urlscan.io logo urlscan.io
SecurityTrails logo

www.betternet.co Open in urlscan Pro
2606:4700:10::6816:1893  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.betternet.co/
Submission: On May 23 via api from IE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 2606:4700:10::6816:1893, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.betternet.co.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 24th 2020. Valid for: 6 months.
This is the only time www.betternet.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 52.9.81.184 16509 (AMAZON-02)
1 2600:9000:218... 16509 (AMAZON-02)
17 5
10    2606:4700:10::6816:1893 (United States)

ASN13335 (CLOUDFLARENET, US)
www.betternet.co
1    2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.9.81.184 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-81-184.us-west-1.compute.amazonaws.com
www.hsselite.com
1    2600:9000:2182:9000:18:24b:e840:21 (United States)

ASN16509 (AMAZON-02, US)
d2p1qyxxogka01.cloudfront.net
Domain Requested by
10 www.betternet.co www.betternet.co
4 fonts.gstatic.com www.betternet.co
1 d2p1qyxxogka01.cloudfront.net www.betternet.co
1 www.hsselite.com www.betternet.co
1 fonts.googleapis.com www.betternet.co
17 5

This site contains links to these domains. Also see Links.

Domain
control.kochava.com
chrome.google.com
support.betternet.co
www.pango.co
Subject Issuer Validity Valid
betternet.co
CloudFlare Inc ECC CA-2		 2020-04-24 -
2020-10-09		 6 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
www.hsselite.com
Let's Encrypt Authority X3		 2020-04-13 -
2020-07-12		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.betternet.co/
Frame ID: 3876C017B61FF815B9912F1DC4B25221
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /Hugo ([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

17
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

168 kB
Transfer

307 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.betternet.co/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce311ad55f601e9fd01b704b951049b45173749a2c683de4fb6dceb5aabad403
Security Headers
Name Value
X-Frame-Options DENY

Request headers

:method
GET
:authority
www.betternet.co
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sat, 23 May 2020 18:32:16 GMT
content-type
text/html
set-cookie
__cfduid=d3cfc02c83ef1bf69e519cf52e62cc94b1590258736; expires=Mon, 22-Jun-20 18:32:16 GMT; path=/; domain=.betternet.co; HttpOnly; SameSite=Lax
last-modified
Wed, 06 May 2020 14:33:04 GMT
expires
Sat, 30 May 2020 18:32:16 GMT
cache-control
max-age=604800
x-frame-options
DENY
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5980dbd06a7bbedd-FRA
content-encoding
gzip
cf-request-id
02e467b6450000beddabb49200000001
css
fonts.googleapis.com/ 		12 KB
934 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Requested by
Host: www.betternet.co
URL: https://www.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d1e84d9fcc76d16198e1a0437d161a3b34c606cac4e088d7e3d7e68061ed2618
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.betternet.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 23 May 2020 18:32:16 GMT
server
ESF
date
Sat, 23 May 2020 18:32:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 May 2020 18:32:16 GMT
main.min.css
www.betternet.co/css/ 		38 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.betternet.co/css/main.min.css?1588775584
Requested by
Host: www.betternet.co
URL: https://www.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
517201f5d571e09c7a42abec857a0a16de3f9cdfacc58a5ce1d83c89414a762c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://www.betternet.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 18:32:16 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
115805
status
200
cf-request-id
02e467b6db0000beddabb57200000001
last-modified
Wed, 06 May 2020 14:33:03 GMT
server
cloudflare
etag
W/"5eb2ca9f-9604"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
text/css
cache-control
max-age=604800
cf-ray
5980dbd15b6abedd-FRA
expires
Fri, 29 May 2020 10:22:11 GMT
phone.png
www.betternet.co/img/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betternet.co/img/phone.png
Requested by
Host: www.betternet.co
URL: https://www.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27bac82c02580a0d5133401d9c8ffbebcbd7da0c0ff35f4af3a4f025f24a6a7d
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://www.betternet.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 18:32:16 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
115805
status
200
content-length
47914
cf-request-id
02e467b6dd0000beddabb5b200000001
last-modified
Wed, 06 May 2020 14:33:03 GMT
server
cloudflare
etag
"5eb2ca9f-bb2a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
5980dbd16b73bedd-FRA
expires
Fri, 29 May 2020 10:22:11 GMT
betternet.gpr.min.js
www.betternet.co/gpr/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.betternet.co/gpr/betternet.gpr.min.js?v=1588775584
Requested by
Host: www.betternet.co
URL: https://www.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9712122116cd3487d30329a9c0115cdadb177209c2dad32925ffec35369e7a45
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://www.betternet.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 18:32:16 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
115805
status
200
cf-request-id
02e467b6dd0000beddabb58200000001
last-modified
Wed, 06 May 2020 14:33:03 GMT
server
cloudflare
etag
W/"5eb2ca9f-7ef9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=604800
cf-ray
5980dbd16b6ebedd-FRA
expires
Fri, 29 May 2020 10:22:11 GMT
main.js
www.betternet.co/js/ 		104 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.betternet.co/js/main.js?1588775584
Requested by
Host: www.betternet.co
URL: https://www.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33b56986f464d5111cd01dad8143911c2c7aa3d5078f279acfd1f04e50cf9683
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://www.betternet.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 18:32:16 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
115805
status
200
cf-request-id
02e467b6dd0000beddabb59200000001
last-modified
Wed, 06 May 2020 14:33:03 GMT
server
cloudflare
etag
W/"5eb2ca9f-19e60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=604800
cf-ray
5980dbd16b70bedd-FRA
expires
Fri, 29 May 2020 10:22:11 GMT
gdpr.js
www.betternet.co/gpr/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.betternet.co/gpr/gdpr.js?1588775584
Requested by
Host: www.betternet.co
URL: https://www.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2af9c5826e5cc6ec36229eb0f8c85fcfccdd41a6ead6ae5cc2fc7009affb1c6
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://www.betternet.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 18:32:16 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
115805
status
200
cf-request-id
02e467b6dd0000beddabb5a200000001
last-modified
Wed, 06 May 2020 14:33:03 GMT
server
cloudflare
etag
W/"5eb2ca9f-3c30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=604800
cf-ray
5980dbd16b72bedd-FRA
expires
Fri, 29 May 2020 10:22:11 GMT
betternet-logo.svg
www.betternet.co/img/ 		1 KB
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betternet.co/img/betternet-logo.svg
Requested by
Host: www.betternet.co
URL: https://www.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d8bb2e31f3c82edb16ae0fb1e9b2ed7e519422d2f4b5d42721f82a8044f8a8f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://www.betternet.co/css/main.min.css?1588775584
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 18:32:16 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
115804
status
200
cf-request-id
02e467b6f40000beddabb61200000001
last-modified
Wed, 06 May 2020 14:33:03 GMT
server
cloudflare
etag
W/"5eb2ca9f-472"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
5980dbd18bb9bedd-FRA
expires
Fri, 29 May 2020 10:22:12 GMT
back-arrow.svg
www.betternet.co/img/ 		958 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betternet.co/img/back-arrow.svg
Requested by
Host: www.betternet.co
URL: https://www.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fef0f64e53f2db3aa6e6a2613ce39c22e51a05ba5a549a9ff3091892205f69f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://www.betternet.co/css/main.min.css?1588775584
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 18:32:16 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
115804
status
200
cf-request-id
02e467b6f50000beddabb62200000001
last-modified
Wed, 06 May 2020 14:33:03 GMT
server
cloudflare
etag
W/"5eb2ca9f-3be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
5980dbd18bbcbedd-FRA
expires
Fri, 29 May 2020 10:22:12 GMT
cloud.png
www.betternet.co/img/ 		778 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betternet.co/img/cloud.png
Requested by
Host: www.betternet.co
URL: https://www.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc458c6a91108a011c179ca2d340846882fab50cb52ffe9c5e0c23cac6a452d0
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://www.betternet.co/css/main.min.css?1588775584
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 18:32:16 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
115804
status
200
content-length
778
cf-request-id
02e467b6f50000beddabb63200000001
last-modified
Wed, 06 May 2020 14:33:03 GMT
server
cloudflare
etag
"5eb2ca9f-30a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
5980dbd18bbdbedd-FRA
expires
Fri, 29 May 2020 10:22:12 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: www.betternet.co
URL: https://www.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Origin
https://www.betternet.co

Response headers

date
Wed, 20 May 2020 03:40:44 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
312692
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Thu, 20 May 2021 03:40:44 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.betternet.co
URL: https://www.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Origin
https://www.betternet.co

Response headers

date
Sat, 16 May 2020 07:48:27 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
643429
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Sun, 16 May 2021 07:48:27 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.betternet.co
URL: https://www.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Origin
https://www.betternet.co

Response headers

date
Wed, 20 May 2020 11:10:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
285699
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Thu, 20 May 2021 11:10:37 GMT
icons.woff
www.betternet.co/fonts/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.betternet.co/fonts/icons.woff
Requested by
Host: www.betternet.co
URL: https://www.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8304f0580fe3d6fb540a361a350f8d8a0e8761fe4ca65f7387c85f5ac5674f11
Security Headers
Name Value
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.betternet.co/css/main.min.css?1588775584
Origin
https://www.betternet.co

Response headers

date
Sat, 23 May 2020 18:32:16 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
115803
status
200
content-length
3060
cf-request-id
02e467b6fb0000beddabb64200000001
last-modified
Wed, 06 May 2020 14:33:03 GMT
server
cloudflare
etag
"5eb2ca9f-bf4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
font/woff
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
5980dbd19bcdbedd-FRA
expires
Fri, 29 May 2020 10:22:13 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: www.betternet.co
URL: https://www.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Origin
https://www.betternet.co

Response headers

date
Thu, 21 May 2020 08:38:28 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
208428
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Fri, 21 May 2021 08:38:28 GMT
ipinfo
www.hsselite.com/ 		394 B
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hsselite.com/ipinfo
Requested by
Host: www.betternet.co
URL: https://www.betternet.co/gpr/gdpr.js?1588775584
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.81.184 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-81-184.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1be930cca2ab68bfb7c94b9366ab9610bb3d2421a0ae906545cd0891a6088305
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Frame-Options ALLOW-FROM https://hsselite.zendesk.com/

Request headers

Referer
https://www.betternet.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
2020-05-23T18:32:17+00:00
content-encoding
gzip
status
200
afs
dcbe883072d578a5ea89de8db34aee49
server
nginx
x-frame-options
ALLOW-FROM https://hsselite.zendesk.com/
content-security-policy-report-only
default-src https:; connect-src https: wss:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri https://www.hsselite.com/csp-report
p3p
CP="Dummy p3p policy"
access-control-allow-origin
https://www.betternet.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=5184000; includeSubDomains
content-type
application/json
expires
0
gpr
d2p1qyxxogka01.cloudfront.net/ 		0
463 B 		Other
General
Check archive.org
Download Go to
Full URL
https://d2p1qyxxogka01.cloudfront.net/gpr?data=
Requested by
Host: www.betternet.co
URL: https://www.betternet.co/gpr/betternet.gpr.min.js?v=1588775584
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:9000:18:24b:e840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.betternet.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 23 May 2020 18:32:17 GMT
access-control-request-method
*
x-content-type-options
nosniff
server
openresty/1.15.8.3
x-amz-cf-pop
DUS51-C1, DUS51-C1
x-frame-options
DENY
x-cache
Miss from cloudfront
status
200
cache-control
max-age=3600
strict-transport-security
max-age=31536000; includeSubdomains
content-length
0
via
1b7884ae15ec, 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront), 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
x-amz-cf-id
Aqr6yiNyMGh8I_JXOWRCf0aG0YmG6SyGqONOONwug4sg3y_trEj7Gw==
expires
Sat, 23 May 2020 19:32:17 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| AntiblockTest function| ToolSet function| SwitchBtnUpdater function| DownloadBtnUpdater function| EliteBtnUpdater function| AFCookie function| CrossdomainController function| AFRequestGetParams function| AFIrParams function| AFIrInitializer function| AFUserAgent function| AFUtms function| AFgclid function| AFUtmInitializer function| AFVisitorHash function| AFVisitorHashInitializer function| AFHasOffersInitializer function| gaTrack function| reportTracking object| config object| AFGPR object| ErrorLogger object| AFHSSTracker function| uuidv1 object| hamburger object| aside object| hammer object| ham object| hrefs function| hideSections function| Hammer object| smoothScroll function| Gdpr object| gdpr object| dataLayer

2 Cookies

Domain/Path Name / Value
.betternet.co/ Name: hprchs_vstr_hsh
Value: extbab2fd10-9d23-11ea-9d03-af72c03fd608
.betternet.co/ Name: __cfduid
Value: d3cfc02c83ef1bf69e519cf52e62cc94b1590258736

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d2p1qyxxogka01.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
www.betternet.co
www.hsselite.com
2600:9000:2182:9000:18:24b:e840:21
2606:4700:10::6816:1893
2a00:1450:4001:801::2003
2a00:1450:4001:814::200a
52.9.81.184
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1be930cca2ab68bfb7c94b9366ab9610bb3d2421a0ae906545cd0891a6088305
27bac82c02580a0d5133401d9c8ffbebcbd7da0c0ff35f4af3a4f025f24a6a7d
33b56986f464d5111cd01dad8143911c2c7aa3d5078f279acfd1f04e50cf9683
4d8bb2e31f3c82edb16ae0fb1e9b2ed7e519422d2f4b5d42721f82a8044f8a8f
4fef0f64e53f2db3aa6e6a2613ce39c22e51a05ba5a549a9ff3091892205f69f
517201f5d571e09c7a42abec857a0a16de3f9cdfacc58a5ce1d83c89414a762c
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
8304f0580fe3d6fb540a361a350f8d8a0e8761fe4ca65f7387c85f5ac5674f11
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9712122116cd3487d30329a9c0115cdadb177209c2dad32925ffec35369e7a45
b2af9c5826e5cc6ec36229eb0f8c85fcfccdd41a6ead6ae5cc2fc7009affb1c6
ce311ad55f601e9fd01b704b951049b45173749a2c683de4fb6dceb5aabad403
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d1e84d9fcc76d16198e1a0437d161a3b34c606cac4e088d7e3d7e68061ed2618
dc458c6a91108a011c179ca2d340846882fab50cb52ffe9c5e0c23cac6a452d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855