urlscan.io logo urlscan.io
SecurityTrails logo

get.hotspotshield.com Open in urlscan Pro
2600:9000:2057:da00:1b:7808:24c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://get.hotspotshield.com/
Effective URL: https://get.hotspotshield.com/
Submission: On April 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 12 domains to perform 43 HTTP transactions. The main IP is 2600:9000:2057:da00:1b:7808:24c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is get.hotspotshield.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on February 21st 2024. Valid for: a year.
This is the only time get.hotspotshield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    2600:9000:2057:da00:1b:7808:24c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.hotspotshield.com
4    2606:4700:11::6817:8a13 (United States)

ASN13335 (CLOUDFLARENET, US)
www.hotspotshield.com
3    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.101.128.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    18.245.86.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-16.fra60.r.cloudfront.net
app.hotspotshield.com
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2606:4700::6812:80d8 (United States)

ASN13335 (CLOUDFLARENET, US)
diffuser-cdn.app-us1.com
prism.app-us1.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    184.28.198.193 (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-28-198-193.deploy.static.akamaitechnologies.com
analytics.tiktok.com
7    151.101.0.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
12 hotspotshield.com
get.hotspotshield.com
www.hotspotshield.com — Cisco Umbrella Rank: 781621
app.hotspotshield.com
441 KB
8 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1162
167 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 709
150 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 337
14 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
region1.google-analytics.com — Cisco Umbrella Rank: 2404
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
279 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
72 KB
2 app-us1.com
diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 9262
prism.app-us1.com — Cisco Umbrella Rank: 9348
8 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 7278
63 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
63 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
273 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
352 B
43 12
Domain Requested by
8 js.stripe.com get.hotspotshield.com
js.stripe.com
7 get.hotspotshield.com get.hotspotshield.com
5 analytics.tiktok.com get.hotspotshield.com
analytics.tiktok.com
4 www.hotspotshield.com get.hotspotshield.com
www.hotspotshield.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
get.hotspotshield.com
3 www.googletagmanager.com get.hotspotshield.com
www.googletagmanager.com
2 connect.facebook.net get.hotspotshield.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.google.de get.hotspotshield.com
1 www.google.com get.hotspotshield.com
1 www.facebook.com get.hotspotshield.com
1 prism.app-us1.com diffuser-cdn.app-us1.com
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 diffuser-cdn.app-us1.com get.hotspotshield.com
1 app.hotspotshield.com get.hotspotshield.com
43 16

This site contains links to these domains. Also see Links.

Domain
www.hotspotshield.com
Subject Issuer Validity Valid
get.hotspotshield.com
Amazon RSA 2048 M03		 2024-02-21 -
2025-03-21		 a year crt.sh
hotspotshield.com
GTS CA 1P5		 2024-03-15 -
2024-06-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-03-27 -
2024-06-27		 3 months crt.sh
app.hotspotshield.com
Amazon RSA 2048 M02		 2023-12-20 -
2025-01-18		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2024-04-24 -
2024-06-27		 2 months crt.sh
diffuser-cdn.app-us1.com
E1		 2024-03-30 -
2024-06-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-02 -
2024-05-02		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
prism.app-us1.com
E1		 2024-03-19 -
2024-06-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://get.hotspotshield.com/
Frame ID: F7ABA7613D9A44855994666EB46BFAA4
Requests: 43 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-11e78b8430f3c426441e907b6acae745.html
Frame ID: 094E4E0DA99087378D2C1FD555E5C845
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-11e78b8430f3c426441e907b6acae745.html
Frame ID: 9A674ECEC634E7B1DF1FE0AE20F933D0
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-loader-ui-6eefe83ab04a4624b2d0b1104fe6247d.html
Frame ID: D919A72024477BACFDDFD59B3D811923
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-0196e7b87252db6174fecdf77b4b4add.html
Frame ID: 10B6E10E599577799E35AE1EB0E48AFC
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-60b9048800646ed2fc1f61c243a024aa.html
Frame ID: 258BC97E786BE195D01DE48234906B5F
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 8B4CDB06D8BDCD1F6103694959789AB3
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-8558493bb131694e605cf582c50c59c8.html
Frame ID: F2C51C9228BABB1DC91993C650D64EB7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Get Hotspot Shield

Page URL History Show full URLs

  1. http://get.hotspotshield.com/ HTTP 307
    https://get.hotspotshield.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

43
Requests

98 %
HTTPS

75 %
IPv6

12
Domains

16
Subdomains

17
IPs

4
Countries

1152 kB
Transfer

3816 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://get.hotspotshield.com/ HTTP 307
    https://get.hotspotshield.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
get.hotspotshield.com/
Redirect Chain
  • http://get.hotspotshield.com/
  • https://get.hotspotshield.com/
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://get.hotspotshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:da00:1b:7808:24c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa5587cf03e4bc76291e97773820e1e284ab023972da2cc30e7aab5f027e1e11

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

age
48617
content-encoding
br
content-type
text/html
date
Wed, 24 Apr 2024 05:47:39 GMT
etag
W/"3a155fee2cc0462d01d2883e9feed84e"
last-modified
Wed, 17 Apr 2024 15:16:26 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-id
7wx9zitXziRTksSxzRnmhWnfwPgtWEeVKjv-h-9NZ5C5bCqLtes17A==
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://get.hotspotshield.com/
Non-Authoritative-Reason
HSTS
gpr.min.js
www.hotspotshield.com/js/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hotspotshield.com/js/gpr.min.js
Requested by
Host: get.hotspotshield.com
URL: https://get.hotspotshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8a13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55968b4427a348c71141d6d0b7ef6cd43dffaff0612e571e0342236927826d0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 19:16:12 GMT
via
hotspotshield-6f48f455cc-9pvbc
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
651965
content-encoding
br
last-modified
Wed, 17 Apr 2024 06:06:37 GMT
server
cloudflare
etag
W/"661f66ed-aca2"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
cf-ray
87986d2c5ec79723-AMS
expires
Wed, 24 Apr 2024 22:16:12 GMT
index-0fe87a71.js
get.hotspotshield.com/assets/ 		1 MB
352 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.hotspotshield.com/assets/index-0fe87a71.js
Requested by
Host: get.hotspotshield.com
URL: https://get.hotspotshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:da00:1b:7808:24c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01e757d1960db6b458e3873fd0ef4d80a25733c8b503c378b04d8457eb89a4d2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Origin
https://get.hotspotshield.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 08:18:52 GMT
content-encoding
gzip
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
last-modified
Wed, 17 Apr 2024 15:16:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
39457
x-amz-server-side-encryption
AES256
etag
W/"a7b4c9976c463bf1e242e81b99c229bf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
V28kTt1ZCA1o53TNkuMmFXZ6-IhZ6f5UafhuI6_2vR2lKG2E7-1Qsw==
index-6a60fb94.css
get.hotspotshield.com/assets/ 		229 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://get.hotspotshield.com/assets/index-6a60fb94.css
Requested by
Host: get.hotspotshield.com
URL: https://get.hotspotshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:da00:1b:7808:24c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a60fb946022a0c660f8e22e67c10946be03cf027adfe542c8769f4e20d73cc3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 07:10:50 GMT
content-encoding
br
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
last-modified
Wed, 17 Apr 2024 15:16:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
43523
x-amz-server-side-encryption
AES256
etag
W/"41fd46fb92156a1c8db971417b90859c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
AykGYXGctF8ndJesfU_M7Jzm8JeEhpUlGUsns2jXbwqOBMBunoxI3w==
gtm.js
www.googletagmanager.com/ 		314 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T2M4SV5
Requested by
Host: get.hotspotshield.com
URL: https://get.hotspotshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
213d38f1b04d9144a1f33d36e3ae7dcad6f1bf14ea66cf703b2ee1708d0516cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 19:16:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109994
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 18:10:11 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 24 Apr 2024 19:16:12 GMT
v3
js.stripe.com/ 		603 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: get.hotspotshield.com
URL: https://get.hotspotshield.com/assets/index-0fe87a71.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
33fc0546e1fbec9fedb5003f512a5a9183b397b8270126e664ce52b554f735c9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 19:16:12 GMT
via
1.1 varnish
age
0
x-cache
HIT
content-length
170388
x-request-id
79f8a2c6-f05e-48a6-944e-11751469d90a
x-served-by
cache-fra-etou8220090-FRA
last-modified
Wed, 24 Apr 2024 18:45:41 GMT
server
Fastly
etag
"ed9e035cd33439dfe461f94293e2b04c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
gpr
www.hotspotshield.com/ 		0
333 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.hotspotshield.com/gpr?data=
Requested by
Host: www.hotspotshield.com
URL: https://www.hotspotshield.com/js/gpr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8a13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 24 Apr 2024 19:16:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 701ed6d11cb535ec9687bbfbe3b14bc0.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
access-control-request-method
*
server
cloudflare
x-amz-cf-pop
AMS1-P2
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST
x-cache
Miss from cloudfront
access-control-allow-origin
*
cf-ray
87986d2ccf4e9723-AMS
access-control-allow-headers
origin, x-csrftoken, content-type, accept
content-length
0
x-amz-cf-id
lYytGjbHRlAr49L-PnsEq9fXHqGl7WYdCTAY8vmsOkVQdKasU3XnbA==
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
632b020e21d3a5f4305d58bc449b66536b79e5c0f8fb746b1eeb51b64789b9db

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cdd039c4bcbcd8af3a3f04407856b3142e34b9b2f498fabe3d8003abee58f14

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15ef90a9ab5f332dc95e3a9be932d04109a2be3e1af538ece72df46ee2c8446a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		484 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
764ddcea26bd3223d899141616eb92c95a5eecf0a606e4b829130b730e0c7fdc

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		768 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eba6f39679d6b70192a3ab9dae783b162f74466d56b7147921007142120b1517

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		181 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fd467d27ef40cdaed73685e3d55006dd24a34223c2183d8d805f94f17b3aa1d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
lock-2a2bed80.svg
get.hotspotshield.com/assets/ 		540 B
888 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://get.hotspotshield.com/assets/lock-2a2bed80.svg
Requested by
Host: get.hotspotshield.com
URL: https://get.hotspotshield.com/assets/index-6a60fb94.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:da00:1b:7808:24c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a2bed80fc22f57ddd051090fd47b2551cbaa9b99d8f97aad14e40f810ea54cb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/assets/index-6a60fb94.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 04:01:07 GMT
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
last-modified
Wed, 17 Apr 2024 15:16:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
54906
etag
"22b2a0835688ef776fe33cc87fd83891"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
540
x-amz-cf-id
B8f3Vvhb9tCL_hMp0JRcnUG8-MKIVwI4asoqSbtZUVcIjpaW597-Sw==
gordita-medium-d97cf347.woff2
get.hotspotshield.com/assets/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://get.hotspotshield.com/assets/gordita-medium-d97cf347.woff2
Requested by
Host: get.hotspotshield.com
URL: https://get.hotspotshield.com/assets/index-6a60fb94.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:da00:1b:7808:24c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d97cf347a5f15da839694cfdd79b28afd9a4d3e1adea9ce66c7cd59c098e7b58

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/assets/index-6a60fb94.css
Origin
https://get.hotspotshield.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 09:31:00 GMT
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
last-modified
Wed, 17 Apr 2024 15:16:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
35161
x-amz-server-side-encryption
AES256
etag
"b2c5dc705e932f4c4035fbb135978986"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
18040
x-amz-cf-id
imuKbvq4LjYJRESAY2dxcGwv_9rEQ0k6zN98dMuU8iC1UXeXnQzmMw==
gordita-regular-a47379c5.woff2
get.hotspotshield.com/assets/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://get.hotspotshield.com/assets/gordita-regular-a47379c5.woff2
Requested by
Host: get.hotspotshield.com
URL: https://get.hotspotshield.com/assets/index-6a60fb94.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:da00:1b:7808:24c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a47379c55a11da03b7dd35882819e06fe90808c995500b0f6fd3965bf42bf111

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/assets/index-6a60fb94.css
Origin
https://get.hotspotshield.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 01:38:57 GMT
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
last-modified
Wed, 17 Apr 2024 15:16:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
63436
x-amz-server-side-encryption
AES256
etag
"b00700d101b8c1d35addcc506f1faa7e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
17396
x-amz-cf-id
TQnezmkFkzXJED2SC7iu_qLColisVnqaXCvUCWkih4PaBa3MrWyNoQ==
truncated
/ 		258 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dad0c865f23dd19fe2e9e5e33408f1353d6883db00ae26f1ae631abea858ce2a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		848 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6db96f83c88066b80995b9bac403a0b2f133620717cc8715fbdc1df000801da6

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
list
app.hotspotshield.com/vendorPlan/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.hotspotshield.com/vendorPlan/list?vendorPlanGroupId=0988d440-f028-4bfe-8862-bc99eb04cc80&country=US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-16.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-auth-token
Access-Control-Request-Method
GET
Origin
https://get.hotspotshield.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-length
919
content-type
text/html
date
Wed, 24 Apr 2024 19:16:13 GMT
server
CloudFront
via
1.1 1ed131e2ff13a9b8852067b4dfb6f2dc.cloudfront.net (CloudFront)
x-amz-cf-id
79r476sqrOEj1q4UB0i_gJzTFxzzc9Gx1GtNZTzT0yGiXYQKcBA4LQ==
x-amz-cf-pop
FRA60-P6
x-cache
Error from cloudfront
list
app.hotspotshield.com/vendorPlan/ 		0
0
js
www.googletagmanager.com/gtag/ 		269 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DELK9F8HW3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2M4SV5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f7e0ad9c243573f0e4a579c0acb70c792f7f0fcd7479ebab4b66cd5ad1825b52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 19:16:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94403
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Apr 2024 19:16:13 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2M4SV5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 17:41:00 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5713
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 24 Apr 2024 19:41:00 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2M4SV5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 24 Apr 2024 19:16:12 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4510A9A8AB3D480FADEA0C62086E2FD2 Ref B: FRA31EDGE0714 Ref C: 2024-04-24T19:16:13Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
destination
www.googletagmanager.com/gtag/ 		221 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-714949573&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2M4SV5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fb1bbab9f7b7e9ddc689593101f489f053fe0224d56aa342037dbb51d8db67bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 19:16:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80831
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 18:10:11 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 24 Apr 2024 19:16:13 GMT
diffuser.js
diffuser-cdn.app-us1.com/diffuser/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by
Host: get.hotspotshield.com
URL: https://get.hotspotshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:80d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 19:16:13 GMT
content-encoding
gzip
via
1.1 6a5eda21ba47fc7b4d3ca7ac7a9ac958.cloudfront.net (CloudFront)
cf-cache-status
HIT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P10
age
242
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 04 Apr 2023 18:58:37 GMT
server
cloudflare
etag
W/"613257bb316d347d9417023321c6d62f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
cf-ray
87986d2d7d7418f9-FRA
x-amz-cf-id
paTN7byaYU5yStFQSofQiKU6S2w3BbROvO_h9TWbm4GO40ti7S-C_A==
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: get.hotspotshield.com
URL: https://get.hotspotshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 24 Apr 2024 19:16:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57850
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
iaFFDxCDJFljLs6U9XxuQGQEVubMj5PHb3fkCw1vam48d+gjqZbdTpNXpBef40/WvRhr79okkrMvgchTLZL4Cg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE9O4AJC77UA05ON0BI0&lib=ttq
Requested by
Host: get.hotspotshield.com
URL: https://get.hotspotshield.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.198.193 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-198-193.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
09de3ed7a15b4fbc1d142b7adc890c80cf51b272933c316f28fc1bfe4e44dd11

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
9ede1f53.6464ffb7
date
Wed, 24 Apr 2024 19:16:13 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240424191613CE7EA5833EA5BD984EA6-0BE0E8F09245D1C9-00
x-cache
TCP_MISS from a184-28-198-189.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time
78,184.28.198.189
server-timing
cdn-cache; desc=MISS, edge; dur=73, origin; dur=5, inner; dur=2
content-length
1352
pragma
no-cache
server
nginx
x-tt-logid
20240424191613CE7EA5833EA5BD984EA6
x-cache-remote
TCP_MISS from a23-48-100-205.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
5,23.48.100.205
x-tt-trace-host
01071338e576d3120912a2d25762897a4ed55b43e77021c3d83439aea5ed859f4de7e758d58234f45548b923573fe0c88b8d0fd799253df481c06b458b9b3680582a041b91a5cc70ad2a76e184d0246b90342e1dfd31d5cf239738c0ea737c84ea08955a206483ccfd4fa7fa0cf0bb2361
expires
Wed, 24 Apr 2024 19:16:13 GMT
controller-with-preconnect-11e78b8430f3c426441e907b6acae745.html
js.stripe.com/v3/ Frame 094E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-11e78b8430f3c426441e907b6acae745.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://get.hotspotshield.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
40
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
229
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Apr 2024 19:16:13 GMT
etag
"11e78b8430f3c426441e907b6acae745"
last-modified
Wed, 24 Apr 2024 18:10:46 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
11
x-content-type-options
nosniff
x-request-id
ce3798f6-c9e4-4678-9cd1-6a271339f812
x-served-by
cache-fra-etou8220135-FRA
controller-with-preconnect-11e78b8430f3c426441e907b6acae745.html
js.stripe.com/v3/ Frame 9A67 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-11e78b8430f3c426441e907b6acae745.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://get.hotspotshield.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
40
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
229
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Apr 2024 19:16:13 GMT
etag
"11e78b8430f3c426441e907b6acae745"
last-modified
Wed, 24 Apr 2024 18:10:46 GMT
server
Fastly
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
11
x-content-type-options
nosniff
x-request-id
ce3798f6-c9e4-4678-9cd1-6a271339f812
x-served-by
cache-fra-etou8220135-FRA
elements-inner-loader-ui-6eefe83ab04a4624b2d0b1104fe6247d.html
js.stripe.com/v3/ Frame D919 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-loader-ui-6eefe83ab04a4624b2d0b1104fe6247d.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://get.hotspotshield.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3643
cache-control
max-age=31536000
content-encoding
br
content-length
247
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Apr 2024 19:16:13 GMT
etag
"6eefe83ab04a4624b2d0b1104fe6247d"
last-modified
Wed, 24 Apr 2024 18:10:47 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
11
x-content-type-options
nosniff
x-request-id
e968cc6c-19f0-42e7-9457-db925452ba5a
x-served-by
cache-fra-etou8220135-FRA
payment-request-inner-google-pay-0196e7b87252db6174fecdf77b4b4add.html
js.stripe.com/v3/ Frame 10B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-0196e7b87252db6174fecdf77b4b4add.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://get.hotspotshield.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3679
cache-control
max-age=31536000
content-encoding
br
content-length
222
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Apr 2024 19:16:13 GMT
etag
"0196e7b87252db6174fecdf77b4b4add"
last-modified
Wed, 24 Apr 2024 18:11:00 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
17
x-content-type-options
nosniff
x-request-id
13f1710c-0405-4c2a-9b92-20a4a1ab55d9
x-served-by
cache-fra-etou8220135-FRA
elements-inner-payment-60b9048800646ed2fc1f61c243a024aa.html
js.stripe.com/v3/ Frame 258B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-payment-60b9048800646ed2fc1f61c243a024aa.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://get.hotspotshield.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3643
cache-control
max-age=31536000
content-encoding
br
content-length
304
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Apr 2024 19:16:13 GMT
etag
"60b9048800646ed2fc1f61c243a024aa"
last-modified
Wed, 24 Apr 2024 18:10:47 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
12
x-content-type-options
nosniff
x-request-id
b838812b-8bec-47af-90b4-6db2efc8d71b
x-served-by
cache-fra-etou8220135-FRA
collect
www.google-analytics.com/j/ 		4 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=241297845&t=pageview&_s=1&dl=https%3A%2F%2Fget.hotspotshield.com%2F&ul=de-de&de=UTF-8&dt=Get%20Hotspot%20Shield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAEK~&jid=1935792040&gjid=276600795&cid=2040330642.1713986173&tid=UA-246226-92&_gid=761867652.1713986173&_r=1&_slc=1&gtm=45He44m0n81T2M4SV5v77009789za200&cd6=1713986172997.s4woh5ko&cd7=1713986172&cd8=ext1d5b1ab0-026f-11ef-b7d7-8be4b6462a2f&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&cd5=2040330642.1713986173&npa=1&z=1929841711
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 19:16:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://get.hotspotshield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
1142332929694473
connect.facebook.net/signals/config/ 		65 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1142332929694473?v=2.9.154&r=stable&domain=get.hotspotshield.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b9228e79f76f0a6940ed6cc7c49752a3d4e361b1c13fed18c1e19a8554a91d6f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 24 Apr 2024 19:16:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13577
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=62, mss=1326, tbw=63225, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
ASuUhJa6NVFQ3GINlNSzs0qDQDElYnkIVBx8IjmuLSabB46Xpy8IQgV+dmVfQZt4F6lqgqOzCoGiDagV96lKLA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DELK9F8HW3&gtm=45je44m0v9120696703z877009789za200&_p=1713986172817&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2040330642.1713986173&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1713986173&sct=1&seg=0&dl=https%3A%2F%2Fget.hotspotshield.com%2F&dt=Get%20Hotspot%20Shield&en=page_view&_fv=1&_ss=1&tfd=791
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DELK9F8HW3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 19:16:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://get.hotspotshield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-246226-92&cid=2040330642.1713986173&jid=1935792040&gjid=276600795&_gid=761867652.1713986173&npa=1&_u=YGBACEAABAAAACAEK~&z=1155870799
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 24 Apr 2024 19:16:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://get.hotspotshield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
52013101.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/52013101.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Wed, 24 Apr 2024 19:16:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: ECFB9CC6352043E48E9ED23A4D8B9662 Ref B: FRA31EDGE0714 Ref C: 2024-04-24T19:16:13Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=52013101&tm=gtm002&Ver=2&mid=6a143eac-3b54-44fb-b93f-c219df672e74&sid=1d837330026f11ef9632bf49d938272a&vid=1d836a50026f11ef9b5791b4e32b9fdc&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Get%20Hotspot%20Shield&p=https%3A%2F%2Fget.hotspotshield.com%2F&r=&lt=572&evt=pageLoad&sv=1&rn=536858
Requested by
Host: get.hotspotshield.com
URL: https://get.hotspotshield.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 24 Apr 2024 19:16:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4D3A55CC55A5442987D1E01F8AA66ED6 Ref B: FRA31EDGE0714 Ref C: 2024-04-24T19:16:13Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
prism.app-us1.com/ 		0
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prism.app-us1.com/?a=800646021&u=https%3A%2F%2Fget.hotspotshield.com%2F
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:80d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.27
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 19:16:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/8.1.27
content-type
application/javascript
cache-control
no-cache, private
x-envoy-upstream-service-time
79
cf-ray
87986d2e7db82c1c-FRA
content-length
0
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1142332929694473&ev=PageView&dl=https%3A%2F%2Fget.hotspotshield.com%2F&rl=&if=false&ts=1713986173162&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713986173161.2099574320&cs_est=true&ler=empty&cdl=API_unavailable&it=1713986173106&coo=false&rqm=GET
Requested by
Host: get.hotspotshield.com
URL: https://get.hotspotshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2769, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 24 Apr 2024 19:16:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
main.MTIyYzc3NzllMA.js
analytics.tiktok.com/i18n/pixel/static/ 		411 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE9O4AJC77UA05ON0BI0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.198.193 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-198-193.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a54234f412b9bfdc07fcbd75a6e3e22c0f89f89f861ea0e6e6a96c7048834c41

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
646500fc
date
Wed, 24 Apr 2024 19:16:13 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2024041905061388F757340D13D5ADA069
x-tt-trace-id
00-24041905061388F757340D13D5ADA069-5A471DC0845CEB1F-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a184-28-198-189.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0125b54d2278d485c4bb58fa0e17e78fabd173692b7b658933b78f0c95c010b37c8bdbf828c8807e16f89b79b295c3a86b320257547135d2c29d93405b96f29d09f9c23641131df12c02c86b9d7a3b7dcfc540315c73462b6b813ea3f07bdf384c
server-timing
cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=2
content-length
111294
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-246226-92&cid=2040330642.1713986173&jid=1935792040&npa=1&_u=YGBACEAABAAAACAEK~&z=1552846607
Requested by
Host: get.hotspotshield.com
URL: https://get.hotspotshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 19:16:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-246226-92&cid=2040330642.1713986173&jid=1935792040&npa=1&_u=YGBACEAABAAAACAEK~&z=1552846607
Requested by
Host: get.hotspotshield.com
URL: https://get.hotspotshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 19:16:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify_c26a2.js
analytics.tiktok.com/i18n/pixel/static/ 		139 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_c26a2.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.198.193 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-198-193.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
646501ec
date
Wed, 24 Apr 2024 19:16:13 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240419050449644413B14F959C6C800F
x-tt-trace-id
00-240419050449644413B14F959C6C800F-26258B498ABD0DDC-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a184-28-198-189.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01501027b1f627dc24d5f7c83f51dacc3c2f6ed97e99bd96dcc2f72bbf9d4c3382e87b835ce70aeae7510e67a11ecd042fbae7b76da61217a6981577731f6f645a37695b3088460aa115ed8e4f03bb50eab16f9a38bbf16720d125fab4ea245ce2
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
37019
pixel
analytics.tiktok.com/api/v2/ 		0
846 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.198.193 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-198-193.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
50101a4d.6465026d
date
Wed, 24 Apr 2024 19:16:13 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2404241916132E67C9D4C980FC0644AF-72DC6343BE5D9CDD-00
x-cache
TCP_MISS from a184-28-198-189.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time
103,184.28.198.189
server-timing
cdn-cache; desc=MISS, edge; dur=83, origin; dur=27, inner; dur=25
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202404241916132E67C9D4C980FC0644AF
x-cache-remote
TCP_MISS from a23-218-222-88.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
28,23.218.222.88
x-tt-trace-host
01071338e576d3120912a2d25762897a4ed55b43e77021c3d83439aea5ed859f4ddcc9a7c11c07cfc51e98bf8cf1c2bf0383108024051a99b2cc68840124fb9d7fabcbbd347643b2f5d499e80226d4d9e6e60a702e3449b292d159b8bd842f596ef9a94fcd864a3f33ef6731987202f2a2
access-control-allow-headers
Authorization,*
expires
Wed, 24 Apr 2024 19:16:13 GMT
gpr
www.hotspotshield.com/ 		0
138 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.hotspotshield.com/gpr?data=
Requested by
Host: www.hotspotshield.com
URL: https://www.hotspotshield.com/js/gpr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8a13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 24 Apr 2024 19:16:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
access-control-request-method
*
server
cloudflare
x-amz-cf-pop
AMS1-P2
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST
x-cache
Miss from cloudfront
access-control-allow-origin
*
cf-ray
87986d2fecf19723-AMS
access-control-allow-headers
origin, x-csrftoken, content-type, accept
content-length
0
x-amz-cf-id
D5xPXRchD8gVXZeMSxafbLjQjK7l6PcDvN9nn1PLMEBuYVP8dr2FIw==
gpr
www.hotspotshield.com/ 		0
137 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.hotspotshield.com/gpr?data=
Requested by
Host: www.hotspotshield.com
URL: https://www.hotspotshield.com/js/gpr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8a13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 24 Apr 2024 19:16:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 7b80fdb7de25e1eb41eb907750147f34.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
access-control-request-method
*
server
cloudflare
x-amz-cf-pop
AMS1-P2
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST
x-cache
Miss from cloudfront
access-control-allow-origin
*
cf-ray
87986d2fecf39723-AMS
access-control-allow-headers
origin, x-csrftoken, content-type, accept
content-length
0
x-amz-cf-id
w_UfucJd7jX3xQF3v4jiCbiHvNzuDLOTrocty05ssAMDY63eiJHQUQ==
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 8B4C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://get.hotspotshield.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
63366
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Apr 2024 19:16:13 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
17053
x-content-type-options
nosniff
x-request-id
a6547357-8eed-4d6b-816c-e1f5a3c7f749
x-served-by
cache-fra-etou8220135-FRA
favicon-2b27d36c.ico
get.hotspotshield.com/assets/ 		8 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://get.hotspotshield.com/assets/favicon-2b27d36c.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:da00:1b:7808:24c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b27d36c554b28db91aef75eb82e51aa7e392c57791c5fe57689407b352dc0a8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 05:11:41 GMT
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
last-modified
Wed, 17 Apr 2024 15:16:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
54606
x-amz-server-side-encryption
AES256
etag
"c9d86b963f5db990468d35e7d4172303"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/vnd.microsoft.icon
accept-ranges
bytes
content-length
8348
x-amz-cf-id
2oh-Nupf4OeDFx7NTESRpe4n1LDV9sG8ubjsFC7guRhpw6teqGZ6Bw==
act
analytics.tiktok.com/api/v2/pixel/ 		0
844 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.198.193 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-198-193.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://get.hotspotshield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
b4702654.646504c3
date
Wed, 24 Apr 2024 19:16:13 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2404241916131904AA56D0AA24038F93-30B7F57050E85242-00
x-cache
TCP_MISS from a184-28-198-189.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time
120,184.28.198.189
server-timing
cdn-cache; desc=MISS, edge; dur=98, origin; dur=39, inner; dur=26
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202404241916131904AA56D0AA24038F93
x-cache-remote
TCP_MISS from a23-218-222-72.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
39,23.218.222.72
x-tt-trace-host
01071338e576d3120912a2d25762897a4ed55b43e77021c3d83439aea5ed859f4dd01e018df11ec899bf6350da2522842a107737c585d3f9ef08ba30c71d060fd80848f4c3082cd8c9187998ffb0a610608cc78fb864183a107d8375230ab4526e69354c67a0dd57a201c027f05c86b5ce
access-control-allow-headers
Authorization,*
expires
Wed, 24 Apr 2024 19:16:13 GMT
hcaptcha-invisible-8558493bb131694e605cf582c50c59c8.html
js.stripe.com/v3/ Frame F2C5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/hcaptcha-invisible-8558493bb131694e605cf582c50c59c8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-HXOb/LFqEGANHI6QsDuIwn6CTDrruROwSn7v6gigjSU='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3681
cache-control
max-age=31536000
content-encoding
br
content-length
25280
content-security-policy
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-HXOb/LFqEGANHI6QsDuIwn6CTDrruROwSn7v6gigjSU='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Apr 2024 19:16:13 GMT
etag
"8558493bb131694e605cf582c50c59c8"
last-modified
Wed, 24 Apr 2024 18:10:59 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
36
x-content-type-options
nosniff
x-request-id
5406c737-b25b-4f9d-966c-c837e863ccba
x-served-by
cache-fra-etou8220135-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
app.hotspotshield.com
URL
https://app.hotspotshield.com/vendorPlan/list?vendorPlanGroupId=0988d440-f028-4bfe-8862-bc99eb04cc80&country=US

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| dataLayer function| AntiblockTest function| ToolSet function| SwitchBtnUpdater function| GetStartedBtnUpdater function| DownloadBtnUpdater function| EliteBtnUpdater function| AFCookie function| CrossdomainController function| AFRequestGetParams function| AFIrParams function| AFIrInitializer function| AFUserAgent function| AFUtms function| AFgclid function| ReferralProgram function| AFUtmInitializer function| SeoAttribution function| AFVisitorHash function| AFVisitorHashInitializer function| AFHasOffersInitializer function| gaTrack function| reportTracking function| PagePerformance object| config object| AFGPR object| ErrorLogger object| AFHSSTracker function| uuidv1 boolean| __vite_is_modern_browser object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga string| visitorGlobalObjectAlias function| vgo function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq object| webpackChunkStripeJSouter function| noop function| Stripe object| gaplugins object| gaGlobal object| gaData string| prismGlobalObjectAlias object| visitorGlobalObject function| UET function| UET_init function| UET_push object| ueto_3153189899 object| uetq object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks

21 Cookies

Domain/Path Name / Value
.hotspotshield.com/ Name: hprchs_vstr_hsh
Value: ext1d5b1ab0-026f-11ef-b7d7-8be4b6462a2f
.hotspotshield.com/ Name: af_pl
Value: 3
.hotspotshield.com/ Name: af_br
Value: 1
.hotspotshield.com/ Name: _gcl_au
Value: 1.1.749316898.1713986173
.hotspotshield.com/ Name: _gid
Value: GA1.2.761867652.1713986173
.hotspotshield.com/ Name: _gat_UA-246226-92
Value: 1
.hotspotshield.com/ Name: _ga
Value: GA1.1.2040330642.1713986173
.hotspotshield.com/ Name: _uetsid
Value: 1d837330026f11ef9632bf49d938272a
.hotspotshield.com/ Name: _uetvid
Value: 1d836a50026f11ef9b5791b4e32b9fdc
.hotspotshield.com/ Name: _fbp
Value: fb.1.1713986173161.2099574320
.tiktok.com/ Name: _ttp
Value: 2fYm1rS8U7g6cnAAZ2fOVo7guwX
.bing.com/ Name: MUID
Value: 1A8BF861787566211D6EEC0A79D967AA
.hotspotshield.com/ Name: _tt_enable_cookie
Value: 1
.hotspotshield.com/ Name: _ttp
Value: W0B4NV0ln1r7O3hpTlp5YfEcSa1
prism.app-us1.com/ Name: prism_800646021
Value: edf5e001-73ee-436e-b23f-90894410173f
.hotspotshield.com/ Name: _ga_DELK9F8HW3
Value: GS1.1.1713986173.1.0.1713986173.0.0.0
api2.hcaptcha.com/ Name: __cflb
Value: 0H28vk2VKwPbLoawFj9mU2fhedYxxWRCkJHqmTwzgcV
m.stripe.com/ Name: m
Value: b0355488-71d4-4869-b283-af19458174b99c9a60
.get.hotspotshield.com/ Name: __stripe_mid
Value: f3ab97a6-6e03-4557-b3d4-95e145a22d5f0dc4b0
.get.hotspotshield.com/ Name: __stripe_sid
Value: cbf647d7-182f-480f-b26f-c88e3bfe74a7422dc9
api.hcaptcha.com/ Name: hmt_id
Value: 9fc36a39-5087-4fcb-9ca9-413ab88b9cc5

21 Console Messages

Source Level URL
Text
javascript error URL: https://get.hotspotshield.com/
Message:
Access to XMLHttpRequest at 'https://app.hotspotshield.com/vendorPlan/list?vendorPlanGroupId=0988d440-f028-4bfe-8862-bc99eb04cc80&country=US' from origin 'https://get.hotspotshield.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://app.hotspotshield.com/vendorPlan/list?vendorPlanGroupId=0988d440-f028-4bfe-8862-bc99eb04cc80&country=US
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://connect.facebook.net/signals/config/1142332929694473?v=2.9.154&r=stable&domain=get.hotspotshield.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://get.hotspotshield.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://get.hotspotshield.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://get.hotspotshield.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://get.hotspotshield.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://get.hotspotshield.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://get.hotspotshield.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://get.hotspotshield.com/
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other warning URL: https://get.hotspotshield.com/
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other warning URL: https://get.hotspotshield.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://get.hotspotshield.com/
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other warning URL: https://get.hotspotshield.com/
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other warning URL: https://get.hotspotshield.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://get.hotspotshield.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://get.hotspotshield.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://get.hotspotshield.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://get.hotspotshield.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://get.hotspotshield.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://get.hotspotshield.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
app.hotspotshield.com
bat.bing.com
connect.facebook.net
diffuser-cdn.app-us1.com
get.hotspotshield.com
js.stripe.com
prism.app-us1.com
region1.google-analytics.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.hotspotshield.com
app.hotspotshield.com
151.101.0.176
151.101.128.176
18.245.86.16
184.28.198.193
2001:4860:4802:32::36
2600:9000:2057:da00:1b:7808:24c0:93a1
2606:4700:11::6817:8a13
2606:4700::6812:80d8
2620:1ec:c11::237
2a00:1450:4001:812::2004
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2008
2a00:1450:400c:c07::9a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
01e757d1960db6b458e3873fd0ef4d80a25733c8b503c378b04d8457eb89a4d2
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
09de3ed7a15b4fbc1d142b7adc890c80cf51b272933c316f28fc1bfe4e44dd11
15ef90a9ab5f332dc95e3a9be932d04109a2be3e1af538ece72df46ee2c8446a
213d38f1b04d9144a1f33d36e3ae7dcad6f1bf14ea66cf703b2ee1708d0516cc
2a2bed80fc22f57ddd051090fd47b2551cbaa9b99d8f97aad14e40f810ea54cb
2b27d36c554b28db91aef75eb82e51aa7e392c57791c5fe57689407b352dc0a8
33fc0546e1fbec9fedb5003f512a5a9183b397b8270126e664ce52b554f735c9
55968b4427a348c71141d6d0b7ef6cd43dffaff0612e571e0342236927826d0d
632b020e21d3a5f4305d58bc449b66536b79e5c0f8fb746b1eeb51b64789b9db
6a60fb946022a0c660f8e22e67c10946be03cf027adfe542c8769f4e20d73cc3
6cdd039c4bcbcd8af3a3f04407856b3142e34b9b2f498fabe3d8003abee58f14
6db96f83c88066b80995b9bac403a0b2f133620717cc8715fbdc1df000801da6
764ddcea26bd3223d899141616eb92c95a5eecf0a606e4b829130b730e0c7fdc
7fd467d27ef40cdaed73685e3d55006dd24a34223c2183d8d805f94f17b3aa1d
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
a47379c55a11da03b7dd35882819e06fe90808c995500b0f6fd3965bf42bf111
a54234f412b9bfdc07fcbd75a6e3e22c0f89f89f861ea0e6e6a96c7048834c41
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab
aa5587cf03e4bc76291e97773820e1e284ab023972da2cc30e7aab5f027e1e11
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b9228e79f76f0a6940ed6cc7c49752a3d4e361b1c13fed18c1e19a8554a91d6f
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
d97cf347a5f15da839694cfdd79b28afd9a4d3e1adea9ce66c7cd59c098e7b58
dad0c865f23dd19fe2e9e5e33408f1353d6883db00ae26f1ae631abea858ce2a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eba6f39679d6b70192a3ab9dae783b162f74466d56b7147921007142120b1517
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7e0ad9c243573f0e4a579c0acb70c792f7f0fcd7479ebab4b66cd5ad1825b52
fb1bbab9f7b7e9ddc689593101f489f053fe0224d56aa342037dbb51d8db67bb