
-Let me illustrate MAC spoofing. Let's say you are in a hotel providing a Wi-Fi hotspot, but it has an Internet use quota. It is likely the system is relying on the clients MAC addresses to assign the quota when no credentials are asked, in such cases, you could change your MAC to a random one to reset your quota. Even further, if you are required to pay to connect to the Internet and the system uses MAC addresses as identifiers, it could be easy to spoof the MAC address of someone who paid. This might be straightforward, but also illegal in most jurisdictions and may not work well while the two devices are connected simultaneously.
-
-### Customer tracking
-
-A much more concerning use of MAC address is the tracking of customers in supermarkets / malls. Devices with Wi-Fi enabled, like smartphones, are regularly probing for access points by broadcasting their MAC address. This is holy grail for tracking customers, and was a popular technique during the 2010's.
-
-You can learn more about this practice in [this case study](https://www.martechsadvisor.com/news/ecommerce/euclid-analytics-redesigns-instore-wifi-experience-with-euclid-connect/) and in this [Harvard University assignment](https://d3.harvard.edu/platform-rctom/submission/we-know-you-looked-at-that-ugly-sweater-euclid-analytics-in-store-tracking-and-the-narrowing-of-the-online-offline-gap/).
-
-With a unique MAC per device, it is easy to figure out the following information:
-
-- date and time of visit (entering, leaving)
-- duration of each visit
-- how often do they visit
-- habits of visits (day of the week, favorite hour in the day)
-
-If the center is big enough, it is possible to locate users within the building to track their shopping journey.
-
-Fortunately, smartphone system providers have added mechanisms to mitigate this tracking, more details on this in a section later in this guide.
-
-### Physical tracking
-
-Edward Snowden reported that the [NSA used MAC addresses](https://www.wired.com/2014/08/edward-snowden/) to physically track people. If someone uses the same MAC address to connect to multiple public Wi-Fi within airports, train stations or any other open network that is at reach of a government agency, it becomes easy to know the time and location of a traveling device. This does not help to identify the person using the device though, the MAC address does not contain any personal information.
-
-There is no way to know if this is actively used in the wild, but MAC randomization protects against tracking.
-
-## Does the MAC address leak on the Internet?
-
-A MAC address is not shared beyond the local network because it is only used locally. If you connect to a website, the remote server will never know anything about MAC addresses from your local network.
-
-As shown in the diagram below, the MAC address is used to carry data over the OSI layer 2 (Ethernet, Wi-Fi), but is dropped at layer 3 (IP packets).
-
-![](/img/Tun-tap-osilayers-diagram.png)
-
-## Does a VPN protect your MAC address?
-
-All commercial VPN providers are only offering an OSI Layer 3 VPN, it relays IP packets so the MAC address is not carried through the VPN.
-
-It is possible to create a VPN relaying the OSI Layer 2 and passing through Ethernet frames instead of IP packets. While this sort of VPN use does not have a specific name, multiple technologies provide this feature like VPLS or Ethernet bridging. They can virtually extend a network to other locations, and all devices on the network will see each other as if they were on the same local network. In practice, it is only useful for a couple of use cases, the most common is gaming using the "local network" mode with friends, but over the Internet. On this VPN, your MAC address is carried over to the VPN remote network.
-
-## IPv6 derived from MAC addresses
-
-In the past, the IPv6 addresses the machines were assigning to themselves (in [SLAAC](https://www.networkacademy.io/ccna/ipv6/stateless-address-autoconfiguration-slaac) mode) were derived from the network interface MAC address. As IPv6 is used to communicate on the layer 3 this meant the MAC embedded in the IPv6 address itself were leaking to all remote servers.
-
-Fortunately, this problem was addressed [by adding extras IPv6 extensions](https://superuser.com/a/243713) to mitigate this issue using [temporary private addresses](https://blog.apnic.net/2020/05/20/getting-ipv6-private-addressing-right/). As of the writing of this article, most operating systems have implemented and enabled such a solution.
-
-## The case of Bluetooth tracking
-
-Each Bluetooth device also has its own unique MAC address, which is a concern when it comes to data collection and analysis.
-
-For example, if you wear Bluetooth headphones and a Bluetooth watch, both connected to your smartphone with Bluetooth, your paired devices MAC will not change ever except if the manufacturer implemented the [complicated mechanism](https://novelbits.io/bluetooth-address-privacy-ble/) of Bluetooth Low Energy (BLE) providing random / public MAC address depending on the situation.  While mobile operating systems implemented the specifications correctly, [this is not the case](https://www.mist.com/documentation/ble-mac-randomization/) for Bluetooth devices.
-
-On top of the MAC randomization issues, Bluetooth devices tend to broadcast about themselves, like their name (user defined or factory) and what kind of devices they are (headphones, headset, watch, wearable, etc.). This creates a good opportunity for companies that snoop Bluetooth data to track you. This technique can be used even if device addresses are randomized.
-
-In parallel, there is a business tied to Bluetooth beacons being polled by applications installed on smartphones. Certain apps integrate a feature pinging for Bluetooth beacons, as some beacon providers pay app developers to perform these actions. Retrieving information from an app is valuable as they can learn and log useful information about you. You can review a [New York Times](https://www.nytimes.com/interactive/2019/06/14/opinion/bluetooth-wireless-tracking-privacy.html) article about this business for more information.
-
-If you do not want to be tracked through your Bluetooth devices, turn them off outside or keep them at home. If you only have a smartphone, do not keep Bluetooth enabled if you do not need it.
-
-## Operating System MAC randomization support
-
-Here is a list of the state of Wi-Fi and Ethernet MAC address randomization for each popular operating system.
-
-### Android (mobile OS)
-
-Android enabled random MAC for scanning since Android 8, but all devices supported changing the MAC address at this time as it was not a hardware requirement for Android devices.
-
-Since Android 9, the MAC is always randomized for scanning.
-
-Starting with Android 10, it became possible to randomize the MAC when connecting per SSID, the random MAC would remain stable for each SSID, only a system factory reset could generate a new value.
-
-In Android 12, a new feature appeared that allows disposable random MAC addresses, but it only applies under specific circumstances as [explained in the documentation](https://source.android.com/docs/core/connect/wifi-mac-randomization-behavior).
-
-### iOS (Apple mobile OS)
-
-Apple implemented MAC randomization for scanning since the iPhone 5. However, [since iOS 14](https://support.apple.com/fr-fr/guide/security/secb9cb3140c/web) they added support for a stable random MAC per network. Each MAC is randomized every twenty-four hours. Keeping the same MAC for a day on a network allows to not break captive portals that may use your MAC for authentication, quota or payment.
-
-### macOS (Apple desktop OS)
-
-So far, macOS does not seem to support MAC address randomization.
-
-### Linux (desktop / mobile OS)
-
-On popular Linux distributions, the MAC address is only randomized when scanning for networks, but not when connecting to an access point. Out of all Linux distributions we have investigated, only Qubes OS and [Tails](https://tails.net/doc/first_steps/welcome_screen/mac_spoofing/index.en.html) enable randomization for scanning and connecting by default.
-
-Linux users do have options to remedy this problem. It is possible to configure NetworkManager (the service managing network) to enable random MAC for Wi-Fi by network. It offers two randomization strategies, either "stable", producing per network a new random MAC that will be reused later, or "random", that will generate a new MAC every time one connects to the network. A fully random MAC address for each connection is not advised for most users as it can exhaust the IP pool of the local DHCP server. This happens because each new MAC can be considered as a new device, if you reconnect too many times before old DHCP leases expire, the DHCP will be out of addresses to distribute.
-
-Among the most popular operating systems, Linux distributions are the only ones to provide MAC randomization for Ethernet network interfaces.
-
-You can learn more about NetworkManager MAC randomization through [this guide](https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/) by one of the NetworkManager developers.
-
-### Windows (desktop OS)
-
-By default, Windows enables random MAC for scanning. There [is a setting](https://support.microsoft.com/en-us/windows/how-to-use-random-hardware-addresses-in-windows-ac58de34-35fc-31ff-c650-823fc48eb1bc) to enable a stable random MAC address per Wi-Fi SSID, and also a setting to enable daily randomization.
-
-Finding complete information about this feature is not straightforward, [some Microsoft slides](https://datatracker.ietf.org/meeting/109/materials/slides-109-madinas-mac-address-randomization-in-windows-10-00) explain the MAC randomization mechanism which is not fully detailed in the official documentation.
-
-Windows does not have support for randomizing the MAC of Ethernet interfaces.
-
-## Conclusion
-
-MAC addresses is a necessary component of network protocols, it does not leak through VPNs but could be used to track people through their devices.
-
-Manufacturers have made significant steps to improve the privacy of devices owners with regard to Wi-Fi tracking. Unfortunately, the problem shifted to Bluetooth devices, creating a more challenging problem to resolve, since more manufacturers are involved compared to improving a couple of operating systems subsystems.
diff --git a/src/content/es/pages/privacy-guides/onion-ssh-hosts-for-login-chaining.md b/src/content/es/pages/privacy-guides/onion-ssh-hosts-for-login-chaining.md
deleted file mode 100644
index 05bc1c337..000000000
--- a/src/content/es/pages/privacy-guides/onion-ssh-hosts-for-login-chaining.md
+++ /dev/null
@@ -1,163 +0,0 @@
----
-title: Onion SSH Hosts for Login Chaining
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/onion-ssh-hosts-for-login-chaining/
-section: Misc
-weight: 40
-date: 2016-01-19T10:27:43+00:00
-layout: guides-details
----
-In [Will a VPN Protect Me? Defining your threat model][1] and [Adversaries and Anonymity Systems: The Basics][2], I discussed threats to anonymity, freedom, privacy and/or security, and how to choose appropriate setups to counter them. The most elaborate setup that I've described involves [nested chains of VPN services and Tor][3]. And that setup relies primarily on Tor for anonymity.
-
-But perhaps that's insufficient. After all, the Tor Project does warn: `This is experimental software. Do not rely on it for strong anonymity.` It's well known that Tor is vulnerable to global adversaries. And there are occasional reports of Tor users and hidden service operators getting busted. However, as far as I know, no stronger anonymity system has yet been implemented at usable scale. So how could one get more stopping power?
-
-I'm reminded of the situation back in the early 90s. Being anonymous on the Internet was nontrivial. There were no VPN services. Tor was a decade away. For email, there were Cypherpunk and Mixmaster anonymous remailers. And one could use them for mail lists and Usenet. But options for anonymous, low-latency Internet activity were extremely limited.
-
-Remote login chaining was just about it. You needed to know several remote hosts, and have a valid username and password for each. The first step was dialup access to one of the remote hosts. If you had a portable computer or laptop, you could call from a payphone, using a modem with an acoustic coupler. Then you would [telnet][4] to another host. And then you would telnet to a third host. And so on. In order to identify you, adversaries would need to trace your path back through the chain.
-
-However, telnet login chaining wasn't such a great approach. Telnet is not secure. There is no host authentication, and no content encryption, so snooping and MitM attacks are trivial. If enough network traffic got logged, the whole telnet chain (all plaintext) could be reconstructed. Since the late 90s, telnet has been superseded by [SSH][5].
-
-That's what happened to [Kevin Mitnick][6], for example. It got him five years in the can. But the [session transcripts][7] are instructive. You can telnet to a series of ports, and relive Kevin's console experience. For example:
-
-    $ telnet kevin-on-demand.takedown.com 4009
-
-This guide takes the concept of remote login chaining, and implements it using anonymously leased VPS that are running onion SSH services. Perhaps one such SSH login could be pwned. But it would arguably be harder to pwn a chain of them. And in any case, it's a fun project.
-
-I recommend working in Whonix, [reaching Tor through a nested VPN chain][3]. You'll need at least two small Linux VPS, leased via Tor using well-anonymized Bitcoin. It's a simple setup, the same for each VPS.
-
-Create a 4096-bit RSA key in the Whonix workstation VM, with a strong passphrase. Then SCP the public key to your first VPS. Now SSH to the VPS. If necessary, add a user account. Set root and user passwords. Create /home/user/authorized_keys, and add the Whonix id_rsa.pub to it. Then edit /etc/ssh/sshd_config. Disable root login and password authentication. If you like, add one or more additional port lines, such as 5222, so that you can run multiple onion SSH services.
-
-Then restart the SSH service, and check that you can login as user from a new terminal window, using the local id_rsa passphrase. Now create a 4096-bit RSA key in the VPS, with a passphrase.
-
-Do apt-get update and dist-upgrade, and reboot. Then SSH to the VPS, and install iptables-persistent and fail2ban. Copy /etc/fail2ban/jail.conf to /etc/fail2ban/jail.local. Edit /etc/iptables/rules.v6, change defaults to `DROP`, and do ip6tables-restore. Restart fail2ban service, and test with `fail2ban-client ping`. The reply should be `pong`.
-
-Now install tor, and edit /etc/tor/torrc:
-
-    SocksPort 127.0.0.1:9050
-    SocksPolicy accept 127.0.0.1/32
-    SocksPolicy reject *
-    VirtualAddrNetwork 10.192.0.0/10
-    AutomapHostsOnResolve 1
-    Log notice file /var/log/tor/notices.log
-    RunAsDaemon 1
-    DataDirectory /var/lib/tor
-    HiddenServiceDir /var/lib/tor/ssh/
-    HiddenServicePort 22 127.0.0.1:22
-
-If you want to run multiple onion SSH services, do something like this:
-
-    ...
-    HiddenServiceDir /var/lib/tor/ssh0/
-    HiddenServicePort 22 127.0.0.1:22
-    HiddenServiceDir /var/lib/tor/ssh1/
-    HiddenServicePort 22 127.0.0.1:5222
-
-Then restart tor service, and check its status. If it's running, get the hidden service credentials:
-
-    $ cat /var/lib/tor/ssh/hostname
-    $ cat /var/lib/tor/ssh/private_key
-
-And for any additional onion SSH services that you've configured. Now SSH to user@hostname. If you get in, close first SSH login. If not, check your work. Once you get in via the onion SSH service, create /etc/iptables/tight-rules.v4:
-
-    *filter
-
-    :INPUT DROP [0:0]
-    :FORWARD DROP [0:0]
-    :OUTPUT ACCEPT [0:0]
-
-    -A INPUT -m state --state INVALID -j DROP
-    -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,ACK -j DROP
-    -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
-    -A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
-    -A INPUT -f -j DROP
-    -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j DROP
-    -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
-
-    -A INPUT -i lo -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT
-    -A INPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT
-    -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-    -A INPUT -j DROP
-
-    COMMIT
-
-Those rules block all incoming connections, so only SSH via onion service will work. Do iptables-restore from those rules. You should still be connected. If not, rebooting from the hosting control panel will restore the open iptables rules. Once it's working, test:
-
-    $ wget http://ipchicken.com
-    $ cat index.html | less
-
-You should see the VPS IPv4 address. Also test Tor:
-
-    $ rm index.html
-    $ torsocks wget http://check.torproject.org
-    $ cat index.html | less
-
-You should see `Congratulations. This browser is configured to use Tor.`
-
-To prepare for use after reboot, just login via SSH onion, and load the tight iptables rules.
-
-So let's say that you have two of these VPS, host0 and host1, with onion SSH hostnames `host0rpx2zt8vwu1.onion` and `host1cwdrau3qhja.onion`. And let's say that you plan to first SSH to host0, and then from host0 to host1. You'll need to add host0's public RSA key to ~/authorized_keys in host1. First do:
-
-    $ scp user@host0rpx2zt8vwu1.onion:~/.ssh/id_rsa.pub ~/Downloads/host0_id_rsa.pub
-    $ scp ~/Downloads/host0_id_rsa.pub user@host1cwdrau3qhja.onion:~/.ssh/
-
-Then SSH to host1, add the host0 key to ~/authorized_keys, and exit.
-
-Now SSH to host0. Then SSH from host0 to host1. If you hit the Internet directly from host1, sites will see its IP address. You can also use torsocks to hit the Internet from host1 via Tor. You can add additional hops, by SSHing from host1 to host2, and so on. But latency becomes unworkable after about three chained hosts.
-
-OK, so it works. But does it actually increase anonymity? Routing Tor over Tor is generally [not recommended][8]: "Doing so produces undefined and potentially unsafe behavior. In theory, however, you can get six hops instead of three, but it is not guaranteed that you'll get three different hops - you could end up with the same hops, maybe in reverse or mixed order."
-
-The warning about relay overlap with Tor over Tor seems overstated. The [hidden service protocol][9] involves two three-hop circuits. The user's Tor client builds a three-relay circuit to a rendezvous point, and then sends a connection request to one of the hidden service's introduction points. The hidden service's Tor client builds a three-relay circuit to the specified rendezvous point, and the connection is established. There are seven Tor relays in this connection, four picked by the user's client, and three picked by the hidden service's client.
-
-I can't imagine that the user's client and the hidden service's client are sharing any information about circuit building. Given that, I don't get how the hidden service protocol can rigorously avoid relay overlap. And I don't see why routing Tor over Tor is more prone to relay duplication, as long as independent Tor clients are being used.
-
-More instructive is the Tor Project's recommendation against [changing the default three-relay circuit length][10]: "We don't want to encourage people to use paths longer than this — it increases load on the network without (as far as we can tell) providing any more security. Remember that [the best way to attack Tor is to attack the endpoints and ignore the middle of the path][11]".
-
-Tor developers are concerned that attackers can use long circuits to DoS the network. By DoSing honest relays, for example, attackers can direct clients to malicious relays. Relays restrict circuit length to eight relays. But routing Tor via Tor would circumvent that. Doing that is still possible in the current stable version (0.2.7.6). However, exit node to entry connections will apparently [not work][12] in the next release. However, there are no exit nodes involved in chaining onion SSH services, so the change shouldn't be problematic.
-
-But what about those attacks on endpoints? From Tor's [threat model][11]: "In low-latency anonymity systems that use layered encryption, the adversary's typical goal is to observe both the initiator and the responder. By observing both ends, passive attackers can confirm a suspicion that Alice is talking to Bob if the timing and volume patterns of the traffic on the connection are distinct enough; active attackers can induce timing signatures on the traffic to force distinct patterns. Rather than focusing on these traffic confirmation attacks, we aim to prevent traffic analysis attacks, where the adversary uses traffic patterns to learn which points in the network he should attack".
-
-Neither traffic confirmation attacks nor traffic analysis attacks necessarily depend on explicitly learning circuit paths. However, some of the classic deanonymization attacks on users and hidden services do involve their entry guards. Given all that, using hidden services is arguably less likely traceable than simply using websites via Tor, because there are two linked circuits to deanonymize. And chaining two hidden services is arguably even less likely traceable.
-
-Traffic confirmation attacks depend on matching traffic patterns at connection endpoints. And traffic patterns also play a role in traffic analysis to identify those endpoints. So maybe adding jitter to the connection would be useful. Using VPN services on the onion SSH hosts will accomplish that, because all Tor connections will go through the VPN server. Multi-hop VPN services will do a better job of that. VPN services also hide onion SSH hosts from their entry guards, which might end up controlled by adversaries.
-
-Anyway, get a VPN service subscription, and download Linux setup files. Don't use any of the VPN service accounts that you use locally. Purchase via Tor, and pay with thoroughly anonymized Bitcoin. Then SCP zipped linux setup files to host0. SSH to host0, and install openvpn. Edit /etc/default/openvpn and change AUTOSTART to `none`. Unzip and copy the setup files to /etc/openvpn/, and remove read rights for group and other. If you have an openvpn configuration with the extension `.ovpn`, change that to `.conf`. You may need to tweak your openvpn configuration file (let's say `vpnroute.conf`).
-
-However, you can't just start the openvpn service. That's because, once it connects, your SSH connection to this VPS will die. Normally, you could add a route command to the openvpn configuration for the IP address of your management device, to bypass the VPN tunnel. But that isn't workable when you're SSHing via tor, unless you want to specify a particular exit node. Also, the tor process will exit when openvpn starts, so using the SSH onion service won't help.
-
-The solution is to create a shell script that stops tor, waits, starts openvpn, waits, and then starts tor:
-
-    $ nano /etc/openvpn/start-vpn.sh
-      #!/bin/sh
-
-      systemctl stop tor.service
-      sleep 60
-      systemctl start openvpn@vpnroute.service
-      sleep 60
-      systemctl start tor.service
-    $ chmod +x /etc/openvpn/start-vpn.sh
-
-That's not quite enough, though, because your SSH login will die as soon as openvpn connects, and then the script will stop executing. To prevent that, you must have the script ignore the HUP (hangup) signal when the SSH login dies:
-
-    $ nohup /etc/openvpn/start-vpn.sh
-
-Your SSH login will still die when tor stops. But just wait a few minutes, giving openvpn and tor time to reconnect, and then connect to the SSH onion service. If it doesn't work, just reboot the VPS from the hosting control panel. The openvpn service won't restart, so you'll be able to SSH again.
-
-As with the tight iptables rules, you can only connect to the SSH onion service. But in this case, it's because everything is routed through the VPN service. The VPN exit has tight iptables rules, and it doesn't forward SSH back to your VPS.
-
-To setup the VPS for use after reboot, login via the SSH onion service, load tight iptables rules, and run `nohup start-vpn.sh`. Wait a few minutes, and then login via the SSH onion service.
-
-So hey, enjoy your hosts. But do recall that your VPS providers and intervening ISPs may be logging. Remember Kevin! Always use end-to-end encryption for sensitive content, and [be prudent about sites that you're connecting to][13].
-
- [1]: /privacy-guides/will-a-vpn-protect-me/
- [2]: /privacy-guides/adversaries-and-anonymity-systems-the-basics/
- [3]: /privacy-guides/advanced-privacy-and-anonymity-part-8/
- [4]: https://en.wikipedia.org/wiki/Telnet
- [5]: https://en.wikipedia.org/wiki/Secure_Shell
- [6]: https://en.wikipedia.org/wiki/Kevin_Mitnick
- [7]: https://shinnok.com/rants/2009/01/27/kevin-mitnicks-hacking-telnet-session-transcripts/
- [8]: https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO#ToroverTor
- [9]: https://web.archive.org/web/20120505002508/https://www.torproject.org/docs/hidden-services.html.en
- [10]: https://web.archive.org/web/20141225122111/https://www.torproject.org/docs/faq.html.en#ChoosePathLength
- [11]: https://svn.torproject.org/svn/projects/design-paper/tor-design.html#subsec:threat-model
- [12]: https://trac.torproject.org/projects/tor/ticket/2667
- [13]: https://www.whonix.org/wiki/DoNot
diff --git a/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-1.md b/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-1.md
deleted file mode 100644
index ad0cb46d5..000000000
--- a/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-1.md
+++ /dev/null
@@ -1,85 +0,0 @@
----
-title: 'Online Privacy Through OPSEC and Compartmentalization: Part 1'
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-1/
-section: Advanced
-weight: 90
-articles: [
-  {
-    title: "Online Privacy Through OPSEC and Compartmentalization: Part 2",
-    url: "/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-2/"
-  },
-  {
-    title: "Online Privacy Through OPSEC and Compartmentalization: Part 3",
-    url: "/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3/"
-  },
-  {
-    title: "Online Privacy Through OPSEC and Compartmentalization: Part 4",
-    url: "/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4/"
-  }
-]
-date: 2017-08-04T12:31:51+00:00
-layout: guides-details
----
-![On the Internet, Nobody Knows You're a Dog](/images-static/uploads/nobodyknowsyouradog.jpg)
-
-Privacy and anonymity on the Internet are perennial clickbait topics. At least, that's been the case since some of the [Eternal September][1] crowd figured out that ['On the Internet, nobody knows you're a dog.'][2] might be an _unrealistic_ expectation. We've seen the warnings: ['You have zero privacy.'][3] [1999]; [Google's 'Broken Privacy Promise'][4] [2016]; ['confronting the end of privacy'][5] [2017]; ['privacy is dead'][6] [2017]; and ['technology can't fix it'][7] [2017]; ['Privacy as We Know It Is Dead'][8] [2017]. There was Eric Schmidt's classic rationalization, ['If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place.'][9] [2009]. And recently, there's been hand wringing about ['anonymous harassment'][10] [2015] and how ['anonymity makes people mean'][11] [2015]. For a more nuanced discussion of online ethics, see ['Social Networking and Ethics'][12] [2012/2015]. In any case, leaving aside argument about whether online anonymity is "good" or "bad", there's no doubt that it can be a [prudent and effective strategy][13] [2017]. And in any case, there's nothing new here. These were contentious issues [in the 1780s][14], during public debate on ratification of the US Constitution. But hey, articles in _The Economist_ are still published [anonymously][15]: 
-
-> The main reason for anonymity, however, is a belief that what is written is more important than who writes it.
-
-## Why Mass De-anonymization Is Far Likelier Than You Might Expect
-
-I've written a lot about online privacy and anonymity. Lately, however, I've focused primarily on matters of technical implementation. But a [recent article][16] about mass de-anonymization has moved me to write more about strategy and tactics. The article is based on a paper by [Jessica Su and coworkers][17] about de-anonymizing users by correlating their social media participation and browsing history. That's too perfect a teaching opportunity to pass up. Anyway, the abstract begins:
-
-> Can online trackers and network adversaries de-anonymize web browsing data readily available to them? We show—theoretically, via simulation, and through experiments on real user data—that de-identified web browsing histories can be linked to social media profiles using only publicly available data.
-
-Web browsing histories are collected by ISPs, the online advertising industry, at least some anti-malware firms, and various TLAs. So everyone online is vulnerable to multiple adversaries, who may collude, and leverage complementary data.
-
-> Our approach is based on a simple observation: each person has a distinctive social network, and thus the set of links appearing in one's feed is unique. Assuming users visit links in their feed with higher probability than a random user, browsing histories contain tell-tale marks of identity. We formalize this intuition by specifying a model of web browsing behavior and then deriving the maximum likelihood estimate of a user's social profile.
-
-OK, but this assumes that people are naive. Using one's real name online, with just one social network, is an obvious vulnerability. And it's one that's easily fixable, as I explain below. Basically, you just replace `user`/`person` with `persona`, use as many of them as you like, and make sure that they're not associated with each other.
-
-> We evaluate this strategy on simulated browsing histories, and show that given a history with 30 links originating from Twitter, we can deduce the corresponding Twitter profile more than 50% of the time.
-
-Impressive. So much for the dismissal that [browsing history isn't `sensitive information'][18] [2017]. But even so, each user could have several online identities aka personas. Each persona would have its own Twitter account, its own social network, its own set of interests, and so on. And each persona would access the Internet in a different way, using various VPN services, Tor, and combinations thereof. So each persona would have its own browsing history, potentially unrelated to the others.
-
-> To gauge the real-world effectiveness of this approach, we recruited nearly 400 people to donate their web browsing histories, and we were able to correctly identify more than 70% of them.
-
-Impressive, indeed. But again, these were naive subjects. I can't imagine that they were warned, and given the opportunity to be deceptive.
-
-> We further show that several online trackers are embedded on sufficiently many websites to carry out this attack with high accuracy. Our theoretical contribution applies to any type of transactional data and is robust to noisy observations, generalizing a wide range of previous de-anonymization attacks.
-
-That is problematic, for sure. ISPs also collect and sell browsing history. Some anti-malware firms may do so, as well. And then we have various TLAs, which likely collect whatever they can, however they can, and from wherever they can.
-
-In the paper's introduction, Su and coworkers note:
-
-> In this paper we show that browsing histories can be linked to social media profiles such as Twitter, Facebook, or Reddit accounts. We begin by observing that most users subscribe to a distinctive set of other users on a service. Since users are more likely to click on links posted by accounts that they follow, these distinctive patterns persist in their browsing history. An adversary can thus de-anonymize a given browsing history by finding the social media profile whose `feed` shares the history's idiosyncratic characteristics.
-
-That's arguably not very surprising. It's just what people do. Or at least, that's what naive people do. And then they point out:
-
-> Of course, not revealing one's real-world identity on social media profiles also makes it harder for the adversary to identify the user, even if the linking is successful. Nascent projects such as Contextual Identity containers for Firefox help users more easily manage their identity online [5]. None of these solutions is perfect; ultimately, protecting anonymity online requires vigilance and awareness of potential attacks.
-
-![Fight Club (Brad Pitt and Edward Norton)](/images-static/uploads/fight-club.jpg)
-
-![Compartmentalization: Isolation of Military Aircraft Using Blast Walls aka Revetments](/images-static/uploads/revetment.jpg)
-
-That's excellent advice, for sure. But pseudonymity alone is a fragile defense. Once one has been de-anonymized in any context, everything is de-anonymized, because it's all tied together. There is no forward security. Far more robust is to fragment and compartmentalize one's online activity across multiple unlinked personas. With effective compartmentalization, damage is isolated and limited. And overall, it's essential to implement and practice strong Operations Security (OPSEC). But first, before getting into specifics, it's instructive to consider some examples, showing how easily and spectacularly online anonymity can fail.
-
- [1]: http://knowyourmeme.com/memes/eternal-september
- [2]: http://knowyourmeme.com/memes/on-the-internet-nobody-knows-youre-a-dog
- [3]: https://archive.wired.com/politics/law/news/1999/01/17538
- [4]: https://psmag.com/googles-broken-privacy-promise-d3e2d8bec77e
- [5]: https://www.wsj.com/articles/confronting-the-end-of-privacy-1485906859
- [6]: http://tech.firstpost.com/news-analysis/privacy-is-dead-stop-whining-and-get-some-real-work-done-357090.html
- [7]: https://www.theguardian.com/commentisfree/2017/jan/13/the-guardian-view-on-internet-privacy-technology-cant-fix-it
- [8]: https://www.forbes.com/sites/robertvamosi/2017/05/02/dan-geer-privacy-as-we-know-it-is-dead
- [9]: https://www.eff.org/deeplinks/2009/12/google-ceo-eric-schmidt-dismisses-privacy
- [10]: http://www.chronicle.com/article/Women-s-Groups-Urge-Colleges/233864
- [11]: https://www.wired.com/2015/04/secret-shuts-down/
- [12]: https://plato.stanford.edu/entries/ethics-social-networking/
- [13]: http://scholar.uwindsor.ca/cgi/viewcontent.cgi?article=1006&context=csspe
- [14]: http://www.learnliberty.org/blog/anonymity-and-doxing-in-the-1787-ratification-debates/
- [15]: https://medium.economist.com/why-are-the-economists-writers-anonymous-8f573745631d
- [16]: https://www.theatlantic.com/technology/archive/2017/02/browsing-history-identity/515763/
- [17]: http://randomwalker.info/publications/browsing-history-deanonymization.pdf
- [18]: http://www.theverge.com/2017/3/20/14985328/internet-providers-web-browsing-history-fcc-privacy-rules
\ No newline at end of file
diff --git a/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-2.md b/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-2.md
deleted file mode 100644
index e3a561ee1..000000000
--- a/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-2.md
+++ /dev/null
@@ -1,179 +0,0 @@
----
-title: 'Online Privacy Through OPSEC and Compartmentalization: Part 2'
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-2/
-section: Advanced
-weight: 100
-articles: [
-  {
-    title: "Online Privacy Through OPSEC and Compartmentalization: Part 3",
-    url: "/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3/"
-  },
-  {
-    title: "Online Privacy Through OPSEC and Compartmentalization: Part 4",
-    url: "/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4/"
-  }
-]
-date: 2017-09-05T11:59:19+00:00
-layout: guides-details
----
-## Examples: How Easily and Spectacularly Online Anonymity Can Fail
-
-To illustrate how online anonymity can [fail][1], I have researched several examples. The mistakes made provide useful context for the discussion and recommendations that follow. The examples all involve criminal prosecutions, because that's what generally gets reported. Proceedings in many jurisdictions are largely public, and crime reporting is always popular. Anonymity failure _per se_ isn't newsworthy, and information may be suppressed. Even so, public data about criminal prosecutions may be misleading. Some evidence is typically under protective order. Also, investigators may have employed [parallel construction][2] to protect sources and methods that are sensitive or illegal. Such evidence is not even presented to courts, but merely exploited to obtain usable evidence. But what we have is what we have. Finally, hindsight is of course 20/20, and I intend no disrespect to anyone involved in these examples.
-
-### Example #1: Silk Road
-
-Consider how FBI investigators identified Ross Ulbricht as Silk Road's founder, later known as Dread Pirate Roberts. As explained in the [FBI complaint][3], he had promoted Silk Road on the [Shroomery Message Board][4] and [Bitcoin Forum][5] in January 2011, using the handle `altoid`. Silk Road had never before been mentioned on either site. The posts are still there, so you can follow the path yourself. In [Google Advanced Search][6], specify the exact phrase `silk road` and the site `bitcointalk.org`. Execute the search. Then click `Tools`, and look at custom date ranges around 2011, when Silk Road opened for business. For the range 7/1/2010-12/31/2010, the first result is [`A Heroin Store - Bitcointalk.org`][5]. Search the page for `silk road`, and you see [this post][7] from ShadowOfHarbringer, quoting altoid:
-
-> Has anyone seen Silk Road yet? It's kind of like an anonymous amazon.com. I don't think they have heroin on there, but they are selling other stuff. They basically use bitcoin and tor to broker anonymous transactions. It's at http://tydgccykixpbu6uz.onion. Those not familiar with Tor can go to silkroad420.wordpress.com for instructions on how to access the .onion site.
-
-Someone (presumably altoid) has deleted the actual post. Just quotes by ShadowOfHarbringer, sirius and FatherMcGruder remain. I'll say more about that, later. Here's a diagrammatic representation of the search process:
-
-![Venn diagram about finding altoid](/images-static/uploads/Venn-bitcointalk.org-Silk-Road.png)
-
-That alone wasn't a fatal error. I mean, who is altoid? But now look at [what else][8] altoid posted on Bitcoin Forum. In particular, look at his [last post][9], dated 11 October 2011: "I'm looking for the best and brightest IT pro in the bitcoin community to be the lead developer in a venture backed bitcoin startup company. ... If interested, please send your answers to the following questions to rossulbricht at gmail dot com". Whoops. Now the FBI had a link from Silk Road to Ross Ulbricht.
-
-![posts by altoid to bitcointalk.org](/images-static/uploads/altoid-posts.png)
-
-So how does someone accidentally link their meatspace email address to the development of Silk Road, a `Heroin Store`? I have no clue. Perhaps relevant is the fact that he registered the new account [`silkroad`][10] on 28 February 2011. He subsequently used the `silkroad` account for [Silk Road][11] matters, and the `altoid` account for general Bitcoin ones. I'm guessing that it was sometime in Spring 2011 that he deleted his post about Silk Road in the `altoid` account. But somehow, he didn't notice that others had quoted it. The `silkroad` account was last active on 25 August 2011, about six weeks before the fateful `IT pro` post by the `altoid` account. Maybe he just forgot which account had posted what.
-
-The timeline of the FBI investigation isn't clear from the [complaint][3], but another key win was finding the server. That was far too easy. Agents testified that the server [leaked it's actual IP address][12], bypassing Tor. It seems that they read about the leak on [reddit][13]. They don't say exactly how they forced the leak, but I suspect that it involved a web server misconfiguration like [this][14]. At the FBI's request, Reykjavik police provided access to the server. And the FBI imaged the disk.
-
-That was a seriously boneheaded mistake. I mean, it was clear by 2012 that Tor onion servers should not have public IP addresses. I recall seeing a guide about that in 2010-2011, either on The Hidden Wiki or Freedom Hosting. But anyway, bad as it was for the FBI to have that data, how did they figure out that Dread Pirate Roberts was Ross Ulbricht? Other than the altoid screwup, I mean. Well, the [complaint][3] alleges that the server's ~/.ssh/authorized_keys file contained a public SSH key with user `frosty@frosty`. So apparently, the FBI googled for stuff like `frosty tor`. And bam, they found [this 2013-03-16 post by frosty on Stack Overflow][15]. That's still on the first results page. Also, the PHP code in that question is reportedly similar to what FBI investigators found on the server. And being the FBI, it wasn't hard for them to learn that Ross Ulbricht owned the account (with email `frosty@frosty.com`). Now they had <u>two independent links</u> from Silk Road to Ross Ulbricht.
-
-And there was a third link. Ross had apparently ordered fake IDs from Silk Road. But DHS opened the package, and dropped by to [question him][16]. He denied responsibility, and noted that anyone could have bought the fake IDs on Silk Road, and had them sent to him. That seems reasonable, no? I mean, a Ukrainian hacker did have heroin sent to [Brian Krebs][17], and then had him swatted. But whatever. `Silk Road` went into the DHS agent's report, and that eventually came back to bite Ross.
-
-OK, so promoting your illegal darkweb site online is fine. And asking questions online about that site is also fine. But you want to be as anonymous as possible when you're doing that stuff. And posting your meatspace Gmail address, or using a forum account registered with that address, is <u>not</u> anonymous. Ross was also [careless][18] in other ways about linking Silk Road to himself. If he had <u>always</u> worked through Tor (or better, hit Tor through a [nested VPN chain][19]) and had used pseudonyms to register with Stack Overflow and Bitcoin Forum, he might be a free man today. If you want to read more about Ross Ulbricht, [the grugq][20] has published a comprehensive (albeit dated) analysis. There are also decent articles in [Wired][13] and [Motherboard][21], and [Gwern's analysis][22].
-
-But wait. There's another level of pwnage to explore. Maybe it's simplistic to say that Ross Ulbricht **is** Dread Pirate Roberts (DPR). His attorneys argued that he was [just a pawn][23], and that the real Dread Pirate Roberts was his mentor [Variety Jones aka Cimon][24]. For example, they presented evidence that [someone was accessing][25] the DPR account on the Silk Road forum for six weeks after Ross Ulbricht had been taken into custody. Plus voluminous chat logs between Ross Ulbricht, Variety Jones and others. It's an interesting story, full of [intrigue and drama][26], involving rogue FBI agents and so on. But here's the relevant lesson: according to the complaint, Roger Thomas Clark was [identified][27] as Variety Jones "through an image of his passport stored on Ulbricht's computer". That is, "the Silk Road administrator insisted on his employees revealing their identities to him, though he promised to keep the copies of their identifying documents encrypted on his hard drive." So maybe Variety Jones wasn't a perfect mentor, notwithstanding his vision of a private digital economy. Still, he's for sure [no pushover][28].
-
-If you're interested in reading Variety Jones' stuff from Silk Road Forums, the archives are [here][29], and in more usable form, [here][30]. I gather that there's also a lot in the chat logs that Ross Ulbricht retained. But I haven't found a coherent standalone collection. For background, see Andrew Goldman's [`The Common Economic Protocols`][31] and [`Toward A Private Digital Economy`][32].
-
-### Example #2: KickassTorrents
-
-Consider [KickassTorrents][33]. Artem Vaulin registered one of the associated domains (kickasstorrents.biz) <u>using his real name</u>. That's basically the same error that Ross Ulbricht made with Stack Overflow, but it's far more egregious here, because of the direct association. Also, logs from Apple and Facebook linked his personal Apple email address to the site's Facebook page. That was another failure to compartmentalize his real identity from his illegal enterprise. But for those mistakes, KickassTorrents would likely be serving its users, and we would have likely never heard of Artem Vaulin.
-
-### Example #3: The Love Zone
-
-Failure to compartmentalize also brought down [The Love Zone][34] and many of its users. Admin Shannon McCoole (skee) reportedly began his posts with the unusual greeting `Hiyas` (perhaps from Tagalog). That's strange, but so what? Well, it seems that investigators unoriginally googled for `skee hiyas`, and found posts on various online forums by similarly named users, who used the same unusual greeting. On one of those forums, such a user had sought information about 4WD lift kits. So investigators then restricted their searches with suggested SKUs. And that led them to his Facebook page, where he had bragged about his vehicle. There, they also learned that he worked as a nanny. Busted.
-
-OK, so it's outstanding that they tracked him down. But even better, his mistakes are instructive. It's much like the compartmentalization failure that pwned Ross Ulbricht. That is, Shannon McCoole linked his pedophile and meatspace personas through two factors: 1) similar usernames; and 2) unusual greeting. However, he apparently did successfully obscure his site's IP address. So arguably, if he had used a distinct username and style (at least, a different greeting) on each online forum, he could have avoided arrest.
-
-### Example #4: Sabu de LulzSec
-
-Sabu's downfall clearly illustrates the roles of intentionality, trust and time. Sabu (Hector Xavier Monsegur) was born in 1983, and started hacking in his [early teens][35]. He reportedly hung out on EFnet IRC chat servers. Like most n00bs, was careless. At least once, he apparently [made the mistake][36] of logging in without obscuring his ISP-assigned IP address. And someone, perhaps the admin, was [retaining chat logs][37]. That's to be expected. But based on those logs, they could link his various IRC nicknames, over time.
-
-Years later, Sabu became famous through LulzSec. I gather that he was playing elite hacker to a crowd of script kiddies. That apparently offended some of his old [EFnet associates][38]. Plus the fact that LulzSec was causing trouble for them, professionally. And so they considered him a jerk, and eventually doxxed him.
-
-Before researching this, based on casual reading, I had assumed that Hector had just been careless about OPSEC. But no, it's not that Hector the LulzSec star was careless. It's that Hector had been careless, many years before, when he was just a kid, playing at being a hacker. And that mattered, years later, because old associates could link his past personas back to the present. Still, he could have been more mindful of that risk, and so compartmentalized his personas more carefully across time. I mean, this guy had been hacking stuff for well over a decade!
-
-![Aval0n logs about Sabu](/images-static/uploads/Aval0n-Logs.png)
-
-### Example #5: Sheep Marketplace
-
-It's arguable whether Tomáš Jiříkovský operated Sheep Marketplace, or merely provided hosting for the VPS that it ran on. But it's pretty clear that he stole 96000 BTC from it, and then [pwned himself][39] when he cashed out. The story is instructive, and it illustrates how pride and greed can lead to stupidity and pwnage. [Sheep Marketplace][40] was created in March 2013. It grew modestly after Silk Road was pwned in October 2013. But before long, Tomáš had been [doxxed][41] as the alleged owner. [Gwern Branwen][42] [bet][43] that Sheep Marketplace would be dead within the year. In a later paste, Gwern [alleged][44] that someone had alerted the FBI that Tomáš had complained on sheepmarketplace.com in 2013 `about the problems of running a Bitcoin-using hidden service`. ~~Also see [this paste][45], perhaps from Gwern's source.~~ Anyway, Sheep Marketplace had started as a clearnet site, and then migrated quite obviously to Tor. And it was dead in far less than a year. Sheep Marketplace [shut down][46] less than two months later, on 03 December 2013, after claims of hacking and Bitcoin theft. But it's more than a little suspicious that the Bitcoin price jumped from $200 to $1000 during November 2013. If one had been planning to take the money and run, that was arguably a good time.
-
-In a vain attempt to recover lost Bitcoins, or at least to identify the thief, some redditors [tracked suspicious Bitcoin][47] through the [blockchain][48]. Although the thief apparently [used Bitcoin Fog][49] for obfuscation, 96000 Bitcoin predictably overwhelmed the mixer. So the stolen Bitcoin was traced to a wallet owned by BTC-e, a digital currency exchange. But there, the trail went dead. The BTC-e wallet identified by redditors was used generally in BTC-e operations. So it seemed likely that the thief had already cashed out. However, in contrast to the Bitcoin blockchain, BTC-e's financial operations are [anything but public][50]. And now, the US has [taken it down, and arrested one Alexander Vinnik][51]. Allegations include money laundering and facilitation of criminal activity, such as ransomware and theft from Mt Gox. But maybe BTC-e [isn't yet entirely dead][52].
-
-Anyway, in an [08 December interview][53] in the Czech Republic's major newspaper, Tomáš disavowed any role in Sheep Marketplace. However, by January 2014, Tomáš had been [arrested][39]:
-
-> Last year in January, a new bank account of 26-years old Eva Bartošová had a payment, that made Air Bank (Czech Bank) safety controls flash (an idiom). Almost 900 thousand Crowns from a foreign company that exchanges virtual bitcoins into real money.
-
-> The young woman could not credibly explain to the bank officers the source of the money. Only additional investigation revealed that millions already went using this road. And that behind it was a certain Tomáš Jiřikovský, that was connected by amateur internet investigators with stealing money from web marketplace Sheep Marketplace, where people traded in large numbers with the bitcoin currecy. The damage was described by the operators of the marketplace as more than 100 million.
-
-> ...
-
-> The officers of Ministry of Finance's Financial Analytical Office, that are detecting suspicious transactions, mapped how the Jiřikovský's money travelled. They first left from the abroad company Bitstamp Limited, that is selling and buying bitcoins. The millions then arrived with several transactions either on the account of Jiřikovský and Bartošová, or on the account of the real estate company and the lawyer that worked on the house sale. Part of the money went to the original owner of the house, another part of the money went on her bank as one-time payment of a mortgage.
-
-I'm guessing that Tomáš must have somehow transferred the money from BTC-e to Bitstamp. It didn't help, however. Overall, this was a mind-boggling fail.
-
-### Example #6: Operation Onymous
-
-In November 2014, hundreds of onion sites went down in [Operation Onymous][54], an international effort involving the FBI and Europol. One of them was [Silk Road 2.0][55] aka SR2. The scale of the operation was astounding. Nik Cubrilovic [speculated][56] that investigators had 'simply vacuumed up a large number of onion websites by targeting specific hosting companies.' But those who followed Tor carefully suspected a different sort of vacuuming. In July 2014, CMU researchers had canceled a [Black Hat talk][57] about 'how hundreds of thousands of Tor clients, along with thousands of hidden services, could be de-anonymised within a couple of months.'. And a few days later, Roger Dingledine had [posted][58] about a 'relay early' traffic confirmation attack which had occurred in recent months: 'So in summary, when Tor clients contacted an attacking relay in its role as a Hidden Service Directory to publish or retrieve a hidden service descriptor (steps 2 and 3 on the hidden service protocol diagrams), that relay would send the hidden service name (encoded as a pattern of relay and relay-early cells) back down the circuit. Other attacking relays, when they get chosen for the first hop of a circuit, would look for inbound relay-early cells (since nobody else sends them) and would thus learn which clients requested information about a hidden service.' Yes, vacuuming.
-
-Those suspicions were confirmed in January 2015, after SR2 admin Brian Farrell was [arrested][59]. The [affidavit][60] stated: 'From January 2014 to July 2014, a FBI NY Source of Information (SOI) provided reliable IP addresses for TOR and hidden services such as SR2...'. And a year later, CMU's role was [confirmed][61]: "The record demonstrates that the defendant's IP address was identified by the Software Engineering Institute ('SEI') of Carnegie Mellon University (CMU) [_sic_] when SEI was conducting research on the Tor network which was funded by the Department of Defense ('DOD')." So how did the FBI know about results of DoD-funded research by CMU? The FBI says: "For that specific question, I would ask them [Carnegie Mellon University]. If that information will be released at all, it will probably be released from them." Perhaps this was a failed attempt at [parallel construction][2].
-
-### Example #7: AlphaBay
-
-This is an especially sad example. AlphaBay became one of the largest third-generation dark markets after Silk Road got pwned. For about two years. Until the US took it down in July 2017, and arrested suspected co-founder Alexandre Cazes. As with my other examples, he had allegedly made a [stupid mistake][62]. He allegedly "included his personal email address in one of the site's welcome messages". I'm not sure which is more surprising, that he did that, or that it took investigators that long to find the clue. But the saddest part is that he reportedly [killed himself][63] after being arrested.
-
-### Example #8: Brian Krebs' Blog
-
-No, [Brian Krebs][64] has **not** been pwned for something delicious. But doxxing 'cybercriminals' **is** one of his perennially popular topics. And you will find [many examples][65] of compartmentalization failure. Such as these:
-
-  * [Who Is the Antidetect Author?][66]
-  * [Who Hacked Ashley Madison?][67]
-  * [Who is Anna-Senpai, the Mirai Worm Author?][68]
-  * [Who Ran Leakedsource.com?][69]
-  * [Four Men Charged With Hacking 500M Yahoo Accounts][70]
-
- [1]: https://www.schneier.com/tag/de-anonymization/
- [2]: https://www.reuters.com/article/us-dea-sod-idUSBRE97409R20130805
- [3]: https://www.documentcloud.org/documents/801103-172770276-ulbricht-criminal-complaint.html
- [4]: https://www.shroomery.org/forums/showflat.php/Number/13860995
- [5]: https://bitcointalk.org/index.php?topic=175.70
- [6]: https://www.google.com/advanced_search
- [7]: https://bitcointalk.org/index.php?topic=175.msg42670#msg42670
- [8]: https://bitcointalk.org/index.php?action=profile;u=3905;sa=showPosts;start=0
- [9]: https://bitcointalk.org/index.php?topic=47811.msg568744#msg568744
- [10]: https://bitcointalk.org/index.php?action=profile;u=5341
- [11]: https://bitcointalk.org/index.php?action=profile;u=5341;sa=showPosts
- [12]: https://www.wired.com/2014/09/the-fbi-finally-says-how-it-legally-pinpointed-silk-roads-server/
- [13]: https://www.wired.com/2015/05/silk-road-untold-story/
- [14]: https://thehackernews.com/2016/02/apache-tor-service-unmask.html
- [15]: https://stackoverflow.com/questions/15445285/how-can-i-connect-to-a-tor-hidden-service-using-curl-in-php
- [16]: https://arstechnica.com/tech-policy/2013/10/how-the-feds-took-down-the-dread-pirate-roberts/
- [17]: https://www.vice.com/en_us/article/i-interviewed-the-fraudster-who-frames-people-for-heroin-possession
- [18]: https://www.theguardian.com/technology/2013/oct/03/five-stupid-things-dread-pirate-roberts-did-to-get-arrested
- [19]: /privacy-guides/advanced-privacy-and-anonymity-part-1/
- [20]: https://grugq.github.io/blog/2013/10/09/it-was-dpr/
- [21]: https://motherboard.vice.com/en_us/article/the-five-hidden-service-commandments
- [22]: https://www.gwern.net/Silk%20Road
- [23]: https://www.wired.com/2015/02/ross-ulbricht-didnt-create-silk-roads-dread-pirate-roberts-guy/
- [24]: https://motherboard.vice.com/en_us/article/these-are-the-two-forgotten-architects-of-the-silk-road
- [25]: https://motherboard.vice.com/en_us/article/someone-accessed-dread-pirate-roberts-silk-road-operators-account-while-ross-ulbricht-was-in-jail
- [26]: https://motherboard.vice.com/en_us/article/variety-jones-a-corrupt-fbi-agent-is-hunting-me-so-im-turning-myself-in
- [27]: https://www.wired.com/2015/12/variety-jones-alleged-silk-road-mentor-arrested-in-thailand/
- [28]: https://arstechnica.com/tech-policy/2016/09/exclusive-our-thai-prison-interview-with-an-alleged-top-advisor-to-silk-road/
- [29]: https://archive.org/download/dnmarchives
- [30]: https://antilop.cc/sr/
- [31]: https://www.anarplex.net/hosted/files/TheCommonEconomicProtocols.pdf
- [32]: https://www.anarplex.net/hosted/files/Toward_A_Private_Digital_Economy/
- [33]: https://www.engadget.com/2016/07/21/kickasstorrents-apple-facebook-homeland-security/
- [34]: https://www.theguardian.com/society/2016/jul/13/shining-a-light-on-the-dark-web-how-the-police-ended-up-running-a-paedophile-site
- [35]: https://web.archive.org/web/20201114055349/https://kernelmag.dailydot.com/issue-sections/headline-story/13945/sabu-hector-monsegur-interview/
- [36]: https://www.theregister.co.uk/2012/03/07/lulzsec_takedown_analysis/
- [37]: https://sites.google.com/site/avalonlogsefnet/
- [38]: https://arstechnica.com/tech-policy/2012/03/doxed-how-sabu-was-outed-by-former-anons-long-before-his-arrest/
- [39]: https://web.archive.org/web/20170621171706/https://www.deepdotweb.com/2015/03/27/breaking-sheep-marketplace-owner-arrested/
- [40]: https://en.wikipedia.org/wiki/Sheep_Marketplace
- [41]: https://www.reddit.com/r/SheepMarketplace/comments/1nsmzx/a_friendly_warning_sheepmarketplacecoms_owner/
- [42]: https://www.gwern.net/index
- [43]: https://www.reddit.com/r/SilkRoad/comments/1pko9y/the_bet_bmr_and_sheep_to_die_in_a_year/
- [44]: https://web.archive.org/web/20161020000638/http://pastebin.com/raw/9spTATw6
- [45]: http://pastebin.com/raw/ZFS1Jdmn
- [46]: https://www.theguardian.com/technology/2013/dec/03/online-drugs-marketplace-shut-down-bitcoin-hack-sheep
- [47]: https://www.theguardian.com/technology/2013/dec/09/recovering-stolen-bitcoin-sheep-marketplace-trading-digital-currency-money
- [48]: https://www.reddit.com/r/SheepMarketplace/comments/1t0ueq/sheep_marketplace_scam_scheme_figured_out_scammer/
- [49]: https://www.reddit.com/r/SheepMarketplace/comments/1rvlft/i_just_chased_him_through_a_bitcoin_tumbler_and/
- [50]: https://web.archive.org/web/20180925093132/http://invezz.com/analysis/forex/147-btc-e-anonymity-reigns-at-worlds-second-largest-bitcoin-exchange
- [51]: https://www.theverge.com/2017/7/29/16060344/btce-bitcoin-exchange-takedown-mt-gox-theft-law-enforcement
- [52]: https://www.coindesk.com/troubled-btc-e-exchange-claims-control-of-databases-and-bitcoin-wallets/
- [53]: http://byznys.lidovky.cz/obral-drogove-dealery-o-miliony-cech-jsem-nevinny-brani-se-programator-1md-/firmy-trhy.aspx?c=A131206_112108_firmy-trhy_mev
- [54]: https://motherboard.vice.com/en_us/article/the-fbis-deep-web-raid-seized-a-bunch-of-fake-sites
- [55]: https://motherboard.vice.com/en_us/article/silk-road-2-has-been-seized-by-the-fbi
- [56]: https://web.archive.org/web/20150330194839/https://www.nikcub.com/posts/onymous-part1/
- [57]: https://www.theregister.co.uk/2014/07/22/legal_wrecking_balls_break_budget_tor_popping_talk/
- [58]: https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack
- [59]: https://arstechnica.com/tech-policy/2015/01/alleged-right-hand-man-to-silk-road-2-0-leader-arrested-in-seattle/
- [60]: https://arstechnica.com/tech-policy/2015/01/did-feds-mount-a-sustained-attack-on-tor-to-decloak-crime-suspects/
- [61]: https://motherboard.vice.com/en_us/article/carnegie-mellon-university-attacked-tor-was-subpoenaed-by-feds
- [62]: https://motherboard.vice.com/en_us/article/8xa7mz/europol-head-tells-us-about-its-dark-web-market-sting
- [63]: http://www.brisbanetimes.com.au/world/alphabay-suspected-cofounder-alexandre-cazes-found-dead-in-thai-jail-20170715-gxburv.html
- [64]: https://krebsonsecurity.com/
- [65]: https://krebsonsecurity.com/category/breadcrumbs/
- [66]: https://krebsonsecurity.com/2015/03/who-is-the-antidetect-author/
- [67]: https://krebsonsecurity.com/2015/08/who-hacked-ashley-madison/
- [68]: https://krebsonsecurity.com/2017/01/who-is-anna-senpai-the-mirai-worm-author/
- [69]: https://krebsonsecurity.com/2017/02/who-ran-leakedsource-com/
- [70]: https://krebsonsecurity.com/2017/03/four-men-charged-with-hacking-500m-yahoo-accounts/
diff --git a/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3.md b/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3.md
deleted file mode 100644
index 5018d60c9..000000000
--- a/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3.md
+++ /dev/null
@@ -1,199 +0,0 @@
----
-title: 'Online Privacy Through OPSEC and Compartmentalization: Part 3'
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-3/
-section: Advanced
-weight: 110
-articles: [
-  {
-    title: "Online Privacy Through OPSEC and Compartmentalization: Part 4",
-    url: "/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4/"
-  }
-]
-date: 2017-09-05T11:59:24+00:00
-layout: guides-details
----
-## Online Privacy Through OPSEC with Compartmentalization Among Multiple Personas
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/OPSEC-Cycle05_01-light.png"
-        srcset="/images-static/uploads/OPSEC-Cycle05_01-light.png 1x, /images-static/uploads/OPSEC-Cycle05_01-light@2x.png 2x"
-        alt="The OPSEC Cycle" />
-    <img class="features__image--dark" src="/images-static/uploads/OPSEC-Cycle05_01-dark.png"
-        srcset="/images-static/uploads/OPSEC-Cycle05_01-dark.png 1x, /images-static/uploads/OPSEC-Cycle05_01-dark@2x.png 2x"
-        alt="The OPSEC Cycle" />
-</figure>
-{{< / raw-html >}}
-
-Common themes in these examples are poor planning, wishful thinking, and carelessness. Given the advantage of hindsight, it's clear that these people were not paying enough attention. They weren't planning ahead, and thinking things through. That is, their Operations Security (OPSEC) was horrible. Basically, OPSEC is just common sense. But it's common sense that's organized into a structured process. An authoritative source is arguably the [DoD Operations Security (OPSEC) Program Manual][1]. OPSEC Professionals also has a [slide deck][2], which is comprehensive and well-presented, but somewhat campy. It points out that the OPSEC "5-Step Process" is more accurately described as a continuous cycle of identification [of information that must be secured], analysis [of threats, vulnerabilities and risks] and remediation. That is, OPSEC is a way of being. For a hacker perspective, I recommend the grugq's classic [OPSEC for hackers][3]. Also great are follow-on interviews in [Blogs of War][4] and [Privacy PC][5].
-
-Another great source is [73 Rules of Spycraft][6] by Allen Dulles. Also see the original article about them by James Srodes, from the [Intelligencer][8]. Allen Dulles played a key intelligence role against Germany during WWII, and then in the Cold War, as the first civilian Director of Central Intelligence. He's rather controversial, especially regarding his role in the Bay of Pigs fiasco, and perhaps the JFK assassination. David Talbot wrote a biography, *The Devil's Chessboard*. And later [opined][10]: "I think that you can make a case, although I didn't explicitly say this in the book, for Allen Dulles being a psychopath." The CIA [predictably disagreed][11], albeit rather politely. But noted progressive Joseph Palermo [fundamentally agreed][12] with Talbot's assessment: "The Devil's Chessboard is quite simply the best single volume I've come across that details the morally bankrupt and cynical rise of an activist intelligence apparatus in this country that was not only capable of intervening clandestinely in the internal affairs of other nations but domestically too." Be that as it may, Allen Dulles had some excellent insights about OPSEC. At least, if you ignore the parts about managing human "assets".
-
-### Identification of Critical Information, Analysis of Threats, and Identification of Vulnerabilities
-
-The first step is the identification of information that must be secured. See the [DoD OPSEC manual][1] at p. 12. For our purposes, critical information fundamentally comprises one's meatspace identity and location. Also critical are public indicators associated with them. For example, consider Ross Ulbricht. FBI investigators pieced together his posts as altoid on Bitcoin Forum to associate Silk Road with <rossulbricht@gmail.com>. They also pieced together frosty@frosty's SSH key on the Silk Road server with the frosty <frosty@frosty.com> account on Stack Overflow, which he had initially registered as Ross Ulbricht. That is, the indicators were `altoid` and `frosty`. Or consider Shannon McCoole. Investigators pieced together posts on The Love Zone and 4WD forums, using his username (~skee) and his characteristic greeting (hiyas). Then they found his personal Facebook page, by searching for SKUs of particular 4WD lift kits that he had posted about. So for him, the indicators were `skee`, `hiyas`, and the SKUs. For Sabu, an IRC admin pieced together his various nicknames, over time, to link his current nickname/persona with his meatspace identity, which had been revealed years before.
-
-The next steps are analysis of threats, and identification of vulnerabilities. From the [DoD OPSEC manual][1] at p. 13:
-
-> The threat analysis includes identifying potential adversaries and their associated capabilities and intentions to collect, analyze, and exploit critical information and indicators.
-
-Wherever adversaries can collect and effectively exploit critical information and/or indicators, there are vulnerabilities. So who are your adversaries? And what are their capabilities? Anyone interested in you, with goals that you reject and fear, is an adversary. You probably have some sense of who they are, what they want, and what they can do. But what matters? In an [interview][13] with Micah Lee, Edward Snowden observed:
-
-> Almost every principle of operating security is to think about vulnerability. Think about what the risks of compromise are and how to mitigate them. In every step, in every action, in every point involved, in every point of decision, you have to stop and reflect and think, "What would be the impact if my adversary were aware of my activities?" If that impact is something that's not survivable, either you have to change or refrain from that activity, you have to mitigate that through some kind of tools or system to protect the information and reduce the risk of compromise, or ultimately, you have to accept the risk of discovery and have a plan to mitigate the response. Because sometimes you can't always keep something secret, but you can plan your response.
-
-Anyway, none of that is possible without plans. Or at least, it's impossible without some sense of what one's plans will be. As Allen Dulles [noted][6]:
-
-> 52. Never set a thing really going, whether it be big or small, before you see it in its details. Do not count on luck. Or only on bad luck.
-
-This is arguably a central theme in all of my pwnage examples. When one is just playing around, with no real plans, or not even a clear sense of what one might plan, one may not worry enough about protecting one's identity. And after one gets serious, and the stakes get higher, one may forget about just how lax one's OPSEC was. So do plan ahead, and think things through.
-
-The final steps are risk assessment, and identification of countermeasures. From the [DoD OPSEC manual][1] at p. 13:
-
-> The risk assessment is the process of evaluating the risks to information based on susceptibility to intelligence collection and the anticipated severity of loss. It involves assessing the adversary's ability to exploit vulnerabilities that would lead to the exposure of critical information and the potential impact it would have on the mission. Determining the level of risk is a key element of the OPSEC process and provides justification for the use of countermeasures. Once the amount of risk is determined, consider cost, time, and effort of implementing OPSEC countermeasures to mitigate risk.
-
-![impact vs likelihood example](/images-static/uploads/Probability_and_Impact_Matrix.png)
-
-That is, risks are characterized by their likelihood aka probability, and their potential impact. To help prioritize risks and identify countermeasures, it's common to visualize them, plotting probability vs impact. From [Mind Tools][14]:
-
-> The corners of the chart have these characteristics:
-> 
->   * **Low impact/low probability** – Risks in the bottom left corner are low level, and you can often ignore them.
->   * **Low impact/high probability** – Risks in the top left corner are of moderate importance – if these things happen, you can cope with them and move on. However, you should try to reduce the likelihood that they'll occur.
->   * **High impact/low probability** – Risks in the bottom right corner are of high importance if they do occur, but they're very unlikely to happen. For these, however, you should do what you can to reduce the impact they'll have if they do occur, and you should have contingency plans in place just in case they do.
->   * **High impact/high probability** – Risks towards the top right corner are of critical importance. These are your top priorities, and are risks that you must pay close attention to.
-
-High-impact/low-probability risks are [highly problematic][15]:
-
-> [I]t may often be easier to characterise the impact of an event than its likelihood, such as the impact of your wallet being stolen against working out the numerical likelihood of it happening. ... People are often unwilling to give credence to improbable notions specifically because their professional or social community consider them too improbable. ... In addition, if a problem is thought too complex, there is the danger that organizations will simply ignore it. ... More generally, there is often a <u>lack of imagination</u> when considering high impact low probability risks. [emphasis added]
-
-The US National Security Agency (NSA) arguably poses an existentially high-impact/low-probability risk for virtually everyone. That may seem too improbable, but it's certainly existential, and so worth discussion. But do keep in mind Allen Dulles' [rule 72][6]:
-
-> If anything, overestimate the opposition. Certainly never underestimate it. But do not let that lead to nervousness or lack of confidence. Don't get rattled, and know that with hard work, calmness, and by never irrevocably compromising yourself, you can always, always best them.
-
-### Is the NSA Your Adversary? Consider the Risks of Data Sharing and Parallel Construction
-
-The NSA is responsible for military signals intelligence (SIGINT). Initially, it was known (at least jokingly) as ['No Such Agency'][16], the stuff of conspiracy theories. For obvious reasons, its capabilities and activities are largely classified. We know about them primarily from [James Bamford's books][17], from such [whistleblowers][18] as Bill Binney, Kirk Wiebe and Thomas Drake, and from materials leaked by [Edward Snowden][19] and [The Shadow Brokers][20]. So our understanding is limited. But even so, the NSA's capabilities are [mind-boggling][21]. More links about NSA are [here][22].
-
-The NSA is a global active adversary. That is, it can (in principle, anyway) intercept, modify and trace all Internet traffic. It has a global grid of computers that intercept data from the Internet, store it, process it, and make it available to analysts. Using intercepts from network edges, it can employ traffic analysis to de-anonymize any persistent low-latency connection, no matter how much it's been rerouted. And it can arguably compromise any networked device, and exploit it to get additional information. Also, it actively targets [system administrators][23], in order to access to networks that they administer.
-
-However, while the NSA arguably intercepts everyone's online activity, it can't collect it all in a single location, because that would require implausibly fat pipes and humongous storage. And it can't de-anonymize all low-latency connections, because that would require implausible processing power. But analysts can operate in parallel on all grid components, and receive results for local analysis. Data of interest gets moved to centralized long-term storage. But even the NSA can't store all intercept data indefinitely. So its systems prioritize, and then triage. Data that seems more important is retained longer. But all metadata (time, IP addresses, headers, and so on) are retained indefinitely. And so are data that seem most important. That reportedly includes all encrypted data (but not all HTTPS, I suspect) that could not be decrypted (plus associated unencrypted metadata).
-
-The good news is that the NSA's charge is national security, and that you are most likely far too insignificant to warrant its attention. However, it's important to note that the NSA does retain and search data on [American residents][24]. Also see [this excellent article][25], and the declassified [Memorandum Opinion and Order][26] from the FISA Court. This is supposedly accidental, or incidental, or unavoidable, or something like that. And the FISA Court says to stop. Not that it matters much to the rest of us.
-
-But anyway, who else has access to all this data? Well, we know that the NSA shares with intelligence agencies of [US allies][27]. And also gets data collected by them. There are at least three groups of such allies:
-
-  * Five Eyes (Australia, Canada, New Zealand, the United Kingdom and the United States)
-  * Nine Eyes (Five Eyes plus Denmark, France, the Netherlands, and Norway)
-  * Fourteen Eyes (Nine Eyes plus Germany, Belgium, Italy, Spain, and Sweden)
-
-![The rules of SOD](/images-static/uploads/sod.jpeg)
-
-We also know that the NSA shares data with numerous US [law-enforcement agencies][28] [2013], including the DEA, DHS, FBI and IRS:
-
-> A secretive U.S. Drug Enforcement Administration unit is funneling information from intelligence intercepts, wiretaps, informants and a massive database of telephone records to authorities across the nation to help them launch criminal investigations of Americans.
-
-> Although these cases rarely involve national security issues, documents reviewed by Reuters show that law enforcement agents have been directed to conceal how such investigations truly begin - not only from defense lawyers but also sometimes from prosecutors and judges.
-
-> The undated documents show that federal agents are trained to "recreate" the investigative trail to effectively cover up where the information originated, a practice that some experts say violates a defendant's Constitutional right to a fair trial. If defendants don't know how an investigation began, they cannot know to ask to review potential sources of exculpatory evidence - information that could reveal entrapment, mistakes or biased witnesses.
-
-> ...
-
-> The unit of the DEA that distributes the information is called the Special Operations Division, or SOD. Two dozen partner agencies comprise the unit, including the FBI, CIA, NSA, Internal Revenue Service and the Department of Homeland Security. It was created in 1994 to combat Latin American drug cartels and has grown from several dozen employees to several hundred.
-
-> Today, much of the SOD's work is classified, and officials asked that its precise location in Virginia not be revealed. The documents reviewed by Reuters are marked "Law Enforcement Sensitive", a government categorization that is meant to keep them confidential.
-
-> "Remember that the utilization of SOD cannot be revealed or discussed in any investigative function", a document presented to agents reads. The document specifically directs agents to omit the SOD's involvement from investigative reports, affidavits, discussions with prosecutors and courtroom testimony. Agents are instructed to then use "normal investigative techniques to recreate the information provided by SOD". [emphasis added]
-
-This is termed `parallel construction`. Reportedly, it's long been a standard approach for protecting sources and investigative methods. Such as [confidential informants][29]. But the scale here is vastly larger. And the practice is arguably [unconstitutional][30] (not to mention, that it entails criminal conspiracy to suborn perjury).
-
-But these are just nonspecific allegations, based on leaked documents and whistleblowers. Is there actually any unambiguous evidence that criminal prosecutions have secretly relied on NSA intercepts? I find **nothing** online. However, there is an excellent panel discussion from August 2015 at the DEA Museum website, involving former SOD directors and staff, about [SOD history][31]. John Wallace was very candid about the motivation to circumvent post-Watergate policies, which had been implemented to prevent warrantless `electronic surveillance and eavesdropping on American citizens`:
-
-> 00:18:20 Well, we - we got to step back, and I got to give you some historical context. Remember, when we're talking now, the early ‘90s. This is at least 10 years before 9/11, uh, and, so, we had two problems. ...
-
-> 00:18:50 The other dynamic that Bobby mentioned was we had, uh, the - the cases in New York, uh, principally en - engaged against the - the Cali Cartel that were simply dying on the vine in New York. Um, on the other hand, we had elements of the intelligence community who said they had all of this great information, but nothing ever came of it. Um, and, again, 10 years before 9/11, the wall is up, it is absolutely prohibited for, uh, anybody on the Intelligence side of the house, uh, to talk to somebody with a criminal investigative, uh, responsibility.
-
-![Enemy of the State (1998)](/images-static/uploads/enemy-of-the-state.jpg)
-
-> 00:20:00 I was fortunate to be in a group of about four or five people, including the Attorney General, Bob Mueller was the Chief of the Criminal Division. Um, uh, uh, a true heroine in all of this was Mary Lee Warren who, at that time, uh, had the narcotics section. Uh, and, so, after meeting with Bobby's small group, <u>we got together with the senior leadership of CIA, the senior leadership of NSA, and the senior leadership of the Department, uh, of Justice, and began to work these two problems.</u> [emphasis added]
-
-> 00:20:35 The first problem being: How do we engage with the Intelligence community without compromising their sensitive sources and methods, their equities, without violating this - this wall arrangement; at the same time, breed [_sic_] life into Bill Mockler's investigations in New York, and get the U.S. Attorneys all on the same sheet of music with regard to prosecuting these national level investigations that - that Bobby was trying to put together.
-
-> 00:22:13 We don't want to have to turn this stuff over in the course of discovery. On the same, uh, token though, the - we've got to make sure that the defendants' rights to full and free discovery are completely observed. [huh?] We don't want, uh, for example, CIA officers on the witness stand. Um, and - and those were some of the issues that we had to come up with creative solutions. Uh, and - and on occasion, uh, it, uh, it meant we're - the solution we come at is going to be less than perfect, you know, because we want to, uh, to stay away from some of these electrified third rails on the legal side of the house.
-
-And from Michael Horn:
-
-> 00:47:31 Well, first, we - when we discussed this coordination between the Intelligence and the Operations Divisions, um, Joe referred to this - it - _it was really the mantra at SOD, SOD takes no credit_. We - we wanted to make sure the SACs were comfortable with - with our role in - in their investigations, and sometimes they were not. Uh, but by - by stepping back when - _when these cases went down and - and assuring that any credit, any publicity, any photo ops, uh, were taken by the field, and SOD just stayed in the background_, that went a long way to assuaging some of the - the SAC's concerns. [emphasis added]
-
-SOD has apparently been part of numerous drug cases, including major operations against cartels, but only two are named. Joseph Keefe mentioned Mountain Express:
-
-> 00:51:06 A - a tremendous amount of cases. Every section that I had was fortunate they were all very productive. One that comes to mind ‘cause it involved DEA as a whole was Mount - a thing called Mountain Express. Mountain Express was back - well, Jack Riley was the ASAC.
-
-And Michael Horn mentioned two Zorro cases:
-
-> 00:53:56 Well, I guess the two Zorro cases were - which were two of the first national level cases, uh, come to mind. And, um, it - it was - again, as Joe mentioned, an incredible coordination a - among a lot of field offices. And, of course, the goal was to protect the wires that were going on. At this time, I think there were some wires going on in Los Angeles, and they were following loads to - across the country to New York. ...
-
-Even though SOD has allegedly played a major role in a `tremendous` number of cases since the early 90s, I find nothing online about the use of intelligence data, before the [Reuters exposé][28] in late 2013. Although some of the old drug cases are [featured][32] on the DOJ website, the use of parallel construction to hide use of intelligence data isn't mentioned. For obvious reasons. Less than a year before the Reuters exposé, there was no mention of SOD in Senate [debate][33] on extending the FISA Amendments Act of 2008 for five years. Without doubt, at least Senator Feinstein was aware of SOD. But again, the reasons for silence are obvious.
-
-Even since the Reuters exposé, I find nothing online about specific cases where investigators allegedly relied secretly on NSA intercepts, and engaged in parallel construction. No defense challenges. No court opinions. Not even anonymous allegations. There was a [federal ruling][34] in 2016, suppressing Stingray evidence that was obtained without a search warrant:
-
-> U.S. District Judge William Pauley in Manhattan on Tuesday ruled that defendant Raymond Lambis' rights were violated when the U.S. Drug Enforcement Administration used such a device without a warrant to find his Washington Heights apartment.
-
-> The DEA had used a stingray to identify Lambis' apartment as the most likely location of a cell phone identified during a drug-trafficking probe. Pauley said doing so constituted an unreasonable search.
-
-> "Absent a search warrant, the government may not turn a citizen's cell phone into a tracking device" Pauley wrote.
-
-And yet there's nothing online about the use of intelligence data in criminal cases. That's surprising, given likely concerns about constitutionality, and participation in criminal conspiracy to suborn perjury. You'd think that at least one investigator would have turned whistleblower. But then, the NSA has been _very_ careful about protecting sources and methods. I mean, consider 9/11. The NSA and CIA had allegedly [monitored][35] some of the plotters, but didn't manage to convince Secretary of State Condoleezza Rice to act. Whistleblowers [claim][36] that key results were "not disseminated outside of NSA". Basically, I gather that the NSA had compromised parts of al Qaeda's telephone network, and considered the intercepts too valuable to risk.
-
-According to New America's [Open Technology Institute][37]: "The NSA uses [Section 702] authority to surveil communications that go well beyond the national security purpose of the law." In recent years, it appears that the FBI has further [relaxed its rules][38] for accessing NSA data. And finally, one of President Obama's last acts was basically to [normalize and expand SOD][39], allowing cooperating federal agencies to directly search NSA data. Perhaps he wanted to facilitate investigation of [collusion of Russia and the Trump campaign][40].
-
-Bottom line, it's prudent to assume:
-
-  * The NSA intercepts all Internet data.
-  * All SOD partners (such as CIA, DEA, DHS, FBI and IRS) can access that data directly.
-  * The NSA shares data with US allies.
-  * Many (if not all) investigators in those countries can access NSA data.
-
-With that in mind, how might NSA data been used in my pwnage examples? There's been [speculation][41] that two aspects of the Silk Road investigation are implausible: 1) using Google to find altoid's posts on the Bitcoin Forum; and 2) discovery by DHS of fake IDs sent to Ross Ulbricht. The first claim is weak, given that one can easily replicate the search. But the second seems reasonable, given that relatively few Silk Road packages were intercepted. And given that DHS and FBI are SOD partners, FBI investigators searching for `Silk Road` would have seen Ross Ulbricht among the hits. It's also possible that the NSA tipped off the FBI about the Silk Road server, and how to find its IP address.
-
-OK, what else? Well, consider Operation Onymous. Perhaps the FBI might have known, from public sources, that DOD had funded research at CMU on Tor vulnerabilities. But how would the FBI have known that CMU researchers had identified numerous illegal Tor onion services, such as Silk Road 2.0? Perhaps they saw the announced Black Hat talk, subpoenaed the results, and imposed a protective order. But in that case, why did the FBI enigmatically refer questions about Silk Road 2.0 to CMU? Evasiveness creates suspicion. Especially because this was a drug case, and the role of SOD is always hidden through [parallel construction][28].
-
- [1]: https://web.archive.org/web/20171009123733/https://www.OPSECprofessionals.org/official/081103_DOD_OPSEC_Manual.pdf
- [2]: https://web.archive.org/web/20160327105648/http://www.opsecprofessionals.org/training/OPSEC_Training.pdf
- [3]: https://www.slideshare.net/grugq/OPSEC-for-hackers
- [4]: http://blogsofwar.com/hacker-OPSEC-with-the-grugq/
- [5]: http://privacy-pc.com/articles/hackers-guide-to-stay-out-of-jail-opsec-for-freedom-fighters.html
- [6]: https://blog.cyberwar.nl/2016/02/some-elements-of-intelligence-work-73-rules-of-spycraft-allen-dulles-1960s/
- [8]: http://www.afio.com/22_intelligencer.htm
- [10]: http://www.motherjones.com/media/2015/10/book-review-devils-chessboard-david-talbot
- [11]: https://web.archive.org/web/20200717231747/https://www.cia.gov/library/center-for-the-study-of-intelligence/csi-publications/csi-studies/studies/vol-60-no-3/seeger-the-devils-chessboard.html
- [12]: http://www.huffingtonpost.com/joseph-a-palermo/the-devils-chessboard-all_b_8959302.html
- [13]: https://theintercept.com/2015/11/12/edward-snowden-explains-how-to-reclaim-your-privacy/
- [14]: https://www.mindtools.com/pages/article/newPPM_78.htm
- [15]: http://www.bristol.ac.uk/media-library/sites/eng-systems-centre/migrated/documents/blackett-review.pdf
- [16]: http://www.saturdayeveningpost.com/2014/04/17/culture/politics/a-brief-history-of-the-nsa.html
- [17]: https://en.wikipedia.org/wiki/James_Bamford
- [18]: https://standupfortruth.org/whistleblower-and-supporter-bios
- [19]: https://en.wikipedia.org/wiki/Edward_Snowden
- [20]: https://en.wikipedia.org/wiki/The_Shadow_Brokers
- [21]: https://www.lightbluetouchpaper.org/2015/05/02/meeting-snowden-in-princeton/
- [22]: http://www.tedgioia.com/nsa_facts.html
- [23]: https://arstechnica.com/security/2014/03/nsa-hacker-in-residence-dishes-on-how-to-hunt-system-admins/
- [24]: http://circa.com/politics/barack-obamas-team-secretly-disclosed-years-of-illegal-nsa-searches-spying-on-americans
- [25]: http://www.nationalreview.com/article/447973/nsa-illegal-surveillance-americans-obama-administration-abuse-fisa-court-response
- [26]: https://www.scribd.com/document/349261099/2016-Cert-FISC-Memo-Opin-Order-Apr-2017-4
- [27]: https://en.wikipedia.org/wiki/UKUSA_Agreement
- [28]: http://www.reuters.com/article/us-dea-sod-idUSBRE97409R20130805
- [29]: https://en.wikipedia.org/wiki/Whitey_Bulger
- [30]: https://consortiumnews.com/2014/06/12/how-nsa-can-secretly-aid-criminal-cases/
- [31]: https://www.deamuseum.org/wp-content/uploads/2015/08/042215-DEAMuseum-LectureSeries-MLS-SOD-transcript.pdf
- [32]: https://www.justice.gov/criminal/ndds
- [33]: https://fas.org/irp/congress/2012_cr/faa-amend.html
- [34]: https://www.techdirt.com/articles/20160713/08005834960/first-time-federal-judge-has-suppressed-evidence-obtained-with-stingray-device.shtml
- [35]: http://www.washingtonpost.com/wp-dyn/content/article/2006/09/30/AR2006093000282.html
- [36]: https://consortiumnews.com/2014/01/07/nsa-insiders-reveal-what-went-wrong/
- [37]: https://na-production.s3.amazonaws.com/documents/Section702_Scope.pdf
- [38]: https://www.theguardian.com/us-news/2016/mar/08/fbi-changes-privacy-rules-accessing-nsa-prism-data
- [39]: https://www.wired.com/2017/01/just-time-trump-nsa-loosens-privacy-rules/
- [40]: https://www.independent.co.uk/news/world/americas/us-politics/donald-trump-presidency-finished-russia-investigations-fbi-vladimir-putin-nsa-analyst-john-schindler-a7649371.html
- [41]: http://www.forbes.com/sites/kashmirhill/2013/10/08/did-the-nsa-help-with-the-silk-road-investigation/
diff --git a/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4.md b/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4.md
deleted file mode 100644
index 9d46a80f9..000000000
--- a/src/content/es/pages/privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4.md
+++ /dev/null
@@ -1,291 +0,0 @@
----
-title: 'Online Privacy Through OPSEC and Compartmentalization: Part 4'
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/online-privacy-through-opsec-and-compartmentalization-part-4/
-section: Advanced
-weight: 120
-date: 2021-12-16T00:00:00+00:00
-layout: guides-details
----
-## OPSEC Countermeasures
-
-Once risks have been identified and ranked, one must identify countermeasures. One must then assess their effectiveness and cost, relative to potential impacts. And one must assess the "possibility that the countermeasure could create an OPSEC indicator" ([DoD OPSEC manual][1] at p. 14). Where warranted by risk and worth the cost, one applies countermeasures. And finally, one assesses the effectiveness of countermeasures in practice. I focus here on four groups of countermeasures: (1) common sense and security mindedness; (2) awareness of egocentrism, pride, vanity and greed; (3) compartmentalization with multiple personas; and 4) technical implementation.
-
-### Common Sense and Security Mindedness
-
-![Loose Lips Might Sink Ships](/images-static/uploads/loose-lips-might-sink-ships.jpg)
-
-Allen Dulles' [73 Rules of Spycraft][2] begins with common sense:
-
-> The greatest weapon a man or woman can bring to this type of work in which we are engaged is his or her hard common sense. The following notes aim at being a little common sense and applied form. Simple common sense crystallized by a certain amount of experience into a number of rules and suggestions.
-
-He goes on to emphasize the importance of security mindedness:
-
-> #2. Security consists not only in avoiding big risks. It consists in carrying out daily tasks with painstaking remembrance of the tiny things that security demands. The little things are in many ways more important than the big ones. It is they which oftenest give the game away. It is consistent care in them, which form the habit and characteristic of security mindedness.
-
-> #3. In any case, the man or woman who does not indulge in the daily security routine, boring and useless though it may sometimes appear, will be found lacking in the proper instinctive reaction when dealing with the bigger stuff.
-
-He also warns against carelessness:
-
-> #9. The greatest vice in the game is that of carelessness. Mistakes made generally cannot be rectified.
-
-> #8. Never leave things lying about unattended or lay them down where you are liable to forget them. Learn to write lightly; the `blank` page underneath has often been read. Be wary of your piece of blotting paper. If you have to destroy a document, do so thoroughly. Carry as little written matter as possible, and for the shortest possible time. Never carry names or addresses en clair. If you cannot carry them for the time being in your head, put them in a species of personal code, which only you understand. Small papers and envelopes or cards and photographs, ought to be clipped on to the latter, otherwise they are liable to get lost. But when you have conducted an interview or made arrangements for a meeting, write it all down and put it safely away for reference. Your memory can play tricks.
-
-> #17. The greatest material curse to the profession, despite all its advantages, is undoubtedly the telephone. It is a constant source of temptation to slackness. And even if you do not use it carelessly yourself, the other fellow, very often will, so in any case, warn him. Always act on the principle that every conversation is listened to, that a call may always give the enemy a line. Naturally, always unplug during confidential conversations. Even better is it to have no phone in your room, or else have it in a box or cupboard.
-
-Much of this may seem pointlessly old-school. But for those who work with computers and the Internet, there are now far more opportunities to be careless and leave traces for adversaries to find. Traces on our computers. Traces of online connectivity. Traces from browsing, email and messaging. Strong encryption is widely available now, at least. But there's still the risk from metadata (URLs, email addresses, IP addresses, etc). Smartphones are ubiquitous, and are vulnerable to surveillance and tracking. And people still write on paper, sometimes. There are just so many ways to fail.
-
-Anyway, security mindedness is indeed essential. And for that, it's crucial to pay attention, to [be present][3] to your life:
-
-> We train ourselves to see reality exactly as it is, and we call this special mode of perception 'mindfulness.' This process of mindfulness is really quite different from what we usually do. We usually do not look into what is really there in front of us. We see life through a screen of thoughts and concepts, and we mistake those mental objects for the reality.
-
-Seeing "reality exactly as it is", rather than our thoughts and feelings about it, is the basis for `security mindedness`. Also crucial is seeing ourselves objectively. And thinking through the consequences of every action. Globally, and from an [adversary's perspective][4]:
-
-> In addition to being a process, OPSEC is also a mindset.
-  
-> It means being able to consider your organization or environment from the point of view of your adversary.
-  
-> This allows you to consider your vulnerabilities from the perspective of the threat based on their capabilities and actions.
-
-It's rather like activating [God mode][5] in first-person shooter (FPS) video games. That's the default mode in chess and Go, of course.
-
-Anyway, it was traces—carelessly left and/or carelessly forgotten—that pwned the principals in most of my examples:
-
-  * Ross Ulbricht used his Gmail address on Bitcoin Forum, looking for a coder. He kept everything (including email and chat logs, a [diary][6], and true-name data for all staff) on one encrypted laptop. And he routinely carried and used that laptop in public, providing opportunities for the FBI to seize it.
-  * Roger Thomas Clark provided an image of his passport to Ross Ulbricht. So he (and other Silk Road staff) were pwned when Ross was.
-  * Artem Vaulin registered kickasstorrents.biz using his real name.
-  * Shannon McCoole used the same unusual greeting, and similar usernames, in multiple online accounts. And in one of them, he researched 4WD lift kits, and then bragged about them on his personal Facebook page.
-  * Hector Monsegur had linked personas going back well over a decade. Early personas were linked to his meatspace identity. And someone had retained IRC logs, including all of that information.
-  * Tomáš Jiříkovský created sheepmarketplace.com before the Sheep Marketplace onion site, and complained there "about the problems of running a Bitcoin-using hidden service". And **after** being doxxed as the owner, he cashed out implausibly huge amounts of Bitcoin that he had stolen.
-
-As Allen Dulles notes, it's the `little things`. Rigorous anonymity may not seem important, when you're a clueless n00b, when you're just playing around. Say, when you prototype this cool anonymous online market, like Silk Road or Sheep Marketplace. And then, after it takes off and becomes internationally infamous, you're just too stressed out to remember such little things. Or say, when you're starting out with your Pirate Bay clone. Or when you're 12 years old and learning to hack, and start hanging out on IRC.
-
-### Awareness of Egocentrism, Pride, Vanity, Greed and Lust
-
-![The Seven Deadly Sins (Hieronymus Bosch)](/images-static/uploads/Boschsevendeadlysins.jpg)
-
-[Allen Dulles][2] observes:
-
-> #10. The next greatest vice [after carelessness] is that of vanity. Its offshoots are multiple and malignant.
-
-> #11. Besides, the man with a swelled head never learns. And there is always a great deal to be learned.
-
-However, according to Jane Austen, in [_Pride and Prejudice_][7]:
-
-> Vanity and pride are different things, though the words are often used synonymously. A person may be proud without being vain. Pride relates more to our opinion of ourselves, vanity to what we would have others think of us.
-
-So actually, I think that Dulles is talking more about pride (`swelled head`) than about vanity. But typically they go together, and both are dangerous. Pride leads to overconfidence, and vanity to bragging. Nick Romeo recently blogged some relevant [tl;dr][8] from Plato:
-
-> ... In the Apology, Socrates claims to be wiser than other men only because he knows that which he does not know. When Kahneman writes that we are 'blind to our blindness', he is reviving the Socratic idea that wisdom consists in seeing one's blindness: knowing what you do not know.
-
-> Intellectual humility and overconfidence can stem from purely cognitive processes, but they are also correctly understood as moral achievements or failings. Someone who always thinks that he is right about everything, however little he knows, is making a moral as well as a mental mistake. Similarly, the cultivation of intellectual humility is, in part, the cultivation of an ethical virtue.
-
-> ...
-
-> ... This is only a preliminary step in Plato's dialogues – a (good-natured) reaching after fact and reason should and does occur – but an initial tolerance of uncertainty is a capacity without which individuals and societies cannot adequately self-correct and improve. People who are pained and irritated by not knowing something reach prematurely for whatever apparent reasons are most accessible.
-
-Ironically enough, [Jonah Lehrer][9] has written quite eloquently about how smart people make [stupid mistakes][10]. The fundamental problem seems to be egocentrism. That is, it's relatively easy to rationally and objectively evaluate other people's behavior. But it's hard to be rational and objective about ourselves. It's hard to face the facts, and consider what to do about them. We're often just too attached. Introspection typically opens up a morass of feelings, excuses, rationalization, wishful thinking, blame, and denial. There are also the illusions of being immortal, and smarter than others. Basically, we're [biased][11]. What's needed are mindfulness and humility.
-
-Consider Hector Monsegur's comment in an [interview][12] after his brief imprisonment: `I've been hacking since '95, ... There's only so much you can do before you get caught.` OK, so I can imagine how many `criminals` would say something like that, especially after being caught. But it's rationalization. His sins were carelessness and bragging. Plus pushing children into crime, and then snitching on them, [according to][13] Ryan Ackroyd (LulzSec's Kayla). What happens, I think, is that we know (at some level) that we've screwed up. But the mechanisms driving our behavior are largely unconscious. Our conscious ego is happy to take credit for success, but it tends to suppress evidence of error. There's a strong need to be right. And when evidence of error becomes undeniable, the ego may flip to fatalism. And making excuses.
-
-Another trap is greed. Consider [Tomáš Jiříkovský][14]. I mean, what else could explain how he cashed out a fortune in stolen Bitcoin, from a darknet drug marketplace, less than a month after being interviewed about alleged connections to said darknet drug marketplace in his country's major newspaper? But hey, $100 million is undeniably tempting. It's likely that greed also dissuaded Ross Ulbricht from giving up Silk Road.
-
-[Dulles][2] also warns about sex and alcohol:
-
-> #12. Booze is naturally dangerous. So also is an undisciplined attraction for the other sex. The first loosens the tongue. The second does likewise. It also distorts vision and promotes indolence. They both provide grand weapons to an enemy.
-
-> #13. It has been proved time and again, in particular, that sex and business do not mix.
-
-OK, so Ross Ulbricht did tell his off-and-on girlfriend Julia Tourianski about Silk Road, and she apparently told one of her friends, who then [posted][15] about it on his Facebook wall:
-
-> I'm sure the authorities would be interested in your drug-running site.
-
-But hey, she later became a staunch [defender][16]. Albeit after being forced to testify at his trial.
-
-### Compartmentalization with Multiple Personas
-
-![firewalls between electrical gear](/images-static/uploads/menu_bar_wall.jpg)
-
-It's clear from my examples that pseudonymity alone is a fragile defense. Once pwned in any context, everything is pwned, because it's all tied together. As I've noted, it's far more robust to fragment and compartmentalize one's online activity across multiple unlinked personas. Ross Ulbricht and Hector Xavier Monsegur both lacked adequate compartmentalization, over time. That is, even if their current OPSEC was good, which it actually wasn't, there were links to past activity with pitiful OPSEC. Shannon McCoole basically didn't compartmentalize. He was `skee who says hiyas` on The Love Zone, and basically the same everywhere else online.
-
-Compartmentalization (aka compartmentation) entails the isolation of stuff in compartments. That may involve walls, physical or figurative, or just the absence of connections. The goal is preventing bad things from spreading. Limiting access and damage. For example, military aircraft (containing fuel and munitions) are prudently isolated in combat environments by [blast walls aka revetments][17]. Explosives are often stored in isolated bunkers, separated by blast walls. [Firewalls][18] are used between townhouse units, between electrical components at substations, between engine and passenger compartments of vehicles, and so on. Compartmentalization plays diverse roles in [biological organisms][19].
-
-And yes, compartmentalization is a crucial component of [Information Security (INFOSEC)][20] and [Operations Security (OPSEC)][21]:
-
-> Operations Security sounds like something that would only concern spies and special operations soldiers. The reality is that since your government is likely spying on you, even if you `have nothing to hide`, OpSec concerns you. It's a concept you need to become familiar with and begin to apply in your daily life. Maintaining Operational Security is simply the practice of taking small steps to secure the information you don't want disclosed.
-
-> ...
-
-> Failing to compartmentalize: It's important enough to repeat. If someone doesn't have a need to know, don't tell them. This isn't a sign of distrust, it's a sign you are trustworthy. Remember that when you disclose unnecessary information about yourself, you are probably disclosing it about others.
-
-From [Allen Dulles][2]:
-
-> #51. If you have several groups, keep them separate unless the moment comes for concerted action. Keep your lines separate; and within the bounds of reason and security, try to multiply them. Each separation and each multiplication minimizes the danger of total loss. Multiplication of lines also gives the possibility of resting each line, which is often a very desirable thing.
-
-> #64. Away from the job, among your other contacts, never know too much. Often you will have to bite down on your vanity, which would like to show what you know. This is especially hard when you hear a wrong assertion being made or a misstatement of events.
-
-> #65. Not knowing too much does not mean not knowing anything. Unless there is a special reason for it, it is not good either to appear a nitwit or a person lacking in discretion. This does not invite the placing of confidence in you.
-
-> #66. Show your intelligence, but be quiet on anything along the line you are working. Make others do the speaking. A good thing sometimes is to be personally interested as `a good patriot and anxious to pass along anything useful to official channels in the hope that it may eventually get to the right quarter.`
-
-And from [the grugq][22]:
-
-> The cornerstone of any solid counterintelligence program is compartmentation. Compartmentation is the separation of information, including people and activities, into discreet cells. These cells must have no interaction, access, or knowledge of each other. Enforcing ignorance between different cells prevents any one compartment from containing too much sensitive information. If any single cell is compromised, such as by an informant, the limitats _sic_ of the damage will be at the boundaries of the cell.
-
-> Now, compartmenting an entire organization is a difficult feat, and can seriously impede the ability of the organization to learn and adapt to changing circumstance. However, these are are not concerns that we need to address for an individual who is compartmenting their personal life from their illicit activity.
-
-> Spooks, such as CIA case officiers [_sic_], or KGB illegals, compartment their illicit activity (spying) from their `regular` lives. The first part of this is, of course, keeping their mouths shut about their illicit activities! There are many other important parts of tradecraft which are beyond the scope of this post. But remember, when you are compartmenting your life, the first rule is to never discuss your illicit activities with anyone outside of that compartment.
-
-{{< raw-html >}}
-<figure>
-    <img src="/images-static/uploads/bedohave.png"
-        srcset="/images-static/uploads/bedohave.png 1x, /images-static/uploads/bedohave@2x.png 2x"
-        alt="Be->Do->Have cycle" />
-</figure>
-{{< / raw-html >}}
-
-OK, so how does one go about compartmentalizing with multiple personas? First, consider the standard advice for personal development. That is, after considering your principles and values, you formulate some goals. Then you consider how you would achieve those goals, what actions you would need to take. And finally, you consider who you would need to become to effectively take those actions. When it comes to implementation, however, the first step is being. Because actions grow out of being. It's the classic [Be->Do->Have cycle][23].
-
-But of course, life isn't that simple. We all live in multiple realms. Family. Social life. Spirituality. Work. Play. And these realms call forth [distinct ways of being][24]. In order to play safe online, you must distinguish subrealms, with particular interests and goals. Then you create one or more personas for each distinct subrealm. With adequate compartmentalization, adversaries don't see you as a person, but only as unrelated personas.
-
-Requisite skills come from fields of fiction writing, acting, role-playing games, and cosplay. Character design is a core component of [writing a novel][25]. Few personas need elaborate storylines, but language is essential, and location is often necessary. It also helps to think through each persona's history and interests. There's the [tension][26] between being what you know, and revealing too much about yourself. It's also common to [base characters on composites of real people][27]. Indeed, it's arguable that real people are [composites of real people][28] who raised and influenced them. But do avoid [pwning yourself or your friends][29]. Creative lying also helps. You may also enjoy some spiritual inspiration, such as [traditional budō][30] or [something more fanciful][31].
-
-OK, so names used for personas are key indicators. With good compartmentalization, each persona will only associate its own stuff, and won't implicate other personas. But still, when developing a new persona, one of my first steps is to google the name and username. For example, I picked `mirimir` based on the idiomatic Russian toast `мир и мир` (world peace). But there was already the artist [Miriam Laina][32], [Mirimir Alvarez][33] and [میریم سفر [Go travel]][34]. So hey.
-
-Other key indicators are language usage and style. For example, Mirimir uses English, with traces of British and southern US vernacular. I've drawn some of that from experience, and some from people I've known and worked with. But I've also drawn from literature and films. For example, when using this persona, I get present to memories and associations that are based on William S. Burroughs' `escape child` [Kim Carsons][35].
-
-I base other personas in the same way, on experience, people and fictional characters. There's typically some fictional character, and a setting where it operates, which presence me to the persona, and help me to get in character. Some personas also use English, but with perfect grammar and extremely generic style. Other personas use various other languages, more or less properly, depending on my expertise in them. Sometimes I use offline translation apps, with local dictionaries. Online translation is rather too obvious.
-
-Then there are the obvious indicators: address, email, and landline and cell numbers. Email is easy. Just signup via some mix of VPNs and Tor (depending on usage) and you're good to go. It's best to use services that only require email. But even for services that require address and telephone numbers, they only check for validity before account activation, if at all. I typically use hostels. Some services may require telephone confirmation, but you can just let them go. If it's something you need, you can use online services that interface cellular SIM cards for texting. Or burner phones, but those are geolocation risks. At worst, using fake information, you'll lose the account if they check. So plan accordingly.
-
-The main goal is to avoid any association with your meatspace identity. Not by name. Not by contact information. Not by language usage and style. Not by interests. Not even by literature that you base personas on. You don't draw on stuff that you've recently purchased in meatspace, or stuff that you discuss using your meatspace persona, especially online. And obviously, you must use some mix of VPNs and Tor (depending on usage) to avoid any association with your meatspace identity by IP address.
-
-For strong compartmentalization, it's also important to avoid associations among personas. So you use different addresses etc, and different network paths, using nested VPN chains with different final VPNs, and/or different Whonix instances. However, in some cases it's OK to have some associations between a persona and one or more sub-personas, which are posing as that persona's personas. Sometimes, I do that to be playful, and sometimes for purely practical reasons.
-
-Takeaways from an [interview][36] with Lindsay Moran, an ex-CIA operative, offer useful insight:
-
-  * When trying to compartmentalize, make sure your motivators of money, ideology, coercion, and ego, and fulfilled internally. Do not rely on an external resource for this.
-  * A confidentiality and anonymity (or un-attributability) win over merely confidentiality in the face of electronic surveillance.
-  * Identify the natural tendencies to shut down, or tunnel yourself into a single identity, and compensate by building personal, trusted relationships in your other identities.
-
-But even so, as [the grugq][37] notes, compartmentalization is stressful:
-
-> If the operative isn’t living a completely isolated clandestine lifestyle in their Unabomber cabin, they will have to isolate parts of their individual selves to compartment the different aspects of their lives. There will be their normal public life, the one face they show to the world, and also a sharded ego with their clandestine life. Maintaining strict compartmentation of the mind is stressful, the sharded individual will be a sum less than the total of the parts.
-
-> As if that wasn’t enough, there is the constant fear of discovery, that the clandestine cover will be stripped away by the adversary. This leaves the operative constantly fretting about the small details of each clandestine operational activity. Coupled with the compartmentalization of the self, the operative also has to stress about each non-operational activity, will this seemingly innocent action be the trigger that brings it all crashing down?
-
-![Dover Castle](/images-static/uploads/dover.jpg)
-
-That's true. But using multiple layers of personas helps protect against catastrophic failure, as noted in a [guide][38] for making anonymous online purchases:
-
-> Depending on the kind of operation, the fake identity that will be used, has to be as authentic as possible. A layered approach is used, meaning that one would create a fake online identity and completely compartmentise this identity from its real identity. This fake identity would then be used to create other fake identities. It ensures that if one fake identify gets compromised, it would not lead to de-anonymization of the person's real identity, but instead just one 'layer' or ‘compartment' of the identity protection would have been 'peeled off'. In practice this means that created email addresses point consequently only to the email address of its previous ‘layer' and not layers beneath its previous 'layer'. As in other OPSEC practices, avoiding contamination and profiling between the 'wrapped' identities is vital.
-
-[Allen Dulles][2] suggests an analogous approach:
-
-> #39. When you have made a contact, till you are absolutely sure of your man — and perhaps even then — be a small but eager intermediary. Have a `They` in the background for whom you act and to whom you are responsible. If `They` are harsh, if `They` decide to break it off, it is never any fault of yours, and indeed you can pretend to have a personal grievance about it. `They` are always great gluttons for results and very stingy with cash until `They` get them. When the results come along, `They` always send messages of congratulation and encouragement.
-
-Using multiple online personas is useful for more than privacy and anonymity. It can be an expression of playfulness. And it can help you be [more creative][39]:
-
-> Pretending to be someone else: When you're stuck in a creative process, unfocus may also come to the rescue when you embody and live out an entirely different personality. In 2016, educational psychologists, Denis Dumas and Kevin Dunbar found that people who try to solve creative problems are more successful if they behave like an eccentric poet than a rigid librarian. Given a test in which they have to come up with as many uses as possible for any object (e.g. a brick) those who behave like eccentric poets have superior creative performance. This finding holds even if the same person takes on a different identity.
-
-### Technical Implementation
-
-My focus here has been on strategy and tactics. I won't be getting into details of technical implementation. Lately, however, I've written primarily about that. Available options for general Internet access are VPNs, JonDonym, and Tor. One can also use I2P, with network outproxies, but the latency is even higher than with Tor. Each has its strengths and its weaknesses. And there's great uncertainty. Anyway, for more on those issues, see [`Will a VPN Service Protect Me? Defining your Threat Model`][40] and [`Adversaries and Anonymity Systems: The Basics`][41].
-
-The best bet is using personas, with data compartmentalized in some mix of hardware and virtual machines (VMs), and network connectivity correspondingly compartmentalized with nested proxy chains. See [`Advanced Privacy and Anonymity Using VMs, VPN's & Tor`][42] and [`How to perform a VPN leak test`][43].
-
-An issue that deserves more attention is the compartmentalization of encrypted information. Consider how Ross Ulbricht kept everything about Silk Road on his LUKS encrypted laptop. If the FBI had swatted him at home, he would arguably have had time to shut it down. Unless agents were prepared to extract the key from RAM. But they were smarter than that. They busted him in public, and managed to acquire his laptop with LUKS unlocked. So they had everything: his diary, email, chat logs, accounting spreadsheets, personnel files, and so on. Oops.
-
-It would have been safer to compartmentalize data in multiple encrypted containers. Enigmail (using GnuPG public-key encryption) typically works that way. All encrypted messages, including draft unsent messages, are encrypted in storage, and decrypted as needed. One can also use GnuPG for encrypting individual files, or archived folders. But that can get tedious. For general storage, one can create file-based encrypted containers with [VeraCrypt][44] or [Tomb][45]. Tomb uses cryptsetup to create LUKS volumes on loop devices, which are just files. With any file-based approach, it's prudent to deactivate all swap devices (swapoff -a) to avoid leaving traces on disk.
-
-Alternatively, one can have multiple LUKS partitions, with only the main one decrypted and mounted at boot. It's easy to decrypt and mount LUKS partitions with the disk utility. Backup and recovery of LUKS partitions is more error-prone than simple file management, however. For those who compartmentalize in VMs, another option is using multiple LUKS-encrypted virtual disks. In VMs, they behave just like LUKS partitions. But in the host, they're just encrypted files.
-
-![xkcd: $5 Wrench](/images-static/uploads/securitycomic.png)
-
-OK, so let's say that an adversary has both you and your encrypted stuff. The encryption is unbreakable. And the adversary believes that you know the password(s). But you refuse to decrypt. Under some circumstances, you'll be tortured. Elsewhere, you may be [jailed][46], perhaps [indefinitely][47]. Even if you have truly forgotten your passwords. At borders, non-residents may be [denied entry][48]. If there's other reason for suspicion, authorities may [escalate][49].
-
-If such risks concern you, you can mitigate them by physically compartmentalizing yourself from your encrypted stuff. That is, you store your encrypted stuff anonymously online. To reduce the risk and impact of loss, you can have multiple compartments, and store multiple copies of each, in different places. So you possess the minimum required for whatever you're currently working on. However, few could remember that much information about locations, passwords, etc. But if you encrypt and store it locally, you're faced with the same issue about refusing to decrypt stuff.
-
-There's an obvious solution. Encrypt the information, and anonymously store multiple copies online. But you still need to remember a few online locations, and some usernames and passwords. Some can remember that much, I'm sure. But for those that want some backup, there's [Shamir's Secret Sharing Scheme][50]:
-
-> In this paper we show how to divide data D into n pieces in such a way that D is easily reconstructable from any k pieces, but even complete knowledge of k-1 pieces reveals absolutely no information about D. This technique enables the construction of robust key management schemes for cryptographic systems that can function securely and reliably even when misfortunes destroy half the pieces [_sic_, actually n-k] and security breaches expose all but one of the remaining pieces [k-1].
-
-This is, by the way, from [Adi Shamir][51], the co-inventor of RSA. There's the Debian package [ssss][52] by Bertram Poettering. And, just to be clear, he notes that the scheme is provably (aka unconditionally) secure:
-
-> Note that Shamir's scheme is provable secure, that means: in a (t,n) scheme one can prove that it makes no difference whether an attacker has t-1 valid shares at his disposal or none at all; as long as he has less than t shares, there is no better option than guessing to find out the secret.
-
-However, with ssss you're limited to 128 ASCII characters (bytes, which is 1024 bits). That's enough for four 32-character blocks, each comprising:
-
-  * 11-15 characters for an IPv4 address or URL hint
-  * five characters for a username
-  * 12-16 characters for a password
-
-Say that you use n=10 and k=3. So now you have ten strings to hide somewhere. Each string comprises a sequence number (`01-` to `10-`) and 256 ASCII characters. For example:
-
-> 01-3a33b47a4d887260...0b2950346ca889f6
-  
-> 02-08ec7fe42b44d5fb...a533b5add1d26016
-  
-> ...
-  
-> 10-a1570c913ed06cd3...48868f06b813b08c
-
-Only three of the strings are needed to recover the original data, and two of those can be known by the adversary. To obscure the sequence numbers, you could replace `01-` with `a`, and so on. So that gives you ten 257-character strings to hide. You might [post][53] them to discussion forums. Or tweet them. Or use [Deep Sound][54] to hide them in audio tracks, using [steganography][55]. Or print them, embed in plastic, and [geocache][56] them (using a passive ‎GPS receiver‎, to avoid pwnage). Whatever you like.
-
- [1]: https://www.hsdl.org/?view&did=233829
- [2]: https://blog.cyberwar.nl/2016/02/some-elements-of-intelligence-work-73-rules-of-spycraft-allen-dulles-1960s/
- [3]: https://www.vipassana.com/meditation/mindfulness_in_plain_english_5.html
- [4]: https://security.pae.com/Documents/OPSEC/OPSEC_Training.pdf
- [5]: https://www.quora.com/Which-video-games-feature-God-mode
- [6]: https://www.wired.com/2015/01/heres-secret-silk-road-journal-laptop-ross-ulbricht/
- [7]: https://www.goodreads.com/quotes/21824-vanity-and-pride-are-different-things-though-the-words-are
- [8]: https://aeon.co/essays/what-plato-knew-about-behavioural-economics-a-lot
- [9]: https://en.wikipedia.org/wiki/Jonah_Lehrer
- [10]: http://www.newyorker.com/tech/frontal-cortex/why-smart-people-are-stupid
- [11]: https://en.wikipedia.org/wiki/List_of_cognitive_biases
- [12]: https://web.archive.org/web/20201114055349/https://kernelmag.dailydot.com/issue-sections/headline-story/13945/sabu-hector-monsegur-interview/
- [13]: http://pastebin.com/raw/fSdTyJSw
- [14]: https://www.deepdotweb.com/wp-content/uploads/2015/03/2.png
- [15]: https://motherboard.vice.com/en_us/article/friend-testifies-in-silk-road-trial-richard-bates
- [16]: https://dollarvigilante.com/blog/2015/01/14/julia-tourianski-on-the-most-important-trial-of-our-generati/
- [17]: http://www.globalsecurity.org/military/intro/images/revetment-dfst9209119.jpg
- [18]: https://en.wikipedia.org/wiki/Firewall_%28construction%29
- [19]: http://profwelday.weebly.com/uploads/2/3/0/0/23005790/_ch_03_lecture_presentation.pdf
- [20]: https://en.wikipedia.org/wiki/Compartmentalization_%28information_security%29
- [21]: https://web.archive.org/web/20200523214818/https://thefifthcolumnnews.com/2017/03/tradecraft-introduction-to-opsec/
- [22]: https://grugq.github.io/blog/2013/06/13/ignorance-is-strength/
- [23]: https://3.bp.blogspot.com/_4X_vI_fIqHg/TTnNVC47g-I/AAAAAAAAB8E/L5LEmS0vcBI/s1600/Be%2BDo%2BHave.jpg
- [24]: http://static.boredpanda.com/blog/wp-content/uploads/2014/11/the-soldier-art-project-military-photography-devin-mitchell-47.jpg
- [25]: http://www.advancedfictionwriting.com/articles/snowflake-method/
- [26]: https://writers.stackexchange.com/questions/26748/how-to-make-sure-that-you-dont-end-up-writing-a-self-insert
- [27]: https://www.reddit.com/r/writing/comments/3mi6en/is_it_a_common_practice_to_base_characters_on/
- [28]: https://archive.org/details/iamstrangeloop00hofs
- [29]: http://tvtropes.org/pmwiki/pmwiki.php/Main/ConvenientlyUnverifiableCoverStory
- [30]: https://en.wikipedia.org/wiki/Bud%C5%8D
- [31]: http://aeternalae.wikia.com/wiki/Aeternal_Pledged
- [32]: http://mirimir.deviantart.com/
- [33]: https://www.facebook.com/mirimirimir
- [34]: http://mirim.ir/
- [35]: https://www.youtube.com/watch?v=XfAvB2BWdLs
- [36]: https://web.archive.org/web/20180413140653/http://www.b3rn3d.com/blog/2014/03/09/cia-spycraft-psychology/
- [37]: http://blogsofwar.com/hacker-OPSEC-with-the-grugq/
- [38]: https://arxiv.org/pdf/1505.07370.pdf
- [39]: https://hbr.org/2017/05/your-brain-can-only-take-so-much-focus
- [40]: /privacy-guides/will-a-vpn-protect-me/
- [41]: /privacy-guides/adversaries-and-anonymity-systems-the-basics/
- [42]: /privacy-guides/advanced-privacy-and-anonymity-part-1/
- [43]: /privacy-guides/how-to-perform-a-vpn-leak-test/
- [44]: https://www.veracrypt.fr/en/
- [45]: https://www.dyne.org/software/tomb/
- [46]: http://www.legislation.gov.uk/ukpga/2000/23/part/III
- [47]: https://arstechnica.com/tech-policy/2017/03/man-jailed-indefinitely-for-refusing-to-decrypt-hard-drives-loses-appeal/
- [48]: https://www.eff.org/wp/digital-privacy-us-border-2017
- [49]: http://www.madirish.net/366
- [50]: https://apps.dtic.mil/sti/pdfs/ADA069397.pdf
- [51]: http://amturing.acm.org/award_winners/shamir_2327856.cfm
- [52]: http://point-at-infinity.org/ssss/
- [53]: https://www.wilderssecurity.com/threads/test.394408/
- [54]: https://null-byte.wonderhowto.com/how-to/hacks-mr-robot-hide-data-audio-files-0164136/
- [55]: https://tag.wonderhowto.com/steganography/
- [56]: https://en.wikipedia.org/wiki/Geocaching
-
diff --git a/src/content/es/pages/privacy-guides/raspberry-pi-2-ivpn-gateway.md b/src/content/es/pages/privacy-guides/raspberry-pi-2-ivpn-gateway.md
deleted file mode 100644
index 32295bb56..000000000
--- a/src/content/es/pages/privacy-guides/raspberry-pi-2-ivpn-gateway.md
+++ /dev/null
@@ -1,544 +0,0 @@
----
-title: Raspberry Pi 2 IVPN Gateway
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/raspberry-pi-2-ivpn-gateway/
-section: Misc
-weight: 50
-date: 2015-11-30T18:35:03+00:00
-layout: guides-details
----
-This how-to explains how to setup a Raspberry Pi 2 Model B v1.1 microcomputer as an IVPN gateway firewall/router, using Raspbian (Debian Wheezy). In addition to the Pi, you need an 8GB microSDHC card (preferably class 10) and a USB-to-ethernet adapter, which provides a second ethernet port (eth1). You connect the Pi's WAN interface (eth0) to a LAN with Internet connectivity. An OpenVPN client establishes a VPN tunnel (tun0) to an IVPN server. The Pi forwards all traffic from devices attached to its LAN interface (eth1) through the VPN tunnel (tun0). Firewall rules allow outgoing connections on WAN (eth0) only to IVPN servers, Raspbian wheezy repository servers (for package updates) and NTP timeservers. No DNS servers are reachable via WAN (eth0) and so the IP addresses of these servers must be specified or resolved locally.
-
-The gateway boots with no IVPN route connected, and allows no traffic to the Internet. After connecting with SSH from a local machine, you create a user-password file in /tmp, which is stored in RAM. Then you can start, stop and restart IVPN connections, with no need to reenter your username and password (until the gateway is rebooted).
-
-Setup your Pi with a DVI monitor (perhaps via an HDMI-DVI adapter) or an HDMI TV, and a USB keyboard. It's important to use an adequate power supply. The Pi 2 uses 600-2000mA at 5V. And some USB keyboards are power hogs. Inadequate voltage at load may lead to instability and errors. Overvoltage supplied via the micro-USB power cable will temporarily trip the polyfuse, but probably won't cause permanent damage. However, the USB data ports bypass the polyfuse, and so voltage surges on powered USB hubs can fry the Pi. See <http://www.raspberrypi.org/help/faqs/#powerReqs>.
-
-Download the Raspbian (Debian Wheezy) image archive from <http://www.raspberrypi.org/downloads/> and extract the image. Put the 8GB microSDHC card in a slot or USB adapter, and write the Raspbian wheezy image to it. Then put the card in your Pi, and attach the micro-USB power cable. At first boot, you get the raspi-config screen. Select `Expand Filesystem` to expand the image to fill your SD card. Then select `Change User Password` (default being `raspberry`). Select `Internationalisation Options` to configure language, timezone and keyboard layout. Using `Advanced Options`, change the hostname (perhaps to `ivpngw`) and enable SSH server. Also `Enable Boot to Desktop`, because that will facilitate setup. You can later switch back to text console, if you like. Finally, tab to `Finish` and let the Pi reboot. Login as as user `pi` with your new password.
-
-First update the firmware, and let the Pi reboot.
-
-    $ sudo rpi-update
-
-## Initial Setup
-
-Configure the network interfaces. These instructions assume that the Pi WAN interface is connected to LAN <192.168.1.0/24>, and that a DHCP server at <192.168.1.1> is pushing valid DNS server(s). If your LAN IP range is different, adjust the LAN IPs in the iptables rules below accordingly. And by the way, WAN (eth0) and LAN (eth1) can't be in the same IP range. We'll make the Pi WAN interface static after configuring OpenVPN, and finally configure a DHCP server on the Pi LAN interface.
-
-    $ sudo nano /etc/network/interfaces
-    ........................
-    auto lo
-    iface lo inet loopback
-        
-    auto eth0
-    iface eth0 inet dhcp
-      
-    auto eth1
-    iface eth1 inet static
-    address 192.168.2.1
-    netmask 255.255.255.0
-    ........................
-        
-    $ sudo ifdown eth0
-    $ sudo ifup eth0
-
-Now open Epiphany, browse to this how-to guide, and bookmark it. Then open LXTerminal. Now you can copy text from the guide, and paste it into the terminal, using `Shift-Ctrl-V`.
-
-Now update and install required packages. OK saving the default iptables rules.
-
-    $ sudo apt-get update
-    $ sudo apt-get dist-upgrade
-    $ sudo apt-get install host openvpn iptables-persistent
-
-You must enable forwarding.
-
-    $ sudo cp /etc/sysctl.conf /etc/sysctl.conf.defaults
-    $ sudo nano /etc/sysctl.conf
-    ......................................
-    kernel.printk = 3 4 1 3
-    net.ipv4.ip_forward=1
-    net.ipv4.conf.all.accept_redirects = 0
-    vm.swappiness=1
-    vm.min_free_kbytes = 8192
-    ......................................
-
-Reboot the gateway Pi
-
-    $ sudo reboot
-
-## OpenVPN Setup
-
-Download the latest [OpenVPN configuration files](/openvpn-config) and extract the archive to `/home/pi`.
-
-
-    $ unzip /mnt/ivpn-openvpn-config.zip -d /home/pi/
-
-Reconfigure openvpn so it doesn't start all valid VPNs at boot. That's necessary because IVPN requires entering username and password to connect, and the openvpn daemon doesn't have a mechanism for prompting for entering them.
-
-    $ sudo nano /etc/default/openvpn
-    ................
-    ...
-    AUTOSTART="none"
-    ...
-    ................
-
-However, there's a workaround. At boot, create a temporary user-pass file in the `/tmp` tmpfs. It will be stored in RAM, and not saved to the SD card. Until you reboot the Pi, however, the credentials will remain available. Simply saving the user-pass file to the SD card is far less secure. If you like, you can encrypt the SD card using dm-crypt/LUKS with LVM2 for easy swap encryption. See <http://www.raspberrypi.org/forums/viewtopic.php?f=29&t=102103&p=709645>.
-
-    $ sudo nano /tmp/user-pass
-    ........
-    username
-    password
-    ........
-
-We will configure iptables to block all non-VPN Internet access, except to three groups of servers: 1) IVPN servers that we want to use; 2) Raspbian wheezy repository servers, for package updates; and 3) NTP timeservers, to insure that the Pi knows the correct time. No DNS servers are reachable via WAN (eth0) and so IVPN servers must be specified by IP addresses, or resolved locally. For IVPN servers, it's most straightforward to specify IP addresses in the config files. Choose the IVPN routes that you'll be using, and edit their config files. Also point to `/tmp/user-pass`, and change `verb 3` to `verb 5`.
-
-In this example, I'll do `IVPN-Singlehop-Netherlands` and `IVPN-Singlehop-Germany`. In one LXTerminal:
-
-    $ mkdir /home/pi/IVPN-config/edited
-    $ cp /home/pi/IVPN-config/IVPN-Singlehop-Netherlands.conf /home/pi/IVPN-config/edited/
-    $ cat /home/pi/IVPN-config/edited/IVPN-Singlehop-Netherlands.conf
-    ...........................
-    ...
-    remote gw1.nl.ivpn.net 2049
-    auth-user-pass
-    ...
-    verb 3
-    ...........................
-
-In a second LXTerminal:
-
-    $ sudo host gw1.nl.ivpn.net
-     => gw1.nl.ivpn.net has address 85.12.8.104
-
-Back in the first LXTerminal, edit the config file, and save.
-
-    $ nano /home/pi/IVPN-config/edited/IVPN-Singlehop-Netherlands.conf
-    .............................
-    ...
-    remote 85.12.8.104 2049
-    auth-user-pass /tmp/user-pass
-    ...
-    verb 5
-    .............................
-
-Repeat for the route `IVPN-Singlehop-Germany`, and you should get:
-
-    $ nano /home/pi/IVPN-config/edited/IVPN-Singlehop-Germany.conf
-    .............................
-    ...
-    remote 178.162.193.154 2049
-    auth-user-pass /tmp/user-pass
-    ...
-    verb 5
-    .............................
-
-Copy VPN credentials and selected route configs to `/etc/openvpn`.
-
-    $ cd /home/pi/IVPN-config
-    $ sudo cp ca.crt client1.crt client1.key ta.key /etc/openvpn/
-    $ cd edited
-    $ sudo cp *.conf /etc/openvpn/
-
-Remove read rights on credentials for group and other.
-
-    $ cd /etc/openvpn
-    $ sudo chmod go-r ca.crt client1.crt client1.key ta.key
-
-Start `IVPN-Singlehop-Netherlands`.
-
-    $ sudo service openvpn start IVPN-Singlehop-Netherlands
-    [ ok ] Starting virtual private network daemon: IVPN-Singlehop-Netherlands.
-
-And check status.
-
-    $ sudo service openvpn status
-     [warn] No VPN autostarted ... (warning).
-     [FAIL] VPN 'IVPN-Singlehop-Germany' (non autostarted) is not running ... failed!
-     [ ok ] VPN 'IVPN-Singlehop-Netherlands' (non autostarted) is running.
-       
-     $ sudo ifconfig
-     ..................................................
-     eth0 ... inet addr:192.168.1.104 ...
-     eth1 ... inet addr:192.168.2.1 ...
-     lo ... inet addr:127.0.0.1 ...
-     tun0 ... inet addr:10.9.0.6  P-t-P:10.9.0.5 ...
-     .................................................
-
-In Epiphany, browse <https://whatismyipaddress.com/>
-  
-=> 85.12.8.104 [Base IP B.V.]
-
-Stop it and start `IVPN-Singlehop-Germany`.
-
-    $ sudo service openvpn stop
-    [ ok ] Stopping virtual private network daemon: IVPN-Singlehop-Netherlands.
-       
-    $ sudo service openvpn start IVPN-Singlehop-Germany
-    [ ok ] Starting virtual private network daemon: IVPN-Singlehop-Germany.
-       
-    $ sudo service openvpn status
-    [warn] No VPN autostarted ... (warning).
-    [ ok ] VPN 'IVPN-Singlehop-Germany' (non autostarted) is running.
-    [FAIL] VPN 'IVPN-Singlehop-Netherlands' (non autostarted) is not running ... failed!
-        
-    $ sudo ifconfig
-    eth0 ... inet addr:192.168.1.104 ...
-    eth1 ... inet addr:192.168.2.1 ...
-    lo ... inet addr:127.0.0.1 ...
-    tun0 ... inet addr:10.20.0.30  P-t-P:10.20.0.29 ...
-
-In Epiphany, browse <https://whatismyipaddress.com/>
-  
-=> 178.162.210.2 [Leaseweb Germany GmbH]
-
-## Configure /etc/hosts
-
-The above approach doesn't work for Raspbian wheezy repositories and NTP (time) servers, and so we use `/etc/hosts`. Update package lists, get the hostnames being hit, and use host to get the IP addresses.
-
-    $ sudo apt-get update
-    => hits mirrordirector.raspbian.org, archive.raspberrypi.org and raspberrypi.collabora.com
-        
-    $ sudo apt-get install ntpdate 
-    => also hits mirror.nl.leaseweb.net
-       
-    $ sudo host mirrordirector.raspbian.org
-    => 5.153.225.207
-    $ sudo host mirror.nl.leaseweb.net
-    => 94.75.223.121
-    $ sudo host archive.raspberrypi.org
-    => 93.93.128.211, 93.93.128.230, 93.93.130.39 and 93.93.130.214 
-    $ sudo host raspberrypi.collabora.com
-    => 93.93.128.223
-
-Now see what NTP servers are being hit, and use host to get the IP addresses.
-
-    $ sudo nano /etc/ntp.conf
-    => hits 0.debian.pool.ntp.org, 1.debian.pool.ntp.org, 2.debian.pool.ntp.org, and 3.debian.pool.ntp.org
-       
-    $ sudo host 0.debian.pool.ntp.org
-    => 67.198.37.16, 82.141.152.3, 87.195.109.207 and 95.213.132.250
-    $ sudo host 1.debian.pool.ntp.org
-    => 87.230.85.6, 92.63.212.161, 131.234.137.24 and 188.126.88.9
-    $ sudo host 2.debian.pool.ntp.org
-    => 77.245.18.26, 83.137.98.96, 85.214.108.169 and 193.224.65.146
-    $ sudo host 3.debian.pool.ntp.org
-    => 157.7.154.29, 176.74.25.228, 173.230.144.109 and 193.219.61.110
-
-Configure host and populate `/etc/hosts` with the above information.
-
-    $ sudo nano /etc/host.conf
-    ....................
-    multi on
-    order hosts bind nis
-    ....................
-    $ sudo nano /etc/hosts
-    ............................................
-    127.0.0.1        localhost
-    127.0.0.1        vpngateway
-    5.153.225.207    mirrordirector.raspbian.org
-    93.93.128.211    archive.raspberrypi.org
-    93.93.128.230    archive.raspberrypi.org
-    93.93.130.39     archive.raspberrypi.org
-    93.93.130.214    archive.raspberrypi.org
-    93.93.128.223    raspberrypi.collabora.com
-    94.75.223.121    mirror.nl.leaseweb.net
-    67.198.37.16     0.debian.pool.ntp.org
-    82.141.152.3     0.debian.pool.ntp.org
-    87.195.109.207   0.debian.pool.ntp.org
-    95.213.132.250   0.debian.pool.ntp.org
-    87.230.85.6      1.debian.pool.ntp.org
-    92.63.212.161    1.debian.pool.ntp.org
-    131.234.137.24   1.debian.pool.ntp.org
-    188.126.88.9     1.debian.pool.ntp.org
-    77.245.18.26     2.debian.pool.ntp.org
-    83.137.98.96     2.debian.pool.ntp.org
-    85.214.108.169   2.debian.pool.ntp.org
-    193.224.65.146   2.debian.pool.ntp.org
-    157.7.154.29     3.debian.pool.ntp.org
-    176.74.25.228    3.debian.pool.ntp.org
-    173.230.144.109  3.debian.pool.ntp.org
-    193.219.61.110   3.debian.pool.ntp.org
-    ............................................
-
-## Configure iptables
-
-Now that OpenVPN is working, configure iptables. But first make sure that the default iptables ruleset allows everything. That way, if you manage to lock yourself out, rebooting will restore access.
-
-    $ sudo nano /etc/iptables/rules.v4
-    .....................
-    *filter
-      
-    :INPUT ACCEPT [0:0]
-    :FORWARD ACCEPT [0:0]
-    :OUTPUT ACCEPT [0:0]
-      
-    COMMIT
-    .....................
-
-You want an iptables ruleset that blocks all non-VPN connections to the Internet. It drops all input, forward and output by default, so all desired traffic must be explicitly allowed. Further, various sorts of malformed packets are dropped early, as in adrelanos' VPN-Firewall.
-
-In the following ruleset, there are two placeholders: `IP-of-VPN-server` and `port-of-VPN-server`. They come from the OpenVPN configuration file. For `IVPN-Singlehop-Netherlands`, as we saw above, they are `85.12.8.104` and `2049`. For `IVPN-Singlehop-Germany`, they are `178.162.193.154` and `2049`. You will need a line for each IVPN server that you'll want to use.
-
-    $ sudo nano /etc/iptables/vpn-rules.v4
-    ...........................................................................................
-    *nat
-    
-    :PREROUTING ACCEPT [0:0]
-    :INPUT ACCEPT [0:0]
-    :OUTPUT ACCEPT [0:0]
-    :POSTROUTING ACCEPT [0:0]
-    
-    -A OUTPUT -o lo -j RETURN
-    -A POSTROUTING -o tun0 -j MASQUERADE
-    
-    COMMIT
-    
-    *filter
-    
-    :INPUT DROP [0:0]
-    :FORWARD DROP [0:0]
-    :OUTPUT DROP [0:0]
-    
-    -A INPUT -m state --state INVALID -j DROP
-    -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,ACK -j DROP
-    -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
-    -A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
-    -A INPUT -f -j DROP
-    -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j DROP
-    -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
-    
-    -A INPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -i lo -j ACCEPT
-    -A INPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT
-    -A INPUT -i eth0 -p tcp -m tcp -s 192.168.1.0/24 --dport 22 -j ACCEPT
-    -A INPUT -i eth1 -s 192.168.2.0/24 -j ACCEPT
-    -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-    -A INPUT -j LOG --log-prefix "vpn-gw blocked input: "
-    -A INPUT -j DROP
-    
-    -A FORWARD -i eth1 -o tun0 -j ACCEPT
-    -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-    -A FORWARD -j LOG --log-prefix "vpn-gw blocked forward: "
-    -A FORWARD -j REJECT --reject-with icmp-admin-prohibited
-    
-    -A OUTPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -o lo -j ACCEPT
-    -A OUTPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT
-    
-    -A OUTPUT -o eth0 -p tcp -m tcp -d 5.153.225.207/32 --dport 80 -j ACCEPT
-    -A OUTPUT -o eth0 -p tcp -m tcp -d 93.93.128.211/32 --dport 80 -j ACCEPT
-    -A OUTPUT -o eth0 -p tcp -m tcp -d 93.93.128.223/32 --dport 80 -j ACCEPT
-    -A OUTPUT -o eth0 -p tcp -m tcp -d 93.93.128.230/32 --dport 80 -j ACCEPT
-    -A OUTPUT -o eth0 -p tcp -m tcp -d 93.93.130.39/32 --dport 80 -j ACCEPT
-    -A OUTPUT -o eth0 -p tcp -m tcp -d 93.93.130.214/32 --dport 80 -j ACCEPT
-    
-    -A OUTPUT -o eth0 -p udp -m udp -d 67.198.37.16 --dport 123 -j ACCEPT
-    -A OUTPUT -o eth0 -p udp -m udp -d 77.245.18.26 --dport 123 -j ACCEPT
-    -A OUTPUT -o eth0 -p udp -m udp -d 82.141.152.3 --dport 123 -j ACCEPT
-    -A OUTPUT -o eth0 -p udp -m udp -d 83.137.98.96 --dport 123 -j ACCEPT
-    -A OUTPUT -o eth0 -p udp -m udp -d 85.214.108.169 --dport 123 -j ACCEPT
-    -A OUTPUT -o eth0 -p udp -m udp -d 87.195.109.207 --dport 123 -j ACCEPT
-    -A OUTPUT -o eth0 -p udp -m udp -d 87.230.85.6 --dport 123 -j ACCEPT
-    -A OUTPUT -o eth0 -p udp -m udp -d 92.63.212.161 --dport 123 -j ACCEPT
-    -A OUTPUT -o eth0 -p udp -m udp -d 95.213.132.250 --dport 123 -j ACCEPT
-    -A OUTPUT -o eth0 -p udp -m udp -d 131.234.137.24 --dport 123 -j ACCEPT
-    -A OUTPUT -o eth0 -p udp -m udp -d 157.7.154.29 --dport 123 -j ACCEPT
-    -A OUTPUT -o eth0 -p udp -m udp -d 173.230.144.109 --dport 123 -j ACCEPT
-    -A OUTPUT -o eth0 -p udp -m udp -d 176.74.25.228 --dport 123 -j ACCEPT
-    -A OUTPUT -o eth0 -p udp -m udp -d 188.126.88.9 --dport 123 -j ACCEPT
-    -A OUTPUT -o eth0 -p udp -m udp -d 193.219.61.110 --dport 123 -j ACCEPT
-    -A OUTPUT -o eth0 -p udp -m udp -d 193.224.65.146 --dport 123 -j ACCEPT
-    
-    \#  -A OUTPUT -o eth0 -p udp -m udp -d IP-of-VPN-server/32 --dport port-of-VPN-server -j ACCEPT
-    -A OUTPUT -o eth0 -p udp -m udp -d 85.12.8.104/32 --dport 2049 -j ACCEPT
-    -A OUTPUT -o eth0 -p udp -m udp -d 178.162.193.154/32 --dport 2049 -j ACCEPT
-    
-    -A OUTPUT -o tun0 -j ACCEPT
-    -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-    -A OUTPUT -j LOG --log-prefix "vpn-gw blocked output: "
-    -A OUTPUT -j REJECT --reject-with icmp-admin-prohibited
-    
-    COMMIT
-    ...........................................................................................
-    
-    $ sudo iptables-restore < /etc/iptables/vpn-rules.v4
-
-Verify that you can still hit repository and NTP servers.
-
-    $ sudo apt-get update
-    => should see no errors
-    
-    $ sudo ntpdate
-    => should see no DNS errors, and "the NTP socket is in use, exiting"
-
-Now test IVPN-Singlehop-Netherlands and IVPN-Singlehop-Germany.
-
-    $ sudo service openvpn start IVPN-Singlehop-Netherlands
-       [ ok ] Starting virtual private network daemon: IVPN-Singlehop-Netherlands.
-      
-    $ sudo service openvpn status
-       [warn] No VPN autostarted ... (warning).
-       [FAIL] VPN 'IVPN-Singlehop-Germany' (non autostarted) is not running ... failed!
-       [ ok ] VPN 'IVPN-Singlehop-Netherlands' (non autostarted) is running.
-        
-    $ sudo ifconfig
-       eth0 ... inet addr:192.168.1.100 ...
-       eth1 ... inet addr:192.168.2.1 ...
-       lo ... inet addr:127.0.0.1 ...
-       tun0 ... inet addr:10.9.0.230  P-t-P:10.9.0.229 ...
-
-In Epiphany, browse <https://whatismyipaddress.com/>.
-  
-=> 85.12.8.106 [Base IP B.V.]
-
-Browse <https://www.grc.com/dns/dns.htm> and run standard test.
-  
-=> 85.12.5.11 is only reachable DNS server
-
-    $ sudo service openvpn stop
-       [ ok ] Stopping virtual private network daemon: IVPN-Singlehop-Netherlands.
-      
-    $ sudo service openvpn start IVPN-Singlehop-Germany
-       [ ok ] Starting virtual private network daemon: IVPN-Singlehop-Germany.
-        
-    $ sudo service openvpn status
-       [warn] No VPN autostarted ... (warning).
-       [ ok ] VPN 'IVPN-Singlehop-Germany' (non autostarted) is running.
-       [FAIL] VPN 'IVPN-Singlehop-Netherlands' (non autostarted) is not running ... failed!
-        
-    $ sudo ifconfig
-       eth0 ... inet addr:192.168.1.100 ...
-       eth1 ... inet addr:192.168.2.1 ...
-       lo ... inet addr:127.0.0.1 ...
-       tun0 ... inet addr:10.20.0.46  P-t-P:10.20.0.45 ...
-
-In Epiphany, browse <https://whatismyipaddress.com/>
-  
-=> 178.162.210.2 [Leaseweb Germany GmbH]
-
-Browse <https://www.grc.com/dns/dns.htm> and run standard test.
-  
-=> 178.162.193.154 is only DNS server
-
-Repeating the above, you will get different `inet addr` and `P-t-P` values, but they will always be in `10.9.0.0/16` for `IVPN-Singlehop-Netherlands`, and in `10.20.0.0/16` for `IVPN-Singlehop-Germany`. The DNS server for `IVPN-Singlehop-Netherlands` is `10.9.0.1`, and for `IVPN-Singlehop-Germany` it's `10.20.0.1`.
-
-Now it's time to reconfigure eth0 statically, because you no longer want the DNS server(s) that `192.168.1.1` pushes.
-
-    $ sudo nano /etc/network/interfaces
-    ........................
-    auto lo
-    iface lo inet loopback
-        
-    auto eth0
-    iface eth0 inet static
-       address 192.168.1.100
-       netmask 255.255.255.0
-       gateway 192.168.1.1
-        
-    auto eth1
-    iface eth1 inet static
-       address 192.168.2.1
-       netmask 255.255.255.0
-    ........................
-        
-    $ sudo ifdown eth0
-    $ sudo ifup eth0
-
-And now you can configure `/etc/resolv.conf` because DHCP won't be changing it.
-
-    $ sudo nano /etc/resolv.conf
-    ....................
-    domain localdomain
-    search localdomain
-    nameserver 10.9.0.1   
-    nameserver 10.20.0.1
-    ....................
-
-You'll need a `nameserver` line for each of the IVPN routes that you'll be using.
-
-Now that your iptables ruleset is working, you can rename it so it loads at bootup.
-
-    $ sudo mv /etc/iptables/rules.v4 /etc/iptables/open-rules.v4
-    $ sudo mv /etc/iptables/vpn-rules.v4 /etc/iptables/rules.v4
-    $ sudo iptables-restore < /etc/iptables/rules.v4
-
-## Add DHCP Server
-
-Now install and configure DHCP server on eth1.
-
-    $ sudo apt-get update
-    $ sudo apt-get install isc-dhcp-server
-    $ sudo cp /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.default
-    $ sudo nano /etc/dhcp/dhcpd.conf
-    ..........................................
-    ddns-update-style none;
-    default-lease-time 600;
-    max-lease-time 7200;
-    authoritative;
-    subnet 192.168.2.0 netmask 255.255.255.0 {
-       option subnet-mask 255.255.255.0;
-       option routers 192.168.2.1;
-       range 192.168.2.10 192.168.2.20;
-    }
-    ..........................................
-       
-    $ sudo cp /etc/default/isc-dhcp-server /etc/default/isc-dhcp-server.default
-    $ sudo nano /etc/default/isc-dhcp-server
-    .................
-    INTERFACES="eth1"
-    .................
-        
-    $ sudo service isc-dhcp-server start
-    [ ok ] Starting ISC DHCP server: dhcpd.
-
-## Test with Workspace Client
-
-Attach a computer to IVPN gateway Pi eth1, and test.
-
-    $ sudo ifconfig
-       => 192.168.2.10
-
-Browse <https://whatismyipaddress.com/>
-  
-=> 85.12.8.105 [Base IP B.V.]
-
-Browse <https://www.grc.com/dns/dns.htm> and run standard test.
-  
-=> 85.12.5.11 is only reachable DNS server
-
-## Lock Down SSH Server in Gateway
-
-Generate RSA key pair in workspace client.
-
-    $ ssh-keygen
-
-SCP public key to IVPN gateway Pi.
-
-    $ scp /home/pi/.ssh/id_rsa.pub pi@192.168.2.1:/home/pi/
-
-SSH to the IVPN gateway Pi.
-
-     $ ssh pi@192.168.2.1
-
-Working now on IVPN gateway Pi.
-
-    $ mkdir .ssh
-    $ nano /home/pi/.ssh/authorized_keys
-
-Hit Ctrl-R and read in /home/pi/id_rsa.pub, and save and exit.
-
-Now lock down sshd_config.
-
-    $ sudo nano /etc/ssh/sshd_config
-    ....................................................
-    ...
-    PermitRootLogin no
-    ...
-    AuthorizedKeysFile	/home/pi/.ssh/authorized_keys
-    ...
-    PasswordAuthentication no
-    ...
-    ....................................................
-    
-    $ sudo service ssh restart
-
-Open another LXTerminal in the workspace client to test SSH. It doesn't matter here, because the gateway Pi is accessible, but getting locked out of a remote server can be a hassle.
-
-    $ ssh pi@192.168.2.1
-    Enter passphrase for key '/home/pi/.ssh/id_rsa': xxxxxxxxxxxxxx
diff --git a/src/content/es/pages/privacy-guides/vpn-latency-explained.md b/src/content/es/pages/privacy-guides/vpn-latency-explained.md
deleted file mode 100644
index 95f416b34..000000000
--- a/src/content/es/pages/privacy-guides/vpn-latency-explained.md
+++ /dev/null
@@ -1,180 +0,0 @@
----
-title: 'Why and how a VPN affects your connection speed'
-author: Solène Rapenne
-url: /privacy-guides/why-and-how-a-vpn-affects-your-connection-speed/
-section: Basic
-weight: 25
-date: 2024-01-29T10:21:35+00:00
-layout: guides-details
----
-# Introduction
-
-You may have heard or noticed that using [a VPN](https://www.ivpn.net/privacy-guides/what-is-a-vpn/) slows down your connection speed. This is expected behaviour, and inherent to how computer networks work.
-
-Network speed is measured with multiple parameters: **bandwidth**, **throughput** and **latency**. In this guide, you will learn about these three notions and how a VPN affects each.
-
-# Network speed explained
-
-Before diving into the explanations about speed performance impact of a VPN, it is important to understand what lies under network performance, more commonly called "Internet speed".
-
-## Latency
-
-Latency is the time required for a network packet to make a round trip from a host to another.
-
-It characterizes how a user feels the responsiveness when doing something over the network: a low latency, less than 50 milliseconds, is critical for audio and video calls and most online video games. An increased latency can be acceptable up to 150–300 milliseconds when browsing the Internet or reading emails, because these activities are not highly interactive.
-
-Why is there any latency in the first place? Computers are fast and get faster every year after all. Most of the latency occurring is due to the distance [a network packet](https://www.techtarget.com/searchnetworking/definition/packet) has to travel.
-
-In fact, our fastest communication transport medium is the optical fiber. It can only carry data at two third of light speed, as the light beam inside the fiber is bouncing with a specific angle instead of going in a straight line. Light travels at approximately 300 000 kilometers per second, this is fast, but not enough to avoid latency.
-
-With these numbers in mind and some math, we can conclude networks can transport data at best at 200 000 kilometers / 124274 miles per second. Using a better time unit for latency, like milliseconds, the previous speed can be converted to 200 kilometers or 124 miles per millisecond.
-
-It is important to remember that for latency, the travel time must be accounted twice: a first time to reach the remote host and a second time for the response. The best real world achievable latency at the moment of writing is approximately 1 ms for every 100 km / 62 miles of distance between two hosts, assuming there are no other equipment adding latency (like routers, commuters, amplifier), and that the optical fiber between the hosts does not make a detour.
-
-![](/img/latency-explained.png)
-
-Here is the average network latency of different technologies, measured between a home router and its ISP gateway.
-
-These numbers can help to weight the latency introduced by distance compared to the latency of the network access itself:
-
-- Server in a datacenter using Ethernet: 0.1 ms
-- Optical fiber: 1-5 ms
-- 5G: 2-20 ms
-- Coaxial: 3-25 ms
-- DSL: 25-70 ms
-- 4G: 30-70 ms
-- Low-orbit satellite: 40-70 ms
-- 3G: 100-500 ms
-- Dial-up: 150 ms
-- 2G: 300-1000 ms
-- Geostationary satellite: 700 ms
-
-Note that these values represents the time to reach the first hop within the ISP. The latency when connecting to a server over the Internet requires adding the latency between the ISP and the remote server to values above.
-
-In practice, the latency is slightly increased by each equipment on the network route between two peers because network packets must be handled and sent from one router to the other.
-
-## Bandwidth
-
-Another important speed metric for a network is its **bandwidth**, which is the maximum speed a network can sustain for a given period of time. Bandwidth is usually expressed in megabits per second (Mbps), but as optical fiber and 5G are getting more widespread, it is getting common to express it in gigabits per second (Gbps).
-
-Network bandwidth is not always symmetric, most of the time there is a larger bandwidth for receiving data than for sending data. As most users download more data than they upload, it made sense to allocate bandwidth this way.
-
-The bandwidth of a single connection with a remote host will always be limited and reduced down to the intermediary with the smallest bandwidth in the path.
-
-The bandwidth is what your ISP advertises as "speed", but in practice, it is the maximum theoretical speed achievable. It is hard to measure the bandwidth as you are likely to end up measuring throughput.
-
-## Throughput
-
-Finally, the last metric measuring and quantifying a network speed is the **throughput**. It is the actual amount of data going through the network for a given period of time. The throughput is usually measured in kilobytes per second (kB/s) or megabytes per second (MB/s).
-
-As a reminder, megabits are noted Mb while megabytes are noted MB. As 1 byte = 8 bits, there is a difference of a factor of 8 between the two.
-
-When watching a download progress bar, the associated speed displayed is the instant throughput.
-
-There are online services to measure your connection throughput. If you do so, make sure the service is able to deliver more data than your bandwidth, otherwise you would measure the throughput of the service itself. It would be like doing arm wrestling with someone weaker: you would end up measuring their force and not yours.
-
-# Network speed and peering
-
-There is a part of the *speed* that does not depend on your connection itself. When connecting to a remote server, the network traffic will be passed from a network operator to another, multiple times.
-
-Connections between network operators are called [peering](https://en.wikipedia.org/wiki/Peering).
-
-It is not uncommon to have peering issues on the Internet. They are usually short and remain unnoticed by most end users in that they only impact the servers behind a given network operator. Whereas a network issue at your ISP would impact all your network traffic and will be noticed very quickly.
-
-Exceptionally, there are known cases like the French ISP **Free** who was known for its poor peering ([source in French](https://www.ariase.com/box/actualite/lenteur-bridage-youtube-free-ufc-que-choisir)) with the network operator who serves YouTube since they could not find a trade agreement for years.  This ISP was also affected for almost two years by another major peering issue that cut it from most of IPv6 traffic ([source in French](https://www.mail-archive.com/frnog@frnog.org/msg59066.html)).
-
-# The impact of a VPN on Internet speed
-
-As you now are acquainted with the multiple facets of network speed, let's discuss how a VPN affects your Internet speed.
-
-## Latency
-
-### Single hop VPN
-
-When using a VPN with a single hop, the most common setup, latency is calculated by doing the sum of the latency to reach the VPN server and the latency between the VPN server and the destination.
-
-![](/img/latency-vpn-single-hop.png)
-
-In the figure above, illustrating a timing example with a single hop VPN, the latency with the website is measured at 20 ms from the client. However, it increases to 60 ms when using the VPN because the latency is the sum of the latency with the VPN and the latency between the VPN and the website.
-
-### Multi-hop VPN
-
-![](/img/latency-multi-hop.png)
-
-In the figure above, illustrating a timing example with a 2 hops VPN, the latency with the website is 20 ms from the client. The latency increases to 150 ms when using the VPN. A multi-hop VPN will always have a higher latency than a single hop tunnel. Keep in mind that a multi-hop VPN will a lot higher latency when the two hops are on different continents as it involves a higher distance.
-
-### Greater distance = Greater latency
-
-**When using a VPN, a large part of the latency is due to the distance.**
-
-While the latency between you and a close remote server can be low, using a VPN located in another country will drastically increase the latency, due to the distance.
-
-The latency magnitude of order should not change when using a VPN, as long as you avoid having your network traffic doing a round-trip around the planet for each data packet.
-
-For instance, for a user located in New York connecting to their email provider server in Switzerland, choosing a VPN exit node in France would not add much latency since it's almost on the path between the user and the remote server. If the user chooses a VPN exit node in Asia, the latency will be a lot higher as each network packet would have to travel from New York to Asia, Asia to Switzerland, and finally travel back the other way around.
-
-Another example, the user is still in New York, but connects to a server in the same city. In this case the latency without a VPN would be very low. However, as soon as they choose a VPN exit node outside the country, the latency will be much higher.
-
-### Bandwidth and VPN overhead
-
-Once tunneled through a VPN, your connection bandwidth becomes limited to the VPN bandwidth if the VPN exit node bandwidth is smaller than yours.
-
-In addition, a VPN adds a data overhead in that the actual data going through the encrypted tunnel is carried over [clearnet](https://www.urbandictionary.com/define.php?term=clearnet) network packets. When using a VPN, the actual [data payload](https://networkengineering.stackexchange.com/a/35021) is reduced by overhead of the VPN protocol.
-
-What happens here is similar as sending a package to someone by post, but that package is sealed within another package: the real payload of the inner package is smaller than the payload of the outer package.
-
-When chaining multiple VPNs, the available network payload is reduced proportionally to the number of VPN used.
-
-The network overhead is specific to the protocol: OpenVPN adds an overhead of 41 bytes per packet, whereas [WireGuard overhead](https://en.wikipedia.org/wiki/WireGuard#MTU_overhead) is 32 bytes per packet.
-
-When using OpenVPN or WireGuard over [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol), there is an extra 28 bytes for the UDP headers over the clearnet. But when using OpenVPN over [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol), 40 bytes are necessary. WireGuard is not available over TCP.
-
-When an obfuscation protocol is used to circumvent censorship, like [obsfproxy](https://2019.www.torproject.org/docs/pluggable-transports) or [V2Ray](https://www.v2ray.com/en/), the overhead generated is important since the network packets are modified to prevent [Deep Packet Inspection](https://www.fortinet.com/resources/cyberglossary/dpi-deep-packet-inspection) to detect a VPN traffic. For instance, V2Ray can be configured to make the VPN traffic **appear** as a plain text HTTP traffic, or as an encrypted [WebRTC video call](https://webrtc.org/), which is the common protocol used by all conferencing services.
-
-### MTU
-
-It is not possible to talk about VPN performance without mentioning [MTU (Maximum Transmission Unit)](https://www.cloudflare.com/fr-fr/learning/network-layer/what-is-mtu/), since it is often related to VPN speed issues.
-
-The MTU represents the maximum data size a network packet can carry, it's usually 1500 bytes for [IPv4](https://en.wikipedia.org/wiki/Internet_Protocol_version_4).
-
-When doing an action over the network, a packet is sent to a remote server. In addition to the data transmitted there are metadata such as "source address", "destination address", "date and time" and "port". Metadata use 20 bytes for IP packets, 20 extra bytes for TCP packets or 8 extra bytes for UDP packets.
-
-When a network packet is carried over TCP/IP, the useful data contained in a packet is 1500-20-20 = 1460 bytes. In the context of TCP over IP, the payload is named [MSS (Maximum Segment Size)](https://en.wikipedia.org/wiki/Maximum_segment_size), it represents the actual size of useful data that can be carried over a single packet.
-
-VPN performance is impacted when the VPN network packets do not fit in the clearnet MTU, this produces [IP fragmentation](https://en.wikipedia.org/wiki/IP_fragmentation). As the payload (the VPN packet) is too large to fit in the network packet, that packet gets split in two smaller parts. In the end, there are twice the number of network packets for almost no payload increase. This produces an important overhead, which usually reduce the bandwidth by two digits percent.
-
-In a correct setup, the VPN MTU fits in the payload of the network layer above it.
-
-## Throughput
-
-Lastly, the most representative speed metric over a VPN is the throughput when loading remote content.
-
-As explained earlier, the throughput is already be limited to the smallest **bandwidth** in the path between you and the remote host.
-
-In addition, the VPN server's bandwidth should be large enough to sustain the traffic of all users. If a VPN provider has too many users per server, those servers' throughput will be affected negatively which translates into a slow throughput for each user.
-
-The chosen VPN protocol also affects the throughput. OpenVPN is often measured as a dozen percent slower than WireGuard, and thus provides a lower speed. While it is difficult to find objective and reliable performance test of both protocols, here are two tests that appear to be neutral and honest: [WireGuard - review & benchmark](https://r4ven.fr/en/blog/wireguard-benchmark-presentation-tuto/#d---benchmark--openvpn-vs-wireguard) and [Is WireGuard faster than OpenVPN?](https://vladtalks.tech/vpn/is-wireguard-faster-than-openvpn).
-
-# Can a VPN make my connection faster?
-
-Some VPN providers claim that their VPN can improve customers latency and speed. As explained above, a VPN only adds overhead and latency, so their claims are likely to be false in most cases.
-
-However, there are some special cases where a VPN could indeed improve speed and/or latency:
-
-- In some enterprise networks or large public Wi-Fi, it is common to define a [quality of service](https://en.wikipedia.org/wiki/Quality_of_service) policy limiting the bandwidth of each user in order to offer a fair share for everyone. In some countries, [ISPs may practice bandwidth throttling](https://en.wikipedia.org/wiki/Bandwidth_throttling#Comcast_Corp._v._FCC) as well. **In such situations, if the VPN traffic is not throttled**, one can say the VPN improves connection speed.
-
-- In case of a peering issue in the path between the user and a remote server. By using a VPN, the network traffic is likely to use a different network path without the peering issue.
-
-If you are not concerned or impacted by these cases, a VPN will not improve your connection speed.
-
-# Conclusion
-
-You learned about **latency**, **bandwidth** and **throughput**. A VPN negatively affects all of them to some degree.
-
-The higher your bandwidth is, the higher the chance it will be limited by a VPN. In fact, many people got access to gigabit (1 Gbps) internet access [over the last years](https://gigabitmonitor.com/), while the network bandwidth available in datacenters did not increase proportionally. The servers used by VPN operators are often bandwidth limited by their network provider, and 10 Gbps networks accesses are still not widespread in hosting companies.
-
-When it comes to latency, since it's related to the travelled distance of network packets when using a VPN, you may want an exit node closer or farther from your location. Deciding which exit node to use comes down to a balance between speed penalty and privacy:
-
-- You can choose an exit node close to you, this will reduce the latency overhead.
-- You can choose an exit node close to your destination. In practice, this is hard to achieve, unless you know where a server is located. This will also negatively affect the latency to other destinations.
-- You can choose an exit node far away in another country or use a multi-hop setup. This will increase the latency, but it's more likely to improve your privacy by [avoiding NetFlow surveillance](https://www.ivpn.net/privacy-guides/isp-netflow-surveillance-and-vpn/), as the ISP of the exit node has less chance to be acquainted with your ISP or your country's government.
diff --git a/src/content/es/pages/privacy-guides/vpn-vs-tor.md b/src/content/es/pages/privacy-guides/vpn-vs-tor.md
deleted file mode 100644
index 02cabac48..000000000
--- a/src/content/es/pages/privacy-guides/vpn-vs-tor.md
+++ /dev/null
@@ -1,213 +0,0 @@
----
-title: VPN vs Tor
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/vpn-vs-tor/
-section: Basic
-weight: 60
-articles: [
-  {
-    title: "What is a VPN?",
-    url: "/privacy-guides/what-is-a-vpn/"
-  },
-  {
-    title: "Why use Tor with a VPN service?",
-    url: "/privacy-guides/why-use-tor-with-a-vpn-service/"
-  },
-  {
-    title: "Will a VPN Protect Me? Defining Your Threat Model",
-    url: "/privacy-guides/will-a-vpn-protect-me/"
-  }
-]
-date: 2015-09-30T07:56:13+00:00
-layout: guides-details
----
-{{< raw-html >}}
-<table class="table--data vpnprotocols">
-  <tr>
-    <th style="padding: 5px 5px 5px 5px;" width="20%">
-    </th>
-    <th style="padding: 5px 5px 5px 25px;" width="40%">
-      <b>VPN Services</b>
-    </th>
-    <th style="padding: 5px 5px 5px 25px;" width="40%">
-      <b>Tor</b>
-    </th>
-  </tr>
-  <tr>
-    <td>
-      <strong>Design</strong>
-    </td>
-    <td>
-      VPN protocols were developed in the 80s-90s for securing government and commercial networks. The first VPN services appeared in the mid 90s. They provide secure, private wormhole tunnels through the public Internet from client apps to VPN servers.
-    </td>
-    <td>
-      Tor is a second-generation onion-routing anonymity system. It was developed at the U.S. Naval Research Laboratory in the early 00s, and then released into the public domain. It's now managed by an NGO, the Tor Project.
-    </td>
-  </tr>
-  <tr>
-    <td>
-      <strong>Source(s) of Funding</strong>
-    </td>
-    <td>
-      VPN services are generally private firms or NGOs.
-    </td>
-    <td>
-      The Tor Project has been <a href="https://www.torproject.org/about/sponsors.html.en">funded</a> primarily by U.S. government programs.
-    </td>
-  </tr>
-  <tr>
-    <td>
-      <strong>Number of Hops to Exit</strong>
-    </td>
-    <td>
-      Most are one-hop. A few are two- or three-hop.
-    </td>
-    <td>
-      Normally, there are three hops. For onion (aka `hidden`) services, clients and servers each use three-hop circuits to reach rendezvous nodes.
-    </td>
-  </tr>
-  <tr>
-    <td>
-      <strong>Number of Independent Hops</strong>
-    </td>
-    <td>
-      One, because one provider runs them all.
-    </td>
-    <td>
-      Three by design, but collusion is possible.
-    </td>
-  </tr>
-  <tr>
-    <td>
-      <strong>Number of Servers</strong>
-    </td>
-    <td>
-      There are typically 10-100, but some services claim as many as a few hundred.
-    </td>
-    <td>
-      There are <a href="https://metrics.torproject.org/relayflags.html">over 6000</a>.
-    </td>
-  </tr>
-  <tr>
-    <td>
-      <strong>Number of Possible Routes through System</strong>
-    </td>
-    <td>
-      For even the largest VPN services, there are at most a few hundred distinct routes.
-    </td>
-    <td>
-      That depends on <a href="https://metrics.torproject.org/relayflags.html">relay availability</a>. With ~1700 entry guards, ~1000 exit relays and ~2300 non-entry/non-exit relays, about four billion distinct circuits are possible.
-    </td>
-  </tr>
-  <tr>
-    <td>
-      <strong>Frequency of Route Change</strong>
-    </td>
-    <td>
-      That depends on the provider. For most providers, it's done manually, either in custom clients or by users. A few VPN providers offer custom clients that change routes automatically.
-    </td>
-    <td>
-      Each connection by an app uses a new, dedicated circuit. And circuits are replaced at ten minute intervals, unless they've been pinned open by active connections.
-    </td>
-  </tr>
-  <tr>
-    <td>
-      <strong>Chance of Getting Recently-Used Routes</strong>
-    </td>
-    <td>
-      There are few possible routes, so reuse is likely on a scale of days (or at most weeks, for the largest providers).
-    </td>
-    <td>
-      With billions of possible routes, reuse is unlikely on a scale of months, or even years.
-    </td>
-  </tr>
-  <tr>
-    <td>
-      <strong>What does your ISP know?</strong>
-    </td>
-    <td>
-      It knows only that you're using a VPN service.
-    </td>
-    <td>
-      It knows only that you're using Tor.
-    </td>
-  </tr>
-  <tr>
-    <td>
-      <strong>Anonymity: Who knows what about you?</strong>
-    </td>
-    <td>
-      VPN providers: 1) know that you have an account; 2) know your IP address when you connect; and 3) know what Internet sites you visit. And they can see all content that's not end-to end encrypted with Internet sites. However, reputable (and prudent) providers don't look at traffic, keep logs, or associate entry and exit activity.
-    </td>
-    <td>
-      There are normally three relays in a circuit. All traffic is encrypted between users and exit relays. So like VPN providers, exit relay operators can see all content that's not end-to end encrypted with Internet sites. However, only entry relays (aka entry guards) know your IP address, and they don't see your Internet destinations, other metadata, or content. Middle relays isolate entry guards and exit relays. Their operators don't know your IP address. And they also don't see your Internet destinations, other metadata, or content.
-    </td>
-  </tr>
-  <tr>
-    <td>
-      <strong>Distribution of Trust</strong>
-    </td>
-    <td>
-      You must trust the VPN provider.
-    </td>
-    <td>
-      Although the code is freely available for review, virtually all users must trust the system design, and some mix of those who implemented it and those who reviewed it. By design, there's no need to trust any particular resource contributor. But collectively, you must trust the group that manages core directory servers for relays and onion servers. And you must trust that enough relay operators are honest, and not colluding with each other to deanonymize you. And finally, you must trust that system attacks will be detected and mitigated.
-    </td>
-  </tr>
-  <tr>
-    <td>
-      <strong>Security and Privacy:</strong> Who can see and mess with your data?
-    </td>
-    <td>
-      As long as the service uses the <a href="https://www.ivpn.net/pptp-vs-l2tp-vs-openvpn">secure IPSec or OpenVPN protocols</a>, adversaries between you and the VPN server can't see or alter your traffic. They can block it, of course. But the connection is encrypted with <a href="https://en.wikipedia.org/wiki/Forward_secrecy">perfect forward secrecy</a>. Even if an adversary somehow manages to decrypt some of the VPN traffic, that won't allow them to easily decrypt past or future traffic. The VPN provider, of course, can see traffic that it's handling. And your traffic is exposed after it leaves the VPN exit. So it's important to employ end-to-end encryption with Internet destinations (e.g., HTTPS for websites, and TLS for email).
-    </td>
-    <td>
-      Tor connections are multiply encrypted, all with <a href="https://en.wikipedia.org/wiki/Forward_secrecy">perfect forward secrecy</a>. Your connection to the exit relay is encrypted. So is your connection to the middle relay, which is relaying traffic to the exit relay. And so is your connection to the entry guard, which is relaying traffic to the middle relay, and so on. Given that, only the exit relay operator can see and mess with your data. And as with VPN services, your traffic is exposed after it leaves the exit. So it's important to employ end-to-end encryption with Internet destinations (e.g., HTTPS for websites, and TLS for email).
-    </td>
-  </tr>
-  <tr>
-    <td>
-      <strong>Ease of Use</strong>
-    </td>
-    <td>
-      VPN services are the simplest type of anonymity system that's secure and reliable. VPN servers automatically proxy all of the client's Internet traffic. There's no need to configure apps. They're usually very easy to setup, with client software (or perhaps just configuration files) from providers.
-    </td>
-    <td>
-      <a href="https://www.torproject.org/projects/torbrowser.html.en">Tor browser</a> is very easy to install, but only browser traffic uses Tor. It's not designed to easily route other apps via Tor. And using the plain Tor client is complicated, and not well documented for new users. Other options include the <a href="https://tails.boum.org/">Tails LiveDVD</a>, and <a href="https://www.whonix.org/">Whonix</a>, which is a pair of VirtualBox VMs. Both include numerous apps. Using Whonix, even misconfigured apps cannot bypass Tor.
-    </td>
-  </tr>
-  <tr>
-    <td>
-      <strong>Speed and Latency</strong>
-    </td>
-    <td>
-      VPN services are typically very fast, only slightly worse than plain ISP uplinks. Latency (time delay) depends on the distance to the VPN server, and network conditions. But it's generally less than 0.1 second, which is not very noticeable (except for some gameplay).
-    </td>
-    <td>
-      Speed varies greatly, depending on the capabilities of intervening relays, and how much traffic they're handling. Also, for better security, each client now chooses just one entry guard at first run, and it sticks with that choice for about six months. Although the system excludes slow relays as entry guards, entry guards can become overloaded. It may be necessary to delete the Tor configuration, in order to force the selection of a new entry guard. Latency (time delay) is much greater than with VPNs, sometimes as great as 0.5 second (or even 1 second). That is especially problematic for websites that do a lot of back-and-forth with browsers. Blocking ads and Javascript typically helps.
-    </td>
-  </tr>
-  <tr>
-    <td>
-      <strong>Potential Pitfalls, and Mitigation</strong>
-    </td>
-    <td>
-      VPN connection may drop, and while it's reconnecting, traffic may reach Internet sites directly - some VPN client apps prevent that - and one can also block bypass using firewall rules - also potential for DNS leaks - VPN server tells your client app what DNS servers to use - but your computer also knows about DNS servers from your ISP - so when the VPN is connected, it may access ISP-associated DNS servers - and that may reveal your VPN exit IP address to your ISP - some VPN client apps also prevent that - and one can also block DNS bypass using firewall rules
-    </td>
-    <td>
-      If your apps and/or Tor are misconfigured, you'll be accessing the Internet directly, at least in part. And it's all too easy to get caught, by not knowing what to worry about. A classic example is using BitTorrent via Tor. It's very hard to force all BitTorrent connections to use Tor. That's because BitTorrent apps are designed for speed, and not for security. Given the risks in using the <a href="https://www.torproject.org/projects/torbrowser.html.en">Tor browser</a>, it's best to use either the <a href="https://tails.boum.org/">Tails LiveDVD</a> or <a href="https://www.whonix.org/">Whonix</a>. Also see <a href="https://www.torproject.org/download/download-easy.html.en#warning">Want Tor to really work?</a>
-    </td>
-  </tr>
-  <tr>
-    <td>
-      <strong>Conclusion</strong>
-    </td>
-    <td>
-      VPN services are an excellent choice where speed, and privacy from local adversaries, are most important. They also provide limited anonymity on the Internet, but that's vulnerable to adversaries who can coerce providers, or snoop on their servers. See <a href="/privacy-guides/will-a-vpn-protect-me/">Will a VPN Protect Me?</a> and <a href="/privacy-guides/adversaries-and-anonymity-systems-the-basics/">Adversaries and Anonymity Systems</a>. They're easy to install and use. Once setup properly, they reliably handle all Internet traffic.
-    </td>
-    <td>
-      When the Tor client starts, it displays a warning: `This is experimental software. Do not rely on it for strong anonymity.` But there's arguably no better alternative. See <a href="/privacy-guides/adversaries-and-anonymity-systems-the-basics/">Adversaries and Anonymity Systems</a>. And so Tor is the best choice when anonymity is most important. But Tor is much slower than VPN services. And you must <a href="https://www.torproject.org/download/download-easy.html.en#warning">use it properly</a>.
-    </td>
-  </tr>
-</table>
-{{< / raw-html >}}
\ No newline at end of file
diff --git a/src/content/es/pages/privacy-guides/what-is-a-vpn.md b/src/content/es/pages/privacy-guides/what-is-a-vpn.md
deleted file mode 100644
index 5b40953f0..000000000
--- a/src/content/es/pages/privacy-guides/what-is-a-vpn.md
+++ /dev/null
@@ -1,195 +0,0 @@
----
-title: What is a VPN?
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/what-is-a-vpn/
-section: Basic
-weight: 70
-articles: [
-  {
-    title: "Why use Tor with a VPN service?",
-    url: "/privacy-guides/why-use-tor-with-a-vpn-service/"
-  },
-  {
-    title: "Will a VPN Protect Me? Defining Your Threat Model",
-    url: "/privacy-guides/will-a-vpn-protect-me/"
-  }
-]
-date: 2015-09-30T07:41:31+00:00
-layout: guides-details
----
-## Introduction
-
-The Internet is an incredible thing. Computers around the planet can communicate with each other through it. However, the Internet is public space. And in public spaces, bad things can sometimes happen. That's why we have private space, which we can secure and trust. But how can private space be created among widely separated computers, which can only reach each other through the Internet?
-
-Virtual private network (VPN) connections make that possible. Superficially, they serve as private wormhole tunnels through the Internet. We'll unpack that description shortly. In any case, whatever VPNs actually are, they are used primarily in two ways. First, organizations and groups use VPNs to securely interconnect widespread locations. Second, they use VPNs to enable secure access by remote staff and customers.
-
-This article focuses on **VPN services**, which provide enhanced security and privacy to their users. By default, users reach the Internet directly through [Internet Service Provider (ISP)][1] gateways, which they typically reach through dialup, DSL, cable, fiber, LTE or Wi-Fi:
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/Connection-No-VPN-light.png"
-        srcset="/images-static/uploads/Connection-No-VPN-light.png 1x, /images-static/uploads/Connection-No-VPN-light@2x.png 2x"
-        alt="Connection Without VPN" />
-    <img class="features__image--dark" src="/images-static/uploads/Connection-No-VPN-dark.png"
-        srcset="/images-static/uploads/Connection-No-VPN-dark.png 1x, /images-static/uploads/Connection-No-VPN-dark@2x.png 2x"
-        alt="Connection Without VPN" />
-</figure>
-{{< / raw-html >}}
-
-ISPs know what sites users are accessing. They can see and modify all content that's not end-to-end encrypted. For example, they can add [tracking supercookies][3]. They can also block or throttle traffic, based on destination, traffic type, aggregate bandwidth usage, or whatever.
-
-Those concerns are not problematic, as long as ISPs are serving their users' interests, respecting their privacy, and adequately securing their networks. But they do become problematic when ISPs act against users' interests. For example, governments may pressure ISPs to block access to certain sites. They may require ISPs to log and report online activity. ISPs may even provide [full-traffic intercept capability][4].
-
-VPN services route their users' Internet traffic through private tunnels to remote exit servers:
-
-{{< raw-html >}}
-<figure>
-    <img class="features__image--light" src="/images-static/uploads/Connection-One-VPN-light.png"
-        srcset="/images-static/uploads/Connection-One-VPN-light.png 1x, /images-static/uploads/Connection-One-VPN-light@2x.png 2x"
-        alt="Connection With VPN" />
-    <img class="features__image--dark" src="/images-static/uploads/Connection-One-VPN-dark.png"
-        srcset="/images-static/uploads/Connection-One-VPN-dark.png 1x, /images-static/uploads/Connection-One-VPN-dark@2x.png 2x"
-        alt="Connection With VPN" />
-</figure>
-{{< / raw-html >}}
-
-There's nothing private beyond the exit server, just the Internet. Still, VPN services protect their users in three main ways. First, they protect users from voyeurs, trackers, hackers, censors and other adversaries who can access networks between the user and the VPN service. Such adversaries can detect the VPN tunnel, and they can measure traffic volume. They can block the tunnel, but it's all or none. And they can't see, modify or specifically block any traffic inside the tunnel, whether it's end-to-end encrypted or not.
-
-Second, VPN services may allow users to bypass geographic access restrictions imposed by some websites. Websites normally see traffic coming from a user's [Internet Protocol (IP) address][6], which is assigned by their ISP. And they can get the geographical location of that IP address from services such as [MaxMind][7].{{< raw-html >}}<sup><a href="#note-1"><b>1</b></a></sup>{{< / raw-html >}} You can see your current IP address using [What Is My IP Address][8]. While you're using a VPN service, websites instead see the VPN service's IP address. And so you just pick a VPN exit server with an IP address that's acceptable to the website that you want to access.
-
-Third, VPN services allow users to be more anonymous. That's because users are typically sharing a particular VPN exit server with many other users. And they can easily switch to a different VPN exit server. However, websites can identify and track users in many ways.{{< raw-html >}}<sup><a href="#note-2"><b>2</b></a></sup>{{< / raw-html >}} The Wall Street Journal published an excellent [series on tracking][9] in 2010-2012. You may have seen a [No Not Track][10] option in your browser. However, [`by and large, the advertising industry ignores them`][11]. The W3C Technical Architecture Group (TAG) has published its opinion that [`unsanctioned tracking`][12] is harmful to the Web.
-
-Of course, users are vulnerable to VPN services in the same ways that they're vulnerable to ISPs. But there's a crucial distinction: People have far more freedom and discretion in choosing VPN services. Let's say that your government censors and/or monitors Internet access. And let's say that it has compromised all available ISPs. Even if that's so, you can choose a VPN service in another jurisdiction. And you can choose one where it's much harder for your government to compromise things and obtain information.
-
-## What Are VPNs?
-
-OK, so what <u>is</u> a virtual private network? As you probably discovered before finding this page, there's a lot out there about VPNs. Unfortunately, most of it is either highly technical, or highly simplistic. Worse, much of the technical material is dated and/or misguided, and much of the simplistic material merely promotes a particular VPN service. This article takes a middle course. It does mention various technical issues, but for the most part leaves that to linked resources.
-
-First, what is a <u>network</u>? In this context, a network is a system of computers and other devices that are interconnected by communications links. Those links may be wires, coaxial cables, optical fibers, microwave beams, and so on. Most simply, one may consider networks to include just the communications links and terminating gateways. The gateways mediate and regulate connections by other devices.
-
-The first computer networks were all <u>private</u>, comprising devices located in private space, such as a building or an institutional campus. For such [Local Area Networks (LANs)][13] in private spaces, physical access control may provide sufficient security. But private LANs are nontrivial for geographically widespread devices. Dedicated connections are expensive, and they [don't scale well][14]. And so it's generally necessary to share long-distance communications links. Today, that pretty much means connecting through the Internet.
-
-If you need secure and private connections, that's a serious problem. In [devising network communication protocols][15], engineers at first assumed that connected devices (and their users) could trust each other, and could also trust the network itself. That was an acceptable assumption for private LANs, operated by the military. But it becomes iffy for shared networks. And it fails utterly for the Internet. The Internet is an utterly public network, and it cannot prudently be trusted.{{< raw-html >}}<sup><a href="#note-3"><b>3</b></a></sup>{{< / raw-html >}}
-
-The solution was [virtual][16] private network (VPN) connections through the untrusted Internet. Efforts in the 80s to secure government and commercial networks culminated in the [Internet Protocol Security suite (IPsec)][17]. It was the first secure VPN technology. IPSec and other VPNs rely on [encapsulation][18].
-
-In the early 90s, Netscape spearheaded development of the Secure Sockets Layer (SSL) protocol for secure (authenticated and encrypted) web browsing. It's been largely replaced by the more-secure [Transport Layer Security (TLS) protocol][19]. Three notable open-source VPN packages now implement network tunneling with SSL/TLS for security: [OpenVPN][20], [OpenConnect][21] and [SoftEther][22]. Many VPN services provide IPsec combined with a tunneling protocol (L2TP) that simplifies setup. L2TP/IPsec works best on iOS and Android. However, it's apparently more vulnerable than OpenVPN to [exploitation by the NSA and friends][23]. Microsoft introduced its Point-to-Point Tunneling Protocol (PPTP) in Windows NT and Windows 95. It is [not very secure][24]. Please see this [comparison of PPTP, L2TP/IPSec and OpenVPN][25] .
-
-To reiterate, encrypted traffic between a VPN server and a client creates a virtual armored cable between them. Intermediaries (and adversaries with access) can see the virtual cable, but they can't see the data that it carries. VPNs are actually more like very tough yet elastic hoses, which change `diameter` depending on how much data is flowing through them. That provides adversaries with some information about online activity, but not actual traffic data.
-
-## Why Do We Need VPNs When We Have HTTPS? {#toc_2}
-
-The [TLS protocol][19] in [Secure HTTP (HTTPS)][26] provides solid transport security. That is, it protects ongoing connections from adversaries. But otherwise, HTTPS is fatally flawed. It's fatally flawed because server authentication depends on hierarchical systems of certificate authorities, starting with trusted root certificates bundled in browsers. That's a problem. Consider the Superfish adware that Lenovo [included on consumer notebooks][27]. By adding its own root certificate to browsers, Superfish could intercept HTTPS connections, and replace websites' ads with its own ones. In other words, it carried out [man-in-the-middle (MitM) attacks][28] on Lenovo customers.
-
-But it's far from the worst problem. Let's say that you visit <https://search.disconnect.me/>. How does your browser know that it's connected directly to that site, and that the connection hasn't been intercepted in a MitM attack? Supposedly, the browser knows because it can follow a chain of trust from the site's certificate through various intermediate certificate authorities, back to one of the root certificates that it trusts. But trust chains are typically very long and complex. And if one of those intermediate certificate authorities has [done something foolish][29] or [been compromised][30], websites can be spoofed or MitM'ed.
-
-Using a VPN service, you get certificates from the provider. Once you've securely obtained them, there is no ambiguity when client apps authenticate the provider's VPN servers. A client won't connect unless a server proves that it has the requisite [certificate authority (CA) certificate][31]. There are no intermediate certificate authorities that must be trusted. And so MitM attacks are [much harder][32]. Even so, VPNs only protect against adversaries between a user and a VPN server.
-
-## There Are Bigger Problems
-
-Even after decades of security hardening, the Internet remains vulnerable in fundamental ways through unwarranted trust. There are two key vulnerabilities. First, let's say that you want to use [Google][33]. In order to load the page, your browser must translate _www.google.com_ into a suitable IP address. Google has many server clusters, in data centers around the world. The name servers specified in Google's domain registration are the best source for the IP address of a nearby Google server that's not too busy. But if everyone hit Google's primary name servers directly, they would crash and burn. And so there is a hierarchical global network of name servers, known as the [Domain Name System (DNS)][34], which forward and temporarily cache that information.
-
-The process begins with name servers that your computer knows about. By default, those typically belong to your ISP. Google being so popular, those name servers will likely have the answer. But if they didn't, they would ask their ISP's name servers. And so on up the hierarchy to Google's primary name servers. Although the system works well for the most part, it is [vulnerable to spoofing and denial of service (DOS) attacks][35] by adversaries.
-
-For example, let's say that your government doesn't want you to use Google. And so it requires all domestic ISPs to point _www.google.com_ at some non-Google IP address. That's called [DNS spoofing (or cache poisoning)][36]. And it's a common practice.{{< raw-html >}}<sup><a href="#note-4"><b>4</b></a></sup>{{< / raw-html >}} There is an easy workaround: just configure your computer to use [third party DNS servers][37].{{< raw-html >}}<sup><a href="#note-5"><b>5</b></a></sup>{{< / raw-html >}} However, that isn't always sufficient, because traffic to those DNS servers can also be blocked or misdirected.
-
-Second, there is a [fundamental vulnerability][38] in the Internet [Border Gateway Protocol (BGP)][39]. Once your browser knows a website's IP address, BGP enables your ISP (and other intervening ISPs) to properly route your traffic to that destination. What's problematic is that BGP foolishly assumes that Internet routers can [trust each other][40]. But that [doesn't always work out][41].
-
-Sometimes it's just mistakes. In June-2015, [Telekom Malaysia][42] announced routes to much of southeast Asia and Australia, and then it promptly choked on the massive traffic that ensued. That is, Telekom Malaysia's mistake prevented people in London (for example) from accessing sites in Singapore, Hong Kong, Sydney and so on. But sometimes one wonders. In 2010, China Telecom [`hijacked` a large chunk of the Internet][43]. Although there's no proof, the Chinese might have monitored and logged on a massive scale. Or instead, they could have just [null routed][44] everything.
-
-VPN services can mitigate at least some DNS vulnerabilities, by tunneling beyond area controlled by an adversary. Most countries use DNS spoofing (cache poisoning) to deny access to forbidden websites. But most countries can't poison the entire DNS hierarchy. For example, in 2014 [the Turkish government banned Twitter and YouTube through DNS poisoning][45]. And then, as users started using Google's DNS servers to get around the ban, it blocked access to them as well. However, all of those blocks were implemented through Turkish ISPs. So VPN users could reach routes and DNS servers that were not under Turkish control.
-
-## But VPNs Aren't Perfect {#toc_4}
-
-ISPs can also block VPN connections. Iran and China notoriously do. It's not hard to detect VPNs. The [OpenVPN][46] and [IPSec][47] protocols are both distinctive. ISPs can just look at packet types, sequences and patterns. That's known as [deep packet inspection][48]. Also, their systems test suspected VPN servers for VPN-specific response patterns.
-
-One can hide ([encapsulate][49]) VPN traffic in other tunnels. There are good introductions [here][50] and [here][51]. Open-source tools include [SSH][52], [SSL][53] (_e.g._, [stunnel][54]) and [obfsproxy][55] (developed by the Tor Project). There is also a [patch for OpenVPN][56]. And some VPN services use various methods that are proprietary and closed-source. However, the shape of the initial connection dialog between client and server is [distinctive][57]. And that's hard to obfuscate without [padding][58]. But padding wastes bandwidth, so there's a trade-off.{{< raw-html >}}<sup><a href="#note-6"><b>6</b></a></sup>{{< / raw-html >}}
-
-If your ISP is hijacking BGP, you can bypass using VPNs. As long as they're not blocked, anyway. More generally, that's the case whenever you're inside of some controlled space (_e.g._, corporate and university networks) or subject to a national firewall. As long as the VPN exit is outside the controlled space, it doesn't see the BGP hijacking.
-
-Otherwise, it's hard to get around BGP hijacking. Consider [Telekom Malaysia's mistake][42]. Let's say that there's a VPN provider with servers in London and Singapore. If another route existed from London to Singapore that didn't pass through Telekom Malaysia, that VPN provider could hard-code it into their servers. Even though Telekom Malaysia was hijacking BGP to Singapore, traffic through the London-Singapore VPN tunnel would ignore it. However, unless such problems persisted, it's unlikely that VPN providers would route around them manually. But corporate, academic and government VPNs might.
-
-{{< raw-html >}}
-<div class="footnotes">
-<h2>Footnotes</h2>
-
-<ol>
-<li id="note-1">
-  Geolocation based on IP address isn't perfect. That's because services like MaxMind typically report central addresses of ISPs, rather than the actual addresses of ISP customers. But they get the country right, and that's enough to enforce geographic access restrictions.
-</li>
-<li id="note-2">
-  Smartphones are especially vulnerable to tracking. Users have far less control over app behavior on smartphones. And there are multiple data sources for accurate geolocation, including GPS, cell towers and Wi-Fi hotspots.
-</li>
-<li id="note-3">
-  Indeed, not even fundamental Internet links can be reliably secured over long distances. Cables are cut <a href="http://time.com/tag/internet-cable-cuts/">on land</a> and <a href="http://subtelforum.com/articles/category/cable-faults/">under oceans</a>. And they are <a href="http://www.theatlantic.com/international/archive/2013/07/the-creepy-long-standing-practice-of-undersea-cable-tapping/277855/">tapped</a>.
-</li>
-<li id="note-4">
-  The US FBI uses DNS poisoning for so-called <a href="https://www.indolering.com/chilling-effects-domain-names">domain name seizures</a>, and the Motion Picture Association of America (MPAA) wants to <a href="https://www.bvsystems.com/WordPress/?tag=dns-takedown">take down sites hosting pirated content</a>. Various countries use DNS poisoning to <a href="http://www.smh.com.au/digital-life/digital-life-news/8888-the-four-digits-that-could-thwart-australias-antipiracy-websiteblocking-regime-20150624-ghw7kc.html">ban Interpol's `worst of the worst` list</a>. The Cyberspace Administration of China (CAC) does one better: it <a href="http://blog.crowdstrike.com/cyber-kung-fu-great-firewall-art-dns-poisoning/">redirects users</a> from banned sites to other sites that it wants to attack.
-</li>
-<li id="note-5">
-  Some malware also does that for <a href="https://www.fbi.gov/news/stories/2011/november/malware_110911">ad injection</a> or <a href="http://www.securityweek.com/cybercriminals-use-dns-poisoning-brazilian-boleto-fraud-scheme">fraud</a>.
-</li>
-<li id="note-6">
-  See Chapter 5 of <a href="http://www.cs.columbia.edu/~angelos/Papers/theses/sambuddho_thesis.pdf">Sambuddho Chakravarty's thesis</a>.
-</li>
-</ol></div>
-{{< / raw-html >}}
-
- [1]: https://en.wikipedia.org/wiki/Internet_service_provider
- [2]: /images-static/uploads/Connection-No-VPN.png
- [3]: http://motherboard.vice.com/read/here-are-the-mobile-companies-still-tracking-you-across-the-web
- [4]: http://www.nytimes.com/2015/08/16/us/politics/att-helped-nsa-spy-on-an-array-of-internet-traffic.html
- [5]: /images-static/uploads/Connection-One-VPN.png
- [6]: https://en.wikipedia.org/wiki/IP_address
- [7]: https://www.maxmind.com/en/home
- [8]: https://whatismyipaddress.com/
- [9]: http://www.wsj.com/public/page/what-they-know-digital-privacy.html
- [10]: https://www.eff.org/issues/do-not-track
- [11]: http://www.theregister.co.uk/2015/07/29/dnt_dead_in_the_water/
- [12]: http://www.w3.org/2001/tag/doc/unsanctioned-tracking/
- [13]: https://en.wikipedia.org/wiki/Local_area_network
- [14]: http://www.uh.edu/engines/nycandwires.jpg
- [15]: http://arstechnica.com/tech-policy/2011/03/the-essence-of-the-net/
- [16]: http://www.merriam-webster.com/dictionary/virtual
- [17]: https://en.wikipedia.org/wiki/IPsec
- [18]: https://en.wikipedia.org/wiki/Encapsulation_%28networking%29
- [19]: https://en.wikipedia.org/wiki/Transport_Layer_Security
- [20]: https://openvpn.net/index.php/open-source/333-what-is-openvpn.html
- [21]: https://www.infradead.org/openconnect/
- [22]: https://www.softether.org/
- [23]: http://www.spiegel.de/media/media-35529.pdf
- [24]: http://www.schneier.com/paper-pptpv2.html
- [25]: /pptp-vs-l2tp-vs-openvpn
- [26]: https://en.wikipedia.org/wiki/HTTPS
- [27]: http://arstechnica.com/security/2015/02/lenovo-pcs-ship-with-man-in-the-middle-adware-that-breaks-https-connections/
- [28]: https://en.wikipedia.org/wiki/Man-in-the-middle_attack
- [29]: http://googleonlinesecurity.blogspot.co.nz/2015/03/maintaining-digital-certificate-security.html?m=1
- [30]: http://csrc.nist.gov/groups/SMA/forum/documents/october-2012_fcsm_pturner.pdf
- [31]: https://openvpn.net/index.php/open-source/documentation/howto.html#pki
- [32]: http://security.stackexchange.com/questions/73469/tls-authentication-openvpn-mitm-attacks-on-public-wifi
- [33]: https://www.google.com/
- [34]: https://en.wikipedia.org/wiki/Domain_Name_System
- [35]: https://developers.google.com/speed/public-dns/docs/security?hl=en
- [36]: https://en.wikipedia.org/wiki/DNS_spoofing
- [37]: https://www.wikileaks.org/wiki/Alternative_DNS
- [38]: https://www.blackhat.com/docs/us-15/materials/us-15-Remes-Internet-Plumbing-For-Security-Professionals-The-State-Of-BGP-Security-wp.pdf
- [39]: https://en.wikipedia.org/wiki/Border_Gateway_Protocol
- [40]: https://blog.opendns.com/2015/06/18/bgp-and-the-system-of-trust-that-runs-the-internet-pt-1/
- [41]: https://www.bgpmon.net/blog/
- [42]: https://www.bgpmon.net/massive-route-leak-cause-internet-slowdown/
- [43]: http://www.bgpmon.net/chinese-isp-hijacked-10-of-the-internet/
- [44]: https://en.wikipedia.org/wiki/Null_route
- [45]: http://googleonlinesecurity.blogspot.com/2014/03/googles-public-dns-intercepted-in-turkey.html
- [46]: https://wiki.wireshark.org/OpenVPN
- [47]: https://blog.barracuda.com/2015/03/24/understanding-internet-protocol-security-ipsec/
- [48]: https://en.wikipedia.org/wiki/Deep_packet_inspection
- [49]: http://www.tcpipguide.com/free/t_IPDatagramEncapsulation.htm
- [50]: http://www.ab9il.net/crypto/openvpn-cloaking.html
- [51]: https://www.bestvpn.com/blog/5919/how-to-hide-openvpn-traffic-an-introduction/
- [52]: http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/slogin.1?query=ssh&sec=1
- [53]: https://www.openssl.org/docs/manmaster/apps/openssl.html
- [54]: https://www.stunnel.org/index.html
- [55]: https://www.torproject.org/projects/obfsproxy.html.en
- [56]: https://forums.openvpn.net/topic12605.html
- [57]: https://www.wilderssecurity.com/threads/ways-to-obfuscate-vpn-connections.363059/
- [58]: https://en.wikipedia.org/wiki/Padding_%28cryptography%29
diff --git a/src/content/es/pages/privacy-guides/why-use-tor-with-a-vpn-service.md b/src/content/es/pages/privacy-guides/why-use-tor-with-a-vpn-service.md
deleted file mode 100644
index ff3d428dd..000000000
--- a/src/content/es/pages/privacy-guides/why-use-tor-with-a-vpn-service.md
+++ /dev/null
@@ -1,46 +0,0 @@
----
-title: Why use Tor with a VPN service?
-author: Ed Holden
-url: /privacy-guides/why-use-tor-with-a-vpn-service/
-section: Basic
-weight: 80
-articles: [
-  {
-    title: "Will a VPN Protect Me? Defining Your Threat Model",
-    url: "/privacy-guides/will-a-vpn-protect-me/"
-  },
-  {
-    title: "An Introduction to Privacy & Anonymity",
-    url: "privacy-guides/an-introduction-to-privacy-anonymity/"
-  },
-]
-date: 2018-10-25T13:55:43+00:00
-layout: guides-details
----
-## Introduction
-
-The [Tor network][1] has been a useful tool for the privacy-aware internet users since 2002. While it has shown itself to be an invaluable tool in protecting one's privacy through anonymity, it is anything but a panacea. Today we are going to examine two of the known vulnerabilities in the Tor system and then see how using a trustworthy VPN service in conjunction with Tor can mitigate many of those vulnerabilities thus substantially reducing your privacy risk surface.
-
-> Note: While Tor is decentralized and designed in a way that you don't have to trust a single entity, most VPN services are run by centralized organizations. This article assumes you have picked a VPN service after carefully vetting them and you trust its operators to honor no-logs promises. 
-> See our guide on vetting VPN providers [here](https://www.ivpn.net/privacy-guides/18-questions-to-ask-your-vpn-service-provider/).  
-> For an in-depth guide on using Tor with a VPN see [Advanced Privacy and Anonymity - Part 3](https://www.ivpn.net/privacy-guides/advanced-privacy-and-anonymity-part-3/). 
-
-
-The first vulnerability we are going to examine is the scenario where the attacker is passively monitoring the connection of both the sender and recipient. For simplicity's sake, we will be using the common cryptographic archetypes of Alice and Bob et. al. If you are not familiar with these characters see the [wikipedia entry][2]. Additionally, we will be assuming that you have basic knowledge of how the Tor network functions.
-
-## Scenario A 
-
-In this first scenario, Alice is connecting to Bob's server over the Tor network. Additionally, Eve is positioned to passively monitor traffic coming both from Alice and to Bob. This is a scenario we know already exists at both the individual ISP level and at the level of major backbone interconnects through government access. It has been demonstrated since 2002 that Eve can [correlate traffic](https://www.onion-router.net/Publications/locating-hidden-servers.pdf) between Alice and Bob with a degree of accuracy that completely eliminates false positives. Further, this attack does not necessitate physical-level access to both Alice and Bob's individual networks. Because the Tor network allows anyone to run an end node, Mallory could simply have physical access to Alice's network and then run an end node herself. On the occasions when Alice's traffic is exiting the tor network from Mallory's end node (without regard to the locations and number of intermediate hops), there would be a functional replacement for the need to have physical access to Bob's network, as all traffic from Alice to Bob would pass through Mallory's node with all the intermediate encryption stripped off (assuming that Bob's server did not support end-to-end encryption, of course).
-
-By using a VPN service that has a high enough Tor traffic volume, the ability of Eve or Mallory to correlate Alice and Bob's traffic is severely hindered. This ability could be further reduced if Alice were to concurrently generate traffic over the VPN connection to multiple Tor sites along with non-Tor traffic. Essentially what this accomplishes is padding Alice's connection to the VPN server with sufficient extra data that correlation becomes even more difficult.
-
-## Scenario B
-
-The second vulnerability to examine is referred to as the ['bad apple'](https://arxiv.org/abs/1103.1518) attack. Here, we will assume that Alice and Bob are communicating via bittorrent. Mallory injects traffic that triggers Alice to make a UDP connection to Mallory's server. By taking advantage of the fact that Tor only provides a secure TCP connection, Alice is then tricked into revealing her actual identity. By properly configuring one's VPN connection to tunnel all traffic and by applying the other padding strategies above, Alice is no longer vulnerable to this attack.
-
-One of the most important features one should look for when shopping for VPN services is variable multi-hop capabilities. Here, one has the opportunity to bounce his encrypted traffic across multiple networks and jurisdictions, further reducing the possibility that traffic-analysis based attacks would be successful. Additionally, when needed, one can quickly choose a different multi-hop path for his traffic. Remember that in analysis attacks, padding is your friend and each individual encryption wrapper provides additional padding that can confound Mallory's attempts to correlate traffic.
-
-
-
- [1]: https://www.torproject.org/
- [2]: http://en.wikipedia.org/wiki/Alice_and_Bob
diff --git a/src/content/es/pages/privacy-guides/will-a-vpn-protect-me.md b/src/content/es/pages/privacy-guides/will-a-vpn-protect-me.md
deleted file mode 100644
index c0e47a0e8..000000000
--- a/src/content/es/pages/privacy-guides/will-a-vpn-protect-me.md
+++ /dev/null
@@ -1,114 +0,0 @@
----
-title: Will a VPN Protect Me? Defining Your Threat Model
-author: mirimir (gpg key 0x17C2E43E)
-url: /privacy-guides/will-a-vpn-protect-me/
-section: Basic
-weight: 90
-date: 2014-09-04T08:37:22+00:00
-layout: guides-details
----
-The Internet was originally designed for communication among trusted partners. It was designed to be highly resilient against nuclear attacks, and other such external threats. But there were no protections against insider threats, from malicious network peers or users. Neither content nor information about content (which is called metadata) such as user identity, date and subject for email messages, were kept private, or secured against modification or spoofing.
-
-As the Internet has grown and developed, various insider threats have been recognized, and various components have been updated to mitigate them. For the most part, however, efforts have focused on small-scale adversaries, such as individuals and criminal organizations. Email, one of the core components, remains notoriously broken against powerful adversaries. The HTTPS protocol was designed to authenticate websites, and to protect users against eavesdropping and `Man in the Middle` (MitM) attacks. However, its security entirely depends on hierarchic systems of trusted certificate authorities, and they remain vulnerable to clever and/or powerful adversaries.
-
-Indeed, the Internet has become a panopticon with numerous observers. Commercialization has culminated in an advertising-funded economic model that rewards players who can most effectively target users by compromising their privacy. Worse, the Internet is also heavily militarized, with the US (NSA) and China (various MSS and PLA agencies) as major players. Efforts involve both mass surveillance and targeted attack. Furthermore, intercepted information is commonly (albeit secretly) used for such non-military goals as business development and law enforcement, through parallel construction.
-
-Censorship is also pervasive. Nations such as China, India, the UK, Iran, Saudi Arabia and Pakistan restrict access by their citizens for various economic, social, ideological and/or religious reasons. Furthermore, the US censors the entire Internet, primarily (as far as we know) in defense of intellectual property rights. Leveraging its jurisdiction over the .com, .net and .org domain registrars, it has seized thousands of websites, often based on mere allegations of infringing activity. All such domains (including, for example, most VPN services) are vulnerable.
-
-But you already knew that, right? That's why you're reading this article. You're probably wondering whether iVPN (or any VPN service) can provide the anonymity, freedom, privacy and/or security that you seek. For better or worse, the answer is `it depends`. VPN services effectively guard against some threats, and are inadequate against others. It all depends on your threat model(s).
-
-In formulating a threat model, first consider what you are protecting, what potential adversaries (archetypic attackers) you are protecting against, and what consequences you might face if compromised. Consider your potential adversaries, how capable and resourceful they are, and what methods they might employ against you. Also consider your skills, how hard you are willing to work, and how much usability and convenience you are willing to give up. Finally, keep in mind that you may have multiple context-dependent threat models, and that you may want to combine various defenses in ways that are appropriate for each of them.
-
-## Example Threat Models
-
-We begin by considering threat models that are typical among prospective users of VPN services, ranging from trivial to grandiose. In each example, there are four bullets: a) summary of the threat; b) recommended mitigation; c) how it works; and d) issues and limitations. Please see [Adversaries and Anonymity Systems: The Basics][1] for background information and details about adversaries and anonymity systems. For any of these threat models, except perhaps the first, it's important to prevent leaks if the VPN connection is interrupted. You can use a [VPN client that prevents leaks][2], or roll your own firewall setup. Linux iptables rules are [here][3]. And whatever you do, it's prudent to [test for leaks][4].
-
-### 1. Protecting Against Hackers on Public Wi-Fi Hotspots
-
-1. Consider someone who uses public Wi-Fi hotspots. They are concerned that hackers (ranging from other users to network administrators) might intercept their communications, and might steal sensitive information about their credit cards, bank and investment accounts, and so on. That is, they want security and privacy. But they're not trying to hide their online activity, or to be anonymous.
-2. Any reputable VPN service would suffice for such users.
-3. When users are connected to VPN servers, all traffic between their devices and VPN servers is encrypted, typically with a 256-bit AES key. Eavesdroppers on the public Wi-Fi network, or on other intervening networks, would see only encrypted data.
-4. VPN services do not encrypt traffic between their exit servers and Internet destinations. Neither do other anonymity systems. For that, users must connect to destinations using end-to-end encryption, such as HTTPS for websites. See the section `VPN Services` in [Adversaries and Anonymity Systems: The Basics](/privacy-guides/adversaries-and-anonymity-systems-the-basics/) for more about VPN services.
-
-### 2. Protecting Against Monitoring and Logging by ISPs
-
-1. Consider someone who is concerned that their ISP may be monitoring and logging their online activity. They want privacy, and they also want anonymity, in the sense of remaining unassociated with their online activity. But they're not concerned about hackers, or other real-time adversaries. They're just concerned that their ISP might, at some point, share logs of their online activity with other potential adversaries.
-2. Using a reputable VPN service that retains no logs, and that implements perfect forward secrecy, is the least invasive approach for mitigating this threat.
-3. When a user is connected to a VPN server, their ISP sees only encrypted traffic. Websites and other Internet destinations see the VPN service's exit IP address, rather than the user's ISP-assigned IP address. With perfect forward secrecy, an adversary that manages to compromise a particular VPN session can only decrypt data from that session (and not past or future data). Any encrypted traffic logged by the user's ISP remains secure.
-4. For this approach to make sense, the user must trust the VPN service more than they trust their ISP. That's often a straightforward choice (for example, where ISPs are tightly regulated and monitored). If the stakes are high, it may be prudent to distribute trust, so that compromise would require collusion. Using the Tor browser would be the simplest approach. However, given the risk of malicious exit nodes, using end-to-end encryption would be prudent. If hiding Tor use is important, the user could access the Tor network through a VPN service, or perhaps through a nested chain of VPN services.
-
-### 3. Hiding Location and Identity from Websites
-
-1. Consider someone who wishes to hide their location and identity from websites that they access. They don't want websites to know their ISP-assigned IP address, which is linked to their location. They also don't want websites to know their true name, either through their IP address, or through association with prior usage. However, they're not concerned about threats from other potential adversaries, such as their ISP or government.
-2. Any reputable VPN service would hide the user's ISP-assigned IP address from websites. In order to prevent association with prior activity under their true name, the user should work in a fresh device (or virtual machine) with no such prior usage on any website.
-3. When a user is connecting through a VPN service, websites see the IP address of the exit server, rather than the user's ISP-assigned IP address. Working in a fresh device or virtual machine, there are no cookies or other tracking objects that might be associated with the user's true name, or other aspects of their prior activity.
-4. It's not prudent to rely on browser settings (such as private browsing mode) or plugins to prevent tracking, because that protects only against known tracking methods. Even the Tor browser is vulnerable to new (aka zero-day) tracking exploits. Relying on isolation between different browsers is also risky. While virtual machines can also be compromised, there is little risk, except for high-value targets. Where the stakes are high, using dedicated devices would be most prudent.
-
-### 4. Hiding True Name from a Correspondent
-
-1. Consider someone who wishes to be anonymous to a particular correspondent. They don't want the correspondent to know their ISP-assigned IP address, which is linked to their true name. However, they're not concerned about threats from other potential adversaries, such as their ISP or government.
-2. Unless the correspondent is (or has help from) a resourceful adversary, any reputable VPN service would suffice.
-3. When a user is connecting through a VPN service, the initial `Received: from` header in messages sent by the user will show the IP address of the VPN exit server, and not the user's ISP-assigned IP address. That's the case with both webmail and stand-alone email clients.
-4. The email account must not be associated with the user, in any way. There must be no money trails. The user must never access the account without reliably obscuring their IP address. They must never use the email address with friends, or in any identifying context. Even so, adversaries know the VPN service by its IP address, and they could ask (perhaps very hard) about the user. Against resourceful adversaries, especially if the stakes are high, it may be prudent to use nested VPN chains, or perhaps Tor. In extreme cases, it may be prudent to tunnel traffic through multiple anonymity systems. However, configuring stand-alone email clients to properly use Tor (without leaks) is nontrivial. Also, they don't work with VPN services that block SMTP traffic to prevent spamming.
-
-### 5. Being Anonymous Online and Hiding Online Activity from Ones National Government
-
-1. Consider someone who wishes to obscure their online activity (content and metadata) from their ISP and national government. They also wish to hide their location and identity from websites that they access, and from their correspondents. That is, they want both privacy and anonymity. They want anonymity in the sense of remaining unassociated with their online activity, and they want that anonymity to survive efforts by their national government to associate them and it. However, they are not subject to overt censorship, and the use of strong encryption is not regulated. Also, they have not (they assume) been specifically targeted for investigation. They are somewhat concerned about the consequences of discovery. But they are not concerned about threats from other potential adversaries.
-2. It would be prudent for such users to tunnel traffic through multiple anonymity systems, perhaps initially through a nested chain of two or three VPN services, and then through [JonDonym](https://anonymous-proxy-servers.net/) and/or [Tor](https://www.torproject.org). It might be sufficient to start with a popular VPN service, connecting through a typical ISP uplink. However, it would be safer, albeit far less convenient, to connect anonymously through public Wi-Fi hotspots.
-3. Using VPN services obscures online activity from local observers, and it also obscures location and identity from remote observers on the Internet. However, users are entirely vulnerable to betrayal by the VPN provider. With a second VPN service tunneled through the first, trust has been distributed, in that compromise would require collusion between the two providers. With Tor in the nested chain, forcing collusion among providers becomes unworkable, and adversaries must rely on other attacks: traffic analysis, Sybil attacks and exploiting vulnerabilities in particular system nodes and their operators.
-4. This threat model is prudent _only_ when the use of strong encryption is unregulated, when users are not specifically targeted for investigation, and when the consequences of discovery would be relatively minor. When there is appreciable uncertainty about any of those assumptions, the threat model `Being Anonymous Online, Evading Censorship, and Hiding Online Activity from Ones National Government` is more appropriate.
-
-    Although users are subject to surveillance both locally and remotely, the Internet uplink is their key vulnerability. For those who connect through ISPs, the strategy has two aspects: 1) blend in locally, by using popular VPN services, and by otherwise being unworthy of special attention; and 2) go for overkill in resisting efforts by their national government to associate them and their online activity. All non-free/premium VPN-service and JonDonym accounts, except for any service accessed directly through an ISP, should of course be purchased anonymously. 
-
-    But even with such overkill, connecting through an ISP is risky. For example, the government might fingerprint connections to a popular dissident forum, by using a DDoS attack to intermittently force the website offline, in some pattern. It could then identify users by searching intercepts, provided by ISPs, for that fingerprint. And in any case, there is no deniability if their government does manage to associate a user's online activity with their ISP-assigned IP address.
-
-    Connecting anonymously through public Wi-Fi hotspots would be safer, but far less convenient. Even if the user's government does associate their online activity with the hotspot's IP address, the user is still somewhat anonymous. We discuss the use of public Wi-Fi hotspots further in the threat model `Being Anonymous Online, Evading Censorship, and Hiding Online Activity from Ones National Government`.
-      
-
-### 6. Evading Censorship by Ones National Government
-
-1. Consider someone who wishes to evade censorship imposed by their national government. Although they don't want to attract undue attention, they are not seeking strong anonymity from observers on the Internet. They are confident that the consequences of discovery would be minor. And they are not concerned about threats from other potential adversaries.
-2. Any reputable VPN service might suffice. However, against more resourceful censors, it might be necessary to use VPN services that connect through obfuscated proxies. Against powerful censors, it might be necessary to use Tor via obfuscated bridges.
-3. When a user is connecting through a VPN service, the user's ISP and government see only encrypted traffic to the VPN server. Unless the user's government can observe the VPN server's local traffic, it can't determine what websites the user is accessing. And without knowing that, it can't censor, except by blocking or throttling all traffic to that VPN server. If the user is connecting to the VPN service through an obfuscated proxy, the censor might need to block or throttle all encrypted traffic.
-4. This threat model is prudent _only_ when the consequences of discovery would be minor, and _only_ when strong anonymity from observers on the Internet is correspondingly unnecessary. When there is appreciable uncertainty about either assumption, the following threat model is more appropriate. 
-
-    Even with obfuscation, highly resourceful censors might identify and block all of the VPN service's proxy servers. Against such adversaries, it might be necessary to use Tor with obfuscated bridges. Although both Tor and VPN services can use the same methods for obfuscation, Tor is far more resilient to censorship. That's because VPN services typically use at most a few obfuscated proxies, while there are thousands of Tor obfuscated bridges.
-
-    However, new approaches might level the field. For example, the CloudTransport design features cloud-hosted proxies with fast-flux IP addresses, which can't readily be blocked without interfering with other cloud services. See the last paragraph of the section `Passive Adversaries with Limited Network Reach` in [Adversaries and Anonymity Systems: The Basics](/privacy-guides/adversaries-and-anonymity-systems-the-basics/) for more about that.
-    
-### 7. Being Anonymous Online, Evading Censorship, and Hiding Online Activity from Ones National Government
-    
-1. Consider someone who wishes to evade censorship imposed by their national government. They also wish to obscure their online activity (content and metadata) from their ISP and national government. And they wish to hide their location and identity from websites that they access, and from their correspondents. That is, they want both privacy and anonymity. They want anonymity in the sense of remaining unassociated with their online activity, and they want that anonymity to survive efforts by their national government to associate them and it. Furthermore, they are subject to overt censorship, and the use of strong encryption is regulated, so they must also avoid association with illicit communications. However, they have not (they assume) been specifically targeted for investigation. They are concerned that the consequences of discovery might be severe. And they are also concerned about threats from other adversaries, including governments, that might share information with their national government. But they are not concerned about threats from other neutral or non-cooperating adversaries.
-2. It would be prudent for such users to tunnel traffic through multiple anonymity systems. It would arguably be best to start with Tor, using the strongest obfsproxy plugin available, and connecting anonymously through public Wi-Fi hotspots. Users could then, for example, tunnel JonDonym through Tor, and then tunnel a VPN service through JonDonym. Full-disk encryption with an instant-wipe hotkey would provide a final backup.
-3. As discussed in previous examples, traffic obfuscation hinders government censorship. The nested anonymity systems further obscure online activity from local observers, and they also obscure location and identity from remote observers on the Internet. With Tor in the nested chain, forcing collusion among providers becomes unworkable, and adversaries must rely on other attacks: traffic analysis, Sybil attacks and exploiting vulnerabilities in particular system nodes and their operators.
-
-    Starting with Tor is arguably best, because with thousands of obfuscated bridges, it's most resilient to censorship. However, given uncertainty about the long-term effectiveness of traffic obfuscation, and the risk of deanonymization through malicious-relay (Sybil) attacks, it would be prudent to reach the Tor network anonymously through public Wi-Fi hotspots. That's especially so, given potentially severe consequences of discovery. Tunneling JonDonym through Tor, and then a VPN service through JonDonym, further disassociates online activity from a hotspot's public IP address.
-4. Although users are subject to surveillance both locally and remotely, the Internet uplink is their key vulnerability. Connecting anonymously through public Wi-Fi hotspots protects users in two ways. First, even if government censors identify and block a user's obfuscated bridges, the user remains anonymous, and can easily recover by obtaining fresh bridges. Second, even if the government manages to associate a user's online activity with a hotspot's public IP address, the user remains at least somewhat anonymous.
-
-    Regarding the first issue, there are thousands of Tor obfuscated bridges, and users can obtain fresh bridges in various ways from the central BridgeDB, and also informally from other users. Numerous alternatives for distributing bridges are under investigation. For example, there are reputation-based systems that partition out malicious users, which are fielded by adversaries seeking to enumerate and block bridges. More revolutionary is the CloudTransport design. It features cloud-hosted bridges, which have fast-flux IP addresses that can't readily be blocked, without interfering with other cloud services. See the last paragraph of the section `Passive Adversaries with Limited Network Reach` in [Adversaries and Anonymity Systems: The Basics](/privacy-guides/adversaries-and-anonymity-systems-the-basics/) for more about that.
-    Also, it can be nontrivial to use public Wi-Fi hotspots anonymously. Range is often limited, and usability requires line-of-sight, because radio signals are strongly attenuated by buildings and dense vegetation. Also, working outdoors may be impractical during inclement weather. Such constraints put users at increased risk of surveillance. While directional antennas can dramatically increase range, there's a size vs gain trade-off, and even the smallest would likely attract attention.
-
-    Wi-Fi hotspots typically log the MAC addresses of Wi-Fi adapters that connect to them. Even if a user's traffic were fully encrypted, the hotspot could record their usage history, including their MAC address and what IP addresses they had connected to (here, Tor obfuscated bridges). Users can mitigate that threat in two complementary ways. First, the user could have several USB Wi-Fi adapter dongles, and use a different one for each Wi-Fi hotspot. They would only carry one of them at any given time. Also, they would (of course) disable their device's built-in Wi-Fi network adapter (which they might use only on trusted Wi-Fi networks). Second, they would also employ MAC spoofing software, in order to hinder profile building by Wi-Fi hotspots. Even if a Wi-Fi hotspot managed to compromise the MAC spoofing software, it would only get the MAC address of a USB Wi-Fi dongle (which could then, if appropriate, be destroyed).
-
-    Regarding the second issue, there is much less risk of local-online association when tunneling JonDonym (purchased with thoroughly anonymized Bitcoins) through Tor. In that case, a Sybil attack could at best deanonymize circuits with one of its malicious relays as an entry guard, and another as an exit relay connecting to a JonDonym cascade. Given that Tor is one of the default SOCKS5 proxies for JonDonym, users of interest would arguably own a minority of such circuits. And in any case, the adversary would still need to compromise a JonDonym cascade, which would require different skills and resources. Furthermore, with a popular VPN service (also purchased anonymously) tunneled through JonDonym, the adversary wouldn't even know to focus on Tor circuits ending at JonDonym. See the relevant sections in [Adversaries and Anonymity Systems: The Basics](/privacy-guides/adversaries-and-anonymity-systems-the-basics/) for background.
-
-    If public Wi-Fi hotspots were unavailable, or were not usable anonymously, users would have two options. They could connect through an ISP uplink, or they could create (or join) an anonymous P2P Wi-Fi meshnet. The first option would be very risky, given uncertain traffic obfuscation, and the potentially severe consequences of discovery. The second option would be safer, but still riskier than anonymously using public Wi-Fi hotspots. Also, it would involve considerable effort, and would involve working with trusted partners. Basically, anonymous P2P Wi-Fi meshnets are just relatively local anonymity systems, and their key vulnerability is (of course) the Internet uplink. However, it's beyond the scope of this discussion, and deserves its own.
-
-    As final backup, in case of physical discovery, the user's device must be protected by full-disk encryption that leaves no plaintext on storage media under any circumstances. And of course, it must be setup for instant shutdown, perhaps with a hot key. Where the stakes are especially high, it would be best for the hot key to render the disk undecryptable. Deleting and overwriting data is far too slow. But overwriting the header(s) of the encrypted volume and the device's boot partition with random data takes but a few seconds. Once that's been done, forensic analysis will confirm that the data is not recoverable. The users could, of course have the requisite header(s) and boot partition backed up somewhere on the cloud, or wherever.
-          
-### 8. Being Anonymous Online Against All Adversaries (But Not Targeted)
-          
-1. Consider someone who wishes to remain anonymous against all adversaries, including `The Man` (the prototypic global adversary aka the NSA). They are subject to government censorship, and the use of strong encryption is regulated. As in the previous example, they must: 1) evade government censorship; 2) obscure their online activity from local observers; and 3) avoid association with their illicit communications. And (of course) they must hide their location and identity from all remote observers on the Internet. They have not (they assume) been specifically targeted for investigation, and they want to keep it that way. They are concerned that the consequences of discovery might be severe. Perhaps they're discreetly leaking documents obtained from the NSA. Or perhaps they're managing a high-profile Tor hidden service, on the order of the late Silk Road, or Freedom Hosting.
-2. As in the previous example, it would be prudent for such users to tunnel traffic through multiple anonymity systems. It would arguably be best to start with Tor, using the strongest obfsproxy plugin available, and connecting anonymously through numerous public Wi-Fi hotspots. Users would then tunnel JonDonym through Tor, and then tunnel a VPN service through JonDonym. Full-disk encryption with an instant-wipe hotkey would provide a final backup.
-3. As discussed in previous example, starting with Tor provides the best protection against censorship and discovery. Tunneling JonDonym through Tor, and then a VPN service through JonDonym, disassociates online activity from Tor circuits, and prevents targeting them for compromise through malicious-relay (Sybil) attacks. And compromising a JonDonym cascade would require different skills and resources. Using public Wi-Fi hotspots provides backup anonymity, in case obfuscation fails, or even if online activity becomes associated with one of the hotspots.
-4. Considerable knowledge, experience and resources would be required in order to reliably mitigate such threats from powerful adversaries. The key aspect is to avoid being specifically targeted for investigation. The user must blend in with the crowd, remaining effectively invisible by giving observers (including others in the crowd) no reason to look specifically at them. In particular, the user must not attract attention in the process of hiding and being anonymous. Handling the physical uplink properly, being secure while not attracting undue attention, is crucial. Other than that, they would employ approaches discussed in the previous example.
-
-### 9. Being Anonymous Online Against All Adversaries While Targeted for Specific Observation
-
-1. Consider someone who (they assume) been specifically targeted for investigation by `The Man`.
-2. The key mitigation would be finding a safe physical location, either hiding (perhaps as a homeless drifter) or seeking refuge somewhere (as Edward Snowden has, in Russia). Given that, they would employ approaches discussed in the previous two examples.
-
- [1]: /privacy-guides/adversaries-and-anonymity-systems-the-basics/
- [2]: https://vpntesting.info/
- [3]: /knowledgebase/linux/linux-how-do-i-prevent-vpn-leaks-using-iptables/
- [4]: /privacy-guides/how-to-perform-a-vpn-leak-test/
diff --git a/src/content/es/pages/privacy-policy.md b/src/content/es/pages/privacy-policy.md
deleted file mode 100644
index 81205ffc6..000000000
--- a/src/content/es/pages/privacy-policy.md
+++ /dev/null
@@ -1,224 +0,0 @@
----
-title: IVPN Privacy Policy
-description: Its important our customers fully understand what private information we collect, store and process. Read our clear and simple policy to get the facts you need.
-url: /privacy/
-layout:
-canonical:
----
-# Privacy Policy
-
-We're built for privacy. Internally, we know what exactly that means; we use privacy as a filter for decision-making. If a choice needs to be made between one practice that deepens a user's privacy, and another that would diminish it but accelerate our growth, we'll always take the slower, more private option. If you'd like to know more about our principles and beliefs that drive our choices, please see our [team](/team/) and [ethics](/ethics/) pages.
-
-We realize how important it is that our customers fully understand what we
-mean by privacy. This policy gives you an overview of;
-
-* What we mean by "logless"
-
-* What information we collect, how it's stored, and how it's used
-
-* What happens in the case we are subpoenaed, receive a court order or DMCA copyright infringement notice
-
-* What we do with information relating to cancelled or dormant accounts
-
-* How we handle subject access requests
-
-We've tried our best to make this policy human-readable so you can get the facts you need quickly.
-
-### Zero user information is our goal
-
-As a privacy service we believe it's crucially important to collect the minimum information required to operate our service. Many companies require at least an email address so they can push subscription renewals and enable other customer growth strategies.  When you sign up for IVPN, you will not be asked for any personal information e.g. email address, name etc. We will also not log any personally identifiable information e.g. IP address. 
-
-This also means that we have no way to contact you in the event of any account issues, network downtime etc. If you wish to provide us with an email address so we can contact you about future issues, you can optionally add one in the client area after sign-up.
-
-### What data don't you log?
-
-We do not log any data relating to a user's VPN activity (while connected or connecting to the VPN).
-
-* No traffic logging
-
-* No connection timestamp or connection duration
-
-* No DNS request logging
-
-* No logging of user bandwidth
-
-* No logging of customer IP addresses
-
-* No logging of any account activity except active total simultaneous connections (explained below) 
-
-### What data do you log on sign-up?
-
-When a new account is created, we store the following data: (please note that we are using simplified field names and formatting below to highlight the relevant information)
-
-<div class="table-container-mobile">
-
-| ID | Created at | Product | Max devices |
-|---|---|---|---|
-| i-XXXX-XXXX-XXXX | 2020-09-21 05:03:13 | IVPN Pro | 7 |
-
-</div>
-
-### What information is logged when making a payment using a credit card, PayPal, Cash, cryptocurrency or voucher code?
-
-When you add time to your account, the following information is stored:
-
-<div class="table-container-mobile">
-
-| Payment ID | Account ID | Amount | Currency | Timestamp | Transaction ID |
-|---|---|---|---|---|---|
-| xxx | xxx | 100 | USD | 2020-10-2 14:01:11 | xxx |
-
-</div>
-
-Some payment information may be related to your account, for example, if PayPal is used a PayPal transaction ID will be associated with your account, as well as a subscription ID to set up a PayPal subscription. If payment is made using our BTCPay server, then the BTCPay transaction ID will be associated with your account (note that we operate our own BTCPay server). If you add time with voucher code, it is stored in our system and associated with your account ID for 30 days after redemption, then deleted. 
-
-For credit card payments, we use Braintree as our payment processor, and store a Braintree transaction ID against your account. If you elect to enable auto-renew for card payments, a subscription ID will also be stored.
-
-This is the data we store for a credit card payment:
-
-<div class="table-container-mobile">
-
-| Payment ID | Account ID | Amount | Currency | Timestamp |
-|---|---|---|---|---|---|
-| xxx | xxx | 100 | USD | 2018-10-2 14:01:11 |
-
-</div>
-
-In order to process your payment, Braintree and PayPal will request additional information. Braintree requires collection of your card details to process your payment, and PayPal will require name, email and address information to create a new PayPal account as well as agreement to their terms of service. These additional data points are not stored by IVPN, though Braintree and PayPal are required to retain them for many years. No third-party payment provider has access to your IVPN account ID.
-
-In short, where we can offer anonymous payment methods we will, and we collect as little information as possible to process them. However, centralised or third-party payment systems and their data processing and storage are out of our control.
-
-Please select cash or cryptocurrency payments should this be of concern.
-
-### Why do you store transaction_id and subscription_id?
-
-To be able to process refunds for our 30-day money-back guarantee and resolve other payment issues, as well as to enable auto-renewal of subscription.
-
-### What information is logged when I visit the IVPN website?
-
-IVPN have selected [Matomo](https://matomo.org) as their web analytics platform. Web analytics allow us to understand our users engagement with our site to understand where it delivers value, and where it can be improved in terms of usability, simplicity and speed. It also helps us to understand where our site visitors originate, and audit those referring sites to ensure they aren't making unfounded or exaggerated claims.
-
-Matomo is open source software that is hosted on our own server infrastructure to ensure your privacy (unlike platforms such as Google Analytics). For example, the Center for Data Privacy Protection in France (CNIL) recommended Matomo as the only tool that can easily ensure full compliance with privacy regulations. Matomo is used to analyse in aggregate information about our website visitors.
-
-When your web browser loads a page on our site, a small snippet of JavaScript code is executed within your browser which submits information such as;
-
-* your browser user-agent,
-
-* language,
-
-* screen resolution,
-
-* referring website,
-
-* IP address.
-
-To ensure your privacy, IVPN discards the last two octets of the IP address. Matomo may also set a web cookie to facilitate the identification of users who revisit the site.
-
-### Where is my data stored and who has access to it?
-
-IVPN is subject to EU law and is in compliance with the EU Data Protection Directive (Directive 95/46/EC), which prohibits companies transferring data to overseas jurisdictions with weaker privacy laws. IVPN will not locate servers in countries where it's forced to break this compliance. Due to the nature of our logging practices, VPN servers do not contain any personally identifiable information and thus, if seized, could not be used to identify users.
-
-No third-parties have access to any of your data. We always use first or third-party tools we can host on our own servers in a protected and secure environment.
-
-### How do you limit the number of connected devices?
-
-IVPN plans limit the use of service to a set number of devices. The authentication server holds a temporary record of all account IDs that have at least one device logged in to an IVPN app. 
-When a customer logs into the IVPN app, an entry is added to the device session database containing the following:
-
-* a unique token, which is a 16 character alphanumeric string used to distinguish entries in the database
-
-* the corresponding account ID 
-
-When a customer attempts to log in to an IVPN app, a request is sent to our authentication servers to verify that the specified account ID is valid and has an active plan associated with it. As a next step, we check whether the number of tokens associated with customer’s account ID exceeds the permitted number of devices as per their purchased plan. If the number of tokens equal the number permitted by their plan, the authentication attempt is denied.
-
-We do not store timestamps, or any device related information that could be used to identify a device, such as product make, model, IMEI number, MAC address, etc. Entries from the device sessions database are permanently deleted when the customer logs out of the IVPN app, or when their account is terminated or deleted. If an adversary was able to gain access to this data, they could only determine which account IDs had been used to sign into at least one device at that time, and the number of devices logged in. This data does not, however, provide any useful information on past or present VPN connections initiated by the user of the account. 
-
-
-### How do you limit simultaneous connections?
-
-To authenticate customers, our VPN servers send a request to a central authentication server, containing the customers account ID. The authentication server holds a temporary record of all connected customer ID's. When a customer connects to a VPN gateway, the authentication server checks how many active authentication records are already in the table for the account ID, if it exceeds the allowed number of simultaneous connections, then authentication is denied. When a user disconnects, the relevant record is permanently deleted. If an adversary was able to gain access to this data, they could only determine which account ID's were logged into the VPN network at that exact moment in time.
-
-As this data is only stored for the duration of the VPN session, if you or anyone requests to know how many connections you had at a specific time in the past, we couldn't tell you because we don't store it.
-
-### What information is stored for device management? 
-
-Device management is an opt-in (disabled by default) feature that helps customers review and remove devices that are authenticated to use the IVPN service.
-
-When device management is activated, an extra field for the device name is added to the temporary record table which helps limit the number of connected devices.
-IVPN assigns device names in a specific sequence (A-B-C-D-E-F-G) from a predefined list of seven names. If a device is logged out, its name becomes available as a next option for future assignment. For instance, if a customer with seven devices authenticated removes device F, D and then C, the new sequence becomes A-B-E-G-F-D-C, making the last three names available for new devices.
-
-This naming convention ensures device names cannot be used to identify your account in case an adversary was able to gain access to this specific data. 
-
-
-### What information is retained when I stop using your service?
-When a VPN account is terminated on our network due to the subscription ending, non-payment or for any other reason, all data associated with that VPN account including the account itself (with the exception of the accounting data below) is automatically deleted after 90 days. After the account is deleted, the remaining accounting data below has no link to any past account ID. If you want to delete your data immediately, simply click on the 'delete account' button within the client area.
-
-<div class="table-container-mobile">
-
-| Date of payment | Amount | Payment method | Transaction ID | Subscription ID |
-|---|---|---|---|---|
-| 2020-01-24 | $100 | Paypal | XXX | XXX |
-
-</div>
-
-### How can I get access to the data you store on my behalf via a subject access request?
-
-In accordance with GDPR legislation, reasonable requests for release of a specific user's data will be honoured within 28 days of an acceptable request from a user or person with a provable legal relationship with that user.
-
-We reserve the right to refuse or charge for requests that are manifestly unfounded or excessive. Any refused subject access requests will be responded to without undue delay including the refusal reason as well as recourse to refer to the supervisory authority.
-
-Subject access requests should be made in writing to sar@ivpn.net
-
-### Where is the regulatory authority that oversees the jurisdiction in which IVPN operates under GDPR?
-
-IVPN is registered in Gibraltar, and as such the GDPR regulatory body is the [Gibraltar Regulatory Authority](http://www.gra.gi/).
-
-### What happens if you receive a legal notice such as a DMCA for copyright material that I have downloaded?
-
-Since our customers are using an IVPN issued IP address when using our service, such notices are directed to IVPN and our legal department will issue an appropriate response. Since we store no connection logs, we couldn't associate a request with a customer identity even if legally compelled to do so.
-
-### How do you react when requested by an authority for information relating to a customer?
-
-The company is incorporated in Gibraltar. If a court order is received from a recognised legal authority with jurisdiction over IVPN, then the company will comply with that order. However, the company cannot be compelled to hand over information which it does not have. When a customer signs up, we request no personal information. If it ever becomes required by law for us to keep a persistent log of our customers connections or any personal data relating to their network activity, we will immediately notify our customers and do everything in our power to move jurisdictions or close the service to protect those who entrust their privacy to us.
-
-### What happens if laws change?
-
-IVPN is committed to keeping its customers informed of any serious legislative threats to our service. If the laws in our jurisdiction change in way that prevents us from upholding our privacy policy, we will always inform our customers before those laws are enacted. We will also allow customers to cancel their subscription and will refund any fees that cover the remainder of their subscription period.
-
-### Crash Logs
-
-By default, if one of our mobile apps crashes while you're using it, anonymized data about the crash will be collected on the device to help us identify the cause of the crash and hopefully fix it in a future update. These "crash logs" contain information such as the state of the app, operating system, and device at the time of the crash, but no personally identifiable information.
-
-Crash logs for our desktop apps are only sent when the user manually confirms the action. For our mobile apps, you can opt-out of crash log reporting by disabling it in user preferences. 
-
-Crash logs are sent to a server hosted and managed by IVPN and no third-party vendors or cloud services.
-
-### Device permissions for Personal Data access
-
-IVPN Android and iOS apps may request certain permissions that allow it to access the user's device data as described below.
-
-These permissions must be granted by the user before the respective information can be accessed. Once the permission has been given, it can be revoked by the user at any time in device settings.
-
-Please note that revoking of such permissions might impact the proper functioning of the app.
-
-#### Android App
-
-Background location permission (continuous):  
-Required to access the current Wi-Fi SSID, when the Network Protection feature is enabled.
-
-Camera permission:  
-Used to scan QR code with an account ID.
-
-#### iOS App
-
-Permission to save VPN profile:  
-Required to access the current Wi-Fi SSID, when the Network Protection feature is enabled.
-
-Camera permission:  
-Used to scan QR code with an account ID.
-
-### Changes to policy
-
-IVPN reserves the right to change this privacy policy at any time. In such cases, we will take every reasonable step to ensure that these changes are brought to your attention by posting all changes prominently on the IVPN website for a reasonable period of time, before the new policy becomes effective as well as emailing our existing customers.
-
-If you have any questions or comments regarding this policy, please do not hesitate to contact us.
diff --git a/src/content/es/pages/refunds.md b/src/content/es/pages/refunds.md
deleted file mode 100644
index db0e97854..000000000
--- a/src/content/es/pages/refunds.md
+++ /dev/null
@@ -1,49 +0,0 @@
----
-title: IVPN Refund Policy and Process
-url: /refunds/
----
-# Refunds
-
-IVPN strives to meet the expectations of all users and offers unlimited support to help users with any problems they may face. 
-
-If you are unsatisfied for any reason, you can request **a full refund within 30 days** of your payment. This full refund offer is available **once per account and per customer**. 
-
-Below is the information you need to <a href="mailto:support@ivpn.net">email</a> to us for each payment method:
-
-<h2>Credit Card</h2>
-
-- Your IVPN Account safe reference (XXXXXXXX) or the IVPN Account ID (i-XXXX-XXXX-XXXX / ivpnXXXXXXXX).
-
-If you do not remember your account details, provide us with the first 6 digits of the card number, the last 4 digits of the card number, the date of the payment, and the amount paid.
-
-<h2>PayPal</h2>
-
-- Your IVPN Account safe reference (XXXXXXXX) or the IVPN Account ID (i-XXXX-XXXX-XXXX / ivpnXXXXXXXX).
-
-If you do not remember your account details, provide us with your PayPal account email address and the transaction ID associated with the purchase.
-
-<h2>Bitcoin and Monero</h2>
-
-- Your IVPN Account safe reference (XXXXXXXX) or the IVPN Account ID (i-XXXX-XXXX-XXXX / ivpnXXXXXXXX).
-
-- Your Bitcoin / Monero wallet address to receive the refund.
-
-If you do not remember your account details, provide us with the transaction ID for your Bitcoin or Monero payment, the payment date, and the amount paid.
-
-Please note: IVPN Light purchases are non-refundable. 
-
-<h2>Android In-App Purchase</h2>
-
-- Your IVPN Account safe reference (XXXXXXXX) or the IVPN Account ID (i-XXXX-XXXX-XXXX / ivpnXXXXXXXX).
-
-- Google Play Store <a href="https://support.google.com/googleplay/answer/2850369?hl=en" target='_blank'>transaction ID</a> that starts with `GPA.`. 
-
-<h2>iOS In-App Purchase</h2>
-
-App Store purchases are refunded by Apple. Details on how to submit the refund claim to Apple can be found <a href="https://support.apple.com/en-gb/HT204084" target="_blank">here</a>.
-
-<h2>Cash and Vouchers</h2>
-
-Cash and Voucher payments are non-refundable.
-
-**Please note**: We do not offer prorated refunds.
diff --git a/src/content/es/pages/report-vulnerability.md b/src/content/es/pages/report-vulnerability.md
deleted file mode 100644
index 20d470853..000000000
--- a/src/content/es/pages/report-vulnerability.md
+++ /dev/null
@@ -1,17 +0,0 @@
----
-title: IVPN Vulnerability Reporting
-url: /vulnerability-reporting/
----
-# Security & Vulnerability Reporting
-
-### Reporting a security vulnerability to IVPN
-
-If you believe you have found a security vulnerability please email our security@ mailbox. We treat all reports with the highest priority and confidentiality.
-
-### PGP Key
-
-```
------BEGIN PGP PUBLIC KEY BLOCK-----
-mQINBFj4c/QBEAC+A64P+Cn4HPoA4HKQaxIYRXCzgw8fZ2cp4WXK4jIhe0aePExmaPs3rD9aUJrJkFumbHgSGICIqu2xygsfp4OCkwSQXIJWU18+eRFXUqFQd9M2LOusd8x+Xopg6jECg2rlPuYPRIUm7/APRNErq9nTRzj+MMBny+/PmLTVMFA7eUQC+mMrjLCxR8dlT8dwATBXTpi64nFKJ+On0DO2unr1i5cPONzK8IMQ09kez92F+RaFlnzlm7U7Fw5tKaNGg713Ibjk/JWEejr+fKcEjuPONEOu6wlWg4u+3CfcrrVEu8laZOsbV74S2550qkUMEfUOvjC71pdxkytbMO9YtxVUYaSkA3mVvjB9gCSjg0/6QqrIG9igL5rDu4RvakuZXEv+q/fIHIKtMinbXKDeXcRxw42JeTtcejlEuPgfMEJlyyYEhxdNhwdaXHcIs72l10Dxkc5aITW5s82IUtUMTjJJlGOIYxMRhxbSrBjCNWnk7CQGOdxO1hcA7m7Rb4quKfGEJ9wOz8kdMsfOa8Oqcncq60SoHvs0pRbxIakqCJsp2GLyv3NEbiPxS6YczxYhbJz7jtO3Cfmoa1TUdWNQotenIob9d7d2oEE3Ia5fx8lzWK6CTABxC0500LrZiYRM2cLisivdf5RGQVEtB+CpRnu64RoleQWL+iGBopHCiZunBwARAQABtCZJVlBOIHNlY3VyaXR5IHRlYW0gPHNlY3VyaXR5QGl2cG4ubmV0PokCVAQTAQoAPgIbAwULCQgHAwUVCgkICwUWAgMBAAIeAQIXgBYhBNKQ55Q5HQFsdLW7r2QhVAOIdW4EBQJbmQfABQkLSL1MAAoJEGQhVAOIdW4EPkQQAIMpP4y402oFh7v98aLvLuU06T1iNcg7iuDrdsFUGuBKjEtswOaEkStgpQZZ21/NIBjT+uPfz1mkAZzNtyodgiuKSrgrqpNuhNhTnrnIctk7/Bp75A/ocZfuC24kPKlpJD++2KPLP8ZFaOHw9NzzadghfQCpDnmCGbA7ovc6EA18n8A53b5uMpkmMuFnxGsiD1YCPocnUs3txgHQ+I0/gY856agKHGazC5b8yEwYxBQx8VMiAdxyAiGKpiWf0clQlr9ZY9Vaw1vhb0BcMLwPYX3BujfetmWjrLo3d7IHvnmUNyvryfmkcAm+X2H7qOFtmdCSy4xu5qJIoruZp+RIxqgtI0RTSpaVHWh4TygrqZVB1wHauMe03yPW2TjjVDQ1uC361CLM4xPBTdR9rJSyjlV7p44NKcvMp+4qrCgwmyRBssCpnnxzgky6+HLAbGtSyNd7dfPHOA0fCZb26xcx7sHcge2f+YtNX+KDSG6NkJCQmGWSmmDE+8RsuLhdHqrxTZg2fTBLINQ+dNMvzd1GS45tLiY2oS3AuZk10IK+S6pVhO6W5J/EImAbNxDP38c7iQG9ojeMAl3HzC6D7OAoomJngpJNJoMk5UizyXKHdhAg16Jp+oTV7UFp7AzE+GvmdhpoSrJ80VT8h7hKayGmgB4CR7qMaZYntXGh35oTV6HduQINBFj4c/QBEADeHKNnH5jr3L6zALvAdSbSjxKQOzSNlPPdnsn2eO5WMZ7hKeXx3XXII0IS60KDmvlL8fkG1LQ3lCCWpf5xcmhgPDh+CuTcdXIqbajxfMIy6HD3oeogv5JdpRM0HhGZOj5cAYetJDumz/AESVmjAS5ke0HQF4S7gSwDtFwbt8qp2vY3fZVDPhjImAV/u+6tIgy/LoS7++jsdQNhhGfMs2YBdfqTvCRSA+e9zUAMWHw2iSPXr2FMzVFKDhRW6tW50qTW7iYiwjPjBG9qeiXpPrtV/TzGAWCNyfsPPyWta21SzdclPVhC2RvRaGsdXcjLGV5igMPCfkVzLnNa3Dz06UdQspKlhBKz1jV2qkuolwlN6kUHX2MwjDREt/Q2nshqkacMwMuu/uakyYhLVWJ1zK7BfopOZPDrblsgCla9K6tCwOklvenrBCBWjOaPy7+an9Fksn1ipqu67W3N3qBlApQtt0sYUXjBg4fz0cXck8zhQDydR6D3VRa976XWU0Vax6/7loKxFS13o87VRu+OtCWpqxHKBwsaBPFMqi/FDhDcmvZF27dhxvj0l4LHg5cHW0+0NuEaVEiNozygU7ZZDFPJBBbqp6S0JiZUL3Rn2otXaW76ESLwAkHKn7xKZM80YoMBvFOXsS0K2K6PnPX8PmcsnLp0taoFcnjfgx5TJe7MSQARAQABiQI8BBgBCgAmAhsMFiEE0pDnlDkdAWx0tbuvZCFUA4h1bgQFAluZCCUFCQtIvbEACgkQZCFUA4h1bgTnNA/+MgKb6YBy9iSmBqZAjidJtGHKVq1//zatExd7ASQ/pvRlmc4/LrqesWsF8i10rJy2U//o96OtvORv7bl3URqjDWzqC4r9yJkTXNWxW8k1ZKgCMvxI440uu76ouwHPwpY+iRUH0xPWRsl9tPxsgLKcEyYGFCd42ecpkLCxi5c9v8A5sVt+Wl2cSvBOLViDzbHMmxxs0KQQ/6in+HM8NDUOP9CP8G+W3kJgT2tL0VRmGiIhxJYh3GIMWQgxcjdqMYM3BDY8cnNLNVL90pE+8hiq84Q9d3UpkUXlJqjr2TOk5+KfLaNS7CSsOCpSQagMFpWJEQO7FisedWhVTe9RZLdcI+MK8nrqW72n0kt7A/Yafv2teWQbq3jCjamMryR/n7X8WW/bTMvdfw0vw5vWVvCDLCQx+sLeNNwWl8291JZNPaSjhuUkK7npNRHV8M3AC5UhhJjwS5K98YeZUeE/4SLN+pk3eKg8Jt9tPBGn0okULWU5IkgmEfTMBRy8ZpQp7B2wIvNdpPPmq9bK9p/uYODTetwfajkE8RlOT7Vor9NUBZb2g6gu2CwiPAhOS5TY/Oqgh3rvBcDS8X9pgOYXpnTrRLJNhZEjNawRvsqbjJV7vpzLx6/Qj0RvfminJWZZz54gHHuh/98PpmByzXLdpQ8GH+PiUd8n5AyA9FxW81kSLTE==o/fv
------END PGP PUBLIC KEY BLOCK----- 
-```
diff --git a/src/content/es/pages/servers.md b/src/content/es/pages/servers.md
deleted file mode 100644
index cd0f849c7..000000000
--- a/src/content/es/pages/servers.md
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: IVPN Server Status
-url: /status/
-layout: servers
----
diff --git a/src/content/es/pages/setup/android-ipsec-with-ikev2.md b/src/content/es/pages/setup/android-ipsec-with-ikev2.md
deleted file mode 100644
index d528a88f0..000000000
--- a/src/content/es/pages/setup/android-ipsec-with-ikev2.md
+++ /dev/null
@@ -1,26 +0,0 @@
----
-title: Android IPSec with IKEv2 Setup Guide
-url: /setup/android-ipsec-with-ikev2/
-layout: setup
-platform: android
----
-# IPSec with IKEv2 setup guide
-
-1.  On your Android device, go to `Google Play`, search and install `strongSwan VPN Client` app.
-
-2.  Launch the app, click on the `Add VPN Profile` button and fill in the following configuration:
-
-    **Server** - choose any from the [server list](/status/) (i.e. **gb.gw.ivpn.net**)  
-    **VPN Type** – IKEv2 EAP (Username/Password).  
-    **Username** – your IVPN account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' (case-sensitive).  
-    **Password** – `ivpn`.  
-    **CA certificate** – check `Select automatically`.  
-    **Profile name** – give it any name you prefer.  
-    **Server identity** (check Show advanced settings) – same as the `Server` field.  
-    Hit `Save`.  
-
-    ![](/images-static/uploads/android-ipsec-with-ikev2-002.jpg)
-
-3.  You have successfully created a new VPN profile. Tap on it to connect or disconnect.
-
-    ![](/images-static/uploads/android-ipsec-with-ikev2-003.jpg)
diff --git a/src/content/es/pages/setup/android-openvpn-for-android.md b/src/content/es/pages/setup/android-openvpn-for-android.md
deleted file mode 100644
index abf6de897..000000000
--- a/src/content/es/pages/setup/android-openvpn-for-android.md
+++ /dev/null
@@ -1,53 +0,0 @@
----
-title: OpenVPN for Android v4.0+ Setup Guide
-url: /setup/android-openvpn-for-android/
-layout: setup
-platform: android
----
-# OpenVPN for Android setup guide
-
-[OpenVPN for Android](https://play.google.com/store/apps/details?id=de.blinkt.openvpn&hl=en) is an open source client compatible with all versions of Android 4.x (Ice Cream Sandwich) and later. Most devices released since 2012 are running Android 4.x or later.
-
-1.  Download the [OpenVPN config files](/openvpn-config) either directly to your android device or to a seperate PC and unzip the file. If using a PC, transfer the contents to your Android device via USB/SD-card/Dropbox.
-
-2.  Open the Google Play Store and install `openvpn for android` by Arne Schwabe. When the installation is complete tap `Open`.
-
-3.  Tap on the `+` icon.
-
-    ![](/images-static/uploads/install-openvpn-for-android-010-281x500.png)
-
-4.  Tap on the `import` button.
-
-    ![](/images-static/uploads/install-openvpn-for-android-020-281x500.png)
-
-5.  Navigate to the folder location where you copied the files in step 1 and tap on the name of the server that you wish to connect to (the server config files end with .ovpn).
-
-    ![](/images-static/uploads/install-openvpn-for-android-030-281x500.png)
-
-6.  You will see confirmation that the config file has been imported. Tap the `save to disk` icon in the bottom right area.
-
-    ![](/images-static/uploads/install-openvpn-for-android-040-281x500.png)
-
-7.  You will see the server is now available in the profiles tab. Tap the server name to connect.
-
-    ![](/images-static/uploads/install-openvpn-for-android-050-281x500.png)
-
-8.  Grant the application permission by clicking `I trust this application` and `OK`.
-
-    ![](/images-static/uploads/install-openvpn-for-android-060-281x500.png)
-
-9.  Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' and any password.
-
-    <div markdown="1" class="notice notice--info">
-    Only your account ID is used for authentication and is case-sensitive. The password field can be left empty or set to anything if your client software requires a non-blank password.
-    </div>
-
-    Tap the `Save Password` box if you do not wish to enter credentials everytime you connect. Tap the `OK` button.
-
-    ![](/images-static/uploads/install-openvpn-for-android-070-281x500.png)
-
-10. Once successfully connected you should see a lock icon in the notification area at the top. If you pull down your notification bar you should see the 'OpenVPN for Android' app listed showing that you are connected. If you tap on this button you should see statistics about the connection incl option to disconnect.
-
-    ![](/images-static/uploads/install-openvpn-for-android-080-281x500.png)
-
-11. Repeat steps 3-6 if you need to create any additional VPN server connections.
diff --git a/src/content/es/pages/setup/android-wireguard.md b/src/content/es/pages/setup/android-wireguard.md
deleted file mode 100644
index 2af51ba8c..000000000
--- a/src/content/es/pages/setup/android-wireguard.md
+++ /dev/null
@@ -1,26 +0,0 @@
----
-title: WireGuard setup guide for Android
-url: /setup/android-wireguard/
-layout: setup
-platform: android
----
-# WireGuard setup guide
-
-<div markdown="1" class="notice notice--warning">
-To use WireGuard on Android, we recommend downloading IVPN's <a href="/apps-android/">Android client</a>, which supports the protocol. Please follow the steps below if you would prefer to use the official WireGuard app for Android instead:
-</div>
-
-1.  Download and install the latest version of WireGuard from the [Play Store](https://play.google.com/store/apps/details?id=com.wireguard.android&hl=en_GB&gl=US).
-
-2.  Navigate to our [config file generator](/account/wireguard-config)
-
-3.  Choose `Generate key` or `Add key` manually
-
-4.  Select the required `Single` or `Multi-hop` server configuration, `Port`, `Internet protocol` and hit `Generate QR code`
-
-5.  Launch the WireGuard app, tap on the `+` button in the bottom right > `Scan QR-code`. Give it any name and tap on the `Create Tunnel`. 
-
-6.  Toggle the connect switch on and check your connection status on our website:<br></br>
-![](/images-static/uploads/connection-status-tool.png)
-
-
diff --git a/src/content/es/pages/setup/ios-ipsec-ikev2.md b/src/content/es/pages/setup/ios-ipsec-ikev2.md
deleted file mode 100644
index cdd4139b9..000000000
--- a/src/content/es/pages/setup/ios-ipsec-ikev2.md
+++ /dev/null
@@ -1,29 +0,0 @@
----
-title: IPSec IKEv2 for iOS Setup Guide
-url: /setup/ios-ipsec-ikev2/
-layout: setup
-platform: ios
----
-# IPSec with IKEv2 setup guide
-
-This guide will help you set up an IPSec connection using IKEv2.
-
-1.  On your iOS device, navigate to `Settings` -> `VPN` and click on the `Add VPN Configuration` button.
-
-2.  Enter the following configuration:
-
-    - **Type** = IKEv2  
-    - **Description** = Any description to identify VPN server  
-    - **Server** = Choose a server from the <a href="/status/" target="_blank">Server Status</a> page. It must be a server with 'gw' in the name. (e.g. pl1.gw.ivpn.net for Warsaw, Poland).
-    - **Remote ID** = Same value as the **Server** field above
-    - **Local ID** = Empty  
-    - **User Authentication type** = Username  
-    - **Username** = Your IVPN account ID that begins like 'i-XXXX-XXXX-XXXX' or 'ivpnXXXXXXXX' (case-sensitive).
-    - **Password** = ivpn
-    - **Proxy settings** = Off  
-
-3.  Tap `Done` to finalize the setup.
-
-4.  Your newly created VPN configuration is now available. Tap on the switch button to connect or disconnect.
-
-    ![](/images-static/uploads/ios-ipsec-with-ikev2-02.jpg)
diff --git a/src/content/es/pages/setup/ios-openvpn-connect.md b/src/content/es/pages/setup/ios-openvpn-connect.md
deleted file mode 100644
index 78fc272eb..000000000
--- a/src/content/es/pages/setup/ios-openvpn-connect.md
+++ /dev/null
@@ -1,43 +0,0 @@
----
-title: OpenVPN for iOS Setup Guide
-url: /setup/ios-openvpn-connect/
-layout: setup
-platform: ios
----
-# OpenVPN Connect setup guide
-
-OpenVPN Connect is the official iOS client from OpenVPN Technologies.
-
-1.  Install app from the [iTunes store](https://apps.apple.com/us/app/openvpn-connect/id590379981).
-
-    ![](/images-static/uploads/install-openvpn-connect-iphone-010-320x480.png)
-
-2.  Download the [IVPN config files](/openvpn-config) to your Mac/PC and unzip. Within the extracted folder are the config files which represent each server in the IVPN network. You will need one or more of these files in the next step depending on whether you want to connect to a server in a single location or wish to have all the locations available on your iPhone.
-
-3.  To upload the configurations file/s into OpenVPN Connect, you have to either upload them to a cloud storage service such as dropbox or email them to yourself (or use AirDrop if you know how to use it).
-
-    To use dropbox, upload the config file/s to your dropbox account. On the iPhone, open Dropbox and select a config file. Click on the share icon (square with an arrow pointing up) in the top right corner. Tap on the `Open in` icon and then tap `Copy to OpenVPN`.
-
-    To email, send the config file/s to an email address that is accessible on your device. Open the email and tap the icon of the configuration file in your email. Choose the option `Copy to OpenVPN`.
-
-4.  Tap the green "+" button to add the server.
-
-    ![](/images-static/uploads/install-openvpn-connect-iphone-020-320x480.png)
-
-5.  Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' and any password.
-
-    <div markdown="1" class="notice notice--info">
-    Only your account ID is used for authentication and is case-sensitive. The password field can be left empty or set to anything if your client software requires a non-blank password.
-    </div>
-
-    Click on the `save` slider if you wish to save your credentials. Click on the `Connection` slider (under the disconnected button) to initiate the connection.
-
-    ![](/images-static/uploads/install-openvpn-connect-iphone-030-320x480.png)
-
-6.  If you see a message asking you whether to "Allow OpenVPN to enable VPN connection" click `Yes`.
-
-    ![](/images-static/uploads/install-openvpn-connect-iphone-040-320x480.png)
-
-7.  Once connected you will see the new status `Connected` and also a VPN status bar icon. You can click on the `+` symbol to see more information about your connection.
-
-    ![](/images-static/uploads/install-openvpn-connect-iphone-050-320x480.png)
diff --git a/src/content/es/pages/setup/ios-wireguard.md b/src/content/es/pages/setup/ios-wireguard.md
deleted file mode 100644
index ce10ab10f..000000000
--- a/src/content/es/pages/setup/ios-wireguard.md
+++ /dev/null
@@ -1,26 +0,0 @@
----
-title: WireGuard setup guide for iOS
-url: /setup/ios-wireguard/
-layout: setup
-platform: ios
----
-# WireGuard setup guide
-
-<div markdown="1" class="notice notice--warning">
-To use WireGuard on iOS, we recommend downloading IVPN's <a href="/apps-ios/">iOS client</a>, which supports the protocol. Please follow the steps below if you would prefer to use the official WireGuard app for iOS instead:
-</div>
-
-1.  Download and install the latest version of WireGuard from the [App Store](https://apps.apple.com/us/app/wireguard/id1441195209).
-
-2.  Navigate to our [config file generator](/account/wireguard-config)
-
-3.  Choose `Generate key` or `Add key` manually
-
-4.  Select the required `Single` or `Multi-hop` server configuration, `Port`, `Internet protocol` and hit `Generate QR code`
-
-5.  Launch the WireGuard app, tap on the `Add a tunnel` button in the middle > `Create from QR-code`. Give it any name and tap on the `Create Tunnel`
-
-6. `Allow` the "WireGuard would like to add VPN configurations" prompt
-
-7.  Toggle the connect switch on and check your connection status on our website:<br></br>
-![](/images-static/uploads/connection-status-tool.png)
diff --git a/src/content/es/pages/setup/linux-ipsec-with-ikev2.md b/src/content/es/pages/setup/linux-ipsec-with-ikev2.md
deleted file mode 100644
index c1c69cc8c..000000000
--- a/src/content/es/pages/setup/linux-ipsec-with-ikev2.md
+++ /dev/null
@@ -1,44 +0,0 @@
----
-title: Linux IPSec with IKEv2 Setup Guide
-url: /setup/linux-ipsec-with-ikev2/
-layout: setup
-platform: linux
----
-# IPSec with IKEv2 setup guide
-
-The following Strogswan configuration is known to work:
-
-1.  Create a config file in your strongswan `ipsec.d` directory e.g. `ivpn.conf` with the following
-
-    ```
-    conn ivpn
-        keyexchange=ikev2
-        right=gb.gw.ivpn.net
-        rightid=gb.gw.ivpn.net
-        rightsubnet=0.0.0.0/0
-        rightauth=pubkey
-        leftsourceip=%config
-        leftauth=eap-mschapv2
-        eap_identity=ivpnaccountID
-        auto=start
-        dpdaction=restart
-    ```
-
-    Change the right= and rightid= as appropriate for the server you want to connect to.  The `ivpnaccountID` is case-sensitive.
-
-2.  Create a .secrets file e.g. ivpn.secrets in the strongswan ipsec.d directory e.g. ivpn.secrets with the following
-
-    ```
-    ivpnaccountID : EAP "ivpn"
-    ```
-
-    Note that there is a space either side of the colon `:`.
-
-3.  Depending on your Linux distribution and version, you may need to download some or all of the following certificates and store them in files located in your strongswan ipsec.d/cacerts directory:  
-
-    [https://letsencrypt.org/certs/letsencryptauthorityx3.pem.txt](https://letsencrypt.org/certs/letsencryptauthorityx3.pem.txt)  
-    [https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem.txt](https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem.txt)  
-    [https://letsencrypt.org/certs/trustid-x3-root.pem.txt](https://letsencrypt.org/certs/trustid-x3-root.pem.txt)  
-    [https://letsencrypt.org/certs/isrgrootx1.pem.txt](https://letsencrypt.org/certs/isrgrootx1.pem.txt)  
-
-4.  Tell strongswan to restart or reload it's config.
diff --git a/src/content/es/pages/setup/linux-netman.md b/src/content/es/pages/setup/linux-netman.md
deleted file mode 100644
index cbd5538d8..000000000
--- a/src/content/es/pages/setup/linux-netman.md
+++ /dev/null
@@ -1,51 +0,0 @@
----
-title: OpenVPN using NetworkManager Setup Guide
-url: /setup/linux-netman/
-layout: setup
-platform: linux
----
-# OpenVPN NetworkManager setup guide
-
-<div markdown="1" class="notice notice--warning">
-Network Manager is designed to provide automatic connectivity, through whatever channels are available. Once a VPN connection is established, all traffic is routed through the tunnel. After network interruptions, Network Manager will normally automatically restart OpenVPN to reconnect.
-<br><br>
-However, Network Manager occasionally kills the OpenVPN process after network interruptions. High network loading seems to increase the risk. And when connectivity returns, Network Manager doesn't restart OpenVPN.
-<br><br>
-Therefore, to ensure that you have no leaks when using OpenVPN with Network Manager, it's crucial to have firewall (iptables) rules that restrict traffic to the VPN tunnel, and that allow direct connections only to the VPN server. It's also prudent to block all IPv6 traffic.
-</div>
-
-1. Install OpenVPN and the OpenVPN plugin for the Network Manager. Depending on your distro you may also require the `network-manager-openvpn-gnome` package.
-
-   ```
-   sudo apt-get install openvpn network-manager-openvpn
-   ```
-
-2. Download the [latest config files](/openvpn-config) and extract contents to a temporary directory.
-
-3. Click on the Network Manager icon (normally top right menubar) and select `Edit connections..` > `"+"` > `Import a saved VPN configuration..` > `Create`.
-
-4. Select one of the .ovpn files you extracted from step 2 representing the server you would like to configure and click `Open` to import.
-
-5. The VPN configuration window will open on the `VPN` tab. Under the `Authentication` heading update the `Type` to `Password`.
-
-6. Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' and any password.
-
-   <div markdown="1" class="notice notice--info">
-   Only your account ID is used for authentication and is case-sensitive. The password field can be left empty or set to anything if your client software requires a non-blank password.
-   </div>
-
-7. Click on the Network Manager icon in the toolbar and select the newly configured server under `VPN Connections`.
-
-8. Once connected you should see a a small lock next to the Network Manager icon. You can confirm that you are connected by checking your external IP in the terminal.
-
-   ```
-   curl ifconfig.co
-   ```
-
-### Troubleshooting
-
-Most issues can be easily resolved by reviewing the OpenVPN logs. Network Manager normally writes to the syslog e.g. `/var/log/syslog` or `/var/log/messages`. You can filter the relevant logs by using grep e.g.
-
-```
-sudo grep VPN /var/log/syslog
-```
diff --git a/src/content/es/pages/setup/linux-terminal.md b/src/content/es/pages/setup/linux-terminal.md
deleted file mode 100644
index e13170399..000000000
--- a/src/content/es/pages/setup/linux-terminal.md
+++ /dev/null
@@ -1,165 +0,0 @@
----
-title: OpenVPN using terminal Setup Guide
-url: /setup/linux-terminal/
-layout: setup
-platform: linux
----
-# OpenVPN Terminal setup guide
-
-1.  Install OpenVPN using your package manager if it is not installed already:
-
-    #### Debian, Ubuntu, Mint:
-
-    ```
-    sudo apt-get install openvpn
-    ```
-
-    #### Fedora, CentOS:
-
-    ```
-    sudo yum install openvpn
-    ```
-
-    or
-
-    ```
-    sudo dnf install openvpn
-    ```
-
-    #### Arch, Manjaro:
-
-    ```
-    sudo pacman -S openvpn
-    ```
-
-    #### openSUSE:
-
-    ```
-    zypper install openvpn
-    ```
-
-2.  Download the OpenVPN [config files](/openvpn-config) to your home directory and extract the contents to a known location. 
-    <div markdown="1" class="notice notice--info">
-    Note: In most cases you want to use the UDP Protocol.
-    </div>
-
-
-    ```
-    unzip ivpn-openvpn-config.zip
-    Archive:  ivpn-openvpn-config.zip
-        creating: ivpn-openvpn-config/
-        inflating: ivpn-openvpn-config/Austria.ovpn
-        inflating: ivpn-openvpn-config/Australia.ovpn
-        ...
-    cd ivpn-openvpn-config/
-    pwd
-    /home/user/ivpn-openvpn-config
-    ```
-
-    In this case, the configuration files are in the `ivpn-openvpn-config/` sub-folder of the **user** home folder. The full path is `/home/user/ivpn-openvpn-config/`.
-
-    <div markdown="1" class="notice notice--info">
-    Note: Unless your Linux user account is called user the full path will likely be different on your computer system.
-    </div>
-    
-
-3.  You can initiate an OpenVPN connection by specifying the configuration file you wish to use. You will need to manually enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' and any password.
-   
-    <div markdown="1" class="notice notice--info">
-    Only your account ID is used for the authentication and is case-sensitive. The password can be anything, like "ivpn", if your client requires a non-blank password.
-    </div>
-
-    ```
-    sudo openvpn --config /home/user/ivpn-openvpn-config/Austria.ovpn
-    ```
-
-    or
-
-    ```
-    cd /home/user/ivpn-openvpn-config/
-    sudo openvpn --config Austria.ovpn
-    ```
-
-    <div markdown="1" class="notice notice--info">
-    Note: If you close the Terminal window with an active VPN connection, the VPN will be disconnected. Please keep the Terminal window open. You can also disconnect the VPN by pressing `Ctrl+c` in the Terminal window. You will see a few extra lines as the connection cleans up.
-    </div>
-
-4.  It is possible to create a file to store your credentials, which saves from entering them for each connection. Create a file called `pass` in a known location. This known location might be the same `ivpn-openvpn-config/` from the previous steps. Enter your account ID (starts with 'ivpn') on the first line and any password on the second line:
-
-    ```
-    nano /home/user/ivpn-openvpn-config/pass
-    ivpnADCdef123
-    anyPasswordHere
-    ```
-
-    Press `Ctrl+x` to save the file and exit from the `nano` editor.
-
-5.  Protect your credentials from other users on your computer system:
-
-    ```
-    chmod 400 home/user/ivpn-openvpn-config/pass
-    ```
-
-6.  Update the .ovpn files to point to your credential file. A single file can be edited manually:
-
-    ```
-    nano /home/user/ivpn-openvpn-config/Austria.ovpn
-    ```
-
-    Change the `auth-user-pass` line to `auth-user-pass /home/user/ivpn-openvpn-config/pass`. Press `Ctrl+x` to save the file and exit from the nano editor.
-
-    All of the .ovpn files can be changed at the same time:
-
-    ```
-    cd /home/user/ivpn-openvpn-config/
-    sed -i 's:auth-user-pass:auth-user-pass /home/user/ivpn-openvpn-config/pass:' *.ovpn
-    ```
-
-7.  After connecting to one of our OpenVPN servers, the internal DNS server for the VPN connection can be automatically added to the `/etc/resolv.conf` file if you have either the `resolvconf` or `openresolv` package installed. When the VPN connection is established, the `resolvconf` package will create a temporary backup of your computer system's `/etc/resolv.conf` file and replace the contents with our internal DNS server. This is automatic on most distributions, but some Debian-based distros have trouble with the extra DNS.
-
-    A temporary fix is to edit the /etc/resolv.conf file to make sure the only DNS server present is ours. First, find the VPN server IP address:
-
-    ```
-    ip a | grep tun
-    tun0: <POINTOPOINT...
-        inet 10.x.y.z/22 ...
-    ```
-
-    The corresponding DNS server for this `10.x.y.z` IP address is `10.x.y.1`. You could also use our global internal IP address: `10.0.254.1`. Comment out all non-blank lines and add one for our DNS server:
-
-    ```
-    sudo nano /etc/resolv.conf
-    # a comment is a line that starts with '#'
-    #
-    #nameserver 192.168.0.1
-    #search domain
-    nameserver 10.x.y.1
-    ```
-
-    Press `Ctrl+x` to save the file and exit from the `nano` editor.
-
-    You can undo the changes to the `/etc/resolv.conf` file by editing it with the `nano` editor and reversing the changes. The file will also be restored to the original state if you reboot your computer system.
-
-8.  A more permanent DNS fix is available via [this guide](/knowledgebase/linux/linux-webpages-do-not-load-or-dns-leaks-when-connecting-via-networkmanager/).
-
-9.  If you wish to have the OpenVPN connection establish automatically with the system start, please see the following guides for [Ubuntu](/knowledgebase/linux/linux-autostart-openvpn-in-systemd-ubuntu/) and [Fedora](/knowledgebase/linux/linux-autostart-openvpn-in-systemd-fedora/).
-
-10. Check your external IP to verify that you are connected:
-
-    ```
-    curl https://api.ivpn.net/v4/geo-lookup
-    ```
-
-    If you have the `jq` JSON parser program installed, it looks a little friendlier:
-
-    ```
-    curl https://api.ivpn.net/v4/geo-lookup | jq
-    ```
-
-### Troubleshooting
-
-1.  Most issues can be easily resolved by reviewing the logs. The diagnostic logging for the connection is available in the same Terminal window that you executed the connection command from. Some distributions will write OpenVPN logs to the syslog e.g. `/var/log/syslog` or `/var/log/messages`. You can filter VPN connection details with the `grep` command:
-
-    ```
-    grep -i vpn /var/log/syslog
-    ```
diff --git a/src/content/es/pages/setup/linux-wireguard-netman.md b/src/content/es/pages/setup/linux-wireguard-netman.md
deleted file mode 100644
index 4607b1235..000000000
--- a/src/content/es/pages/setup/linux-wireguard-netman.md
+++ /dev/null
@@ -1,100 +0,0 @@
----
-title: WireGuard using NetworkManager Setup Guide
-url: /setup/linux-wireguard-netman/
-layout: setup
-platform: linux
----
-# WireGuard NetworkManager setup guide
-
-WireGuard support was added to NetworkManager in v1.16. This guide was created with NetworkManager v1.20.4-1 on Manjaro with KDE and verified on openSUSE Tumbleweed with KDE with NetworkManager v1.18.2-1.1. Generally, KDE's implementation of NetworkManager supports WireGuard, though other desktop environments might not.
-
-### Configure your environment
-
-1.  [Install WireGuard](https://www.wireguard.com/install/) for your distribution.
-
-    Install additional packages for Debian/Ubuntu/Mint:
-
-    ```
-    $ sudo apt install resolvconf curl
-    ```
-
-2.  Generate your private and public keys and store them in a safe place.
-
-    ```
-    $ cd ~
-    $ mkdir wireguard
-    $ cd wireguard
-    $ wg genkey | tee privatekey | wg pubkey > publickey
-    $ chmod 600 privatekey
-    $ cat privatekey
-    abcdefghijklmnopqrstuvwxyz0123456789=
-    $ cat publickey
-    9876543210zyxwvutsrqponmlkjihgfedcba=
-    ```
-
-    Note: The keys above are examples only.
-
-### Setup WireGuard to use IVPN
-
-1.  Log in to the [IVPN Account Area](/account/login/).
-
-2.  From the `Account` page, click the `WireGuard` tab. Go to `WireGuard Key Management` located under `Tools`. Click the `Add New Key` button. Copy the contents of the public key file and paste them into the `Public Key:` field. Add a comment, like `Linux` if you prefer, and click the `Add Key` button.
-
-    <div markdown="1" class="notice notice--warning">
-    Be sure to copy the PUBLIC key and not the PRIVATE key. The PRIVATE key must always be kept a carefully guarded secret.
-    </div>
-
-3.  Make note of the `IP Address` beside your newly added public key on the WireGuard tab in the Account Area. This is the IP address your computer system will have on our internal network. It will be in the form `172.x.y.z`.
-
-4.  Open the NetworkManager `Configure network connections` window. This is often available via an icon in the system tray near the clock, though each Linux distribution may be different.
-
-5.  Click the `+` to add a new connection. Select `WireGuard` from the list, then click the `Create` button.
-
-6.  The `Connection name:` field should reflect the server location and will be used as the network interface name. Alphanumeric characters and dashes may be good choices, which easily reflect the names of our servers (ie. ca1, de1, us-ga1).
-
-    Enter your private key in the `Private Key:` field on the `WireGuard Interface` tab.
-
-    ![](/images-static/uploads/wg-nm-10-new-connection1.png)
-
-7.  Click the `Peers...` button on the `WireGuard Interface` tab and add the following:
-
-    <div markdown="1" class="notice notice--info">
-    <strong>Public key:</strong> = WireGuard server public key available on the <strong>WireGuard Server List</strong> page in the Account Area<br>
-    <strong>Allowed IPs:</strong> = 0.0.0.0/0<br>
-    <strong>Endpoint address:</strong> = WireGuard server address available on the <strong>WireGuard Server List</strong> page in the Account Area<br>
-    <strong>Endpoint port:</strong> = choose one of the ports we offer: 53, 80, 443, 1194, 2049, 2050, 30587, 41893, 48574, 58237
-    </div>
-
-    Click `OK`.
-
-    ![](/images-static/uploads/wg-nm-20-peer1.png)
-
-8.  On the IPv4 tab, set `Method:` to **Manual**. The DNS server can be one of three options:
-
-    <div markdown="1" class="notice notice--info">
-    <strong>172.16.0.1</strong> = regular DNS with no blocking<br>
-    <strong>10.0.254.2</strong> = standard AntiTracker to block advertising and malware domains<br>
-    <strong>10.0.254.3</strong> = Hardcore Mode AntiTracker to also block Google and Facebook domains
-    </div>
-
-    Click the `+ Add` button to add the IP address we have assigned your account in step 3 above. The Netmask is 255.255.255.255 and the Gateway is 0.0.0.0.
-
-    ![](/images-static/uploads/wg-nm-30-IPv4-1.png)
-
-9.  On the **IPv6** tab, set `Method:` to **Ignored**.
-
-10. Click the `Save` button.
-
-### Connecting and Disconnecting
-
-1.  To connect, click the `NetworkManager` icon in the system tray and click `Connect` beside the newly created WireGuard connection.
-
-2.  Check the connection status.
-
-    ![](/images-static/uploads/wg-nm-40-connection-status1.png)
-
-3.  Check [https://www.dnsleaktest.com](https://www.dnsleaktest.com) to verify the IP address your traffic is coming from (and that there are no leaks).
-
-4.  To disconnect, click the `NetworkManager` icon in the system tray and click the `Disconnect` button next to the active connection.
-
-    ![](/images-static/uploads/wg-nm-50-disconnect1.png)
diff --git a/src/content/es/pages/setup/linux-wireguard.md b/src/content/es/pages/setup/linux-wireguard.md
deleted file mode 100644
index 6a68bf6f5..000000000
--- a/src/content/es/pages/setup/linux-wireguard.md
+++ /dev/null
@@ -1,160 +0,0 @@
----
-title: WireGuard using terminal Setup Guide
-url: /setup/linux-wireguard/
-layout: setup
-platform: linux
----
-# WireGuard terminal setup guide
-
-### Configure your environment
-
-1.  [Install WireGuard](https://www.wireguard.com/install/) for your distribution.
-
-    Install additional packages for Debian/Ubuntu/Mint:
-
-    ```
-    $ sudo apt install resolvconf curl
-    ```
-
-2.  Generate your private and public keys and store them in a safe place.
-
-    ```
-    $ cd ~
-    $ mkdir wireguard
-    $ cd wireguard
-    $ wg genkey | tee privatekey | wg pubkey > publickey
-    $ chmod 600 privatekey
-    $ cat privatekey
-    abcdefghijklmnopqrstuvwxyz0123456789=
-    $ cat publickey
-    9876543210zyxwvutsrqponmlkjihgfedcba=
-    ```
-
-    Note: The keys above are examples only.
-
-### Setup WireGuard to use IVPN
-
-1.  Log in to the [IVPN Client Area](/account/login/).
-
-2.  On the `VPN Accounts` page, click the `WireGuard` tab. Go to `WireGuard Key Management` located under `Tools`. Click the `Add New Key` button. Copy the contents of the public key file and paste them into the `Public Key:` field. Add a comment, like `Linux` if you prefer, and click the `Add Key` button.
-
-    <div markdown="1" class="notice notice--warning">
-    Be sure to copy the PUBLIC key and not the PRIVATE key. The PRIVATE key must always be kept a carefully guarded secret.
-    </div>
-
-3.  Make note of the `IPv4 address` and `IPv6 address` beside your newly added public key on the WireGuard tab in the Client Area. These are the IP addresses your computer system will have on our internal network that will be in the `172.x.y.z` & `fd00:4956:504e:ffff::aaaa:bbbb` format respectively.
-
-4.  WireGuard uses the UDP protocol and IVPN offers different ports to connect on. Choose a port:
-
-    ```
-    udp 53
-    udp 80
-    udp 443
-    udp 1194
-    udp 2049
-    udp 2050
-    udp 30587
-    udp 41893
-    udp 48574
-    udp 58237
-    ```
-
-5.  Choose a WireGuard server to connect to from our **[Server Status](/status/)** page. Remember the hostname and the public key of the server.
-
-6.  To create a WireGuard configuration file for the connection you will need the following information:
-
-    Your private key from step #2 of the environment configuration.
-
-    ```
-    $ cat ~/wireguard/privatekey
-    abcdefghijklmnopqrstuvwxyz0123456789=
-    ```
-
-    Your assigned IP addresses from step #3 above.
-
-    ```
-    172.x.y.z, fd00:4956:504e:ffff::aaaa:bbbb
-    ```
-
-    The server port from step #4 above.
-
-    ```
-    2049
-    ```
-
-    The server `hostname` and server `public_key` from step #5 above.
-
-    ```
-    us-tx1.wg.ivpn.net
-    JPT1veXLmasj2uQDstX24mpR7VWD+GmV8JDkidkz91Q=
-    ```
-
-7.  Create the WireGuard configuration file.
-
-    ```
-    $ sudo mkdir /etc/wireguard
-    $ sudo touch /etc/wireguard/us-tx1.conf
-    $ sudo chmod 600 /etc/wireguard/us-tx1.conf
-    $ sudo nano /etc/wireguard/us-tx1.conf
-    ```
-
-    Use Nano or your favorite text editor to edit the configuration file. Enter the details accordingly
-
-    ```
-    [Interface]
-    PrivateKey = abcdefghijklmnopqrstuvwxyz0123456789=
-    Address = 172.x.y.z/32, fd00:4956:504e:ffff::x:y/128
-    DNS = 172.16.0.1
-    [Peer]
-    PublicKey = JPT1veXLmasj2uQDstX24mpR7VWD+GmV8JDkidkz91Q=
-    Endpoint = us-tx1.wg.ivpn.net:2049
-    AllowedIPs = 0.0.0.0/0, ::/0
-    ```
-
-    Press `Ctrl + x` to save the file and exit from the nano editor.
-
-    <div markdown="1" class="notice notice--info">
-    - Add '/32' & '/128' to the end of your assigned IPv4 and IPv6 addresses respectively.<br>
-    - Add the chosen port at the end of the hostname with a prefix of ':'
-    </div>
-
-8.  You are now ready. To connect run:
-
-    ```
-    $ sudo wg-quick up us-tx1
-    ```
-
-9.  Check the contents of `/etc/resolv.conf` to confirm that the `wg-quick` program updated the DNS server in your system.
-
-    ```
-    $ cat /etc/resolv.conf
-    nameserver 172.16.0.1
-    ...
-    ```
-
-    You may have to manually add an entry for our internal DNS IP address.
-
-    ```
-    $ sudo nano /etc/resolv.conf
-    nameserver 172.16.0.1
-    ...
-    ```
-
-    Press `Ctrl + x` to save the file and exit from the nano editor.
-
-10. Check your external IPv4 & IPv6 IP addresses to verify that you are connected to IVPN.
-
-    ```
-    $ curl ifconfig.co
-    $ curl -6 ifconfig.co
-    ```
-
-11. To disconnect run:
-
-    ```
-    $ sudo wg-quick down us-tx1
-    ```
-
-    <div markdown="1" class="notice notice--warning">
-    Be sure to undo the manually applied changes to <code>/etc/resolv.conf</code> if any changes were required.
-    </div>
diff --git a/src/content/es/pages/setup/macos-ipsec-with-ikev2.md b/src/content/es/pages/setup/macos-ipsec-with-ikev2.md
deleted file mode 100644
index 5b4332393..000000000
--- a/src/content/es/pages/setup/macos-ipsec-with-ikev2.md
+++ /dev/null
@@ -1,41 +0,0 @@
----
-title: IPSec IKEv2 for macOS Setup Guide
-url: /setup/macos-ipsec-with-ikev2/
-layout: setup
-platform: macos
----
-# IPSec with IKEv2 setup guide
-
-This guide will help you set up an IPSec connection using IKEv2
-
-1. In the dock click `System Preferences`
-
-2. In System Preferences click `Network`
-
-3. In Network click the `+` symbol on the bottom left
-
-4. Select `Interface` VPN
-   
-   Select `VPN Type` IKEv2
-   
-   Give this a `Service Name` to identify it by and click `Create`
-
-   ![](/images-static/uploads/mac-osx-ipsec-with-ikev2-004.png)
-
-5. In Network fill in the `Server Address` using the address of one of the servers from the [server status](/status/) list (depending on which country you want to connect to). The `Remote ID` should be the same as the Server Address
-
-   ![](/images-static/uploads/mac-osx-ipsec-with-ikev2-005.png)
-
-6. Click `Authentication Settings ...`. Select `Username`. Fill in your IVPN Account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' (case-sensitive) and the following password - `ivpn`. Click `OK`
-
-   ![](/images-static/uploads/mac-osx-ipsec-with-ikev2-006.png)
-
-7. In Network click `Apply`
-
-8. To connect, in network click on the adaptor created above then click `Connect`
-
-   ![](/images-static/uploads/mac-osx-ipsec-with-ikev2-008.png)
-
-9. To Disconnect, in network click on the adaptor and then click `Disconnect`.
-
-   ![](/images-static/uploads/mac-osx-ipsec-with-ikev2-009.png)
diff --git a/src/content/es/pages/setup/macos-openvpn-tunnelblick.md b/src/content/es/pages/setup/macos-openvpn-tunnelblick.md
deleted file mode 100644
index 4dcf0355c..000000000
--- a/src/content/es/pages/setup/macos-openvpn-tunnelblick.md
+++ /dev/null
@@ -1,27 +0,0 @@
----
-title: Tunnelblick (OpenVPN) for macOS Setup Guide
-url: /setup/macos-openvpn-tunnelblick/
-layout: setup
-platform: macos
----
-# Tunnelblick setup guide
-
-1. Download the [latest stable release](https://tunnelblick.net/downloads.html). If you are using a pre-release version of macOS then you may need to download the beta release. Unless your version of macOS is not supported by the current stable release we always recommend using the stable release.
-
-2. Double-click the downloaded `.dmg` file to open the disk image. Double-click the `Tunnelblick.app` icon to install into your applications folder. You may see a warning about Tunnelblick being downloaded from the Internet - Click `open` to continue. When the installer asks if you want to launch or quit Tunnelblick, click `Quit`.
-
-3. Download the [IVPN config files](/openvpn-config). Unzip the downloaded file and then open the new `ivpn-openvpn-config` folder. Select all the files, right-click one of them and select `open with` / `tunnelblick.app`.
-
-4. Select whether you want to enable the connections for only yourself or for all users of your computer. Next you will be asked to enter your macOS password to import the configurations.
-
-5. You will notice a new status menu icon that looks like a tunnel. Click this icon and you will be presented with a list of VPN servers that you have imported. Click on a VPN server to connect.
-
-6. Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' and any password.
-
-   <div markdown="1" class="notice notice--info">
-   Only your account ID is used for authentication and is case-sensitive. The password field can be left empty or set to anything if your client software requires a non-blank password.
-   </div>
-
-   Click `Save in keychain` to save the credentials for that server. Click `OK` to continue. You should see the status menu icon running some animation effects as it connects to the IVPN network.
-
-7. If the tunnel has gone dark you are connected! Click the Tunnelbick icon and you will see your active connections in the list. Click the same VPN server entry to disconnect.
diff --git a/src/content/es/pages/setup/macos-wireguard.md b/src/content/es/pages/setup/macos-wireguard.md
deleted file mode 100644
index 6d68c839b..000000000
--- a/src/content/es/pages/setup/macos-wireguard.md
+++ /dev/null
@@ -1,24 +0,0 @@
----
-title: WireGuard manual setup for macOS 10.14+
-url: /setup/macos-wireguard/
-layout: setup
-platform: macos
----
-# WireGuard setup guide for macOS 10.14+
-
-<div markdown="1" class="notice notice--warning">
-To use WireGuard on macOS, we recommend downloading IVPN's <a href="/apps-macos/">macOS client</a>, which supports the protocol. Please follow the steps below if you would prefer to use the official WireGuard app for macOS instead:
-</div>
-
-1.  [Download](https://itunes.apple.com/us/app/wireguard/id1451685025?ls=1&mt=12) and install the latest version of WireGuard client from Apple's App Store.
-
-2.  Navigate to our [config file generator](/account/wireguard-config)
-
-3.  Choose `Generate key` or `Add key` manually
-
-4.  Select the required `Single` or `Multi-hop` server configuration(s), `Port`, `Internet protocol` and hit `Download zip archive`
-
-5.  Extract the downloaded .zip file, launch the WireGuard app, click on the `+` button in the bottom left > `Import Tunnel(s) from File...` and select the extracted config file(s)
-
-6.  Click on the `Activate` button and check your connection status on our website:<br></br>
-![](/images-static/uploads/connection-status-tool.png)
diff --git a/src/content/es/pages/setup/nas/_index.md b/src/content/es/pages/setup/nas/_index.md
deleted file mode 100644
index fc8be6b50..000000000
--- a/src/content/es/pages/setup/nas/_index.md
+++ /dev/null
@@ -1,8 +0,0 @@
----
-title: VPN setup guides for NAS
-description: Install and configure a VPN securely on your NAS with our easy step-by-step setup guides.
-url: /setup/nas/
-section: NAS Setup
-platform: nas
-layout: setup-list
----
diff --git a/src/content/es/pages/setup/nas/qnap.md b/src/content/es/pages/setup/nas/qnap.md
deleted file mode 100644
index 1f1f2b274..000000000
--- a/src/content/es/pages/setup/nas/qnap.md
+++ /dev/null
@@ -1,72 +0,0 @@
----
-title: VPN Setup guide for the QNAP NAS
-listItem: QNAP
-url: /setup/nas/qnap/
-section: NAS Setup
-platform: nas
-layout: setup-article
-weight: 20
----
-## QNAP NAS Setup Guide
-
-<div markdown="1" class="notice notice--warning">
-This guide was produced using QTS v4.3.6
-</div>
-
-1.  Download and extract the IVPN [.ovpn config files](/openvpn-config) to your computer system.
-
-2.  In the QNAP web interface, open the `AppCenter` and search for **qvpn**.
-
-    ![](/images-static/uploads/install-qnap-1.png)
-
-3.  Click the `+ Install` button to add the `QVPN Service` app to your device if it is not installed already.
-
-4.  Open the `QVPN Service` app and under the the `VPN Client` area, click `VPN Connection Profiles`. Click the `Add` button and choose `OpenVPN`.
-
-    ![](/images-static/uploads/install-qnap-2.png)
-
-5.  Use the file picker dialogue box to choose the VPN server location you prefer and click `OK`.
-
-6.  Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' and any password in the credential fields and (optionally) change the **Profile Name** to something different. Click the `Apply` button.
-
-    <div markdown="1" class="notice notice--info">
-    Only your account ID is used for authentication and is case-sensitive. The password field can be left empty or set to anything if your client software requires a non-blank password.
-    </div>
-
-    ![](/images-static/uploads/install-qnap-3.png)
-
-    <div markdown="1" class="notice notice--info">
-    <strong>Note:</strong> You are free to choose whichever server location you prefer. Our Japan server is used here only as an example.
-    </div>
-
-7.  Add as many VPN server profiles as you would like.
-
-8.  Click the `Connect` icon under the `Actions` column. The connection may take 10 to 30 seconds and the `Status` indicator will turn green when the connection is successful.
-
-    ![](/images-static/uploads/install-qnap-4.png)
-
-9.  Click the `Use VPN as NAS Default Gateway` button for extra settings related to the default gateway and failover.
-
-    ![](/images-static/uploads/install-qnap-5.png)
-
-    <div markdown="1" class="notice notice--info">
-    If you check the <code>Allow other network devices in the same subnet to connect to the VPN through the NAS</code> option, change the default gateway on your computer system to the local network IP address of the QNAP device to route all of the Internet traffic on your computer through the NAS VPN.<br>
-    Use our standard DNS server <strong>10.0.254.1</strong>, our AntiTracker DNS <strong>10.0.254.2</strong>, or our Hardcore Mode AntiTracker <strong>10.0.254.3</strong> on your computer system to complete the routing setup.
-    </div>
-
-    ![](/images-static/uploads/install-qnap-6.png)
-
-10. Instead of using servers separated by a great distance, you might prefer to use a location with multiple servers. This may offer a more seemless and familiar network experience if failover occurs:
-
-    ```
-    ca1.gw.ivpn.net
-    ca2.gw.ivpn.net
-    de1.gw.ivpn.net
-    de2.gw.ivpn.net
-    us-ga1.gw.ivpn.net
-    us-ga2.gw.ivpn.net
-    ```
-
-    You will have to make a copy of the .ovpn file and edit the server hostname prior to importing both files. Any text editor, like WordPad or TextEdit, will handle the editing. The server hostname is on line 4.  
-    Our [server status page](/status/) lists all of our servers.
-
diff --git a/src/content/es/pages/setup/nas/synology-6.md b/src/content/es/pages/setup/nas/synology-6.md
deleted file mode 100644
index 5a4d8c00c..000000000
--- a/src/content/es/pages/setup/nas/synology-6.md
+++ /dev/null
@@ -1,50 +0,0 @@
----
-title: VPN Setup guide for the Synology NAS 6.1
-listItem: Synology v.6.1
-url: /setup/nas/synology-6/
-section: NAS Setup
-platform: nas
-layout: setup-article
-weight: 10
----
-## Synology NAS Setup Guide for DSM v.6.1
-
-The following guide explains how to set up your Synology NAS based on DiskStation Manager (DSM) v.6.1.
-
-1.  Download and extract the archive with our [.ovpn config files](/openvpn-config).
-
-2.  Log into your Synology device, navigate to `Control Panel` - `Network` - `Network Interface` & click on the `Create` - `Create VPN Profile`.
-
-    ![](/images-static/uploads/install-synology-nas6.1-1.png)
-
-3.  Choose `OpenVPN (via importing a .ovpn file)` & click on `Next`
-
-    ![](/images-static/uploads/install-synology-nas6.1-2.png)
-
-4.  Fill in the following fields:
-
-    **Profile name** - Give it any name you want, e.g. **IVPN_Germany**.  
-    **User name** - Your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX'.  
-    **Password** - Any password.  
-
-    <div markdown="1" class="notice notice--info">
-    Only your account ID is used for authentication and is case-sensitive. Enter anything into the password field. !IMPORTANT! The password field cannot be left empty.
-    </div>
-
-    **Import .ovpn file** - specify the location of the VPN profile file you adjusted in the first step.  
-    Click `Next`.
-
-    ![](/images-static/uploads/install-synology-nas6.1-3.png)
-
-5.  We recommend enabling all options in the Advanced Settings:
-
-    `Use default gateway on remote network` - enable this option to route the network traffic of the Synology NAS to the specified VPN server.  
-    `Allow other network devices to connect through this Synology server's Internet connection` - enable this option to allow network devices that are within the same local network as your Synology NAS to connect to the same VPN server.  
-    `Reconnect when the VPN connection is lost` - if the VPN connection is unexpectedly lost, the system will attempt to reestablish the connection five times, attempting once every 30 seconds.  
-    Click `Apply`.  
-
-    ![](/images-static/uploads/install-synology-nas6.1-4.png)
-
-6.  The VPN profile is now successfully created. You can now manage your tunnel with `Connect/Disconnect` button.
-
-    ![](/images-static/uploads/install-synology-nas6.1-5.png)
diff --git a/src/content/es/pages/setup/router/_index.md b/src/content/es/pages/setup/router/_index.md
deleted file mode 100644
index cf206167c..000000000
--- a/src/content/es/pages/setup/router/_index.md
+++ /dev/null
@@ -1,20 +0,0 @@
----
-title: VPN Setup guide for Routers
-description: Install and configure a VPN securely on your router with our easy step-by-step setup guides.
-url: /setup/router/
-section: Routers Setup
-platform: router
-layout: setup-list
----
-## IVPN Integrated Solutions
-
-It is now possible to purchase a VPN router with IVPN pre-configured. When you receive the router all you need to do is enter your account ID and any password to connect.
-
-* [Vilfo router](https://www.vilfo.com/providers/ivpn?ref=ivpn) - Please note that if you purchase a router from Vilfo we receive a commission.
-
-## Router Not Listed?
-
-If your router includes a VPN client, use one of our configuration file generators and import it into your device:
-
-* [OpenVPN](https://www.ivpn.net/openvpn-config) - OpenVPN username = IVPN Account ID (case-sensitive), password = any non-blank string (ie. **ivpn** or **i**)
-* [WireGuard](https://www.ivpn.net/account/wireguard-config) - website login required
diff --git a/src/content/es/pages/setup/router/asuswrt-merlin-openvpn.md b/src/content/es/pages/setup/router/asuswrt-merlin-openvpn.md
deleted file mode 100644
index 5f2c952b7..000000000
--- a/src/content/es/pages/setup/router/asuswrt-merlin-openvpn.md
+++ /dev/null
@@ -1,42 +0,0 @@
----
-title: VPN Setup guide for Asuswrt-Merlin
-listItem: Asuswrt-Merlin OpenVPN
-url: /setup/router/asuswrt-merlin-openvpn/
-section: Router Setup
-platform: router
-layout: setup-article
-weight: 49
----
-## Asuswrt-Merlin OpenVPN Setup Guide
-
-<div markdown="1" class="notice notice--warning">
-This guide was produced using Asuswrt-Merlin firmware v388.1
-</div>
-
-### Configuring the VPN tunnel
-
-1. [Generate and download](/openvpn-config) the .zip archive containing the OpenVPN config file with the selected server and configuration
-
-2. Extract the archive, launch the web browser and enter the IP address of your router, which is usually `192.168.1.1`
-
-3. Once logged in, navigate to `VPN` – `VPN Client` tab - `OpenVPN`
-
-4. Click on the `Choose file` button. Open the extracted earlier .ovpn config file, hit the `Upload` button and select the following configuration:
-    
-    * Put any name into the `Description` field
-    * `Accept DNS Configuration` - **Exclusive** (this option ensures that only DNS server provided by the VPN server is used)
-    * `Redirect Internet traffic through tunnel` - **Yes (all)**
-    * (optional) `Automatic start at boot time` - **Yes**
-    * (optional) `Killswitch - Block routed clients if tunnel goes down` - **Yes**
-
-5. Enter your IVPN account id into the `Username` field (i-XXXX-XXXX-XXXX or ivpnXXXXXXXX) and any string into the `Password` field, e.g. 'ivpn'. Click `Apply`
-
-6. Toggle `Service state` switch On to connect.
-
-    ![](/images-static/uploads/asuswrt-merlin-openvpn-1.png)
-
-### Final steps
-
-1. Reboot your router and wait for a minute or two for everything to settle, then reboot your computer system
-
-2. To confirm that you are connected to the IVPN network, check the connection status tool on our website and run a dns leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) from any devices connected to your Asus router
\ No newline at end of file
diff --git a/src/content/es/pages/setup/router/asuswrt-merlin-wireguard.md b/src/content/es/pages/setup/router/asuswrt-merlin-wireguard.md
deleted file mode 100644
index 11113f60a..000000000
--- a/src/content/es/pages/setup/router/asuswrt-merlin-wireguard.md
+++ /dev/null
@@ -1,53 +0,0 @@
----
-title: VPN Setup guide for Asuswrt-Merlin
-listItem: Asuswrt-Merlin WireGuard
-url: /setup/router/asuswrt-merlin-wireguard/
-section: Router Setup
-platform: router
-layout: setup-article
-weight: 50
----
-## Asuswrt-Merlin WireGuard Setup Guide
-
-<div markdown="1" class="notice notice--warning">
-This guide was produced using Asuswrt-Merlin firmware v388.1
-</div>
-
-### Configuring the VPN tunnel
-
-1. [Generate and download](/account/wireguard-config) the .zip archive containing the WireGuard config file with the selected server and configuration
-
-    <div markdown="1" class="notice notice--info">
-    WireGuard config file generator is only available for accounts that were created after November 2020 (account ID format: i-XXXX-XXXX-XXXX). If you have an IVPN subscription created before this date (account ID format: ivpnXXXXXXXX), and wish to make use of the config file generator, contact our customer service to help you make the switch.
-    </div>
-
-2. Extract the archive, launch the web browser and enter the IP address of your router, which is usually `192.168.1.1`
-
-3. Once logged in, navigate to `VPN` – `VPN Client` tab - `WireGuard`
-
-4. Click on the `Choose file` button. Select the extracted earlier config file, and hit the `Upload` button
-
-5. Put any name into the `Description` field, set `Enable WireGuard` to **Yes**, and click `Apply`
-    
-    ![](/images-static/uploads/asuswrt-merlin-wireguard-1.png)
-
-6. Navigate to `VPN` - `VPN Director` area, scroll down, and click on the `+` icon to add a new rule for routing devices on your local network via the WireGuard interface
-
-    ![](/images-static/uploads/asuswrt-merlin-wireguard-2.png)
-
-7. Fill in the following configuration:
-
-    * `Interface` - select the recently created WireGuard interface
-    * `Enable` - check
-    * `Description` - give it any name
-    * `Local IP` - the address of your local network (e.g. 192.168.1.0/24) or IP address/es of your local network device/s separated with a comma if you wish to use VPN only on specific device/s
-
-    ![](/images-static/uploads/asuswrt-merlin-wireguard-3.png)
-
-8. Click `OK` and `Apply`
-
-### Final steps
-
-1. Reboot your router and wait for a minute or two for everything to settle, then reboot your computer system
-
-2. To confirm that you are connected to the IVPN network, check the connection status tool on our website and run a dns leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) from any devices connected to your Asus router
\ No newline at end of file
diff --git a/src/content/es/pages/setup/router/asuswrt-openvpn.md b/src/content/es/pages/setup/router/asuswrt-openvpn.md
deleted file mode 100644
index 1bab1364d..000000000
--- a/src/content/es/pages/setup/router/asuswrt-openvpn.md
+++ /dev/null
@@ -1,56 +0,0 @@
----
-title: VPN Setup guide for Asuswrt
-listItem: Asuswrt OpenVPN
-url: /setup/router/asuswrt-openvpn/
-section: Router Setup
-platform: router
-layout: setup-article
-weight: 47
----
-## Asuswrt OpenVPN Setup Guide
-
-<div markdown="1" class="notice notice--warning">
-This guide was produced using Asus stock firmware v3.0.0.4.388_21732
-</div>
-
-### Configuring the VPN tunnel
-
-1. [Generate and download](/openvpn-config) the .zip archive containing the OpenVPN config file with the selected server and configuration
-
-2. Extract the archive, launch the web browser and enter the IP address of your router, which is usually `192.168.1.1`
-
-3. Once logged in, navigate to `VPN` – `VPN Fusion` tab & click on the `Add profile` button
-
-    ![](/images-static/uploads/asuswrt-openvpn-1.png)
-
-4. Give the profile any name, select `OpenVPN` from the **VPN type** drop list, click on the `Import .ovpn file` button and open the extracted earlier .ovpn config file
-
-5. Enter your IVPN account id in the `Username` field (i-XXXX-XXXX-XXXX or ivpnXXXXXXXX) and any string into the `Password` field, e.g. 'ivpn'. Click `Apply and Enable`
-
-    ![](/images-static/uploads/asuswrt-openvpn-2.png)
-
-6. To manage the connection, toggle the switch next the created VPN profile On or Off
-
-    ![](/images-static/uploads/asuswrt-openvpn-3.png)
-
-### DNS
-
-1. Navigate to `LAN` - `DHCP Server`
-
-2. Set `Advertise router's IP in addition to user-specified DNS` to **No**
-
-3. Enter one of the following DNS servers in the `DNS Server 1` field:
-
-    * 10.0.254.1 = redular DNS with no blocking (10.0.254.101 for Multi-hop connections)
-    * 10.0.254.2 = standard AntiTracker to block advertising and malware domains
-    * 10.0.254.3 = AntiTracker Hardcore Mode to additionally block all domains owned by Google and Facebook
-
-4. Click `Apply`
-
-    ![](/images-static/uploads/asuswrt-openvpn-4.png)
-
-### Final steps
-
-1. Reboot your router and wait for a minute or two for everything to settle, then reboot your computer system
-
-2. To confirm that you are connected to the IVPN network, check the connection status tool on our website and run a dns leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) from any devices connected to your Asus router
\ No newline at end of file
diff --git a/src/content/es/pages/setup/router/asuswrt-wireguard.md b/src/content/es/pages/setup/router/asuswrt-wireguard.md
deleted file mode 100644
index db96e639d..000000000
--- a/src/content/es/pages/setup/router/asuswrt-wireguard.md
+++ /dev/null
@@ -1,46 +0,0 @@
----
-title: VPN Setup guide for Asuswrt
-listItem: Asuswrt WireGuard
-url: /setup/router/asuswrt-wireguard/
-section: Router Setup
-platform: router
-layout: setup-article
-weight: 48
----
-## Asuswrt WireGuard Setup Guide
-
-<div markdown="1" class="notice notice--warning">
-This guide was produced using Asus stock firmware v3.0.0.4.388_21732
-</div>
-
-### Configuring the VPN tunnel
-
-1. [Generate and download](/account/wireguard-config) the .zip archive containing the WireGuard config file with the selected server and configuration
-
-    <div markdown="1" class="notice notice--info">
-    WireGuard config file generator is only available for accounts that were created after November 2020 (account ID format: i-XXXX-XXXX-XXXX). If you have an IVPN subscription created before this date (account ID format: ivpnXXXXXXXX), and wish to make use of the config file generator, contact our customer service to help you make the switch.
-    </div>
-
-2. Extract the archive, launch the web browser and enter the IP address of your router, which is usually `192.168.1.1`
-
-3. Once logged in, navigate to `VPN` – `VPN Fusion` tab & click on the `Add profile` button
-
-    ![](/images-static/uploads/asuswrt-wireguard-1.png)
-
-4. Give the profile any name, select `WireGuard` from the **VPN type** drop list, click on the `Upload Config` button and import the extracted earlier config file
-
-    ![](/images-static/uploads/asuswrt-wireguard-2.png)
-
-5. Scroll down, remove the extra characters in the `Endpoint Port` field, leaving the port number selected in the config file generator and click on the `Apply and Enable` button
-
-    ![](/images-static/uploads/asuswrt-wireguard-3.png)
-
-6. To manage the connection, toggle the switch next to the created VPN profile On or Off
-
-    ![](/images-static/uploads/asuswrt-wireguard-4.png)
-
-### Final steps
-
-1. Reboot your router and wait for a minute or two for everything to settle, then reboot your computer system
-
-2. To confirm that you are connected to the IVPN network, check the connection status tool on our website and run a dns leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) from any devices connected to your Asus router
\ No newline at end of file
diff --git a/src/content/es/pages/setup/router/ddwrt-auto.md b/src/content/es/pages/setup/router/ddwrt-auto.md
deleted file mode 100644
index fe06f1542..000000000
--- a/src/content/es/pages/setup/router/ddwrt-auto.md
+++ /dev/null
@@ -1,26 +0,0 @@
----
-title: VPN Setup guide for DD-WRT routers using our automated setup script
-listItem: DD-WRT OpenVPN auto
-url: /setup/router/ddwrt-auto/
-section: Router Setup
-platform: router
-layout: setup-article
-weight: 11
----
-## DD-WRT OpenVPN Automatic Setup
-
-1.  Navigate to the home page of your router - By default `192.168.1.1`. If required enter your username and password, by default username is 'root' and password is 'admin'. Click on the `Administration` tab and then the `Commands` tab.
-
-2.  Navigate to the [DD-WRT auto installer script](/clientarea/ddwrt/) (You may need to login to the client area if you are not logged in).
-
-3.  Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX', any password and select a server to connect to. Click `Download script`.
-
-    <div markdown="1" class="notice notice--info">
-    Only your account ID is used for authentication and is case-sensitive. The password field can be left empty or set to anything if your client software requires a non-blank password.
-    </div>
-
-4.  Open the downloaded text file and copy and paste into the `Commands` text area.
-
-5.  Click on the `Save Startup` button.
-
-6.  Click on the `Management` tab and then click on the `Reboot router` button on the bottom of that page. Your router will reboot and connect to the VPN. This can take up to 3 minutes.
diff --git a/src/content/es/pages/setup/router/ddwrt-manual.md b/src/content/es/pages/setup/router/ddwrt-manual.md
deleted file mode 100644
index cdc7fb501..000000000
--- a/src/content/es/pages/setup/router/ddwrt-manual.md
+++ /dev/null
@@ -1,112 +0,0 @@
----
-title: VPN Setup guide for DD-WRT routers using the manual method
-listItem: DD-WRT OpenVPN manual
-url: /setup/router/ddwrt-manual/
-section: Router Setup
-platform: router
-layout: setup-article
-weight: 12
----
-## DD-WRT OpenVPN Manual Setup Guide
-
-<div markdown="1" class="notice notice--warning">
-The DD-WRT UI is constantly evolving and there are multiple variations depending on the specific build and version of the firmware. You may not see the exact same options in the same order as below.
-</div>
-
-1.  Navigate to the home page of your router - By default `192.168.1.1`.
-
-2.  Click on the `Services` tab. You may be asked to enter your router username and password.
-
-3.  Click on the `VPN` tab and then click on the `Start OpenVPN Client` button.
-
-4.  Enter the following configuration (as also shown in the screen shot below):
-
-    <div markdown="1" class="notice notice--warning">
-    Where we do not specify a value leave the default value in place.
-    </div>
-
-    *   **Server IP/Name:** Enter a server name from the [server status](/status/) page e.g. **ch.gw.ivpn.net**
-    *   **Port:** 2049
-    *   **Tunnel Device:** TUN
-    *   **Tunnel Protocol:** UDP
-
-    <div markdown="1" class="notice notice--info">You can also use ports UDP: 53, 80, 443, 1194, 2050 & TCP: 80, 443, 1443</div>
-
-    *   **Encryption cipher:** AES-256 CBC
-    *   **Hash Algorithm:** SHA1
-    *   **User Pass Authentication:** Enable (If this option does not exist you will need to follow the steps in the appendix).  
-        Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' and any password.     
-        <div markdown="1" class="notice notice--info">
-        Only your account ID is used for authentication and is case-sensitive. The password field can be left empty or set to anything if your client software requires a non-blank password.
-        </div>
-
-    *   **Advanced options:** Enable
-    *   **TLS cipher:** None
-    *   **LZO Compression:** No
-    *   **NAT:** Enable
-    *   **Firewall Protection:** Enable
-    *   **Tls Auth Key:** Download and paste the contents of the [TLS-auth](/releases/config/ta.key) file.
-    *   **Additional Config:**  
-        ```
-        tls-client
-        tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA
-        key-direction 1
-        resolv-retry infinite
-        keepalive 10 60
-        nobind
-        persist-key
-        persist-tun
-        persist-remote-ip
-        verb 3
-        ```
-        
-    *   **CA Cert:** Download and paste the contents of the [CA cert](/releases/config/ca.crt) file.
-
-    ![](/images-static/uploads/install-dd-wrt-manual-010-579x1450.png)
-
-5.  Click the `Save` button, then click the `Apply Settings` button.
-
-### DNS
-
-1. Navigate to `Setup` > `Basic Setup`.
-
-2. Specify one of the following DNS servers in the `Static DNS 1` field:
-
-    * *10.0.254.1* = redular DNS with no blocking
-    * *10.0.254.2* = standard AntiTracker to block advertising and malware domains
-    * *10.0.254.3* = AntiTracker Hardcore Mode to also block Google and Facebook
-
-    ..and *198.245.51.147* in the `Static DNS 2` field.
-
-3. Click `Save` & `Apply Settings`.
-
-### Final steps
-
-1. Reboot your router and wait for a minute or two for everything to settle, then reboot your computer system and check the status of the OpenVPN client in the `Status` > `OpenVPN` area.
-
-2. Check the assigned public IP address on our website and run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) from one of the devices connected to your DD-WRT router.
-
-**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and replace the port number in *Step 4* with the chosen Exit-hop server Multi-hop port. 
-    
-### Appendix
-
-If you do not have the **User Pass Authentication** field in your DD-WRT version please follow the steps below:
-
-1.  Add the following line to your `Additional Config` field:
-
-    ```
-    auth-user-pass /tmp/auth.conf
-    ```
-
-2.  Save your configuration by clicking on the `save` button.
-
-3.  Click on the `Adminstration` tab and then the `Commands` tab. Enter the text shown in the box below **replacing the username and password in quotes with your account ID ('ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX') and any password**. Click on `Save startup` to continue.
-
-    ```
-    #!/bin/sh
-    touch /tmp/auth.conf
-    echo "username" > /tmp/auth.conf
-    echo "password" >> /tmp/auth.conf
-    ```
-
-4.  If the previous command worked correctly you should now see the contents above in a new section on the same page called `Startup`.
diff --git a/src/content/es/pages/setup/router/ddwrt-wireguard.md b/src/content/es/pages/setup/router/ddwrt-wireguard.md
deleted file mode 100644
index d516c139c..000000000
--- a/src/content/es/pages/setup/router/ddwrt-wireguard.md
+++ /dev/null
@@ -1,89 +0,0 @@
----
-title: WireGuard setup guide for DD-WRT routers
-listItem: DD-WRT WireGuard
-url: /setup/router/ddwrt-wireguard/
-section: Router Setup
-platform: router
-layout: setup-article
-weight: 13
----
-## DD-WRT WireGuard Setup Guide
-
-<div markdown="1" class="notice notice--warning">
-The DD-WRT UI is constantly evolving and there are multiple variations depending on the specific build and version of the firmware. You may not see the exact same options in the same order as below.<br><br>
-This guide was produced using DD-WRT v46772.
-</div>
-
-### Configuring the VPN tunnel
-
-1.  Navigate to the home page of your router - By default `192.168.1.1`.
-
-2.  Go to `Setup` > `Tunnels` > and click the `Add Tunnel` button. Choose **Enable** and select WireGuard from the dropdown menu.
-
-3.  Set the `MTU` value of the WireGuard tunnel to `1412`. 
-
-4.  Click the `Generate Key` button and go to the `Client Area` on the IVPN website to add the generated public key to the `Key Management` area. Make note of the **IPv4 address** we assign to your public key and add it to the IP address field followed by a `/32` subnet mask.
-
-    <div markdown="1" class="notice notice--info">
-    <strong>Hint:</strong> After clicking <code>Generate Key</code>, it may or may not be possible to copy the public key displayed on the <code>Tunnels</code> page. Click the <code>Save</code> and <code>Apply Settings</code> buttons, then go to <code>Administration</code>  > <code>Commands</code>  and enter wg in the <code>Commands</code>  box, then click <code>Run Commands</code> . This will display details of the WireGuard connection including the public key, which can be easily copied.<br><br>
-    <img src="/images-static/uploads/install-openvpn-ddwrt-wireguard-010.png">
-    </div>
-
-5.  Set `Kill Switch` to `Enable`. This will prevent out-bound traffic when the VPN client is disconnected from the server.
-
-6.  Click the `Add Peer` button and enter the following peer configuration (as also shown in the screen shot below):
-
-    *   **Peer Tunnel IP:** 0.0.0.0
-    *   **Peer Tunnel DNS:** Specify one of the following DNS servers:
-        * *172.16.0.1* = redular DNS with no blocking
-        * *10.0.254.2* = standard AntiTracker to block advertising and malware domains
-        * *10.0.254.3* = AntiTracker Hardcore Mode to also block Google and Facebook
-    *   **Endpoint:** Enable
-    *   **Endpoint Address:** Enter an IVPN WireGuard server hostname (available on the **[Server Status](/status/)** page) and choose a port:
-        ```
-        udp 53
-        udp 80
-        udp 443
-        udp 1194
-        udp 2049
-        udp 2050
-        udp 30587
-        udp 41893
-        udp 48574
-        udp 58237
-        ```
-    *   **Allowed IPs:** 0.0.0.0/0
-    *   **Route Allowed IP's via tunnel**: Enable
-    *   **Persistent Keepalive:** 25
-    *   **Peer Public Key:** Enter an IVPN WireGuard server public key (available on the **[Server Status](/status/)** page)
-    *   **Use Pre-shared Key:** Disable
-
-    ![](/images-static/uploads/install-openvpn-ddwrt-wireguard-020-2.png)
-
-    <div markdown="1" class="notice notice--info">
-    <strong>Note:</strong> You are welcome to use whichever server you prefer. The <strong>Endpoint Address</strong> and <strong>Peer Public Key</strong> in the example above are specific to our server in Sweden.
-    </div>
-
-7.  Click the `Save` button, then click the `Apply Settings` button.
-
-### DNS
-
-1. Navigate to `Setup` > `Basic Setup`.
-
-2. Specify one of the following DNS servers in the `Static DNS 1` field:
-
-    * *172.16.0.1* = redular DNS with no blocking
-    * *10.0.254.2* = standard AntiTracker to block advertising and malware domains
-    * *10.0.254.3* = AntiTracker Hardcore Mode to also block Google and Facebook
-
-    ..and *198.245.51.147* in the `Static DNS 2` field.
-
-3. Click `Save` & `Apply Settings`.
-
-### Final steps
-
-1. Reboot your router and wait for a minute or two for everything to settle, then reboot your computer system.
-
-2. Check the assigned public IP address on our website and run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) from one of the devices connected to your DD-WRT router.
-
-**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and make the required adjustments to the port in the `Endpoint Address` & public key in the `Peer Public Key` fields. 
diff --git a/src/content/es/pages/setup/router/ddwrt.md b/src/content/es/pages/setup/router/ddwrt.md
deleted file mode 100644
index 88b385a58..000000000
--- a/src/content/es/pages/setup/router/ddwrt.md
+++ /dev/null
@@ -1,25 +0,0 @@
----
-title: DD-WRT Router Setup Guide
-listItem: DD-WRT
-url: /setup/router/ddwrt/
-section: Router Setup
-platform: router
-layout: setup-article
-weight: 10
----
-## DD-WRT Router Setup Guide
-
-Our service is compatible with routers running DD-WRT. However please note:
-
-1. If you do not already have a compatible router or do not wish to risk bricking it, we recommend [FlashRouters](http://www.flashrouters.com/routers/vpn-types/ivpn/) who offer a variety of custom-built DD-WRT routers specially configured for IVPN. We receive no commission from sales but we highly recommend them as they have the expertise to support DD-WRT with its constantly evolving firmware and associated bugs.
-2. If you already have a router FlashRouters [offer support](https://www.flashrouters.com/services/support-plans) plans where they will remotely install the correct firmware on your router and configure it to connect to our VPN service.
-3. We do not provide support in getting DD-WRT or Tomato firmware installed on your router. You [install DD-WRT](http://www.dd-wrt.com/wiki/index.php/Installation) at your own risk. We take no responsibility if you brick/damage your router in the process.
-4. Please ensure that you are using the latest version of the DD-WRT firmware. There are multiple bugs relating to OpenVPN and DNS in older versions.
-5. Our DD-WRT OpenVPN scripts **will not work with MINI or MICRO versions of DD-WRT. You must install the BIG or MEGA versions of the DD-WRT firmware** (Some customers have reported STD versions working).
-
-### Setup guides
-
-* [DD-WRT OpenVPN Automated Setup Guide](/setup/router/ddwrt-auto/)  
-  (Only compatible with BIG or MEGA versions of DD-WRT)
-* [DD-WRT OpenVPN Manual Setup Guide](/setup/router/ddwrt-manual/)
-* [DD-WRT WireGuard Setup Guide](/setup/router/ddwrt-wireguard/)
diff --git a/src/content/es/pages/setup/router/openwrt-wireguard-legacy.md b/src/content/es/pages/setup/router/openwrt-wireguard-legacy.md
deleted file mode 100644
index e5b691afc..000000000
--- a/src/content/es/pages/setup/router/openwrt-wireguard-legacy.md
+++ /dev/null
@@ -1,129 +0,0 @@
----
-title: WireGuard Setup guide for OpenWrt (legacy)
-listItem: OpenWrt WireGuard (legacy)
-url: /setup/router/openwrt-wireguard-legacy/
-section: Router Setup
-platform: router
-layout: setup-article
-weight: 22
----
-## OpenWrt WireGuard Setup Guide
-
-<div markdown="1" class="notice notice--warning">
-This guide was produced using OpenWrt v.19.07.8 and v.21.02.0
-</div>
-
-### Install required packages
-
-1. In your router's webUI, navigate to `System` - `Software`, click `Update lists`
-
-2. In the **Filter** field, type **WireGuard**, locate and install the **wireguard**, **wireguard-tools**, **kmod-wireguard**, and **luci-app-wireguard** packages.  Note: The **wireguard** package is included in version 21.02.<br></br>
-![](/images-static/uploads/install-wireguard-openwrt-01.png)
-
-3. Restart your router
-
-### Generate WireGuard keypair
-
-1. SSH into your router as 'root' ([OpenWrt Wiki](https://openwrt.org/docs/guide-quick-start/sshadministration)):<br></br>
-    ># ssh root@192.168.1.1
-2. Generate WireGuard keys:<br></br>
-    ># wg genkey | tee privatekey | wg pubkey > publickey
-    ># chmod 600 privatekey
-3. Note your Private & Public keys, you will need them later:<br></br>
-    ># cat privatekey
-    ># cat publickey
-
-### Obtain WireGuard IP address
-
-1. Log into the [Client Area](/account/login/#id)
-2. Navigate to `WireGuard` tab and click the `Add a new key` button<br></br>
-![](/images-static/uploads/install-wireguard-openwrt-02.png)
-3. Copy and paste the **Public key** obtained previously, give it any name, then click the `Add key` button and note the assigned IP address<br></br>
-![](/images-static/uploads/install-wireguard-openwrt-03.png)
-
-### Create an Interface
-
-1. Navigate to `Network` - `Interface`, 
-2. Click the `Add new interface...` button and enter the following configuration:
-
-    * Name - give it any name, e.g. **ivpnAustria**
-    * Protocol - **WireGuard VPN**
-
-3. `Create interface`
-
-4. In the `General Settings` tab:
-
-    * Bring up on boot - **Checked**
-    * Private Key - copy and paste the generated previously **Private key**
-    * IP Address - enter the **WireGuard IP Address** obtained in the Client Area ending with **/32**, e.g. **172.27.123.169/32**<br></br>
-![](/images-static/uploads/install-wireguard-openwrt-04.png)
-
-5. In the `Advanced Settings` tab, set `MTU` to **1412**
-
-6. In the `Peers` tab:
-
-    * Description - give it any name, e.g. **Austria**
-    * Public Key - the **IVPN WireGuard server public key**, available on the [IVPN server status page](https://www.ivpn.net/status)
-    * Allowed IPs - **0.0.0.0/0**
-    * Route Allowed IPs - **Checked**
-    * Endpoint Host - an **IP address of IVPN WireGuard server**<br></br>
-    Hostnames are available on the [IVPN server status page](https://www.ivpn.net/status). To turn the hostname of the server into an IP address use, e.g. the `nslookup at1.wg.ivpn.net` command in your computer's terminal:
-	> $ nslookup at1.wg.ivpn.net  
-	> ...  
-	> Name:   at1.wg.ivpn.net  
-	> Address: 185.244.212.69 
-    * Endpoint Port - **53**, **80**, **443**, **1194**, **2049**, **2050**, **30587**, **41893**, **48574** or **58237**. All ports are equally secure
-    * Persistent Keep Alive - **25** seconds is reasonable<br></br>
-![](/images-static/uploads/install-wireguard-openwrt-05.png)
-
-7. Click `Save` & `Save & Apply`
-
-### Add a Firewall zone
-
-1. Navigate to `Network` - `Firewall`
-
-2. Click the `Add` button and enter the following configuration:
-
-    * Name - Give it any name, e.g. **ivpn_fw**
-    * Input - **Reject**
-    * Output - **Accept**
-    * Forward - **Reject**
-    * Masquerading - **Checked**
-    * MSS clamping - **Checked**
-    * Covered networks - select the previously created VPN tunnel interface, e.g. **ivpnAustria**
-    * Allow forward to destination zones - **Unspecified**
-    * Allow forward from source zones - **lan**<br></br>
-![](/images-static/uploads/install-wireguard-openwrt-06.png)<br></br>
-
-3. Click `Save` & `Save & Apply`
-
-### Configuring a Kill-switch (optional)
-
-To ensure the traffic on your LAN devices travels strictly via the VPN tunnel and to prevent any possible leaks if the router disconnects from the VPN server for any reason, edit your lan firewall zone and remove **WAN** from the `Allow forward to destination zones` field, then click `Save` & `Save & Apply` buttons.<br></br>
-![](/images-static/uploads/install-wireguard-openwrt-07.png)
-
-### DNS
-
-1. Navigate to `Network` - `Interfaces`
-
-2. Click on the `Edit` button next to the **WAN** interface
-
-3. In the `Advanced Settings` tab, uncheck the `Use DNS servers advertised by peer` and specify one of the following DNS servers in the `Use custom DNS servers` field:
-
-    - *172.16.0.1* = regular DNS with no blocking
-    - *10.0.254.2* = standard AntiTracker to block advertising and malware domains
-    - *10.0.254.3* = Hardcore Mode AntiTracker to also block Google and Facebook domains<br></br>
-![](/images-static/uploads/install-wireguard-openwrt-08.png)
-
-4. Click the `Save` button.
-
-5. For firmware version 21.02, repeat steps 2 to 4 for the **IVPN WireGuard** and **WAN6** interfaces.  For firmware version 19.07, repeat steps 2 to 4 for the **WAN6** interface.
-
-6. Click the `Save & Apply` button.
-
-### Final Steps
-
-1. A device reboot is not required, though it may be useful to confirm that everything behaves as expected.
-2. Run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) via one of the internal network clients attached to your OpenWRT router.
-
-**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and make the required changes to the `Endpoint Address` port and `Peer Public Key`.
\ No newline at end of file
diff --git a/src/content/es/pages/setup/router/openwrt-wireguard.md b/src/content/es/pages/setup/router/openwrt-wireguard.md
deleted file mode 100644
index 9db4389d3..000000000
--- a/src/content/es/pages/setup/router/openwrt-wireguard.md
+++ /dev/null
@@ -1,87 +0,0 @@
----
-title: WireGuard Setup guide for OpenWrt
-listItem: OpenWrt WireGuard
-url: /setup/router/openwrt-wireguard/
-section: Router Setup
-platform: router
-layout: setup-article
-weight: 21
----
-## OpenWrt WireGuard Setup Guide
-
-<div markdown="1" class="notice notice--warning">
-This guide was produced using OpenWrt v.23.05
-</div>
-
-### Installing required packages
-
-1. In your router's webUI, navigate to `System` - `Software`, click `Update lists`.
-
-2. In the **Filter** field, type **WireGuard**, locate and install the **wireguard-tools**, **kmod-wireguard**, and **luci-proto-wireguard** packages.<br></br>
-![](/images-static/uploads/openwrt-wireguard-0.png)
-
-3. Restart your router.
-
-### Creating an Interface
-
-1. [Generate](/account/wireguard-config) a WireGuard config file with the preferred server and parameters. Extract the archive, open the file with any text editors and copy its contents.
-
-    <div markdown="1" class="notice notice--info">
-    WireGuard config file generator is only available for accounts that were created after November 2020 (account ID format: i-XXXX-XXXX-XXXX). If you have an IVPN subscription created before this date (account ID format: ivpnXXXXXXXX) and wish to make use of the feature, contact our customer service to help you make the switch.
-    </div>
-
-2. In OpenWRT, navigate to `Network` - `Interfaces`, click on the `Add new interface`. Give it any name, e.g. **ivpnAustria**, set `Protocol` to `WireGuard VPN`, then click on the `Create interface` button.
-
-3. In the `General Settings` tab, click on the `Load configuration...` button, paste the contents of the WireGuard config file from step 1 and click on the `Import settings` button.<br></br>
-![](/images-static/uploads/openwrt-wireguard-1.png)
-
-4. In the `Advanced Settings` tab, set `MTU` to `1412`.
-
-5. In the `Peers` tab, click `Edit` next to the imported peer configuration, check the `Route Allowed IPs` option, set `Persistent Keep Alive` to `25` and click `Save`.<br></br>
-![](/images-static/uploads/openwrt-wireguard-2.png)
-
-6. Click `Save & Apply`.
-
-### Adding a Firewall zone
-
-1. Navigate to `Network` - `Firewall`
-
-2. Click the `Add` button and enter the following configuration:
-
-    * Name - Give it any name, e.g. **ivpn_fw**
-    * Input - **Reject**
-    * Output - **Accept**
-    * Forward - **Reject**
-    * Masquerading - **Checked**
-    * MSS clamping - **Checked**
-    * Covered networks - select the previously created VPN tunnel interface, e.g. **ivpnAustria**
-    * Allow forward to destination zones - **Unspecified**
-    * Allow forward from source zones - **lan**<br></br>
-![](/images-static/uploads/install-wireguard-openwrt-06.png)<br></br>
-
-3. Click `Save` & `Save & Apply`
-
-### Configuring a Kill-switch (optional)
-
-To ensure the traffic on your LAN devices travels strictly via the VPN tunnel and to prevent any possible leaks if the router disconnects from the VPN server for any reason, edit your lan firewall zone and remove **WAN** from the `Allow forward to destination zones` field, then click `Save` & `Save & Apply` buttons.<br></br>
-![](/images-static/uploads/install-wireguard-openwrt-07.png)
-
-### DNS
-
-1. Navigate to `Network` - `Interfaces`
-
-2. Click on the `Edit` button next to the **WAN** interface
-
-3. In the `Advanced Settings` tab, uncheck the `Use DNS servers advertised by peer` and enter the WireGuard regular DNS server IP address (172.16.0.1) or the one associated with the preferred [AntiTracker](/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers/) list.<br></br>
-![](/images-static/uploads/install-wireguard-openwrt-08.png)
-
-4. Click `Save`.
-
-5. If your ISP additionally provides you with an IPv6 IP address, repeat steps 2 to 4 for the **WAN6** interface.
-
-6. Click `Save & Apply`.
-
-### Final Steps
-
-1. A device reboot is not required, though it may be useful to confirm that everything behaves as expected.
-2. Run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) via one of the internal network clients attached to your OpenWRT router.
\ No newline at end of file
diff --git a/src/content/es/pages/setup/router/openwrt.md b/src/content/es/pages/setup/router/openwrt.md
deleted file mode 100644
index 3aa465817..000000000
--- a/src/content/es/pages/setup/router/openwrt.md
+++ /dev/null
@@ -1,108 +0,0 @@
----
-title: OpenVPN Setup guide for OpenWrt
-listItem: OpenWrt OpenVPN
-url: /setup/router/openwrt-openvpn/
-section: Router Setup
-platform: router
-layout: setup-article
-weight: 20
----
-## OpenWrt OpenVPN Setup Guide
-
-<div markdown="1" class="notice notice--warning">
-This guide was produced using OpenWrt v.19.07.2
-</div>
-
-### Install required packages
-
-1. In your router's webUI, navigate to `System` - `Software`, click `Update lists`
-
-2. In the **Filter** field, type **OpenVPN**, locate and install **openvpn-openssl** & **luci-app-openvpn** packages<br></br>
-![](/images-static/uploads/install-openvpn-openwrt-01.png)
-    
-3. Restart your router
-    <div markdown="1" class="notice notice--info">
-    If you receive an error while attempting to install the 'luci-app-openvpn' package, check the 'Overwrite files from other package(s)' checkbox
-    </div>
-
-### Create a VPN profile
-
-1. Download and extract our [config files](/openvpn-config) to your computer
-
-2. In your router, navigate to `VPN` - `OpenVPN`
-
-3. Under the **OVPN configuration file upload** section, `Browse` for the .ovpn config file with the VPN server you would like to connect to, give it any name, then click `Upload`
-
-4. Click the `Edit` button next to the created OpenVPN instance and enter your IVPN account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' (case-sensitive) and any password (e.g. ivpn) in 2 separate lines in the text box at the bottom
-
-5. Append the credentials file path to the **auth-user-pass** line in the first text box. The full path is visible just above the second text box, e.g. - `auth-user-pass /etc/openvpn/Austria.auth`. Click `Save`<br></br>
-![](/images-static/uploads/install-openvpn-openwrt-02.png)
-
-6. Replace the hostname of the VPN server in line 4 with its IP address - `remote 185.244.212.66 2049`.<br></br>
-To turn the hostname of the server into an IP address use, e.g. the `nslookup at.gw.ivpn.net` command in your computer's terminal:
-	> $ nslookup at.gw.ivpn.net  
-	> ...  
-	> Name:   at.gw.ivpn.net  
-	> Address: 185.244.212.66
-
-7. Click `Save`. Return to main `OpenVPN` section, check the `Enabled` checkbox and click on the `Save & Apply` button. 
-
-### Create an Interface
-
-1. Navigate to `Network` - `Interfaces`
-
-2. Click on the `Add new interface` button and enter the following configuration:
-
-    * Name - Give it any name, e.g. **ivpnAustria**
-    * Protocol - **Unmanaged**
-    * Interface - **tun0**<br></br>
-![](/images-static/uploads/install-openvpn-openwrt-03.png)
-
-3. `Create interface`
-
-4. In the interface properties window, ensure that **Bring up on boot** is checked, then click `Save` & `Save & Apply` buttons.
-
-### Add a Firewall zone
-
-1. Navigate to `Network` - `Firewall`
-
-2. Click the `Add` button and enter the following configuration:
-
-    * Name - Give it any name, e.g. **ivpn_fw**
-    * Input - **Reject**
-    * Output - **Accept**
-    * Forward - **Reject**
-    * Masquerading - **Checked**
-    * MSS clamping - **Checked**
-    * Covered networks - select the previously created VPN tunnel interface, e.g. **ivpnAustria**
-    * Allow forward to destination zones - **Unspecified**
-    * Allow forward from source zones - **lan**<br></br>
-![](/images-static/uploads/install-openvpn-openwrt-04.png)<br></br>
-3. Click `Save` & `Save & Apply` buttons.
-
-### Configure a Kill-switch (optional)
-
-To ensure the traffic on your LAN devices travels strictly via the VPN tunnel and to prevent any possible leaks if the router disconnects from the VPN server for any reason, edit your lan firewall zone and remove **WAN** from the `Allow forward to destination zones` field, then click `Save` & `Save & Apply` buttons.<br></br>
-![](/images-static/uploads/install-openvpn-openwrt-05.png)
-
-### DNS
-
-1. Navigate to `Network` - `Interfaces`
-
-2. Click on the `Edit` button next to the **WAN** interface
-
-3. In the `Advanced Settings` tab, uncheck the `User DNS servers advertised by peer` and specify one of the following DNS servers in the `Use custom DNS servers` field:
-
-    - *10.0.254.1* = regular DNS with no blocking
-    - *10.0.254.2* = standard AntiTracker to block advertising and malware domains
-    - *10.0.254.3* = Hardcore Mode AntiTracker to also block Google and Facebook domains<br></br>
-![](/images-static/uploads/install-openvpn-openwrt-06.png)
-
-3. Click `Save` & `Save & Apply` buttons.
-
-### Final Steps
-
-1. A device reboot is not required, though it may be useful to confirm that everything behaves as expected.
-2. Run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) via one of the internal network clients attached to your OpenWRT router.
-
-**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and make the required changes in the .ovpn config file. 
\ No newline at end of file
diff --git a/src/content/es/pages/setup/router/opnsense-openvpn-instances.md b/src/content/es/pages/setup/router/opnsense-openvpn-instances.md
deleted file mode 100644
index 6e02263ea..000000000
--- a/src/content/es/pages/setup/router/opnsense-openvpn-instances.md
+++ /dev/null
@@ -1,93 +0,0 @@
----
-title: OPNsense OpenVPN Setup Guide
-listItem: OPNsense OpenVPN
-url: /setup/router/opnsense-openvpn/
-section: Router Setup
-platform: router
-layout: setup-article
-weight: 60
----
-## OPNsense OpenVPN Setup Guide
-
-<div markdown="1" class="notice notice--warning">
-This guide was produced using OPNsense 24.1.6
-</div>
-
-### Adding a CA certificate
-
-1. In your router's webUI, navigate to `System` > `Trust` > `Authorities` and click on the `+` button.
-
-2. Give it any name, i.e. "IVPN CA", select `Import an existing Certificate Authority`, then copy and paste the contents of our [ca.crt](/releases/config/ca.crt) file into the `Certificate Data` field.
-
-3. Click `Save`.
-
-    ![](/images-static/uploads/install-openvpn-opnsense-01.png)
-
-### Adding a Static key
-
-1. Navigate to `VPN` > `OpenVPN` > `Instances` > `Static Keys` tab and click on the `+` button.
-
-2. Give it any name, i.e. "IVPN TLS Key", set `Mode` to `auth (Authenticate control channel packets)`, then copy and paste the contents of our [ta.key](/releases/config/ta.key) file into the `Static Key` field.
-
-3. Click `Save`.
-
-    ![](/images-static/uploads/install-openvpn-opnsense-instance-02.png)
-
-### Creating an OpenVPN Client Instance
-
-1. Navigate to the `Instances` tab, click on the `+` button, toggle the `Advanced mode` switch on and enter the following configuration:
-
-    *   Role - **Client**
-    *   Description - give it any name, i.e. **IVPN Ukraine**
-    *   Enabled - **Toggled on**
-    *   Protocol - **UDP** or **TCP**
-    *   Type - **tun**
-    *   Keep alive interval - **10**
-    *   Keep alive timeout - **60**
-    *   Remote - [choose](/status/) the server and enter its hostname with the port number separated with a colon, e.g. `ua2.gw.ivpn.net:2049` (available ports can be found [here](/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect/))
-    *   Certificate Authority - **IVPN CA**
-    *   TLS static key - **[auth] IVPN TLS Key**
-    *   Auth - **SHA1 (160-bit)**
-    *   Username - your IVPN account ID (**i-XXXX-XXXX-XXXX** or **ivpnXXXXXXXX**. Note, the ID is case-sensitive)
-    *   Password - any string, i.e. **ivpn** <br></br>![](/images-static/uploads/install-openvpn-opnsense-instance-03.png)<br></br>
-
-2. Click `Save`.
-
-### Creating an Interface
-
-1. Navigate to `Interfaces` > `Assignments`
-
-2. Look for the interface with `ovpnc1` name, give it any description, i.e. "IVPNUkraine", then click on the `+` button and `Save`<br></br>![](/images-static/uploads/install-openvpn-opnsense-04.png)
-
-3. Click on the newly added interface name, have the `Enable Interface` option checked and `Save` the changes.
-
-### Configuring a Firewall
-
-1. Navigate to `Firewall` > `NAT` > `Outbound`, select `Manual outbound NAT rule generation` and click `Save`
-
-2. Click on the `+` button to add a new rule and fill in the following configuration:
-
-    *   Disabled - **Unchecked**
-    *   Interface - select the created earlier interface, i.e. **IVPNUkraine**
-    *   Source Address - **LAN net**
-    *   Translation / target - **Interface address**
-
-3. Delete the other rule(s) containing your local network subnet that exist via WAN. This will ensure that traffic does not leak if the VPN tunnel accidentally goes down.
-
-4. Click `Save` and `Apply Changes`.<br></br>![](/images-static/uploads/install-openvpn-opnsense-06.png)
-
-### DNS
-
-1. Navigate to `Services` > `ISC DHCPv4` > `[LAN]`
-
-2. In the `DNS servers` field, enter the OpenVPN regular DNS server IP address (10.0.254.1) or the one associated with the preferred [AntiTracker](/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers/) list.
-
-3. Click `Save`.<br></br>![](/images-static/uploads/install-openvpn-opnsense-instance-06.png)
-
-### Final Steps
-
-1. Restart your router and check the status of the OpenVPN client in the `VPN` - `OpenVPN` - `Connection Status` area.<br></br>![](/images-static/uploads/install-openvpn-opnsense-instance-04.png)
-
-2. Check the conenction status and the assigned public IP address on our website and run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) from one of the devices connected to your OPNsense router.<br></br>![](/images-static/uploads/install-openvpn-opnsense-instance-05.png)
-
-**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and replace the port number in **Configuring an OpenVPN Client** section, `Remote` field with the chosen Exit-hop server Multi-hop port. 
diff --git a/src/content/es/pages/setup/router/opnsense-openvpn.md b/src/content/es/pages/setup/router/opnsense-openvpn.md
deleted file mode 100644
index 6e02263ea..000000000
--- a/src/content/es/pages/setup/router/opnsense-openvpn.md
+++ /dev/null
@@ -1,93 +0,0 @@
----
-title: OPNsense OpenVPN Setup Guide
-listItem: OPNsense OpenVPN
-url: /setup/router/opnsense-openvpn/
-section: Router Setup
-platform: router
-layout: setup-article
-weight: 60
----
-## OPNsense OpenVPN Setup Guide
-
-<div markdown="1" class="notice notice--warning">
-This guide was produced using OPNsense 24.1.6
-</div>
-
-### Adding a CA certificate
-
-1. In your router's webUI, navigate to `System` > `Trust` > `Authorities` and click on the `+` button.
-
-2. Give it any name, i.e. "IVPN CA", select `Import an existing Certificate Authority`, then copy and paste the contents of our [ca.crt](/releases/config/ca.crt) file into the `Certificate Data` field.
-
-3. Click `Save`.
-
-    ![](/images-static/uploads/install-openvpn-opnsense-01.png)
-
-### Adding a Static key
-
-1. Navigate to `VPN` > `OpenVPN` > `Instances` > `Static Keys` tab and click on the `+` button.
-
-2. Give it any name, i.e. "IVPN TLS Key", set `Mode` to `auth (Authenticate control channel packets)`, then copy and paste the contents of our [ta.key](/releases/config/ta.key) file into the `Static Key` field.
-
-3. Click `Save`.
-
-    ![](/images-static/uploads/install-openvpn-opnsense-instance-02.png)
-
-### Creating an OpenVPN Client Instance
-
-1. Navigate to the `Instances` tab, click on the `+` button, toggle the `Advanced mode` switch on and enter the following configuration:
-
-    *   Role - **Client**
-    *   Description - give it any name, i.e. **IVPN Ukraine**
-    *   Enabled - **Toggled on**
-    *   Protocol - **UDP** or **TCP**
-    *   Type - **tun**
-    *   Keep alive interval - **10**
-    *   Keep alive timeout - **60**
-    *   Remote - [choose](/status/) the server and enter its hostname with the port number separated with a colon, e.g. `ua2.gw.ivpn.net:2049` (available ports can be found [here](/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect/))
-    *   Certificate Authority - **IVPN CA**
-    *   TLS static key - **[auth] IVPN TLS Key**
-    *   Auth - **SHA1 (160-bit)**
-    *   Username - your IVPN account ID (**i-XXXX-XXXX-XXXX** or **ivpnXXXXXXXX**. Note, the ID is case-sensitive)
-    *   Password - any string, i.e. **ivpn** <br></br>![](/images-static/uploads/install-openvpn-opnsense-instance-03.png)<br></br>
-
-2. Click `Save`.
-
-### Creating an Interface
-
-1. Navigate to `Interfaces` > `Assignments`
-
-2. Look for the interface with `ovpnc1` name, give it any description, i.e. "IVPNUkraine", then click on the `+` button and `Save`<br></br>![](/images-static/uploads/install-openvpn-opnsense-04.png)
-
-3. Click on the newly added interface name, have the `Enable Interface` option checked and `Save` the changes.
-
-### Configuring a Firewall
-
-1. Navigate to `Firewall` > `NAT` > `Outbound`, select `Manual outbound NAT rule generation` and click `Save`
-
-2. Click on the `+` button to add a new rule and fill in the following configuration:
-
-    *   Disabled - **Unchecked**
-    *   Interface - select the created earlier interface, i.e. **IVPNUkraine**
-    *   Source Address - **LAN net**
-    *   Translation / target - **Interface address**
-
-3. Delete the other rule(s) containing your local network subnet that exist via WAN. This will ensure that traffic does not leak if the VPN tunnel accidentally goes down.
-
-4. Click `Save` and `Apply Changes`.<br></br>![](/images-static/uploads/install-openvpn-opnsense-06.png)
-
-### DNS
-
-1. Navigate to `Services` > `ISC DHCPv4` > `[LAN]`
-
-2. In the `DNS servers` field, enter the OpenVPN regular DNS server IP address (10.0.254.1) or the one associated with the preferred [AntiTracker](/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers/) list.
-
-3. Click `Save`.<br></br>![](/images-static/uploads/install-openvpn-opnsense-instance-06.png)
-
-### Final Steps
-
-1. Restart your router and check the status of the OpenVPN client in the `VPN` - `OpenVPN` - `Connection Status` area.<br></br>![](/images-static/uploads/install-openvpn-opnsense-instance-04.png)
-
-2. Check the conenction status and the assigned public IP address on our website and run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) from one of the devices connected to your OPNsense router.<br></br>![](/images-static/uploads/install-openvpn-opnsense-instance-05.png)
-
-**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and replace the port number in **Configuring an OpenVPN Client** section, `Remote` field with the chosen Exit-hop server Multi-hop port. 
diff --git a/src/content/es/pages/setup/router/opnsense-wireguard.md b/src/content/es/pages/setup/router/opnsense-wireguard.md
deleted file mode 100644
index 1d9aa11ba..000000000
--- a/src/content/es/pages/setup/router/opnsense-wireguard.md
+++ /dev/null
@@ -1,92 +0,0 @@
----
-title: OPNSense WireGuard Setup Guide
-listItem: OPNsense WireGuard
-url: /setup/router/opnsense-wireguard/
-section: Router Setup
-platform: router
-layout: setup-article
-weight: 61
----
-## OPNSense WireGuard Setup Guide
-
-<div markdown="1" class="notice notice--warning">
-This guide was produced using OPNSense 24.1.6
-</div>
-
-### Adding a WireGuard Peer
-
-1. Navigate to the [Server Status](/status) page, select the WireGuard server you want to connect to and note its **Hostname** (xx.wg.ivpn.net) with the **WireGuard Public Key**.
-
-2. In your router's webUI, navigate to `VPN` - `WireGuard` - `Instances` - `Peers` tab, click on the `+` button and fill in the following configuration:
-
-    * Enabled - **Checked**
-    * Name - give it any name, e.g. **WG_Austria**
-    * Public key - the public key of the selected WireGuard server
-    * Allowed IPs - **0.0.0.0/0**, **::/0**
-    * Endpoint address - the hostname of the selected WireGuard server
-    * Endpoint port - **2049** (available ports can be viewed [here](/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect/))
-    * Keepalive interval - **25**
-
-3. Click `Save`.<br></br>![](/images-static/uploads/install-wireguard-opnsense-01.png)
-
-### Creating a WireGuard Instance
-
-1. In the `Instances` tab, click on the `+` button.
-
-2. Toggle the `Advanced mode` switch on and hit the `Gear` icon next to the `Public key` to generate a new WireGuard keypair. Copy the **Public key**.
-
-3. Log in to your [Account area](/account/login/), navigate to the `WireGuard` tab, click on the `Add new public key` button, paste the copied previously key into the `Public key` field, add any comment and click `Add`.
-
-4. Enter the assigned IPv4 and IPv6 IP addresses into your router's WireGuard instance `Tunnel address` field and fill in the following fields:
-
-    * Enabled - **Checked**
-    * Name - give it any name, e.g. **WG_Interface**
-    * Listen port - **51820**
-    * MTU - **1412**
-    * DNS servers - enter the WireGuard regular DNS server IP address (172.16.0.1) or the one associated with the preferred [AntiTracker](/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers/) list
-    * Peers - select created previously WireGuard Peer
-
-5. Click `Save`.
-
-6. Have the `Enable WireGuard` checked and click `Apply`.<br></br>![](/images-static/uploads/install-wireguard-opnsense-02.png)
-
-### Configuring Interfaces
-
-1. Navigate to `Interfaces` - `Assignments`.
-
-2. Add any description to the WireGuard interface, e.g. **WG** and click `Add`<br></br>![](/images-static/uploads/install-wireguard-opnsense-03.png)
-
-3. Click on the newly added WireGuard interface, check the `Enable Interface` checkbox and click `Save`.
-
-4. Click on the `LAN` interface, set `MSS` to `1412` and click `Save`.
-
-### Configuring a Firewall
-
-1. Navigate to `Firewall` > `NAT` > `Outbound`, select `Manual outbound NAT rule generation` and click `Save`
-
-2. Click on the `+` button to add a new rule and fill in the following configuration:
-
-    *   Disabled - **Unchecked**
-    *   Interface - select the created earlier interface, i.e. **WG**
-    *   Source Address - **LAN net**
-    *   Translation / target - **Interface address**
-
-3. Delete the other rule(s) containing your local network subnet that exist via WAN. This will ensure that traffic does not leak if the VPN tunnel accidentally goes down.
-
-4. Click `Save` and `Apply Changes`.<br></br>![](/images-static/uploads/install-wireguard-opnsense-04.png)
-
-### DNS
-
-1. Navigate to `Services` > `ISC DHCPv4` > `[LAN]`
-
-2. In the `DNS servers` field, enter the DNS server IP address specified in the created previously WireGuard Instance.
-
-3. Click `Save`.<br></br>![](/images-static/uploads/install-openvpn-opnsense-instance-06.png)
-
-### Final Steps
-
-1. Restart your router and check the connection status of the WireGuard client in the `VPN` - `WireGuard` - `Status` area.<br></br>![](/images-static/uploads/install-wireguard-opnsense-05.png)
-
-2. Check the conenction status and the assigned public IP address on our website and run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) from one of the devices connected to your OPNsense router.<br></br>![](/images-static/uploads/install-wireguard-opnsense-06.png)
-
-**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and replace the port number in **Adding a WireGuard Peer** section, `Endpoint port` field with the chosen Exit-hop server Multi-hop port.
\ No newline at end of file
diff --git a/src/content/es/pages/setup/router/opnsense.md b/src/content/es/pages/setup/router/opnsense.md
deleted file mode 100644
index b2e53eaf9..000000000
--- a/src/content/es/pages/setup/router/opnsense.md
+++ /dev/null
@@ -1,90 +0,0 @@
----
-title: OPNsense OpenVPN Setup Guide (legacy)
-listItem: OPNsense OpenVPN (legacy)
-url: /setup/router/opnsense-openvpn-legacy/
-section: Router Setup
-platform: router
-layout: setup-article
-weight: 62
----
-## OPNsense OpenVPN Setup Guide
-
-<div markdown="1" class="notice notice--warning">
-This guide was produced using OPNsense 21.7.1
-</div>
-
-### Add a Certificate
-
-1. In your router's webUI, navigate to `System` > `Trust` > `Authorities` and click on the `+` button
-
-2. Give it any name, i.e. "IVPN CA", select `Import an existing Certificate Authority`, then copy and paste the contents of our [ca.crt](/releases/config/ca.crt) file into the `Certificate Data` field
-
-3. Click `Save`.
-
-    ![](/images-static/uploads/install-openvpn-opnsense-01.png)
-
-### Configure an OpenVPN Client
-
-1. Choose an OpenVPN server from our [Server Status](/status/) page and make note of its hostname (this guide uses Ukranian server as an example - ua1.gw.ivpn.net)
-
-2. Navigate to `VPN` > `OpenVPN` > `Clients`, click on the `+` button and enter the following configuration:
-
-    *   Disabled - **Unchecked**
-    *   Description - Give it any name, i.e. **IVPN Ukraine**
-    *   Server Mode - **Peer to Peer (SSL/TLS)**
-    *   Protocol - **UDP** or **TCP**
-    *   Device mode - **tun**
-    *   Interface - **WAN**
-    *   Remote server - IVPN's server hostname, i.e. **ua1.gw.ivpn.net**
-    *   Port - **2049** (or 53, 80, 443, 1194, 2050 for UDP and 80, 443, 1443 for TCP. All ports are equally secure)
-    *   Username - Your IVPN account ID (**i-XXXX-XXXX-XXXX** or **ivpnXXXXXXXX** case-sensitive)
-    *   Password - any string, i.e. **ivpn** <br></br>![](/images-static/uploads/install-openvpn-opnsense-02.png)<br></br>
-    *   TLS Authentication - check the `Enable authentication of TLS packets` option then copy and paste the contents of our [ta.key](/releases/config/ta.key) file
-    *   Peer Certificate Authority - **IVPN CA**
-    *   Client Certificate - **None (Username and Password required)**
-    *   Encryption algorithm - **CHACHA20-POLY1305 (256 bit key)** (AES-256-GCM & AES-256-CBC are also supported)
-    *   Auth Digest Algorithm - **SHA1 (160bit)**
-    *   Compression - **Legacy - Disabled LZO algorithm (--comp-lzo no)**<br></br>![](/images-static/uploads/install-openvpn-opnsense-03.png)<br></br>
-
-3. Click `Save`.
-
-### Create an Interface
-
-1. Navigate to `Interfaces` > `Assignments`
-
-2. Look for the interface with `ovpnc1` name, give it any description, i.e. "IVPNUkraine", then click on the `+` button and `Save`<br></br>![](/images-static/uploads/install-openvpn-opnsense-04.png)
-
-3. Click on the newly added interface name, have the `Enable Interface` option checked and `Save` the changes.
-
-### Configure Firewall
-
-1. Navigate to `Firewall` > `NAT` > `Outbound`, select `Manual outbound NAT rule generation` and click `Save`
-
-2. Click on the `+` button to add a new rule and fill in the following configuration:
-
-    *   Disabled - **Unchecked**
-    *   Interface - select the created earlier interface, i.e. **IVPNUkraine**
-    *   Source Address - **LAN net**
-    *   Translation / target - **Interface address**
-
-3. Click `Save` and `Apply Changes`.<br></br>![](/images-static/uploads/install-openvpn-opnsense-06.png)
-
-### DNS
-
-1. Navigate to `Services` > `DHCPv4` > `[LAN]`
-
-2. In the `DNS servers` field, specify one of the following DNS servers:
-
-    * *10.0.254.1* = regular DNS with no blocking
-    * *10.0.254.2* = standard AntiTracker to block advertising and malware domains
-    * *10.0.254.3* = AntiTracker Hardcore Mode to also block Google and Facebook domains
-
-3. Click `Save`.<br></br>![](/images-static/uploads/install-openvpn-opnsense-08.png)
-
-### Final Steps
-
-1. Restart your router device and check the status of the OpenVPN client in the `VPN` - `OpenVPN` - `Connection Status` area.<br></br>![](/images-static/uploads/install-openvpn-opnsense-10.png)
-
-2. Check the conenction status and the assigned public IP address on our website and run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) from one of the devices connected to your OPNsense router.<br></br>![](/images-static/uploads/install-openvpn-opnsense-11.png)
-
-**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and replace the port number in *Step 2* of *Configure an OpenVPN Client* section with the chosen Exit-hop server Multi-hop port. 
diff --git a/src/content/es/pages/setup/router/pfsense-wireguard.md b/src/content/es/pages/setup/router/pfsense-wireguard.md
deleted file mode 100644
index 7190b0a22..000000000
--- a/src/content/es/pages/setup/router/pfsense-wireguard.md
+++ /dev/null
@@ -1,206 +0,0 @@
----
-title: WireGuard Setup guide for pfsense
-h2: pfSense® WireGuard® Setup Guide
-listItem: pfSense WireGuard
-url: /setup/router/pfsense-wireguard/
-section: Router Setup
-platform: router
-layout: setup-article
-weight: 31
-contents:
-- item:
-    title: WireGuard Configuration
-    anchor: config
-- item:
-    title: Interfaces
-    anchor: interfaces
-- item:
-    title: Firewall
-    anchor: firewall
-- item:
-    title: Static Routing
-    anchor: routing
-- item:
-    title: DNS
-    anchor: dns
-- item:
-    title: DNS Resolver
-    anchor: resolver
-- item:
-    title: Final Steps
-    anchor: final
----
-<div markdown="1" class="notice notice--warning">
-This guide was produced using pfSense v2.5.2.
-</div>
-
-### Set WireGuard Configuration {#config}
-
-#### Install the Package
-
-1. Click `System` > `Package Manager` and go to `Available Packages`.
-2. Search for "wire" and install the **WireGuard** package.
-
-#### Add a Tunnel
-
-1. In your pfSense device, navigate  to `VPN` > `WireGuard` and click `+ Add Tunnel`.
-2. Check `Enabled`.
-3. Enter a `Description`, like **IVPN WG**.
-4. Upload the **Public key** and obtain a client IP address:
-    - In the `Tunnel Configuration` > `Interface Keys` section, click the `Generate` key button, copy the **Public key**, then go to the **IVPN Account Area** by logging in to the [ivpn.net website](https://www.ivpn.net/account/login/).
-    - Click the `WireGuard` tab in the **IVPN Account Area** and click `Add a new key`.
-    - Paste the **Public key** and click the `Add` button to obtain a **172.x.y.z** client IPv4 address and a **fd00:4956:504e:ffff::wxyz:wxyz** client IPv6 address.
-5. Enter the client IP address into `Address` field.  For IPv4 addresses, like **172.x.y.z**, choose `32` from the subnet mask dropdown.  For IPv6 addresses, like **fd00:4956:504e:ffff::wxyz:wxyz**, choose `128` from the subnet mask dropdown.
-    <div markdown="1" class="notice notice--info">
-    <strong>Note:</strong> It is possible to use a "simplified" IPv6 address.  Use the IPv6 prefix and add the IPv4 address: <strong>fd00:4956:504e:ffff::172.x.y.z</strong>.  pfSense and other WireGuard clients accept both forms.
-    </div>
-6. Click the `Save Tunnel` button and click the `Apply Changes` button.
-<div markdown="1" class="notice notice--warning">
-Be sure to copy the <strong>Public Key</strong> and not the <strong>Private Key</strong>. The <strong>Private Key</strong> must always be kept a carefully guarded secret.
-</div>
-
-#### Add a Peer
-
-1. On the new tunnel line (**tun_wg0**), click the `Add Peer` icon (head and shoulders with a + sign) under the **Actions** column and enter the following:
-    * `Description`: Describe the VPN server, like **IVPN Ukraine**
-    * `Dynamic Endpoint`: Unchecked.  
-    * `Endpoint`: IP address or hostname of IVPN's WireGuard server, hostnames are available on the [IVPN server status page](https://www.ivpn.net/status)
-	- To turn the hostname for the Ukraine server (ua.wg.ivpn.net) into an IP address (176.103.57.129), for example, run `nslookup ua.wg.ivpn.net` in a **Command Prompt** on Windows or **Terminal** on macOS or Linux or via `Diagnostics` > `Command Prompt` > `Execute Shell Command` in the pfSense web interface:  
-	> $ nslookup ua.wg.ivpn.net  
-	> ...  
-	> Name:   ua.wg.ivpn.net  
-	> Address: 176.103.57.129  
-    * `Endpoint Port`: Choose one of 53, 2049, 2050, 30587, 41893, 48574, or 58237, all are equally secure
-    * `Keep Alive`: 25 seconds is reasonable
-    * `Public key`: IVPN WireGuard server's key, available on the [IVPN server status page](https://www.ivpn.net/status)
-    * `Allowed IPs`: For IPv4 addresses, enter **0.0.0.0/0**.  For IPv6 addresses, enter **::/0**
-2. Click the `Save Peer` button and click the `Apply Changes` button.
-
-![](/images-static/uploads/pf-wg-10-peer.png)
-
-### Interfaces {#interfaces}
-
-1. Navigate to `Interfaces` > `Assignments` and click the `+ Add` button beside `Available networks ports: tun_wg0`.  The interface becomes **OPT1** (or another OPT*).
-2. Click the `Save` button.
-3. Click the `OPT1` interface name link and put a check mark beside `Enable`.
-4. Change the `Description` from **OPT1** to **WG_IVPN**
-5. IPv4:
-    * Set `IPv4 Configuration Type` to **Static IPv4**
-    * In the `Set IPv4 Configuration` section, set the `IPv4 Address` to the same **172.x.y.z** IP address that was assigned in the Account Area.  The subnet mask is **/32**
-    * Beside `IPv4 Upstream Gateway`, click the `+ Add a new gateway` button
-    * Change the `Gateway name` to **WG_IVPN_GWV4**
-    * Set `Gateway IPv4` to same **172.x.y.z** IP address that was assigned in the IVPN website **Account Area**
-    * Click the `+ Add` button on the **New Gateway** popup
-6. IPv6:
-    * Set `IPv6 Configuration Type` to **Static IPv6**
-    * In the `Set IPv6 Configuration` section, set the `IPv6 Address` to the same **fd00:4956:504e:ffff::wxyz:wxyz** IP address that was assigned in the Account Area (or use the "simplified" IPv6 address).  The subnet mask is **/128**
-    * Beside `IPv6 Upstream Gateway`, click the `+ Add a new gateway` button
-    * Change the `Gateway name` to **WG_IVPN_GWV6**
-    * Set `Gateway IPv6` to same **fd00:4956:504e:ffff::wxyz:wxyz** IP address that was assigned in the Account Area (or use the "simplified" IPv6 address)
-    * Click the `+ Add` button on the **New Gateway** popup
-7. Click the `Save` button and click the `Apply Changes` button.
-8. Navigate to `Interfaces` > `LAN` and set `MSS` to **1412**
-9. Click the `Save` button and click the `Apply Changes` button.
-
-![](/images-static/uploads/pf-wg-15-interface.png)
-
-### Firewall {#firewall}
-
-#### NAT
-
-1. Navigate to `Firewall` > `NAT` > `Outbound` and change the mode to **Manual**.
-2. Click the `Save` button and click the `Apply Changes` button.
-3. Look for the entry that contains your local network subnet (the one that does not contain port "500" or IP address "127.0.0.0" entries, this might be 192.168.1.0/24) and click on the `Pen icon (Edit mapping)`.
-4. Change `Interface` to **WG_IVPN** and change `Description` to mention the VPN, like **LAN to IVPN**.
-5. Click the `Save` button and click the `Apply Changes` button.
-6. Delete the other rule(s) containing your local network subnet that exist via WAN, (keep the 127.0.0.0). This will ensure that traffic does not leak if the VPN tunnel accidentally goes down.
-7. Click the `Apply Changes` button.
-
-![](/images-static/uploads/pf-wg-20-fw-nat-outbound.png)
-
-#### Rules
-
-1. Navigate to `Firewall` > `Rules` > `LAN`, click the `Add (top)` button and set the following:
-    - `Action`: **Pass**
-    - `Interface`: **LAN**
-    - `Address Family`: **IPv4**
-    - `Protocol`: **Any**
-    - `Source`: **LAN net**
-    - Add an optional `Description`
-    - Click `Extra Options` > `Display Advanced` and scroll down to `Gateway` and set it to the WG_IVPN gateway **WG_IVPN_GWV4**
-2. Click the `Save` button and click the `Apply Changes` button.
-3. If your LAN includes IPv6, create another firewall rule following step #1 above.  Set `Address Family` to **IPv6** and set `Advanced` > `Gateway` to **WG_IVPN_GWV6**, then click `Save` and `Apply Changes`.
-4. Disable the default WAN access firewall rules on the  `Firewall` > `Rules` > `LAN` page:
-    - Click the green check marks beside the `Default allow` rules for IPv4* and IPv6* to turn them off.
-    - Click the `Apply Changes` button.
-
-![](/images-static/uploads/pf-wg-30-fw-rules-lan.png)
-
-#### Additional Kill Switch Configuration
-
-1. Navigate to `Firewall` > `Rules` > `Floating`, click on the `Add` button and create the rule to reject all traffic on WAN interface:
-    - `Action`: **Reject**
-    - `Quick`: **Check**
-    - `Interface`: **WAN**
-    - `Direction`: **Any**
-    - `Address Family`: **IPv4+IPv6**
-    - `Protocol`: **Any**
-    - `Description`: **Reject all WAN traffic**
-    - `Save`
-2. Click on the `Add (top)` button again and create another rule to allow the traffic from WAN interface to VPN server:
-    - `Action`: **Pass**
-    - `Quick`: **Check**
-    - `Interface`: **WAN**
-    - `Direction`: **Any**
-    - `Address Family`: **IPv4**
-    - `Protocol`: **Any**
-    - `Destination` > `Single host or alias` > `176.103.57.129`
-    - `Description`: **Allow traffic to VPN server**
-    - `Save`
-3. Ensure that 'Reject' rule resides below the 'Allow' one, otherwise drag it down manually.
-4. Click the `Save` button and click the `Apply Changes` button.
-
-![](/images-static/uploads/pf-wg-50-killswitch.png)
-
-### Static Routing {#routing}
-
-1. Navigate to `System` > `Routing` > `Static routes` tab.
-2. Click the `Add` button and configure the routes as follows:
-    - `Destination network`: The IP address of the WireGuard server `176.103.57.129`
-    - `Gateway`: Your router's `WAN` gateway
-    - `Description`: "WAN to VPN"
-    - Click `Save`
-3. Navigate to `System` > `Routing` > `Gateways` tab and set `Default gateway IPv4` to **WG_IVPN_GWV4** and set `Default gateway IPv6` to **WG_IVPN_GWV6**.
-4. Click `Save` and `Apply changes`.
-
-![](/images-static/uploads/pf-wg-35-routing.png)
-
-### DNS {#dns}
-
-1. Navigate to `System` > `General Setup` > `DNS` and set the `DNS Servers` > `Address` to one of the three internal DNS server options:
-    - *172.16.0.1* = regular DNS with no blocking
-    - *10.0.254.2* = standard AntiTracker to block advertising and malware domains
-    - *10.0.254.3* = Hardcore Mode AntiTracker to also block Google and Facebook domains
-2. Set the `Gateway` to the WG_IVPN gateway **WG_IVPN_WGV4**
-3. Uncheck `DNS Server Override` and click the `Save` button.
-![](/images-static/uploads/pf-wg-40-dns.png)
-4. Navigate to `Services` > `DHCP Server` and set the `DNS Servers` > `DNS Server 1` to the DNS server you chose in step #1 above.
-5. Click `Save`.
-
-### DNS Resolver {#resolver}
-
-1. Navigate to `Services` > `DNS Resolver` and have `Enable DNSSEC` checked.
-2. Check `Enable Forwarding Mode` beside `DNS Query Forwarding`.
-3. Click the `Save` button and click the `Apply Changes` button.
-
-### Final Steps {#final}
-
-1. A device reboot is not required, though it may be useful to confirm that everything behaves as expected.
-2. Run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) via one of the internal network clients attached to your pfSense router.
-3. Use `curl` on the pfSense router to confirm the router's traffic uses the VPN connection:
-    - Go to `Diagnostics` > `Command Prompt`.
-    - For IPv4, enter `curl -4 ifconfig.co` in the `Execute Shell Command` box, then press `Execute`.
-    - For IPv6, enter `curl -6 ifconfig.co` in the `Execute Shell Command` box, then press `Execute`.
-    - In both cases, the IP address on the last line of the shell output is the VPN server.
-
-**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and make the required changes to the `Endpoint Address` port and `Peer Public Key`. 
\ No newline at end of file
diff --git a/src/content/es/pages/setup/router/pfsense.md b/src/content/es/pages/setup/router/pfsense.md
deleted file mode 100644
index cde3f7da2..000000000
--- a/src/content/es/pages/setup/router/pfsense.md
+++ /dev/null
@@ -1,164 +0,0 @@
----
-title: OpenVPN Setup Guide for pfSense
-listItem: pfSense OpenVPN
-url: /setup/router/pfsense/
-section: Router Setup
-platform: router
-layout: setup-article
-weight: 30
----
-## pfSense® OpenVPN Setup Guide
-
-<div markdown="1" class="notice notice--warning">
-This guide was produced using pfSense v2.7.0.
-</div>
-
-
-### Basic pfSense Setup
-
-1.  **Add the CA.crt to the Certificate Manager**  
-    In your pfSense device click on `System` -> `Certificates` -> `Authorities` and then click on `+Add`.
-
-    Give it a name, i.e. **"IVPN CA"**.
-
-    Choose `Import an existing Certificate Authority` and paste the following under **"Certificate data"**:  
-
-    ```
-    -----BEGIN CERTIFICATE-----
-    MIIGoDCCBIigAwIBAgIJAJjvUclXmxtnMA0GCSqGSIb3DQEBCwUAMIGMMQswCQYD
-    VQQGEwJDSDEPMA0GA1UECAwGWnVyaWNoMQ8wDQYDVQQHDAZadXJpY2gxETAPBgNV
-    BAoMCElWUE4ubmV0MQ0wCwYDVQQLDARJVlBOMRgwFgYDVQQDDA9JVlBOIFJvb3Qg
-    Q0EgdjIxHzAdBgkqhkiG9w0BCQEWEHN1cHBvcnRAaXZwbi5uZXQwHhcNMjAwMjI2
-    MTA1MjI5WhcNNDAwMjIxMTA1MjI5WjCBjDELMAkGA1UEBhMCQ0gxDzANBgNVBAgM
-    Blp1cmljaDEPMA0GA1UEBwwGWnVyaWNoMREwDwYDVQQKDAhJVlBOLm5ldDENMAsG
-    A1UECwwESVZQTjEYMBYGA1UEAwwPSVZQTiBSb290IENBIHYyMR8wHQYJKoZIhvcN
-    AQkBFhBzdXBwb3J0QGl2cG4ubmV0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
-    CgKCAgEAxHVeaQN3nYCLnGoEg6cY44AExbQ3W6XGKYwC9vI+HJbb1o0tAv56ryvc
-    6eS6BdG5q9M8fHaHEE/jw9rtznioiXPwIEmqMqFPA9k1oRIQTGX73m+zHGtRpt9P
-    4tGYhkvbqnN0OGI0H+j9R6cwKi7KpWIoTVibtyI7uuwgzC2nvDzVkLi63uvnCKRX
-    cGy3VWC06uWFbqI9+QDrHHgdJA1F0wRfg0Iac7TE75yXItBMvNLbdZpge9SmplYW
-    FQ2rVPG+n75KepJ+KW7PYfTP4Mh3R8A7h3/WRm03o3spf2aYw71t44voZ6agvslv
-    wqGyczDytsLUny0U2zR7/mfEAyVbL8jqcWr2Df0m3TA0WxwdWvA51/RflVk9G96L
-    ncUkoxuBT56QSMtdjbMSqRgLfz1iPsglQEaCzUSqHfQExvONhXtNgy+Pr2+wGrEu
-    SlLMee7aUEMTFEX/vHPZanCrUVYf5Vs8vDOirZjQSHJfgZfwj3nL5VLtIq6ekDhS
-    AdrqCTILP3V2HbgdZGWPVQxl4YmQPKo0IJpse5Kb6TF2o0i90KhORcKg7qZA40sE
-    bYLEwqTM7VBs1FahTXsOPAoMa7xZWV1TnigF5pdVS1l51dy5S8L4ErHFEnAp242B
-    DuTClSLVnWDdofW0EZ0OkK7V9zKyVl75dlBgxMIS0y5MsK7IWicCAwEAAaOCAQEw
-    gf4wHQYDVR0OBBYEFHUDcMOMo35yg2A/v0uYfkDE11CXMIHBBgNVHSMEgbkwgbaA
-    FHUDcMOMo35yg2A/v0uYfkDE11CXoYGSpIGPMIGMMQswCQYDVQQGEwJDSDEPMA0G
-    A1UECAwGWnVyaWNoMQ8wDQYDVQQHDAZadXJpY2gxETAPBgNVBAoMCElWUE4ubmV0
-    MQ0wCwYDVQQLDARJVlBOMRgwFgYDVQQDDA9JVlBOIFJvb3QgQ0EgdjIxHzAdBgkq
-    hkiG9w0BCQEWEHN1cHBvcnRAaXZwbi5uZXSCCQCY71HJV5sbZzAMBgNVHRMEBTAD
-    AQH/MAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAABAjRMJy+mXFLezA
-    Z8iUgxOjNtSqkCv1aU78K1XkYUzbwNNrSIVGKfP9cqOEiComXY6nniws7QEV2IWi
-    lcdPKm0x57recrr9TExGGOTVGB/WdmsFfn0g/HgmxNvXypzG3qulBk4qQTymICds
-    l9vIPb1l9FSjKw1KgUVuCPaYq7xiXbZ/kZdZX49xeKtoDBrXKKhXVYoWus/S+k2I
-    S8iCxvcp599y7LQJg5DOGlbaxFhsW4R+kfGOaegyhPvpaznguv02i7NLd99XqJhp
-    v2jTUF5F3T23Z4KkL/wTo4zxz09DKOlELrE4ai++ilCt/mXWECXNOSNXzgszpe6W
-    As0h9R++sH+AzJyhBfIGgPUTxHHHvxBVLj3k6VCgF7mRP2Y+rTWa6d8AGI2+Raey
-    V9DVVH9UeSoU0Hv2JHiZL6dRERnyg8dyzKeTCke8poLIjXF+gyvI+22/xsL8jcNH
-    i9Kji3Vpc3i0Mxzx3gu2N+PL71CwJilgqBgxj0firr3k8sFcWVSGos6RJ3IvFvTh
-    xYx0p255WrWM01fR9TktPYEfjDT9qpIJ8OrGlNOhWhYj+a45qibXDpaDdb/uBEmf
-    2sSXNifjSeUyqu6cKfZvMqB7pS3l/AhuAOTT80E4sXLEoDxkFD4C78swZ8wyWRKw
-    sWGIGABGAHwXEAoDiZ/jjFrEZT0=
-    -----END CERTIFICATE-----
-    ```
-
-    Click `Save`.  
-
-    ![](/images-static/uploads/install-pfsense-openvpn-2.7.0-010.png)
-
-2.  **Add a VPN connection**  
-    In this example, we will create the VPN connection to Canada server (CA.GW.IVPN.NET). You can find domain names of other locations on our [server status page](/status/).  
-
-    Click on `VPN` -> `OpenVPN` -> `Clients` -> `+Add` and enter the following configuration:  
-
-    *   **Description** - IVPN Canada
-    *   **Server Mode** - Peer to Peer (SSL/TLS)
-    *   **Device mode** - tun Layer 3 Tunnel Mode
-    *   **Protocol** - UDP on IPv4 only
-    *   **Interface** - WAN
-    *   **Server host** - convert hostname `ca.gw.ivpn.net` to an IP address by using `nslookup ca.gw.ivpn.net` in a Command Prompt or Terminal
-    *   **Server port** - 1194 (or any port from the [list](/knowledgebase/troubleshooting/how-do-i-change-the-port-or-protocol-used-to-connect/))
-
-        ![](/images-static/uploads/install-pfsense-openvpn-2.7.0-020.png)
-
-    *   Under **User Authentication Settings**, use your IVPN Account ID for authentication (like `ivpnXXXXXXXX` or `i-XXXX-XXXX-XXXX`, case-sensitive). Set the password field to anything non-blank (ie. ivpn or i).
-    *   Check **Use a TLS Key** option under **TLS Configuration** -> uncheck the **Automatically generate a TLS Key** option and past the following and past the following under **TLS Key**  
-        ```
-        -----BEGIN OpenVPN Static key V1-----
-        ac470c93ff9f5602a8aab37dee84a528
-        14d10f20490ad23c47d5d82120c1bf85
-        9e93d0696b455d4a1b8d55d40c2685c4
-        1ca1d0aef29a3efd27274c4ef09020a3
-        978fe45784b335da6df2d12db97bbb83
-        8416515f2a96f04715fd28949c6fe296
-        a925cfada3f8b8928ed7fc963c156327
-        2f5cf46e5e1d9c845d7703ca881497b7
-        e6564a9d1dea9358adffd435295479f4
-        7d5298fabf5359613ff5992cb57ff081
-        a04dfb81a26513a6b44a9b5490ad265f
-        8a02384832a59cc3e075ad545461060b
-        7bcab49bac815163cb80983dd51d5b1f
-        d76170ffd904d8291071e96efc3fb777
-        856c717b148d08a510f5687b8a8285dc
-        ffe737b98916dd15ef6235dee4266d3b
-        -----END OpenVPN Static key V1-----
-        ```
-    *   **TLS Key Usage Mode** - TLS Authentication
-    *   **TLS keydir direction** - Direction 1
-    *   **Peer Certificate Authority** - IVPN CA
-    *   **Client Certificate** - None (Username or Password required)
-    *   **Data Encryption Algorithm** - AES-256-GCM, CHACHA20-POLY1305
-    *   **Fallback Data Encryption Algorithm** - AES-256-CBC
-    *   **Auth digest algorithm** - SHA1 (160-bit)
-    *   **Server Certificate Key Usage Validation** - Enforce key usage
-        ![](/images-static/uploads/install-pfsense-openvpn-2.7.0-030.png)
-    *   **Allow Compression** - Refuse any non-stub compression (Most secure)
-    *   **Custom options** - `verify-x509-name ca name-prefix` (middle entry `ca` needs to match the prefix for the VPN server hostname)
-    *   **UDP Fast I/O** - checked.
-    *   **Gateway creation** - IPv4 only
-    *   Click `Save`.
-
-3.  **Add an interface**  
-
-    *   Click on `Interfaces` -> `Assignments`.
-    *   Use the Drop-down menu for the `Available network ports` and select `ovpnc* (IVPN Canada)` and click `+Add`
-    *   Click on the new interface name (it is usually named `OPT1` or `OPT2`) and check the **Enable Interface** option.
-    *   Click `Save/Apply`.
-    *   **OPTIONAL:** Disable IPv6 via `Interface` -> `WAN` -> `IPv6 Configuration Type` = None, then click `Save/Apply`.  
-
-4.  **Adjust NAT rules**  
-
-    *   Click on `Firewall` -> `NAT` -> `Outbound`. Set `Mode` to `Manual Outbound NAT rule Generation (AON)` and click `Save/Apply`
-    *   Look for the entry that contains your local IP address (the one that does not contain port `500` nor `127.0.0.0` entries, for you this will probably be `192.168.1.0/24`) and click on the `Pen icon (Edit mapping)`
-    *   Set the interface to the one created in step 3, write a description and have both **Disabled** and **Do not NAT** options **Unchecked**. Click on the `Save/Apply` button
-    *   Delete or disable other rules that contain your local IP that exist via WAN, (keep the 127.0.0.0 ones). This will ensure that traffic doesn't leak if the VPN tunnel accidentally goes down.
-    *   Click `Save/Apply`.  
-        ![](/images-static/uploads/install-pfsense-openvpn-2.7.0-040.png)
-
-5.  **Configure DNS**
-
-    * Navigate to `System` -> `General Setup`
-    * Add an internal OpenVPN DNS server address, like `10.0.254.1` for regular DNS or use an [AntiTracker](/knowledgebase/troubleshooting/what-is-the-ip-address-of-your-dns-servers/) address, and set **Gateway** to `OPT1` .
-    * Click the `+Add DNS Server` to add a public DNS server, like our public, validating, non-logging, recursive DNS server at `198.245.51.147`, and set **Gateway** to `WAN`.
-    * Uncheck the box for **DNS Server Override**.
-    * Click `Save`.
-        ![](/images-static/uploads/install-pfsense-openvpn-2.7.0-050.png)
-    * Reboot the pfSense router to apply the new configuration, then reboot your local network clients.
-    * Open [dnsleaktest.com](https://dnsleaktest.com/) and run a leak test to verify that you are connected to IVPN.  
-
-**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and replace the port number in *Step 2* with the chosen Exit-hop server Multi-hop port and the `verify-x509-name` prefix in the OpenVPN client **Custom options** area matches the exit server.  
-
-### Privacy Considerations
-
-Recent versions of pfSense send an NTP request to a Google server as part of the system [bootstrap](https://docs.netgate.com/pfsense/en/latest/services/ntpd/bootstrap.html) process.  There are choices with respect to how to handle this:
-1. Ignore it and accept that a Google server will see your real IP address each time your router boots.
-1. Create the `/conf/ntp-boot-time-servers` file and leave it empty, which skips the NTP synchronization.
-1. Create the `/conf/ntp-boot-time-servers` file and add one or more NTP server IP addresses of your choice (separated by a single space).
-
-To create the empty file, access the router's shell and type `touch /conf/ntp-boot-time-servers`.
-
-To populate the file with one address, type `echo a.b.c.d > /conf/ntp-boot-time-servers`, where *a.b.c.d* is an NTP server IP address of your choice.
-
-To remove the file, type `rm -i /conf/ntp-boot-time-servers`.
diff --git a/src/content/es/pages/setup/router/tomato-manual.md b/src/content/es/pages/setup/router/tomato-manual.md
deleted file mode 100644
index f65a7143a..000000000
--- a/src/content/es/pages/setup/router/tomato-manual.md
+++ /dev/null
@@ -1,106 +0,0 @@
----
-title: OpenVPN Setup guide for a Tomato router
-listItem: Tomato OpenVPN
-url: /setup/router/tomato-manual/
-section: Router Setup
-platform: router
-layout: setup-article
-weight: 41
----
-## Tomato OpenVPN Setup Guide
-
-### Basic Tomato Setup
-
-<div markdown="1" class="notice notice--warning">
-This guide was produced using FreshTomato version 2020.3
-</div>
-
-1.  Launch the web browser and enter the IP address of your router - `http://192.168.1.1/`, by default.
-
-2.  Navigate to `VPN Tunneling` > `OpenVPN Client` > `Basic`.
-
-3.  Enter the following configuration:
-
-    * **Start with WAN:** Check
-    * **Interface Type:** TUN
-    * **Protocol:** UDP
-    * **Server Address/Port:** Enter a server name from the [server status](/status/) page, e.g. `ua.gw.ivpn.net` and Port `2049`
-
-    <div markdown="1" class="notice notice--info">You can also use ports UDP: 53, 80, 443, 1194, 2050 & TCP: 80, 443, 1443</div>
-
-    * **Firewall:** Automatic
-    * **Create NAT on tunnel:** Check
-    * **Inbound Firewall:** Check
-    * **Authorization Mode:** TLS
-    * **TLS control channel:** Outgoing Auth (1)
-    * **Username/Password Authentication:** Check. Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' (case-sensitive) and any password (ie. `ivpn`).
-    * **Auth digest:** SHA1
-    * Click `Save`.
-
-    ![](/images-static/uploads/install-openvpn-tomato-010.png)
-
-4.  Navigate to `Advanced` tab and enter the following configuration:
-
-    *   **Poll interval:** 0
-    *   **Redirect Internet traffic:** All
-    *   **Accept DNS configuration:** Strict
-    *   **Cipher Negotiation:** Enabled (with fallback)
-    *   **Negotiable ciphers:** AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC
-    *   **Legacy/fallback cipher:** Use Default
-    *   **Compression:** None
-    *   **TLS Renegotiation Time:** -1
-    *   **Connection retry:** 30
-    *   **Verify server certificate:** Unchecked
-    *   **Custom Configuration:**
-        ```
-        tls-client
-        tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA
-        key-direction 1
-        resolv-retry infinite
-        keepalive 10 60
-        nobind
-        persist-key
-        persist-tun
-        persist-remote-ip
-        verb 3
-        ```
-        
-    *   Click `Save`.
-
-    ![](/images-static/uploads/install-openvpn-tomato-020.png)
-
-5.  Proceed to `Keys` tab > copy and paste [Static Key](/releases/config/ta.key) and [Certificate Authority](/releases/config/ca.crt) into corresponding fields. Click `Save`.
-
-    ![](/images-static/uploads/install-openvpn-tomato-030.png)
-
-6.  Navigate to `Status` tab and click the `Start Now` button to connect.
-
-    ![](/images-static/uploads/install-openvpn-tomato-040.png)
-
-### Configuring DNS
-
-1. Navigate to `Basic` - `Network`
-
-2. Specify one of the following DNS servers in the `DNS 1` field:
-
-    * *10.0.254.1* = redular DNS with no blocking
-    * *10.0.254.2* = standard AntiTracker to block advertising and malware domains
-    * *10.0.254.3* = AntiTracker Hardcore Mode to also block Google and Facebook
-
-    ..and *198.245.51.147* in the `DNS 2` field.
-
-3. Click `Save`.
-
-### Configuring a Kill-Switch
-
-1. Navigate to `Administration` > `Scripts` > `Firewall`
-2. Enter the following: ``iptables -I FORWARD -i br0 -o `nvram get wan_iface` -j DROP``
-3. Click `Save` and reboot your router.
-
-### Final steps
-
-1. Reboot your router and wait for a minute or two for everything to settle, then reboot your computer system.
-
-2. Check the assigned public IP address on our website and run a leak test at [https://www.dnsleaktest.com](https://www.dnsleaktest.com) from one of the devices connected to your Tomato router.
-
-**Please note:** If you plan to use a Multi-hop setup please see [this guide](/knowledgebase/general/how-can-i-connect-to-the-multihop-network/) and replace the port number in *Step 3* with the chosen Exit-hop server Multi-hop port. 
\ No newline at end of file
diff --git a/src/content/es/pages/setup/windows-10-ipsec-with-ikev2.md b/src/content/es/pages/setup/windows-10-ipsec-with-ikev2.md
deleted file mode 100644
index cdf2938b6..000000000
--- a/src/content/es/pages/setup/windows-10-ipsec-with-ikev2.md
+++ /dev/null
@@ -1,90 +0,0 @@
----
-title: Windows 10 IPSec IKEv2 Setup Guide
-url: /setup/windows-10-ipsec-with-ikev2/
-layout: setup
-platform: windows
----
-# IPSec with IKEv2 setup guide for Windows 10
-
-This guide will help you set up an IPSec connection using IKEv2
-
-1.  Open the `Control panel` by clicking the start menu icon and typing control
-
-2.  Click `Network and Internet` followed by `Network and Sharing Centre`
-
-3.  Click `Setup a new connection or network`
-
-    ![](/images-static/uploads/windows-10-ipsec-with-ikev2-003.png)
-
-4.  Click `Connect to a workplace`, then click `Next`
-
-    ![](/images-static/uploads/windows-10-ipsec-with-ikev2-004.png)
-
-5.  Click `Use my Internet connection (VPN)`
-
-    ![](/images-static/uploads/windows-10-ipsec-with-ikev2-005.png)
-
-6.  Enter the address of one of the servers from the [server status](/status/) list (depending on which country you want to connect to).
-    
-    Below that give the connection a name e.g. IVPN - GB.
-    
-    Choose `Remember my credentials` if you don't want to enter your account ID and password every time you connect.
-    
-    Click `Create` to continue
-
-    ![](/images-static/uploads/windows-10-ipsec-with-ikev2-006.png)
-
-7.  The VPN connection is now created but we still need to configure it. Open the `Network and Sharing Centre` as shown in steps 1 and 2.
-    
-    Click `Change Adapter settings`
-
-    ![](/images-static/uploads/windows-10-ipsec-with-ikev2-007.png)
-
-8.  Right click the icon with the name of the connection you created and with the text WAN Miniport (IKE v2)
-
-9.  Below it and click `Properties`
-
-    ![](/images-static/uploads/windows-10-ipsec-with-ikev2-009.png)
-
-10.  Select the `Security` tab and change the Type of VPN to `IKEv2` and the data encryption to `Maximum strength encryption (disconnect if server declines)`  
-
-     Under `Authentication` select `Use Extensible Authentication Protocol (EAP)` and `Microsoft: Secured password (EAP-MSCHAP v2) (encryption enabled)`  
-
-     ![](/images-static/uploads/windows-10-ipsec-with-ikev2-010.png)
-
-11.  Right click the icon with the name of the connection you created again and select `Create shortcut`
-
-     ![](/images-static/uploads/windows-10-ipsec-with-ikev2-011.png)
-
-12.  Click `Yes` to create a shortcut on the desktop
-
-     ![](/images-static/uploads/windows-10-ipsec-with-ikev2-012.png)
-
-13.  Search for `VPN settings` in the search field on the Taskbar or in the Start menu. Click `VPN settings` in the results list.
-
-     ![](/images-static/uploads/windows-10-ipsec-with-ikev2-013a-130-search-vpn.png)
-
-14.  Click the VPN connection created in step #6 above and click the `Advanced options` button.
-
-     ![](/images-static/uploads/windows-10-ipsec-with-ikev2-013b-140-advanced-options.png)
-
-15.  Under `Connection properties`, click the `Edit` button.
-
-     ![](/images-static/uploads/windows-10-ipsec-with-ikev2-013c-150-connection-properties.png)
-
-16.  Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' (case-sensitive) and the following password - `ivpn`, then click the `Save` button. Close all of the windows that have been opened during this process.
-
-     ![](/images-static/uploads/windows-10-ipsec-with-ikev2-013d-160-ivpn-username-password.png)
-
-17.  To Connect, click your `Task Bar Network Icon`, then click the name of the `IVPN` connection and then `Connect`
-
-     ![](/images-static/uploads/windows-10-ipsec-with-ikev2-013.png)
-
-18.  After a few seconds the network applet should indicate that you are connected to the VPN server.
-
-     ![](/images-static/uploads/windows-10-ipsec-with-ikev2-015.png)
-
-
-DNS may leak with this manual connection. Check out our guide on [setting DNS manually](/knowledgebase/windows/windows-10-set-ivpn-dns-servers-manually/).
-
-[Disabling IPv6](/knowledgebase/windows/windows-10-disable-ipv6/) may be another way to further tighten up your system.
diff --git a/src/content/es/pages/setup/windows-10-openvpn-community.md b/src/content/es/pages/setup/windows-10-openvpn-community.md
deleted file mode 100644
index 4c7846c38..000000000
--- a/src/content/es/pages/setup/windows-10-openvpn-community.md
+++ /dev/null
@@ -1,33 +0,0 @@
----
-title: OpenVPN Manual setup for Windows 10
-url: /setup/windows-10-openvpn-community/
-layout: setup
-platform: windows
----
-# OpenVPN GUI setup guide for Windows 10
-
-This guide demonstrates how to install the community edition of OpenVPN for Windows.
-
-<div markdown="1" class="notice notice--warning">
-If you are using IVPN to protect your privacy/anonymity this software does not offer any DNS leak protection, you may wish to install the scripts from <a href="https://www.dnsleaktest.com">www.dnsleaktest.com</a> to implement DNS leak prevention. In addition if the VPN connection is dropped for any reason, traffic may leak unencrypted through your default gateway. You may want to configure firewall software to mitigate this risk. For these reasons we recommend installing the IVPN client.
-</div>
-
-1.  Download the latest OpenVPN installer from the [OpenVPN community downloads](http://openvpn.net/index.php/download/community-downloads.html) page. Ensure that you download the correct version for your architecture i.e. 32 or 64 bit (If you're not sure see [here](http://windows.microsoft.com/en-us/windows7/find-out-32-or-64-bit)).
-
-2.  Run the installer and answer the required prompts to install the software. Select the default set of components to install. If you have not installed OpenVPN before you may be asked to install the TAP drivers. Check the box "Always trust software from OpenVPN" and click `Install`.
-
-3.  Download the [OpenVPN configuration files](/openvpn-config).
-
-4.  Extract the zip file and copy the contents of the `ivpn-openvpn-config` folder (the .ovpn files) to the `config` folder within the OpenVPN installation directory (Usually C:\Program Files (x86)\OpenVPN\config on 32-bit systems and C:\Program Files\OpenVPN\config on 64-bit systems).
-
-5.  Right click on the OpenVPN shortcut on the desktop and choose `Properties`, switch to the `Compatibility` tab and enable `Run this program as an administrator`.
-
-6.  Start the OpenVPN GUI by double-clicking the shortcut on the desktop. You must allow the application to run as administrator if it requests permission (This is required to update the local routing table).
-
-7.  Right click on the OpenVPN system tray icon (two small monitors in bottom right corner, click the up arrow if icon is hidden) and select the server you wish to connect to and click on `Connect`. Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' and any password when prompted.
-
-    <div markdown="1" class="notice notice--info">
-    Only your account ID is used for authentication and is case-sensitive. The password field can be left empty or set to anything if your client software requires a non-blank password.
-    </div>
-
-8.  When the tray icon turns green you are connected to the IVPN network. Right click to disconnect.
diff --git a/src/content/es/pages/setup/windows-10-wireguard.md b/src/content/es/pages/setup/windows-10-wireguard.md
deleted file mode 100644
index b23b4117d..000000000
--- a/src/content/es/pages/setup/windows-10-wireguard.md
+++ /dev/null
@@ -1,24 +0,0 @@
----
-title: WireGuard Manual setup for Windows 10
-url: /setup/windows-10-wireguard/
-layout: setup
-platform: windows
----
-# WireGuard setup guide for Windows 10
-
-<div markdown="1" class="notice notice--warning">
-To use WireGuard on Windows, we recommend downloading IVPN's <a href="/apps-windows/">Windows client</a>, which supports the protocol. Please follow the steps below if you would prefer to use the official WireGuard app for Windows instead:
-</div>
-
-1.  [Download](https://www.wireguard.com/install/) and install the latest version of the WireGuard client from the official WireGuard website
-
-2.  Navigate to our [config file generator](/account/wireguard-config)
-
-3.  Choose `Generate key` or `Add key` manually
-
-4.  Select the required `Single` or `Multi-hop` server configuration(s), `Port`, `Internet protocol` and hit `Download zip archive`
-
-5.  Extract the downloaded .zip file, launch the WireGuard app, click on the `Add Tunnel` button in the bottom left > `Import Tunnel(s) from File...` and select the extracted config file(s)
-
-6.  Click on the `Activate` button and check your connection status on our website:<br></br>
-![](/images-static/uploads/connection-status-tool.png)
diff --git a/src/content/es/pages/setup/windows-8-openvpn-community.md b/src/content/es/pages/setup/windows-8-openvpn-community.md
deleted file mode 100644
index 022951bae..000000000
--- a/src/content/es/pages/setup/windows-8-openvpn-community.md
+++ /dev/null
@@ -1,33 +0,0 @@
----
-title: OpenVPN GUI setup guide for Windows 8
-url: /setup/windows-8-openvpn-community/
-layout: setup
-platform: windows
----
-# OpenVPN GUI setup guide for Windows 8
-
-This guide demonstrates how to install the community edition of OpenVPN for Windows.
-
-<div markdown="1" class="notice notice--warning">
-If you are using IVPN to protect your privacy/anonymity this software does not offer any DNS leak protection, you may wish to install the scripts from <a href="https://www.dnsleaktest.com">www.dnsleaktest.com</a> to implement DNS leak prevention. In addition if the VPN connection is dropped for any reason, traffic may leak unencrypted through your default gateway. You may want to configure firewall software to mitigate this risk. For these reasons we recommend installing the IVPN client.
-</div>
-
-1. Download the latest OpenVPN installer from the [OpenVPN community downloads](http://openvpn.net/index.php/download/community-downloads.html) page. Ensure that you download the correct version for your architecture i.e. 32 or 64 bit (If you're not sure see [here](http://windows.microsoft.com/en-us/windows7/find-out-32-or-64-bit)).
-
-2. Run the installer and answer the required prompts to install the software. Select the default set of components to install. If you have not installed OpenVPN before you may be asked to install the TAP drivers. Check the box "Always trust software from OpenVPN" and click `Install`.
-
-3. Download the [OpenVPN configuration files](/openvpn-config).
-
-4. Extract the zip file and copy the contents of the `ivpn-openvpn-config` folder (the .ovpn files) to the `config` folder within the OpenVPN installation directory (Usually C:\Program Files (x86)\OpenVPN\config on 32-bit systems and C:\Program Files\OpenVPN\config on 64-bit systems).
-
-5. Right click on the OpenVPN shortcut on the desktop and choose `Properties`, switch to the `Compatibility` tab and enable `Run this program as an administrator`.
-
-6. Start the OpenVPN GUI by double-clicking the shortcut on the desktop. You must allow the application to run as administrator if it requests permission (This is required to update the local routing table).
-
-7. Right click on the OpenVPN system tray icon (two small monitors in bottom right corner, click the up arrow if icon is hidden) and select the server you wish to connect to and click on `Connect`. Enter your account ID that begins with letters 'ivpnXXXXXXXX' or 'i-XXXX-XXXX-XXXX' and any password when prompted.
-
-   <div markdown="1" class="notice notice--info">
-   Only your account ID is used for authentication and is case-sensitive. The password field can be left empty or set to anything if your client software requires a non-blank password.
-   </div>
-
-8.  When the tray icon turns green you are connected to the IVPN network. Right click to disconnect.
diff --git a/src/content/es/pages/supported-projects.md b/src/content/es/pages/supported-projects.md
deleted file mode 100644
index ec00ed85a..000000000
--- a/src/content/es/pages/supported-projects.md
+++ /dev/null
@@ -1,32 +0,0 @@
----
-title: IVPN Supported Projects
-description: IVPN proudly supports many organizations and projects that closely align with our values. Read more about our beliefs and why we do what we do.
-url: /supported-projects/
----
-# Supported Projects
-
-IVPN proudly supports the following organizations and projects.
-{{< figure class="features__image--light" src="/images-static/uploads/logo-eff.svg" alt="Electronic Frontier Foundation" >}}
-{{< figure class="features__image--dark" src="/images-static/uploads/logo-eff.svg" alt="Electronic Frontier Foundation" >}}
-[Electronic Frontier Foundation](https://www.eff.org) is a non-profit group founded in San Francisco in 1990. It is the leading activist collective fighting against governments and corporations to preserve privacy and individual freedom on the internet. IVPN has been an organization member of the EFF since May 2013.
-{{< figure class="features__image--light" src="/images-static/uploads/logo-wireguard.svg" alt="WireGuard" >}}
-{{< figure class="features__image--dark" src="/images-static/uploads/logo-wireguard.svg" alt="WireGuard" >}}
-[WireGuard](https://www.wireguard.com) is an open-source VPN protocol developed by Jason A. Donenfeld. Development of WireGuard is supported by donations from companies who deploy it to their networks. IVPN first supported the project in November 2018 before implementing the protocol to our service.
-{{< figure width="125" class="features__image--light" src="/images-static/uploads/BTCPay.svg" alt="BTCPay" >}}
-{{< figure width="125" class="features__image--dark" src="/images-static/uploads/BTCPay.svg" alt="BTCPay" >}}
-[BTCPay Server Foundation](https://foundation.btcpayserver.org) is a non-profit organization responsible for maintaining [BTCPay Server](https://btcpayserver.org), a self-hosted, open-source cryptocurrency payment processor. IVPN is a long-standing user and advocate of BTCPay, and became a Foundation supporter in 2022.
-{{< figure class="features__image--light" src="/images-static/uploads/torservers.svg" alt="Torservers.net" >}}
-{{< figure class="features__image--dark" src="/images-static/uploads/torservers-dark.svg" alt="Torservers.net" >}}
-[Torservers.net](https://torservers.net) is an independent, global network of organizations that help the Tor network by running high bandwidth Tor relays to make the Tor network faster and more reliable. IVPN have been sponsoring a Tor server through torservers.net since June 2014.
-{{< figure class="features__image--light" src="/images-static/uploads/tor.svg" alt="Tor" >}}
-{{< figure class="features__image--dark" src="/images-static/uploads/tor.svg" alt="Tor" >}}
-[The Tor Project](https://www.torproject.org/) works for advancing human rights and defending privacy online through free software and open networks. Tor directs Internet traffic through an overlay network consisting of thousands of relays to protect a user's location and usage from network surveillance or traffic analysis. IVPN started sponsoring Tor in November 2019.
-{{< figure class="features__image--light" src="/images-static/uploads/fightforthefuture.svg" alt="Fight for the future" >}}
-{{< figure class="features__image--dark" src="/images-static/uploads/fightforthefuture-dark.svg" alt="Fight for the future" >}}
-[Fight for the Future](https://www.fightforthefuture.org/) is a non-profit advocacy group working on promoting issues related to copyright, online privacy and censorship on the Internet. Some major campaigns started by FTFF were SOPA and PIPA protests and the launch of [BanFacialRecognition.com](http://banfacialrecognition.com/). IVPN became a Rebel level sponsor in November 2019.
-{{< figure class="features__image--light" src="/images-static/uploads/accessnow.svg" alt="Access Now" >}}
-{{< figure class="features__image--dark" src="/images-static/uploads/accessnow-dark.svg" alt="Access Now" >}}
-[Access Now](https://www.accessnow.org/) is a non-profit advocacy group dedicated to fight for an open and free Internet extending the digital rights of users around the world. They are the organizing body behind ‘RightsCon’, a summit taking place to discuss human rights in the digital age. IVPN first donated to Access Now in November 2019.
-{{< figure class="features__image--light" src="/images-static/uploads/logo-org.svg" alt="The Open Rights Group" >}}
-{{< figure class="features__image--dark" src="/images-static/uploads/logo-org.svg" alt="The Open Rights Group" >}}
-[The Open Rights Group](https://www.openrightsgroup.org) is the UK's only digital campaigning organization working to protect the rights to privacy and free speech online. With almost 3,000 active supporters, the ORG is a grassroots organization with local groups across the UK. IVPN are corporate sponsors of the ORG since April 2016.
diff --git a/src/content/es/pages/supportua-ru.md b/src/content/es/pages/supportua-ru.md
deleted file mode 100644
index 10fa3b043..000000000
--- a/src/content/es/pages/supportua-ru.md
+++ /dev/null
@@ -1,22 +0,0 @@
----
-title: Support UA
-url: /supportua/ru/
-alternateURL: "/supportua/ru/"
-hreflang: "ru"
----
-## Спасибо за ваш интерес к сервису IVPN.
-
-Кампания по предоставлению бесплатного доступа, которую мы начали в феврале 2022 года, завершена. Ваучеры более не распространяются.
-
-Для доступа к нашему сервису мы рекомендуем создать платную [учетную запись IVPN](/pricing/).
-
-Примечание: мы не можем гарантировать обеспечение непрерывного доступа к IVPN в сильно ограниченных сетевых средах. Если вы всё же планируете пользоваться нашим сервисом в таких условиях, предлагаем ознакомиться с [данной статьёй](/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do/).
-
-
-## Thank you for your interest in the IVPN service.
-
-The free access campaign we have started in February 2022 has ended. We are no longer distributing voucher codes. 
-
-To get access to our service we recommend creating a [paid IVPN account](/pricing/).
-
-Note: we cannot guarantee that IVPN provides continuous access in heavily restricted network environments. We suggest reviewing [this article](/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do/) about using our service under such circumstances.
\ No newline at end of file
diff --git a/src/content/es/pages/supportua.md b/src/content/es/pages/supportua.md
deleted file mode 100644
index 7f965e051..000000000
--- a/src/content/es/pages/supportua.md
+++ /dev/null
@@ -1,22 +0,0 @@
----
-title: Support UA
-url: /supportua/ua/
-alternateURL: "/supportua/ua/"
-hreflang: "uk"
----
-## Дякуємо за ваш інтерес до сервісу IVPN.
-
-Кампанія з безкоштовного доступу, яку ми розпочали у лютому 2022 року, завершилася. Ваучери більше не розповсюджуються.
-
-Для отримання доступу до нашого сервісу ми рекомендуємо створити платний [обліковий запис IVPN](/pricing/).
-
-Примітка: ми не можемо гарантувати забезпечення постійного доступа до IVPN в сильно обмежених мережевих середовищах. Якщо ви все ж таки плануєте користуватися нашим сервісом у таких умовах, пропонуємо ознайомитися з [даною статтею](/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do/).
-
-
-## Thank you for your interest in the IVPN service.
-
-The free access campaign we have started in February 2022 has ended. We are no longer distributing voucher codes. 
-
-To get access to our service we recommend creating a [paid IVPN account](/pricing/).
-
-Note: we cannot guarantee that IVPN provides continuous access in heavily restricted network environments. We suggest reviewing [this article](/knowledgebase/troubleshooting/i-cannot-connect-from-china-or-vietnam-or-iran-or-russia-etc-what-can-i-do/) about using our service under such circumstances.
diff --git a/src/content/es/pages/team.md b/src/content/es/pages/team.md
index 656d2cec1..d5d749195 100644
--- a/src/content/es/pages/team.md
+++ b/src/content/es/pages/team.md
@@ -1,6 +1,8 @@
 ---
 title: Equipo IVPN
-url: team/
+url: /es/team/
+params:
+  translated: true
 sections:
   - type: heading_text_cta_one_column
     content: >-
diff --git a/src/content/es/pages/terms-of-service.md b/src/content/es/pages/terms-of-service.md
deleted file mode 100644
index 27a63d63d..000000000
--- a/src/content/es/pages/terms-of-service.md
+++ /dev/null
@@ -1,63 +0,0 @@
----
-title: IVPN Terms of Service
-url: /tos/
-layout:
-canonical:
----
-# Terms of Service
-
-###### Last updated: 21 January 2021
-
-These are the terms of service you are agreeing to when you subscribe and/or are using the services of IVPN, operated by IVPN Limited.
-
-Please note that in this agreement, the term "You" means you the "Subscriber/User", and the term "We" or "Our" means IVPN Limited, its owners, employees, agents and any others involved with IVPN Limited.
-
-##### As a subscriber of our services, you agree that:
-
-1. You will not use our service to hack or attack other computers or networks on the internet.
-
-2. You will not use our service to scan (eg. port scanning, running proxy hunters) other computers or networks on the internet.
-
-3. You will not use our service to transmit viruses, worms, trojans etc. to other computers or networks on the internet.
-
-4. You will not use our service to attack our servers and resources in any way.
-
-5. You will not use our service for receiving and distributing pirated copyright materials. This includes, but is not limited to the following activities: trading, selling, bartering, sharing, transmitting or receiving, of such materials.
-
-6. You will not use our service to send unsolicited data in any form. This includes, but is not limited to the following: Sending unsolicited emails (i.e. SPAM email), hate email, mass-marketing emails, unsolicited instant messages and unsolicited SMS.
-
-7. You will not use our services to engage in any sort of child pornography activities. This includes, but not limited to the following: Trading, bartering, selling, transmitting or receiving such material.
-
-8. You will not use our service for any type of criminal activities. This includes but is not limited to the following: Engaging in the use of stolen credit cards, stolen bank accounts, stolen debit cards, stolen charge cards, stolen online payment accounts (eg. PayPal).
-
-9. You will not use our service to send out phishing or identity theft emails.
-
-10. You will not promote or encourage criminal or terrorist activities of any sort.
-
-11. You will not use our services to threaten or harass others.
-
-12. You will not run resource intensive programs that will interfere with the usage of our services by our users.
-
-13. You will not share your account with others. You will be responsible for all the activities involving your account.
-
-14. You agree not to pay for the service from a stolen credit card.
-
-15. You will not resell or attempt to resell IVPN accounts or services to any individual or entity for use or further resale without the express written permission of IVPN Limited.
-
-16. The service that is offered to you is provided on an "as is" basis, with no warranties whatsoever. We are not liable for any direct, indirect, consequential, inconveniences, or whatsoever damages, or loss of profit, that may arise from the use of our services.
-
-17. We cannot and do not guarantee the speed of our service. We also cannot and do not guarantee that you will have an uninterrupted service. We are not liable for any direct, indirect, consequential, inconveniences, or whatsoever damages, or loss of profit, that may arise from the use of our services.
-
-18. We are not in any shape or form liable for damages of any sort (realized or unrealized) resulting from the use of, or through the use of, or arising from the use of, or the inability to use the IVPN service pertaining to any registered user.
-
-19. In any event, IVPN shall never be liable for any monetary damages beyond what the user paid to IVPN and this will not include court costs or attorney fees irrespective of any statutes or laws that may be interpreted otherwise.
-
-20. We reserve the right to make amendments or modifications to our Terms Of Use Agreement. If we make changes that are material, we will take every reasonable step to ensure that changes are brought to your attention by posting all changes prominently on the IVPN website and emailing our existing customers. The notice will designate a reasonable period of time after which the new Terms will take effect. If you disagree with our changes, then you should stop using the IVPN service within the designated notice period. Your continued use of the IVPN service will be subject to the new Terms. However, any dispute that arose before the changes shall be governed by the Terms that were in place when the dispute arose.
-
-This is our binding agreement when you agree to these terms of service.
-
-The main goal of our service is to protect your privacy. We absolutely do not condone or promote criminal activities of any sort.
-
-If you violate any of our terms, we reserve the right to terminate your service without any advance warning or notification. No refunds or credit will be given.
-
-If you have any questions about this policy please [contact us](/contactus/).
diff --git a/src/content/es/pages/test.md b/src/content/es/pages/test.md
deleted file mode 100644
index c469370f0..000000000
--- a/src/content/es/pages/test.md
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: "Test"
-date: 2024-05-15T17:05:34+01:00
-url: /test/
----
-
diff --git a/src/content/es/pages/thank-you-light.md b/src/content/es/pages/thank-you-light.md
deleted file mode 100644
index 3e4e20b40..000000000
--- a/src/content/es/pages/thank-you-light.md
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: IVPN Account - Thank You
-description: IVPN Account - Thank You.
-url: /thank-you-light
-layout: application
----
diff --git a/src/content/es/pages/transparency-report.md b/src/content/es/pages/transparency-report.md
index 827ddadf4..5b1347eea 100644
--- a/src/content/es/pages/transparency-report.md
+++ b/src/content/es/pages/transparency-report.md
@@ -1,7 +1,9 @@
 ---
 title: Informe de transparencia de IVPN
 description: Es importante que nuestros clientes comprendan completamente qué información privada recopilamos, almacenamos y procesamos. Lee nuestra política clara y sencilla para obtener la información que necesitas.
-url: transparency-report/
+url: /es/transparency-report/
+params:
+  translated: true
 ---
 # Informe de transparencia
 
diff --git a/src/content/es/pages/trust.md b/src/content/es/pages/trust.md
deleted file mode 100644
index 0240a2448..000000000
--- a/src/content/es/pages/trust.md
+++ /dev/null
@@ -1,75 +0,0 @@
----
-title: Signals of Trustworthiness
-url: /trust/
----
-# Signals of Trustworthiness
-
-## Part I. Corporate Accountability & Business Model
-
-1.  ### What is the public facing and full legal name of the VPN service and any parent or holding companies? Do these entities have ownership or economic stakes in other VPN services, and if so, do they share user information? Where are they incorporated? Is there any other company or partner directly involved in operating the VPN service, and if so, what is its full legal name?  
-
-    The public facing name is IVPN. The Legal name of the company is IVPN Limited.  
-    IVPN Limited has no parent or holding companies.  
-    There are no other companies or partners directly involved in operating the IVPN service.  
-
-2.  ### Does the company, or other companies involved in the operation or ownership of the service, have any ownership in VPN review websites?  
-
-    No.
-
-3.  ### What is the service’s business model (i.e., how does the VPN make money)? For example, is the sole source of the service’s revenue from consumer subscriptions?  
-
-    100% of revenue is generated from selling VPN consumer subscriptions.
-
-    ## Part II. Privacy: Logging/Data Collection Practices and Responding to Law Enforcement
-
-4.  ### Does the service store any data or metadata generated during a VPN session (from connection to disconnection) after the session is terminated? If so what data? (including data from Client / VPN app, APIs, VPN gateways).
-
-    No.
-
-5.  ### Does your company store (or share with others) any user browsing and/or network activity data, including DNS lookups and records of domain names and websites visited?
-
-    No.
-
-6.  ### Do you have a clear process for responding to legitimate requests for data from law enforcement and courts?
-
-    Yes, please see [Law Enforcement Legal Process Guidelines](/legal-process-guidelines/) and [transparency report](/transparency-report/).
-
-    #### Security controls to protect data in the event of unauthorized physical access to servers  
-    If an adversary gains physical access to a server its prudent to assume that they will gain access to the unencrypted data stored on the server. As VPN servers are not under the direct physical control of IVPN they have been designed with the expectation that they will be compromised. To protect the privacy of IVPN customers the following controls are implemented:  
-    * No logs relating to the customer connection or network activity generated by an IVPN user are created or stored. This includes not creating any temporary or in-memory logs.
-    * No storage of information relating to an IVPN user’s account i.e. authentication credentials are not stored locally.
-    * 24/7 monitoring of all servers to alert IVPN of any suspicious activity or if a server is taken offline. If a server is offline and there no evidence from the data center that it is a hardware fault then procedures are followed to revoke the certificates on the server to prevent a potential MITM attack.
-
-    ## Part III. Security Protocols and Protections
-
-7.  ### What do you do to protect against unauthorized access to customer data flows over the VPN?
-
-    #### Administrative controls  
-    * Implementation of an Information Security Management System (ISMS) based on ISO 27001.
-    * Background screening of all employees.
-    * Mandatory information security training.
-    * Vetting of data centers where servers are hosted.
-    * Patch management policy to ensure consistent and rapid resolution of vulnerabilities.
-    * VPN servers do not store any logs relating to the customer connection or network activity generated by the customer. VPN gateways do not store any information relating to a users account e.g. authentication credentials.
-
-    #### Technical controls  
-    * Enforcement of 2FA for system access to all servers.
-    * Access control using a private company VPN with RSA 4096 certificates for authentication.
-    * Mandatory Access Controls (SELinux).
-    * Firewalled IPMI.
-    * Full disk encryption (LUKS) requiring password entry at boot.
-    * Configuration management software to enforce consistent configuration and security controls based on CIS Benchmarks.
-    * 24/7 systems monitoring and alerting of suspicious system activity using host-based integrity protection.
-
-    #### Customer connections  
-    * Customer VPN connections are secured using OpenVPN with RSA-4096 / AES-256-GCM keys.
-    * Full mesh multi-hop network – IVPN customers can choose to connect to any location in the IVPN infrastructure and have their VPN traffic exit in any other location. To enable this functionality, secure VPN tunnels are established between every server in the IVPN network. This makes it significantly more difficult for an adversary to gain access to a server as the servers would be in multiple jurisdictions. In addition, should the exit server be compromised the adversary would not be able to trace an IVPN customer’s connection other than to the entry VPN server.
-
-8.  ### What other controls does the service use to protect user data?
-
-    * IVPN accepts anonymous payments using cash since 2010. Customers are also able to pay anonymously using Bitcoin if they are able to source Bitcoins anonymously.
-    * All VPN servers are built using Open Source software e.g. CentOS, OpenVPN, StrongSWAN etc.
-    * [Vulnerability disclosure](/vulnerability-reporting/) process.
-    * [Warrant canary](/resources/canary.txt).
-    * IVPN is a transparent organisation with published information [about staff](/team/) on the website and Linkedin profiles.
-    * In-depth [privacy guides](/privacy-guides/) for IVPN customers.
diff --git a/src/content/es/pages/what-is-vpn.md b/src/content/es/pages/what-is-vpn.md
index 938a66dea..b045e3863 100644
--- a/src/content/es/pages/what-is-vpn.md
+++ b/src/content/es/pages/what-is-vpn.md
@@ -1,7 +1,9 @@
 ---
 title: ¿Qué es una VPN?
 description: ¿Qué es una VPN? Una VPN o red privada virtual cifra los datos enviados entre ordenadores en Internet. Cuando utilizas una VPN por motivos de privacidad, tus datos se cifran para que tu ISP o proveedor de red móvil no pueda monitorear tu actividad en Internet.
-url: what-is-a-vpn/
+url: /es/what-is-a-vpn/
+params:
+  translated: true
 ---
 # ¿Qué es una VPN?
 
diff --git a/src/content/es/pages/wireguard-vpn.md b/src/content/es/pages/wireguard-vpn.md
deleted file mode 100644
index e32f32987..000000000
--- a/src/content/es/pages/wireguard-vpn.md
+++ /dev/null
@@ -1,85 +0,0 @@
----
-title: WireGuard VPN protocol for privacy - start using with IVPN
-description: WireGuard is a revolutionary VPN protocol that promises better security and faster speeds compared to existing solutions. IVPN offers WireGuard in our Windows, macOS, Linux, Android and iOS apps. Get set up and running with WireGuard VPN in two minutes.
-url: /wireguard/
----
-# WireGuard<sup>®</sup> VPN
-
-[WireGuard](https://www.wireguard.com/) is a revolutionary VPN protocol using state-of-the-art cryptography that promises better security and faster speeds compared to existing solutions. See the [WireGuard protocol page](https://www.wireguard.com/) for a quick overview of the protocol and cryptography. For an in-depth discussion review the [technical white paper](https://www.wireguard.com/papers/wireguard.pdf).
-
-## IVPN + WireGuard
-
-Since its merge into Linux Kernel v5.6, the release of WireGuard 1.0 and a 3rd party security audit, we consider the protocol to be ready for wide-scale use. We consider WireGuard to be the best protocol for most customers due to its exceptional performance, security properties, ability to roam between IP addresses without packet loss or disconnections and instantly connect/disconnect.
-
-However, WireGuard® was not designed with privacy VPN providers in mind. In addition, it leaves certain aspects (e.g. IP address assignment, key distribution etc.) to the responsibility of the implementer. As a result some privacy issues exist which all responsible VPN providers must resolve. These issues do not in any way represent a weakness of the WireGuard protocol itself, they are simply aspects which the protocol designers intentionally left out. We have identified and implemented the following solutions on the IVPN network.
-
-<span class="badge">Issue</span>
-
-#### Public IP address of peer is stored in memory indefinitely
-
-We have implemented a key management daemon on all servers which scans the list of peers where the latest handshake time > 180 seconds and deletes/reinstates their configuration.
-
-<span class="badge">Issue</span>
-
-#### No mechanism for tunnel IP address allocation or rotation
-
-IVPN apps automatically and transparently call backend every 24 hours to generate new random IP address and distribute to all servers.
-
-<span class="badge">Issue</span>
-
-#### No identity-hiding forward secrecy
-
-IVPN apps automatically and transparently regenerates new key pair every 24 hours and upload public key to backend to distribute to all servers. 
-
-## WireGuard  FAQ
-
-#### How can I use WireGuard?
-
-* [Set up your own WireGuard server](https://www.wireguard.com/quickstart/) and connect using one of the official client apps.
-* Subscribe to a VPN provider that supports WireGuard. While IVPN is not the only service to offer WireGuard, we were [early adopters](/blog/introducing-wireguard-fully-automated/) and have significant experience in supporting it.
-
-#### Which operating systems does WireGuard support?
-
-WireGuard supports all major operating systems. Support for WireGuard is built in to IVPN’s Windows, macOS, Linux, Android and iOS apps.
-
-#### What cryptography is used in WireGuard?
-
-WireGuard utilizes the following protocols and primitives:
-
-* [ChaCha20](http://cr.yp.to/chacha.html) for symmetric encryption, authenticated with [Poly1305](http://cr.yp.to/mac.html), using [RFC7539's AEAD construction](https://tools.ietf.org/html/rfc7539)
-* [Curve25519](http://cr.yp.to/ecdh.html) for ECDH
-* [BLAKE2s](https://blake2.net/) for hashing and keyed hashing, as described in [RFC7693](https://tools.ietf.org/html/rfc7693)
-* [SipHash](http://cr.yp.to/siphash/siphash-20120918.pdf) for hashtable keys
-* [HKDF](https://eprint.iacr.org/2010/264) for key derivation, as described in [RFC5869](https://tools.ietf.org/html/rfc5869)
-* [Noise_IK handshake](https://www.wireguard.com/protocol/#key-exchange-and-data-packets) from [Noise](http://noiseprotocol.org/noise.pdf), building on the work of [CurveCP](http://www.curvecp.org/), [NaCL](http://cr.yp.to/highspeed/naclcrypto-20090310.pdf), [KEA+](http://research.microsoft.com/en-us/um/people/klauter/security_of_kea_ake_protocol.pdf), [SIGMA](http://webee.technion.ac.il/~hugo/sigma-pdf.pdf), [FHMQV](https://eprint.iacr.org/2009/408.pdf), and [HOMQV](https://eprint.iacr.org/2010/638.pdf)
-* All packets are sent over UDP
-
-#### Where do you have WireGuard servers?
-
-We offer WireGuard servers in 45 locations in 32 countries. Review the full list of servers on our [server status page](/status/).
-
-#### I’m an IVPN subscriber. Do I need to register for WireGuard?
-
-WireGuard is available and ready for use for all existing IVPN customers. You do not need to sign up separately.
-
-#### Do you offer all features of IVPN for WireGuard?
-
-We support the same security and privacy features as with OpenVPN e.g. Firewall, Trusted networks, AntiTracker and Multi-hop.
-
-#### Do you offer IPv6 support for WireGuard?
-
-Yes.
-
-#### What ports do you use for WireGuard?
-
-UDP ports 53, 80, 443, 1194, 2049, 2050, 30587, 41893, 48574, 58237.
-
-#### Do I need to manually create and add a public key in the IVPN Client Area when adding a new device?
-
-No, when using the IVPN app keys are automatically generated and the public key uploaded to our server the moment you select the WireGuard protocol in the app.
-
-If you are not using an IVPN app you can also generate and download WireGuard configuration files in the [Client Area](/account/wireguard-config).
-
-#### What DNS server is used when connecting with WireGuard?
-
-We host our own log-less DNS servers which are pushed and applied automatically to your device when you connect. When connected the IP address of the DNS server is 172.16.0.1
diff --git a/src/themes/ivpn-v3/layouts/partials/footer.html b/src/themes/ivpn-v3/layouts/partials/footer.html
index 74fc0cc88..213c97a81 100644
--- a/src/themes/ivpn-v3/layouts/partials/footer.html
+++ b/src/themes/ivpn-v3/layouts/partials/footer.html
@@ -13,7 +13,7 @@
                     <a href="{{ .URL }}">{{ .Name }}</a>
                 </li>
                 {{ end }}
-                {{ if eq site.Language.Lang "en" }}
+                {{ if and (eq site.Language.Lang "en") (.Param "translated") }}
                 <li>
                     <a href="{{ replace .Page.RelPermalink "/en/" "/es/" }}">Versión española</a>
                 </li>

From cfc34f5ae1c7aac16a33b3dd107144cb8331111f Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Tue, 21 May 2024 15:09:01 +0100
Subject: [PATCH 23/98] Localization:  Fix broken links

---
 nginx.conf | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/nginx.conf b/nginx.conf
index c4d14fbb9..c88ba7994 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -256,8 +256,8 @@ server {
     rewrite ^/knowledgebase/208/How-to-use-IVPN-on-KODI-media-player.html$ /knowledgebase/mp/how-to-use-ivpn-on-kodi-media-player/ permanent;
     rewrite ^/knowledgebase/229/Is-IVPN-compatible-with-AppleTV.html$ /knowledgebase/mp/is-ivpn-compatible-with-appletv/ permanent;
     rewrite ^/knowledgebase/248/How-do-I-connect-my-Nvidia-Shield-device.html$ /knowledgebase/mp/how-do-i-connect-my-nvidia-shield-device/ permanent;
-    rewrite ^/aboutus$ /team/ permanent;
-    rewrite ^/why-ivpn$ /team/ permanent;
+    rewrite ^/aboutus$ /en/team/ permanent;
+    rewrite ^/why-ivpn$ /en/team/ permanent;
     rewrite ^/ddwrt$ /setup/router/ddwrt/ permanent;
     rewrite ^/emails/ars-technica-wireguard$ https://arstechnica.com/gadgets/2018/12/testing-wireguard-with-an-early-adopter-vpn-service/ permanent;
     rewrite ^/releases$ / permanent;
@@ -269,7 +269,7 @@ server {
     rewrite ^/setup/linux-changelog.html$ /apps-linux/ permanent;
     rewrite ^/setup/android-changelog.html$ /apps-android/ permanent;
     rewrite ^/setup/mac-changelog.html$ /apps-macos/ permanent;
-    rewrite ^/facts$ /team/ permanent;
+    rewrite ^/facts$ /en/team/ permanent;
     rewrite ^/press$ /contactus/ permanent;
     rewrite ^/what-is-a-tunnel$ /what-is-a-vpn/ permanent;
     rewrite ^/server-locations$ /status/ permanent;
@@ -286,6 +286,10 @@ server {
     rewrite ^/setup/gnu-linux-wireguard$ /setup/linux-wireguard/ permanent;
     rewrite ^/pptp-vs-l2tp-vs-openvpn$ /pptp-vs-ipsec-ikev2-vs-openvpn-vs-wireguard/ permanent;
     rewrite ^/what-is-a-multihop-vpn$ / permanent;
+
+    rewrite ^/blog$ /en/blog/ permanent;
+    rewrite ^/blog/$ /en/blog/ permanent;
+
     rewrite ^/data-retention-laws/united-kingdom$ /blog/collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties/ permanent;
     rewrite ^/data-retention-laws/united-states$ /blog/collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties/ permanent;
     rewrite ^/comparison-of-internet-privacy-laws$ /blog/collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties/ permanent;

From 4cc72938fdaffd9749f1e7f9b9a4897ab3f2763f Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Tue, 21 May 2024 15:13:24 +0100
Subject: [PATCH 24/98] Localization:  Fix broken links

---
 Dockerfile | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index ae9ccaf7b..c0ab46f96 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -37,14 +37,14 @@ RUN sed -E -e 's/^layout:(.*)$/layout: mobile-app/' \
      -e 's/^canonical:(.*)$/canonical: \/tos\//' \
    ./src/content/en/pages/terms-of-service.md > ./src/content/en/pages/terms-of-service-mobile.md
 
-RUN sed -E -e 's/^layout:(.*)$/layout: mobile-app/' \
-     -e 's/^url:(.*)$/url: \/privacy-mobile-app\//' \
-     -e 's/^canonical:(.*)$/canonical: \/privacy\//' \
-   ./src/content/es/pages/privacy-policy.md > ./src/content/es/pages/privacy-policy-mobile.md \
-   && sed -E -e 's/^layout:(.*)$/layout: mobile-app/' \
-     -e 's/^url:(.*)$/url: \/tos-mobile-app\//' \
-     -e 's/^canonical:(.*)$/canonical: \/tos\//' \
-   ./src/content/es/pages/terms-of-service.md > ./src/content/es/pages/terms-of-service-mobile.md 
+#RUN sed -E -e 's/^layout:(.*)$/layout: mobile-app/' \
+#     -e 's/^url:(.*)$/url: \/privacy-mobile-app\//' \
+#    -e 's/^canonical:(.*)$/canonical: \/privacy\//' \
+#   ./src/content/es/pages/privacy-policy.md > ./src/content/es/pages/privacy-policy-mobile.md \
+#   && sed -E -e 's/^layout:(.*)$/layout: mobile-app/' \
+#     -e 's/^url:(.*)$/url: \/tos-mobile-app\//' \
+#     -e 's/^canonical:(.*)$/canonical: \/tos\//' \
+#   ./src/content/es/pages/terms-of-service.md > ./src/content/es/pages/terms-of-service-mobile.md 
 
 RUN hugo -s ./src -b ${BASE_URL} --environment $ENV -d /opt/build/public
 

From 455562161bf717cf4b27247930c093e29b04a95b Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Wed, 22 May 2024 23:01:42 +0100
Subject: [PATCH 25/98] Localisation: Add tags redirections

---
 nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/nginx.conf b/nginx.conf
index c88ba7994..b280e2e5f 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -289,6 +289,7 @@ server {
 
     rewrite ^/blog$ /en/blog/ permanent;
     rewrite ^/blog/$ /en/blog/ permanent;
+    rewrite ^/blog/tags/audit/$ /en/blog/tags/audit/ permanent;
 
     rewrite ^/data-retention-laws/united-kingdom$ /blog/collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties/ permanent;
     rewrite ^/data-retention-laws/united-states$ /blog/collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties/ permanent;

From 8fe77b7e24b712d50304876962b546f614afccbe Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Thu, 23 May 2024 11:57:45 +0200
Subject: [PATCH 26/98] Add files via upload

---
 src/content/es/pages/ethics.md | 113 +++++++++++++++++++++++++++++++++
 1 file changed, 113 insertions(+)
 create mode 100644 src/content/es/pages/ethics.md

diff --git a/src/content/es/pages/ethics.md b/src/content/es/pages/ethics.md
new file mode 100644
index 000000000..bbfb45201
--- /dev/null
+++ b/src/content/es/pages/ethics.md
@@ -0,0 +1,113 @@
+---
+title: Directrices éticas para la protección de la privacidad | IVPN
+description: Conoce la dirección ética que seguimos, dando prioridad a la privacidad. Explicamos cómo abordamos la transparencia y cómo/qué comunicamos a los nuevos clientes.
+url: /ethics/
+sections:
+  - type: text_one_narrow_column
+    content: >-
+      # Guías éticas
+
+      Consideramos los efectos de nuestras decisiones con respecto al funcionamiento de nuestro servicio. Seguimos una mentalidad que prioriza la privacidad que va más allá de lo básico.
+
+
+      Cada decisión importa: cómo y qué comunicamos a los nuevos clientes, qué información recopilamos y qué herramientas utilizamos para mejorar nuestro servicio.
+
+      Creemos en predicar con el ejemplo y nos comprometemos a lo siguiente:
+      
+      #### Sin información personal
+
+      Nuestro objetivo es no recopilar información del usuario según se define en nuestra [política de privacidad](https://www.ivpn.net/privacy) concisa. No pedimos tu dirección de correo electrónico ni ninguna otra información personal.
+
+      #### Sin rastreadores
+
+      Los rastreadores de empresas de publicidad y redes sociales vigilan tus acciones y ayudan a elaborar tu perfil. No los encontrarás en ivpn.net - somos un proveedor sin rastreadores.
+
+      #### Sin herramientas de terceros
+
+      Herramientas como Google Analytics recopilan información de identificación personal. Utilizamos software alojado únicamente en servidores controlados por IVPN para garantizar tu privacidad.
+
+      #### Sin secretos
+
+      La [propiedad, estructura de la empresa y equipo](team/) de IVPN es pública, por lo tanto sabes quién es responsable de proteger tu privacidad.
+
+      #### Sin falsas promesas
+
+      Algunos servicios intentan convencer a todo el mundo para que obtengan una VPN y permanezcan anónimos en línea. Nosotros no anunciamos beneficios que no se puedan obtener mediante el uso de una VPN.
+
+      #### Sinceridad y responsabilidad
+
+      Nuestras aplicaciones son de código abierto y están disponibles en nuestra [página de GitHub] (https://github.com/ivpn). Comisionamos [auditorías](https://www.ivpn.net/blog/tags/audit/) periódicas para respaldar nuestras afirmaciones. 
+      
+  - type: text_one_narrow_column
+    content: >-
+      ## Cómo no hacemos marketing
+      
+      Nos comprometemos en difundir la misión de IVPN y ayudar a más personas a proteger su privacidad. Teniendo en cuenta el estado del marketing moderno, ésta es una tarea desafiante.
+
+
+      Consideramos que la mayoría de las tácticas de marketing son perjudiciales y nos negamos a utilizarlas. La siguiente lista representa todas las tácticas que hemos considerado y rechazado o eliminado a lo largo de los años.
+      
+      #### Reseñas de pago
+
+      Hemos cerrado nuestro programa de afiliados para protestar contra la práctica de reseñas de pago y recomendaciones engañosas por parte de las páginas web de las "mejores VPN".
+      
+      #### Anuncios de vigilancia
+
+      Los anuncios utilizan información personal y datos de comportamiento para fines de direccionamiento personal y segmentación. Rechazamos Facebook, Google y todas las formas de publicidad programática.
+
+      #### Patrones oscuros
+      
+      Evitamos reseñas falsas, pruebas sociales inventadas, temporizadores de cuenta regresiva, ofertas que vencen, y trucos que dificultan la cancelación de nuestro servicio.
+
+      #### Miedo, incertidumbre y duda
+
+      Impulsar suscripciones con tácticas de miedo es común en la industria de las VPN. No afirmaremos que todos los que no tienen una VPN estén bajo grave amenaza.
+
+      #### Compra de patrocinios
+
+      Creemos que los "influencers" y los creadores de YouTube sin experiencia en seguridad de la información no deberían respaldar servicios de VPN a cambio de un pago.
+
+      #### Spam
+    
+      Evitamos el spam en las redes sociales y la compra de listas de correo electrónico de clientes potenciales, dos tácticas de marketing utilizadas con frecuencia por los proveedores de VPN.
+      
+  - type: text_one_narrow_column
+    content: >-
+      ## Cómo atraemos nuevos clientes
+
+      Nuestra misión sustituye la obtención de ganancias y reinvertimos la mayor parte de nuestros ingresos en mejorar nuestro servicio y en proyectos educativos. Sin embargo, IVPN es un negocio y trabajamos para atraer nuevos clientes, teniendo en cuenta nuestros valores y compromisos.
+      
+      <table>
+        <tr>
+          <th><h3 style="margin:0">Método</h3></th>
+          <th style="width:35%"><h3 style="margin:0">Ejemplos</h3></th> 
+        </tr>
+        <tr>
+          <td><strong>Mejorando nuestro servicio</strong> <br>Las mejoras constantes en nuestro servicio hacen que nuestros clientes nos recomienden a otros.</td>
+          <td>Compatibilidad con WireGuard<br>CLI y GUI de Linux<br>Compatibilidad con IPv6</td> 
+        </tr>
+        <tr>
+          <td><strong>Proyectos educativos</strong><br>Asignamos tiempo y recursos a proyectos que difunden información sobre privacidad y VPN de confianza.</td>
+          <td><a href="https://www.ivpn.net/privacy-guides/">Guías de privacidad</a><br><a href="https://www.ivpn.net/blog/categories/industry-insights/">Blogs educativos</a><br><a href="https://www.doineedavpn.com">Do I need a VPN?</a><br><a href="https://theprivacyissue.com">The Privacy Issue</a></td> 
+        </tr>
+        <tr>
+          <td><strong>Canales sociales y comunidad</strong><br>Compartimos información sobre nuestro progreso en comunidades de IVPN.</td>
+          <td><a href="https://mastodon.social/@ivpn">Mastodon</a><br><a href="https://www.reddit.com/r/ivpn">Reddit</a><br><a href="https://twitter.com/ivpnnet">Twitter</a></td> 
+        </tr>
+        <tr>
+          <td><strong>Cooperación entre periodistas y revisores</strong><br>Compartimos actualizaciones de nuestro progreso y cuentas demo con periodistas y revisores éticos de VPN. No se ofrece ninguna compensación.</td>
+          <td><a href="https://arstechnica.com/gadgets/2018/12/testing-wireguard-with-an-early-adopter-vpn-service/">Ars Technica</a><br><a href="https://themarkup.org/the-breakdown/2021/08/12/how-private-is-my-vpn">The Markup</a><br>Techlore<br>Privacy Guides</td> 
+        </tr>
+        <tr>
+          <td><strong>Patrocinios</strong><br>Patrocinamos organizaciones sin ánimo de lucro y proyectos de desarrollo que se centran en la privacidad.</td>
+          <td><a href="https://www.eff.org">EFF</a><br><a href="https://www.torproject.org">Tor Project</a><br><a href="https://www.wireguard.com">WireGuard</a></td> 
+        </tr>
+          <tr>
+          <td><strong>Apoyando educadores sobre privacidad</strong><br>Apoyamos financieramente a los creadores de contenido ético, que poseen la experiencia necesaria para evaluar y respaldar las VPN.</td>
+          <td><a href="https://optoutpod.com">Seth For Privacy</a><br><a href="https://www.thenewoil.org">The New Oil</a><br><a href="https://www.monerotalk.live">Monero Talk</a></td> 
+        </tr>
+      </table>
+
+      Si has llegado hasta el final y estás de acuerdo con nuestros valores, considera compartir esta página. Esto podría ayudarnos a mantenernos dentro de los límites definidos y demostrar que es posible hacer crecer un negocio sin recurrir a herramientas poco éticas.
+
+---

From 3198f4f083ab9fa7545e02aa81c92a1670bdc1ea Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Thu, 23 May 2024 12:25:06 +0200
Subject: [PATCH 27/98] Update team.md

---
 src/content/es/pages/team.md | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/content/es/pages/team.md b/src/content/es/pages/team.md
index d5d749195..6d3491292 100644
--- a/src/content/es/pages/team.md
+++ b/src/content/es/pages/team.md
@@ -27,7 +27,7 @@ sections:
       #### La libertad es necesaria para una sociedad abierta
 
 
-      Creemos que usted tiene derecho a la libertad de opinión y expresión en línea sin interferencias ni vigilancia. La libertad conduce a expresiones mejoradas de creatividad y pensamiento original. Estamos decididos a proteger este derecho.
+      Creemos que tienes derecho a la libertad de opinión y expresión en línea sin interferencias ni vigilancia. La libertad conduce a expresiones mejoradas de creatividad y pensamiento original. Estamos decididos a proteger este derecho.
   - type: text_two_column
     content_column_1: >-
       #### La vigilancia no puede ser la respuesta
@@ -46,7 +46,7 @@ sections:
       - image: /images-static/uploads/team-nick.png
         image_retina: /images-static/uploads/team-nick-2x.png
         name: Nicholas Pestell
-        description: Nick es fundador y director ejecutivo de IVPN y propietario 100% de IVPN Limited, la empresa a través de la cual se opera el servicio IVPN. Nick aporta una considerable experiencia en gestión de riesgos y pruebas de seguridad mientras trabaja para Royal Bank of Scotland, Network Rail y ABN AMRO Bank.
+        description: Nick es fundador y director ejecutivo de IVPN y propietario 100% de IVPN Limited, la empresa a través de la cual se opera el servicio IVPN. Nick aporta una considerable experiencia en gestión de riesgos y pruebas de seguridad, adquirida mientras trabajaba para Royal Bank of Scotland, Network Rail y ABN AMRO Bank.
         linkedin: https://www.linkedin.com/in/nick-pestell/
         github: https://github.com/cipheromega
       - image: /images-static/uploads/team-edward.png
@@ -63,7 +63,7 @@ sections:
       - image: /images-static/uploads/team-gorka.png
         image_retina: /images-static/uploads/team-gorka-2x.png
         name: Gorka Pernas
-        description: Después de acumular una década de experiencia en funciones relacionadas con el control de calidad en empresas de tecnología, Gorka ahora aplica sus conocimientos para ayudar al equipo de IVPN a enviar aplicaciones sin errores y asegurarse de que no sufra fugas de privacidad.
+        description: Después de acumular una década de experiencia en funciones relacionadas con el control de calidad en empresas de tecnología, Gorka ahora aplica sus conocimientos para ayudar al equipo de IVPN a lanzar aplicaciones sin errores y asegurarse de que no sufras filtraciones de privacidad.
         linkedin: https://www.linkedin.com/in/gorkapernas/
         github: https://github.com/gorkapernas
       - image: /images-static/uploads/nathan.png
@@ -74,24 +74,24 @@ sections:
       - image: /images-static/uploads/team-juraj.png
         image_retina: /images-static/uploads/team-juraj-2x.png
         name: Juraj Hilje
-        description: Como fanático incondicional de Apple y creyente en una experiencia de usuario fluida, fue una elección natural para Juraj ingresar al desarrollo de iOS hace una década. Ahora está obsesionado con crear la mejor aplicación VPN disponible en la App Store.
+        description: Como fanático incondicional de Apple y creyente en una experiencia de usuario fluida, fue una elección natural para Juraj empezar a desarrollar iOS hace una década. Ahora está obsesionado con crear la mejor VPN disponible en la App Store.
         github: https://github.com/jurajhilje
       - image: /images-static/uploads/team-stenya.png
         image_retina: /images-static/uploads/team-stenya-2x.png
         name: Oleksandr Stelnykovych
-        description: Stenya tiene más de 15 años de experiencia como desarrollador de software en diversos roles. En IVPN, está trabajando en la creación de las mejores aplicaciones VPN para escritorios Windows y macOS.
+        description: Stenya tiene más de 15 años de experiencia como desarrollador de software en diversos roles. En IVPN, trabaja en desarrollar las mejores aplicaciones VPN de escritorio para Windows y macOS.
         linkedin: https://www.linkedin.com/in/alexandrstelnykovych/
         github: https://github.com/stenya
       - image: /images-static/uploads/team-jordan.png
         image_retina: /images-static/uploads/team-jordan-2x.png
         name: Jordan Sullivan
-        description: Como líder de turno de servicio al cliente para las Américas, Jordan utiliza sus habilidades de soporte técnico basadas en la resolución de problemas para ayudar a cualquiera que necesite una asistencia clara y paciente.
+        description: Como líder del servicio al cliente para América, Jordan utiliza sus habilidades de soporte técnico basadas en la resolución de problemas para ayudar a cualquiera que necesite una asistencia clara y paciente.
         linkedin: 
         github: https://github.com/jordan-ivpn
       - image: /images-static/uploads/team-marina.png
         image_retina: /images-static/uploads/team-marina-2x.png
         name: Marina Tretiakova
-        description: Como especialista en finanzas, Marina no sólo garantiza que los libros del IVPN estén en orden, sino que también es responsable de desarrollar los procesos de negocio, realizar controles internos y garantizar el cumplimiento de las leyes.
+        description: Como especialista en finanzas, Marina no sólo garantiza que las finanzas de IVPN estén en orden, sino que también es responsable de desarrollar los procesos de negocio, realizar controles internos y garantizar el cumplimiento normativo.
         linkedin: https://www.linkedin.com/in/marina-radionova-64800135/
         github: 
       - image: /images-static/uploads/team-viktor.png

From 20017a4b512484c5c24c152aa60e37eecbfa6e7f Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Thu, 23 May 2024 11:25:28 +0100
Subject: [PATCH 28/98] Localisation: Add tags redirections

---
 nginx.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nginx.conf b/nginx.conf
index b280e2e5f..6ee0428ad 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -289,7 +289,7 @@ server {
 
     rewrite ^/blog$ /en/blog/ permanent;
     rewrite ^/blog/$ /en/blog/ permanent;
-    rewrite ^/blog/tags/audit/$ /en/blog/tags/audit/ permanent;
+    rewrite ^/blog/tags/(.*) /en/blog/tags/$1 permanent;
 
     rewrite ^/data-retention-laws/united-kingdom$ /blog/collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties/ permanent;
     rewrite ^/data-retention-laws/united-states$ /blog/collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties/ permanent;

From 2a2abfb80489852a19ee0344aed60d94e52c41aa Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Thu, 23 May 2024 11:32:08 +0100
Subject: [PATCH 29/98] Localisation: Added accounts page

---
 src/content/es/pages/account.md | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 src/content/es/pages/account.md

diff --git a/src/content/es/pages/account.md b/src/content/es/pages/account.md
new file mode 100644
index 000000000..31ebefbfb
--- /dev/null
+++ b/src/content/es/pages/account.md
@@ -0,0 +1,11 @@
+---
+title: My Account
+url: /account/
+# Leave empty for default, `application` for client area and signup
+layout: application
+menu:
+  - main
+isMenuCta: true
+hasSeperator: false
+---
+# Application
\ No newline at end of file

From 855e8f9f5f47dc5466f8d4571c8b113c32fc4632 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Thu, 23 May 2024 12:49:33 +0200
Subject: [PATCH 30/98] Update ethics.md

---
 src/content/es/pages/ethics.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/es/pages/ethics.md b/src/content/es/pages/ethics.md
index bbfb45201..265dd93f1 100644
--- a/src/content/es/pages/ethics.md
+++ b/src/content/es/pages/ethics.md
@@ -1,7 +1,7 @@
 ---
 title: Directrices éticas para la protección de la privacidad | IVPN
 description: Conoce la dirección ética que seguimos, dando prioridad a la privacidad. Explicamos cómo abordamos la transparencia y cómo/qué comunicamos a los nuevos clientes.
-url: /ethics/
+url: /es/ethics/
 sections:
   - type: text_one_narrow_column
     content: >-

From e6ba5ea7174503e72471ec6e4d481f247ea5002c Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Thu, 23 May 2024 12:53:01 +0200
Subject: [PATCH 31/98] Update ethics.md

---
 src/content/es/pages/ethics.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/content/es/pages/ethics.md b/src/content/es/pages/ethics.md
index 265dd93f1..211bc7f3c 100644
--- a/src/content/es/pages/ethics.md
+++ b/src/content/es/pages/ethics.md
@@ -2,6 +2,8 @@
 title: Directrices éticas para la protección de la privacidad | IVPN
 description: Conoce la dirección ética que seguimos, dando prioridad a la privacidad. Explicamos cómo abordamos la transparencia y cómo/qué comunicamos a los nuevos clientes.
 url: /es/ethics/
+params:
+  translated: true
 sections:
   - type: text_one_narrow_column
     content: >-

From 9f56d156b3c73ccad059b8df81d2a79624b0d305 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Thu, 23 May 2024 12:54:46 +0200
Subject: [PATCH 32/98] Update ethics.md

---
 src/content/en/pages/ethics.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/content/en/pages/ethics.md b/src/content/en/pages/ethics.md
index 95af7c73b..99b5c998f 100644
--- a/src/content/en/pages/ethics.md
+++ b/src/content/en/pages/ethics.md
@@ -1,7 +1,9 @@
 ---
 title: Ethical guidelines for privacy protection | IVPN
 description: Learn about the privacy-first ethical direction we follow. We explain how we approach transparency and how/what we communicate to new customers.
-url: /ethics/
+url: /en/ethics/
+params:
+  translated: true
 sections:
   - type: text_one_narrow_column
     content: >-

From db8f210ab6bd1aebe64d1df72d3b91869d253648 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Thu, 23 May 2024 11:55:45 +0100
Subject: [PATCH 33/98] Localisation: Improve blog redirections

---
 nginx.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nginx.conf b/nginx.conf
index 6ee0428ad..3def479b8 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -289,7 +289,7 @@ server {
 
     rewrite ^/blog$ /en/blog/ permanent;
     rewrite ^/blog/$ /en/blog/ permanent;
-    rewrite ^/blog/tags/(.*) /en/blog/tags/$1 permanent;
+    rewrite ^/blog/(.*) /en/blog/$1 permanent;
 
     rewrite ^/data-retention-laws/united-kingdom$ /blog/collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties/ permanent;
     rewrite ^/data-retention-laws/united-states$ /blog/collection-of-user-data-by-isps-and-telecom-providers-and-sharing-with-third-parties/ permanent;

From 37af70c7d969df28b2e9f91e9457854955ab7b9f Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Thu, 23 May 2024 12:59:44 +0200
Subject: [PATCH 34/98] Update ethics.md

---
 src/content/en/pages/ethics.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/content/en/pages/ethics.md b/src/content/en/pages/ethics.md
index 99b5c998f..30a6e3de4 100644
--- a/src/content/en/pages/ethics.md
+++ b/src/content/en/pages/ethics.md
@@ -2,6 +2,7 @@
 title: Ethical guidelines for privacy protection | IVPN
 description: Learn about the privacy-first ethical direction we follow. We explain how we approach transparency and how/what we communicate to new customers.
 url: /en/ethics/
+aliases: ['/ethics/']
 params:
   translated: true
 sections:

From 69a3a416309cdab57a0e9158e6ad2180ebf26806 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Thu, 23 May 2024 13:00:18 +0200
Subject: [PATCH 35/98] Update team.md

---
 src/content/en/pages/team.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/content/en/pages/team.md b/src/content/en/pages/team.md
index dcb09d24a..6aa4ea96b 100644
--- a/src/content/en/pages/team.md
+++ b/src/content/en/pages/team.md
@@ -1,6 +1,7 @@
 ---
 title: IVPN Team
 url: /en/team/
+aliases: ['/team/']
 params:
   translated: true
 sections:

From 4a4e2b461ba572efec351132b2efa6d3f6ada946 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Thu, 23 May 2024 13:14:47 +0200
Subject: [PATCH 36/98] Update ethics.md

---
 src/content/en/pages/ethics.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/en/pages/ethics.md b/src/content/en/pages/ethics.md
index 30a6e3de4..522b0baba 100644
--- a/src/content/en/pages/ethics.md
+++ b/src/content/en/pages/ethics.md
@@ -31,7 +31,7 @@ sections:
 
       #### No secrets
 
-      IVPN’s [ownership, company structure and team](team/) is public, so you know who is responsible for protecting your privacy.
+      IVPN’s [ownership, company structure and team](/en/team/) is public, so you know who is responsible for protecting your privacy.
 
       #### No false promises
 

From e1a0cf4b7a9ee5c4bd342b14843815932e3dd646 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Thu, 23 May 2024 13:15:34 +0200
Subject: [PATCH 37/98] Update ethics.md

---
 src/content/es/pages/ethics.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/content/es/pages/ethics.md b/src/content/es/pages/ethics.md
index 211bc7f3c..563c49f5b 100644
--- a/src/content/es/pages/ethics.md
+++ b/src/content/es/pages/ethics.md
@@ -30,7 +30,7 @@ sections:
 
       #### Sin secretos
 
-      La [propiedad, estructura de la empresa y equipo](team/) de IVPN es pública, por lo tanto sabes quién es responsable de proteger tu privacidad.
+      La [propiedad, estructura de la empresa y equipo](/es/team/) de IVPN es pública, por lo tanto sabes quién es responsable de proteger tu privacidad.
 
       #### Sin falsas promesas
 
@@ -38,7 +38,7 @@ sections:
 
       #### Sinceridad y responsabilidad
 
-      Nuestras aplicaciones son de código abierto y están disponibles en nuestra [página de GitHub] (https://github.com/ivpn). Comisionamos [auditorías](https://www.ivpn.net/blog/tags/audit/) periódicas para respaldar nuestras afirmaciones. 
+      Nuestras aplicaciones son de código abierto y están disponibles en nuestra [página de GitHub](https://github.com/ivpn). Comisionamos [auditorías](https://www.ivpn.net/blog/tags/audit/) periódicas para respaldar nuestras afirmaciones. 
       
   - type: text_one_narrow_column
     content: >-

From 090da4da70e625e2069df5a546a845526c6f8199 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Thu, 23 May 2024 13:25:42 +0200
Subject: [PATCH 38/98] Update ethics.md


From 9fc2ce58ed049d26060fe2d2270990b4e7653ea4 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Thu, 23 May 2024 12:46:49 +0100
Subject: [PATCH 39/98] Localisation: Updated header links with ethics

---
 src/config/_default/menus/menus.en.toml | 2 +-
 src/config/_default/menus/menus.es.toml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/config/_default/menus/menus.en.toml b/src/config/_default/menus/menus.en.toml
index 7d6f92151..1d575d127 100644
--- a/src/config/_default/menus/menus.en.toml
+++ b/src/config/_default/menus/menus.en.toml
@@ -7,7 +7,7 @@
   [[main]]
     identifier = "ethics"
     name = "Ethics"
-    url = "/ethics/"
+    url = "/en/ethics/"
     weight = 20
   
   [[main]]
diff --git a/src/config/_default/menus/menus.es.toml b/src/config/_default/menus/menus.es.toml
index 604e55ccb..f20453c34 100644
--- a/src/config/_default/menus/menus.es.toml
+++ b/src/config/_default/menus/menus.es.toml
@@ -7,7 +7,7 @@
   [[main]]
     identifier = "ethics"
     name = "Ethics"
-    url = "/ethics/"
+    url = "/es/ethics/"
     weight = 20
   
   [[main]]

From 1f53a7f53995f37065daf2a791c3ed9c449e4cf2 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Fri, 24 May 2024 11:04:27 +0100
Subject: [PATCH 40/98] Localisation: Added wireguard page

---
 src/config/_default/menus/menus.en.toml |  2 +-
 src/config/_default/menus/menus.es.toml |  2 +-
 src/content/en/pages/wireguard-vpn.md   |  5 +-
 src/content/es/pages/wireguard-vpn.md   | 87 +++++++++++++++++++++++++
 4 files changed, 93 insertions(+), 3 deletions(-)
 create mode 100644 src/content/es/pages/wireguard-vpn.md

diff --git a/src/config/_default/menus/menus.en.toml b/src/config/_default/menus/menus.en.toml
index 1d575d127..329ba4681 100644
--- a/src/config/_default/menus/menus.en.toml
+++ b/src/config/_default/menus/menus.en.toml
@@ -62,7 +62,7 @@
   [[footercolone]]
     identifier = "wireguard"
     name = "WireGuard® VPN"
-    url = "/wireguard/"
+    url = "/en/wireguard/"
     weight = 10
   
   [[footercolone]]
diff --git a/src/config/_default/menus/menus.es.toml b/src/config/_default/menus/menus.es.toml
index f20453c34..18036b254 100644
--- a/src/config/_default/menus/menus.es.toml
+++ b/src/config/_default/menus/menus.es.toml
@@ -62,7 +62,7 @@
   [[footercolone]]
     identifier = "wireguard"
     name = "WireGuard® VPN"
-    url = "/wireguard/"
+    url = "/es/wireguard/"
     weight = 10
   
   [[footercolone]]
diff --git a/src/content/en/pages/wireguard-vpn.md b/src/content/en/pages/wireguard-vpn.md
index e32f32987..6eaf55160 100644
--- a/src/content/en/pages/wireguard-vpn.md
+++ b/src/content/en/pages/wireguard-vpn.md
@@ -1,7 +1,10 @@
 ---
 title: WireGuard VPN protocol for privacy - start using with IVPN
 description: WireGuard is a revolutionary VPN protocol that promises better security and faster speeds compared to existing solutions. IVPN offers WireGuard in our Windows, macOS, Linux, Android and iOS apps. Get set up and running with WireGuard VPN in two minutes.
-url: /wireguard/
+url: /en/wireguard/
+aliases: ['/wireguard/']
+params:
+  translated: true
 ---
 # WireGuard<sup>®</sup> VPN
 
diff --git a/src/content/es/pages/wireguard-vpn.md b/src/content/es/pages/wireguard-vpn.md
new file mode 100644
index 000000000..21447a9fb
--- /dev/null
+++ b/src/content/es/pages/wireguard-vpn.md
@@ -0,0 +1,87 @@
+---
+title: Protocolo WireGuard VPN para privacidad - comienza a usarlo con IVPN
+description: WireGuard es un protocolo VPN revolucionario que promete mayor seguridad y velocidades más rápidas en comparación con las soluciones existentes. IVPN ofrece WireGuard en nuestras aplicaciones de Windows, macOS, Linux, Android e iOS. Configure y ejecute WireGuard VPN en dos minutos.
+url: /es/wireguard/
+params:
+  translated: true
+---
+# WireGuard<sup>®</sup> VPN
+
+[WireGuard](https://www.wireguard.com/) es un protocolo VPN revolucionario que utiliza criptografía de última generación prometiendo mayor seguridad y velocidades más rápidas en comparación con las soluciones existentes. Consulte la [página del protocolo WireGuard](https://www.wireguard.com/) para obtener una descripción general rápida del protocolo y la criptografía. Para una discusión en profundidad, revise el [documento técnico](https://www.wireguard.com/papers/wireguard.pdf).
+
+## IVPN + WireGuard
+
+Desde su fusión con Linux Kernel v5.6, el lanzamiento de WireGuard 1.0 y una auditoría de seguridad de terceros, consideramos que el protocolo está listo para un uso a gran escala. Creemos que WireGuard es el mejor protocolo para la mayoría de los clientes debido a su rendimiento excepcional, propiedades de seguridad, capacidad de itinerancia entre direcciones IP sin pérdida de paquetes ni desconexiones y conexión/desconexión instantánea.
+
+Sin embargo, WireGuard® no fue diseñado pensando en los proveedores de VPN de privacidad. Además, deja ciertos aspectos (por ejemplo, asignación de dirección IP, distribución de claves, etc.) a la responsabilidad del implementador. Como resultado, existen algunos problemas de privacidad que todos los proveedores de VPN responsables deben resolver. Estos problemas no representan de ninguna manera una debilidad del protocolo WireGuard en sí, son simplemente aspectos que los diseñadores del protocolo omitieron intencionalmente. Hemos identificado e implementado las siguientes soluciones en la red IVPN.
+
+<span class="badge">Asunto</span>
+
+#### La dirección IP pública del par se almacena en la memoria indefinidamente
+
+Hemos implementado un servicio de administración de claves en todos los servidores que escanea la lista de pares cuyo último enlace de conexión es > 180 segundos y elimina/restablece su configuración..
+
+<span class="badge">Asunto</span>
+
+#### No hay mecanismo para la asignación o rotación de direcciones IP del túnel
+
+Las aplicaciones IVPN llaman al backend de forma automática y transparente cada 24 horas para generar una nueva dirección IP aleatoria y distribuirla a todos los servidores.
+
+<span class="badge">Asunto</span>
+
+#### Sin secreto previo que oculte la identidad
+
+Las aplicaciones IVPN regeneran de forma automática y transparente un nuevo par de claves cada 24 horas y cargan la clave pública al backend para distribuirla a todos los servidores. 
+
+## WireGuard  FAQ
+
+#### ¿Cómo puedo utilizar WireGuard?
+
+* [Configura tu propio servidor WireGuard](https://www.wireguard.com/quickstart/) y conéctate usando una de las aplicaciones cliente oficiales.
+* Suscríbete a un proveedor de VPN que admita WireGuard. Si bien IVPN no es el único servicio que ofrece WireGuard, fuimos [los primeros en adoptarlo](/blog/introducing-wireguard-fully-automated/) y tener una experiencia significativa dándole soporte.
+
+#### ¿Qué sistemas operativos admite WireGuard?
+
+WireGuard es compatible con todos los principales sistemas operativos. La compatibilidad con WireGuard está integrada en las aplicaciones de IVPN para Windows, macOS, Linux, Android e iOS.
+
+#### ¿Qué criptografía se utiliza en WireGuard?
+
+WireGuard utiliza los siguientes protocolos y primitivas:
+
+* [ChaCha20](http://cr.yp.to/chacha.html) para cifrado simétrico, autentificado con [Poly1305](http://cr.yp.to/mac.html), usando [construcción AEAD del RFC7539](https://tools.ietf.org/html/rfc7539)
+* [Curve25519](http://cr.yp.to/ecdh.html) para ECDH
+* [BLAKE2s](https://blake2.net/) para hash y hash con clave, como se describe en [RFC7693](https://tools.ietf.org/html/rfc7693)
+* [SipHash](http://cr.yp.to/siphash/siphash-20120918.pdf) para claves de tabla hash
+* [HKDF](https://eprint.iacr.org/2010/264) para la derivación de claves, como se describe en [RFC5869](https://tools.ietf.org/html/rfc5869)
+* [Noise_IK handshake](https://www.wireguard.com/protocol/#key-exchange-and-data-packets) de [Noise](http://noiseprotocol.org/noise.pdf), basándose en el trabajo de [CurveCP](http://www.curvecp.org/), [NaCL](http://cr.yp.to/highspeed/naclcrypto-20090310.pdf), [KEA+](http://research.microsoft.com/en-us/um/people/klauter/security_of_kea_ake_protocol.pdf), [SIGMA](http://webee.technion.ac.il/~hugo/sigma-pdf.pdf), [FHMQV](https://eprint.iacr.org/2009/408.pdf), and [HOMQV](https://eprint.iacr.org/2010/638.pdf)
+* Todos los paquetes se envían a través de UDP.
+
+#### ¿Dónde tienes los servidores WireGuard?
+
+Ofrecemos servidores WireGuard en 45 ubicaciones en 32 países. Revisa la lista completa de servidores en nuestra[página de estado de servidores](/status/).
+
+#### Soy suscriptor de IVPN. ¿Necesito registrarme en WireGuard?
+
+WireGuard está disponible y listo para su uso para todos los clientes de IVPN existentes. No es necesario registrarse por separado.
+
+#### ¿Ofrecen todas las funciones de IVPN para WireGuard?
+
+Admitimos las mismas funciones de seguridad y privacidad que con OpenVPN, por ejemplo, Firewall, Redes confiables, AntiTracker y Multi-hop.
+
+#### ¿Ofrecen soporte IPv6 para WireGuard?
+
+Si.
+
+#### ¿Qué puertos utilizas para WireGuard?
+
+Puertos UDP 53, 80, 443, 1194, 2049, 2050, 30587, 41893, 48574, 58237.
+
+#### ¿Necesito crear y agregar manualmente una clave pública en el Área de Cliente IVPN al agregar un nuevo dispositivo?
+
+No, cuando se utiliza la aplicación IVPN, las claves se generan automáticamente y la clave pública se carga en nuestro servidor en el momento en que selecciona el protocolo WireGuard en la aplicación.
+
+Si no está utilizando una aplicación IVPN, también puede generar y descargar archivos de configuración WireGuard en el [Área de cliente](/account/wireguard-config).
+
+#### ¿Qué servidor DNS se utiliza al conectarse con WireGuard?
+
+Alojamos nuestros propios servidores DNS sin registros que se envían y aplican automáticamente a su dispositivo cuando se conecta. Cuando está conectado, la dirección IP del servidor DNS es 172.16.0.1

From a21040f6e65a832aa0d6176c3a90201cd7662108 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Fri, 24 May 2024 11:52:26 +0100
Subject: [PATCH 41/98] Localisation: Added refunds page

---
 src/content/en/pages/refunds.md |  7 +++--
 src/content/es/pages/refunds.md | 51 +++++++++++++++++++++++++++++++++
 2 files changed, 56 insertions(+), 2 deletions(-)
 create mode 100644 src/content/es/pages/refunds.md

diff --git a/src/content/en/pages/refunds.md b/src/content/en/pages/refunds.md
index a307650ca..5b16744e3 100644
--- a/src/content/en/pages/refunds.md
+++ b/src/content/en/pages/refunds.md
@@ -1,6 +1,9 @@
 ---
 title: IVPN Refund Policy and Process
-url: /refunds/
+url: /en/refunds/
+aliases: ['/refunds/']
+params:
+  translated: true
 ---
 # Refunds
 
@@ -8,7 +11,7 @@ IVPN strives to meet the expectations of all users and offers unlimited support
 
 If you are unsatisfied for any reason, you can request **a full refund within 30 days** of your payment. This full refund offer is available **once per account and per customer**. 
 
-Below is the information you need to <a href="mailto:support@ivpn.net">email</a>, or submit via live chat to us for each payment method:
+Below is the information you need to <a href="mailto:support@ivpn.net">email</a> for each payment method:
 
 <h2>Credit Card</h2>
 
diff --git a/src/content/es/pages/refunds.md b/src/content/es/pages/refunds.md
new file mode 100644
index 000000000..5891e2577
--- /dev/null
+++ b/src/content/es/pages/refunds.md
@@ -0,0 +1,51 @@
+---
+title: Política y proceso de reembolso de IVPN
+url: /es/refunds/
+params:
+  translated: true
+---
+# Refunds
+
+IVPN se esfuerza por satisfacer las expectativas de todos los usuarios y ofrece soporte ilimitado para ayudar a los usuarios con cualquier problema que puedan encontrar.
+
+Si no estás satisfecho por algún motivo, puedes solicitar **un reembolso completo dentro de los 30 días** de su pago. Esta oferta de reembolso completo está disponible **una vez por cuenta y por cliente**.
+
+A continuación se muestra la información que necesitas enviarnos al <a href="mailto:support@ivpn.net">correo electrónico</a> para cada método de pago:
+
+<h2>Tarjeta de crédito</h2>
+
+- La referencia segura de tu cuenta IVPN (XXXXXXXX) o el ID de tu cuenta IVPN (i-XXXX-XXXX-XXXX / ivpnXXXXXXXX).
+
+Si no recuerdas los detalles de tu cuenta, proporciónanos los primeros 6 dígitos del número de tarjeta, los últimos 4 dígitos del número de tarjeta, la fecha del pago y el monto pagado.
+
+<h2>PayPal</h2>
+
+- La referencia segura de tu cuenta IVPN (XXXXXXXX) o el ID de tu cuenta IVPN (i-XXXX-XXXX-XXXX / ivpnXXXXXXXX).
+
+Si no recuerdas los detalles de tu cuenta, proporciónenos la dirección de correo electrónico de tu cuenta PayPal y el ID de transacción asociado con la compra.
+
+<h2>Bitcoin y Monero</h2>
+
+- La referencia segura de tu cuenta IVPN (XXXXXXXX) o el ID de tu cuenta IVPN (i-XXXX-XXXX-XXXX / ivpnXXXXXXXX).
+
+- Tu dirección de billetera Bitcoin/Monero para recibir el reembolso.
+
+Si no recuerdas los detalles de tu cuenta, proporciónanos el ID de la transacción de tu pago de Bitcoin o Monero, la fecha de pago y el monto pagado.
+
+Ten en cuenta: las compras de IVPN Light no son reembolsables.
+
+<h2>Compra desde la aplicación de Android</h2>
+
+- La referencia segura de tu cuenta IVPN (XXXXXXXX) o el ID de tu cuenta IVPN (i-XXXX-XXXX-XXXX / ivpnXXXXXXXX).
+
+- ID de transacción de <a href="https://support.google.com/googleplay/answer/2850369?hl=en" target='_blank'>Google Play Store</a> que comienza con `GPA.`.
+
+<h2>Compra desde la aplicación de iOS</h2>
+
+Apple reembolsa las compras de la App Store. Los detalles sobre cómo enviar el reclamo de reembolso a Apple se pueden encontrar <a href="https://support.apple.com/en-gb/HT204084" target="_blank">aquí</a>.
+
+<h2>Efectivo y vales</h2>
+
+Los pagos en efectivo y con cupones no son reembolsables.
+
+**Ten en cuenta**: No ofrecemos reembolsos prorrateados.

From ee6d5887a6d24df2cfebade0788b12a35d972e46 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Fri, 24 May 2024 12:08:46 +0100
Subject: [PATCH 42/98] Localisation: Added terms of service page

---
 src/content/en/pages/terms-of-service.md |  5 +-
 src/content/es/pages/terms-of-service.md | 65 ++++++++++++++++++++++++
 2 files changed, 69 insertions(+), 1 deletion(-)
 create mode 100644 src/content/es/pages/terms-of-service.md

diff --git a/src/content/en/pages/terms-of-service.md b/src/content/en/pages/terms-of-service.md
index 27a63d63d..1ae40d3e7 100644
--- a/src/content/en/pages/terms-of-service.md
+++ b/src/content/en/pages/terms-of-service.md
@@ -1,6 +1,9 @@
 ---
 title: IVPN Terms of Service
-url: /tos/
+url: /en/tos/
+aliases: ['/tos/']
+params:
+  translated: true
 layout:
 canonical:
 ---
diff --git a/src/content/es/pages/terms-of-service.md b/src/content/es/pages/terms-of-service.md
new file mode 100644
index 000000000..6f7119090
--- /dev/null
+++ b/src/content/es/pages/terms-of-service.md
@@ -0,0 +1,65 @@
+---
+title: Términos de servicio de IVPN
+url: /es/tos/
+params:
+  translated: true
+layout:
+canonical:
+---
+# Términos de servicio
+
+###### Última actualización: 21 de enero de 2021
+
+Estos son los términos de servicio que tú aceptas cuando te suscribes y/o utilizas los servicios de IVPN, operados por IVPN Limited.
+
+Ten en cuenta que en este acuerdo, el término "Tú" significa tú el "Suscriptor/Usuario", y el término "Nosotros" o "Nuestro" significa IVPN Limited, sus propietarios, empleados, agentes y cualquier otra persona involucrada con IVPN Limited.
+
+##### Como suscriptor de nuestros servicios, tú aceptas que:
+
+1. Tú no utilizarás nuestro servicio para piratear o atacar otras computadoras o redes en Internet.
+
+2. Tú no utilizarás nuestro servicio para escanear (por ejemplo, escanear puertos, ejecutar cazadores de proxy) otras computadoras o redes en Internet.
+
+3. Tú no utilizarás nuestro servicio para transmitir virus, gusanos, troyanos, etc. a otras computadoras o redes en Internet.
+
+4. Tú no utilizarás nuestro servicio para atacar nuestros servidores y recursos de ninguna manera.
+
+5. Tú no utilizarás nuestro servicio para recibir y distribuir materiales pirateados con derechos de autor. Esto incluye, entre otras, las siguientes actividades: comercialización, venta, trueque, intercambio, transmisión o recepción de dichos materiales.
+
+6. Tú no utilizarás nuestro servicio para enviar datos no solicitados de ninguna forma. Esto incluye, entre otros, lo siguiente: envío de correos electrónicos no solicitados (es decir, correos electrónicos no deseados), correos electrónicos de odio, correos electrónicos de marketing masivo, mensajes instantáneos no solicitados y SMS no solicitados.
+
+7. Tú no utilizarás nuestros servicios para participar en ningún tipo de actividad de pornografía infantil. Esto incluye, entre otros, lo siguiente: Comercio, trueque, venta, transmisión o recepción de dicho material.
+
+8. Tú no utilizarás nuestro servicio para ningún tipo de actividades delictivas. Esto incluye, entre otros, lo siguiente: Participar en el uso de tarjetas de crédito robadas, cuentas bancarias robadas, tarjetas de débito robadas, tarjetas de crédito robadas, cuentas de pago en línea robadas (por ejemplo, PayPal).
+
+9. Tú no utilizarás nuestro servicio para enviar correos electrónicos de phishing o robo de identidad.
+
+10. Tú no promoverás ni alentarás actividades criminales o terroristas de ningún tipo.
+
+11. Tú no utilizará nuestros servicios para amenazar o acosar a otros.
+
+12. Tú no ejecutarás programas que consuman muchos recursos y que interfieran con el uso de nuestros servicios por parte de nuestros usuarios.
+
+13. Tú no compartirás tu cuenta con otros. Tú serás responsable de todas las actividades relacionadas con tu cuenta.
+
+14. Tú aceptas no pagar el servicio con una tarjeta de crédito robada.
+
+15. Tú no revenderás ni intentarás revender cuentas o servicios de IVPN a ningún individuo o entidad para su uso o reventa posterior sin el permiso expreso por escrito de IVPN Limited.
+
+16. El servicio que se le ofrece se proporciona "tal cual", sin garantía de ningún tipo. No somos responsables de ningún inconveniente directo, indirecto, consecuente o de cualquier daño o pérdida de ganancias que pueda surgir del uso de nuestros servicios.
+
+17. No podemos garantizar ni garantizamos la velocidad de nuestro servicio. Tampoco podemos garantizar ni garantizamos que tendrá un servicio ininterrumpido. No somos responsables de ningún inconveniente directo, indirecto, consecuente o de cualquier daño o pérdida de ganancias que pueda surgir del uso de nuestros servicios.
+
+18. No somos responsables de ninguna forma por daños de ningún tipo (realizados o no realizados) que resulten del uso de, o a través del uso, o que surjan del uso o la imposibilidad de usar el servicio IVPN perteneciente a cualquier registrado. usuario.
+
+19. En cualquier caso, IVPN nunca será responsable de ningún daño monetario más allá de lo que el usuario pagó a IVPN y esto no incluirá costos judiciales ni honorarios de abogados, independientemente de cualquier estatuto o ley que pueda interpretarse de otra manera.
+
+20. Nos reservamos el derecho de realizar enmiendas o modificaciones a nuestro Acuerdo de Términos de uso. Si realizamos cambios que sean materiales, tomaremos todas las medidas razonables para garantizar que se le informen sobre los cambios, publicándolos de manera destacada en el sitio web de IVPN y enviándolos por correo electrónico a nuestros clientes existentes. El aviso designará un período de tiempo razonable después del cual los nuevos términos entrarán en vigor. Si no está de acuerdo con nuestros cambios, debe dejar de utilizar el servicio IVPN dentro del período de notificación designado. Su uso continuado del servicio IVPN estará sujeto a los nuevos términos. Sin embargo, cualquier disputa que surgiera antes de los cambios se regirá por los términos que estaban vigentes cuando surgió la disputa.
+
+Este es nuestro acuerdo vinculante cuando aceptas estos términos de servicio.
+
+El objetivo principal de nuestro servicio es proteger tu privacidad. No toleramos ni promovemos en absoluto actividades delictivas de ningún tipo.
+
+Si violas alguno de nuestros términos, nos reservamos el derecho de cancelar tu servicio sin previo aviso o notificación. No se otorgarán reembolsos ni créditos.
+
+Si tienes alguna pregunta sobre esta política, [contáctanos](/contactus/).

From 32c744575a86cba8cb7546e390650b451cf600e1 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Fri, 24 May 2024 12:16:00 +0100
Subject: [PATCH 43/98] Localisation: Added terms of service page

---
 src/config/_default/menus/menus.en.toml | 4 ++--
 src/config/_default/menus/menus.es.toml | 4 ++--
 src/content/es/pages/refunds.md         | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/config/_default/menus/menus.en.toml b/src/config/_default/menus/menus.en.toml
index 329ba4681..2e808bf7a 100644
--- a/src/config/_default/menus/menus.en.toml
+++ b/src/config/_default/menus/menus.en.toml
@@ -128,7 +128,7 @@
   [[footercolthree]]
     identifier = "tos"
     name = "Terms of Service"
-    url = "/tos/"
+    url = "/en/tos/"
     weight = 30
 
   [[footercolthree]]
@@ -140,7 +140,7 @@
   [[footercolthree]]
     identifier = "refund-policy"
     name = "Refund Policy"
-    url = "/refunds/"
+    url = "/en/refunds/"
     weight = 60
 
   [[footercolfour]]
diff --git a/src/config/_default/menus/menus.es.toml b/src/config/_default/menus/menus.es.toml
index 18036b254..a4e572353 100644
--- a/src/config/_default/menus/menus.es.toml
+++ b/src/config/_default/menus/menus.es.toml
@@ -128,7 +128,7 @@
   [[footercolthree]]
     identifier = "tos"
     name = "Terms of Service"
-    url = "/tos/"
+    url = "/es/tos/"
     weight = 30
 
   [[footercolthree]]
@@ -140,7 +140,7 @@
   [[footercolthree]]
     identifier = "refund-policy"
     name = "Refund Policy"
-    url = "/refunds/"
+    url = "/es/refunds/"
     weight = 60
 
   [[footercolfour]]
diff --git a/src/content/es/pages/refunds.md b/src/content/es/pages/refunds.md
index 5891e2577..a4539d631 100644
--- a/src/content/es/pages/refunds.md
+++ b/src/content/es/pages/refunds.md
@@ -4,7 +4,7 @@ url: /es/refunds/
 params:
   translated: true
 ---
-# Refunds
+# Reembolsos
 
 IVPN se esfuerza por satisfacer las expectativas de todos los usuarios y ofrece soporte ilimitado para ayudar a los usuarios con cualquier problema que puedan encontrar.
 

From 0b55d2469dc71543c3ffed708b5b70ab9f70b027 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Fri, 24 May 2024 12:37:40 +0100
Subject: [PATCH 44/98] Localisation: Added apps-android page

---
 src/content/en/pages/apps-android.md     |  5 +-
 src/content/es/pages/apps-android.md     | 64 ++++++++++++++++++++++++
 src/content/es/pages/terms-of-service.md |  2 +-
 3 files changed, 69 insertions(+), 2 deletions(-)
 create mode 100644 src/content/es/pages/apps-android.md

diff --git a/src/content/en/pages/apps-android.md b/src/content/en/pages/apps-android.md
index 729bd47f3..35cc29a1e 100644
--- a/src/content/en/pages/apps-android.md
+++ b/src/content/en/pages/apps-android.md
@@ -3,7 +3,10 @@ title: IVPN for Android - Open-source VPN app for your Android
 description: The IVPN app for Android offers you comprehensive privacy leak protection with the IVPN firewall, automatic connection on insecure Wi-Fi and Multi-hop.
 h1: IVPN for Android
 subtitle: Supports Android 5.0+
-url: /apps-android/
+url: /en/apps-android/
+aliases: ['/apps-android/']
+params:
+  translated: true
 platform: android
 layout: apps
 image: apps/android-app
diff --git a/src/content/es/pages/apps-android.md b/src/content/es/pages/apps-android.md
new file mode 100644
index 000000000..5a15c7dd0
--- /dev/null
+++ b/src/content/es/pages/apps-android.md
@@ -0,0 +1,64 @@
+---
+title: IVPN para Android - aplicación VPN de código abierto para Android
+description: La aplicación IVPN para Android te ofrece una protección integral contra fugas de privacidad con el firewall IVPN, conexión automática en Wi-Fi inseguro y Multi-hop.
+h1: IVPN para Android
+subtitle: Soporta Android 5.0+
+url: /es/apps-android/
+params:
+  translated: true
+platform: android
+layout: apps
+image: apps/android-app
+releases: [{
+    cta: Download,
+    downloads: [
+        {
+            cta: Google Play,
+            url: "https://play.google.com/store/apps/details?id=net.ivpn.client"
+        },
+        {
+            cta: F-Droid,
+            url: https://f-droid.org/en/packages/net.ivpn.client/
+        },
+        {
+            cta: Accrescent,
+            url: https://accrescent.app/app/net.ivpn.client
+        },
+        {
+            cta: .APK file,
+            url: https://www.ivpn.net/releases/android/IVPNv2.10.7site.apk
+        }
+    ],
+    github: https://github.com/ivpn/android-app,
+    changelog: https://github.com/ivpn/android-app/blob/main/CHANGELOG.md,
+    checksum: [
+        {
+            title: .apk SHA256,
+            value: e091ee87d73eda39036854ca02be2c0451502730043fe39a8242403124965ceb
+        },
+        {
+            title: .apk sign cert SHA256,
+            value: 88a6b40fc97fdc842f231f50eb12de116f5b759e3c5b38aaccaf6a7b393c85bb
+        }
+    ]
+}]
+---
+## Funciones
+
+- Protocolos WireGuard y OpenVPN.
+- Controles de privacidad de WireGuard: define un programa de rotación automática de claves y direcciones IP.
+- AntiTracker que bloquea anuncios, software publicitario, sitios web maliciosos y rastreadores de recolección de datos.
+- Capacidad para definir redes Wi-Fi confiables y crear reglas para la conexión/desconexión automática de VPN.
+- Túnel dividido para permitir que algunas aplicaciones omitan la VPN.
+- Rutas VPN de múltiples saltos. Conéctate a través de múltiples servidores en jurisdicciones separadas para mejorar la privacidad.
+- Servidores DNS personalizados, DoT a través de DNS privado nativo de Android.
+- Ubicación simulada para GPS.
+- Protección contra Tapjacking.
+
+## Configuración manual
+
+Si prefiere no utilizar la aplicación IVPN, siga la guía de configuración correspondiente a continuación.
+
+- [WireGuard](/setup/android-wireguard/)
+- [OpenVPN for Android](/setup/android-openvpn-for-android/)  
+- [IPSec with IKEv2](/setup/android-ipsec-with-ikev2/)  
diff --git a/src/content/es/pages/terms-of-service.md b/src/content/es/pages/terms-of-service.md
index 6f7119090..cafed28ba 100644
--- a/src/content/es/pages/terms-of-service.md
+++ b/src/content/es/pages/terms-of-service.md
@@ -28,7 +28,7 @@ Ten en cuenta que en este acuerdo, el término "Tú" significa tú el "Suscripto
 
 6. Tú no utilizarás nuestro servicio para enviar datos no solicitados de ninguna forma. Esto incluye, entre otros, lo siguiente: envío de correos electrónicos no solicitados (es decir, correos electrónicos no deseados), correos electrónicos de odio, correos electrónicos de marketing masivo, mensajes instantáneos no solicitados y SMS no solicitados.
 
-7. Tú no utilizarás nuestros servicios para participar en ningún tipo de actividad de pornografía infantil. Esto incluye, entre otros, lo siguiente: Comercio, trueque, venta, transmisión o recepción de dicho material.
+7. Tú no utilizarás nuestros servicios para participar en ningún tipo de actividad de pornografía infantil. Esto incluye, entre otros, lo siguiente: comercio, trueque, venta, transmisión o recepción de dicho material.
 
 8. Tú no utilizarás nuestro servicio para ningún tipo de actividades delictivas. Esto incluye, entre otros, lo siguiente: Participar en el uso de tarjetas de crédito robadas, cuentas bancarias robadas, tarjetas de débito robadas, tarjetas de crédito robadas, cuentas de pago en línea robadas (por ejemplo, PayPal).
 

From 1be1e3a0f94cec089911694338abac1cbcfd6e6a Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Sun, 26 May 2024 21:31:38 +0100
Subject: [PATCH 45/98] Localisation: Added servers page

---
 src/content/en/pages/servers.md               |  5 ++-
 src/content/es/pages/servers.md               |  7 ++++
 src/i18n/en.toml                              |  2 -
 src/themes/ivpn-v3/assets/js/app.js           |  5 +++
 .../assets/js/components/ServerList.vue       | 40 +++++++++----------
 src/themes/ivpn-v3/assets/js/servers.js       | 13 ++++++
 src/themes/ivpn-v3/locales/en.json            | 28 +++++++++++++
 src/themes/ivpn-v3/locales/es.json            | 28 +++++++++++++
 8 files changed, 105 insertions(+), 23 deletions(-)
 create mode 100644 src/content/es/pages/servers.md
 delete mode 100644 src/i18n/en.toml
 create mode 100644 src/themes/ivpn-v3/locales/en.json
 create mode 100644 src/themes/ivpn-v3/locales/es.json

diff --git a/src/content/en/pages/servers.md b/src/content/en/pages/servers.md
index cd0f849c7..56dacb686 100644
--- a/src/content/en/pages/servers.md
+++ b/src/content/en/pages/servers.md
@@ -1,5 +1,8 @@
 ---
 title: IVPN Server Status
-url: /status/
+url: /en/status/
+aliases: ['/status/']
+params:
+  translated: true
 layout: servers
 ---
diff --git a/src/content/es/pages/servers.md b/src/content/es/pages/servers.md
new file mode 100644
index 000000000..8b0612684
--- /dev/null
+++ b/src/content/es/pages/servers.md
@@ -0,0 +1,7 @@
+---
+title: Estado servidores IVPN
+url: /es/status/
+params:
+  translated: true
+layout: servers
+---
diff --git a/src/i18n/en.toml b/src/i18n/en.toml
deleted file mode 100644
index 35c4214e5..000000000
--- a/src/i18n/en.toml
+++ /dev/null
@@ -1,2 +0,0 @@
-[home]
-other = "Home"
diff --git a/src/themes/ivpn-v3/assets/js/app.js b/src/themes/ivpn-v3/assets/js/app.js
index 26201c607..c2b9e91d3 100644
--- a/src/themes/ivpn-v3/assets/js/app.js
+++ b/src/themes/ivpn-v3/assets/js/app.js
@@ -6,6 +6,10 @@ import store from './store'
 
 import { format } from 'date-fns'
 import { mapState } from 'vuex'
+import { createI18n } from 'vue-i18n'
+
+const i18n = createI18n({
+})
 
 let products = {
     standard: {
@@ -98,4 +102,5 @@ app.config.globalProperties.$filters = {
 app.config.productionTip = false
 app.use(store)
 app.use(router)
+app.use(i18n)
 app.mount('#application')
diff --git a/src/themes/ivpn-v3/assets/js/components/ServerList.vue b/src/themes/ivpn-v3/assets/js/components/ServerList.vue
index 483c3d67e..83d1c2cd9 100644
--- a/src/themes/ivpn-v3/assets/js/components/ServerList.vue
+++ b/src/themes/ivpn-v3/assets/js/components/ServerList.vue
@@ -1,7 +1,7 @@
 <template>
     <div class="servers">
         <div class="servers__heading">
-            <h1>IVPN Servers</h1>
+            <h1>{{ $t('servers.title') }}</h1>
         </div>
         <div class="servers__list">
             <div class="row row__filter">
@@ -14,7 +14,7 @@
                 <div class="col country active">
                     <form class="select">
                         <select name="country" @change="onChangeFilter($event)" data-filter="country" ref="countryFilter">
-                            <option value="">Country: Any</option>
+                            <option value="">{{ $t('servers.country') }}: {{ $t('servers.any') }}</option>
                             <option v-for="country in countries" :value="country" :key="country">{{ country }}</option>
                         </select>
                         <i></i>
@@ -23,7 +23,7 @@
                 <div class="col city">
                     <form class="select">
                         <select name="city" @change="onChangeFilter($event)" data-filter="city" ref="cityFilter">
-                            <option value="">City: Any</option>
+                            <option value="">{{ $t('servers.city') }}: {{ $t('servers.any') }}</option>
                             <option v-for="city in cities" :value="city" :key="city">{{ city }}</option>
                         </select>
                         <i></i>
@@ -32,7 +32,7 @@
                 <div class="col provider">
                     <form class="select">
                         <select name="provider" @change="onChangeFilter($event)" data-filter="isp" ref="providerFilter">
-                            <option value="">Provider: Any</option>
+                            <option value="">{{ $t('servers.provider') }}: {{ $t('servers.any') }}</option>
                             <option v-for="provider in providers" :value="provider" :key="provider">{{ provider }}</option>
                         </select>
                         <i></i>
@@ -40,24 +40,24 @@
                 </div>
                 <div class="col load">&nbsp;</div>
                 <div class="col action">
-                    <a @click="resetFilter">Reset</a>
+                    <a @click="resetFilter">{{ $t('servers.reset') }}</a>
                 </div>
             </div>
             <header class="row row__header">
                 <div class="col server">
-                    <a @click="sortBy" data-sort="gateway">SERVER<i></i></a>
+                    <a @click="sortBy" data-sort="gateway">{{ $t('servers.server') }}<i></i></a>
                 </div>
                 <div class="col country active">
-                    <a @click="sortBy" data-sort="country">COUNTRY<i></i></a>
+                    <a @click="sortBy" data-sort="country">{{ $t('servers.table.country') }}<i></i></a>
                 </div>
                 <div class="col city">
-                    <a @click="sortBy" data-sort="city">CITY<i></i></a>
+                    <a @click="sortBy" data-sort="city">{{ $t('servers.table.city') }}<i></i></a>
                 </div>
                 <div class="col provider">
-                    <a @click="sortBy" data-sort="isp">PROVIDER<i></i></a>
+                    <a @click="sortBy" data-sort="isp">{{ $t('servers.table.provider') }}<i></i></a>
                 </div>
                 <div class="col load">
-                    <a @click="sortBy" data-sort="load">LOAD<i></i></a>
+                    <a @click="sortBy" data-sort="load">{{ $t('servers.table.load') }}<i></i></a>
                 </div>
                 <div class="col action">&nbsp;</div>
             </header>
@@ -103,7 +103,7 @@
                             {{ server.country }}, {{ server.city }}
                         </div>
                         <div class="provider">
-                            {{ server.isp }}, Load: {{ (Math.round(server.load * 100) / 100).toFixed(2) }}%
+                            {{ server.isp }}, {{ $t('servers.table.load') }}: {{ (Math.round(server.load * 100) / 100).toFixed(2) }}%
                         </div>
                     </div>
                     <div class="col action">
@@ -113,39 +113,39 @@
                     </div>
                     <div class="col details">
                         <div>
-                            <em>WireGuard Public Key:</em>
+                            <em>{{ $t('servers.details.wireguard') }}:</em>
                             {{ server.wg_public_key || "N/A" }}
                         </div>
                         <div>
-                            <em>MultiHop Port:</em>
+                            <em>{{ $t('servers.details.multihop') }}:</em>
                             {{ server.multihop_port || "N/A" }}
                         </div>
                         <div v-if="server.obfs.obfs3_multihop_port">
-                            <em>OBFS3 SingleHop Port:</em>
+                            <em>{{ $t('servers.details.obfs3single') }}:</em>
                             {{ config.ports.obfs3.port }}
                         </div>
                         <div v-if="server.obfs.obfs3_multihop_port">
-                            <em>OBFS3 MultiHop Port:</em>
+                            <em>{{ $t('servers.details.obfs3multi') }}:</em>
                             {{ server.obfs.obfs3_multihop_port }}
                         </div>
                         <div v-if="server.obfs.obfs4_multihop_port">
-                            <em>OBFS4 SingleHop Port:</em>
+                            <em>{{ $t('servers.details.obfs4single') }}:</em>
                             {{ config.ports.obfs4.port }}
                         </div>
                         <div v-if="server.obfs.obfs4_multihop_port">
-                            <em>OBFS4 MultiHop Port:</em>
+                            <em>{{ $t('servers.details.obfs4multi') }}:</em>
                             {{ server.obfs.obfs4_multihop_port }}
                         </div>
                         <div v-if="server.obfs.obfs4_key">
-                            <em>OBFS4 Public Key:</em>
+                            <em>{{ $t('servers.details.obfs4key') }}:</em>
                             {{ server.obfs.obfs4_key }}
                         </div>
                         <div>
-                            <em>SOCKS5:</em>
+                            <em>{{ $t('servers.details.socks5') }}:</em>
                             {{ renderSocks5(server) }}
                         </div>
                         <div>
-                            <em>SOCKS5 Port:</em>
+                            <em>{{ $t('servers.details.socks5port') }}:</em>
                             1080
                         </div>
                         <!-- <div>
diff --git a/src/themes/ivpn-v3/assets/js/servers.js b/src/themes/ivpn-v3/assets/js/servers.js
index 3ce9849bd..0757ce78b 100644
--- a/src/themes/ivpn-v3/assets/js/servers.js
+++ b/src/themes/ivpn-v3/assets/js/servers.js
@@ -1,5 +1,18 @@
 import { createApp } from 'vue'
 import ServerList from './components/ServerList'
+import { createI18n } from 'vue-i18n'
+import en from '../../locales/en.json'
+import es from '../../locales/es.json'
+
+const i18n = createI18n({
+    locale: 'en',
+    fallbackLocale: 'en',
+    messages: {
+      en: en,
+      es: es
+    }
+  })
 
 const app = createApp(ServerList)
+app.use(i18n)
 app.mount('#servers')
diff --git a/src/themes/ivpn-v3/locales/en.json b/src/themes/ivpn-v3/locales/en.json
new file mode 100644
index 000000000..dd23389a8
--- /dev/null
+++ b/src/themes/ivpn-v3/locales/en.json
@@ -0,0 +1,28 @@
+{
+    "servers": {
+        "title": "IVPN Servers",
+        "country": "Country",
+        "any": "Any",
+        "city": "City",
+        "provider": "Provider",
+        "reset": "Reset",
+        "server": "Server",
+        "table": {
+            "country": "COUNMTRY",
+            "city": "CITY",
+            "provider": "PROVIDER",
+            "load": "LOAD"
+        },
+        "details": {
+            "wireguard": "WireGuard Public Key",
+            "multihop": "MultiHop Port",
+            "obfs3single": "OBFS3 SingleHop Port",
+            "obfs3multi": "OBFS3 MultiHop Port",
+            "obfs4single": "OBFS4 SingleHop Port",
+            "obfs4multi": "OBFS4 MultiHop Port",
+            "obfs4key": "OBFS4 MultiHop Port",
+            "socks5": "SOCKS5",
+            "socks5port": "SOCKS5 Port"
+        }
+    }
+}
\ No newline at end of file
diff --git a/src/themes/ivpn-v3/locales/es.json b/src/themes/ivpn-v3/locales/es.json
new file mode 100644
index 000000000..6eefe9678
--- /dev/null
+++ b/src/themes/ivpn-v3/locales/es.json
@@ -0,0 +1,28 @@
+{
+    "servers": {
+        "title": "Servidores IVPN",
+        "country": "pais",
+        "any": "Cualquiera",
+        "city": "Ciudad",
+        "provider": "Proveedor",
+        "reset": "Reiniciar",
+        "server": "Servidor",
+        "table": {
+            "country": "PAIS",
+            "city": "CIUDAD",
+            "provider": "PROVEEDOR",
+            "load": "CARGA"
+        },
+        "details": {
+            "wireguard": "Llave pública WireGuard ",
+            "multihop": "Puerto MultiHop",
+            "obfs3single": "Puerto OBFS3 SingleHop",
+            "obfs3multi": "Puerto OBFS3 MultiHop",
+            "obfs4single": "Puerto OBFS4 SingleHop",
+            "obfs4multi": "Puerto OBFS4 MultiHop",
+            "obfs4key": "Puerto OBFS4 MultiHop",
+            "socks5": "SOCKS5",
+            "socks5port": "Puerto SOCKS5"
+        }
+    }
+}
\ No newline at end of file

From 3c8c51c980c6786a3f3f6658779b78df8ce61942 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Mon, 27 May 2024 10:49:48 +0200
Subject: [PATCH 46/98] Update privacy-policy.md

---
 src/content/en/pages/privacy-policy.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/content/en/pages/privacy-policy.md b/src/content/en/pages/privacy-policy.md
index 88a3a35f3..2ef7e4cf0 100644
--- a/src/content/en/pages/privacy-policy.md
+++ b/src/content/en/pages/privacy-policy.md
@@ -1,7 +1,10 @@
 ---
 title: IVPN Privacy Policy
 description: Its important our customers fully understand what private information we collect, store and process. Read our clear and simple policy to get the facts you need.
-url: /privacy/
+url: /en//privacy/
+aliases: ['/privacy/']
+params:
+  translated: true
 layout:
 canonical:
 ---

From 9d5c9f5eede0aed54863da02040826858fca83b6 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Mon, 27 May 2024 10:50:26 +0200
Subject: [PATCH 47/98] Add files via upload

---
 src/content/es/pages/privacy-policy.md | 225 +++++++++++++++++++++++++
 1 file changed, 225 insertions(+)
 create mode 100644 src/content/es/pages/privacy-policy.md

diff --git a/src/content/es/pages/privacy-policy.md b/src/content/es/pages/privacy-policy.md
new file mode 100644
index 000000000..aec62002c
--- /dev/null
+++ b/src/content/es/pages/privacy-policy.md
@@ -0,0 +1,225 @@
+---
+title: Política de privacidad de IVPN
+description: Es importante que nuestros clientes comprendan plenamente qué información privada recopilamos, almacenamos y procesamos. Lee nuestra política clara y sencilla para obtener la información que necesitas.
+url: /es/privacy/
+params:
+  translated: true
+layout:
+canonical:
+---
+# Política de privacidad
+
+Estamos hechos para la privacidad. Internamente, sabemos lo qué esto significa; Utilizamos la privacidad como filtro para la toma de decisiones. Si es necesario elegir entre una práctica que profundiza en la privacidad de un usuario y otra que la disminuiría pero aceleraría nuestro crecimiento, siempre elegiremos la opción más lenta y privada. Si deseas obtener más información sobre los principios y creencias que impulsan nuestras decisiones, consulta nuestras páginas [equipo](/es/team/) y [ética](/es/ethics/).
+
+Nos damos cuenta de lo importante que es que nuestros clientes comprendan plenamente lo que
+entendemos por privacidad. Esta política brinda una descripción general de;
+
+* Qué queremos decir con "sin registros"
+
+* Qué información recopilamos, cómo se almacena y cómo se utiliza
+
+* ¿Qué sucede en el caso de que nos citen, recibamos una orden judicial o un aviso de infracción de derechos de autor de la DMCA?
+
+* Qué hacemos con la información relacionada con cuentas canceladas o inactivas
+
+* Cómo manejamos las solicitudes de acceso del sujeto
+
+Hemos hecho todo lo posible para que esta política sea lo más clara y legible posible para que puedas obtener la información que necesitas rápidamente.
+
+### Nuestro objetivo es cero información del usuario
+
+Como servicio de privacidad, creemos que es de vital importancia recopilar la información mínima necesaria para utilizar nuestro servicio. Muchas empresas requieren al menos una dirección de correo electrónico para presionar con  las renovaciones de suscripciones y permitir otras estrategias de crecimiento. Cuando te registras en IVPN, no se te pedirá ninguna información personal, como dirección de correo electrónico, nombre, etc. Tampoco registraremos ninguna información de identificación personal, como la Dirección IP. 
+
+Esto también significa que no tenemos forma de comunicarnos contigo en caso de tener problemas con la cuenta, inactividad de la red, etc. Si deseas proporcionarnos una dirección de correo electrónico para que podamos comunicarnos contigo sobre problemas futuros, opcionalmente puedes añadir una en el area del cliente después de registrarte.
+
+### ¿Qué datos no se registran?
+
+No registramos ningún dato relacionado con la actividad VPN de un usuario (mientras está conectado o conectándose a la VPN).
+
+* No registramos el tráfico
+
+* No registramos la fecha de conexión ni duración de la conexión
+
+* No registramos las peticiones de DNS
+
+* No registramos el ancho de banda del usuario
+
+* No registramos las direcciones IP de clientes
+
+* No registramos ninguna actividad de la cuenta, excepto las conexiones simultáneas totales activas (se explica a continuación) 
+
+### ¿Qué datos se registran al crear una cuenta?
+
+Cuando se crea una nueva cuenta, almacenamos los siguientes datos: (ten en cuenta que utilizamos nombres de campo simplificados y el siguiente formato para resaltar la información relevante)
+
+<div class="table-container-mobile">
+
+| ID | Creado en | Producto | Dispositivos máx |
+|---|---|---|---|
+| i-XXXX-XXXX-XXXX | 2020-09-21 05:03:13 | IVPN Pro | 7 |
+
+</div>
+
+### ¿Qué información se registra al realizar un pago con tarjeta de crédito, PayPal, efectivo, criptomoneda o código de cupón?
+
+Cuando añades tiempo a tu cuenta, se almacena la siguiente información:
+
+<div class="table-container-mobile">
+
+| ID de pago | ID de cuenta | Cantidad | Moneda | Fecha | ID de transacción |
+|---|---|---|---|---|---|
+| xxx | xxx | 100 | USD | 2020-10-2 14:01:11 | xxx |
+
+</div>
+
+Parte de la información de pago puede estar relacionada con tu cuenta; por ejemplo, si se utiliza PayPal, se asociará un ID de transacción de PayPal con tu cuenta, así como un ID de suscripción para crear una suscripción de PayPal. Si el pago se realiza utilizando nuestro servidor BTCPay, el ID de la transacción BTCPay se asociará con tu cuenta (ten en cuenta que utilizamos nuestro propio servidor BTCPay). Si añades tiempo con un código de cupón, se almacena en nuestro sistema y se asocia con tu ID de cuenta durante 30 días después canjearlo y luego se elimina. 
+
+Para pagos con tarjeta de crédito, utilizamos Braintree como nuestro procesador de pagos y almacenamos un ID de transacción de Braintree en tu cuenta. Si eliges habilitar la renovación automática de la suscripción, también se almacenará una identificación de suscripción.
+
+Estos son los datos que almacenamos para un pago con tarjeta de crédito:
+
+<div class="table-container-mobile">
+
+| ID de pago | ID de la cuenta | Cantidad | Moneda | Fecha |
+|---|---|---|---|---|---|
+| xxx | xxx | 100 | USD | 2018-10-2 14:01:11 |
+
+</div>
+
+Para procesar tu pago, Braintree y PayPal solicitarán información adicional. Braintree requiere la recopilación de los datos de tu tarjeta para procesar tu pago, y PayPal requerirá nombre, correo electrónico y dirección para crear una nueva cuenta de PayPal, así como la aceptación de sus términos de servicio. IVPN no almacena estos datos adicionales, aunque Braintree y PayPal están obligados a conservarlos durante muchos años. Ningún proveedor de pagos externo tiene acceso a tu ID de cuenta IVPN.
+
+En resumen, cuando podamos ofrecer métodos de pago anónimos, lo haremos y recopilaremos la menor cantidad de información posible para procesarlos. Sin embargo, los sistemas de pago centralizados o de terceros, y su procesamiento y almacenamiento de datos, están fuera de nuestro control.
+
+Seleccione pagos en efectivo o criptomonedas si esto te preocupa.
+
+### ¿Por qué se almacena la ID de transacción y ID de suscripción?
+
+Para poder procesar reembolsos de nuestra garantía de devolución de 30 días y resolver otros problemas de pago, así como permitir la renovación automática de la suscripción si esta fuese habilitada por el usuario.
+
+### ¿Qué información se registra cuando visito la página web de IVPN?
+
+IVPN ha seleccionado [Matomo](https://matomo.org) como su plataforma de análisis web. Los análisis web nos permiten comprender la interacción de nuestros usuarios con nuestra página web para comprender dónde se puede mejorar en términos de usabilidad, simplicidad y velocidad. También nos ayuda a comprender de dónde proceden los visitantes de nuestra página y a auditar estás páginas de referencia para garantizar que no hagan afirmaciones infundadas o exageradas.
+
+Matomo es un software de código abierto que se aloja en nuestra propia infraestructura de servidores para garantizar tu privacidad (a diferencia de plataformas como Google Analytics). Por ejemplo, el Centro para la Protección de la Privacidad de Datos de Francia (CNIL) recomendó Matomo como la única herramienta que puede garantizar fácilmente el pleno cumplimiento de las normas de privacidad. Matomo se utiliza para analizar información agregada sobre los visitantes de nuestra página web.
+
+Cuando tu navegador web carga una página en nuestro sitio, se ejecuta un pequeño fragmento de código JavaScript dentro de tu navegador que envía información como;
+
+* el agente de usuario de tu navegador
+
+* idioma
+
+* resolución de la pantalla
+
+* página web de referencia
+
+* Dirección IP
+
+Para garantizar tu privacidad, IVPN descarta los dos últimos octetos de la dirección IP. Matomo también puede establecer una cookie web para facilitar la identificación de los usuarios que vuelven a visitar el sitio.
+
+### ¿Dónde se almacenan mis datos y quién tiene acceso a ellos?
+
+IVPN está sujeto a la legislación de la UE y cumple con la Directiva de protección de datos de la UE (Directiva 95/46/CE), que prohíbe a las empresas transferir datos a jurisdicciones extranjeras con leyes de privacidad más débiles. IVPN no ubicará servidores en países donde se vea obligado a vulnerar este cumplimiento. Debido a la naturaleza de nuestras prácticas de registro, los servidores VPN no contienen ninguna información de identificación personal y por lo tanto, si son incautados, no podrían usarse para identificar a los usuarios.
+
+Ningún tercero tiene acceso a ninguno de tus datos. Siempre utilizamos herramientas propias o de terceros que podemos alojar en nuestros propios servidores en un entorno protegido y seguro.
+
+### ¿Cómo se limita la cantidad de dispositivos conectados?
+
+Los planes IVPN limitan el uso del servicio a una cantidad determinada de dispositivos. El servidor de autenticación mantiene un registro temporal de todos los ID de cuentas que tienen al menos un dispositivo conectado a una aplicación IVPN. Cuando un usuario inicia sesión en la aplicación IVPN, se agrega una entrada a la base de datos de la sesión del dispositivo que contiene lo siguiente:
+
+* un token único, que contiene una cadena alfanumérica de 16 caracteres utilizada para distinguir las entradas en la base de datos
+
+* la ID de cuenta correspondiente
+
+Cuando un cliente intenta iniciar sesión en una aplicación IVPN, se envía una solicitud a nuestros servidores de autenticación para verificar que la ID de cuenta especificada sea válida y tenga un plan activo asociado. Como siguiente paso, verificamos si la cantidad de tokens asociados con la identificación de la cuenta del cliente excede la cantidad permitida de dispositivos según el plan adquirido. Si la cantidad de tokens es igual a la cantidad permitida por su plan, se deniega el intento de autenticación.
+
+No almacenamos fechas ni ninguna información relacionada con el dispositivo que pueda usarse para identificarlo, como marca del producto, modelo, número IMEI, dirección MAC, etc. Las entradas de la base de datos de sesiones del dispositivo se eliminan permanentemente cuando el cliente cierra sesión de la aplicación IVPN, o cuando su cuenta es cancelada o eliminada. Si un adversario pudiera obtener acceso a estos datos, solo podría determinar qué ID de cuenta se había utilizado para iniciar sesión en al menos un dispositivo en ese momento y la cantidad de dispositivos conectados. Sin embargo, estos datos no proporcionan ninguna información útil sobre conexiones VPN pasadas o presentes iniciadas por el usuario de la cuenta.
+
+
+### ¿Cómo se limitan las conexiones simultáneas?
+
+Para autenticar a los clientes, nuestros servidores VPN envían una solicitud a un servidor de autenticación central, que contiene el ID de la cuenta del cliente. El servidor de autenticación mantiene un registro temporal de todos los ID de los clientes conectados. Cuando un cliente se conecta a un servidor VPN, el servidor de autenticación verifica cuántos registros de autenticación activos ya hay en la tabla para el ID de la cuenta; si excede el número permitido de conexiones simultáneas, se deniega la autenticación. Cuando un usuario se desconecta, el registro relevante se elimina permanentemente. Si un adversario pudiera obtener acceso a estos datos, solo podría determinar qué ID de cuenta estaba conectada a la red VPN en ese momento exacto.
+
+Como estos datos solo se almacenan durante la sesión de VPN, si alguien solicita saber cuántas conexiones se realizaron en un momento específico en el pasado, no podremos saberlo porque no los almacenamos.
+
+### ¿Qué información se almacena para la administración del dispositivo?
+
+La gestión de dispositivos es una función opcional (deshabilitada de manera predeterminada) que ayuda a los clientes a revisar y eliminar dispositivos que están autenticados para usar el servicio IVPN.
+
+Cuando se activa la gestión de dispositivos, se agrega un campo adicional para el nombre del dispositivo a la tabla de registro temporal que ayuda a limitar la cantidad de dispositivos conectados.
+IVPN asigna nombres de dispositivos en una secuencia específica (A-B-C-D-E-F-G) de una lista predefinida de siete nombres. Si se cierra la sesión de un dispositivo, su nombre pasa a estar disponible como siguiente opción para futuras asignaciones. Por ejemplo, si un cliente con siete dispositivos autenticados elimina el dispositivo F, D y luego C, la nueva secuencia se convierte en A-B-E-G-F-D-C, lo que hace que los últimos tres nombres estén disponibles para nuevos dispositivos.
+
+Esta uso de nomenclatura garantiza que los nombres de los dispositivos no se puedan utilizar para identificar tu cuenta en caso de que un adversario pudiera obtener acceso a estos datos específicos.
+
+
+### ¿Qué información se conserva cuando dejo de utilizar el servicio?
+Cuando se cancela una cuenta VPN en nuestra red debido a la finalización de la suscripción, falta de pago o por cualquier otro motivo, todos los datos asociados con esa cuenta VPN, incluida la cuenta misma (con la excepción de los datos contables a continuación) se eliminan automáticamente después de 90 días. Una vez eliminada la cuenta, los datos contables restantes que aparecen a continuación no tienen ningún vínculo con ningún ID de cuenta anterior. Si deseas eliminar tus datos inmediatamente, simplemente haz clic en el botón 'eliminar cuenta' dentro del área de cliente.
+
+<div class="table-container-mobile">
+
+| Fecha de pago | Cantidad | Método de pago | ID de transacción | ID de suscripción |
+|---|---|---|---|---|
+| 2020-01-24 | $100 | Paypal | XXX | XXX |
+
+</div>
+
+### ¿Cómo puedo obtener acceso a los datos que se almacenan en mi nombre a través de una solicitud de acceso de sujeto?
+
+De acuerdo con la legislación GDPR, las solicitudes razonables de divulgación de datos de un usuario específico se aceptarán dentro de los 28 días posteriores a una solicitud aceptable de un usuario o persona con una relación legal demostrable con ese usuario.
+
+Nos reservamos el derecho de rechazar o cobrar por solicitudes que sean manifiestamente infundadas o excesivas. Cualquier solicitud de acceso de sujeto rechazada será respondida sin demora indebida, incluido el motivo del rechazo, así como el recurso para remitirlo a la autoridad supervisora.
+
+Las solicitudes de acceso a los sujetos deben realizarse por escrito a sar@ivpn.net
+
+### ¿Dónde está la autoridad reguladora que supervisa la jurisdicción en la que opera IVPN según el GDPR?
+
+IVPN está registrada en Gibraltar y, como tal, el organismo regulador del RGPD es la [Autoridad Reguladora de Gibraltar] (http://www.gra.gi/).
+
+### ¿Qué sucede si recibo un aviso legal, como una DMCA, para los derechos de autor del material que he descargado?
+
+Dado que nuestros clientes utilizan una dirección IP emitida por IVPN cuando utilizan nuestro servicio, dichos avisos se dirigen a IVPN y nuestro departamento legal emitirá una respuesta adecuada. Dado que no almacenamos registros de conexión, no podemos asociar una solicitud con la identidad de un cliente, incluso si estamos legalmente obligados a hacerlo.
+
+### ¿Cómo se reacciona cuando una autoridad solicita información relativa a un cliente?
+
+La empresa está constituida en Gibraltar. Si se recibe una orden judicial de una autoridad legal reconocida con jurisdicción sobre IVPN, entonces la empresa cumplirá con esa orden. Sin embargo, no se puede obligar a la empresa a entregar información de la que no dispone. Cuando un cliente se registra, no solicitamos información personal. Si alguna vez la ley nos exige mantener un registro persistente de las conexiones de nuestros clientes o cualquier dato personal relacionado con su actividad de red, lo notificaremos inmediatamente a nuestros clientes y haremos todo lo que esté a nuestro alcance para cambiar de jurisdicción o cerrar el servicio para proteger a quienes nos confían su privacidad.
+
+### ¿Qué pasa si las leyes cambian?
+
+IVPN se compromete a mantener informados a sus clientes sobre cualquier amenaza legislativa grave a nuestro servicio. Si las leyes en nuestra jurisdicción cambian de manera que nos impida cumplir con nuestra política de privacidad, siempre informaremos a nuestros clientes antes de que se promulguen esas leyes. También permitiremos a los clientes cancelar su suscripción y reembolsaremos cualquier tarifa que cubra el resto de su período de suscripción.
+
+### Registros de fallos (crash)
+
+De forma predeterminada, si una de nuestras aplicaciones móviles falla mientras la usas, se recopilarán datos anónimos sobre el error en el dispositivo para ayudarnos a identificar su causa y poder solucionarla en una actualización futura. Estos "registros de fallos" contienen información como el estado de la aplicación, el sistema operativo y el dispositivo en el momento del fallo, pero ninguna información de identificación personal.
+
+Recibimos registros de fallos de nuestras aplicaciones de escritorio solo cuando el usuario confirma manualmente el envío de los fallos. Para nuestras aplicaciones móviles, puedes optar por no enviar informes de registro de fallos deshabilitándolos en las preferencias del usuario.
+
+Los registros de fallos se envían a un servidor alojado y administrado por IVPN, y no por proveedores externos ni servicios en la nube.
+
+### Permisos del dispositivo para acceder a datos personales
+
+Las aplicaciones IVPN para iOS y Android pueden solicitar ciertos permisos que le permitan acceder a los datos del dispositivo del usuario como se describe a continuación.
+
+Estos permisos deben ser otorgados por el usuario antes de poder acceder a la información respectiva. Una vez otorgado el permiso, el usuario puede revocarlo en cualquier momento en la configuración del dispositivo.
+
+Ten en cuenta que la revocación de dichos permisos podría afectar el funcionamiento adecuado de la aplicación.
+
+#### Aplicación Android
+
+Permiso de ubicación (continuo):  
+Requerido para acceder al SSID de la Wi-Fi actual, cuando la función Protección de red de la aplicación está habilitada.
+
+Permiso de la cámara:  
+Se utiliza para escanear códigos QR para iniciar sesión con una ID de cuenta.
+
+#### Aplicación iOS
+
+Permiso para guardar el perfil de VPN:  
+Requerido para acceder al SSID de la Wi-Fi actual, cuando la función Protección de red de la aplicación está habilitada.
+
+Permiso de la cámara:  
+Se utiliza para escanear códigos QR para iniciar sesión con una ID de cuenta.
+
+### Cambios en la política
+
+IVPN se reserva el derecho de cambiar esta política de privacidad en cualquier momento. En tales casos, tomaremos todas las medidas razonables para garantizar que estos cambios lleguen a tu conocimiento publicando todos los cambios de manera destacada en la página web de IVPN durante un período de tiempo razonable, antes de que la nueva política entre en vigencia, así como enviando correos electrónicos a nuestros clientes existentes.
+
+Si tienes alguna pregunta o comentario sobre esta política, no dude en contactarnos.
\ No newline at end of file

From ae4d50c13daeeff59918de6620b118dc2ab3df6a Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Mon, 27 May 2024 12:26:52 +0200
Subject: [PATCH 48/98] Update apps-windows.md

---
 src/content/en/pages/apps-windows.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/content/en/pages/apps-windows.md b/src/content/en/pages/apps-windows.md
index 18c1a3e81..e46bec11e 100644
--- a/src/content/en/pages/apps-windows.md
+++ b/src/content/en/pages/apps-windows.md
@@ -3,7 +3,10 @@ title: IVPN for Windows - Open-source VPN app for your Windows PC
 description: IVPN for Windows offers you comprehensive privacy leak protection with the IVPN firewall, automatic connection on insecure Wi-Fi and Multi-hop.
 h1: IVPN for Windows
 subtitle: Supports Windows 10 / 11 (64-bit)
-url: /apps-windows/
+url: /en/apps-windows/
+aliases: ['/app-windows/']
+params:
+  translated: true
 platform: windows
 layout: apps
 image: apps/windows-app-3.3.7

From 61a3d237dba663c0147885034d7106bcda78760b Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Mon, 27 May 2024 12:27:42 +0200
Subject: [PATCH 49/98] Add files via upload

---
 src/content/es/pages/apps-windows.md | 57 ++++++++++++++++++++++++++++
 1 file changed, 57 insertions(+)
 create mode 100644 src/content/es/pages/apps-windows.md

diff --git a/src/content/es/pages/apps-windows.md b/src/content/es/pages/apps-windows.md
new file mode 100644
index 000000000..ee3297ae2
--- /dev/null
+++ b/src/content/es/pages/apps-windows.md
@@ -0,0 +1,57 @@
+---
+title: IVPN para Windows: aplicación VPN de código abierto para tu PC Windows
+description: IVPN para Windows te ofrece una protección integral contra filtraciones de privacidad con el firewall IVPN, conexión automática en redes Wi-Fi inseguras y Multi-hop.
+h1: IVPN para Windows
+subtitle: Compatible con Windows 10 / 11 (64-bit)
+url: /es/apps-windows/
+params:
+  translated: true
+platform: windows
+layout: apps
+image: apps/windows-app-3.3.7
+releases: [{
+    cta: Descarga,
+    download: https://repo.ivpn.net/windows/bin/IVPN-Client-v3.14.2.exe,
+    github: https://github.com/ivpn/desktop-app,
+    changelog: https://github.com/ivpn/desktop-app/blob/master/CHANGELOG.md,
+    checksum: [
+        {
+            title: SHA256,
+            value: 78e363c6405134ab4424650f2d0435c5a2f4120fcd1b0d4ce062fcd3f6dc471a
+        }
+    ]
+}]
+---
+## Características
+
+- Protocolos WireGuard y OpenVPN.
+- GUI o CLI (interfaz de línea de comandos).
+- Controles de privacidad de WireGuard - Define un calendario de rotación automática de claves y direcciones IP.
+- AntiTracker que bloquea anuncios, adware, páginas web maliciosas y rastreadores de recopilación de datos.
+- Firewall/killswitch - Posibilidad de configurarlo a demanda o siempre activo. Ofrece protección integral contra filtraciones DNS, IPv6, WebRTC y desconexiones.
+- Capacidad para definir redes Wi-Fi de confianza y crear reglas para la conexión/desconexión automática de la VPN.
+- Rutas VPN de Multi-hop. Conéctate a través de múltiples servidores en jurisdicciones diferentes para mejorar la privacidad.
+- Permitir el tráfico LAN cuando estés conectado a la VPN.
+- Función de pausado para cuando sea necesario deshabilitar temporalmente la conexión VPN.
+- Opción Obfsproxy para eludir la censura.
+- Servidores DNS personalizados, con DoH.
+- Túneles divididos.
+- Actualización automática.
+- Conexión automática de inicio y al unirse a una red Wi-Fi insegura.
+
+## Configuración manual
+
+Si prefieres no utilizar la aplicación IVPN, sigue la guía de configuración correspondiente a continuación.
+
+- [WireGuard (Windows 10)](/setup/windows-10-wireguard/)  
+- [OpenVPN GUI (Windows 10)](/setup/windows-10-openvpn-community/)
+- [OpenVPN GUI (Windows 8)](/setup/windows-8-openvpn-community/)
+- [IPSec with IKEv2 (Windows 10)](/setup/windows-10-ipsec-with-ikev2/)
+
+## Descarga versiones anteriores
+
+[IVPN-Client-v3.12.0.exe](https://repo.ivpn.net/windows/bin/IVPN-Client-v3.12.0.exe)  
+SHA256: 2425f3e339eeb8bb8ac11734b2db918083eea6d2cd9172109e0748b2fcd62f19  
+
+[IVPN-Client-v2.12.17.exe](https://cdn.ivpn.net/releases/win/IVPN-Client-v2.12.17.exe)  
+SHA256: 7dce2cd90a2828f308c5c9063776d05af6074d974c57ee69a7ea79030640149a  

From ee2f0ab4c1d775c9dd0430591fc91ffce803ae2c Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Mon, 27 May 2024 12:30:33 +0200
Subject: [PATCH 50/98] Update apps-windows.md

---
 src/content/es/pages/apps-windows.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/es/pages/apps-windows.md b/src/content/es/pages/apps-windows.md
index ee3297ae2..1a3d02df3 100644
--- a/src/content/es/pages/apps-windows.md
+++ b/src/content/es/pages/apps-windows.md
@@ -1,5 +1,5 @@
 ---
-title: IVPN para Windows: aplicación VPN de código abierto para tu PC Windows
+title: IVPN para Windows - Aplicación VPN de código abierto para tu PC Windows
 description: IVPN para Windows te ofrece una protección integral contra filtraciones de privacidad con el firewall IVPN, conexión automática en redes Wi-Fi inseguras y Multi-hop.
 h1: IVPN para Windows
 subtitle: Compatible con Windows 10 / 11 (64-bit)

From f937d32a9cbdf0a69c3085445192d5468e92fdf8 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Mon, 27 May 2024 12:31:23 +0200
Subject: [PATCH 51/98] Update apps-windows.md

---
 src/content/es/pages/apps-windows.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/es/pages/apps-windows.md b/src/content/es/pages/apps-windows.md
index 1a3d02df3..6816c2689 100644
--- a/src/content/es/pages/apps-windows.md
+++ b/src/content/es/pages/apps-windows.md
@@ -22,7 +22,7 @@ releases: [{
     ]
 }]
 ---
-## Características
+## Funciones
 
 - Protocolos WireGuard y OpenVPN.
 - GUI o CLI (interfaz de línea de comandos).

From ae74d9a8165e20a38872b1eb9d5f4df972e80a16 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Mon, 27 May 2024 12:38:58 +0200
Subject: [PATCH 52/98] Update apps-android.md

---
 src/content/es/pages/apps-android.md | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/content/es/pages/apps-android.md b/src/content/es/pages/apps-android.md
index 5a15c7dd0..71ba521ef 100644
--- a/src/content/es/pages/apps-android.md
+++ b/src/content/es/pages/apps-android.md
@@ -1,8 +1,8 @@
 ---
-title: IVPN para Android - aplicación VPN de código abierto para Android
-description: La aplicación IVPN para Android te ofrece una protección integral contra fugas de privacidad con el firewall IVPN, conexión automática en Wi-Fi inseguro y Multi-hop.
+title: IVPN para Android - Aplicación VPN de código abierto para Android
+description: La aplicación IVPN para Android te ofrece una protección integral contra filtraciones de privacidad con el firewall IVPN, conexión automática en redes de Wi-Fi inseguras y Multi-hop.
 h1: IVPN para Android
-subtitle: Soporta Android 5.0+
+subtitle: Compatible con Android 5.0+
 url: /es/apps-android/
 params:
   translated: true
@@ -46,18 +46,18 @@ releases: [{
 ## Funciones
 
 - Protocolos WireGuard y OpenVPN.
-- Controles de privacidad de WireGuard: define un programa de rotación automática de claves y direcciones IP.
-- AntiTracker que bloquea anuncios, software publicitario, sitios web maliciosos y rastreadores de recolección de datos.
-- Capacidad para definir redes Wi-Fi confiables y crear reglas para la conexión/desconexión automática de VPN.
+- Controles de privacidad de WireGuard - Define un programa de rotación automática de claves y direcciones IP.
+- AntiTracker que bloquea anuncios, adware, páginas web maliciosos y rastreadores de recopilación de datos.
+- Capacidad para definir redes Wi-Fi de confianza y crear reglas para la conexión/desconexión automática de VPN.
 - Túnel dividido para permitir que algunas aplicaciones omitan la VPN.
-- Rutas VPN de múltiples saltos. Conéctate a través de múltiples servidores en jurisdicciones separadas para mejorar la privacidad.
+- Rutas VPN de Multi-hop. Conéctate a través de múltiples servidores en jurisdicciones diferentes para mejorar la privacidad.
 - Servidores DNS personalizados, DoT a través de DNS privado nativo de Android.
 - Ubicación simulada para GPS.
 - Protección contra Tapjacking.
 
 ## Configuración manual
 
-Si prefiere no utilizar la aplicación IVPN, siga la guía de configuración correspondiente a continuación.
+Si prefiere no utilizar la aplicación IVPN, sigue la guía de configuración correspondiente a continuación.
 
 - [WireGuard](/setup/android-wireguard/)
 - [OpenVPN for Android](/setup/android-openvpn-for-android/)  

From 85e9a66c3eff09e32c35f5d2fb171c03a14bdcc7 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Mon, 27 May 2024 12:49:16 +0200
Subject: [PATCH 53/98] Update apps-windows.md

---
 src/content/es/pages/apps-windows.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/es/pages/apps-windows.md b/src/content/es/pages/apps-windows.md
index 6816c2689..039fe5925 100644
--- a/src/content/es/pages/apps-windows.md
+++ b/src/content/es/pages/apps-windows.md
@@ -10,7 +10,7 @@ platform: windows
 layout: apps
 image: apps/windows-app-3.3.7
 releases: [{
-    cta: Descarga,
+    cta: Download,
     download: https://repo.ivpn.net/windows/bin/IVPN-Client-v3.14.2.exe,
     github: https://github.com/ivpn/desktop-app,
     changelog: https://github.com/ivpn/desktop-app/blob/master/CHANGELOG.md,

From e3d18e4efb1c19587508413bb4f3dd13f3948c8d Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Mon, 27 May 2024 12:53:40 +0200
Subject: [PATCH 54/98] Update apps-windows.md

---
 src/content/en/pages/apps-windows.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/en/pages/apps-windows.md b/src/content/en/pages/apps-windows.md
index e46bec11e..59aa6051d 100644
--- a/src/content/en/pages/apps-windows.md
+++ b/src/content/en/pages/apps-windows.md
@@ -4,7 +4,7 @@ description: IVPN for Windows offers you comprehensive privacy leak protection w
 h1: IVPN for Windows
 subtitle: Supports Windows 10 / 11 (64-bit)
 url: /en/apps-windows/
-aliases: ['/app-windows/']
+aliases: ['/apps-windows/']
 params:
   translated: true
 platform: windows

From 29f9205da812329f7b354ef8f914235b9c40e7e3 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Mon, 27 May 2024 12:53:52 +0200
Subject: [PATCH 55/98] Update apps-macos.md

---
 src/content/en/pages/apps-macos.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/content/en/pages/apps-macos.md b/src/content/en/pages/apps-macos.md
index e74d0b287..88c27ffc8 100644
--- a/src/content/en/pages/apps-macos.md
+++ b/src/content/en/pages/apps-macos.md
@@ -3,7 +3,10 @@ title: IVPN for macOS - Open-source VPN app for your Mac
 description: IVPN for macOS offers you comprehensive privacy leak protection with the IVPN firewall, automatic connection on insecure Wi-Fi and Multi-hop.
 h1: IVPN for macOS
 subtitle: Supports macOS 10.14+
-url: /apps-macos/
+url: /en/apps-macos/
+aliases: ['/apps-macos/']
+params:
+  translated: true
 platform: macos
 layout: apps
 image: apps/macos-app

From 5dcd7663bee46556ba77b1be5ed09070dbe2150c Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Mon, 27 May 2024 12:56:01 +0200
Subject: [PATCH 56/98] Add files via upload

---
 src/content/es/pages/apps-macos.md | 66 ++++++++++++++++++++++++++++++
 1 file changed, 66 insertions(+)
 create mode 100644 src/content/es/pages/apps-macos.md

diff --git a/src/content/es/pages/apps-macos.md b/src/content/es/pages/apps-macos.md
new file mode 100644
index 000000000..733b9b075
--- /dev/null
+++ b/src/content/es/pages/apps-macos.md
@@ -0,0 +1,66 @@
+---
+title: IVPN para macOS - Aplicación VPN de código abierto para tu Mac
+description: IVPN para macOS te ofrece una protección integral contra filtraciones de privacidad con el firewall IVPN, conexión automática en redes Wi-Fi inseguras y Multi-hop.
+h1: IVPN para macOS
+subtitle: Compatible con macOS 10.14+
+url: /es/apps-macos/
+params:
+  translated: true
+platform: macos
+layout: apps
+image: apps/macos-app
+releases: [{
+    cta: Download,
+    downloads: [
+        {
+            cta: Intel,
+            url: "https://repo.ivpn.net/macos/bin/IVPN-3.14.12.dmg"
+        },
+        {
+            cta: Apple Silicon,
+            url: https://repo.ivpn.net/macos/bin/IVPN-3.14.12-arm64.dmg
+        }
+    ],
+    github: https://github.com/ivpn/desktop-app,
+    changelog: https://github.com/ivpn/desktop-app/blob/master/CHANGELOG.md,
+    checksum: [
+        {
+            title: SHA256 Intel,
+            value: 802426e0ab7eacd1bb2b9da39eb31d59cf3c0d250073b77692449a4d9ec77dbe
+        },
+        {
+            title: SHA256 Apple Silicon,
+            value: eb41d2049ae30518b940eafc439043d527729070dea6b8df0165923055b64949
+        }
+    ]
+}]
+---
+## Funciones
+
+- Protocolos WireGuard y OpenVPN.
+- GUI o CLI (interfaz de línea de comandos).
+- Controles de privacidad de WireGuard - Define un programa de rotación automática de claves y direcciones IP.
+- AntiTracker que bloquea anuncios, adware, páginas web maliciosas y rastreadores de recopilación de datos.
+- Firewall/killswitch - Posibilidad de configurarlo a demanda o siempre activo. Ofrece protección integral contra filtraciones DNS, IPv6, WebRTC y desconexiones.
+- Capacidad para definir redes Wi-Fi de confianza y crear reglas para la conexión/desconexión automática de la VPN.
+- Rutas VPN de Multi-hop. Conéctate a través de múltiples servidores en jurisdicciones diferentes para mejorar la privacidad.
+- Permitir el tráfico LAN cuando estés conectado a la VPN.
+- Función de pausado para cuando sea necesario deshabilitar temporalmente la conexión VPN.
+- Opción Obfsproxy para eludir la censura.
+- Servidores DNS personalizados, con DoH.
+- Túneles divididos.
+- Actualización automática.
+- Conexión automática de inicio y al unirse a una red Wi-Fi insegura.
+
+## Configuración manual
+
+Si prefieres no utilizar la aplicación IVPN, sigue la guía de configuración correspondiente a continuación.
+
+- [WireGuard](/setup/macos-wireguard/)
+- [Tunnelblick (OpenVPN)](/setup/macos-openvpn-tunnelblick/)  
+- [IPSec with IKEv2](/setup/macos-ipsec-with-ikev2/)   
+
+## Descarga una versión anterior
+
+Download [IVPN-2.12.17.dmg](https://cdn.ivpn.net/releases/osx/IVPN-2.12.17.dmg)  
+SHA256: 0fd09967482f53c801dc55eaf23a88ad341da37f58d70d9c9e24c2e5aeb36c22  

From 2e0965fcad4260a08e1ada3056cf1da588ae2ae3 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Mon, 27 May 2024 12:56:53 +0200
Subject: [PATCH 57/98] Update apps-windows.md

---
 src/content/es/pages/apps-windows.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/es/pages/apps-windows.md b/src/content/es/pages/apps-windows.md
index 039fe5925..3458ab682 100644
--- a/src/content/es/pages/apps-windows.md
+++ b/src/content/es/pages/apps-windows.md
@@ -48,7 +48,7 @@ Si prefieres no utilizar la aplicación IVPN, sigue la guía de configuración c
 - [OpenVPN GUI (Windows 8)](/setup/windows-8-openvpn-community/)
 - [IPSec with IKEv2 (Windows 10)](/setup/windows-10-ipsec-with-ikev2/)
 
-## Descarga versiones anteriores
+## Descarga una versión anterior
 
 [IVPN-Client-v3.12.0.exe](https://repo.ivpn.net/windows/bin/IVPN-Client-v3.12.0.exe)  
 SHA256: 2425f3e339eeb8bb8ac11734b2db918083eea6d2cd9172109e0748b2fcd62f19  

From 23ad8a6b911ece4cee5db6e1b50e3ebdb55e7da5 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Mon, 27 May 2024 13:08:34 +0100
Subject: [PATCH 58/98] Localisation: status and pricing page

---
 src/config/_default/menus/menus.en.toml       |  2 +-
 src/config/_default/menus/menus.es.toml       |  2 +-
 src/content/en/pages/pricing.md               |  5 +++-
 src/content/es/pages/pricing.md               |  8 +++++++
 src/themes/ivpn-v3/assets/js/app.js           | 16 +++++++++++--
 .../assets/js/components/ServerList.vue       |  4 +++-
 src/themes/ivpn-v3/assets/js/router/index.js  | 15 ++++++++++--
 src/themes/ivpn-v3/assets/js/servers.js       |  3 ++-
 src/themes/ivpn-v3/assets/js/views/Prices.vue | 24 +++++++++++--------
 .../assets/scss/components/servers.scss       |  2 +-
 src/themes/ivpn-v3/locales/en.json            | 20 ++++++++++++++--
 src/themes/ivpn-v3/locales/es.json            | 20 ++++++++++++++--
 12 files changed, 97 insertions(+), 24 deletions(-)
 create mode 100644 src/content/es/pages/pricing.md

diff --git a/src/config/_default/menus/menus.en.toml b/src/config/_default/menus/menus.en.toml
index 2e808bf7a..4f32cca16 100644
--- a/src/config/_default/menus/menus.en.toml
+++ b/src/config/_default/menus/menus.en.toml
@@ -25,7 +25,7 @@
   [[main]]
     identifier = "prices"
     name = "Pricing"
-    url = "/pricing/"
+    url = "/en/pricing/"
     weight = 45
 
 
diff --git a/src/config/_default/menus/menus.es.toml b/src/config/_default/menus/menus.es.toml
index a4e572353..4e46fc07c 100644
--- a/src/config/_default/menus/menus.es.toml
+++ b/src/config/_default/menus/menus.es.toml
@@ -25,7 +25,7 @@
   [[main]]
     identifier = "prices"
     name = "Pricing"
-    url = "/pricing/"
+    url = "/es/pricing/"
     weight = 45
 
 
diff --git a/src/content/en/pages/pricing.md b/src/content/en/pages/pricing.md
index dd554a1eb..22ab82ce5 100644
--- a/src/content/en/pages/pricing.md
+++ b/src/content/en/pages/pricing.md
@@ -1,6 +1,9 @@
 ---
 title: IVPN Pricing - VPN subscription with anonymous registration
 description: Generate an IVPN Standard or Pro account - no email address required. We accept credit cards, Paypal, Bitcoin or cash payments. 30-day money-back guarantee.
-url: /pricing/
+url: /en/pricing/
+aliases: ['/pricing/']
+params:
+  translated: true
 layout: application
 ---
diff --git a/src/content/es/pages/pricing.md b/src/content/es/pages/pricing.md
new file mode 100644
index 000000000..b076f768c
--- /dev/null
+++ b/src/content/es/pages/pricing.md
@@ -0,0 +1,8 @@
+---
+title: Precios de IVPN - suscripción VPN con registro anónimo
+description: Genere una cuenta IVPN Standard o Pro - no se requiere dirección de correo electrónico. Aceptamos tarjetas de crédito, Paypal, Bitcoin o pagos en efectivo. 30 días de garantía de devolución de dinero.
+url: /es/pricing/
+params:
+  translated: true
+layout: application
+---
\ No newline at end of file
diff --git a/src/themes/ivpn-v3/assets/js/app.js b/src/themes/ivpn-v3/assets/js/app.js
index c2b9e91d3..dc5ef7d05 100644
--- a/src/themes/ivpn-v3/assets/js/app.js
+++ b/src/themes/ivpn-v3/assets/js/app.js
@@ -7,9 +7,9 @@ import store from './store'
 import { format } from 'date-fns'
 import { mapState } from 'vuex'
 import { createI18n } from 'vue-i18n'
+import en from '../../locales/en.json'
+import es from '../../locales/es.json'
 
-const i18n = createI18n({
-})
 
 let products = {
     standard: {
@@ -46,6 +46,16 @@ let products = {
 store.commit('product/setAll', { products })
 store.dispatch('auth/init')
 
+const i18n = createI18n({
+    legacy: false,
+    locale: 'en',
+    fallbackLocale: 'en',
+    messages: {
+      en: en,
+      es: es
+    }
+})
+
 const app = createApp({
     render: () => h(App),
     computed: {
@@ -56,6 +66,8 @@ const app = createApp({
     }
 })
 
+app.use(i18n)
+
 app.mixin({
     methods: {
         emptyObject(obj) {
diff --git a/src/themes/ivpn-v3/assets/js/components/ServerList.vue b/src/themes/ivpn-v3/assets/js/components/ServerList.vue
index 83d1c2cd9..51cbd4b0c 100644
--- a/src/themes/ivpn-v3/assets/js/components/ServerList.vue
+++ b/src/themes/ivpn-v3/assets/js/components/ServerList.vue
@@ -7,7 +7,7 @@
             <div class="row row__filter">
                 <div class="col server">
                     <form class="search" @submit.prevent autocomplete="off">
-                        <input name="search" type="text" placeholder="Server" @input="onChangeServerFilter($event)" ref="serverFilter">
+                        <input name="search" type="text" :placeholder="$t('servers.placeholder')" @input="onChangeServerFilter($event)" ref="serverFilter">
                         <input type="submit" value=" ">
                     </form>
                 </div>
@@ -163,6 +163,7 @@
 
 <script>
 import Api from "@/api/api";
+import { useI18n } from "vue-i18n";
 
 export default {
     data() {
@@ -179,6 +180,7 @@ export default {
         };
     },
     mounted() {
+        useI18n().locale.value = window.location.href.split("/")[3];
         this.refreshServers();
     },
     methods: {
diff --git a/src/themes/ivpn-v3/assets/js/router/index.js b/src/themes/ivpn-v3/assets/js/router/index.js
index 7f219839f..fbde5a83b 100644
--- a/src/themes/ivpn-v3/assets/js/router/index.js
+++ b/src/themes/ivpn-v3/assets/js/router/index.js
@@ -36,6 +36,9 @@ import InternalErrorView from '../views/500.vue'
 
 import store from '@/store'
 
+import en from '@/../../locales/en.json'
+import es from '@/../../locales/es.json'
+
 async function notAuthenticatedGuard(to, from, next) {
     if (store.state.auth.isAuthenticated) {
         if (store.state.auth.isLegacy) {
@@ -65,11 +68,19 @@ const routes = [
         }
     },
     {
-        path: '/pricing',
+        path: '/en/pricing',
         name: 'prices',
         component: PricesView,
         meta: {
-            title: 'IVPN Pricing - VPN subscription with anonymous registration',
+            title: en.pricing.meta.title,
+        }
+    },
+    {
+        path: '/es/pricing',
+        name: 'prices-es',
+        component: PricesView,
+        meta: {
+            title: es.pricing.meta.title,
         }
     },
     {
diff --git a/src/themes/ivpn-v3/assets/js/servers.js b/src/themes/ivpn-v3/assets/js/servers.js
index 0757ce78b..4ef71ff84 100644
--- a/src/themes/ivpn-v3/assets/js/servers.js
+++ b/src/themes/ivpn-v3/assets/js/servers.js
@@ -5,13 +5,14 @@ import en from '../../locales/en.json'
 import es from '../../locales/es.json'
 
 const i18n = createI18n({
+    legacy: false,
     locale: 'en',
     fallbackLocale: 'en',
     messages: {
       en: en,
       es: es
     }
-  })
+})
 
 const app = createApp(ServerList)
 app.use(i18n)
diff --git a/src/themes/ivpn-v3/assets/js/views/Prices.vue b/src/themes/ivpn-v3/assets/js/views/Prices.vue
index bd42637a2..e752337d4 100644
--- a/src/themes/ivpn-v3/assets/js/views/Prices.vue
+++ b/src/themes/ivpn-v3/assets/js/views/Prices.vue
@@ -1,8 +1,8 @@
 <template>
     <div>
-        <h1 class="app">Select IVPN Plan</h1>
+        <h1 class="app">{{ $t('pricing.title') }}</h1>
         <p>
-            Select a plan to create your account instantly. You can switch between IVPN Standard and Pro any time in the future.
+            {{ $t('pricing.description') }}
         </p>
 
         <div class="prices">
@@ -12,12 +12,12 @@
                 :disabled="inProgress"
                 :inProgress="inProgress && selectedProduct == 'IVPN Standard'"
             >
-                <div class="price-header">IVPN Standard</div>
+                <div class="price-header">{{ $t('pricing.standard') }}</div>
                 <div class="price-features">
                     <ul>
-                        <li>All protocols</li>
-                        <li>2 devices</li>
-                        <li>AntiTracker</li>
+                        <li>{{ $t('pricing.allProtocols') }}</li>
+                        <li>{{ $t('pricing.standardDevices') }}</li>
+                        <li>{{ $t('pricing.antitracker') }}</li>
                     </ul>
                 </div>
             </price-box>
@@ -31,10 +31,10 @@
                 <div class="price-header">IVPN Pro</div>
                 <div class="price-features">
                     <ul>
-                        <li>All protocols</li>
-                        <li>7 devices</li>
-                        <li>AntiTracker</li>
-                        <li>Multi-hop</li>
+                        <li>{{ $t('pricing.allProtocols') }}</li>
+                        <li>{{ $t('pricing.standardDevices') }}</li>
+                        <li>{{ $t('pricing.antitracker') }}</li>
+                        <li>{{ $t('pricing.multihop') }}</li>
                     </ul>
                 </div>
             </price-box>
@@ -83,6 +83,7 @@ import PriceBox from "@/components/PriceBox.vue";
 
 import { mapState } from "vuex";
 import matomo from "@/api/matomo.js";
+import { useI18n } from "vue-i18n";
 
 export default {
     name: "Prices",
@@ -102,6 +103,9 @@ export default {
             auth: (state) => state.auth,
         }),
     },
+    mounted(){
+        useI18n().locale.value = window.location.href.split("/")[3];
+    },
     async created() {
         if (
             this.$store.state.auth.isAuthenticated &&
diff --git a/src/themes/ivpn-v3/assets/scss/components/servers.scss b/src/themes/ivpn-v3/assets/scss/components/servers.scss
index b7c713504..554753e4c 100644
--- a/src/themes/ivpn-v3/assets/scss/components/servers.scss
+++ b/src/themes/ivpn-v3/assets/scss/components/servers.scss
@@ -329,7 +329,7 @@
                 }
 
                 .select {
-                    width: 160px;
+                    width: 200px;
 
                     @include max-width('medium-large') {
                         width: 300px;
diff --git a/src/themes/ivpn-v3/locales/en.json b/src/themes/ivpn-v3/locales/en.json
index dd23389a8..e809ff632 100644
--- a/src/themes/ivpn-v3/locales/en.json
+++ b/src/themes/ivpn-v3/locales/en.json
@@ -6,9 +6,10 @@
         "city": "City",
         "provider": "Provider",
         "reset": "Reset",
-        "server": "Server",
+        "server": "SERVER",
+        "placeholder": "Server",
         "table": {
-            "country": "COUNMTRY",
+            "country": "COUNTRY",
             "city": "CITY",
             "provider": "PROVIDER",
             "load": "LOAD"
@@ -24,5 +25,20 @@
             "socks5": "SOCKS5",
             "socks5port": "SOCKS5 Port"
         }
+    },
+    "pricing":{
+        "meta": {
+            "title": "IVPN Pricing - VPN subscription with anonymous registration"
+        },
+        "title": "Select IVPN Plan",
+        "description": "Select a plan to create your account instantly. You can switch between IVPN Standard and Pro any time in the future.",
+        "standard": "IVPN STANDARD",
+        "pro": "IVPN PRO",
+        "allProtocols": "All protocols",
+        "standardDevices": "2 devices",
+        "antitracker": "AntiTracker",
+        "proDevices": "7 devices",
+        "multihop": "Multi-hop"
+
     }
 }
\ No newline at end of file
diff --git a/src/themes/ivpn-v3/locales/es.json b/src/themes/ivpn-v3/locales/es.json
index 6eefe9678..b1932c599 100644
--- a/src/themes/ivpn-v3/locales/es.json
+++ b/src/themes/ivpn-v3/locales/es.json
@@ -1,12 +1,13 @@
 {
     "servers": {
         "title": "Servidores IVPN",
-        "country": "pais",
+        "country": "País",
         "any": "Cualquiera",
         "city": "Ciudad",
         "provider": "Proveedor",
         "reset": "Reiniciar",
-        "server": "Servidor",
+        "server": "SERVIDOR",
+        "placeholder": "Servidor",
         "table": {
             "country": "PAIS",
             "city": "CIUDAD",
@@ -24,5 +25,20 @@
             "socks5": "SOCKS5",
             "socks5port": "Puerto SOCKS5"
         }
+    },
+    "pricing":{
+        "meta": {
+            "title": "Precios de IVPN - suscripción VPN con registro anónimo"
+        },
+        "title": "Elije Plan IVPN",
+        "description": "Seleccione un plan para crear su cuenta al instante. Puede cambiar entre IVPN Standard y Pro en cualquier momento en el futuro.",
+        "standard": "IVPN STANDARD",
+        "pro": "IVPN PRO",
+        "allProtocols": "Todos los protocolos",
+        "standardDevices": "2 dispositivos",
+        "antitracker": "AntiTracker",
+        "proDevices": "7 dispositivos",
+        "multihop": "Multi-hop"
+
     }
 }
\ No newline at end of file

From b12b6eb7c27296df9a362538f97714311aa00030 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Mon, 27 May 2024 14:51:33 +0200
Subject: [PATCH 59/98] Update apps-macos.md

---
 src/content/es/pages/apps-macos.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/content/es/pages/apps-macos.md b/src/content/es/pages/apps-macos.md
index 733b9b075..ccd49be59 100644
--- a/src/content/es/pages/apps-macos.md
+++ b/src/content/es/pages/apps-macos.md
@@ -48,7 +48,6 @@ releases: [{
 - Función de pausado para cuando sea necesario deshabilitar temporalmente la conexión VPN.
 - Opción Obfsproxy para eludir la censura.
 - Servidores DNS personalizados, con DoH.
-- Túneles divididos.
 - Actualización automática.
 - Conexión automática de inicio y al unirse a una red Wi-Fi insegura.
 

From 88a0f1f3ee2441b74d830bbf1a0aa3899446a2cf Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Mon, 27 May 2024 14:51:57 +0200
Subject: [PATCH 60/98] Update apps-windows.md

---
 src/content/es/pages/apps-windows.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/es/pages/apps-windows.md b/src/content/es/pages/apps-windows.md
index 3458ab682..aecb223d9 100644
--- a/src/content/es/pages/apps-windows.md
+++ b/src/content/es/pages/apps-windows.md
@@ -35,7 +35,7 @@ releases: [{
 - Función de pausado para cuando sea necesario deshabilitar temporalmente la conexión VPN.
 - Opción Obfsproxy para eludir la censura.
 - Servidores DNS personalizados, con DoH.
-- Túneles divididos.
+- Split tunneling.
 - Actualización automática.
 - Conexión automática de inicio y al unirse a una red Wi-Fi insegura.
 

From f36467a1484fa93cbfca8fa776b733c503d2a605 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Mon, 27 May 2024 14:55:56 +0200
Subject: [PATCH 61/98] Update apps-windows.md

---
 src/content/es/pages/apps-windows.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/es/pages/apps-windows.md b/src/content/es/pages/apps-windows.md
index aecb223d9..4a79fe47b 100644
--- a/src/content/es/pages/apps-windows.md
+++ b/src/content/es/pages/apps-windows.md
@@ -35,7 +35,7 @@ releases: [{
 - Función de pausado para cuando sea necesario deshabilitar temporalmente la conexión VPN.
 - Opción Obfsproxy para eludir la censura.
 - Servidores DNS personalizados, con DoH.
-- Split tunneling.
+- Tunelización dividida.
 - Actualización automática.
 - Conexión automática de inicio y al unirse a una red Wi-Fi insegura.
 

From f223f6ab47a1fee6d6812458d9b2770aa06c91d9 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Tue, 28 May 2024 10:45:11 +0200
Subject: [PATCH 62/98] Update apps-linux.md

---
 src/content/en/pages/apps-linux.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/content/en/pages/apps-linux.md b/src/content/en/pages/apps-linux.md
index 41ed521f4..fb7933fc8 100644
--- a/src/content/en/pages/apps-linux.md
+++ b/src/content/en/pages/apps-linux.md
@@ -3,7 +3,10 @@ title: IVPN for Linux - Open-source VPN app for Linux
 description: IVPN for Linux offers you comprehensive privacy leak protection with the IVPN firewall, automatic connection on insecure Wi-Fi and Multi-hop.
 h1: IVPN for Linux
 subtitle: Supports 64-bit Linux 3.10+
-url: /apps-linux/
+url: /en/apps-linux/
+aliases: ['/apps-linux/']
+params:
+  translated: true
 platform: linux
 layout: apps-single
 imageLight: /images-static/uploads/apps/linux-app-3.3.7-light@2x.png

From 07076d932eafb50bacafc5ecce46f8be68b09598 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Tue, 28 May 2024 10:45:42 +0200
Subject: [PATCH 63/98] Add files via upload

---
 src/content/es/pages/apps-linux.md | 269 +++++++++++++++++++++++++++++
 1 file changed, 269 insertions(+)
 create mode 100644 src/content/es/pages/apps-linux.md

diff --git a/src/content/es/pages/apps-linux.md b/src/content/es/pages/apps-linux.md
new file mode 100644
index 000000000..8181a5ead
--- /dev/null
+++ b/src/content/es/pages/apps-linux.md
@@ -0,0 +1,269 @@
+---
+title: IVPN para Linux - Aplicación VPN de código abierto para Linux
+description: IVPN para Linux te ofrece una protección integral contra filtraciones de privacidad con el firewall IVPN, conexión automática en redes Wi-Fi inseguras y Multi-hop.
+h1: IVPN for Linux
+subtitle: Compatible con 64-bit Linux 3.10+
+url: /es/apps-linux/
+params:
+  translated: true
+platform: linux
+layout: apps-single
+imageLight: /images-static/uploads/apps/linux-app-3.3.7-light@2x.png
+imageDark: /images-static/uploads/apps/linux-app-3.3.7-dark@2x.png
+contents:
+- item:
+    title: Funcioness
+    anchor: features
+- item:
+    title: Paquetes
+    anchor: packages
+- item:
+    title: Instalar desde el repositorio de IVPN
+    anchor: install
+    subitems:
+    - item:
+        title: Ubuntu
+        anchor: ubuntu
+    - item:
+        title: Debian
+        anchor: debian
+    - item:
+        title: Mint
+        anchor: mint
+    - item:
+        title: Fedora
+        anchor: fedora
+    - item:
+        title: CentOS
+        anchor: centos
+    - item:
+        title: Arch Linux
+        anchor: arch
+    - item:
+        title: Fedora Silverblue
+        anchor: silverblue
+- item:
+    title: Instalar desde los archivos binarios
+    anchor: binaries
+- item:
+    title: Instalar desde el código fuente
+    anchor: source
+- item:
+    title: Instalar desde Snap
+    anchor: snap
+- item:
+    title: Enlaces útiles
+    anchor: useful-links
+---
+## Funciones {#features}
+
+* Protocolos WireGuard y OpenVPN.
+* GUI o CLI (interfaz de línea de comandos).
+* Controles de privacidad de WireGuard - Define un calendario de rotación automática de claves y direcciones IP.
+* AntiTracker que bloquea anuncios, adware, páginas web maliciosas y rastreadores de recopilación de datos.
+* Firewall/killswitch - Posibilidad de configurarlo a demanda o siempre activo. Ofrece protección integral contra filtraciones DNS, IPv6, WebRTC y desconexiones.
+* Capacidad para definir redes Wi-Fi de confianza y crear reglas para la conexión/desconexión automática de la VPN.
+* Rutas VPN de Multi-hop. Conéctate a través de múltiples servidores en jurisdicciones diferentes para mejorar la privacidad.
+* Permitir el tráfico LAN cuando estés conectado a la VPN.
+* Función de pausado para cuando sea necesario deshabilitar temporalmente la conexión VPN.
+* Opción Obfsproxy para eludir la censura.
+* Servidores DNS personalizados, con DoH.
+* Tunelización dividida para permitir que las aplicaciones designadas eviten el túnel VPN.
+* Conexión automática de inicio y al unirse a una red Wi-Fi insegura
+
+## Paquetes {#packages}
+
+### Paquete base 
+
+El paquete base contiene todo lo que necesitas para conectarte a IVPN con una interfaz de línea de comandos. La aplicación IVPN GUI se proporciona como un paquete separado que puedes encontrar a continuación.  
+[Registro de cambios](https://github.com/ivpn/desktop-app/blob/master/CHANGELOG.md) 
+
+### Aplicación GUI IVPN 
+
+Ten en cuenta que es necesario instalar el paquete base antes de instalar la aplicación GUI.  
+[Registro de cambios](https://github.com/ivpn/desktop-app/blob/master/CHANGELOG.md)  
+
+## Instalar desde el repositorio IVPN {#install}
+
+### Ubuntu {#ubuntu}
+
+```pkgconfig
+# Añadir la clave GPG de IVPN
+curl -fsSL https://repo.ivpn.net/stable/ubuntu/generic.gpg | gpg --dearmor > ~/ivpn-archive-keyring.gpg
+
+sudo mv ~/ivpn-archive-keyring.gpg /usr/share/keyrings/ivpn-archive-keyring.gpg
+
+# Establecer permisos apropiados para la clave GPG
+sudo chown root:root /usr/share/keyrings/ivpn-archive-keyring.gpg && sudo chmod 644 /usr/share/keyrings/ivpn-archive-keyring.gpg
+
+# Añadir el repositorio IVPN
+curl -fsSL https://repo.ivpn.net/stable/ubuntu/generic.list | sudo tee /etc/apt/sources.list.d/ivpn.list
+
+# Establecer permisos apropiados para el repositorio
+sudo chown root:root /etc/apt/sources.list.d/ivpn.list && sudo chmod 644 /etc/apt/sources.list.d/ivpn.list
+
+# Actualizar la información del repositorio de APT
+sudo apt update
+
+# Para instalar el software IVPN (CLI y UI)
+sudo apt install ivpn-ui
+
+# Para instalar solo IVPN CLI
+sudo apt install ivpn
+```
+
+### Debian {#debian}
+
+```pkgconfig
+# Añadir la clave GPG de IVPN
+curl -fsSL https://repo.ivpn.net/stable/debian/generic.gpg | gpg --dearmor > ~/ivpn-archive-keyring.gpg
+
+sudo mv ~/ivpn-archive-keyring.gpg /usr/share/keyrings/ivpn-archive-keyring.gpg
+
+# Establecer permisos apropiados para la clave GPG
+sudo chown root:root /usr/share/keyrings/ivpn-archive-keyring.gpg && sudo chmod 644 /usr/share/keyrings/ivpn-archive-keyring.gpg
+
+# Añadir el repositorio IVPN
+curl -fsSL https://repo.ivpn.net/stable/debian/generic.list | sudo tee /etc/apt/sources.list.d/ivpn.list
+
+# Establecer permisos apropiados para el repositorio
+sudo chown root:root /etc/apt/sources.list.d/ivpn.list && sudo chmod 644 /etc/apt/sources.list.d/ivpn.list
+
+# Actualizar la información del repositorio de APT
+sudo apt update
+
+# Para instalar el software IVPN (CLI y UI)
+sudo apt install ivpn-ui
+
+# Para instalar solo IVPN CLI
+sudo apt install ivpn
+```
+
+### Mint {#mint}
+
+```pkgconfig
+# Añadir la clave GPG de IVPN
+curl -fsSL https://repo.ivpn.net/stable/mint/generic.gpg | gpg --dearmor > ~/ivpn-archive-keyring.gpg
+
+sudo mv ~/ivpn-archive-keyring.gpg /usr/share/keyrings/ivpn-archive-keyring.gpg
+
+# Establecer permisos apropiados para la clave GPG
+sudo chown root:root /usr/share/keyrings/ivpn-archive-keyring.gpg && sudo chmod 644 /usr/share/keyrings/ivpn-archive-keyring.gpg
+
+# Añadir el repositorio IVPN
+curl -fsSL https://repo.ivpn.net/stable/mint/generic.list | sudo tee /etc/apt/sources.list.d/ivpn.list
+
+# Establecer permisos apropiados para el repositorio
+sudo chown root:root /etc/apt/sources.list.d/ivpn.list && sudo chmod 644 /etc/apt/sources.list.d/ivpn.list
+
+# Actualizar la información del repositorio de APT
+sudo apt update
+
+# Para instalar el software IVPN (CLI y UI)
+sudo apt install ivpn-ui
+
+# Para instalar solo IVPN CLI
+sudo apt install ivpn
+```
+
+### Fedora {#fedora}
+
+```pkgconfig
+# Agregar el repositorio IVPN
+sudo dnf config-manager --add-repo https://repo.ivpn.net/stable/fedora/generic/ivpn.repo
+
+# Para instalar el software IVPN (CLI y UI)
+sudo dnf install ivpn-ui
+
+# Para instalar solo IVPN CLI
+sudo dnf install ivpn
+```
+
+### CentOS {#centos}
+
+```pkgconfig
+# Instalar Yum-utils
+sudo yum install yum-utils
+
+# Agregar el repositorio IVPN
+sudo yum-config-manager --add-repo https://repo.ivpn.net/stable/centos/generic/ivpn.repo
+
+# Para instalar el software IVPN (CLI y UI)
+sudo yum install ivpn-ui
+
+# Para instalar solo IVPN CLI
+sudo yum install ivpn
+
+# Requerido para CentOS 8
+sudo yum install libXScrnSaver
+```
+
+### Arch Linux {#arch}
+
+AUR - Repositorio de usuarios de ArchLinux. Puede ser utilizado por distribuciones basadas en ArchLinux: ArchLinux, Manjaro...
+
+Paquete base: [ivpn](https://aur.archlinux.org/packages/ivpn/)  
+Paquete UI: [ivpn-ui](https://aur.archlinux.org/packages/ivpn-ui/)  
+
+El uso de un asistente AUR/Pacman wrapper automatiza el proceso de instalación:
+
+```pkgconfig
+yay -S ivpn
+yay -S ivpn-ui
+```
+
+Nota: Hay disponibles otras utilidades de ayuda de AUR/Pacman wrapper.
+
+### Fedora Silverblue {#silverblue}
+
+El cliente IVPN se puede instalar en [Fedora Silverblue](/knowledgebase/linux/fedora-silverblue/).
+
+## Instalar desde los archivos binarios {#binaries}
+
+### .DEB
+
+[Paquete base](https://repo.ivpn.net/stable/pool/ivpn_3.14.2_amd64.deb)  
+SHA256: 12d1005eeb92c5b35bf83b9df51317ec4ac08efc6fbb7ab01e962250f23b891d  
+
+[Paquete UI](https://repo.ivpn.net/stable/pool/ivpn-ui_3.14.2_amd64.deb)  
+SHA256: f64cd84b4e0ce252f0c066977d180b953c55f2b485cf7a5437b1e4c7af1959f7  
+
+### .RPM
+
+[Paquete base](https://repo.ivpn.net/stable/pool/ivpn-3.14.2-1.x86_64.rpm)  
+SHA256: 45dba6b5a281646bde6b6651661092024aafc0165268e3245fb515dabb866996  
+
+[Paquete UI](https://repo.ivpn.net/stable/pool/ivpn-ui-3.14.2-1.x86_64.rpm)  
+SHA256: 0b3602497cf599060e44b0912923f3a5bc2f9325c8d34856bc7ef2eb019bb6ee  
+
+## Instalar desde el código fuente {#source}
+
+[Daemon + CLI](https://github.com/ivpn/desktop-app#compilation_linux_daemon)  
+[UI](https://github.com/ivpn/desktop-app#compilation_linux_ui)  
+
+## Instalar desde Snap {#snap}
+
+Descarga la aplicación IVPN en [Snap Store](https://snapcraft.io/ivpn) usando el comando `sudo snap install ivpn`.  
+
+<p>
+    <a href="https://snapcraft.io/ivpn">
+        <img class="features__image--light" src="/images-static/uploads/snap-store-white@2x.png" alt="Get it from the Snap Store" width="182">
+        <img class="features__image--dark" src="/images-static/uploads/snap-store-black@2x.png" alt="Get it from the Snap Store"  width="182">
+    </a>
+</p>
+
+### Notas de Snap:
+
+* Se requiere el programa daemon [snapd](https://snapcraft.io/docs/installing-snapd).
+* Desinstala las versiones anteriores (DEB, RPM, etc.) de la aplicación IVPN antes de cambiar al canal de Snap y viceversa.
+* La función **Tunelización dividida** no está disponible debido a fuertes restricciones del entorno Snap.
+
+## Enlaces útiles {#useful-links}
+
+Si prefieres no utilizar la aplicación IVPN, sigue la guía de configuración correspondiente a continuación.
+
+* [WireGuard usando terminal](/setup/linux-wireguard/)
+* [WireGuard usando NetworkManager](/setup/linux-wireguard-netman/)
+* [OpenVPN usando terminal](/setup/linux-terminal/)
+* [OpenVPN usando NetworkManager](/setup/linux-netman/)
+* [IPSec con IKEv2](/setup/linux-ipsec-con-ikev2/)

From ec3cf9fbdc9c80695442f37d40485bd8693e08ee Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Tue, 28 May 2024 11:24:22 +0200
Subject: [PATCH 64/98] Update apps-ios.md

---
 src/content/en/pages/apps-ios.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/content/en/pages/apps-ios.md b/src/content/en/pages/apps-ios.md
index d3afcd6d2..6ffea555c 100644
--- a/src/content/en/pages/apps-ios.md
+++ b/src/content/en/pages/apps-ios.md
@@ -3,7 +3,10 @@ title: IVPN for iOS - Open-source VPN app for your iPhone and iPad
 description: The IVPN app for iOS is designed for iPhone and iPad and offers you comprehensive privacy leak protection, automatic connection on insecure Wi-Fi and Multi-hop.
 h1: IVPN for iOS
 subtitle: Supports iOS/iPadOS 14.0+
-url: /apps-ios/
+url: /en/apps-ios/
+aliases: ['/apps-ios/']
+params:
+  translated: true
 platform: ios
 layout: apps
 image: apps/ios-app

From 166edaafa1d5125af2ed4f23287e62c53f32c508 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Tue, 28 May 2024 11:24:50 +0200
Subject: [PATCH 65/98] Add files via upload

---
 src/content/es/pages/apps-ios.md | 34 ++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 src/content/es/pages/apps-ios.md

diff --git a/src/content/es/pages/apps-ios.md b/src/content/es/pages/apps-ios.md
new file mode 100644
index 000000000..b52952990
--- /dev/null
+++ b/src/content/es/pages/apps-ios.md
@@ -0,0 +1,34 @@
+---
+title: IVPN para iOS - Aplicación VPN de código abierto para tu iPhone y iPad
+description: La IVPN app para iOS, diseñada para iPhone y iPad, te ofrece una protección integral contra filtraciones de privacidad, conexión automática en redes Wi-Fi inseguras y Multi-hop.
+h1: IVPN paara iOS
+subtitle: Compatible con iOS/iPadOS 14.0+
+url: /es/apps-ios/
+params:
+  translated: true
+platform: ios
+layout: apps
+image: apps/ios-app
+releases: [{
+    cta: Get it on App Store,
+    download: "https://apps.apple.com/us/app/ivpn-serious-privacy-protection/id1193122683?mt=8",
+    github: https://github.com/ivpn/ios-app,
+    changelog: https://github.com/ivpn/ios-app/blob/master/CHANGELOG.md
+}]
+---
+## Funciones
+
+- Protocolos WireGuard, OpenVPN y IPSec.
+- Controles de privacidad de WireGuard - Define un calendario de rotación automática de claves y direcciones IP.
+- AntiTracker que bloquea anuncios, adware, páginas web maliciosas y rastreadores de recopilación de datos.
+- Capacidad para definir redes Wi-Fi de confianza y crear reglas para la conexión/desconexión automática de la VPN.
+- Rutas VPN de Multi-hop. Conéctate a través de múltiples servidores en jurisdicciones diferentes para mejorar la privacidad.
+- Servidores DNS personalizados, con DoH y DoT.
+
+## Manual configuration
+
+Si prefieres no utilizar la aplicación IVPN, sigue la guía de configuración correspondiente a continuación.
+
+- [WireGuard](/setup/ios-wireguard/)
+- [OpenVPN Connect](/setup/ios-openvpn-connect/)  
+- [IPSec con IKEv2](/setup/ios-ipsec-ikev2/)

From 21c0e1d438402ebe1927a7aadb26c2634708fbfd Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Tue, 28 May 2024 11:26:45 +0200
Subject: [PATCH 66/98] Update apps-android.md

---
 src/content/es/pages/apps-android.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/content/es/pages/apps-android.md b/src/content/es/pages/apps-android.md
index 71ba521ef..34223bb16 100644
--- a/src/content/es/pages/apps-android.md
+++ b/src/content/es/pages/apps-android.md
@@ -49,7 +49,7 @@ releases: [{
 - Controles de privacidad de WireGuard - Define un programa de rotación automática de claves y direcciones IP.
 - AntiTracker que bloquea anuncios, adware, páginas web maliciosos y rastreadores de recopilación de datos.
 - Capacidad para definir redes Wi-Fi de confianza y crear reglas para la conexión/desconexión automática de VPN.
-- Túnel dividido para permitir que algunas aplicaciones omitan la VPN.
+- Tunelización dividida para permitir que algunas aplicaciones omitan la VPN.
 - Rutas VPN de Multi-hop. Conéctate a través de múltiples servidores en jurisdicciones diferentes para mejorar la privacidad.
 - Servidores DNS personalizados, DoT a través de DNS privado nativo de Android.
 - Ubicación simulada para GPS.
@@ -61,4 +61,4 @@ Si prefiere no utilizar la aplicación IVPN, sigue la guía de configuración co
 
 - [WireGuard](/setup/android-wireguard/)
 - [OpenVPN for Android](/setup/android-openvpn-for-android/)  
-- [IPSec with IKEv2](/setup/android-ipsec-with-ikev2/)  
+- [IPSec con IKEv2](/setup/android-ipsec-with-ikev2/)  

From 78fb77ccdc86c0fb390bc81fe1ce8832952013f1 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Tue, 28 May 2024 11:35:05 +0200
Subject: [PATCH 67/98] Update pricing.md

---
 src/content/es/pages/pricing.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/content/es/pages/pricing.md b/src/content/es/pages/pricing.md
index b076f768c..18020a12b 100644
--- a/src/content/es/pages/pricing.md
+++ b/src/content/es/pages/pricing.md
@@ -1,8 +1,8 @@
 ---
-title: Precios de IVPN - suscripción VPN con registro anónimo
-description: Genere una cuenta IVPN Standard o Pro - no se requiere dirección de correo electrónico. Aceptamos tarjetas de crédito, Paypal, Bitcoin o pagos en efectivo. 30 días de garantía de devolución de dinero.
+title: Precios de IVPN - suscripción VPN con inscripción anónima
+description: Crea una cuenta IVPN Standard o Pro - no se requiere dirección de correo electrónico. Aceptamos tarjetas de crédito, Paypal, Bitcoin o pagos en efectivo. Garantía de reembolso de 30 días.
 url: /es/pricing/
 params:
   translated: true
 layout: application
----
\ No newline at end of file
+---

From 3c50675a84e32356a376327821dc2ddcaa9862b7 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Tue, 28 May 2024 11:44:08 +0200
Subject: [PATCH 68/98] Update wireguard-vpn.md

---
 src/content/es/pages/wireguard-vpn.md | 28 +++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/src/content/es/pages/wireguard-vpn.md b/src/content/es/pages/wireguard-vpn.md
index 21447a9fb..39bc0f538 100644
--- a/src/content/es/pages/wireguard-vpn.md
+++ b/src/content/es/pages/wireguard-vpn.md
@@ -1,19 +1,19 @@
 ---
 title: Protocolo WireGuard VPN para privacidad - comienza a usarlo con IVPN
-description: WireGuard es un protocolo VPN revolucionario que promete mayor seguridad y velocidades más rápidas en comparación con las soluciones existentes. IVPN ofrece WireGuard en nuestras aplicaciones de Windows, macOS, Linux, Android e iOS. Configure y ejecute WireGuard VPN en dos minutos.
+description: WireGuard es un protocolo VPN revolucionario que promete mayor seguridad y velocidades más rápidas en comparación con las soluciones existentes. IVPN ofrece WireGuard en nuestras aplicaciones de Windows, macOS, Linux, iOS y Android. Configura y ejecuta WireGuard VPN en dos minutos.
 url: /es/wireguard/
 params:
   translated: true
 ---
 # WireGuard<sup>®</sup> VPN
 
-[WireGuard](https://www.wireguard.com/) es un protocolo VPN revolucionario que utiliza criptografía de última generación prometiendo mayor seguridad y velocidades más rápidas en comparación con las soluciones existentes. Consulte la [página del protocolo WireGuard](https://www.wireguard.com/) para obtener una descripción general rápida del protocolo y la criptografía. Para una discusión en profundidad, revise el [documento técnico](https://www.wireguard.com/papers/wireguard.pdf).
+[WireGuard](https://www.wireguard.com/) es un protocolo VPN revolucionario que utiliza criptografía de última generación prometiendo mayor seguridad y velocidades más rápidas en comparación con las soluciones existentes. Consulta la [página del protocolo WireGuard](https://www.wireguard.com/) para obtener una descripción general rápida del protocolo y la criptografía. Para mayor información, revisa el [documento técnico](https://www.wireguard.com/papers/wireguard.pdf).
 
 ## IVPN + WireGuard
 
 Desde su fusión con Linux Kernel v5.6, el lanzamiento de WireGuard 1.0 y una auditoría de seguridad de terceros, consideramos que el protocolo está listo para un uso a gran escala. Creemos que WireGuard es el mejor protocolo para la mayoría de los clientes debido a su rendimiento excepcional, propiedades de seguridad, capacidad de itinerancia entre direcciones IP sin pérdida de paquetes ni desconexiones y conexión/desconexión instantánea.
 
-Sin embargo, WireGuard® no fue diseñado pensando en los proveedores de VPN de privacidad. Además, deja ciertos aspectos (por ejemplo, asignación de dirección IP, distribución de claves, etc.) a la responsabilidad del implementador. Como resultado, existen algunos problemas de privacidad que todos los proveedores de VPN responsables deben resolver. Estos problemas no representan de ninguna manera una debilidad del protocolo WireGuard en sí, son simplemente aspectos que los diseñadores del protocolo omitieron intencionalmente. Hemos identificado e implementado las siguientes soluciones en la red IVPN.
+Sin embargo, WireGuard® no fue diseñado pensando en los proveedores de VPN de privacidad. Además, deja ciertos aspectos (por ejemplo, asignación de dirección IP, distribución de claves, etc.) a la responsabilidad del desarrollador. Como resultado, existen algunos problemas de privacidad que todos los proveedores de VPN responsables deben resolver. Estos problemas no representan de ninguna manera una debilidad del protocolo WireGuard en sí, son simplemente aspectos que los diseñadores del protocolo omitieron intencionalmente. Hemos identificado e implementado las siguientes soluciones en la red IVPN.
 
 <span class="badge">Asunto</span>
 
@@ -33,16 +33,16 @@ Las aplicaciones IVPN llaman al backend de forma automática y transparente cada
 
 Las aplicaciones IVPN regeneran de forma automática y transparente un nuevo par de claves cada 24 horas y cargan la clave pública al backend para distribuirla a todos los servidores. 
 
-## WireGuard  FAQ
+## WireGuard FAQ
 
 #### ¿Cómo puedo utilizar WireGuard?
 
-* [Configura tu propio servidor WireGuard](https://www.wireguard.com/quickstart/) y conéctate usando una de las aplicaciones cliente oficiales.
+* [Configura tu propio servidor WireGuard](https://www.wireguard.com/quickstart/) y conéctate usando una de las aplicaciones oficiales.
 * Suscríbete a un proveedor de VPN que admita WireGuard. Si bien IVPN no es el único servicio que ofrece WireGuard, fuimos [los primeros en adoptarlo](/blog/introducing-wireguard-fully-automated/) y tener una experiencia significativa dándole soporte.
 
 #### ¿Qué sistemas operativos admite WireGuard?
 
-WireGuard es compatible con todos los principales sistemas operativos. La compatibilidad con WireGuard está integrada en las aplicaciones de IVPN para Windows, macOS, Linux, Android e iOS.
+WireGuard es compatible con todos los principales sistemas operativos. La compatibilidad con WireGuard está integrada en las aplicaciones de IVPN para Windows, macOS, Linux, iOS y Android.
 
 #### ¿Qué criptografía se utiliza en WireGuard?
 
@@ -58,21 +58,21 @@ WireGuard utiliza los siguientes protocolos y primitivas:
 
 #### ¿Dónde tienes los servidores WireGuard?
 
-Ofrecemos servidores WireGuard en 45 ubicaciones en 32 países. Revisa la lista completa de servidores en nuestra[página de estado de servidores](/status/).
+Ofrecemos servidores WireGuard en 45 ubicaciones en 32 países. Revisa la lista completa de servidores en nuestra [página de estado de servidores](/status/).
 
-#### Soy suscriptor de IVPN. ¿Necesito registrarme en WireGuard?
+#### Soy usuario de IVPN. ¿Necesito registrarme en WireGuard?
 
 WireGuard está disponible y listo para su uso para todos los clientes de IVPN existentes. No es necesario registrarse por separado.
 
-#### ¿Ofrecen todas las funciones de IVPN para WireGuard?
+#### ¿Se ofrecen todas las funciones de IVPN para WireGuard?
 
-Admitimos las mismas funciones de seguridad y privacidad que con OpenVPN, por ejemplo, Firewall, Redes confiables, AntiTracker y Multi-hop.
+Admitimos las mismas funciones de seguridad y privacidad que con OpenVPN, por ejemplo, Firewall, protección de redes inseguras, AntiTracker y Multi-hop.
 
-#### ¿Ofrecen soporte IPv6 para WireGuard?
+#### ¿Se ofrece soporte IPv6 para WireGuard?
 
 Si.
 
-#### ¿Qué puertos utilizas para WireGuard?
+#### ¿Qué puertos se utilizan para WireGuard?
 
 Puertos UDP 53, 80, 443, 1194, 2049, 2050, 30587, 41893, 48574, 58237.
 
@@ -80,8 +80,8 @@ Puertos UDP 53, 80, 443, 1194, 2049, 2050, 30587, 41893, 48574, 58237.
 
 No, cuando se utiliza la aplicación IVPN, las claves se generan automáticamente y la clave pública se carga en nuestro servidor en el momento en que selecciona el protocolo WireGuard en la aplicación.
 
-Si no está utilizando una aplicación IVPN, también puede generar y descargar archivos de configuración WireGuard en el [Área de cliente](/account/wireguard-config).
+Si no estás utilizando una aplicación IVPN, también puedes generar y descargar archivos de configuración WireGuard en el [Área de cliente](/account/wireguard-config).
 
 #### ¿Qué servidor DNS se utiliza al conectarse con WireGuard?
 
-Alojamos nuestros propios servidores DNS sin registros que se envían y aplican automáticamente a su dispositivo cuando se conecta. Cuando está conectado, la dirección IP del servidor DNS es 172.16.0.1
+Alojamos nuestros propios servidores DNS sin registros que se envían y aplican automáticamente a tu dispositivo cuando te conectas. Cuando estás conectado, la dirección IP del servidor DNS es 172.16.0.1

From 703289622be6a73be1704851b1bca683f59fa41a Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Tue, 28 May 2024 10:56:56 +0100
Subject: [PATCH 69/98] Localisation: Pricing page

---
 src/config/_default/menus/menus.en.toml       |  4 +-
 src/config/_default/menus/menus.es.toml       |  4 +-
 src/themes/ivpn-v3/assets/js/app.js           | 35 ++++++++----
 .../ivpn-v3/assets/js/components/PriceBox.vue | 19 ++++++-
 src/themes/ivpn-v3/assets/js/views/Prices.vue | 54 +++++++++----------
 src/themes/ivpn-v3/locales/en.json            | 35 +++++++++++-
 src/themes/ivpn-v3/locales/es.json            | 34 +++++++++++-
 7 files changed, 139 insertions(+), 46 deletions(-)

diff --git a/src/config/_default/menus/menus.en.toml b/src/config/_default/menus/menus.en.toml
index 4f32cca16..452b3c56b 100644
--- a/src/config/_default/menus/menus.en.toml
+++ b/src/config/_default/menus/menus.en.toml
@@ -13,7 +13,7 @@
   [[main]]
     identifier = "privacy"
     name = "Privacy"
-    url = "/privacy/"
+    url = "/en/privacy/"
     weight = 30
 
   [[main]]
@@ -134,7 +134,7 @@
   [[footercolthree]]
     identifier = "privacy-policy"
     name = "Privacy Policy"
-    url = "/privacy/"
+    url = "/en/privacy/"
     weight = 50
 
   [[footercolthree]]
diff --git a/src/config/_default/menus/menus.es.toml b/src/config/_default/menus/menus.es.toml
index 4e46fc07c..c6e67b30c 100644
--- a/src/config/_default/menus/menus.es.toml
+++ b/src/config/_default/menus/menus.es.toml
@@ -13,7 +13,7 @@
   [[main]]
     identifier = "privacy"
     name = "Privacy"
-    url = "/privacy/"
+    url = "/es/privacy/"
     weight = 30
 
   [[main]]
@@ -134,7 +134,7 @@
   [[footercolthree]]
     identifier = "privacy-policy"
     name = "Privacy Policy"
-    url = "/privacy/"
+    url = "/es/privacy/"
     weight = 50
 
   [[footercolthree]]
diff --git a/src/themes/ivpn-v3/assets/js/app.js b/src/themes/ivpn-v3/assets/js/app.js
index dc5ef7d05..9d0084c94 100644
--- a/src/themes/ivpn-v3/assets/js/app.js
+++ b/src/themes/ivpn-v3/assets/js/app.js
@@ -19,11 +19,18 @@ let products = {
             hasPortForwarding: false,
         },
         prices: [
-            { id: 'standard-1week', name: '1 Week', price: 2 },
-            { id: 'standard-1month', name: '1 Month', price: 6 },
-            { id: 'standard-1year', name: '1 Year', price: 60, ref: 72 },
-            { id: 'standard-2year', name: '2 Years', price: 100, ref: 144 },
-            { id: 'standard-3year', name: '3 Years', price: 140, ref: 216 },
+            { id: 'standard-1week', name: en.pricing.oneWeek, price: 2 },
+            { id: 'standard-1month', name: en.pricing.oneMonth, price: 6 },
+            { id: 'standard-1year', name: en.pricing.oneYear, price: 60, ref: 72 },
+            { id: 'standard-2year', name: en.pricing.twoYears, price: 100, ref: 144 },
+            { id: 'standard-3year', name: en.pricing.threeYears, price: 140, ref: 216 },
+        ],
+        pricesEs: [
+            { id: 'standard-1week', name: es.pricing.oneWeek, price: 2 },
+            { id: 'standard-1month', name: es.pricing.oneMonth, price: 6 },
+            { id: 'standard-1year', name: es.pricing.oneYear, price: 60, ref: 72 },
+            { id: 'standard-2year', name: es.pricing.twoYears, price: 100, ref: 144 },
+            { id: 'standard-3year', name: es.pricing.threeYears, price: 140, ref: 216 },
         ]
     },
     pro: {
@@ -33,11 +40,19 @@ let products = {
             hasPortForwarding: false,
         },
         prices: [
-            { id: 'pro-1week', name: '1 Week', price: 4 },
-            { id: 'pro-1month', name: '1 Month', price: 10 },
-            { id: 'pro-1year', name: '1 Year', price: 100, ref: 120 },
-            { id: 'pro-2year', name: '2 Years', price: 160, ref: 240 },
-            { id: 'pro-3year', name: '3 Years', price: 220, ref: 360 },
+            { id: 'pro-1week', name: en.pricing.oneWeek, price: 4 },
+            { id: 'pro-1month', name: en.pricing.oneMonth, price: 10 },
+            { id: 'pro-1year', name: en.pricing.oneYear, price: 100, ref: 120 },
+            { id: 'pro-2year', name: en.pricing.twoYears, price: 160, ref: 240 },
+            { id: 'pro-3year', name: en.pricing.threeYears, price: 220, ref: 360 },
+
+        ],
+        pricesEs: [
+            { id: 'pro-1week', name: es.pricing.oneWeek, price: 4 },
+            { id: 'pro-1month', name: es.pricing.oneMonth, price: 10 },
+            { id: 'pro-1year', name: es.pricing.oneYear, price: 100, ref: 120 },
+            { id: 'pro-2year', name: es.pricing.twoYears, price: 160, ref: 240 },
+            { id: 'pro-3year', name: es.pricing.threeYears, price: 220, ref: 360 },
 
         ]
     }
diff --git a/src/themes/ivpn-v3/assets/js/components/PriceBox.vue b/src/themes/ivpn-v3/assets/js/components/PriceBox.vue
index d68df2c8f..bdaa7c6fd 100644
--- a/src/themes/ivpn-v3/assets/js/components/PriceBox.vue
+++ b/src/themes/ivpn-v3/assets/js/components/PriceBox.vue
@@ -4,7 +4,7 @@
         <div class="price-options">
             <div
                 class="price-option"
-                v-for="price in prices"
+                v-for="price in pricesLocale"
                 v-bind:key="price.id"
             >
                 <label>
@@ -32,13 +32,14 @@
                 width="32"
                 height="32"
                 v-if="inProgress && !current"
-            />Select
+            />{{ $t('pricing.select') }}
         </button>
     </div>
 </template>
 
 <script>
 import Spinner from "@/components/ProgressSpinner.vue";
+import { useI18n } from "vue-i18n";
 
 export default {
     props: ["prices", "onselect", "disabled", "current", "inProgress"],
@@ -46,6 +47,20 @@ export default {
     model: {
         event: "change",
     },
+    data() {
+        return {
+            pricesLocale: [],
+        };
+    },
+    mounted(){
+        let lang = window.location.href.split("/")[3];
+        useI18n().locale.value = lang;
+        if( lang  === "es"){
+            this.pricesLocale = this.prices.pricesEs;
+        } else {
+            this.pricesLocale = this.prices.prices;
+        }
+    },
 
     methods: {
         selected() {
diff --git a/src/themes/ivpn-v3/assets/js/views/Prices.vue b/src/themes/ivpn-v3/assets/js/views/Prices.vue
index e752337d4..0a98ee581 100644
--- a/src/themes/ivpn-v3/assets/js/views/Prices.vue
+++ b/src/themes/ivpn-v3/assets/js/views/Prices.vue
@@ -7,7 +7,7 @@
 
         <div class="prices">
             <price-box
-                :prices="products.standard.prices"
+                :prices="products.standard"
                 @selected="selected('IVPN Standard')"
                 :disabled="inProgress"
                 :inProgress="inProgress && selectedProduct == 'IVPN Standard'"
@@ -23,7 +23,7 @@
             </price-box>
 
             <price-box
-                :prices="products.pro.prices"
+                :prices="products.pro"
                 @selected="selected('IVPN Pro')"
                 :disabled="inProgress"
                 :inProgress="inProgress && selectedProduct == 'IVPN Pro'"
@@ -40,39 +40,39 @@
             </price-box>
         </div>
         <div v-if="auth.error" class="error"><p>{{ auth.error.message }}</p></div>
-        <p>All prices are in U.S. dollars.</p>
-        <p>Review pricing for business or nonprofit teams <a href="/pricing-teams/">here</a>.</p>
+        <p>{{ $t('pricing.productFooterPrice') }}</p>
+        <p>{{ $t('pricing.productFooterReview') }} <a href="/pricing-teams/">{{ $t('pricing.here') }}</a>.</p>
         <section>
-            <h2>All IVPN plans include:</h2>
+            <h2>{{ $t('pricing.featuresTitle') }}</h2>
             <ul>
-                <li>Anonymous registration - no email required</li>
-                <li>Open-source applications for Android, iOS, macOS, Windows and Linux</li>
-                <li>Cash, Monero and Bitcoin payment options for better anonymity</li>
-                <li>Money-back guarantee for 30 days</li>
-                <li>Private DNS servers</li>
-                <li>AntiTracker with blocklist selection option</li>
-                <li>Killswitch/firewall and obfuscation methods where applicable</li>
-                <li>SOCKS5 proxy service</li>
-                <li>Router, NAS support</li>
+                <li>{{ $t('pricing.feature1') }}</li>
+                <li>{{ $t('pricing.feature2') }}</li>
+                <li>{{ $t('pricing.feature3') }}</li>
+                <li>{{ $t('pricing.feature4') }}</li>
+                <li>{{ $t('pricing.feature5') }}</li>
+                <li>{{ $t('pricing.feature6') }}</li>
+                <li>{{ $t('pricing.feature7') }}</li>
+                <li>{{ $t('pricing.feature8') }}</li>
+                <li>{{ $t('pricing.feature9') }}</li>
             </ul>
             <br>
-            <h2>Supported payment methods:</h2>
+            <h2>{{ $t('pricing.paymentMethodsTitle') }}</h2>
             <ul>
-                <li>Credit Card</li>
-                <li>PayPal</li>
-                <li>Bitcoin</li>
-                <li>Bitcoin Lightning</li>
-                <li>Monero</li>
-                <li>Cash</li>
+                <li>{{ $t('pricing.paymentMethod1') }}</li>
+                <li>{{ $t('pricing.paymentMethod2') }}</li>
+                <li>{{ $t('pricing.paymentMethod3') }}</li>
+                <li>{{ $t('pricing.paymentMethod4') }}</li>
+                <li>{{ $t('pricing.paymentMethod5') }}</li>
+                <li>{{ $t('pricing.paymentMethod6') }}</li>
             </ul>
             <br>
-            <h2>Why trust IVPN?</h2>
+            <h2>{{ $t('pricing.trustTitle') }}</h2>
             <ul>
-                <li>No logs, regularly audited VPN service</li>
-                <li>No customer data stored</li>
-                <li>Clear privacy policy</li>
-                <li>Transparent ownership and team</li>
-                <li>Strong ethics: no trackers, no false promises, no surveillance ads</li>
+                <li>{{ $t('pricing.trustList1') }}</li>
+                <li>{{ $t('pricing.trustList2') }}</li>
+                <li>{{ $t('pricing.trustList3') }}</li>
+                <li>{{ $t('pricing.trustList4') }}</li>
+                <li>{{ $t('pricing.trustList5') }}</li>
             </ul>
         </section>
     </div>
diff --git a/src/themes/ivpn-v3/locales/en.json b/src/themes/ivpn-v3/locales/en.json
index e809ff632..319e3ab58 100644
--- a/src/themes/ivpn-v3/locales/en.json
+++ b/src/themes/ivpn-v3/locales/en.json
@@ -38,7 +38,38 @@
         "standardDevices": "2 devices",
         "antitracker": "AntiTracker",
         "proDevices": "7 devices",
-        "multihop": "Multi-hop"
-
+        "multihop": "Multi-hop",
+        "productFooterPrice": "All prices are in U.S. dollars.",
+        "productFooterReview": "Review pricing for business or nonprofit teams",
+        "here": "here",
+        "featuresTitle": "All IVPN plans include:",
+        "feature1": "Anonymous registration - no email required",
+        "feature2": "Open-source applications for Android, iOS, macOS, Windows and Linux",
+        "feature3": "Cash, Monero and Bitcoin payment options for better anonymity",
+        "feature4": "Money-back guarantee for 30 days",
+        "feature5": "Private DNS servers",
+        "feature6": "AntiTracker with blocklist selection option",
+        "feature7": "Killswitch/firewall and obfuscation methods where applicable",
+        "feature8": "SOCKS5 proxy service",
+        "feature9": "Router, NAS support",
+        "paymentMethodsTitle": "Supported payment methods:",
+        "paymentMethod1": "Credit Card",
+        "paymentMethod2": "PayPal",
+        "paymentMethod3": "Bitcoin",
+        "paymentMethod4": "Bitcoin Lightning",
+        "paymentMethod5": "Monero",
+        "paymentMethod6": "Cash",
+        "trustTitle": "Why trust IVPN?",
+        "trustList1": "No logs, regularly audited VPN service",
+        "trustList2": "No customer data stored",
+        "trustList3": "Clear privacy policy",
+        "trustList4": "Transparent ownership and team",
+        "trustList5": "Strong ethics: no trackers, no false promises, no surveillance ads",
+        "oneWeek": "1 Week",
+        "oneMonth": "1 Month",
+        "oneYear": "1 Year",
+        "twoYears": "2 Years",
+        "threeYears": "3 Years",
+        "select": "Select"
     }
 }
\ No newline at end of file
diff --git a/src/themes/ivpn-v3/locales/es.json b/src/themes/ivpn-v3/locales/es.json
index b1932c599..a4e929ece 100644
--- a/src/themes/ivpn-v3/locales/es.json
+++ b/src/themes/ivpn-v3/locales/es.json
@@ -38,7 +38,39 @@
         "standardDevices": "2 dispositivos",
         "antitracker": "AntiTracker",
         "proDevices": "7 dispositivos",
-        "multihop": "Multi-hop"
+        "multihop": "Multi-hop",
+        "productFooterPrice": "Todos los precios están en dólares estadounidenses.",
+        "productFooterReview": "Consulta los precios para empresas u organizaciones no gubernamentales.",
+        "here": "aquí",
+        "featuresTitle": "Todos los planes IVPN incluyen:",
+        "feature1": "Registro anónimo - no se requiere correo electrónico",
+        "feature2": "Aplicaciones de código abierto para Android, iOS, macOS, Windows y Linux",
+        "feature3": "Opciones de pago en efectivo, Monero y Bitcoin para un mejor anonimato",
+        "feature4": "Garantía de devolución de dinero durante 30 días",
+        "feature5": "Servidores DNS privados",
+        "feature6": "AntiTracker con opción de selección de lista de bloqueo",
+        "feature7": "Killswitch/firewall y métodos de ofuscación cuando corresponda",
+        "feature8": "Servicio de proxy SOCKS5",
+        "feature9": "Soporte para router y NAS",
+        "paymentMethodsTitle": "Métodos de pago admitidos:",
+        "paymentMethod1": "Tarjeta de crédito",
+        "paymentMethod2": "PayPal",
+        "paymentMethod3": "Bitcoin",
+        "paymentMethod4": "Bitcoin Lightning",
+        "paymentMethod5": "Monero",
+        "paymentMethod6": "En efectivo",
+        "trustTitle": "¿Por qué confiar en IVPN?",
+        "trustList1": "Sin registros, servicio VPN auditado periódicamente",
+        "trustList2": "No se almacenan datos de clientes",
+        "trustList3": "Política de privacidad clara",
+        "trustList4": "Propiedad y equipo transparentes",
+        "trustList5": "Ética sólida: sin rastreadores, sin falsas promesas, sin anuncios de vigilancia",
+        "oneWeek": "1 Semana",
+        "oneMonth": "1 Mes",
+        "oneYear": "1 Año",
+        "twoYears": "2 Años",
+        "threeYears": "3 Años",
+        "select": "Seleccionar"
 
     }
 }
\ No newline at end of file

From 1d527006cb43fb492ddee1e6dfeb18993d981ea0 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Tue, 28 May 2024 12:01:21 +0200
Subject: [PATCH 70/98] Update terms-of-service.md

---
 src/content/es/pages/terms-of-service.md | 42 ++++++++++++------------
 1 file changed, 21 insertions(+), 21 deletions(-)

diff --git a/src/content/es/pages/terms-of-service.md b/src/content/es/pages/terms-of-service.md
index cafed28ba..5123f0ba2 100644
--- a/src/content/es/pages/terms-of-service.md
+++ b/src/content/es/pages/terms-of-service.md
@@ -10,51 +10,51 @@ canonical:
 
 ###### Última actualización: 21 de enero de 2021
 
-Estos son los términos de servicio que tú aceptas cuando te suscribes y/o utilizas los servicios de IVPN, operados por IVPN Limited.
+Estos son los términos de servicio que aceptas cuando te suscribes y/o utilizas los servicios de IVPN, operados por IVPN Limited.
 
 Ten en cuenta que en este acuerdo, el término "Tú" significa tú el "Suscriptor/Usuario", y el término "Nosotros" o "Nuestro" significa IVPN Limited, sus propietarios, empleados, agentes y cualquier otra persona involucrada con IVPN Limited.
 
-##### Como suscriptor de nuestros servicios, tú aceptas que:
+##### Como usuario de nuestros servicios, tú aceptas que:
 
-1. Tú no utilizarás nuestro servicio para piratear o atacar otras computadoras o redes en Internet.
+1. No utilizarás nuestro servicio para piratear o atacar otros ordenadores o redes en Internet.
 
-2. Tú no utilizarás nuestro servicio para escanear (por ejemplo, escanear puertos, ejecutar cazadores de proxy) otras computadoras o redes en Internet.
+2. No utilizarás nuestro servicio para escanear (por ejemplo, escanear puertos, ejecutar cazadores de proxy) otros ordenadores o redes en Internet.
 
-3. Tú no utilizarás nuestro servicio para transmitir virus, gusanos, troyanos, etc. a otras computadoras o redes en Internet.
+3. No utilizarás nuestro servicio para transmitir virus, gusanos, troyanos, etc. a otros ordenadores o redes en Internet.
 
-4. Tú no utilizarás nuestro servicio para atacar nuestros servidores y recursos de ninguna manera.
+4. No utilizarás nuestro servicio para atacar nuestros servidores y recursos de ninguna manera.
 
-5. Tú no utilizarás nuestro servicio para recibir y distribuir materiales pirateados con derechos de autor. Esto incluye, entre otras, las siguientes actividades: comercialización, venta, trueque, intercambio, transmisión o recepción de dichos materiales.
+5. No utilizarás nuestro servicio para recibir y distribuir materiales pirateados con derechos de autor. Esto incluye, entre otras, las siguientes actividades: comercialización, venta, trueque, intercambio, transmisión o recepción de dichos materiales.
 
-6. Tú no utilizarás nuestro servicio para enviar datos no solicitados de ninguna forma. Esto incluye, entre otros, lo siguiente: envío de correos electrónicos no solicitados (es decir, correos electrónicos no deseados), correos electrónicos de odio, correos electrónicos de marketing masivo, mensajes instantáneos no solicitados y SMS no solicitados.
+6. No utilizarás nuestro servicio para enviar datos no solicitados de ninguna forma. Esto incluye, entre otros, lo siguiente: envío de correos electrónicos no solicitados (es decir, correos electrónicos no deseados), correos electrónicos de odio, correos electrónicos de marketing masivo, mensajes instantáneos no solicitados y SMS no solicitados.
 
-7. Tú no utilizarás nuestros servicios para participar en ningún tipo de actividad de pornografía infantil. Esto incluye, entre otros, lo siguiente: comercio, trueque, venta, transmisión o recepción de dicho material.
+7. No utilizarás nuestros servicios para participar en ningún tipo de actividad de pornografía infantil. Esto incluye, entre otros, lo siguiente: comercio, trueque, venta, transmisión o recepción de dicho material.
 
-8. Tú no utilizarás nuestro servicio para ningún tipo de actividades delictivas. Esto incluye, entre otros, lo siguiente: Participar en el uso de tarjetas de crédito robadas, cuentas bancarias robadas, tarjetas de débito robadas, tarjetas de crédito robadas, cuentas de pago en línea robadas (por ejemplo, PayPal).
+8. No utilizarás nuestro servicio para ningún tipo de actividades delictivas. Esto incluye, entre otros, lo siguiente: Participar en el uso de tarjetas de crédito robadas, cuentas bancarias robadas, tarjetas de débito robadas, cuentas de pago en línea robadas (por ejemplo, PayPal).
 
-9. Tú no utilizarás nuestro servicio para enviar correos electrónicos de phishing o robo de identidad.
+9. No utilizarás nuestro servicio para enviar correos electrónicos de phishing o robo de identidad.
 
-10. Tú no promoverás ni alentarás actividades criminales o terroristas de ningún tipo.
+10. No promoverás ni alentarás actividades criminales o terroristas de ningún tipo.
 
-11. Tú no utilizará nuestros servicios para amenazar o acosar a otros.
+11. No utilizará nuestros servicios para amenazar o acosar a otros.
 
-12. Tú no ejecutarás programas que consuman muchos recursos y que interfieran con el uso de nuestros servicios por parte de nuestros usuarios.
+12. No ejecutarás programas que consuman muchos recursos y que interfieran con el uso de nuestros servicios por parte de nuestros usuarios.
 
-13. Tú no compartirás tu cuenta con otros. Tú serás responsable de todas las actividades relacionadas con tu cuenta.
+13. No compartirás tu cuenta con otros. Tú serás responsable de todas las actividades relacionadas con tu cuenta.
 
-14. Tú aceptas no pagar el servicio con una tarjeta de crédito robada.
+14. Aceptas no pagar el servicio con una tarjeta de crédito robada.
 
-15. Tú no revenderás ni intentarás revender cuentas o servicios de IVPN a ningún individuo o entidad para su uso o reventa posterior sin el permiso expreso por escrito de IVPN Limited.
+15. No revenderás ni intentarás revender cuentas o servicios de IVPN a ningún individuo o entidad para su uso o reventa posterior sin el permiso expreso por escrito de IVPN Limited.
 
-16. El servicio que se le ofrece se proporciona "tal cual", sin garantía de ningún tipo. No somos responsables de ningún inconveniente directo, indirecto, consecuente o de cualquier daño o pérdida de ganancias que pueda surgir del uso de nuestros servicios.
+16. El servicio que se te ofrece se proporciona "tal cual", sin garantía de ningún tipo. No somos responsables de ningún inconveniente directo, indirecto, consecuente o de cualquier daño o pérdida de ganancias que pueda surgir del uso de nuestros servicios.
 
 17. No podemos garantizar ni garantizamos la velocidad de nuestro servicio. Tampoco podemos garantizar ni garantizamos que tendrá un servicio ininterrumpido. No somos responsables de ningún inconveniente directo, indirecto, consecuente o de cualquier daño o pérdida de ganancias que pueda surgir del uso de nuestros servicios.
 
-18. No somos responsables de ninguna forma por daños de ningún tipo (realizados o no realizados) que resulten del uso de, o a través del uso, o que surjan del uso o la imposibilidad de usar el servicio IVPN perteneciente a cualquier registrado. usuario.
+18. No somos responsables de ninguna forma de daños de ningún tipo (consciente o inconscientemente) que resulten del uso de, o a través del uso de, o que surjan del uso de, o la imposibilidad de usar el servicio IVPN perteneciente a cualquier usuario registrado.
 
-19. En cualquier caso, IVPN nunca será responsable de ningún daño monetario más allá de lo que el usuario pagó a IVPN y esto no incluirá costos judiciales ni honorarios de abogados, independientemente de cualquier estatuto o ley que pueda interpretarse de otra manera.
+20. En cualquier caso, IVPN nunca será responsable de ningún daño monetario más allá de lo que el usuario pagó a IVPN y esto no incluirá costos judiciales ni honorarios de abogados, independientemente de cualquier estatuto o ley que pueda interpretarse de otra manera.
 
-20. Nos reservamos el derecho de realizar enmiendas o modificaciones a nuestro Acuerdo de Términos de uso. Si realizamos cambios que sean materiales, tomaremos todas las medidas razonables para garantizar que se le informen sobre los cambios, publicándolos de manera destacada en el sitio web de IVPN y enviándolos por correo electrónico a nuestros clientes existentes. El aviso designará un período de tiempo razonable después del cual los nuevos términos entrarán en vigor. Si no está de acuerdo con nuestros cambios, debe dejar de utilizar el servicio IVPN dentro del período de notificación designado. Su uso continuado del servicio IVPN estará sujeto a los nuevos términos. Sin embargo, cualquier disputa que surgiera antes de los cambios se regirá por los términos que estaban vigentes cuando surgió la disputa.
+21. Nos reservamos el derecho de realizar enmiendas o modificaciones a nuestro Acuerdo de Términos de uso. Si realizamos cambios que sean materiales, tomaremos todas las medidas razonables para garantizar que se informa sobre los cambios, publicándolos de manera destacada en la página web de IVPN y enviándolos por correo electrónico a nuestros clientes existentes. El aviso designará un período de tiempo razonable después del cual los nuevos términos entrarán en vigor. Si no estás de acuerdo con nuestros cambios, debes dejar de utilizar el servicio IVPN dentro del período de notificación designado. eL uso continuado del servicio IVPN estará sujeto a los nuevos términos. Sin embargo, cualquier disputa que surgiera antes de los cambios se regirá por los términos que estaban vigentes cuando surgió la disputa.
 
 Este es nuestro acuerdo vinculante cuando aceptas estos términos de servicio.
 

From 99f8d372b0a2ea54c6d23519e7d2d4a6a273be14 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Tue, 28 May 2024 12:02:10 +0200
Subject: [PATCH 71/98] Update servers.md

---
 src/content/es/pages/servers.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/es/pages/servers.md b/src/content/es/pages/servers.md
index 8b0612684..d2fbcbaaa 100644
--- a/src/content/es/pages/servers.md
+++ b/src/content/es/pages/servers.md
@@ -1,5 +1,5 @@
 ---
-title: Estado servidores IVPN
+title: Estado de servidores IVPN
 url: /es/status/
 params:
   translated: true

From f1c9c068019d52a84815dcc525414c5831d370d3 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Tue, 28 May 2024 12:05:02 +0200
Subject: [PATCH 72/98] Update refunds.md

---
 src/content/es/pages/refunds.md | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/content/es/pages/refunds.md b/src/content/es/pages/refunds.md
index a4539d631..eae6da7d3 100644
--- a/src/content/es/pages/refunds.md
+++ b/src/content/es/pages/refunds.md
@@ -8,7 +8,7 @@ params:
 
 IVPN se esfuerza por satisfacer las expectativas de todos los usuarios y ofrece soporte ilimitado para ayudar a los usuarios con cualquier problema que puedan encontrar.
 
-Si no estás satisfecho por algún motivo, puedes solicitar **un reembolso completo dentro de los 30 días** de su pago. Esta oferta de reembolso completo está disponible **una vez por cuenta y por cliente**.
+Si no estás satisfecho por algún motivo, puedes solicitar **un reembolso completo dentro de los 30 días** desde tu pago. Esta oferta de reembolso completo está disponible **una vez por cuenta y por cliente**.
 
 A continuación se muestra la información que necesitas enviarnos al <a href="mailto:support@ivpn.net">correo electrónico</a> para cada método de pago:
 
@@ -16,7 +16,7 @@ A continuación se muestra la información que necesitas enviarnos al <a href="m
 
 - La referencia segura de tu cuenta IVPN (XXXXXXXX) o el ID de tu cuenta IVPN (i-XXXX-XXXX-XXXX / ivpnXXXXXXXX).
 
-Si no recuerdas los detalles de tu cuenta, proporciónanos los primeros 6 dígitos del número de tarjeta, los últimos 4 dígitos del número de tarjeta, la fecha del pago y el monto pagado.
+Si no recuerdas los detalles de tu cuenta, proporciónanos los primeros 6 dígitos del número de tarjeta, los últimos 4 dígitos del número de tarjeta, la fecha del pago y la cantidad pagada.
 
 <h2>PayPal</h2>
 
@@ -30,9 +30,9 @@ Si no recuerdas los detalles de tu cuenta, proporciónenos la dirección de corr
 
 - Tu dirección de billetera Bitcoin/Monero para recibir el reembolso.
 
-Si no recuerdas los detalles de tu cuenta, proporciónanos el ID de la transacción de tu pago de Bitcoin o Monero, la fecha de pago y el monto pagado.
+Si no recuerdas los detalles de tu cuenta, proporciónanos el ID de la transacción de tu pago de Bitcoin o Monero, la fecha de pago y la cantidad pagada.
 
-Ten en cuenta: las compras de IVPN Light no son reembolsables.
+Ten en cuenta que las compras de IVPN Light no son reembolsables.
 
 <h2>Compra desde la aplicación de Android</h2>
 
@@ -42,10 +42,10 @@ Ten en cuenta: las compras de IVPN Light no son reembolsables.
 
 <h2>Compra desde la aplicación de iOS</h2>
 
-Apple reembolsa las compras de la App Store. Los detalles sobre cómo enviar el reclamo de reembolso a Apple se pueden encontrar <a href="https://support.apple.com/en-gb/HT204084" target="_blank">aquí</a>.
+Apple reembolsa las compras desde la App Store. Los detalles sobre cómo enviar el reclamo de reembolso a Apple se pueden encontrar <a href="https://support.apple.com/en-gb/HT204084" target="_blank">aquí</a>.
 
 <h2>Efectivo y vales</h2>
 
 Los pagos en efectivo y con cupones no son reembolsables.
 
-**Ten en cuenta**: No ofrecemos reembolsos prorrateados.
+**Ten en cuenta** que no ofrecemos reembolsos prorrateados.

From 54b23075a6bbaf146cba9e295d322f9b212acd77 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Tue, 28 May 2024 13:59:03 +0200
Subject: [PATCH 73/98] Update privacy-policy.md

---
 src/content/es/pages/privacy-policy.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/content/es/pages/privacy-policy.md b/src/content/es/pages/privacy-policy.md
index aec62002c..e4d89eb2c 100644
--- a/src/content/es/pages/privacy-policy.md
+++ b/src/content/es/pages/privacy-policy.md
@@ -172,7 +172,7 @@ Las solicitudes de acceso a los sujetos deben realizarse por escrito a sar@ivpn.
 
 ### ¿Dónde está la autoridad reguladora que supervisa la jurisdicción en la que opera IVPN según el GDPR?
 
-IVPN está registrada en Gibraltar y, como tal, el organismo regulador del RGPD es la [Autoridad Reguladora de Gibraltar] (http://www.gra.gi/).
+IVPN está registrada en Gibraltar y, como tal, el organismo regulador del RGPD es la [Autoridad Reguladora de Gibraltar](http://www.gra.gi/).
 
 ### ¿Qué sucede si recibo un aviso legal, como una DMCA, para los derechos de autor del material que he descargado?
 
@@ -222,4 +222,4 @@ Se utiliza para escanear códigos QR para iniciar sesión con una ID de cuenta.
 
 IVPN se reserva el derecho de cambiar esta política de privacidad en cualquier momento. En tales casos, tomaremos todas las medidas razonables para garantizar que estos cambios lleguen a tu conocimiento publicando todos los cambios de manera destacada en la página web de IVPN durante un período de tiempo razonable, antes de que la nueva política entre en vigencia, así como enviando correos electrónicos a nuestros clientes existentes.
 
-Si tienes alguna pregunta o comentario sobre esta política, no dude en contactarnos.
\ No newline at end of file
+Si tienes alguna pregunta o comentario sobre esta política, no dudes en contactarnos.

From a99185e123cba92122aab15c10e42cd90dca6d37 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Tue, 28 May 2024 14:04:26 +0200
Subject: [PATCH 74/98] Update es.json

---
 src/themes/ivpn-v3/locales/es.json | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/src/themes/ivpn-v3/locales/es.json b/src/themes/ivpn-v3/locales/es.json
index a4e929ece..faba4bc3f 100644
--- a/src/themes/ivpn-v3/locales/es.json
+++ b/src/themes/ivpn-v3/locales/es.json
@@ -9,13 +9,13 @@
         "server": "SERVIDOR",
         "placeholder": "Servidor",
         "table": {
-            "country": "PAIS",
+            "country": "PAÍS",
             "city": "CIUDAD",
             "provider": "PROVEEDOR",
             "load": "CARGA"
         },
         "details": {
-            "wireguard": "Llave pública WireGuard ",
+            "wireguard": "Clave pública WireGuard ",
             "multihop": "Puerto MultiHop",
             "obfs3single": "Puerto OBFS3 SingleHop",
             "obfs3multi": "Puerto OBFS3 MultiHop",
@@ -28,10 +28,10 @@
     },
     "pricing":{
         "meta": {
-            "title": "Precios de IVPN - suscripción VPN con registro anónimo"
+            "title": "Precios de IVPN - suscripción VPN con inscripción anónima"
         },
-        "title": "Elije Plan IVPN",
-        "description": "Seleccione un plan para crear su cuenta al instante. Puede cambiar entre IVPN Standard y Pro en cualquier momento en el futuro.",
+        "title": "Selecciona Plan IVPN",
+        "description": "Selecciona un plan para crear tu cuenta al instante. Puedes cambiar entre IVPN Standard y Pro en cualquier momento en el futuro.",
         "standard": "IVPN STANDARD",
         "pro": "IVPN PRO",
         "allProtocols": "Todos los protocolos",
@@ -40,13 +40,13 @@
         "proDevices": "7 dispositivos",
         "multihop": "Multi-hop",
         "productFooterPrice": "Todos los precios están en dólares estadounidenses.",
-        "productFooterReview": "Consulta los precios para empresas u organizaciones no gubernamentales.",
+        "productFooterReview": "Consulta los precios para empresas u organizaciones no gubernamentales",
         "here": "aquí",
         "featuresTitle": "Todos los planes IVPN incluyen:",
-        "feature1": "Registro anónimo - no se requiere correo electrónico",
+        "feature1": "Inscripción anónima - no se requiere correo electrónico",
         "feature2": "Aplicaciones de código abierto para Android, iOS, macOS, Windows y Linux",
         "feature3": "Opciones de pago en efectivo, Monero y Bitcoin para un mejor anonimato",
-        "feature4": "Garantía de devolución de dinero durante 30 días",
+        "feature4": "Garantía de reembolso de 30 días",
         "feature5": "Servidores DNS privados",
         "feature6": "AntiTracker con opción de selección de lista de bloqueo",
         "feature7": "Killswitch/firewall y métodos de ofuscación cuando corresponda",
@@ -73,4 +73,4 @@
         "select": "Seleccionar"
 
     }
-}
\ No newline at end of file
+}

From 7238255619244d8df734c4f2c97d71f9318a8ed8 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Tue, 28 May 2024 14:07:08 +0200
Subject: [PATCH 75/98] Update apps-windows.md

---
 src/content/es/pages/apps-windows.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/es/pages/apps-windows.md b/src/content/es/pages/apps-windows.md
index 4a79fe47b..13a97cc94 100644
--- a/src/content/es/pages/apps-windows.md
+++ b/src/content/es/pages/apps-windows.md
@@ -46,7 +46,7 @@ Si prefieres no utilizar la aplicación IVPN, sigue la guía de configuración c
 - [WireGuard (Windows 10)](/setup/windows-10-wireguard/)  
 - [OpenVPN GUI (Windows 10)](/setup/windows-10-openvpn-community/)
 - [OpenVPN GUI (Windows 8)](/setup/windows-8-openvpn-community/)
-- [IPSec with IKEv2 (Windows 10)](/setup/windows-10-ipsec-with-ikev2/)
+- [IPSec con IKEv2 (Windows 10)](/setup/windows-10-ipsec-with-ikev2/)
 
 ## Descarga una versión anterior
 

From 7d213ff5388ee9b28480bf9777efea04a752f0e7 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Tue, 28 May 2024 14:10:16 +0200
Subject: [PATCH 76/98] Update apps-macos.md

---
 src/content/es/pages/apps-macos.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/es/pages/apps-macos.md b/src/content/es/pages/apps-macos.md
index ccd49be59..f04301704 100644
--- a/src/content/es/pages/apps-macos.md
+++ b/src/content/es/pages/apps-macos.md
@@ -57,7 +57,7 @@ Si prefieres no utilizar la aplicación IVPN, sigue la guía de configuración c
 
 - [WireGuard](/setup/macos-wireguard/)
 - [Tunnelblick (OpenVPN)](/setup/macos-openvpn-tunnelblick/)  
-- [IPSec with IKEv2](/setup/macos-ipsec-with-ikev2/)   
+- [IPSec con IKEv2](/setup/macos-ipsec-with-ikev2/)   
 
 ## Descarga una versión anterior
 

From 6bbb21954c34a571f7111897e7360f23d275c796 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Tue, 28 May 2024 14:12:22 +0200
Subject: [PATCH 77/98] Update apps-ios.md

---
 src/content/es/pages/apps-ios.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/es/pages/apps-ios.md b/src/content/es/pages/apps-ios.md
index b52952990..4d5ed28cf 100644
--- a/src/content/es/pages/apps-ios.md
+++ b/src/content/es/pages/apps-ios.md
@@ -1,7 +1,7 @@
 ---
 title: IVPN para iOS - Aplicación VPN de código abierto para tu iPhone y iPad
 description: La IVPN app para iOS, diseñada para iPhone y iPad, te ofrece una protección integral contra filtraciones de privacidad, conexión automática en redes Wi-Fi inseguras y Multi-hop.
-h1: IVPN paara iOS
+h1: IVPN para iOS
 subtitle: Compatible con iOS/iPadOS 14.0+
 url: /es/apps-ios/
 params:

From 00cbc9c76f494eade885c6a3df467e9e7b75d4f8 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Wed, 29 May 2024 14:43:32 +0200
Subject: [PATCH 78/98] Update transparency-report.md

---
 src/content/es/pages/transparency-report.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/es/pages/transparency-report.md b/src/content/es/pages/transparency-report.md
index 5b1347eea..51d55a81b 100644
--- a/src/content/es/pages/transparency-report.md
+++ b/src/content/es/pages/transparency-report.md
@@ -9,7 +9,7 @@ params:
 
 La siguiente tabla muestra la cantidad de solicitudes legales válidas recibidas de agencias gubernamentales o agencias encargadas de hacer cumplir la ley.
 
-Para obtener más información sobre cómo se procesan las solicitudes, consulta las [directrices de proceso legal para el cumplimiento de la ley](/legal-process-guidelines/).
+Para obtener más información sobre cómo se procesan las solicitudes, consulta las [pautas del proceso legal para el cumplimiento de la ley](/es/legal-process-guidelines/).
 
 |   | # Solicitudes recibidas| # Solicitudes válidas recibidas | # Solicitudes válidas recibidas donde se proporcionaron datos |
 |---|---|---|---|

From c147b3146f60c907c1d3ddea03c944b4c08f9827 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Wed, 29 May 2024 15:04:24 +0200
Subject: [PATCH 79/98] Update legal-process-guidelines.md

---
 src/content/en/pages/legal-process-guidelines.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/content/en/pages/legal-process-guidelines.md b/src/content/en/pages/legal-process-guidelines.md
index 7c1f13633..4c2973247 100644
--- a/src/content/en/pages/legal-process-guidelines.md
+++ b/src/content/en/pages/legal-process-guidelines.md
@@ -1,6 +1,9 @@
 ---
 title: Law Enforcement Legal Process Guidelines
-url: /legal-process-guidelines/
+url: /en/legal-process-guidelines/
+aliases: ['/legal-process-guidelines/']
+params:
+  translated: true
 ---
 # Law Enforcement Legal Process Guidelines
 

From 212b8c1cd7ed00c35a8202a4b4085aaacabf6ce7 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Wed, 29 May 2024 15:20:28 +0200
Subject: [PATCH 80/98] Add files via upload

---
 .../es/pages/legal-process-guidelines.md      | 56 +++++++++++++++++++
 1 file changed, 56 insertions(+)
 create mode 100644 src/content/es/pages/legal-process-guidelines.md

diff --git a/src/content/es/pages/legal-process-guidelines.md b/src/content/es/pages/legal-process-guidelines.md
new file mode 100644
index 000000000..415582401
--- /dev/null
+++ b/src/content/es/pages/legal-process-guidelines.md
@@ -0,0 +1,56 @@
+---
+title: Directrices del proceso legal para el cumplimiento de la ley
+url: /es/legal-process-guidelines/
+params:
+  translated: true
+---
+# Directrices del proceso legal para el cumplimiento de la ley
+
+### Introducción
+
+Estas directrices se proporcionan para que el gobierno y organismos encargados de hacer cumplir la ley dentro de Gibraltar las utilicen cuando busquen información de IVPN Limited ("IVPN") sobre los usuarios del servicio IVPN ("usuarios de IVPN").
+
+Estas directrices no se aplican a las solicitudes realizadas por organismos gubernamentales y encargados de hacer cumplir la ley fuera de Gibraltar. IVPN no responde a solicitudes de gobiernos o agencias de aplicación de la ley fuera de Gibraltar; todas las solicitudes deben provenir de una agencia gubernamental con jurisdicción en Gibraltar.
+
+IVPN tiene un proceso centralizado para recibir, rastrear, procesar y responder a solicitudes legales legítimas del gobierno y las autoridades desde que se reciben hasta que se proporciona una respuesta. Nuestro departamento legal revisa y evalúa todas las solicitudes recibidas, y las solicitudes que IVPN determina que no tienen base legal válida o que considera poco claras, inapropiadas o demasiado amplias son cuestionadas o rechazadas.
+
+La información contenida en estas directrices está diseñada para proporcionar información al gobierno y a los organismos encargados de hacer cumplir la ley dentro de Gibraltar sobre el proceso legal que IVPN requiere para revelar información electrónica al gobierno y a los organismos encargados de hacer cumplir la ley dentro de Gibraltar. Estas Directrices no pretenden proporcionar asesoramiento legal.
+
+Nada dentro de estas directrices pretende crear derechos exigibles contra IVPN y las políticas de IVPN pueden actualizarse o cambiarse en el futuro sin previo aviso al gobierno o a las autoridades.
+
+### Acerca de IVPN
+
+IVPN proporciona un servicio VPN "IVPN" para que consumidores y equipos pequeños mejoren su seguridad y privacidad mientras utilizan Internet. Desarrollamos el software necesario para conectarnos de forma segura a nuestros servidores y gestionar una gran red de servidores a través de los cuales se enruta el tráfico de los usuarios de IVPN.
+
+IVPN conserva la información del usuario de acuerdo con la política de privacidad de IVPN y los términos de servicio aplicables. IVPN se compromete a mantener la privacidad de los usuarios del servicio IVPN. En consecuencia, la información sobre los usuarios de IVPN no se divulgará sin un proceso legal válido.
+
+### Proceso legal
+
+IVPN acepta la notificación de citaciones, órdenes de allanamiento y órdenes judiciales por correo electrónico de agencias gubernamentales y de aplicación de la ley, siempre que se transmitan desde la dirección de correo electrónico oficial del gobierno o agencia de aplicación de la ley en cuestión. El personal gubernamental y policial que presente una solicitud legal a IVPN debe transmitirla directamente desde su dirección de correo electrónico oficial del gobierno o policial a [legal@ivpn.net](mailto:legal@ivpn.net). Este buzón está destinado únicamente para uso del personal gubernamental y fuerzas del orden.
+
+Cuando el gobierno o las fuerzas del orden hayan entregado un proceso legal a IVPN por correo electrónico, se debe entregar personalmente una copia impresa duplicada en la sede de IVPN en:
+
+**IVPN Limited, 5 Secretary’s lane, GX11 1AA, Gibraltar.**
+
+Cuando sea posible, IVPN notificará a los usuarios de IVPN cuando se solicite la información de su cuenta de IVPN en respuesta a un proceso legal por parte del gobierno, las autoridades policiales o terceros, excepto cuando el proceso legal en sí prohíba explícitamente la notificación, mediante una orden judicial que reciba IVPN. .
+
+### Información disponible en IVPN
+
+#### Registros de clientes
+
+IVPN no tiene necesidad de recopilar ni almacenar información personal de identificación personal relacionada con nuestros clientes y, por lo tanto, no se solicita, recopila ni almacena información de identificación personal cuando un cliente se inscribe en nuestro servicio. A cada cliente se le asigna un identificador generado aleatoriamente que utiliza para autenticarse en nuestro servicio.
+
+Si se elige un método de pago que requiere un procesador de pagos externo y ese procesador de pagos requiere que IVPN almacene un enlace a la transacción en nuestro sistema, entonces ese identificador junto con el procesador de pagos se almacena con la ID de cuenta de usuario generada aleatoriamente.
+
+### Información no disponible en IVPN
+
+#### Registros de conexión
+
+IVPN no almacena ningún registro relacionado con las conexiones de los usuarios de IVPN a la red VPN, es decir, registros con fechas de cuando un usuario en particular se conectó y desconectó de cualquier servidor en la red IVPN. Si se les proporciona una fecha, IVPN no podrá determinar quién estaba conectado a ningún servidor en ese momento.
+
+#### Registros de actividad
+
+IVPN no almacena registros relacionados con la actividad de los usuarios de IVPN cuando están conectados al servicio IVPN, es decir, registros de a qué servidores de Internet o sitios web se conectó el usuario de IVPN. Por lo tanto, si se le proporciona una marca, IVPN no podrá recuperar ninguna actividad de Internet relacionada con ningún período de tiempo o cuenta de usuario.
+
+Si tienes más preguntas, puedes contatar con nosotros en [legal@ivpn.net](mailto:legal@ivpn.net).
+

From 1ab0eced594a322eefe8202406e332ba9da1d185 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Wed, 29 May 2024 15:21:22 +0200
Subject: [PATCH 81/98] Update legal-process-guidelines.md

---
 src/content/es/pages/legal-process-guidelines.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/es/pages/legal-process-guidelines.md b/src/content/es/pages/legal-process-guidelines.md
index 415582401..f15347639 100644
--- a/src/content/es/pages/legal-process-guidelines.md
+++ b/src/content/es/pages/legal-process-guidelines.md
@@ -52,5 +52,5 @@ IVPN no almacena ningún registro relacionado con las conexiones de los usuarios
 
 IVPN no almacena registros relacionados con la actividad de los usuarios de IVPN cuando están conectados al servicio IVPN, es decir, registros de a qué servidores de Internet o sitios web se conectó el usuario de IVPN. Por lo tanto, si se le proporciona una marca, IVPN no podrá recuperar ninguna actividad de Internet relacionada con ningún período de tiempo o cuenta de usuario.
 
-Si tienes más preguntas, puedes contatar con nosotros en [legal@ivpn.net](mailto:legal@ivpn.net).
+Si tienes más preguntas, puedes contactar con nosotros en [legal@ivpn.net](mailto:legal@ivpn.net).
 

From a6018ce8179a1600b8e83f011899c8aa08535bc8 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Wed, 29 May 2024 15:21:48 +0200
Subject: [PATCH 82/98] Update transparency-report.md

---
 src/content/es/pages/transparency-report.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/es/pages/transparency-report.md b/src/content/es/pages/transparency-report.md
index 51d55a81b..e1d810327 100644
--- a/src/content/es/pages/transparency-report.md
+++ b/src/content/es/pages/transparency-report.md
@@ -9,7 +9,7 @@ params:
 
 La siguiente tabla muestra la cantidad de solicitudes legales válidas recibidas de agencias gubernamentales o agencias encargadas de hacer cumplir la ley.
 
-Para obtener más información sobre cómo se procesan las solicitudes, consulta las [pautas del proceso legal para el cumplimiento de la ley](/es/legal-process-guidelines/).
+Para obtener más información sobre cómo se procesan las solicitudes, consulta las [directrices del proceso legal para el cumplimiento de la ley](/es/legal-process-guidelines/).
 
 |   | # Solicitudes recibidas| # Solicitudes válidas recibidas | # Solicitudes válidas recibidas donde se proporcionaron datos |
 |---|---|---|---|

From 2945f83880d1ec3f8784b389553a23c3daeb33ee Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Wed, 29 May 2024 12:06:04 +0100
Subject: [PATCH 83/98] Localisation: accounts area

---
 src/config/_default/menus/menus.en.toml       |   2 +-
 src/config/_default/menus/menus.es.toml       |   2 +-
 src/content/en/pages/account.md               |   4 +-
 src/content/es/pages/account.md               |   6 +-
 src/themes/ivpn-v3/assets/js/router/index.js  | 219 ++++++++++++++++--
 src/themes/ivpn-v3/assets/js/views/Login.vue  |  29 ++-
 .../ivpn-v3/layouts/partials/header.html      |  12 +-
 src/themes/ivpn-v3/locales/en.json            |  11 +
 src/themes/ivpn-v3/locales/es.json            |  12 +-
 9 files changed, 261 insertions(+), 36 deletions(-)

diff --git a/src/config/_default/menus/menus.en.toml b/src/config/_default/menus/menus.en.toml
index 452b3c56b..310af2c81 100644
--- a/src/config/_default/menus/menus.en.toml
+++ b/src/config/_default/menus/menus.en.toml
@@ -92,7 +92,7 @@
   [[footercoltwo]]
     identifier = "status"
     name = "Servers"
-    url = "/status/"
+    url = "/en/status/"
     weight = 20
 
   [[footercoltwo]]
diff --git a/src/config/_default/menus/menus.es.toml b/src/config/_default/menus/menus.es.toml
index c6e67b30c..75aa6f289 100644
--- a/src/config/_default/menus/menus.es.toml
+++ b/src/config/_default/menus/menus.es.toml
@@ -92,7 +92,7 @@
   [[footercoltwo]]
     identifier = "status"
     name = "Servers"
-    url = "/status/"
+    url = "/es/status/"
     weight = 20
 
   [[footercoltwo]]
diff --git a/src/content/en/pages/account.md b/src/content/en/pages/account.md
index 31ebefbfb..339490ebb 100644
--- a/src/content/en/pages/account.md
+++ b/src/content/en/pages/account.md
@@ -1,6 +1,8 @@
 ---
 title: My Account
-url: /account/
+url: /en/account/
+params:
+  translated: true
 # Leave empty for default, `application` for client area and signup
 layout: application
 menu:
diff --git a/src/content/es/pages/account.md b/src/content/es/pages/account.md
index 31ebefbfb..e91e3dac1 100644
--- a/src/content/es/pages/account.md
+++ b/src/content/es/pages/account.md
@@ -1,6 +1,8 @@
 ---
-title: My Account
-url: /account/
+title: Mi cuenta
+url: /es/account/
+params:
+  translated: true
 # Leave empty for default, `application` for client area and signup
 layout: application
 menu:
diff --git a/src/themes/ivpn-v3/assets/js/router/index.js b/src/themes/ivpn-v3/assets/js/router/index.js
index fbde5a83b..87d3a7769 100644
--- a/src/themes/ivpn-v3/assets/js/router/index.js
+++ b/src/themes/ivpn-v3/assets/js/router/index.js
@@ -87,7 +87,16 @@ const routes = [
         path: '/prices', redirect: { name: 'prices' }
     },
     {
-        path: '/account/login',
+        path: '/en/account/login',
+        name: 'login',
+        component: LoginView,
+        meta: {
+            title: 'IVPN Login',
+        },
+        beforeEnter: notAuthenticatedGuard,
+    },
+    {
+        path: '/es/account/login',
         name: 'login',
         component: LoginView,
         meta: {
@@ -114,7 +123,20 @@ const routes = [
         beforeEnter: notAuthenticatedGuard,
     },
     {
-        path: '/account/logout',
+        path: '/en/account/logout',
+        name: 'logout',
+        beforeEnter: async (to, from, next) => {
+            try {
+                await store.dispatch('auth/logout')
+                next({ name: 'login' })
+            } catch (error) {
+                console.error(error)
+                next({ name: '500' })
+            }
+        }
+    },
+    {
+        path: '/es/account/logout',
         name: 'logout',
         beforeEnter: async (to, from, next) => {
             try {
@@ -127,7 +149,7 @@ const routes = [
         }
     },
     {
-        path: '/account',
+        path: '/en/account',
         name: 'account',
         component: AccountView,
         meta: {
@@ -135,7 +157,15 @@ const routes = [
         },
     },
     {
-        path: '/account/change-product',
+        path: '/es/account',
+        name: 'account',
+        component: AccountView,
+        meta: {
+            title: 'IVPN Account',
+        },
+    },
+    {
+        path: '/en/account/change-product',
         name: 'change-product',
         component: ChangeProductView,
         meta: {
@@ -143,7 +173,23 @@ const routes = [
         }
     },
     {
-        path: '/account/payment/btc/thank-you',
+        path: '/es/account/change-product',
+        name: 'change-product',
+        component: ChangeProductView,
+        meta: {
+            title: 'IVPN Account - Change Product',
+        }
+    },
+    {
+        path: '/en/account/payment/btc/thank-you',
+        name: 'btc-thank-you',
+        component: ThankYouBTCView,
+        meta: {
+            title: 'IVPN Account - Thank You',
+        }
+    },
+    {
+        path: '/es/account/payment/btc/thank-you',
         name: 'btc-thank-you',
         component: ThankYouBTCView,
         meta: {
@@ -159,7 +205,15 @@ const routes = [
         }
     },
     {
-        path: '/account/payment/:refid/received',
+        path: '/en/account/payment/:refid/received',
+        name: 'payment-received',
+        component: ThankYouView,
+        meta: {
+            title: 'IVPN Account - Payment has been received',
+        }
+    },
+    {
+        path: '/es/account/payment/:refid/received',
         name: 'payment-received',
         component: ThankYouView,
         meta: {
@@ -167,7 +221,15 @@ const routes = [
         }
     },
     {
-        path: '/account/payment/:refid/invoice',
+        path: '/en/account/payment/:refid/invoice',
+        name: 'payment-invoice',
+        component: InvoiceView,
+        meta: {
+            title: 'IVPN Account - Invoice for payment',
+        }
+    },
+    {
+        path: '/es/account/payment/:refid/invoice',
         name: 'payment-invoice',
         component: InvoiceView,
         meta: {
@@ -175,14 +237,53 @@ const routes = [
         }
     },
     {
-        path: '/account/payment',
+        path: '/en/account/payment',
         component: PaymentView,
         name: 'payment',
         meta: {
             title: 'IVPN Account - Payment',
         }
-    }, {
-        path: '/account/settings',
+    }, 
+    {
+        path: '/es/account/payment',
+        component: PaymentView,
+        name: 'payment',
+        meta: {
+            title: 'IVPN Account - Payment',
+        }
+    }, 
+    {
+        path: '/en/account/settings',
+        component: Settings,
+        children: [
+            {
+                path: '',
+                name: 'settings-main',
+                component: SettingsAuthentication,
+                meta: {
+                    title: 'Account settings - Authentication',
+                }
+            },
+            {
+                path: 'billing',
+                name: 'settings-billing',
+                component: SettingsBilling,
+                meta: {
+                    title: 'Account settings - Billing',
+                }
+            },
+            {
+                path: 'delete',
+                name: 'settings-delete',
+                component: SettingsDelete,
+                meta: {
+                    title: 'Account settings - Delete account',
+                }
+            },
+        ],
+    },
+    {
+        path: '/es/account/settings',
         component: Settings,
         children: [
             {
@@ -212,7 +313,61 @@ const routes = [
         ],
     },
     {
-        path: '/account/add-funds/:price',
+        path: '/en/account/add-funds/:price',
+        component: AddFundsView,
+        children: [
+            {
+                path: 'cc', name: 'add-funds-cc',
+                component: AddFundsCC,
+                meta: {
+                    title: 'IVPN Add Funds - Credit Card',
+                }
+            },
+            {
+                path: 'paypal', name: 'add-funds-paypal',
+                component: AddFundsPayPal,
+                meta: {
+                    title: 'IVPN Add Funds - PayPal',
+                },
+            }, {
+                path: 'bitcoin', name: 'add-funds-bitcoin',
+                component: AddFundsBitcoin,
+                meta: {
+                    title: 'IVPN Add Funds - Bitcoin',
+                }
+            }, {
+                path: 'monero', name: 'add-funds-monero',
+                component: AddFundsMonero,
+                meta: {
+                    title: 'IVPN Add Funds - Monero',
+                }
+            }, {
+                path: 'voucher', name: 'add-funds-voucher',
+                component: AddFundsGiftCard,
+                meta: {
+                    title: 'IVPN Add Funds - Voucher',
+                }
+            }, {
+                path: 'applepay', name: 'add-funds-apple',
+                component: ApplePayView,
+                meta: {
+                    title: 'IVPN Add Funds - ApplePay',
+                }
+            }, {
+                path: 'googlepay', name: 'add-funds-google',
+                component: GooglePayView,
+                meta: {
+                    title: 'IVPN Add Funds - GooglePay',
+                }
+            }, {
+                path: 'cash', name: 'add-funds-cash',
+                component: AddFundsCash,
+                meta: {
+                    title: 'IVPN Add Funds - Cash',
+                }
+            }
+        ],
+        path: '/es/account/add-funds/:price',
         component: AddFundsView,
         children: [
             {
@@ -268,7 +423,15 @@ const routes = [
         ],
     },
     {
-        path: '/account/change-product',
+        path: '/en/account/change-product',
+        name: 'account-change-product',
+        component: ChangeProductView,
+        meta: {
+            title: 'IVPN Change Product',
+        }
+    },
+    {
+        path: '/es/account/change-product',
         name: 'account-change-product',
         component: ChangeProductView,
         meta: {
@@ -276,7 +439,7 @@ const routes = [
         }
     },
     {
-        path: '/account/wireguard',
+        path: '/en/account/wireguard',
         name: 'wireguard',
         component: WireguardView,
         meta: {
@@ -284,7 +447,23 @@ const routes = [
         }
     },
     {
-        path: '/account/wireguard-config',
+        path: '/es/account/wireguard',
+        name: 'wireguard',
+        component: WireguardView,
+        meta: {
+            title: 'IVPN Account - WireGuard',
+        }
+    },
+    {
+        path: '/en/account/wireguard-config',
+        name: 'wireguard-config',
+        component: WireguardConfigView,
+        meta: {
+            title: 'IVPN Account - WireGuard Configuration',
+        }
+    },
+    {
+        path: '/es/account/wireguard-config',
         name: 'wireguard-config',
         component: WireguardConfigView,
         meta: {
@@ -312,7 +491,15 @@ const routes = [
         redirect: { name: '404' }
     },
     {
-        path: '/account/device-management',
+        path: '/en/account/device-management',
+        name: 'device-management',
+        component: DeviceManagementView,
+        meta: {
+            title: 'IVPN Account - Device management',
+        }
+    },
+    {
+        path: '/es/account/device-management',
         name: 'device-management',
         component: DeviceManagementView,
         meta: {
@@ -332,7 +519,7 @@ const router = createRouter({
 
 router.beforeEach(async (to, from, next) => {
 
-    if (to.path.startsWith('/account') && to.name != 'login') {
+    if ( (to.path.startsWith('/en/account') || to.path.startsWith('/es/account') || to.path.startsWith('/account') ) && to.name != 'login') {
 
         if (!store.state.auth.isAuthenticated) {
             next({ name: 'login' })
diff --git a/src/themes/ivpn-v3/assets/js/views/Login.vue b/src/themes/ivpn-v3/assets/js/views/Login.vue
index 5450136f5..e7ebb0c4f 100644
--- a/src/themes/ivpn-v3/assets/js/views/Login.vue
+++ b/src/themes/ivpn-v3/assets/js/views/Login.vue
@@ -2,24 +2,24 @@
     <div class="login-form-container">                
         <div class="login-box">
             <form @submit.prevent="login()">
-                <h1>Log In</h1>  
+                <h1>{{ $t('login.title') }}</h1>  
                 <tabs @onTabChanged="updateLoginType">
                     <tab :selected="loginType == 'id'" :tabid="'id'" :name="'With Account ID'" class="login-tab">
                         <div class="login-fields">
                             <p v-if="error && !hideError(error)" class="error">{{ error.message }}</p>
-                            <label for="accountid">Account ID:</label>
+                            <label for="accountid">{{ $t('login.accountId') }}</label>
 
                             <!--  -->
                             <input
                                 type="text"
                                 id="accountid"
                                 v-model="accountID"
-                                placeholder="i... or ivpn..."
+                                :placeholder="$t('login.idPlaceholder')"
                                 autofocus
                             />
 
                             <div class="totp" v-if="totpRequired">
-                                <label for="login-totp-2">Two-factor authentication token:</label>
+                                <label for="login-totp-2">{{ $t('login.2fatoken') }}</label>
                                 <input type="text" id="login-totp-2" v-model="totpValue" />
                             </div>
 
@@ -27,7 +27,7 @@
                                 <div class="image-block">
                                     <img :src="captchaImage" />
                                 </div>
-                                <label for="login-captcha-2">Please enter the captcha you see above:</label>
+                                <label for="login-captcha-2">{{ $t('login.enterCaptcha') }}</label>
                                 <input type="text" id="login-captcha-2" v-model="captchaValue" />
                             </div>
                             <!-- <div class="forgot">
@@ -39,13 +39,13 @@
                         <div class="login-fields">
                             
                             <p v-if="error && !hideError(error)" class="error">{{ error.message }}</p>
-                            <label for="login-email">Email:</label>
+                            <label for="login-email">{{ $t('login.email') }}</label>
                             <input type="text" id="login-email" v-model="email" autofocus />
-                            <label for="login-password">Password:</label>
+                            <label for="login-password">{{ $t('login.password') }}</label>
                             <input type="password" id="login-password" v-model="password" />
 
                             <div class="totp" v-if="totpRequired">
-                                <label for="login-totp-2">Two-factor authentication token:</label>
+                                <label for="login-totp-2">{{ $t('login.2fatoken') }}</label>
                                 <input type="text" id="login-totp-2" v-model="totpValue" />
                             </div>
 
@@ -53,25 +53,25 @@
                                 <div class="image-block">
                                     <img :src="captchaImage" />
                                 </div>
-                                <label for="login-captch">Please enter the captcha you see above:</label>
+                                <label for="login-captch">{{ $t('login.enterCaptcha') }}</label>
                                 <input type="text" id="login-captch" v-model="captchaValue" />
                             </div>
 
                             <div class="forgot">
-                                <router-link :to="{name:'recover-password'}">Forgot Your Password?</router-link>
+                                <router-link :to="{name:'recover-password'}">{{ $t('login.forgotPassword') }}</router-link>
                             </div>
                         </div>
                     </tab>
                 </tabs>
                 <button class="btn btn-big btn-solid login-btn" :disabled="inProgress || !formValid">
-                    <progress-spinner v-if="inProgress" id="btn-progress" width="32" height="32" fill="#FFFFFF"/>Log In
+                    <progress-spinner v-if="inProgress" id="btn-progress" width="32" height="32" fill="#FFFFFF"/>{{ $t('login.title') }}
                 </button>
             </form>
             <router-link
                 :to="{name:'prices'}"
                 id="createnew"
                 class="btn btn-big btn-border"
-            >Create New Account</router-link>
+            >{{ $t('login.createNewAccount') }}</router-link>
         </div>
     </div>
 </template>
@@ -84,6 +84,8 @@ import ProgressSpinner from "@/components/ProgressSpinner.vue";
 
 import { mapState } from "vuex";
 
+import { useI18n } from "vue-i18n";
+
 const StatusCaptchaRequired = 70001;
 const StatusTotpRequired = 70011;
 const StatusTotpInvalid = 100010;
@@ -113,6 +115,9 @@ export default {
             this.loginType = "id";
         }
     },
+    mounted(){
+        useI18n().locale.value = window.location.href.split("/")[3];
+    },
     computed: {
         ...mapState({
             inProgress: (state) => state.auth.inProgress,
diff --git a/src/themes/ivpn-v3/layouts/partials/header.html b/src/themes/ivpn-v3/layouts/partials/header.html
index 238d67d98..a7c816c12 100644
--- a/src/themes/ivpn-v3/layouts/partials/header.html
+++ b/src/themes/ivpn-v3/layouts/partials/header.html
@@ -49,7 +49,11 @@
                     <a class="navigation__link navigation__link--is-cta" href="/clientarea/">My Account</a></span>
                 </li>
                 <li class="navigation__item" data-hide="auth">
-                    <a class="navigation__link navigation__link--is-cta" href="/account/login/">Login</a></span>
+                    {{ if eq site.Language.Lang "es" }}
+                    <a class="navigation__link navigation__link--is-cta" href="/es/account/login/">Login</a></span>
+                    {{ else }}
+                    <a class="navigation__link navigation__link--is-cta" href="/en/account/login/">Login</a></span>
+                    {{ end }}
                 </li>
             </div>
             {{ else }}
@@ -99,7 +103,11 @@
                         onclick="return confirm('This will log you out of your account. Please make sure you have saved your Account ID before logging out. Do you want to proceed with log out?')">Log out</a>
                     </li>
                     <li class="mobile-navigation__menu-item" id="{{ urlize .Name }}" data-hide="auth">
-                        <a class="mobile-navigation__menu-link" href="/account/login/">Login</a>
+                        {{ if eq site.Language.Lang "es" }}
+                        <a class="mobile-navigation__menu-link" href="/es/account/login/">Login</a>
+                        {{ else }}
+                        <a class="mobile-navigation__menu-link" href="/en/account/login/">Login</a>
+                        {{ end }}
                     </li>
 
                 {{ else }}
diff --git a/src/themes/ivpn-v3/locales/en.json b/src/themes/ivpn-v3/locales/en.json
index 319e3ab58..7a059efd8 100644
--- a/src/themes/ivpn-v3/locales/en.json
+++ b/src/themes/ivpn-v3/locales/en.json
@@ -71,5 +71,16 @@
         "twoYears": "2 Years",
         "threeYears": "3 Years",
         "select": "Select"
+    },
+    "login": {
+        "title": "Log In",
+        "accountId": "Account ID:",
+        "email": "Email:",
+        "password": "Password:",
+        "createNewAccount": "Create New Account",
+        "idPlaceholder": "i... or ivpn...",
+        "2faToken": "Two-factor authentication token:",
+        "enterCaptcha": "Please enter the captcha you see above:",
+        "forgotPassword": "Forgot Your Password?"
     }
 }
\ No newline at end of file
diff --git a/src/themes/ivpn-v3/locales/es.json b/src/themes/ivpn-v3/locales/es.json
index faba4bc3f..8f977886c 100644
--- a/src/themes/ivpn-v3/locales/es.json
+++ b/src/themes/ivpn-v3/locales/es.json
@@ -71,6 +71,16 @@
         "twoYears": "2 Años",
         "threeYears": "3 Años",
         "select": "Seleccionar"
-
+    },
+    "login": {
+        "title": "Logear",
+        "accountId": "ID Cuenta:",
+        "email": "Correo electrónico:",
+        "password": "Contraseña:",
+        "createNewAccount": "Crear una nueva cuenta",
+        "idPlaceholder": "i... o ivpn...",
+        "2faToken": "Token de autentificación de dos factores:",
+        "enterCaptcha": "Por favor, escriba el captcha que ve encima:",
+        "forgotPassword": "Olvidó su contraseña?"
     }
 }

From 85b6842e3ba1d2460b757304ba82a9fa3e824f68 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Wed, 29 May 2024 12:06:25 +0100
Subject: [PATCH 84/98] Localisation: accounts area

---
 nginx.conf | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/nginx.conf b/nginx.conf
index 3def479b8..547a23643 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -13,13 +13,23 @@ server {
 
     add_header X-Frame-Options "SAMEORIGIN";
     
-    location ~ ^/account/payment/.*/invoice {
-        try_files $uri/ $uri /account/headless/index.html;
+    location ~ ^/en/account/payment/.*/invoice {
+        try_files $uri/ $uri /en/account/headless/index.html;
         disable_symlinks off;
     }
 
-    location ~ ^/(account|recover) {
-        try_files $uri/ $uri /account/index.html;
+    location ~ ^/es/account/payment/.*/invoice {
+        try_files $uri/ $uri /es/account/headless/index.html;
+        disable_symlinks off;
+    }
+
+    location ~ ^/en/(account|recover) {
+        try_files $uri/ $uri /en/account/index.html;
+        disable_symlinks off;
+    }
+
+    location ~ ^/es/(account|recover) {
+        try_files $uri/ $uri /es/account/index.html;
         disable_symlinks off;
     }
 

From 4ca83244d945cbaa3420af9fc0cf6d7df4c2e466 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Thu, 30 May 2024 10:31:09 +0100
Subject: [PATCH 85/98] Localisation: Added alternate meta tags, removed header
 menu language switcher

---
 nginx.conf                                    | 10 +++++++
 src/config/_default/config.toml               |  3 ++
 src/content/en/pages/account.md               |  4 +--
 src/content/es/pages/account.md               |  6 ++--
 src/themes/ivpn-v3/assets/js/router/index.js  | 30 +++++++++----------
 .../ivpn-v3/layouts/_default/baseof.html      |  2 +-
 .../ivpn-v3/layouts/pages/mobile-app.html     |  2 +-
 src/themes/ivpn-v3/layouts/partials/head.html |  6 ++++
 .../ivpn-v3/layouts/partials/header.html      | 18 +++--------
 9 files changed, 43 insertions(+), 38 deletions(-)

diff --git a/nginx.conf b/nginx.conf
index 547a23643..afd9480d6 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -12,6 +12,11 @@ server {
     charset utf-8;
 
     add_header X-Frame-Options "SAMEORIGIN";
+
+    location ~ ^/account/payment/.*/invoice {
+        try_files $uri/ $uri /account/headless/index.html;
+        disable_symlinks off;
+    }
     
     location ~ ^/en/account/payment/.*/invoice {
         try_files $uri/ $uri /en/account/headless/index.html;
@@ -23,6 +28,11 @@ server {
         disable_symlinks off;
     }
 
+    location ~ ^/(account|recover) {
+        try_files $uri/ $uri /account/index.html;
+        disable_symlinks off;
+    }
+
     location ~ ^/en/(account|recover) {
         try_files $uri/ $uri /en/account/index.html;
         disable_symlinks off;
diff --git a/src/config/_default/config.toml b/src/config/_default/config.toml
index 1262fa315..09113b278 100644
--- a/src/config/_default/config.toml
+++ b/src/config/_default/config.toml
@@ -18,11 +18,14 @@ defaultContentLanguageInSubdir = true
     languageCode = "en"
     contentDir = 'content/en'
     languageName = 'English'
+    languageDirection = 'ltr'
     weight = 1
   [languages.es]
     languageCode = "es"
     contentDir = 'content/es'
     languageName = 'Español'
+
+    languageDirection = 'ltr'
     weight = 2
 
 [markup.goldmark.renderer]
diff --git a/src/content/en/pages/account.md b/src/content/en/pages/account.md
index 339490ebb..31ebefbfb 100644
--- a/src/content/en/pages/account.md
+++ b/src/content/en/pages/account.md
@@ -1,8 +1,6 @@
 ---
 title: My Account
-url: /en/account/
-params:
-  translated: true
+url: /account/
 # Leave empty for default, `application` for client area and signup
 layout: application
 menu:
diff --git a/src/content/es/pages/account.md b/src/content/es/pages/account.md
index e91e3dac1..31ebefbfb 100644
--- a/src/content/es/pages/account.md
+++ b/src/content/es/pages/account.md
@@ -1,8 +1,6 @@
 ---
-title: Mi cuenta
-url: /es/account/
-params:
-  translated: true
+title: My Account
+url: /account/
 # Leave empty for default, `application` for client area and signup
 layout: application
 menu:
diff --git a/src/themes/ivpn-v3/assets/js/router/index.js b/src/themes/ivpn-v3/assets/js/router/index.js
index 87d3a7769..45df6044a 100644
--- a/src/themes/ivpn-v3/assets/js/router/index.js
+++ b/src/themes/ivpn-v3/assets/js/router/index.js
@@ -87,7 +87,7 @@ const routes = [
         path: '/prices', redirect: { name: 'prices' }
     },
     {
-        path: '/en/account/login',
+        path: '/account/login',
         name: 'login',
         component: LoginView,
         meta: {
@@ -123,7 +123,7 @@ const routes = [
         beforeEnter: notAuthenticatedGuard,
     },
     {
-        path: '/en/account/logout',
+        path: '/account/logout',
         name: 'logout',
         beforeEnter: async (to, from, next) => {
             try {
@@ -149,7 +149,7 @@ const routes = [
         }
     },
     {
-        path: '/en/account',
+        path: '/account',
         name: 'account',
         component: AccountView,
         meta: {
@@ -165,7 +165,7 @@ const routes = [
         },
     },
     {
-        path: '/en/account/change-product',
+        path: '/account/change-product',
         name: 'change-product',
         component: ChangeProductView,
         meta: {
@@ -181,7 +181,7 @@ const routes = [
         }
     },
     {
-        path: '/en/account/payment/btc/thank-you',
+        path: '/account/payment/btc/thank-you',
         name: 'btc-thank-you',
         component: ThankYouBTCView,
         meta: {
@@ -205,7 +205,7 @@ const routes = [
         }
     },
     {
-        path: '/en/account/payment/:refid/received',
+        path: '/account/payment/:refid/received',
         name: 'payment-received',
         component: ThankYouView,
         meta: {
@@ -221,7 +221,7 @@ const routes = [
         }
     },
     {
-        path: '/en/account/payment/:refid/invoice',
+        path: '/account/payment/:refid/invoice',
         name: 'payment-invoice',
         component: InvoiceView,
         meta: {
@@ -237,7 +237,7 @@ const routes = [
         }
     },
     {
-        path: '/en/account/payment',
+        path: '/account/payment',
         component: PaymentView,
         name: 'payment',
         meta: {
@@ -253,7 +253,7 @@ const routes = [
         }
     }, 
     {
-        path: '/en/account/settings',
+        path: '/account/settings',
         component: Settings,
         children: [
             {
@@ -313,7 +313,7 @@ const routes = [
         ],
     },
     {
-        path: '/en/account/add-funds/:price',
+        path: '/account/add-funds/:price',
         component: AddFundsView,
         children: [
             {
@@ -423,7 +423,7 @@ const routes = [
         ],
     },
     {
-        path: '/en/account/change-product',
+        path: '/account/change-product',
         name: 'account-change-product',
         component: ChangeProductView,
         meta: {
@@ -439,7 +439,7 @@ const routes = [
         }
     },
     {
-        path: '/en/account/wireguard',
+        path: '/account/wireguard',
         name: 'wireguard',
         component: WireguardView,
         meta: {
@@ -455,7 +455,7 @@ const routes = [
         }
     },
     {
-        path: '/en/account/wireguard-config',
+        path: '/account/wireguard-config',
         name: 'wireguard-config',
         component: WireguardConfigView,
         meta: {
@@ -491,7 +491,7 @@ const routes = [
         redirect: { name: '404' }
     },
     {
-        path: '/en/account/device-management',
+        path: '/account/device-management',
         name: 'device-management',
         component: DeviceManagementView,
         meta: {
@@ -519,7 +519,7 @@ const router = createRouter({
 
 router.beforeEach(async (to, from, next) => {
 
-    if ( (to.path.startsWith('/en/account') || to.path.startsWith('/es/account') || to.path.startsWith('/account') ) && to.name != 'login') {
+    if ( to.path.startsWith('/account')  && to.name != 'login') {
 
         if (!store.state.auth.isAuthenticated) {
             next({ name: 'login' })
diff --git a/src/themes/ivpn-v3/layouts/_default/baseof.html b/src/themes/ivpn-v3/layouts/_default/baseof.html
index c569909d0..86c180284 100644
--- a/src/themes/ivpn-v3/layouts/_default/baseof.html
+++ b/src/themes/ivpn-v3/layouts/_default/baseof.html
@@ -1,5 +1,5 @@
 <!DOCTYPE html>
-<html lang="{{ $.Site.LanguageCode | default "en" }}">  
+<html lang="{{ $.Site.LanguageCode | default "en" }}" dir="ltr">  
   <head>
     {{- partial "head.html" . -}}
     <link rel="stylesheet" href="{{ site.Params.cdnUrl }}{{ index $.Site.Data.manifest "/css/pages.css" }}">
diff --git a/src/themes/ivpn-v3/layouts/pages/mobile-app.html b/src/themes/ivpn-v3/layouts/pages/mobile-app.html
index d9b1c94ff..2676a2485 100644
--- a/src/themes/ivpn-v3/layouts/pages/mobile-app.html
+++ b/src/themes/ivpn-v3/layouts/pages/mobile-app.html
@@ -1,5 +1,5 @@
 <!DOCTYPE html>
-<html lang="{{ $.Site.LanguageCode | default "en" }}">  
+<html lang="{{ $.Site.LanguageCode | default "en" }}" dir="ltr">  
   <head>
     {{- partial "head.html" . -}}
     <link rel="stylesheet" href="{{ site.Params.cdnUrl }}{{ index $.Site.Data.manifest "/css/pages.css" }}">
diff --git a/src/themes/ivpn-v3/layouts/partials/head.html b/src/themes/ivpn-v3/layouts/partials/head.html
index b47fa2448..f7acfd261 100644
--- a/src/themes/ivpn-v3/layouts/partials/head.html
+++ b/src/themes/ivpn-v3/layouts/partials/head.html
@@ -2,6 +2,12 @@
 <meta http-equiv="X-UA-Compatible" content="IE=edge">
 <meta name="viewport" content="width=device-width, initial-scale=1.0">
 
+{{ if .Param "translated" }}
+<link rel="alternate" hreflang="es" href="{{ replace .Page.RelPermalink "/en/" "/es/" }}">
+<link rel="alternate" hreflang="en" href="{{ replace .Page.RelPermalink "/es/" "/en/" }}">
+<link rel="alternate" hreflang="x-default" href="{{ replace .Page.RelPermalink "/es/" "/en/" }}">
+{{ end }}
+
 <title>{{ block "title" . }}{{ .Params.Title | default .Site.Title }}{{ end }}</title>
 
 {{ if eq $.Site.Params.environment "production"  }}
diff --git a/src/themes/ivpn-v3/layouts/partials/header.html b/src/themes/ivpn-v3/layouts/partials/header.html
index a7c816c12..fb1fbabe9 100644
--- a/src/themes/ivpn-v3/layouts/partials/header.html
+++ b/src/themes/ivpn-v3/layouts/partials/header.html
@@ -50,9 +50,9 @@
                 </li>
                 <li class="navigation__item" data-hide="auth">
                     {{ if eq site.Language.Lang "es" }}
-                    <a class="navigation__link navigation__link--is-cta" href="/es/account/login/">Login</a></span>
+                    <a class="navigation__link navigation__link--is-cta" href="/account/login/">Login</a></span>
                     {{ else }}
-                    <a class="navigation__link navigation__link--is-cta" href="/en/account/login/">Login</a></span>
+                    <a class="navigation__link navigation__link--is-cta" href="/account/login/">Login</a></span>
                     {{ end }}
                 </li>
             </div>
@@ -62,16 +62,6 @@
                 </li>
             {{ end }}
         {{ end }}
-
-        <div class='login-menu'>
-            <li class="navigation__item submenu" id="{{ urlize .Name }}">
-                <a class="navigation__link navigation__link--is-cta" href="#"><img width="25" height="25" src="/images/lang.svg"></a><span class='dropdown_icon'></span>
-                <ul class='submenu__items'>
-                {{ range $.Site.Home.AllTranslations }}
-                <li><a  class='navigation__link' href="{{ .RelPermalink }}">{{ .Language.LanguageName }}</a></li>
-                {{ end }}
-                </ul>
-        </div>
     </ul>
     <div class="mobile-navigation">
 
@@ -104,9 +94,9 @@
                     </li>
                     <li class="mobile-navigation__menu-item" id="{{ urlize .Name }}" data-hide="auth">
                         {{ if eq site.Language.Lang "es" }}
-                        <a class="mobile-navigation__menu-link" href="/es/account/login/">Login</a>
+                        <a class="mobile-navigation__menu-link" href="/account/login/">Login</a>
                         {{ else }}
-                        <a class="mobile-navigation__menu-link" href="/en/account/login/">Login</a>
+                        <a class="mobile-navigation__menu-link" href="/login/">Login</a>
                         {{ end }}
                     </li>
 

From 58c7aa5b66e3aa423a16585d68f3d2fc8cbbeb35 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Thu, 30 May 2024 10:50:59 +0100
Subject: [PATCH 86/98] Localisation: Removed accounts translation

---
 src/themes/ivpn-v3/assets/js/router/index.js | 11 +----------
 1 file changed, 1 insertion(+), 10 deletions(-)

diff --git a/src/themes/ivpn-v3/assets/js/router/index.js b/src/themes/ivpn-v3/assets/js/router/index.js
index 45df6044a..de2277abf 100644
--- a/src/themes/ivpn-v3/assets/js/router/index.js
+++ b/src/themes/ivpn-v3/assets/js/router/index.js
@@ -95,15 +95,6 @@ const routes = [
         },
         beforeEnter: notAuthenticatedGuard,
     },
-    {
-        path: '/es/account/login',
-        name: 'login',
-        component: LoginView,
-        meta: {
-            title: 'IVPN Login',
-        },
-        beforeEnter: notAuthenticatedGuard,
-    },
     {
         path: '/recover/password',
         name: 'recover-password',
@@ -519,7 +510,7 @@ const router = createRouter({
 
 router.beforeEach(async (to, from, next) => {
 
-    if ( to.path.startsWith('/account')  && to.name != 'login') {
+    if (to.path.startsWith('/account') && to.name != 'login') {
 
         if (!store.state.auth.isAuthenticated) {
             next({ name: 'login' })

From a7eeaea378c998963fb7c1c7e9dcb7563f3d88fb Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Thu, 30 May 2024 10:51:26 +0100
Subject: [PATCH 87/98] Localisation: Removed accounts translation

---
 nginx.conf | 20 --------------------
 1 file changed, 20 deletions(-)

diff --git a/nginx.conf b/nginx.conf
index afd9480d6..9b5718746 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -17,32 +17,12 @@ server {
         try_files $uri/ $uri /account/headless/index.html;
         disable_symlinks off;
     }
-    
-    location ~ ^/en/account/payment/.*/invoice {
-        try_files $uri/ $uri /en/account/headless/index.html;
-        disable_symlinks off;
-    }
-
-    location ~ ^/es/account/payment/.*/invoice {
-        try_files $uri/ $uri /es/account/headless/index.html;
-        disable_symlinks off;
-    }
 
     location ~ ^/(account|recover) {
         try_files $uri/ $uri /account/index.html;
         disable_symlinks off;
     }
 
-    location ~ ^/en/(account|recover) {
-        try_files $uri/ $uri /en/account/index.html;
-        disable_symlinks off;
-    }
-
-    location ~ ^/es/(account|recover) {
-        try_files $uri/ $uri /es/account/index.html;
-        disable_symlinks off;
-    }
-
     location ~ ^/.well-known/apple-app-site-association {
         add_header Content-Type application/json;
     }

From 6db3488f82f0fdc3d339e73681479cd8724c134f Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Thu, 30 May 2024 11:05:30 +0100
Subject: [PATCH 88/98] Localisation: Removed accounts translation

---
 src/themes/ivpn-v3/assets/js/router/index.js  | 178 +-----------------
 .../ivpn-v3/assets/scss/config/grid.scss      |   2 +-
 2 files changed, 2 insertions(+), 178 deletions(-)

diff --git a/src/themes/ivpn-v3/assets/js/router/index.js b/src/themes/ivpn-v3/assets/js/router/index.js
index de2277abf..5931f2475 100644
--- a/src/themes/ivpn-v3/assets/js/router/index.js
+++ b/src/themes/ivpn-v3/assets/js/router/index.js
@@ -126,19 +126,6 @@ const routes = [
             }
         }
     },
-    {
-        path: '/es/account/logout',
-        name: 'logout',
-        beforeEnter: async (to, from, next) => {
-            try {
-                await store.dispatch('auth/logout')
-                next({ name: 'login' })
-            } catch (error) {
-                console.error(error)
-                next({ name: '500' })
-            }
-        }
-    },
     {
         path: '/account',
         name: 'account',
@@ -147,14 +134,6 @@ const routes = [
             title: 'IVPN Account',
         },
     },
-    {
-        path: '/es/account',
-        name: 'account',
-        component: AccountView,
-        meta: {
-            title: 'IVPN Account',
-        },
-    },
     {
         path: '/account/change-product',
         name: 'change-product',
@@ -163,14 +142,6 @@ const routes = [
             title: 'IVPN Account - Change Product',
         }
     },
-    {
-        path: '/es/account/change-product',
-        name: 'change-product',
-        component: ChangeProductView,
-        meta: {
-            title: 'IVPN Account - Change Product',
-        }
-    },
     {
         path: '/account/payment/btc/thank-you',
         name: 'btc-thank-you',
@@ -179,14 +150,6 @@ const routes = [
             title: 'IVPN Account - Thank You',
         }
     },
-    {
-        path: '/es/account/payment/btc/thank-you',
-        name: 'btc-thank-you',
-        component: ThankYouBTCView,
-        meta: {
-            title: 'IVPN Account - Thank You',
-        }
-    },
     {
         path: '/thank-you-light',
         name: 'btc-thank-you-light',
@@ -203,14 +166,6 @@ const routes = [
             title: 'IVPN Account - Payment has been received',
         }
     },
-    {
-        path: '/es/account/payment/:refid/received',
-        name: 'payment-received',
-        component: ThankYouView,
-        meta: {
-            title: 'IVPN Account - Payment has been received',
-        }
-    },
     {
         path: '/account/payment/:refid/invoice',
         name: 'payment-invoice',
@@ -219,14 +174,6 @@ const routes = [
             title: 'IVPN Account - Invoice for payment',
         }
     },
-    {
-        path: '/es/account/payment/:refid/invoice',
-        name: 'payment-invoice',
-        component: InvoiceView,
-        meta: {
-            title: 'IVPN Account - Invoice for payment',
-        }
-    },
     {
         path: '/account/payment',
         component: PaymentView,
@@ -235,14 +182,6 @@ const routes = [
             title: 'IVPN Account - Payment',
         }
     }, 
-    {
-        path: '/es/account/payment',
-        component: PaymentView,
-        name: 'payment',
-        meta: {
-            title: 'IVPN Account - Payment',
-        }
-    }, 
     {
         path: '/account/settings',
         component: Settings,
@@ -273,36 +212,6 @@ const routes = [
             },
         ],
     },
-    {
-        path: '/es/account/settings',
-        component: Settings,
-        children: [
-            {
-                path: '',
-                name: 'settings-main',
-                component: SettingsAuthentication,
-                meta: {
-                    title: 'Account settings - Authentication',
-                }
-            },
-            {
-                path: 'billing',
-                name: 'settings-billing',
-                component: SettingsBilling,
-                meta: {
-                    title: 'Account settings - Billing',
-                }
-            },
-            {
-                path: 'delete',
-                name: 'settings-delete',
-                component: SettingsDelete,
-                meta: {
-                    title: 'Account settings - Delete account',
-                }
-            },
-        ],
-    },
     {
         path: '/account/add-funds/:price',
         component: AddFundsView,
@@ -358,60 +267,7 @@ const routes = [
                 }
             }
         ],
-        path: '/es/account/add-funds/:price',
-        component: AddFundsView,
-        children: [
-            {
-                path: 'cc', name: 'add-funds-cc',
-                component: AddFundsCC,
-                meta: {
-                    title: 'IVPN Add Funds - Credit Card',
-                }
-            },
-            {
-                path: 'paypal', name: 'add-funds-paypal',
-                component: AddFundsPayPal,
-                meta: {
-                    title: 'IVPN Add Funds - PayPal',
-                },
-            }, {
-                path: 'bitcoin', name: 'add-funds-bitcoin',
-                component: AddFundsBitcoin,
-                meta: {
-                    title: 'IVPN Add Funds - Bitcoin',
-                }
-            }, {
-                path: 'monero', name: 'add-funds-monero',
-                component: AddFundsMonero,
-                meta: {
-                    title: 'IVPN Add Funds - Monero',
-                }
-            }, {
-                path: 'voucher', name: 'add-funds-voucher',
-                component: AddFundsGiftCard,
-                meta: {
-                    title: 'IVPN Add Funds - Voucher',
-                }
-            }, {
-                path: 'applepay', name: 'add-funds-apple',
-                component: ApplePayView,
-                meta: {
-                    title: 'IVPN Add Funds - ApplePay',
-                }
-            }, {
-                path: 'googlepay', name: 'add-funds-google',
-                component: GooglePayView,
-                meta: {
-                    title: 'IVPN Add Funds - GooglePay',
-                }
-            }, {
-                path: 'cash', name: 'add-funds-cash',
-                component: AddFundsCash,
-                meta: {
-                    title: 'IVPN Add Funds - Cash',
-                }
-            }
-        ],
+        
     },
     {
         path: '/account/change-product',
@@ -421,14 +277,6 @@ const routes = [
             title: 'IVPN Change Product',
         }
     },
-    {
-        path: '/es/account/change-product',
-        name: 'account-change-product',
-        component: ChangeProductView,
-        meta: {
-            title: 'IVPN Change Product',
-        }
-    },
     {
         path: '/account/wireguard',
         name: 'wireguard',
@@ -437,14 +285,6 @@ const routes = [
             title: 'IVPN Account - WireGuard',
         }
     },
-    {
-        path: '/es/account/wireguard',
-        name: 'wireguard',
-        component: WireguardView,
-        meta: {
-            title: 'IVPN Account - WireGuard',
-        }
-    },
     {
         path: '/account/wireguard-config',
         name: 'wireguard-config',
@@ -453,14 +293,6 @@ const routes = [
             title: 'IVPN Account - WireGuard Configuration',
         }
     },
-    {
-        path: '/es/account/wireguard-config',
-        name: 'wireguard-config',
-        component: WireguardConfigView,
-        meta: {
-            title: 'IVPN Account - WireGuard Configuration',
-        }
-    },
     {
         path: '/404',
         name: '404',
@@ -489,14 +321,6 @@ const routes = [
             title: 'IVPN Account - Device management',
         }
     },
-    {
-        path: '/es/account/device-management',
-        name: 'device-management',
-        component: DeviceManagementView,
-        meta: {
-            title: 'IVPN Account - Device management',
-        }
-    },
 ]
 
 const router = createRouter({
diff --git a/src/themes/ivpn-v3/assets/scss/config/grid.scss b/src/themes/ivpn-v3/assets/scss/config/grid.scss
index b5d81594a..225d11c16 100644
--- a/src/themes/ivpn-v3/assets/scss/config/grid.scss
+++ b/src/themes/ivpn-v3/assets/scss/config/grid.scss
@@ -1,4 +1,4 @@
-$container: 1180px;
+$container: 1080px;
 
 $default-grid-gutter: 24px;
 

From e308496c9a47307f1a7453d676ddd76687a219a8 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Thu, 30 May 2024 12:58:11 +0200
Subject: [PATCH 89/98] Update es.json

---
 src/themes/ivpn-v3/locales/es.json | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/themes/ivpn-v3/locales/es.json b/src/themes/ivpn-v3/locales/es.json
index 8f977886c..a592e544c 100644
--- a/src/themes/ivpn-v3/locales/es.json
+++ b/src/themes/ivpn-v3/locales/es.json
@@ -30,7 +30,7 @@
         "meta": {
             "title": "Precios de IVPN - suscripción VPN con inscripción anónima"
         },
-        "title": "Selecciona Plan IVPN",
+        "title": "Selecciona un Plan IVPN",
         "description": "Selecciona un plan para crear tu cuenta al instante. Puedes cambiar entre IVPN Standard y Pro en cualquier momento en el futuro.",
         "standard": "IVPN STANDARD",
         "pro": "IVPN PRO",
@@ -73,14 +73,14 @@
         "select": "Seleccionar"
     },
     "login": {
-        "title": "Logear",
-        "accountId": "ID Cuenta:",
+        "title": "Iniciar sesión",
+        "accountId": "ID de cuenta:",
         "email": "Correo electrónico:",
         "password": "Contraseña:",
         "createNewAccount": "Crear una nueva cuenta",
         "idPlaceholder": "i... o ivpn...",
         "2faToken": "Token de autentificación de dos factores:",
-        "enterCaptcha": "Por favor, escriba el captcha que ve encima:",
-        "forgotPassword": "Olvidó su contraseña?"
+        "enterCaptcha": "Por favor, escribe el captcha que ves encima:",
+        "forgotPassword": "¿Olvidaste tu contraseña?"
     }
 }

From 6480687dee455b3e8e95cd07418ef1da34e77da0 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Thu, 30 May 2024 17:43:29 +0100
Subject: [PATCH 90/98] Localisation: Enable only pilot pages

---
 src/config/_default/menus/menus.en.toml      |  20 +-
 src/config/_default/menus/menus.es.toml      |  20 +-
 src/content/en/pages/apps-android.md         |   5 +-
 src/content/en/pages/apps-ios.md             |   5 +-
 src/content/en/pages/apps-linux.md           |   5 +-
 src/content/en/pages/apps-macos.md           |   5 +-
 src/content/en/pages/apps-windows.md         |   5 +-
 src/content/en/pages/ethics.md               |   5 +-
 src/content/en/pages/home.md                 |   2 -
 src/content/en/pages/pricing.md              |   5 +-
 src/content/en/pages/privacy-policy.md       |   5 +-
 src/content/en/pages/refunds.md              |   5 +-
 src/content/en/pages/servers.md              |   5 +-
 src/content/en/pages/team.md                 |   5 +-
 src/content/en/pages/terms-of-service.md     |   5 +-
 src/content/en/pages/wireguard-vpn.md        |   5 +-
 src/content/es/pages/apps-android.md         |  64 -----
 src/content/es/pages/apps-ios.md             |  34 ---
 src/content/es/pages/apps-linux.md           | 269 -------------------
 src/content/es/pages/apps-macos.md           |  65 -----
 src/content/es/pages/apps-windows.md         |  57 ----
 src/content/es/pages/ethics.md               | 115 --------
 src/content/es/pages/home.md                 | 112 --------
 src/content/es/pages/pricing.md              |   8 -
 src/content/es/pages/privacy-policy.md       | 225 ----------------
 src/content/es/pages/refunds.md              |  51 ----
 src/content/es/pages/servers.md              |   7 -
 src/content/es/pages/team.md                 | 103 -------
 src/content/es/pages/terms-of-service.md     |  65 -----
 src/content/es/pages/wireguard-vpn.md        |  87 ------
 src/themes/ivpn-v3/assets/js/router/index.js |  10 +-
 31 files changed, 34 insertions(+), 1345 deletions(-)
 delete mode 100644 src/content/es/pages/apps-android.md
 delete mode 100644 src/content/es/pages/apps-ios.md
 delete mode 100644 src/content/es/pages/apps-linux.md
 delete mode 100644 src/content/es/pages/apps-macos.md
 delete mode 100644 src/content/es/pages/apps-windows.md
 delete mode 100644 src/content/es/pages/ethics.md
 delete mode 100644 src/content/es/pages/home.md
 delete mode 100644 src/content/es/pages/pricing.md
 delete mode 100644 src/content/es/pages/privacy-policy.md
 delete mode 100644 src/content/es/pages/refunds.md
 delete mode 100644 src/content/es/pages/servers.md
 delete mode 100644 src/content/es/pages/team.md
 delete mode 100644 src/content/es/pages/terms-of-service.md
 delete mode 100644 src/content/es/pages/wireguard-vpn.md

diff --git a/src/config/_default/menus/menus.en.toml b/src/config/_default/menus/menus.en.toml
index 310af2c81..5b1e6f2c1 100644
--- a/src/config/_default/menus/menus.en.toml
+++ b/src/config/_default/menus/menus.en.toml
@@ -1,19 +1,19 @@
 [[main]]
     identifier = "team"
     name = "Team"
-    url = "/en/team/"
+    url = "/team/"
     weight = 10
 
   [[main]]
     identifier = "ethics"
     name = "Ethics"
-    url = "/en/ethics/"
+    url = "/ethics/"
     weight = 20
   
   [[main]]
     identifier = "privacy"
     name = "Privacy"
-    url = "/en/privacy/"
+    url = "/privacy/"
     weight = 30
 
   [[main]]
@@ -25,7 +25,7 @@
   [[main]]
     identifier = "prices"
     name = "Pricing"
-    url = "/en/pricing/"
+    url = "/pricing/"
     weight = 45
 
 
@@ -62,7 +62,7 @@
   [[footercolone]]
     identifier = "wireguard"
     name = "WireGuard® VPN"
-    url = "/en/wireguard/"
+    url = "/wireguard/"
     weight = 10
   
   [[footercolone]]
@@ -92,7 +92,7 @@
   [[footercoltwo]]
     identifier = "status"
     name = "Servers"
-    url = "/en/status/"
+    url = "/status/"
     weight = 20
 
   [[footercoltwo]]
@@ -122,25 +122,25 @@
   [[footercolthree]]
     identifier = "legal-process-guidelines"
     name = "Legal Guidelines"
-    url = "/legal-process-guidelines/"
+    url = "/en/legal-process-guidelines/"
     weight = 20
   
   [[footercolthree]]
     identifier = "tos"
     name = "Terms of Service"
-    url = "/en/tos/"
+    url = "/tos/"
     weight = 30
 
   [[footercolthree]]
     identifier = "privacy-policy"
     name = "Privacy Policy"
-    url = "/en/privacy/"
+    url = "/privacy/"
     weight = 50
 
   [[footercolthree]]
     identifier = "refund-policy"
     name = "Refund Policy"
-    url = "/en/refunds/"
+    url = "/refunds/"
     weight = 60
 
   [[footercolfour]]
diff --git a/src/config/_default/menus/menus.es.toml b/src/config/_default/menus/menus.es.toml
index 75aa6f289..5e08cb15f 100644
--- a/src/config/_default/menus/menus.es.toml
+++ b/src/config/_default/menus/menus.es.toml
@@ -1,19 +1,19 @@
 [[main]]
     identifier = "team"
     name = "Team"
-    url = "/es/team/"
+    url = "/team/"
     weight = 10
 
   [[main]]
     identifier = "ethics"
     name = "Ethics"
-    url = "/es/ethics/"
+    url = "/ethics/"
     weight = 20
   
   [[main]]
     identifier = "privacy"
     name = "Privacy"
-    url = "/es/privacy/"
+    url = "/privacy/"
     weight = 30
 
   [[main]]
@@ -25,7 +25,7 @@
   [[main]]
     identifier = "prices"
     name = "Pricing"
-    url = "/es/pricing/"
+    url = "/pricing/"
     weight = 45
 
 
@@ -62,7 +62,7 @@
   [[footercolone]]
     identifier = "wireguard"
     name = "WireGuard® VPN"
-    url = "/es/wireguard/"
+    url = "/wireguard/"
     weight = 10
   
   [[footercolone]]
@@ -92,7 +92,7 @@
   [[footercoltwo]]
     identifier = "status"
     name = "Servers"
-    url = "/es/status/"
+    url = "/status/"
     weight = 20
 
   [[footercoltwo]]
@@ -122,25 +122,25 @@
   [[footercolthree]]
     identifier = "legal-process-guidelines"
     name = "Legal Guidelines"
-    url = "/legal-process-guidelines/"
+    url = "/es/legal-process-guidelines/"
     weight = 20
   
   [[footercolthree]]
     identifier = "tos"
     name = "Terms of Service"
-    url = "/es/tos/"
+    url = "/tos/"
     weight = 30
 
   [[footercolthree]]
     identifier = "privacy-policy"
     name = "Privacy Policy"
-    url = "/es/privacy/"
+    url = "/privacy/"
     weight = 50
 
   [[footercolthree]]
     identifier = "refund-policy"
     name = "Refund Policy"
-    url = "/es/refunds/"
+    url = "/refunds/"
     weight = 60
 
   [[footercolfour]]
diff --git a/src/content/en/pages/apps-android.md b/src/content/en/pages/apps-android.md
index 35cc29a1e..729bd47f3 100644
--- a/src/content/en/pages/apps-android.md
+++ b/src/content/en/pages/apps-android.md
@@ -3,10 +3,7 @@ title: IVPN for Android - Open-source VPN app for your Android
 description: The IVPN app for Android offers you comprehensive privacy leak protection with the IVPN firewall, automatic connection on insecure Wi-Fi and Multi-hop.
 h1: IVPN for Android
 subtitle: Supports Android 5.0+
-url: /en/apps-android/
-aliases: ['/apps-android/']
-params:
-  translated: true
+url: /apps-android/
 platform: android
 layout: apps
 image: apps/android-app
diff --git a/src/content/en/pages/apps-ios.md b/src/content/en/pages/apps-ios.md
index 6ffea555c..d3afcd6d2 100644
--- a/src/content/en/pages/apps-ios.md
+++ b/src/content/en/pages/apps-ios.md
@@ -3,10 +3,7 @@ title: IVPN for iOS - Open-source VPN app for your iPhone and iPad
 description: The IVPN app for iOS is designed for iPhone and iPad and offers you comprehensive privacy leak protection, automatic connection on insecure Wi-Fi and Multi-hop.
 h1: IVPN for iOS
 subtitle: Supports iOS/iPadOS 14.0+
-url: /en/apps-ios/
-aliases: ['/apps-ios/']
-params:
-  translated: true
+url: /apps-ios/
 platform: ios
 layout: apps
 image: apps/ios-app
diff --git a/src/content/en/pages/apps-linux.md b/src/content/en/pages/apps-linux.md
index fb7933fc8..41ed521f4 100644
--- a/src/content/en/pages/apps-linux.md
+++ b/src/content/en/pages/apps-linux.md
@@ -3,10 +3,7 @@ title: IVPN for Linux - Open-source VPN app for Linux
 description: IVPN for Linux offers you comprehensive privacy leak protection with the IVPN firewall, automatic connection on insecure Wi-Fi and Multi-hop.
 h1: IVPN for Linux
 subtitle: Supports 64-bit Linux 3.10+
-url: /en/apps-linux/
-aliases: ['/apps-linux/']
-params:
-  translated: true
+url: /apps-linux/
 platform: linux
 layout: apps-single
 imageLight: /images-static/uploads/apps/linux-app-3.3.7-light@2x.png
diff --git a/src/content/en/pages/apps-macos.md b/src/content/en/pages/apps-macos.md
index 88c27ffc8..e74d0b287 100644
--- a/src/content/en/pages/apps-macos.md
+++ b/src/content/en/pages/apps-macos.md
@@ -3,10 +3,7 @@ title: IVPN for macOS - Open-source VPN app for your Mac
 description: IVPN for macOS offers you comprehensive privacy leak protection with the IVPN firewall, automatic connection on insecure Wi-Fi and Multi-hop.
 h1: IVPN for macOS
 subtitle: Supports macOS 10.14+
-url: /en/apps-macos/
-aliases: ['/apps-macos/']
-params:
-  translated: true
+url: /apps-macos/
 platform: macos
 layout: apps
 image: apps/macos-app
diff --git a/src/content/en/pages/apps-windows.md b/src/content/en/pages/apps-windows.md
index 59aa6051d..18c1a3e81 100644
--- a/src/content/en/pages/apps-windows.md
+++ b/src/content/en/pages/apps-windows.md
@@ -3,10 +3,7 @@ title: IVPN for Windows - Open-source VPN app for your Windows PC
 description: IVPN for Windows offers you comprehensive privacy leak protection with the IVPN firewall, automatic connection on insecure Wi-Fi and Multi-hop.
 h1: IVPN for Windows
 subtitle: Supports Windows 10 / 11 (64-bit)
-url: /en/apps-windows/
-aliases: ['/apps-windows/']
-params:
-  translated: true
+url: /apps-windows/
 platform: windows
 layout: apps
 image: apps/windows-app-3.3.7
diff --git a/src/content/en/pages/ethics.md b/src/content/en/pages/ethics.md
index 522b0baba..d80df27fd 100644
--- a/src/content/en/pages/ethics.md
+++ b/src/content/en/pages/ethics.md
@@ -1,10 +1,7 @@
 ---
 title: Ethical guidelines for privacy protection | IVPN
 description: Learn about the privacy-first ethical direction we follow. We explain how we approach transparency and how/what we communicate to new customers.
-url: /en/ethics/
-aliases: ['/ethics/']
-params:
-  translated: true
+url: /ethics/
 sections:
   - type: text_one_narrow_column
     content: >-
diff --git a/src/content/en/pages/home.md b/src/content/en/pages/home.md
index 812a2caf0..b93f10d6c 100644
--- a/src/content/en/pages/home.md
+++ b/src/content/en/pages/home.md
@@ -2,8 +2,6 @@
 title: VPN for Privacy & Security | IVPN | Resist Online Surveillance
 description: Audited, open-source VPN service with WireGuard, killswitch and tracker blocker. No logs, no false promises. Anonymous signup with 30 day money back guarantee.
 url: /en/
-params:
-  translated: true
 isMenuCta: false
 hasSeperator: false
 sections:
diff --git a/src/content/en/pages/pricing.md b/src/content/en/pages/pricing.md
index 22ab82ce5..dd554a1eb 100644
--- a/src/content/en/pages/pricing.md
+++ b/src/content/en/pages/pricing.md
@@ -1,9 +1,6 @@
 ---
 title: IVPN Pricing - VPN subscription with anonymous registration
 description: Generate an IVPN Standard or Pro account - no email address required. We accept credit cards, Paypal, Bitcoin or cash payments. 30-day money-back guarantee.
-url: /en/pricing/
-aliases: ['/pricing/']
-params:
-  translated: true
+url: /pricing/
 layout: application
 ---
diff --git a/src/content/en/pages/privacy-policy.md b/src/content/en/pages/privacy-policy.md
index 2ef7e4cf0..88a3a35f3 100644
--- a/src/content/en/pages/privacy-policy.md
+++ b/src/content/en/pages/privacy-policy.md
@@ -1,10 +1,7 @@
 ---
 title: IVPN Privacy Policy
 description: Its important our customers fully understand what private information we collect, store and process. Read our clear and simple policy to get the facts you need.
-url: /en//privacy/
-aliases: ['/privacy/']
-params:
-  translated: true
+url: /privacy/
 layout:
 canonical:
 ---
diff --git a/src/content/en/pages/refunds.md b/src/content/en/pages/refunds.md
index 5b16744e3..5e06fa06f 100644
--- a/src/content/en/pages/refunds.md
+++ b/src/content/en/pages/refunds.md
@@ -1,9 +1,6 @@
 ---
 title: IVPN Refund Policy and Process
-url: /en/refunds/
-aliases: ['/refunds/']
-params:
-  translated: true
+url: /refunds/
 ---
 # Refunds
 
diff --git a/src/content/en/pages/servers.md b/src/content/en/pages/servers.md
index 56dacb686..cd0f849c7 100644
--- a/src/content/en/pages/servers.md
+++ b/src/content/en/pages/servers.md
@@ -1,8 +1,5 @@
 ---
 title: IVPN Server Status
-url: /en/status/
-aliases: ['/status/']
-params:
-  translated: true
+url: /status/
 layout: servers
 ---
diff --git a/src/content/en/pages/team.md b/src/content/en/pages/team.md
index 6aa4ea96b..a9a9fb4af 100644
--- a/src/content/en/pages/team.md
+++ b/src/content/en/pages/team.md
@@ -1,9 +1,6 @@
 ---
 title: IVPN Team
-url: /en/team/
-aliases: ['/team/']
-params:
-  translated: true
+url: /team/
 sections:
   - type: heading_text_cta_one_column
     content: >-
diff --git a/src/content/en/pages/terms-of-service.md b/src/content/en/pages/terms-of-service.md
index 1ae40d3e7..27a63d63d 100644
--- a/src/content/en/pages/terms-of-service.md
+++ b/src/content/en/pages/terms-of-service.md
@@ -1,9 +1,6 @@
 ---
 title: IVPN Terms of Service
-url: /en/tos/
-aliases: ['/tos/']
-params:
-  translated: true
+url: /tos/
 layout:
 canonical:
 ---
diff --git a/src/content/en/pages/wireguard-vpn.md b/src/content/en/pages/wireguard-vpn.md
index 6eaf55160..e32f32987 100644
--- a/src/content/en/pages/wireguard-vpn.md
+++ b/src/content/en/pages/wireguard-vpn.md
@@ -1,10 +1,7 @@
 ---
 title: WireGuard VPN protocol for privacy - start using with IVPN
 description: WireGuard is a revolutionary VPN protocol that promises better security and faster speeds compared to existing solutions. IVPN offers WireGuard in our Windows, macOS, Linux, Android and iOS apps. Get set up and running with WireGuard VPN in two minutes.
-url: /en/wireguard/
-aliases: ['/wireguard/']
-params:
-  translated: true
+url: /wireguard/
 ---
 # WireGuard<sup>®</sup> VPN
 
diff --git a/src/content/es/pages/apps-android.md b/src/content/es/pages/apps-android.md
deleted file mode 100644
index 34223bb16..000000000
--- a/src/content/es/pages/apps-android.md
+++ /dev/null
@@ -1,64 +0,0 @@
----
-title: IVPN para Android - Aplicación VPN de código abierto para Android
-description: La aplicación IVPN para Android te ofrece una protección integral contra filtraciones de privacidad con el firewall IVPN, conexión automática en redes de Wi-Fi inseguras y Multi-hop.
-h1: IVPN para Android
-subtitle: Compatible con Android 5.0+
-url: /es/apps-android/
-params:
-  translated: true
-platform: android
-layout: apps
-image: apps/android-app
-releases: [{
-    cta: Download,
-    downloads: [
-        {
-            cta: Google Play,
-            url: "https://play.google.com/store/apps/details?id=net.ivpn.client"
-        },
-        {
-            cta: F-Droid,
-            url: https://f-droid.org/en/packages/net.ivpn.client/
-        },
-        {
-            cta: Accrescent,
-            url: https://accrescent.app/app/net.ivpn.client
-        },
-        {
-            cta: .APK file,
-            url: https://www.ivpn.net/releases/android/IVPNv2.10.7site.apk
-        }
-    ],
-    github: https://github.com/ivpn/android-app,
-    changelog: https://github.com/ivpn/android-app/blob/main/CHANGELOG.md,
-    checksum: [
-        {
-            title: .apk SHA256,
-            value: e091ee87d73eda39036854ca02be2c0451502730043fe39a8242403124965ceb
-        },
-        {
-            title: .apk sign cert SHA256,
-            value: 88a6b40fc97fdc842f231f50eb12de116f5b759e3c5b38aaccaf6a7b393c85bb
-        }
-    ]
-}]
----
-## Funciones
-
-- Protocolos WireGuard y OpenVPN.
-- Controles de privacidad de WireGuard - Define un programa de rotación automática de claves y direcciones IP.
-- AntiTracker que bloquea anuncios, adware, páginas web maliciosos y rastreadores de recopilación de datos.
-- Capacidad para definir redes Wi-Fi de confianza y crear reglas para la conexión/desconexión automática de VPN.
-- Tunelización dividida para permitir que algunas aplicaciones omitan la VPN.
-- Rutas VPN de Multi-hop. Conéctate a través de múltiples servidores en jurisdicciones diferentes para mejorar la privacidad.
-- Servidores DNS personalizados, DoT a través de DNS privado nativo de Android.
-- Ubicación simulada para GPS.
-- Protección contra Tapjacking.
-
-## Configuración manual
-
-Si prefiere no utilizar la aplicación IVPN, sigue la guía de configuración correspondiente a continuación.
-
-- [WireGuard](/setup/android-wireguard/)
-- [OpenVPN for Android](/setup/android-openvpn-for-android/)  
-- [IPSec con IKEv2](/setup/android-ipsec-with-ikev2/)  
diff --git a/src/content/es/pages/apps-ios.md b/src/content/es/pages/apps-ios.md
deleted file mode 100644
index 4d5ed28cf..000000000
--- a/src/content/es/pages/apps-ios.md
+++ /dev/null
@@ -1,34 +0,0 @@
----
-title: IVPN para iOS - Aplicación VPN de código abierto para tu iPhone y iPad
-description: La IVPN app para iOS, diseñada para iPhone y iPad, te ofrece una protección integral contra filtraciones de privacidad, conexión automática en redes Wi-Fi inseguras y Multi-hop.
-h1: IVPN para iOS
-subtitle: Compatible con iOS/iPadOS 14.0+
-url: /es/apps-ios/
-params:
-  translated: true
-platform: ios
-layout: apps
-image: apps/ios-app
-releases: [{
-    cta: Get it on App Store,
-    download: "https://apps.apple.com/us/app/ivpn-serious-privacy-protection/id1193122683?mt=8",
-    github: https://github.com/ivpn/ios-app,
-    changelog: https://github.com/ivpn/ios-app/blob/master/CHANGELOG.md
-}]
----
-## Funciones
-
-- Protocolos WireGuard, OpenVPN y IPSec.
-- Controles de privacidad de WireGuard - Define un calendario de rotación automática de claves y direcciones IP.
-- AntiTracker que bloquea anuncios, adware, páginas web maliciosas y rastreadores de recopilación de datos.
-- Capacidad para definir redes Wi-Fi de confianza y crear reglas para la conexión/desconexión automática de la VPN.
-- Rutas VPN de Multi-hop. Conéctate a través de múltiples servidores en jurisdicciones diferentes para mejorar la privacidad.
-- Servidores DNS personalizados, con DoH y DoT.
-
-## Manual configuration
-
-Si prefieres no utilizar la aplicación IVPN, sigue la guía de configuración correspondiente a continuación.
-
-- [WireGuard](/setup/ios-wireguard/)
-- [OpenVPN Connect](/setup/ios-openvpn-connect/)  
-- [IPSec con IKEv2](/setup/ios-ipsec-ikev2/)
diff --git a/src/content/es/pages/apps-linux.md b/src/content/es/pages/apps-linux.md
deleted file mode 100644
index 8181a5ead..000000000
--- a/src/content/es/pages/apps-linux.md
+++ /dev/null
@@ -1,269 +0,0 @@
----
-title: IVPN para Linux - Aplicación VPN de código abierto para Linux
-description: IVPN para Linux te ofrece una protección integral contra filtraciones de privacidad con el firewall IVPN, conexión automática en redes Wi-Fi inseguras y Multi-hop.
-h1: IVPN for Linux
-subtitle: Compatible con 64-bit Linux 3.10+
-url: /es/apps-linux/
-params:
-  translated: true
-platform: linux
-layout: apps-single
-imageLight: /images-static/uploads/apps/linux-app-3.3.7-light@2x.png
-imageDark: /images-static/uploads/apps/linux-app-3.3.7-dark@2x.png
-contents:
-- item:
-    title: Funcioness
-    anchor: features
-- item:
-    title: Paquetes
-    anchor: packages
-- item:
-    title: Instalar desde el repositorio de IVPN
-    anchor: install
-    subitems:
-    - item:
-        title: Ubuntu
-        anchor: ubuntu
-    - item:
-        title: Debian
-        anchor: debian
-    - item:
-        title: Mint
-        anchor: mint
-    - item:
-        title: Fedora
-        anchor: fedora
-    - item:
-        title: CentOS
-        anchor: centos
-    - item:
-        title: Arch Linux
-        anchor: arch
-    - item:
-        title: Fedora Silverblue
-        anchor: silverblue
-- item:
-    title: Instalar desde los archivos binarios
-    anchor: binaries
-- item:
-    title: Instalar desde el código fuente
-    anchor: source
-- item:
-    title: Instalar desde Snap
-    anchor: snap
-- item:
-    title: Enlaces útiles
-    anchor: useful-links
----
-## Funciones {#features}
-
-* Protocolos WireGuard y OpenVPN.
-* GUI o CLI (interfaz de línea de comandos).
-* Controles de privacidad de WireGuard - Define un calendario de rotación automática de claves y direcciones IP.
-* AntiTracker que bloquea anuncios, adware, páginas web maliciosas y rastreadores de recopilación de datos.
-* Firewall/killswitch - Posibilidad de configurarlo a demanda o siempre activo. Ofrece protección integral contra filtraciones DNS, IPv6, WebRTC y desconexiones.
-* Capacidad para definir redes Wi-Fi de confianza y crear reglas para la conexión/desconexión automática de la VPN.
-* Rutas VPN de Multi-hop. Conéctate a través de múltiples servidores en jurisdicciones diferentes para mejorar la privacidad.
-* Permitir el tráfico LAN cuando estés conectado a la VPN.
-* Función de pausado para cuando sea necesario deshabilitar temporalmente la conexión VPN.
-* Opción Obfsproxy para eludir la censura.
-* Servidores DNS personalizados, con DoH.
-* Tunelización dividida para permitir que las aplicaciones designadas eviten el túnel VPN.
-* Conexión automática de inicio y al unirse a una red Wi-Fi insegura
-
-## Paquetes {#packages}
-
-### Paquete base 
-
-El paquete base contiene todo lo que necesitas para conectarte a IVPN con una interfaz de línea de comandos. La aplicación IVPN GUI se proporciona como un paquete separado que puedes encontrar a continuación.  
-[Registro de cambios](https://github.com/ivpn/desktop-app/blob/master/CHANGELOG.md) 
-
-### Aplicación GUI IVPN 
-
-Ten en cuenta que es necesario instalar el paquete base antes de instalar la aplicación GUI.  
-[Registro de cambios](https://github.com/ivpn/desktop-app/blob/master/CHANGELOG.md)  
-
-## Instalar desde el repositorio IVPN {#install}
-
-### Ubuntu {#ubuntu}
-
-```pkgconfig
-# Añadir la clave GPG de IVPN
-curl -fsSL https://repo.ivpn.net/stable/ubuntu/generic.gpg | gpg --dearmor > ~/ivpn-archive-keyring.gpg
-
-sudo mv ~/ivpn-archive-keyring.gpg /usr/share/keyrings/ivpn-archive-keyring.gpg
-
-# Establecer permisos apropiados para la clave GPG
-sudo chown root:root /usr/share/keyrings/ivpn-archive-keyring.gpg && sudo chmod 644 /usr/share/keyrings/ivpn-archive-keyring.gpg
-
-# Añadir el repositorio IVPN
-curl -fsSL https://repo.ivpn.net/stable/ubuntu/generic.list | sudo tee /etc/apt/sources.list.d/ivpn.list
-
-# Establecer permisos apropiados para el repositorio
-sudo chown root:root /etc/apt/sources.list.d/ivpn.list && sudo chmod 644 /etc/apt/sources.list.d/ivpn.list
-
-# Actualizar la información del repositorio de APT
-sudo apt update
-
-# Para instalar el software IVPN (CLI y UI)
-sudo apt install ivpn-ui
-
-# Para instalar solo IVPN CLI
-sudo apt install ivpn
-```
-
-### Debian {#debian}
-
-```pkgconfig
-# Añadir la clave GPG de IVPN
-curl -fsSL https://repo.ivpn.net/stable/debian/generic.gpg | gpg --dearmor > ~/ivpn-archive-keyring.gpg
-
-sudo mv ~/ivpn-archive-keyring.gpg /usr/share/keyrings/ivpn-archive-keyring.gpg
-
-# Establecer permisos apropiados para la clave GPG
-sudo chown root:root /usr/share/keyrings/ivpn-archive-keyring.gpg && sudo chmod 644 /usr/share/keyrings/ivpn-archive-keyring.gpg
-
-# Añadir el repositorio IVPN
-curl -fsSL https://repo.ivpn.net/stable/debian/generic.list | sudo tee /etc/apt/sources.list.d/ivpn.list
-
-# Establecer permisos apropiados para el repositorio
-sudo chown root:root /etc/apt/sources.list.d/ivpn.list && sudo chmod 644 /etc/apt/sources.list.d/ivpn.list
-
-# Actualizar la información del repositorio de APT
-sudo apt update
-
-# Para instalar el software IVPN (CLI y UI)
-sudo apt install ivpn-ui
-
-# Para instalar solo IVPN CLI
-sudo apt install ivpn
-```
-
-### Mint {#mint}
-
-```pkgconfig
-# Añadir la clave GPG de IVPN
-curl -fsSL https://repo.ivpn.net/stable/mint/generic.gpg | gpg --dearmor > ~/ivpn-archive-keyring.gpg
-
-sudo mv ~/ivpn-archive-keyring.gpg /usr/share/keyrings/ivpn-archive-keyring.gpg
-
-# Establecer permisos apropiados para la clave GPG
-sudo chown root:root /usr/share/keyrings/ivpn-archive-keyring.gpg && sudo chmod 644 /usr/share/keyrings/ivpn-archive-keyring.gpg
-
-# Añadir el repositorio IVPN
-curl -fsSL https://repo.ivpn.net/stable/mint/generic.list | sudo tee /etc/apt/sources.list.d/ivpn.list
-
-# Establecer permisos apropiados para el repositorio
-sudo chown root:root /etc/apt/sources.list.d/ivpn.list && sudo chmod 644 /etc/apt/sources.list.d/ivpn.list
-
-# Actualizar la información del repositorio de APT
-sudo apt update
-
-# Para instalar el software IVPN (CLI y UI)
-sudo apt install ivpn-ui
-
-# Para instalar solo IVPN CLI
-sudo apt install ivpn
-```
-
-### Fedora {#fedora}
-
-```pkgconfig
-# Agregar el repositorio IVPN
-sudo dnf config-manager --add-repo https://repo.ivpn.net/stable/fedora/generic/ivpn.repo
-
-# Para instalar el software IVPN (CLI y UI)
-sudo dnf install ivpn-ui
-
-# Para instalar solo IVPN CLI
-sudo dnf install ivpn
-```
-
-### CentOS {#centos}
-
-```pkgconfig
-# Instalar Yum-utils
-sudo yum install yum-utils
-
-# Agregar el repositorio IVPN
-sudo yum-config-manager --add-repo https://repo.ivpn.net/stable/centos/generic/ivpn.repo
-
-# Para instalar el software IVPN (CLI y UI)
-sudo yum install ivpn-ui
-
-# Para instalar solo IVPN CLI
-sudo yum install ivpn
-
-# Requerido para CentOS 8
-sudo yum install libXScrnSaver
-```
-
-### Arch Linux {#arch}
-
-AUR - Repositorio de usuarios de ArchLinux. Puede ser utilizado por distribuciones basadas en ArchLinux: ArchLinux, Manjaro...
-
-Paquete base: [ivpn](https://aur.archlinux.org/packages/ivpn/)  
-Paquete UI: [ivpn-ui](https://aur.archlinux.org/packages/ivpn-ui/)  
-
-El uso de un asistente AUR/Pacman wrapper automatiza el proceso de instalación:
-
-```pkgconfig
-yay -S ivpn
-yay -S ivpn-ui
-```
-
-Nota: Hay disponibles otras utilidades de ayuda de AUR/Pacman wrapper.
-
-### Fedora Silverblue {#silverblue}
-
-El cliente IVPN se puede instalar en [Fedora Silverblue](/knowledgebase/linux/fedora-silverblue/).
-
-## Instalar desde los archivos binarios {#binaries}
-
-### .DEB
-
-[Paquete base](https://repo.ivpn.net/stable/pool/ivpn_3.14.2_amd64.deb)  
-SHA256: 12d1005eeb92c5b35bf83b9df51317ec4ac08efc6fbb7ab01e962250f23b891d  
-
-[Paquete UI](https://repo.ivpn.net/stable/pool/ivpn-ui_3.14.2_amd64.deb)  
-SHA256: f64cd84b4e0ce252f0c066977d180b953c55f2b485cf7a5437b1e4c7af1959f7  
-
-### .RPM
-
-[Paquete base](https://repo.ivpn.net/stable/pool/ivpn-3.14.2-1.x86_64.rpm)  
-SHA256: 45dba6b5a281646bde6b6651661092024aafc0165268e3245fb515dabb866996  
-
-[Paquete UI](https://repo.ivpn.net/stable/pool/ivpn-ui-3.14.2-1.x86_64.rpm)  
-SHA256: 0b3602497cf599060e44b0912923f3a5bc2f9325c8d34856bc7ef2eb019bb6ee  
-
-## Instalar desde el código fuente {#source}
-
-[Daemon + CLI](https://github.com/ivpn/desktop-app#compilation_linux_daemon)  
-[UI](https://github.com/ivpn/desktop-app#compilation_linux_ui)  
-
-## Instalar desde Snap {#snap}
-
-Descarga la aplicación IVPN en [Snap Store](https://snapcraft.io/ivpn) usando el comando `sudo snap install ivpn`.  
-
-<p>
-    <a href="https://snapcraft.io/ivpn">
-        <img class="features__image--light" src="/images-static/uploads/snap-store-white@2x.png" alt="Get it from the Snap Store" width="182">
-        <img class="features__image--dark" src="/images-static/uploads/snap-store-black@2x.png" alt="Get it from the Snap Store"  width="182">
-    </a>
-</p>
-
-### Notas de Snap:
-
-* Se requiere el programa daemon [snapd](https://snapcraft.io/docs/installing-snapd).
-* Desinstala las versiones anteriores (DEB, RPM, etc.) de la aplicación IVPN antes de cambiar al canal de Snap y viceversa.
-* La función **Tunelización dividida** no está disponible debido a fuertes restricciones del entorno Snap.
-
-## Enlaces útiles {#useful-links}
-
-Si prefieres no utilizar la aplicación IVPN, sigue la guía de configuración correspondiente a continuación.
-
-* [WireGuard usando terminal](/setup/linux-wireguard/)
-* [WireGuard usando NetworkManager](/setup/linux-wireguard-netman/)
-* [OpenVPN usando terminal](/setup/linux-terminal/)
-* [OpenVPN usando NetworkManager](/setup/linux-netman/)
-* [IPSec con IKEv2](/setup/linux-ipsec-con-ikev2/)
diff --git a/src/content/es/pages/apps-macos.md b/src/content/es/pages/apps-macos.md
deleted file mode 100644
index f04301704..000000000
--- a/src/content/es/pages/apps-macos.md
+++ /dev/null
@@ -1,65 +0,0 @@
----
-title: IVPN para macOS - Aplicación VPN de código abierto para tu Mac
-description: IVPN para macOS te ofrece una protección integral contra filtraciones de privacidad con el firewall IVPN, conexión automática en redes Wi-Fi inseguras y Multi-hop.
-h1: IVPN para macOS
-subtitle: Compatible con macOS 10.14+
-url: /es/apps-macos/
-params:
-  translated: true
-platform: macos
-layout: apps
-image: apps/macos-app
-releases: [{
-    cta: Download,
-    downloads: [
-        {
-            cta: Intel,
-            url: "https://repo.ivpn.net/macos/bin/IVPN-3.14.12.dmg"
-        },
-        {
-            cta: Apple Silicon,
-            url: https://repo.ivpn.net/macos/bin/IVPN-3.14.12-arm64.dmg
-        }
-    ],
-    github: https://github.com/ivpn/desktop-app,
-    changelog: https://github.com/ivpn/desktop-app/blob/master/CHANGELOG.md,
-    checksum: [
-        {
-            title: SHA256 Intel,
-            value: 802426e0ab7eacd1bb2b9da39eb31d59cf3c0d250073b77692449a4d9ec77dbe
-        },
-        {
-            title: SHA256 Apple Silicon,
-            value: eb41d2049ae30518b940eafc439043d527729070dea6b8df0165923055b64949
-        }
-    ]
-}]
----
-## Funciones
-
-- Protocolos WireGuard y OpenVPN.
-- GUI o CLI (interfaz de línea de comandos).
-- Controles de privacidad de WireGuard - Define un programa de rotación automática de claves y direcciones IP.
-- AntiTracker que bloquea anuncios, adware, páginas web maliciosas y rastreadores de recopilación de datos.
-- Firewall/killswitch - Posibilidad de configurarlo a demanda o siempre activo. Ofrece protección integral contra filtraciones DNS, IPv6, WebRTC y desconexiones.
-- Capacidad para definir redes Wi-Fi de confianza y crear reglas para la conexión/desconexión automática de la VPN.
-- Rutas VPN de Multi-hop. Conéctate a través de múltiples servidores en jurisdicciones diferentes para mejorar la privacidad.
-- Permitir el tráfico LAN cuando estés conectado a la VPN.
-- Función de pausado para cuando sea necesario deshabilitar temporalmente la conexión VPN.
-- Opción Obfsproxy para eludir la censura.
-- Servidores DNS personalizados, con DoH.
-- Actualización automática.
-- Conexión automática de inicio y al unirse a una red Wi-Fi insegura.
-
-## Configuración manual
-
-Si prefieres no utilizar la aplicación IVPN, sigue la guía de configuración correspondiente a continuación.
-
-- [WireGuard](/setup/macos-wireguard/)
-- [Tunnelblick (OpenVPN)](/setup/macos-openvpn-tunnelblick/)  
-- [IPSec con IKEv2](/setup/macos-ipsec-with-ikev2/)   
-
-## Descarga una versión anterior
-
-Download [IVPN-2.12.17.dmg](https://cdn.ivpn.net/releases/osx/IVPN-2.12.17.dmg)  
-SHA256: 0fd09967482f53c801dc55eaf23a88ad341da37f58d70d9c9e24c2e5aeb36c22  
diff --git a/src/content/es/pages/apps-windows.md b/src/content/es/pages/apps-windows.md
deleted file mode 100644
index 13a97cc94..000000000
--- a/src/content/es/pages/apps-windows.md
+++ /dev/null
@@ -1,57 +0,0 @@
----
-title: IVPN para Windows - Aplicación VPN de código abierto para tu PC Windows
-description: IVPN para Windows te ofrece una protección integral contra filtraciones de privacidad con el firewall IVPN, conexión automática en redes Wi-Fi inseguras y Multi-hop.
-h1: IVPN para Windows
-subtitle: Compatible con Windows 10 / 11 (64-bit)
-url: /es/apps-windows/
-params:
-  translated: true
-platform: windows
-layout: apps
-image: apps/windows-app-3.3.7
-releases: [{
-    cta: Download,
-    download: https://repo.ivpn.net/windows/bin/IVPN-Client-v3.14.2.exe,
-    github: https://github.com/ivpn/desktop-app,
-    changelog: https://github.com/ivpn/desktop-app/blob/master/CHANGELOG.md,
-    checksum: [
-        {
-            title: SHA256,
-            value: 78e363c6405134ab4424650f2d0435c5a2f4120fcd1b0d4ce062fcd3f6dc471a
-        }
-    ]
-}]
----
-## Funciones
-
-- Protocolos WireGuard y OpenVPN.
-- GUI o CLI (interfaz de línea de comandos).
-- Controles de privacidad de WireGuard - Define un calendario de rotación automática de claves y direcciones IP.
-- AntiTracker que bloquea anuncios, adware, páginas web maliciosas y rastreadores de recopilación de datos.
-- Firewall/killswitch - Posibilidad de configurarlo a demanda o siempre activo. Ofrece protección integral contra filtraciones DNS, IPv6, WebRTC y desconexiones.
-- Capacidad para definir redes Wi-Fi de confianza y crear reglas para la conexión/desconexión automática de la VPN.
-- Rutas VPN de Multi-hop. Conéctate a través de múltiples servidores en jurisdicciones diferentes para mejorar la privacidad.
-- Permitir el tráfico LAN cuando estés conectado a la VPN.
-- Función de pausado para cuando sea necesario deshabilitar temporalmente la conexión VPN.
-- Opción Obfsproxy para eludir la censura.
-- Servidores DNS personalizados, con DoH.
-- Tunelización dividida.
-- Actualización automática.
-- Conexión automática de inicio y al unirse a una red Wi-Fi insegura.
-
-## Configuración manual
-
-Si prefieres no utilizar la aplicación IVPN, sigue la guía de configuración correspondiente a continuación.
-
-- [WireGuard (Windows 10)](/setup/windows-10-wireguard/)  
-- [OpenVPN GUI (Windows 10)](/setup/windows-10-openvpn-community/)
-- [OpenVPN GUI (Windows 8)](/setup/windows-8-openvpn-community/)
-- [IPSec con IKEv2 (Windows 10)](/setup/windows-10-ipsec-with-ikev2/)
-
-## Descarga una versión anterior
-
-[IVPN-Client-v3.12.0.exe](https://repo.ivpn.net/windows/bin/IVPN-Client-v3.12.0.exe)  
-SHA256: 2425f3e339eeb8bb8ac11734b2db918083eea6d2cd9172109e0748b2fcd62f19  
-
-[IVPN-Client-v2.12.17.exe](https://cdn.ivpn.net/releases/win/IVPN-Client-v2.12.17.exe)  
-SHA256: 7dce2cd90a2828f308c5c9063776d05af6074d974c57ee69a7ea79030640149a  
diff --git a/src/content/es/pages/ethics.md b/src/content/es/pages/ethics.md
deleted file mode 100644
index 563c49f5b..000000000
--- a/src/content/es/pages/ethics.md
+++ /dev/null
@@ -1,115 +0,0 @@
----
-title: Directrices éticas para la protección de la privacidad | IVPN
-description: Conoce la dirección ética que seguimos, dando prioridad a la privacidad. Explicamos cómo abordamos la transparencia y cómo/qué comunicamos a los nuevos clientes.
-url: /es/ethics/
-params:
-  translated: true
-sections:
-  - type: text_one_narrow_column
-    content: >-
-      # Guías éticas
-
-      Consideramos los efectos de nuestras decisiones con respecto al funcionamiento de nuestro servicio. Seguimos una mentalidad que prioriza la privacidad que va más allá de lo básico.
-
-
-      Cada decisión importa: cómo y qué comunicamos a los nuevos clientes, qué información recopilamos y qué herramientas utilizamos para mejorar nuestro servicio.
-
-      Creemos en predicar con el ejemplo y nos comprometemos a lo siguiente:
-      
-      #### Sin información personal
-
-      Nuestro objetivo es no recopilar información del usuario según se define en nuestra [política de privacidad](https://www.ivpn.net/privacy) concisa. No pedimos tu dirección de correo electrónico ni ninguna otra información personal.
-
-      #### Sin rastreadores
-
-      Los rastreadores de empresas de publicidad y redes sociales vigilan tus acciones y ayudan a elaborar tu perfil. No los encontrarás en ivpn.net - somos un proveedor sin rastreadores.
-
-      #### Sin herramientas de terceros
-
-      Herramientas como Google Analytics recopilan información de identificación personal. Utilizamos software alojado únicamente en servidores controlados por IVPN para garantizar tu privacidad.
-
-      #### Sin secretos
-
-      La [propiedad, estructura de la empresa y equipo](/es/team/) de IVPN es pública, por lo tanto sabes quién es responsable de proteger tu privacidad.
-
-      #### Sin falsas promesas
-
-      Algunos servicios intentan convencer a todo el mundo para que obtengan una VPN y permanezcan anónimos en línea. Nosotros no anunciamos beneficios que no se puedan obtener mediante el uso de una VPN.
-
-      #### Sinceridad y responsabilidad
-
-      Nuestras aplicaciones son de código abierto y están disponibles en nuestra [página de GitHub](https://github.com/ivpn). Comisionamos [auditorías](https://www.ivpn.net/blog/tags/audit/) periódicas para respaldar nuestras afirmaciones. 
-      
-  - type: text_one_narrow_column
-    content: >-
-      ## Cómo no hacemos marketing
-      
-      Nos comprometemos en difundir la misión de IVPN y ayudar a más personas a proteger su privacidad. Teniendo en cuenta el estado del marketing moderno, ésta es una tarea desafiante.
-
-
-      Consideramos que la mayoría de las tácticas de marketing son perjudiciales y nos negamos a utilizarlas. La siguiente lista representa todas las tácticas que hemos considerado y rechazado o eliminado a lo largo de los años.
-      
-      #### Reseñas de pago
-
-      Hemos cerrado nuestro programa de afiliados para protestar contra la práctica de reseñas de pago y recomendaciones engañosas por parte de las páginas web de las "mejores VPN".
-      
-      #### Anuncios de vigilancia
-
-      Los anuncios utilizan información personal y datos de comportamiento para fines de direccionamiento personal y segmentación. Rechazamos Facebook, Google y todas las formas de publicidad programática.
-
-      #### Patrones oscuros
-      
-      Evitamos reseñas falsas, pruebas sociales inventadas, temporizadores de cuenta regresiva, ofertas que vencen, y trucos que dificultan la cancelación de nuestro servicio.
-
-      #### Miedo, incertidumbre y duda
-
-      Impulsar suscripciones con tácticas de miedo es común en la industria de las VPN. No afirmaremos que todos los que no tienen una VPN estén bajo grave amenaza.
-
-      #### Compra de patrocinios
-
-      Creemos que los "influencers" y los creadores de YouTube sin experiencia en seguridad de la información no deberían respaldar servicios de VPN a cambio de un pago.
-
-      #### Spam
-    
-      Evitamos el spam en las redes sociales y la compra de listas de correo electrónico de clientes potenciales, dos tácticas de marketing utilizadas con frecuencia por los proveedores de VPN.
-      
-  - type: text_one_narrow_column
-    content: >-
-      ## Cómo atraemos nuevos clientes
-
-      Nuestra misión sustituye la obtención de ganancias y reinvertimos la mayor parte de nuestros ingresos en mejorar nuestro servicio y en proyectos educativos. Sin embargo, IVPN es un negocio y trabajamos para atraer nuevos clientes, teniendo en cuenta nuestros valores y compromisos.
-      
-      <table>
-        <tr>
-          <th><h3 style="margin:0">Método</h3></th>
-          <th style="width:35%"><h3 style="margin:0">Ejemplos</h3></th> 
-        </tr>
-        <tr>
-          <td><strong>Mejorando nuestro servicio</strong> <br>Las mejoras constantes en nuestro servicio hacen que nuestros clientes nos recomienden a otros.</td>
-          <td>Compatibilidad con WireGuard<br>CLI y GUI de Linux<br>Compatibilidad con IPv6</td> 
-        </tr>
-        <tr>
-          <td><strong>Proyectos educativos</strong><br>Asignamos tiempo y recursos a proyectos que difunden información sobre privacidad y VPN de confianza.</td>
-          <td><a href="https://www.ivpn.net/privacy-guides/">Guías de privacidad</a><br><a href="https://www.ivpn.net/blog/categories/industry-insights/">Blogs educativos</a><br><a href="https://www.doineedavpn.com">Do I need a VPN?</a><br><a href="https://theprivacyissue.com">The Privacy Issue</a></td> 
-        </tr>
-        <tr>
-          <td><strong>Canales sociales y comunidad</strong><br>Compartimos información sobre nuestro progreso en comunidades de IVPN.</td>
-          <td><a href="https://mastodon.social/@ivpn">Mastodon</a><br><a href="https://www.reddit.com/r/ivpn">Reddit</a><br><a href="https://twitter.com/ivpnnet">Twitter</a></td> 
-        </tr>
-        <tr>
-          <td><strong>Cooperación entre periodistas y revisores</strong><br>Compartimos actualizaciones de nuestro progreso y cuentas demo con periodistas y revisores éticos de VPN. No se ofrece ninguna compensación.</td>
-          <td><a href="https://arstechnica.com/gadgets/2018/12/testing-wireguard-with-an-early-adopter-vpn-service/">Ars Technica</a><br><a href="https://themarkup.org/the-breakdown/2021/08/12/how-private-is-my-vpn">The Markup</a><br>Techlore<br>Privacy Guides</td> 
-        </tr>
-        <tr>
-          <td><strong>Patrocinios</strong><br>Patrocinamos organizaciones sin ánimo de lucro y proyectos de desarrollo que se centran en la privacidad.</td>
-          <td><a href="https://www.eff.org">EFF</a><br><a href="https://www.torproject.org">Tor Project</a><br><a href="https://www.wireguard.com">WireGuard</a></td> 
-        </tr>
-          <tr>
-          <td><strong>Apoyando educadores sobre privacidad</strong><br>Apoyamos financieramente a los creadores de contenido ético, que poseen la experiencia necesaria para evaluar y respaldar las VPN.</td>
-          <td><a href="https://optoutpod.com">Seth For Privacy</a><br><a href="https://www.thenewoil.org">The New Oil</a><br><a href="https://www.monerotalk.live">Monero Talk</a></td> 
-        </tr>
-      </table>
-
-      Si has llegado hasta el final y estás de acuerdo con nuestros valores, considera compartir esta página. Esto podría ayudarnos a mantenernos dentro de los límites definidos y demostrar que es posible hacer crecer un negocio sin recurrir a herramientas poco éticas.
-
----
diff --git a/src/content/es/pages/home.md b/src/content/es/pages/home.md
deleted file mode 100644
index 62cf5cf66..000000000
--- a/src/content/es/pages/home.md
+++ /dev/null
@@ -1,112 +0,0 @@
----
-title: VPN para privacidad y seguridad | IVPN | Resiste la vigilancia en línea
-description: Servicio VPN de código abierto, auditado, con WireGuard, killswitch y bloqueador de rastreadores. Sin registros, sin falsas promesas. Inscripción anónima con garantía de reembolso de 30 días.
-url: /es/
-params:
-  translated: true
-isMenuCta: false
-hasSeperator: false
-sections:
-  - type: heading_text_two_cta_two_column
-    light_image: /images-static/uploads/ivpn-home.png
-    light_image_retina: /images-static/uploads/ivpn-home@2x.png
-    dark_image: /images-static/uploads/ivpn-home-dark.png
-    dark_image_retina: /images-static/uploads/ivpn-home-dark@2x.png
-    content: >-
-      # Resiste la vigilancia en línea
-    
-      Lo que haces en línea puede ser rastreado por organizaciones que quizás no conozcas y pase a formar parte de un registro permanente. Una VPN no puede resolver esto por sí sola, pero puede evitar que tu ISP pueda compartir o vender tus datos.
-    cta_one_label: Generar cuenta IVPN
-    cta_one_is_blue: true
-    cta_one_url: /signup/
-    cta_one_note: no se requiere email
-    cta_two_label: IVPN en GitHub
-    cta_two_is_blue: false
-    cta_two_url: https://github.com/ivpn
-  - type: usps_three_column_home
-    usps:
-      - name: Sin registros
-        description: No registramos ninguna actividad de usuario relacionada con el uso del servicio VPN, como se explica en nuestra clara [política de privacidad](/privacy).
-      - name: Sin datos del cliente
-        description: Somos un servicio de privacidad, por lo que no recopilamos ni almacenamos ningún dato personal al registrarse, ni siquiera
-          tu correo electrónico. También aceptamos efectivo, Monero y Bitcoin.
-      - name: Página web y aplicaciones de código abierto
-        description: Esta página web y la aplicaciones IVPN son de
-          código abierto para mayor transparencia y seguridad.
-      - name: Sin servicios en la nube ni almacenamiento de datos
-        description: Todos los servidores que gestionan los servicios de IVPN
-           están autoalojados y operados por IVPN, incluido el correo electrónico y atencion al cliente.
-      - name: Auditorías de seguridad independientes
-        description: Nos comprometemos a realizar [auditorías de seguridad anuales](/blog/tags/audit/) para mejorar nuestras
-           prácticas de seguridad y transparencia.
-      - name: Sin reseñas falsas
-        description: Nunca pagamos por reseñas y no tenemos un programa de afiliados, por lo que
-          no nos encontrarás en las listas de las '10 mejores VPN'.
-      - name: Sin falsas promesas
-        description: No prometemos anonimato ni "cifrado de grado militar". Publicamos extensas [guías de privacidad](/privacy-guides/) y educamos a nuestros clientes sobre lo que una VPN puede lograr de manera realista.
-      - name: Defensores de la privacidad
-        description: Donamos regularmente a organizaciones que luchan por el derecho a
-          la privacidad como la EFF, Open Rights Group y el proyecto Tor.
-      - name: Transparencia
-        description: Nuestro modelo de negocio se basa exclusivamente en suscripciones de pago. No
-          poseemeos ningún otro servicio VPN ni páginas de reseñas de VPN. Revisa [el equipo](team/)
-          que dirige IVPN y la propiedad de la empresa.
-  - type: heading_text_one_column
-    content: "## Funciones"
-  - type: features_image_three_column
-    light_image: /images-static/uploads/home-app-light.png
-    light_image_retina: /images-static/uploads/home-app-light-2x.png
-    dark_image: /images-static/uploads/home-app-dark.png
-    dark_image_retina: /images-static/uploads/home-app-dark-2x.png
-    features_col_one:
-      - description: "Elección de protocolos **WireGuard, OpenVPN o IPSec** utilizando las aplicaciones IVPN o cualquier otro cliente VPN compatible."
-      - description: "**Controles de privacidad de WireGuard** - Define una programación personalizada para la rotación automática de claves y direcciones IP."
-      - description: "**AntiTracker** que bloquea anuncios, adware, sitios web maliciosos y rastreadores de recopilación de datos."
-      - description: "Opción **Killswitch/Firewall** en macOS, Windows, Linux, Android y la función On-demand incorporada en iOS. Ofrece protección contra filtraciones DNS, IPv6, WebRTC y desconexiones."
-      - description: "**Servidores DNS** privados sin registro, accesibles a través de nuestra VPN."
-    features_col_two:
-      - description: "**Rutas VPN Multi-hop**. Conéctate a través de múltiples servidores en jurisdicciones diferentes para mejorar la privacidad."
-      - description: "Define **redes Wi-Fi de confianza** y crea reglas para la conexión/desconexión automática."
-      - description: "**Función de pausado** para cuando necesites desactivar la VPN temporalmente, tras lo cual la conexión se restablece automáticamente (excepto iOS)."
-      - description: "**Obfsproxy** para eludir la censura (clientes Windows, macOS y Linux)."
-  - type: heading_text_one_column
-    content: "## ¿Realmente necesitas una VPN?"
-  - type: text_two_column
-    content_column_1: |-
-      ### A pesar de lo que anuncian muchos proveedores de VPN, las VPN son inútiles (en el mejor de los casos, ineficaces) en:
-
-      <ul class="list--is-red">
-      <li>Lograr el anonimato.</li>
-      <li>Evitar que Google o Facebook recopilen tus datos privados.</li>
-      <li>Prevenir la creación de perfiles no deseados por parte de redes sociales o motores de búsqueda.</li>
-      <li>Proporcionar mayor seguridad al "trabajar desde casa".</li>
-      <li>Proteger tus contraseñas</li>
-      <li>Ocultar la ubicación de tu teléfono móvil (GPS).</li>
-      <li>Ayudarte a evitar filtraciones de datos en lo servicios que utilizas en línea.</li>
-      <li>Defensa contra “amenazas cibernéticas” y robo de identidad.</li>
-
-      </ul>
-
-      ### No confíes en una VPN para protegerte en ninguno de los escenarios anteriores.
-    
-    content_column_2: >
-      ### Sin embargo, una VPN de confianza puede ser muy efectiva para:
-
-
-      * Cifrar tus datos para que tu ISP o proveedor de red móvil no pueda vigilar ni registrar tu actividad en línea. Sin una VPN, conexiones HTTPS aún exponen a tu ISP el nombre del dominio o la dirección IP que estás visitando.
-
-      * Cifrar tu peticiones de DNS para que tu ISP o proveedor de red móvil no pueda vigilar ni registrar los dominios que visitas.
-
-      * Aumentar tu seguridad en redes públicas no fiables al prevenir ataques MITM.
-        
-      * Ocultar tu dirección IP de los sitios web y servidores a los que te conectas.
-
-      * Eludir la censura o bloqueos geográficos en sitios web y contenidos en línea. 
-  - type: heading_text_cta_one_column
-    content: >-
-      El uso de una VPN debe ser parte de una estrategia general para proteger tu privacidad, **pero solo si confías más en el proveedor de VPN que en tu ISP**.
-    cta_label: Generar cuenta IVPN
-    cta_is_blue: true
-    cta_url: /signup/
-    cta_note: no se require email
----
diff --git a/src/content/es/pages/pricing.md b/src/content/es/pages/pricing.md
deleted file mode 100644
index 18020a12b..000000000
--- a/src/content/es/pages/pricing.md
+++ /dev/null
@@ -1,8 +0,0 @@
----
-title: Precios de IVPN - suscripción VPN con inscripción anónima
-description: Crea una cuenta IVPN Standard o Pro - no se requiere dirección de correo electrónico. Aceptamos tarjetas de crédito, Paypal, Bitcoin o pagos en efectivo. Garantía de reembolso de 30 días.
-url: /es/pricing/
-params:
-  translated: true
-layout: application
----
diff --git a/src/content/es/pages/privacy-policy.md b/src/content/es/pages/privacy-policy.md
deleted file mode 100644
index e4d89eb2c..000000000
--- a/src/content/es/pages/privacy-policy.md
+++ /dev/null
@@ -1,225 +0,0 @@
----
-title: Política de privacidad de IVPN
-description: Es importante que nuestros clientes comprendan plenamente qué información privada recopilamos, almacenamos y procesamos. Lee nuestra política clara y sencilla para obtener la información que necesitas.
-url: /es/privacy/
-params:
-  translated: true
-layout:
-canonical:
----
-# Política de privacidad
-
-Estamos hechos para la privacidad. Internamente, sabemos lo qué esto significa; Utilizamos la privacidad como filtro para la toma de decisiones. Si es necesario elegir entre una práctica que profundiza en la privacidad de un usuario y otra que la disminuiría pero aceleraría nuestro crecimiento, siempre elegiremos la opción más lenta y privada. Si deseas obtener más información sobre los principios y creencias que impulsan nuestras decisiones, consulta nuestras páginas [equipo](/es/team/) y [ética](/es/ethics/).
-
-Nos damos cuenta de lo importante que es que nuestros clientes comprendan plenamente lo que
-entendemos por privacidad. Esta política brinda una descripción general de;
-
-* Qué queremos decir con "sin registros"
-
-* Qué información recopilamos, cómo se almacena y cómo se utiliza
-
-* ¿Qué sucede en el caso de que nos citen, recibamos una orden judicial o un aviso de infracción de derechos de autor de la DMCA?
-
-* Qué hacemos con la información relacionada con cuentas canceladas o inactivas
-
-* Cómo manejamos las solicitudes de acceso del sujeto
-
-Hemos hecho todo lo posible para que esta política sea lo más clara y legible posible para que puedas obtener la información que necesitas rápidamente.
-
-### Nuestro objetivo es cero información del usuario
-
-Como servicio de privacidad, creemos que es de vital importancia recopilar la información mínima necesaria para utilizar nuestro servicio. Muchas empresas requieren al menos una dirección de correo electrónico para presionar con  las renovaciones de suscripciones y permitir otras estrategias de crecimiento. Cuando te registras en IVPN, no se te pedirá ninguna información personal, como dirección de correo electrónico, nombre, etc. Tampoco registraremos ninguna información de identificación personal, como la Dirección IP. 
-
-Esto también significa que no tenemos forma de comunicarnos contigo en caso de tener problemas con la cuenta, inactividad de la red, etc. Si deseas proporcionarnos una dirección de correo electrónico para que podamos comunicarnos contigo sobre problemas futuros, opcionalmente puedes añadir una en el area del cliente después de registrarte.
-
-### ¿Qué datos no se registran?
-
-No registramos ningún dato relacionado con la actividad VPN de un usuario (mientras está conectado o conectándose a la VPN).
-
-* No registramos el tráfico
-
-* No registramos la fecha de conexión ni duración de la conexión
-
-* No registramos las peticiones de DNS
-
-* No registramos el ancho de banda del usuario
-
-* No registramos las direcciones IP de clientes
-
-* No registramos ninguna actividad de la cuenta, excepto las conexiones simultáneas totales activas (se explica a continuación) 
-
-### ¿Qué datos se registran al crear una cuenta?
-
-Cuando se crea una nueva cuenta, almacenamos los siguientes datos: (ten en cuenta que utilizamos nombres de campo simplificados y el siguiente formato para resaltar la información relevante)
-
-<div class="table-container-mobile">
-
-| ID | Creado en | Producto | Dispositivos máx |
-|---|---|---|---|
-| i-XXXX-XXXX-XXXX | 2020-09-21 05:03:13 | IVPN Pro | 7 |
-
-</div>
-
-### ¿Qué información se registra al realizar un pago con tarjeta de crédito, PayPal, efectivo, criptomoneda o código de cupón?
-
-Cuando añades tiempo a tu cuenta, se almacena la siguiente información:
-
-<div class="table-container-mobile">
-
-| ID de pago | ID de cuenta | Cantidad | Moneda | Fecha | ID de transacción |
-|---|---|---|---|---|---|
-| xxx | xxx | 100 | USD | 2020-10-2 14:01:11 | xxx |
-
-</div>
-
-Parte de la información de pago puede estar relacionada con tu cuenta; por ejemplo, si se utiliza PayPal, se asociará un ID de transacción de PayPal con tu cuenta, así como un ID de suscripción para crear una suscripción de PayPal. Si el pago se realiza utilizando nuestro servidor BTCPay, el ID de la transacción BTCPay se asociará con tu cuenta (ten en cuenta que utilizamos nuestro propio servidor BTCPay). Si añades tiempo con un código de cupón, se almacena en nuestro sistema y se asocia con tu ID de cuenta durante 30 días después canjearlo y luego se elimina. 
-
-Para pagos con tarjeta de crédito, utilizamos Braintree como nuestro procesador de pagos y almacenamos un ID de transacción de Braintree en tu cuenta. Si eliges habilitar la renovación automática de la suscripción, también se almacenará una identificación de suscripción.
-
-Estos son los datos que almacenamos para un pago con tarjeta de crédito:
-
-<div class="table-container-mobile">
-
-| ID de pago | ID de la cuenta | Cantidad | Moneda | Fecha |
-|---|---|---|---|---|---|
-| xxx | xxx | 100 | USD | 2018-10-2 14:01:11 |
-
-</div>
-
-Para procesar tu pago, Braintree y PayPal solicitarán información adicional. Braintree requiere la recopilación de los datos de tu tarjeta para procesar tu pago, y PayPal requerirá nombre, correo electrónico y dirección para crear una nueva cuenta de PayPal, así como la aceptación de sus términos de servicio. IVPN no almacena estos datos adicionales, aunque Braintree y PayPal están obligados a conservarlos durante muchos años. Ningún proveedor de pagos externo tiene acceso a tu ID de cuenta IVPN.
-
-En resumen, cuando podamos ofrecer métodos de pago anónimos, lo haremos y recopilaremos la menor cantidad de información posible para procesarlos. Sin embargo, los sistemas de pago centralizados o de terceros, y su procesamiento y almacenamiento de datos, están fuera de nuestro control.
-
-Seleccione pagos en efectivo o criptomonedas si esto te preocupa.
-
-### ¿Por qué se almacena la ID de transacción y ID de suscripción?
-
-Para poder procesar reembolsos de nuestra garantía de devolución de 30 días y resolver otros problemas de pago, así como permitir la renovación automática de la suscripción si esta fuese habilitada por el usuario.
-
-### ¿Qué información se registra cuando visito la página web de IVPN?
-
-IVPN ha seleccionado [Matomo](https://matomo.org) como su plataforma de análisis web. Los análisis web nos permiten comprender la interacción de nuestros usuarios con nuestra página web para comprender dónde se puede mejorar en términos de usabilidad, simplicidad y velocidad. También nos ayuda a comprender de dónde proceden los visitantes de nuestra página y a auditar estás páginas de referencia para garantizar que no hagan afirmaciones infundadas o exageradas.
-
-Matomo es un software de código abierto que se aloja en nuestra propia infraestructura de servidores para garantizar tu privacidad (a diferencia de plataformas como Google Analytics). Por ejemplo, el Centro para la Protección de la Privacidad de Datos de Francia (CNIL) recomendó Matomo como la única herramienta que puede garantizar fácilmente el pleno cumplimiento de las normas de privacidad. Matomo se utiliza para analizar información agregada sobre los visitantes de nuestra página web.
-
-Cuando tu navegador web carga una página en nuestro sitio, se ejecuta un pequeño fragmento de código JavaScript dentro de tu navegador que envía información como;
-
-* el agente de usuario de tu navegador
-
-* idioma
-
-* resolución de la pantalla
-
-* página web de referencia
-
-* Dirección IP
-
-Para garantizar tu privacidad, IVPN descarta los dos últimos octetos de la dirección IP. Matomo también puede establecer una cookie web para facilitar la identificación de los usuarios que vuelven a visitar el sitio.
-
-### ¿Dónde se almacenan mis datos y quién tiene acceso a ellos?
-
-IVPN está sujeto a la legislación de la UE y cumple con la Directiva de protección de datos de la UE (Directiva 95/46/CE), que prohíbe a las empresas transferir datos a jurisdicciones extranjeras con leyes de privacidad más débiles. IVPN no ubicará servidores en países donde se vea obligado a vulnerar este cumplimiento. Debido a la naturaleza de nuestras prácticas de registro, los servidores VPN no contienen ninguna información de identificación personal y por lo tanto, si son incautados, no podrían usarse para identificar a los usuarios.
-
-Ningún tercero tiene acceso a ninguno de tus datos. Siempre utilizamos herramientas propias o de terceros que podemos alojar en nuestros propios servidores en un entorno protegido y seguro.
-
-### ¿Cómo se limita la cantidad de dispositivos conectados?
-
-Los planes IVPN limitan el uso del servicio a una cantidad determinada de dispositivos. El servidor de autenticación mantiene un registro temporal de todos los ID de cuentas que tienen al menos un dispositivo conectado a una aplicación IVPN. Cuando un usuario inicia sesión en la aplicación IVPN, se agrega una entrada a la base de datos de la sesión del dispositivo que contiene lo siguiente:
-
-* un token único, que contiene una cadena alfanumérica de 16 caracteres utilizada para distinguir las entradas en la base de datos
-
-* la ID de cuenta correspondiente
-
-Cuando un cliente intenta iniciar sesión en una aplicación IVPN, se envía una solicitud a nuestros servidores de autenticación para verificar que la ID de cuenta especificada sea válida y tenga un plan activo asociado. Como siguiente paso, verificamos si la cantidad de tokens asociados con la identificación de la cuenta del cliente excede la cantidad permitida de dispositivos según el plan adquirido. Si la cantidad de tokens es igual a la cantidad permitida por su plan, se deniega el intento de autenticación.
-
-No almacenamos fechas ni ninguna información relacionada con el dispositivo que pueda usarse para identificarlo, como marca del producto, modelo, número IMEI, dirección MAC, etc. Las entradas de la base de datos de sesiones del dispositivo se eliminan permanentemente cuando el cliente cierra sesión de la aplicación IVPN, o cuando su cuenta es cancelada o eliminada. Si un adversario pudiera obtener acceso a estos datos, solo podría determinar qué ID de cuenta se había utilizado para iniciar sesión en al menos un dispositivo en ese momento y la cantidad de dispositivos conectados. Sin embargo, estos datos no proporcionan ninguna información útil sobre conexiones VPN pasadas o presentes iniciadas por el usuario de la cuenta.
-
-
-### ¿Cómo se limitan las conexiones simultáneas?
-
-Para autenticar a los clientes, nuestros servidores VPN envían una solicitud a un servidor de autenticación central, que contiene el ID de la cuenta del cliente. El servidor de autenticación mantiene un registro temporal de todos los ID de los clientes conectados. Cuando un cliente se conecta a un servidor VPN, el servidor de autenticación verifica cuántos registros de autenticación activos ya hay en la tabla para el ID de la cuenta; si excede el número permitido de conexiones simultáneas, se deniega la autenticación. Cuando un usuario se desconecta, el registro relevante se elimina permanentemente. Si un adversario pudiera obtener acceso a estos datos, solo podría determinar qué ID de cuenta estaba conectada a la red VPN en ese momento exacto.
-
-Como estos datos solo se almacenan durante la sesión de VPN, si alguien solicita saber cuántas conexiones se realizaron en un momento específico en el pasado, no podremos saberlo porque no los almacenamos.
-
-### ¿Qué información se almacena para la administración del dispositivo?
-
-La gestión de dispositivos es una función opcional (deshabilitada de manera predeterminada) que ayuda a los clientes a revisar y eliminar dispositivos que están autenticados para usar el servicio IVPN.
-
-Cuando se activa la gestión de dispositivos, se agrega un campo adicional para el nombre del dispositivo a la tabla de registro temporal que ayuda a limitar la cantidad de dispositivos conectados.
-IVPN asigna nombres de dispositivos en una secuencia específica (A-B-C-D-E-F-G) de una lista predefinida de siete nombres. Si se cierra la sesión de un dispositivo, su nombre pasa a estar disponible como siguiente opción para futuras asignaciones. Por ejemplo, si un cliente con siete dispositivos autenticados elimina el dispositivo F, D y luego C, la nueva secuencia se convierte en A-B-E-G-F-D-C, lo que hace que los últimos tres nombres estén disponibles para nuevos dispositivos.
-
-Esta uso de nomenclatura garantiza que los nombres de los dispositivos no se puedan utilizar para identificar tu cuenta en caso de que un adversario pudiera obtener acceso a estos datos específicos.
-
-
-### ¿Qué información se conserva cuando dejo de utilizar el servicio?
-Cuando se cancela una cuenta VPN en nuestra red debido a la finalización de la suscripción, falta de pago o por cualquier otro motivo, todos los datos asociados con esa cuenta VPN, incluida la cuenta misma (con la excepción de los datos contables a continuación) se eliminan automáticamente después de 90 días. Una vez eliminada la cuenta, los datos contables restantes que aparecen a continuación no tienen ningún vínculo con ningún ID de cuenta anterior. Si deseas eliminar tus datos inmediatamente, simplemente haz clic en el botón 'eliminar cuenta' dentro del área de cliente.
-
-<div class="table-container-mobile">
-
-| Fecha de pago | Cantidad | Método de pago | ID de transacción | ID de suscripción |
-|---|---|---|---|---|
-| 2020-01-24 | $100 | Paypal | XXX | XXX |
-
-</div>
-
-### ¿Cómo puedo obtener acceso a los datos que se almacenan en mi nombre a través de una solicitud de acceso de sujeto?
-
-De acuerdo con la legislación GDPR, las solicitudes razonables de divulgación de datos de un usuario específico se aceptarán dentro de los 28 días posteriores a una solicitud aceptable de un usuario o persona con una relación legal demostrable con ese usuario.
-
-Nos reservamos el derecho de rechazar o cobrar por solicitudes que sean manifiestamente infundadas o excesivas. Cualquier solicitud de acceso de sujeto rechazada será respondida sin demora indebida, incluido el motivo del rechazo, así como el recurso para remitirlo a la autoridad supervisora.
-
-Las solicitudes de acceso a los sujetos deben realizarse por escrito a sar@ivpn.net
-
-### ¿Dónde está la autoridad reguladora que supervisa la jurisdicción en la que opera IVPN según el GDPR?
-
-IVPN está registrada en Gibraltar y, como tal, el organismo regulador del RGPD es la [Autoridad Reguladora de Gibraltar](http://www.gra.gi/).
-
-### ¿Qué sucede si recibo un aviso legal, como una DMCA, para los derechos de autor del material que he descargado?
-
-Dado que nuestros clientes utilizan una dirección IP emitida por IVPN cuando utilizan nuestro servicio, dichos avisos se dirigen a IVPN y nuestro departamento legal emitirá una respuesta adecuada. Dado que no almacenamos registros de conexión, no podemos asociar una solicitud con la identidad de un cliente, incluso si estamos legalmente obligados a hacerlo.
-
-### ¿Cómo se reacciona cuando una autoridad solicita información relativa a un cliente?
-
-La empresa está constituida en Gibraltar. Si se recibe una orden judicial de una autoridad legal reconocida con jurisdicción sobre IVPN, entonces la empresa cumplirá con esa orden. Sin embargo, no se puede obligar a la empresa a entregar información de la que no dispone. Cuando un cliente se registra, no solicitamos información personal. Si alguna vez la ley nos exige mantener un registro persistente de las conexiones de nuestros clientes o cualquier dato personal relacionado con su actividad de red, lo notificaremos inmediatamente a nuestros clientes y haremos todo lo que esté a nuestro alcance para cambiar de jurisdicción o cerrar el servicio para proteger a quienes nos confían su privacidad.
-
-### ¿Qué pasa si las leyes cambian?
-
-IVPN se compromete a mantener informados a sus clientes sobre cualquier amenaza legislativa grave a nuestro servicio. Si las leyes en nuestra jurisdicción cambian de manera que nos impida cumplir con nuestra política de privacidad, siempre informaremos a nuestros clientes antes de que se promulguen esas leyes. También permitiremos a los clientes cancelar su suscripción y reembolsaremos cualquier tarifa que cubra el resto de su período de suscripción.
-
-### Registros de fallos (crash)
-
-De forma predeterminada, si una de nuestras aplicaciones móviles falla mientras la usas, se recopilarán datos anónimos sobre el error en el dispositivo para ayudarnos a identificar su causa y poder solucionarla en una actualización futura. Estos "registros de fallos" contienen información como el estado de la aplicación, el sistema operativo y el dispositivo en el momento del fallo, pero ninguna información de identificación personal.
-
-Recibimos registros de fallos de nuestras aplicaciones de escritorio solo cuando el usuario confirma manualmente el envío de los fallos. Para nuestras aplicaciones móviles, puedes optar por no enviar informes de registro de fallos deshabilitándolos en las preferencias del usuario.
-
-Los registros de fallos se envían a un servidor alojado y administrado por IVPN, y no por proveedores externos ni servicios en la nube.
-
-### Permisos del dispositivo para acceder a datos personales
-
-Las aplicaciones IVPN para iOS y Android pueden solicitar ciertos permisos que le permitan acceder a los datos del dispositivo del usuario como se describe a continuación.
-
-Estos permisos deben ser otorgados por el usuario antes de poder acceder a la información respectiva. Una vez otorgado el permiso, el usuario puede revocarlo en cualquier momento en la configuración del dispositivo.
-
-Ten en cuenta que la revocación de dichos permisos podría afectar el funcionamiento adecuado de la aplicación.
-
-#### Aplicación Android
-
-Permiso de ubicación (continuo):  
-Requerido para acceder al SSID de la Wi-Fi actual, cuando la función Protección de red de la aplicación está habilitada.
-
-Permiso de la cámara:  
-Se utiliza para escanear códigos QR para iniciar sesión con una ID de cuenta.
-
-#### Aplicación iOS
-
-Permiso para guardar el perfil de VPN:  
-Requerido para acceder al SSID de la Wi-Fi actual, cuando la función Protección de red de la aplicación está habilitada.
-
-Permiso de la cámara:  
-Se utiliza para escanear códigos QR para iniciar sesión con una ID de cuenta.
-
-### Cambios en la política
-
-IVPN se reserva el derecho de cambiar esta política de privacidad en cualquier momento. En tales casos, tomaremos todas las medidas razonables para garantizar que estos cambios lleguen a tu conocimiento publicando todos los cambios de manera destacada en la página web de IVPN durante un período de tiempo razonable, antes de que la nueva política entre en vigencia, así como enviando correos electrónicos a nuestros clientes existentes.
-
-Si tienes alguna pregunta o comentario sobre esta política, no dudes en contactarnos.
diff --git a/src/content/es/pages/refunds.md b/src/content/es/pages/refunds.md
deleted file mode 100644
index eae6da7d3..000000000
--- a/src/content/es/pages/refunds.md
+++ /dev/null
@@ -1,51 +0,0 @@
----
-title: Política y proceso de reembolso de IVPN
-url: /es/refunds/
-params:
-  translated: true
----
-# Reembolsos
-
-IVPN se esfuerza por satisfacer las expectativas de todos los usuarios y ofrece soporte ilimitado para ayudar a los usuarios con cualquier problema que puedan encontrar.
-
-Si no estás satisfecho por algún motivo, puedes solicitar **un reembolso completo dentro de los 30 días** desde tu pago. Esta oferta de reembolso completo está disponible **una vez por cuenta y por cliente**.
-
-A continuación se muestra la información que necesitas enviarnos al <a href="mailto:support@ivpn.net">correo electrónico</a> para cada método de pago:
-
-<h2>Tarjeta de crédito</h2>
-
-- La referencia segura de tu cuenta IVPN (XXXXXXXX) o el ID de tu cuenta IVPN (i-XXXX-XXXX-XXXX / ivpnXXXXXXXX).
-
-Si no recuerdas los detalles de tu cuenta, proporciónanos los primeros 6 dígitos del número de tarjeta, los últimos 4 dígitos del número de tarjeta, la fecha del pago y la cantidad pagada.
-
-<h2>PayPal</h2>
-
-- La referencia segura de tu cuenta IVPN (XXXXXXXX) o el ID de tu cuenta IVPN (i-XXXX-XXXX-XXXX / ivpnXXXXXXXX).
-
-Si no recuerdas los detalles de tu cuenta, proporciónenos la dirección de correo electrónico de tu cuenta PayPal y el ID de transacción asociado con la compra.
-
-<h2>Bitcoin y Monero</h2>
-
-- La referencia segura de tu cuenta IVPN (XXXXXXXX) o el ID de tu cuenta IVPN (i-XXXX-XXXX-XXXX / ivpnXXXXXXXX).
-
-- Tu dirección de billetera Bitcoin/Monero para recibir el reembolso.
-
-Si no recuerdas los detalles de tu cuenta, proporciónanos el ID de la transacción de tu pago de Bitcoin o Monero, la fecha de pago y la cantidad pagada.
-
-Ten en cuenta que las compras de IVPN Light no son reembolsables.
-
-<h2>Compra desde la aplicación de Android</h2>
-
-- La referencia segura de tu cuenta IVPN (XXXXXXXX) o el ID de tu cuenta IVPN (i-XXXX-XXXX-XXXX / ivpnXXXXXXXX).
-
-- ID de transacción de <a href="https://support.google.com/googleplay/answer/2850369?hl=en" target='_blank'>Google Play Store</a> que comienza con `GPA.`.
-
-<h2>Compra desde la aplicación de iOS</h2>
-
-Apple reembolsa las compras desde la App Store. Los detalles sobre cómo enviar el reclamo de reembolso a Apple se pueden encontrar <a href="https://support.apple.com/en-gb/HT204084" target="_blank">aquí</a>.
-
-<h2>Efectivo y vales</h2>
-
-Los pagos en efectivo y con cupones no son reembolsables.
-
-**Ten en cuenta** que no ofrecemos reembolsos prorrateados.
diff --git a/src/content/es/pages/servers.md b/src/content/es/pages/servers.md
deleted file mode 100644
index d2fbcbaaa..000000000
--- a/src/content/es/pages/servers.md
+++ /dev/null
@@ -1,7 +0,0 @@
----
-title: Estado de servidores IVPN
-url: /es/status/
-params:
-  translated: true
-layout: servers
----
diff --git a/src/content/es/pages/team.md b/src/content/es/pages/team.md
deleted file mode 100644
index 6d3491292..000000000
--- a/src/content/es/pages/team.md
+++ /dev/null
@@ -1,103 +0,0 @@
----
-title: Equipo IVPN
-url: /es/team/
-params:
-  translated: true
-sections:
-  - type: heading_text_cta_one_column
-    content: >-
-      # ¿Quién está detrás de IVPN?
-
-       IVPN está dirigido por un equipo de expertos en seguridad de la información y activistas de la privacidad. El equipo fundador es un grupo de profesionales de la seguridad que se conocieron mientras estudiaban seguridad de la información en la Universidad de Londres, Reino Unido (Royal Holloway). IVPN existe desde 2009, mucho más tiempo que la mayoría de los servicios VPN.
-    cta_label: Nuestro Manifesto
-    cta_url: /manifesto/
-  - type: image_full_width
-    image: /images-static/uploads/team.png
-    image_retina: /images-static/uploads/team-2x.png
-    image_alt_text: IVPN Team
-  - type: heading_text_one_column
-    content: "## En qué creemos"
-  - type: text_two_column
-    content_column_1: >-
-      #### La privacidad es necesaria para la autonomía personal
-
-
-      Creemos que la privacidad es una condición previa necesaria para el desarrollo y la preservación de uno mismo. El poder de revelarse selectivamente al mundo está siendo atacado por gobiernos y corporaciones. Estamos contraatacando.
-    content_column_2: >-
-      #### La libertad es necesaria para una sociedad abierta
-
-
-      Creemos que tienes derecho a la libertad de opinión y expresión en línea sin interferencias ni vigilancia. La libertad conduce a expresiones mejoradas de creatividad y pensamiento original. Estamos decididos a proteger este derecho.
-  - type: text_two_column
-    content_column_1: >-
-      #### La vigilancia no puede ser la respuesta
-
-
-      Se están implementando a un ritmo rápido herramientas de vigilancia avanzadas, como el monitoreo de dispositivos y las tecnologías de reconocimiento facial. Nos negamos a aceptar que estas herramientas sean necesarias para una sociedad segura y pedimos a los gobiernos que reduzcan su uso.
-    content_column_2: >-
-      #### La privacidad requiere una seguridad sólida
-
-
-      Necesitamos herramientas habilitadas con un cifrado sólido para protegernos contra adversarios hostiles. Con el conjunto adecuado de protecciones podemos volver a controlar lo que compartimos con aquellos que no conocemos y en los que no podemos confiar.
-  - type: lead_text_one_column
-    content: Nuestro equipo actual está completamente distribuido, con 10 personas de 7 países.
-  - type: team_three_column
-    members:
-      - image: /images-static/uploads/team-nick.png
-        image_retina: /images-static/uploads/team-nick-2x.png
-        name: Nicholas Pestell
-        description: Nick es fundador y director ejecutivo de IVPN y propietario 100% de IVPN Limited, la empresa a través de la cual se opera el servicio IVPN. Nick aporta una considerable experiencia en gestión de riesgos y pruebas de seguridad, adquirida mientras trabajaba para Royal Bank of Scotland, Network Rail y ABN AMRO Bank.
-        linkedin: https://www.linkedin.com/in/nick-pestell/
-        github: https://github.com/cipheromega
-      - image: /images-static/uploads/team-edward.png
-        image_retina: /images-static/uploads/team-edward-2x.png
-        name: Eduard De
-        description: Como líder de nuestro departamento de atención al cliente, Edward es responsable de garantizar que todas las consultas de los clientes se atiendan de manera rápida y profesional, sin importar cuándo lleguen.
-        linkedin: https://www.linkedin.com/in/edward-de-91793b163/
-        github: 
-      - image: /images-static/uploads/team-avatar.png
-        image_retina: /images-static/uploads/team-avatar.png
-        name: Iain Douglas
-        description: Con más de 20 años de experiencia trabajando con Unix y Linux, Iain sabe un par de cosas. Dirige el equipo responsable de garantizar la seguridad y disponibilidad de nuestra infraestructura VPN pública.
-        github: https://github.com/Iain-ivpn
-      - image: /images-static/uploads/team-gorka.png
-        image_retina: /images-static/uploads/team-gorka-2x.png
-        name: Gorka Pernas
-        description: Después de acumular una década de experiencia en funciones relacionadas con el control de calidad en empresas de tecnología, Gorka ahora aplica sus conocimientos para ayudar al equipo de IVPN a lanzar aplicaciones sin errores y asegurarse de que no sufras filtraciones de privacidad.
-        linkedin: https://www.linkedin.com/in/gorkapernas/
-        github: https://github.com/gorkapernas
-      - image: /images-static/uploads/nathan.png
-        image_retina: /images-static/uploads/nathan.png
-        name: Natanael Rodriguez
-        description: Con más de 15 años de experiencia en desarrollo de software, Nathan ahora utiliza sus habilidades para abordar todos los proyectos relacionados con backend en IVPN.
-        github: https://github.com/nathanrod
-      - image: /images-static/uploads/team-juraj.png
-        image_retina: /images-static/uploads/team-juraj-2x.png
-        name: Juraj Hilje
-        description: Como fanático incondicional de Apple y creyente en una experiencia de usuario fluida, fue una elección natural para Juraj empezar a desarrollar iOS hace una década. Ahora está obsesionado con crear la mejor VPN disponible en la App Store.
-        github: https://github.com/jurajhilje
-      - image: /images-static/uploads/team-stenya.png
-        image_retina: /images-static/uploads/team-stenya-2x.png
-        name: Oleksandr Stelnykovych
-        description: Stenya tiene más de 15 años de experiencia como desarrollador de software en diversos roles. En IVPN, trabaja en desarrollar las mejores aplicaciones VPN de escritorio para Windows y macOS.
-        linkedin: https://www.linkedin.com/in/alexandrstelnykovych/
-        github: https://github.com/stenya
-      - image: /images-static/uploads/team-jordan.png
-        image_retina: /images-static/uploads/team-jordan-2x.png
-        name: Jordan Sullivan
-        description: Como líder del servicio al cliente para América, Jordan utiliza sus habilidades de soporte técnico basadas en la resolución de problemas para ayudar a cualquiera que necesite una asistencia clara y paciente.
-        linkedin: 
-        github: https://github.com/jordan-ivpn
-      - image: /images-static/uploads/team-marina.png
-        image_retina: /images-static/uploads/team-marina-2x.png
-        name: Marina Tretiakova
-        description: Como especialista en finanzas, Marina no sólo garantiza que las finanzas de IVPN estén en orden, sino que también es responsable de desarrollar los procesos de negocio, realizar controles internos y garantizar el cumplimiento normativo.
-        linkedin: https://www.linkedin.com/in/marina-radionova-64800135/
-        github: 
-      - image: /images-static/uploads/team-viktor.png
-        image_retina: /images-static/uploads/team-viktor-2x.png
-        name: Viktor Vecsei
-        description: Viktor, un profesional de marketing reformado, se ha convertido en un ferviente defensor de la privacidad desde que se unió a IVPN. Es responsable de todos los esfuerzos de comunicación y divulgación que difunden la misión de IVPN.
-        linkedin: https://www.linkedin.com/in/viktorvecsei/
-        github: https://github.com/johnnyburnaway
----
diff --git a/src/content/es/pages/terms-of-service.md b/src/content/es/pages/terms-of-service.md
deleted file mode 100644
index 5123f0ba2..000000000
--- a/src/content/es/pages/terms-of-service.md
+++ /dev/null
@@ -1,65 +0,0 @@
----
-title: Términos de servicio de IVPN
-url: /es/tos/
-params:
-  translated: true
-layout:
-canonical:
----
-# Términos de servicio
-
-###### Última actualización: 21 de enero de 2021
-
-Estos son los términos de servicio que aceptas cuando te suscribes y/o utilizas los servicios de IVPN, operados por IVPN Limited.
-
-Ten en cuenta que en este acuerdo, el término "Tú" significa tú el "Suscriptor/Usuario", y el término "Nosotros" o "Nuestro" significa IVPN Limited, sus propietarios, empleados, agentes y cualquier otra persona involucrada con IVPN Limited.
-
-##### Como usuario de nuestros servicios, tú aceptas que:
-
-1. No utilizarás nuestro servicio para piratear o atacar otros ordenadores o redes en Internet.
-
-2. No utilizarás nuestro servicio para escanear (por ejemplo, escanear puertos, ejecutar cazadores de proxy) otros ordenadores o redes en Internet.
-
-3. No utilizarás nuestro servicio para transmitir virus, gusanos, troyanos, etc. a otros ordenadores o redes en Internet.
-
-4. No utilizarás nuestro servicio para atacar nuestros servidores y recursos de ninguna manera.
-
-5. No utilizarás nuestro servicio para recibir y distribuir materiales pirateados con derechos de autor. Esto incluye, entre otras, las siguientes actividades: comercialización, venta, trueque, intercambio, transmisión o recepción de dichos materiales.
-
-6. No utilizarás nuestro servicio para enviar datos no solicitados de ninguna forma. Esto incluye, entre otros, lo siguiente: envío de correos electrónicos no solicitados (es decir, correos electrónicos no deseados), correos electrónicos de odio, correos electrónicos de marketing masivo, mensajes instantáneos no solicitados y SMS no solicitados.
-
-7. No utilizarás nuestros servicios para participar en ningún tipo de actividad de pornografía infantil. Esto incluye, entre otros, lo siguiente: comercio, trueque, venta, transmisión o recepción de dicho material.
-
-8. No utilizarás nuestro servicio para ningún tipo de actividades delictivas. Esto incluye, entre otros, lo siguiente: Participar en el uso de tarjetas de crédito robadas, cuentas bancarias robadas, tarjetas de débito robadas, cuentas de pago en línea robadas (por ejemplo, PayPal).
-
-9. No utilizarás nuestro servicio para enviar correos electrónicos de phishing o robo de identidad.
-
-10. No promoverás ni alentarás actividades criminales o terroristas de ningún tipo.
-
-11. No utilizará nuestros servicios para amenazar o acosar a otros.
-
-12. No ejecutarás programas que consuman muchos recursos y que interfieran con el uso de nuestros servicios por parte de nuestros usuarios.
-
-13. No compartirás tu cuenta con otros. Tú serás responsable de todas las actividades relacionadas con tu cuenta.
-
-14. Aceptas no pagar el servicio con una tarjeta de crédito robada.
-
-15. No revenderás ni intentarás revender cuentas o servicios de IVPN a ningún individuo o entidad para su uso o reventa posterior sin el permiso expreso por escrito de IVPN Limited.
-
-16. El servicio que se te ofrece se proporciona "tal cual", sin garantía de ningún tipo. No somos responsables de ningún inconveniente directo, indirecto, consecuente o de cualquier daño o pérdida de ganancias que pueda surgir del uso de nuestros servicios.
-
-17. No podemos garantizar ni garantizamos la velocidad de nuestro servicio. Tampoco podemos garantizar ni garantizamos que tendrá un servicio ininterrumpido. No somos responsables de ningún inconveniente directo, indirecto, consecuente o de cualquier daño o pérdida de ganancias que pueda surgir del uso de nuestros servicios.
-
-18. No somos responsables de ninguna forma de daños de ningún tipo (consciente o inconscientemente) que resulten del uso de, o a través del uso de, o que surjan del uso de, o la imposibilidad de usar el servicio IVPN perteneciente a cualquier usuario registrado.
-
-20. En cualquier caso, IVPN nunca será responsable de ningún daño monetario más allá de lo que el usuario pagó a IVPN y esto no incluirá costos judiciales ni honorarios de abogados, independientemente de cualquier estatuto o ley que pueda interpretarse de otra manera.
-
-21. Nos reservamos el derecho de realizar enmiendas o modificaciones a nuestro Acuerdo de Términos de uso. Si realizamos cambios que sean materiales, tomaremos todas las medidas razonables para garantizar que se informa sobre los cambios, publicándolos de manera destacada en la página web de IVPN y enviándolos por correo electrónico a nuestros clientes existentes. El aviso designará un período de tiempo razonable después del cual los nuevos términos entrarán en vigor. Si no estás de acuerdo con nuestros cambios, debes dejar de utilizar el servicio IVPN dentro del período de notificación designado. eL uso continuado del servicio IVPN estará sujeto a los nuevos términos. Sin embargo, cualquier disputa que surgiera antes de los cambios se regirá por los términos que estaban vigentes cuando surgió la disputa.
-
-Este es nuestro acuerdo vinculante cuando aceptas estos términos de servicio.
-
-El objetivo principal de nuestro servicio es proteger tu privacidad. No toleramos ni promovemos en absoluto actividades delictivas de ningún tipo.
-
-Si violas alguno de nuestros términos, nos reservamos el derecho de cancelar tu servicio sin previo aviso o notificación. No se otorgarán reembolsos ni créditos.
-
-Si tienes alguna pregunta sobre esta política, [contáctanos](/contactus/).
diff --git a/src/content/es/pages/wireguard-vpn.md b/src/content/es/pages/wireguard-vpn.md
deleted file mode 100644
index 39bc0f538..000000000
--- a/src/content/es/pages/wireguard-vpn.md
+++ /dev/null
@@ -1,87 +0,0 @@
----
-title: Protocolo WireGuard VPN para privacidad - comienza a usarlo con IVPN
-description: WireGuard es un protocolo VPN revolucionario que promete mayor seguridad y velocidades más rápidas en comparación con las soluciones existentes. IVPN ofrece WireGuard en nuestras aplicaciones de Windows, macOS, Linux, iOS y Android. Configura y ejecuta WireGuard VPN en dos minutos.
-url: /es/wireguard/
-params:
-  translated: true
----
-# WireGuard<sup>®</sup> VPN
-
-[WireGuard](https://www.wireguard.com/) es un protocolo VPN revolucionario que utiliza criptografía de última generación prometiendo mayor seguridad y velocidades más rápidas en comparación con las soluciones existentes. Consulta la [página del protocolo WireGuard](https://www.wireguard.com/) para obtener una descripción general rápida del protocolo y la criptografía. Para mayor información, revisa el [documento técnico](https://www.wireguard.com/papers/wireguard.pdf).
-
-## IVPN + WireGuard
-
-Desde su fusión con Linux Kernel v5.6, el lanzamiento de WireGuard 1.0 y una auditoría de seguridad de terceros, consideramos que el protocolo está listo para un uso a gran escala. Creemos que WireGuard es el mejor protocolo para la mayoría de los clientes debido a su rendimiento excepcional, propiedades de seguridad, capacidad de itinerancia entre direcciones IP sin pérdida de paquetes ni desconexiones y conexión/desconexión instantánea.
-
-Sin embargo, WireGuard® no fue diseñado pensando en los proveedores de VPN de privacidad. Además, deja ciertos aspectos (por ejemplo, asignación de dirección IP, distribución de claves, etc.) a la responsabilidad del desarrollador. Como resultado, existen algunos problemas de privacidad que todos los proveedores de VPN responsables deben resolver. Estos problemas no representan de ninguna manera una debilidad del protocolo WireGuard en sí, son simplemente aspectos que los diseñadores del protocolo omitieron intencionalmente. Hemos identificado e implementado las siguientes soluciones en la red IVPN.
-
-<span class="badge">Asunto</span>
-
-#### La dirección IP pública del par se almacena en la memoria indefinidamente
-
-Hemos implementado un servicio de administración de claves en todos los servidores que escanea la lista de pares cuyo último enlace de conexión es > 180 segundos y elimina/restablece su configuración..
-
-<span class="badge">Asunto</span>
-
-#### No hay mecanismo para la asignación o rotación de direcciones IP del túnel
-
-Las aplicaciones IVPN llaman al backend de forma automática y transparente cada 24 horas para generar una nueva dirección IP aleatoria y distribuirla a todos los servidores.
-
-<span class="badge">Asunto</span>
-
-#### Sin secreto previo que oculte la identidad
-
-Las aplicaciones IVPN regeneran de forma automática y transparente un nuevo par de claves cada 24 horas y cargan la clave pública al backend para distribuirla a todos los servidores. 
-
-## WireGuard FAQ
-
-#### ¿Cómo puedo utilizar WireGuard?
-
-* [Configura tu propio servidor WireGuard](https://www.wireguard.com/quickstart/) y conéctate usando una de las aplicaciones oficiales.
-* Suscríbete a un proveedor de VPN que admita WireGuard. Si bien IVPN no es el único servicio que ofrece WireGuard, fuimos [los primeros en adoptarlo](/blog/introducing-wireguard-fully-automated/) y tener una experiencia significativa dándole soporte.
-
-#### ¿Qué sistemas operativos admite WireGuard?
-
-WireGuard es compatible con todos los principales sistemas operativos. La compatibilidad con WireGuard está integrada en las aplicaciones de IVPN para Windows, macOS, Linux, iOS y Android.
-
-#### ¿Qué criptografía se utiliza en WireGuard?
-
-WireGuard utiliza los siguientes protocolos y primitivas:
-
-* [ChaCha20](http://cr.yp.to/chacha.html) para cifrado simétrico, autentificado con [Poly1305](http://cr.yp.to/mac.html), usando [construcción AEAD del RFC7539](https://tools.ietf.org/html/rfc7539)
-* [Curve25519](http://cr.yp.to/ecdh.html) para ECDH
-* [BLAKE2s](https://blake2.net/) para hash y hash con clave, como se describe en [RFC7693](https://tools.ietf.org/html/rfc7693)
-* [SipHash](http://cr.yp.to/siphash/siphash-20120918.pdf) para claves de tabla hash
-* [HKDF](https://eprint.iacr.org/2010/264) para la derivación de claves, como se describe en [RFC5869](https://tools.ietf.org/html/rfc5869)
-* [Noise_IK handshake](https://www.wireguard.com/protocol/#key-exchange-and-data-packets) de [Noise](http://noiseprotocol.org/noise.pdf), basándose en el trabajo de [CurveCP](http://www.curvecp.org/), [NaCL](http://cr.yp.to/highspeed/naclcrypto-20090310.pdf), [KEA+](http://research.microsoft.com/en-us/um/people/klauter/security_of_kea_ake_protocol.pdf), [SIGMA](http://webee.technion.ac.il/~hugo/sigma-pdf.pdf), [FHMQV](https://eprint.iacr.org/2009/408.pdf), and [HOMQV](https://eprint.iacr.org/2010/638.pdf)
-* Todos los paquetes se envían a través de UDP.
-
-#### ¿Dónde tienes los servidores WireGuard?
-
-Ofrecemos servidores WireGuard en 45 ubicaciones en 32 países. Revisa la lista completa de servidores en nuestra [página de estado de servidores](/status/).
-
-#### Soy usuario de IVPN. ¿Necesito registrarme en WireGuard?
-
-WireGuard está disponible y listo para su uso para todos los clientes de IVPN existentes. No es necesario registrarse por separado.
-
-#### ¿Se ofrecen todas las funciones de IVPN para WireGuard?
-
-Admitimos las mismas funciones de seguridad y privacidad que con OpenVPN, por ejemplo, Firewall, protección de redes inseguras, AntiTracker y Multi-hop.
-
-#### ¿Se ofrece soporte IPv6 para WireGuard?
-
-Si.
-
-#### ¿Qué puertos se utilizan para WireGuard?
-
-Puertos UDP 53, 80, 443, 1194, 2049, 2050, 30587, 41893, 48574, 58237.
-
-#### ¿Necesito crear y agregar manualmente una clave pública en el Área de Cliente IVPN al agregar un nuevo dispositivo?
-
-No, cuando se utiliza la aplicación IVPN, las claves se generan automáticamente y la clave pública se carga en nuestro servidor en el momento en que selecciona el protocolo WireGuard en la aplicación.
-
-Si no estás utilizando una aplicación IVPN, también puedes generar y descargar archivos de configuración WireGuard en el [Área de cliente](/account/wireguard-config).
-
-#### ¿Qué servidor DNS se utiliza al conectarse con WireGuard?
-
-Alojamos nuestros propios servidores DNS sin registros que se envían y aplican automáticamente a tu dispositivo cuando te conectas. Cuando estás conectado, la dirección IP del servidor DNS es 172.16.0.1
diff --git a/src/themes/ivpn-v3/assets/js/router/index.js b/src/themes/ivpn-v3/assets/js/router/index.js
index 5931f2475..1ab63aaa2 100644
--- a/src/themes/ivpn-v3/assets/js/router/index.js
+++ b/src/themes/ivpn-v3/assets/js/router/index.js
@@ -68,21 +68,13 @@ const routes = [
         }
     },
     {
-        path: '/en/pricing',
+        path: '/pricing',
         name: 'prices',
         component: PricesView,
         meta: {
             title: en.pricing.meta.title,
         }
     },
-    {
-        path: '/es/pricing',
-        name: 'prices-es',
-        component: PricesView,
-        meta: {
-            title: es.pricing.meta.title,
-        }
-    },
     {
         path: '/prices', redirect: { name: 'prices' }
     },

From dd1e9cc6e46adf86039f5d9cd7c5009d7fb6e3d5 Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Mon, 3 Jun 2024 10:49:59 +0200
Subject: [PATCH 91/98] Update antitracker.md

---
 src/content/es/pages/antitracker.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/content/es/pages/antitracker.md b/src/content/es/pages/antitracker.md
index 1ce5617c8..030d34c7d 100644
--- a/src/content/es/pages/antitracker.md
+++ b/src/content/es/pages/antitracker.md
@@ -21,6 +21,6 @@ Para una mayor protección contra los líderes de la economía de la vigilancia,
 {{< figure class="features__image--light" src="/images-static/uploads/what-is-a-vpn-antitracker.svg" alt="What is a VPN - Antitracker" >}}
 {{< figure class="features__image--dark" src="/images-static/uploads/what-is-a-vpn-antitracker-dark.svg" alt="What is a VPN - Antitracker" >}}
 
-Cada plan IVPN incluye AntiTracker, funciona en todos los dispositivos compatibles con nuestro servicio y utiliza una selección de [listas de bloqueo](/knowledgebase/general/antitracker-plus-lists-explained/) actualizadas continuamente .
+Cada plan IVPN incluye AntiTracker, funciona en todos los dispositivos compatibles con nuestro servicio y utiliza una selección de [listas de bloqueo](/knowledgebase/general/antitracker-plus-lists-explained/) actualizadas continuamente.
 
-Para obtener más información sobre AntiTracker de IVPN, visite nuestras [Preguntas frecuentes](/knowledgebase/general/antitracker-faq/). 
+Para obtener más información sobre AntiTracker de IVPN, visita nuestras [Preguntas frecuentes](/knowledgebase/general/antitracker-faq/). 

From 8a3315c47a6972f822d6d22fe0793f6efc7e195d Mon Sep 17 00:00:00 2001
From: Gorka Pernas <16647612+gorkapernas@users.noreply.github.com>
Date: Mon, 3 Jun 2024 10:55:38 +0200
Subject: [PATCH 92/98] Update what-is-vpn.md

---
 src/content/es/pages/what-is-vpn.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/content/es/pages/what-is-vpn.md b/src/content/es/pages/what-is-vpn.md
index b045e3863..a6b72437a 100644
--- a/src/content/es/pages/what-is-vpn.md
+++ b/src/content/es/pages/what-is-vpn.md
@@ -1,13 +1,13 @@
 ---
 title: ¿Qué es una VPN?
-description: ¿Qué es una VPN? Una VPN o red privada virtual cifra los datos enviados entre ordenadores en Internet. Cuando utilizas una VPN por motivos de privacidad, tus datos se cifran para que tu ISP o proveedor de red móvil no pueda monitorear tu actividad en Internet.
+description: ¿Qué es una VPN? Una VPN o red privada virtual cifra los datos enviados entre ordenadores en Internet. Cuando utilizas una VPN por motivos de privacidad, tus datos se cifran para que tu ISP o proveedor de red móvil no pueda rastrear tu actividad en Internet.
 url: /es/what-is-a-vpn/
 params:
   translated: true
 ---
 # ¿Qué es una VPN?
 
-Una VPN o red privada virtual cifra los datos enviados entre ordenadores en Internet. Cuando utilizas una VPN por motivos de privacidad, tus datos se cifran para que tu ISP o proveedor de red móvil no pueda monitorear tu actividad en Internet.
+Una VPN o red privada virtual cifra los datos enviados entre ordenadores en Internet. Cuando utilizas una VPN por motivos de privacidad, tus datos se cifran para que tu ISP o proveedor de red móvil no pueda rastrear tu actividad en Internet.
 
 ### El ISP de Alice puede rastrear cada sitio que visita, y el tuyo también.
 
@@ -27,4 +27,4 @@ Echa un vistazo al caso de Alice, como se muestra en el diagrama. Su tráfico fl
 
 Con IVPN, primero te conectas a uno de nuestros servidores seguros a través de tu ISP. Una vez conectado, toda tu actividad en línea está cifrada y tu ISP no puede monitorearla ni registrarla. Además, tus datos están protegidos contra espías o piratas informáticos ubicados entre tu ordenador y el ISP.
 
-En el caso de Bob, está conectado a un servidor IVPN y, por tanto, todo el tráfico que pasa por su ISP está cifrado. El ISP sólo puede registrar que Bob está conectado a un servidor IVPN, nada más. Los servidores a los que está conectado solo ven que el servidor IVPN está conectado a ellos y, por lo tanto, solo pueden registrar la dirección IP del servidor IVPN en sus registros. Los mejores servicios de VPN se asegurarán diligentemente de no registrar ningún dato de conexión del usuario, garantizando la privacidad de sus clientes.
+En el caso de Bob, está conectado a un servidor IVPN y por tanto, todo el tráfico que pasa por su ISP está cifrado. El ISP sólo puede registrar que Bob está conectado a un servidor IVPN, nada más. Los servidores a los que está conectado solo ven que el servidor IVPN está conectado a ellos y por lo tanto, solo pueden registrar la dirección IP del servidor IVPN en sus registros. Los mejores servicios de VPN se asegurarán diligentemente de no registrar ningún dato de conexión del usuario, garantizando la privacidad de sus clientes.

From c1f72b47ca207c262d1951a688603068c11b4730 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Mon, 3 Jun 2024 10:39:10 +0100
Subject: [PATCH 93/98] Localisation: Removed footer links for not translated
 pages, added status page to pilot

---
 src/config/_default/menus/menus.en.toml        |  2 +-
 src/config/_default/menus/menus.es.toml        |  2 +-
 src/content/en/pages/servers.md                |  5 ++++-
 .../ivpn-v3/layouts/partials/footer.html       | 18 ++++++++++--------
 4 files changed, 16 insertions(+), 11 deletions(-)

diff --git a/src/config/_default/menus/menus.en.toml b/src/config/_default/menus/menus.en.toml
index 5b1e6f2c1..f1007bc75 100644
--- a/src/config/_default/menus/menus.en.toml
+++ b/src/config/_default/menus/menus.en.toml
@@ -92,7 +92,7 @@
   [[footercoltwo]]
     identifier = "status"
     name = "Servers"
-    url = "/status/"
+    url = "/en/status/"
     weight = 20
 
   [[footercoltwo]]
diff --git a/src/config/_default/menus/menus.es.toml b/src/config/_default/menus/menus.es.toml
index 5e08cb15f..04d505abe 100644
--- a/src/config/_default/menus/menus.es.toml
+++ b/src/config/_default/menus/menus.es.toml
@@ -92,7 +92,7 @@
   [[footercoltwo]]
     identifier = "status"
     name = "Servers"
-    url = "/status/"
+    url = "/es/status/"
     weight = 20
 
   [[footercoltwo]]
diff --git a/src/content/en/pages/servers.md b/src/content/en/pages/servers.md
index cd0f849c7..56dacb686 100644
--- a/src/content/en/pages/servers.md
+++ b/src/content/en/pages/servers.md
@@ -1,5 +1,8 @@
 ---
 title: IVPN Server Status
-url: /status/
+url: /en/status/
+aliases: ['/status/']
+params:
+  translated: true
 layout: servers
 ---
diff --git a/src/themes/ivpn-v3/layouts/partials/footer.html b/src/themes/ivpn-v3/layouts/partials/footer.html
index 213c97a81..f8b2f9b0d 100644
--- a/src/themes/ivpn-v3/layouts/partials/footer.html
+++ b/src/themes/ivpn-v3/layouts/partials/footer.html
@@ -13,14 +13,16 @@
                     <a href="{{ .URL }}">{{ .Name }}</a>
                 </li>
                 {{ end }}
-                {{ if and (eq site.Language.Lang "en") (.Param "translated") }}
-                <li>
-                    <a href="{{ replace .Page.RelPermalink "/en/" "/es/" }}">Versión española</a>
-                </li>
-                {{ else }}
-                <li>
-                    <a href="{{ replace .Page.RelPermalink "/es/" "/en/" }}">English version</a>
-                </li>
+                {{ if (.Param "translated") }}
+                    {{ if (eq site.Language.Lang "en")  }}
+                    <li>
+                        <a href="{{ replace .Page.RelPermalink "/en/" "/es/" }}">Versión española</a>
+                    </li>
+                    {{ else }}
+                    <li>
+                        <a href="{{ replace .Page.RelPermalink "/es/" "/en/" }}">English version</a>
+                    </li>
+                    {{ end }}
                 {{ end }}
             </ul>
         </div>

From f7e134f4c4dbb46da3cce67c683b696804bff0df Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Mon, 3 Jun 2024 11:19:20 +0100
Subject: [PATCH 94/98] Localisation: Removed translated footer links

---
 src/config/_default/menus/menus.es.toml | 4 ++--
 src/content/es/pages/account.md         | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/config/_default/menus/menus.es.toml b/src/config/_default/menus/menus.es.toml
index 04d505abe..4dc507905 100644
--- a/src/config/_default/menus/menus.es.toml
+++ b/src/config/_default/menus/menus.es.toml
@@ -73,7 +73,7 @@
 
   [[footercolone]]
     identifier = "what-is-a-vpn"
-    name = "Qué es un VPN"
+    name = "What is a VPN"
     url = "/es/what-is-a-vpn/"
     weight = 40
   
@@ -97,7 +97,7 @@
 
   [[footercoltwo]]
     identifier = "transparency-report"
-    name = "Informe de transparencia"
+    name = "Transparency Report"
     url = "/es/transparency-report/"
     weight = 30
 
diff --git a/src/content/es/pages/account.md b/src/content/es/pages/account.md
index 31ebefbfb..5c53742bc 100644
--- a/src/content/es/pages/account.md
+++ b/src/content/es/pages/account.md
@@ -1,6 +1,6 @@
 ---
 title: My Account
-url: /account/
+url: /es/account/
 # Leave empty for default, `application` for client area and signup
 layout: application
 menu:

From f495c1885db32f57a938f02bdde20443721536ae Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Mon, 3 Jun 2024 11:44:12 +0100
Subject: [PATCH 95/98] Localization: Added status page

---
 src/content/es/pages/servers.md | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 src/content/es/pages/servers.md

diff --git a/src/content/es/pages/servers.md b/src/content/es/pages/servers.md
new file mode 100644
index 000000000..899f5a286
--- /dev/null
+++ b/src/content/es/pages/servers.md
@@ -0,0 +1,7 @@
+---
+title: Estado de servidores IVPN
+url: /es/status/
+params:
+  translated: true
+layout: servers
+---
\ No newline at end of file

From fb3d37d5d732e35b00498bc40fd549b7d38727fd Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Mon, 3 Jun 2024 13:22:51 +0100
Subject: [PATCH 96/98] Responsive table changes

---
 src/themes/ivpn-v3/assets/scss/elements/table.scss | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/themes/ivpn-v3/assets/scss/elements/table.scss b/src/themes/ivpn-v3/assets/scss/elements/table.scss
index 90ffd1f48..8812ec16a 100644
--- a/src/themes/ivpn-v3/assets/scss/elements/table.scss
+++ b/src/themes/ivpn-v3/assets/scss/elements/table.scss
@@ -79,3 +79,12 @@ table {
         }
     }
 }
+
+@media only screen and (max-device-width: 600px)
+{
+    table {
+        th {
+            padding: 7px;
+        }
+    }
+}
\ No newline at end of file

From 6b500ee6a492e5bcc45a94bc0cb047612cd038a7 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Mon, 3 Jun 2024 13:27:15 +0100
Subject: [PATCH 97/98] Responsive table changes

---
 Dockerfile.bak | 55 --------------------------------------------------
 1 file changed, 55 deletions(-)
 delete mode 100644 Dockerfile.bak

diff --git a/Dockerfile.bak b/Dockerfile.bak
deleted file mode 100644
index 6539045de..000000000
--- a/Dockerfile.bak
+++ /dev/null
@@ -1,55 +0,0 @@
-FROM nginx:1.18 AS builder
-
-ARG ENV=production
-ARG BASE_URL=http://localhost:8010/
-ARG API_URL=http://localhost:8010/
-ARG PAYPAL_CLIENT_ID=Ae94bviH2d45LcrM1nnnUcIDuJNb2NZgR_-3GKoJS1krkkNiInSl9V-SHMLvpPd1V8P9-yDRNoWBWK44
-
-WORKDIR /opt/build
-
-# Install nodejs, yarn and hugo
-RUN apt-get update  \
-    && apt-get install -y gnupg gnupg2 gnupg1 \
-    && curl -sL https://deb.nodesource.com/setup_16.x | bash - \
-    && curl -sL https://deb.nodesource.com/setup_16.x | bash - \
-    && apt-get install -y nodejs \
-    && apt-get update \
-    && npm install --global yarn \
-    && curl -L  https://github.com/gohugoio/hugo/releases/download/v0.125.3/hugo_0.125.3_linux-amd64.deb -o /tmp/hugo.deb \
-    && dpkg -i /tmp/hugo.deb \
-    && rm /tmp/hugo.deb
-
-COPY ./src/themes/ivpn-v3/package.json ./src/themes/ivpn-v3/yarn.lock ./src/themes/ivpn-v3/
-RUN yarn --cwd ./src/themes/ivpn-v3/
-
-COPY ./src ./src
-RUN echo "MIX_APP_WEBAPI_URL=${BASE_URL}\nMIX_APP_API_URL=${API_URL}\nMIX_APP_PAYPAL_CLIENT_ID=${PAYPAL_CLIENT_ID}\n" > ./src/themes/ivpn-v3/.env
-RUN echo "Environment: $ENV\nBase URL: ${BASE_URL}\nAPI URL: ${API_URL}\nPayPal Client ID: ${PAYPAL_CLIENT_ID}\n"
-
-RUN yarn --cwd ./src/themes/ivpn-v3/ $ENV
-RUN yarn --cwd ./src/themes/ivpn-v3/ run copy:manifest
-
-RUN sed -E -e 's/^layout:(.*)$/layout: mobile-app/' \
-     -e 's/^url:(.*)$/url: \/privacy-mobile-app\//' \
-     -e 's/^canonical:(.*)$/canonical: \/privacy\//' \
-   ./src/content/en/pages/privacy-policy.md > ./src/content/en/pages/privacy-policy-mobile.md \
-   && sed -E -e 's/^layout:(.*)$/layout: mobile-app/' \
-     -e 's/^url:(.*)$/url: \/tos-mobile-app\//' \
-     -e 's/^canonical:(.*)$/canonical: \/tos\//' \
-   ./src/content/en/pages/terms-of-service.md > ./src/content/en/pages/terms-of-service-mobile.md
-
-RUN sed -E -e 's/^layout:(.*)$/layout: mobile-app/' \
-     -e 's/^url:(.*)$/url: \/privacy-mobile-app\//' \
-     -e 's/^canonical:(.*)$/canonical: \/privacy\//' \
-   ./src/content/es/pages/privacy-policy.md > ./src/content/es/pages/privacy-policy-mobile.md \
-   && sed -E -e 's/^layout:(.*)$/layout: mobile-app/' \
-     -e 's/^url:(.*)$/url: \/tos-mobile-app\//' \
-     -e 's/^canonical:(.*)$/canonical: \/tos\//' \
-   ./src/content/es/pages/terms-of-service.md > ./src/content/es/pages/terms-of-service-mobile.md 
-
-RUN hugo -s ./src -b ${BASE_URL} --environment $ENV -d /opt/build/public
-
-FROM nginx:1.18
-
-COPY ./nginx.conf /etc/nginx/conf.d/default.conf
-COPY --from=builder /opt/build/public /var/www/static

From be76eba22cbd6093ec63be893f4774ff27a41971 Mon Sep 17 00:00:00 2001
From: Natanael Rodriguez Ramos <nathan@Natanaels-MacBook-Pro.local>
Date: Mon, 3 Jun 2024 13:30:14 +0100
Subject: [PATCH 98/98] Fix nginx rewrites

---
 nginx.conf | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/nginx.conf b/nginx.conf
index 9b5718746..ff5ac827d 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -34,7 +34,7 @@ server {
     }
 
     # Error 404 page
-    #error_page 404 /404.html;
+    error_page 404 /404.html;
     location = /404.html {
         root /var/www/static;
        internal;
@@ -256,8 +256,8 @@ server {
     rewrite ^/knowledgebase/208/How-to-use-IVPN-on-KODI-media-player.html$ /knowledgebase/mp/how-to-use-ivpn-on-kodi-media-player/ permanent;
     rewrite ^/knowledgebase/229/Is-IVPN-compatible-with-AppleTV.html$ /knowledgebase/mp/is-ivpn-compatible-with-appletv/ permanent;
     rewrite ^/knowledgebase/248/How-do-I-connect-my-Nvidia-Shield-device.html$ /knowledgebase/mp/how-do-i-connect-my-nvidia-shield-device/ permanent;
-    rewrite ^/aboutus$ /en/team/ permanent;
-    rewrite ^/why-ivpn$ /en/team/ permanent;
+    rewrite ^/aboutus$ /team/ permanent;
+    rewrite ^/why-ivpn$ /team/ permanent;
     rewrite ^/ddwrt$ /setup/router/ddwrt/ permanent;
     rewrite ^/emails/ars-technica-wireguard$ https://arstechnica.com/gadgets/2018/12/testing-wireguard-with-an-early-adopter-vpn-service/ permanent;
     rewrite ^/releases$ / permanent;
@@ -269,7 +269,7 @@ server {
     rewrite ^/setup/linux-changelog.html$ /apps-linux/ permanent;
     rewrite ^/setup/android-changelog.html$ /apps-android/ permanent;
     rewrite ^/setup/mac-changelog.html$ /apps-macos/ permanent;
-    rewrite ^/facts$ /en/team/ permanent;
+    rewrite ^/facts$ /team/ permanent;
     rewrite ^/press$ /contactus/ permanent;
     rewrite ^/what-is-a-tunnel$ /what-is-a-vpn/ permanent;
     rewrite ^/server-locations$ /status/ permanent;