urlscan.io logo urlscan.io
SecurityTrails logo

secure.betternet.co Open in urlscan Pro
143.204.215.81  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://secure.betternet.co/
Effective URL: https://secure.betternet.co/
Submission: On March 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 14 domains to perform 57 HTTP transactions. The main IP is 143.204.215.81, located in United States and belongs to AMAZON-02, US. The main domain is secure.betternet.co.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 11th 2023. Valid for: a year.
This is the only time secure.betternet.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 143.204.215.81 16509 (AMAZON-02)
1 23.57.22.19 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2001:4860:480... 15169 (GOOGLE)
2 34.120.103.20 396982 (GOOGLE-CL...)
1 2600:9000:225... 16509 (AMAZON-02)
10 151.101.64.176 54113 (FASTLY)
2 3.161.82.103 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:26e... 16509 (AMAZON-02)
3 2606:4700:11:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 34.66.73.214 396982 (GOOGLE-CL...)
1 44.237.70.166 16509 (AMAZON-02)
3 54.187.159.182 16509 (AMAZON-02)
57 22
5    143.204.215.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-81.fra53.r.cloudfront.net
secure.betternet.co
1    23.57.22.19 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-22-19.deploy.static.akamaitechnologies.com
cdn-3.convertexperiments.com
4    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    34.120.103.20 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 20.103.120.34.bc.googleusercontent.com
cdn.auryc.com
1    2600:9000:2251:7200:18:24b:e840:21 (United States)

ASN16509 (AMAZON-02, US)
d2p1qyxxogka01.cloudfront.net
10    151.101.64.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
m.stripe.network
2    3.161.82.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-103.fra56.r.cloudfront.net
app.betternet.co
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c02::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700::6810:b0d (United States)

ASN13335 (CLOUDFLARENET, US)
diffuser-cdn.app-us1.com
2    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2600:9000:26e8:2e00:18:7807:44c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
order.hotspotshield.com
3    2606:4700:11::6817:8a13 (United States)

ASN13335 (CLOUDFLARENET, US)
www.hotspotshield.com
1    2606:4700::6810:a0d (United States)

ASN13335 (CLOUDFLARENET, US)
prism.app-us1.com
5    34.66.73.214 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 214.73.66.34.bc.googleusercontent.com
client-api.auryc.com
mt.auryc.com
1    44.237.70.166 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-70-166.us-west-2.compute.amazonaws.com
m.stripe.com
3    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
r.stripe.com
Apex Domain
Subdomains		 Transfer
12 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1155
m.stripe.com — Cisco Umbrella Rank: 1134
r.stripe.com — Cisco Umbrella Rank: 2301
486 KB
7 auryc.com
cdn.auryc.com — Cisco Umbrella Rank: 30530
client-api.auryc.com — Cisco Umbrella Rank: 9981
mt.auryc.com — Cisco Umbrella Rank: 14363
192 KB
7 betternet.co
secure.betternet.co
app.betternet.co
389 KB
4 hotspotshield.com
order.hotspotshield.com
www.hotspotshield.com — Cisco Umbrella Rank: 783473
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
region1.google-analytics.com — Cisco Umbrella Rank: 2089
21 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
344 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 375
14 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1243
16 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6744
562 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
562 B
2 app-us1.com
diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 8963
prism.app-us1.com — Cisco Umbrella Rank: 9025
8 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
2 KB
1 cloudfront.net
d2p1qyxxogka01.cloudfront.net
13 KB
1 convertexperiments.com
cdn-3.convertexperiments.com — Cisco Umbrella Rank: 26127
73 KB
57 14
Domain Requested by
8 js.stripe.com secure.betternet.co
js.stripe.com
5 secure.betternet.co secure.betternet.co
4 client-api.auryc.com cdn.auryc.com
4 www.googletagmanager.com secure.betternet.co
www.googletagmanager.com
www.google-analytics.com
3 r.stripe.com js.stripe.com
3 www.hotspotshield.com d2p1qyxxogka01.cloudfront.net
3 bat.bing.com www.googletagmanager.com
bat.bing.com
secure.betternet.co
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.google.de secure.betternet.co
2 www.google.com secure.betternet.co
2 app.betternet.co secure.betternet.co
2 cdn.auryc.com secure.betternet.co
cdn.auryc.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 mt.auryc.com
1 m.stripe.com m.stripe.network
1 prism.app-us1.com diffuser-cdn.app-us1.com
1 order.hotspotshield.com secure.betternet.co
1 diffuser-cdn.app-us1.com secure.betternet.co
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 d2p1qyxxogka01.cloudfront.net secure.betternet.co
1 cdn-3.convertexperiments.com secure.betternet.co
57 23

This site contains no links.

Subject Issuer Validity Valid
secure.betternet.co
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-09		 a year crt.sh
*.convertexperiments.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-09 -
2024-11-09		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-01-21 -
2024-06-27		 5 months crt.sh
cdn.auryc.com
GTS CA 1D4		 2024-01-22 -
2024-04-21		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-07 -
2024-05-09		 3 months crt.sh
app.betternet.co
Amazon RSA 2048 M01		 2023-07-11 -
2024-08-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
diffuser-cdn.app-us1.com
E1		 2024-01-31 -
2024-04-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
order.hotspotshield.com
Amazon RSA 2048 M02		 2023-04-05 -
2024-05-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-16 -
2024-04-15		 a year crt.sh
prism.app-us1.com
E1		 2024-01-20 -
2024-04-19		 3 months crt.sh
*.auryc.com
R3		 2024-01-24 -
2024-04-23		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-26 -
2024-05-23		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2024-02-26 -
2024-05-23		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://secure.betternet.co/
Frame ID: A331565EA0FFA6F8667D78501B9D21EF
Requests: 39 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-84b3483cf4b9ef779ca0ec217fc9000d.html
Frame ID: 5C06BFE47C461FDDFEEB00B195F9D6B9
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 0F73D5245A104CD2FDFA1E75B4324F2B
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 7E32BD370BDD83B3220A273236465C7B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Betternet

Page URL History Show full URLs

  1. http://secure.betternet.co/ HTTP 307
    https://secure.betternet.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

57
Requests

93 %
HTTPS

62 %
IPv6

14
Domains

23
Subdomains

22
IPs

3
Countries

1559 kB
Transfer

6078 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://secure.betternet.co/ HTTP 307
    https://secure.betternet.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
secure.betternet.co/
Redirect Chain
  • http://secure.betternet.co/
  • https://secure.betternet.co/
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-81.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
10c6f994a600851e7d04a8a97bfea3c84af780f735b2798fa9715ac45a852068
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' data: www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.impactradius-event.com https://*.auryc.com https://*.wisepops.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/* https://geoip-js.com/js/apis/geoip2/v2.1/geoip2.js https://bat.bing.com https://*.doubleclick.net https://optimize.google.com https://connect.facebook.net https://s.yimg.com https://sp.analytics.yahoo.com https://card.aurasvc.io https://www.clarity.ms https://*.taboola.com https://www.recaptcha.net https://www.gstatic.com https://analytics.tiktok.com https://*.visualwebsiteoptimizer.com https://*.hotjar.com/ https://*.clarity.ms/ https://diffuser-cdn.app-us1.com/ https://prism.app-us1.com/ https://tags.crwdcntrl.net/ https://js.go2sdk.com https://*.stripe.js https://*.stripe.com https://*.app.betternet.com/ https://cdn-4.convertexperiments.com https://cdn-3.convertexperiments.com https://d2p1qyxxogka01.cloudfront.net; img-src * data:; font-src 'self' https://fonts.gstatic.com data:; worker-src 'self' blob:; report-uri /csp-report
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75552
content-encoding
br
content-security-policy
script-src 'unsafe-eval' 'unsafe-inline' 'self' data: www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.impactradius-event.com https://*.auryc.com https://*.wisepops.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/* https://geoip-js.com/js/apis/geoip2/v2.1/geoip2.js https://bat.bing.com https://*.doubleclick.net https://optimize.google.com https://connect.facebook.net https://s.yimg.com https://sp.analytics.yahoo.com https://card.aurasvc.io https://www.clarity.ms https://*.taboola.com https://www.recaptcha.net https://www.gstatic.com https://analytics.tiktok.com https://*.visualwebsiteoptimizer.com https://*.hotjar.com/ https://*.clarity.ms/ https://diffuser-cdn.app-us1.com/ https://prism.app-us1.com/ https://tags.crwdcntrl.net/ https://js.go2sdk.com https://*.stripe.js https://*.stripe.com https://*.app.betternet.com/ https://cdn-4.convertexperiments.com https://cdn-3.convertexperiments.com https://d2p1qyxxogka01.cloudfront.net; img-src * data:; font-src 'self' https://fonts.gstatic.com data:; worker-src 'self' blob:; report-uri /csp-report
content-type
text/html; charset=utf-8
date
Sat, 02 Mar 2024 08:03:49 GMT
server
CloudFront
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-id
-vmP3H5nT48SMyeV0lBn2leiCrojLic-8OHeKyECmUYqEuCDWi2jOw==
x-amz-cf-pop
FRA53-C1
x-amzn-remapped-content-length
3451
x-amzn-requestid
030eb784-fd63-47a0-b7e0-e4b17af563fd
x-amzn-trace-id
root=1-65e2dd65-4129e63d1fa1ce59749a0506;parent=2639fe73255b0812;sampled=0;lineage=339128db:0
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://secure.betternet.co/
Non-Authoritative-Reason
HSTS
config.js
secure.betternet.co/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.betternet.co/config.js
Requested by
Host: secure.betternet.co
URL: https://secure.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-81.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
1be7b7d53ad743ff79ff8ff1a171387556531c8183dee61c21fbfaf17526cecc
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' data: www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.impactradius-event.com https://*.auryc.com https://*.wisepops.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/* https://geoip-js.com/js/apis/geoip2/v2.1/geoip2.js https://bat.bing.com https://*.doubleclick.net https://optimize.google.com https://connect.facebook.net https://s.yimg.com https://sp.analytics.yahoo.com https://card.aurasvc.io https://www.clarity.ms https://*.taboola.com https://www.recaptcha.net https://www.gstatic.com https://analytics.tiktok.com https://*.visualwebsiteoptimizer.com https://*.hotjar.com/ https://*.clarity.ms/ https://diffuser-cdn.app-us1.com/ https://prism.app-us1.com/ https://tags.crwdcntrl.net/ https://js.go2sdk.com https://*.stripe.js https://*.stripe.com https://*.app.betternet.com/ https://cdn-4.convertexperiments.com https://cdn-3.convertexperiments.com https://d2p1qyxxogka01.cloudfront.net; img-src * data:; font-src 'self' https://fonts.gstatic.com data:; worker-src 'self' blob:; report-uri /csp-report
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 07:47:55 GMT
content-security-policy
script-src 'unsafe-eval' 'unsafe-inline' 'self' data: www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.impactradius-event.com https://*.auryc.com https://*.wisepops.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/* https://geoip-js.com/js/apis/geoip2/v2.1/geoip2.js https://bat.bing.com https://*.doubleclick.net https://optimize.google.com https://connect.facebook.net https://s.yimg.com https://sp.analytics.yahoo.com https://card.aurasvc.io https://www.clarity.ms https://*.taboola.com https://www.recaptcha.net https://www.gstatic.com https://analytics.tiktok.com https://*.visualwebsiteoptimizer.com https://*.hotjar.com/ https://*.clarity.ms/ https://diffuser-cdn.app-us1.com/ https://prism.app-us1.com/ https://tags.crwdcntrl.net/ https://js.go2sdk.com https://*.stripe.js https://*.stripe.com https://*.app.betternet.com/ https://cdn-4.convertexperiments.com https://cdn-3.convertexperiments.com https://d2p1qyxxogka01.cloudfront.net; img-src * data:; font-src 'self' https://fonts.gstatic.com data:; worker-src 'self' blob:; report-uri /csp-report
x-content-type-options
nosniff
x-amzn-remapped-content-length
1283
content-encoding
br
strict-transport-security
max-age=31536000
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amzn-requestid
f78310a3-01b1-49dd-9c40-6ef57475c0a2
age
76506
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
server
CloudFront
x-amzn-trace-id
root=1-65e2d9aa-342f2a442424491400b2477f;parent=6d15def1f1097003;sampled=0;lineage=339128db:0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
Gawz4msRj9hxK1-LtZ5dZZVTYkpRjtrIpsynpix6TSfGj_1iy8-U1A==
10021806-10025026.js
cdn-3.convertexperiments.com/js/ 		243 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-3.convertexperiments.com/js/10021806-10025026.js
Requested by
Host: secure.betternet.co
URL: https://secure.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.22.19 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-22-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
379502255a925ca88c7b396a6a69e8fa9b3cd7dbb552ffd659461b3370c830ec
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:03:01 GMT
content-encoding
gzip
cache-control
public, max-age=300
strict-transport-security
max-age=15768000
x-privacy-policy
You can find our privacy policy at https://www.convert.com/privacy-notice/
vary
Accept-Encoding
content-type
application/javascript
main.3f71f151ed143e617676.css
secure.betternet.co/assets/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.betternet.co/assets/main.3f71f151ed143e617676.css?3f71f151ed143e617676
Requested by
Host: secure.betternet.co
URL: https://secure.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-81.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d85e6956374267377a0946aee2689e97c1d5ae740393a2eb23250479fac6274b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 05:20:43 GMT
content-encoding
br
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 23:18:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
85339
x-amz-server-side-encryption
AES256
etag
W/"b174f3419508041407e69cf5040ef1c9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
86400
x-amz-cf-id
DjM5acgfKaVdnKiREB9IVXoMQlvc1rE-eJKTHpAR3GKL87NZd2WeQw==
main.js
secure.betternet.co/assets/ 		2 MB
359 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.betternet.co/assets/main.js?3f71f151ed143e617676
Requested by
Host: secure.betternet.co
URL: https://secure.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-81.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc8c62f40e365294d96aed4d5b09555988aba0735a0f39751f4d378fb32d2bfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 07:30:43 GMT
content-encoding
br
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 23:18:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
77539
x-amz-server-side-encryption
AES256
etag
W/"9fd94506b352e2f6c68ae74c7e117887"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
86400
x-amz-cf-id
JFyYrL3aM5_mDGLlUW4mEjz7mW--3vSjoHx0CswaKdrDid3UQSf3sg==
gtm.js
www.googletagmanager.com/ 		268 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P8K7326
Requested by
Host: secure.betternet.co
URL: https://secure.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3e66a4ebeabb7fa3db5ec1cc212dbeeb8ffbbc278f4ccdc43ede526d34c1c2db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:03:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96539
x-xss-protection
0
last-modified
Sun, 03 Mar 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 03 Mar 2024 05:03:01 GMT
js
www.googletagmanager.com/gtag/ 		247 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JMCCL3679T&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8K7326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
750d4cbe6db644dea68014ee37843b3c484c66177d0b2c4b2a0de953316dac29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:03:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87733
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 03 Mar 2024 05:03:01 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8K7326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 03 Mar 2024 03:32:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5458
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 03 Mar 2024 05:32:03 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8K7326
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sun, 03 Mar 2024 05:03:00 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C48D469D354B47E1B3F13E8C3A814A96 Ref B: FRAEDGE2007 Ref C: 2024-03-03T05:03:01Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
destination
www.googletagmanager.com/gtag/ 		209 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-10788504824&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8K7326
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5bc4f4627330aab1402a2b05c64e97d18582887093617fbfb9fc6c89f772d0f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:03:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77671
x-xss-protection
0
last-modified
Sun, 03 Mar 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 03 Mar 2024 05:03:01 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JMCCL3679T&gtm=45je42t1v9122616035z877084124za220&_p=1709442181582&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1484711403.1709442182&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1709442181&sct=1&seg=0&dl=https%3A%2F%2Fsecure.betternet.co%2F&dt=Betternet&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=321
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JMCCL3679T&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Mar 2024 05:03:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.betternet.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.js
cdn.auryc.com/4495-Betternet-Production-/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auryc.com/4495-Betternet-Production-/container.js
Requested by
Host: secure.betternet.co
URL: https://secure.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.103.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.103.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b8fb4cc9db340b97c06a145400f1afb39bacac2b2e20702beb6eb80d2d386290

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:03:01 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpmSkFUD5LfCz-Xw0NZdSHUMiNlEgbhWRaLLW_VTpm2PoCXrh8rsxAi4z9m-EAC3SKemkkXnnECNA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4646
last-modified
Mon, 06 Mar 2023 17:00:27 GMT
server
UploadServer
etag
"3f4b168f715b60e42ea3c1e80ea429bd"
vary
Accept-Encoding
x-goog-generation
1678122027297663
content-type
application/javascript
x-goog-hash
crc32c=lQ1tHw==, md5=P0sWj3FbYOQuo8HoDqQpvQ==
cache-control
public,max-age=3600
x-goog-stored-content-length
4646
accept-ranges
bytes
expires
Sun, 03 Mar 2024 06:03:01 GMT
spa.gpr.min.js
d2p1qyxxogka01.cloudfront.net/js/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2p1qyxxogka01.cloudfront.net/js/spa.gpr.min.js
Requested by
Host: secure.betternet.co
URL: https://secure.betternet.co/assets/main.js?3f71f151ed143e617676
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:7200:18:24b:e840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ce35508fc3a0f776c9c093072d1a2c2e45e1669cd5737728953c6f88bf9687
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:03:01 GMT
via
hotspotshield-d7b4dd88c-5672j, 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
content-encoding
gzip
x-amz-cf-pop
FRA60-P3
age
1609157
x-cache
Miss from cloudfront
last-modified
Tue, 13 Feb 2024 12:41:46 GMT
server
cloudflare
etag
W/"65cb638a-ace5"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
cf-ray
85e713e51e013a97-FRA
x-amz-cf-id
qYUlDKjwn7reSFchKLueMaJFPjDoOuEAUHvYt2b7_ucI-_8NrF2cjA==
expires
Sun, 03 Mar 2024 08:03:01 GMT
v3
js.stripe.com/ 		602 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: secure.betternet.co
URL: https://secure.betternet.co/assets/main.js?3f71f151ed143e617676
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b46819f3527d5c0b193a616ef38bb89cc69ca583c1d2b5e97556d6293a783738
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 03 Mar 2024 05:03:01 GMT
via
1.1 varnish
age
46
x-cache
HIT
content-length
170786
x-request-id
a691612b-9472-4560-ae7a-8f366e64e607
x-served-by
cache-fra-eddf8230127-FRA
last-modified
Fri, 01 Mar 2024 23:17:23 GMT
server
Fastly
etag
"bc70d4f82ce42990bafe0b44cd268008"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
list
app.betternet.co/vendorPlan/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.betternet.co/vendorPlan/list?vendorPlanGroupId=5a4b77d2-b0c5-49b4-ab6d-8aa1a0cb4ca3&country=US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-103.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-auth-token
Access-Control-Request-Method
GET
Origin
https://secure.betternet.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-length
919
content-type
text/html
date
Sun, 03 Mar 2024 05:03:01 GMT
server
CloudFront
via
1.1 8c2a58b44ec0f49caee32696bddc8526.cloudfront.net (CloudFront)
x-amz-cf-id
1xdB_sny_s3Ae0ZpBHjBVcPq22dA63GEZlRgSZcDIH-eFRm5zLZZOw==
x-amz-cf-pop
FRA56-P10
x-cache
Error from cloudfront
list
app.betternet.co/vendorPlan/ 		0
0
list
app.betternet.co/vendorPlan/ 		0
0
list
app.betternet.co/vendorPlan/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.betternet.co/vendorPlan/list?vendorPlanGroupId=5a4b77d2-b0c5-49b4-ab6d-8aa1a0cb4ca3&country=US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-103.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-auth-token
Access-Control-Request-Method
GET
Origin
https://secure.betternet.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-length
919
content-type
text/html
date
Sun, 03 Mar 2024 05:03:01 GMT
server
CloudFront
via
1.1 8c2a58b44ec0f49caee32696bddc8526.cloudfront.net (CloudFront)
x-amz-cf-id
in4IttfZgb6pnT9jOSAIVeyGSvhgPm7LBqaGzCjxG7c1X092xuzHJg==
x-amz-cf-pop
FRA56-P10
x-cache
Error from cloudfront
collect
www.google-analytics.com/j/ 		16 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=769612678&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.betternet.co%2Forder&ul=en-us&de=UTF-8&dt=Betternet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1207420074&gjid=1963085629&cid=1484711403.1709442182&tid=UA-57049247-6&_gid=823161172.1709442182&_r=1&_slc=1&gtm=45He42t1n81P8K7326v77084124za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=1615516485
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9fc9d78a7945ff912e7bd31c52d8ef7e0ea81bc860092b0c284757fb1eda9f89
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.betternet.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Mar 2024 05:03:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.betternet.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
gordita-regular.woff2
secure.betternet.co/assets/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.betternet.co/assets/gordita-regular.woff2
Requested by
Host: secure.betternet.co
URL: https://secure.betternet.co/assets/main.3f71f151ed143e617676.css?3f71f151ed143e617676
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-81.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a47379c55a11da03b7dd35882819e06fe90808c995500b0f6fd3965bf42bf111

Request headers

Referer
https://secure.betternet.co/assets/main.3f71f151ed143e617676.css?3f71f151ed143e617676
Origin
https://secure.betternet.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 14:18:33 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 23:18:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
53171
x-amz-server-side-encryption
AES256
etag
"b00700d101b8c1d35addcc506f1faa7e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/woff2
cache-control
86400
accept-ranges
bytes
content-length
17396
x-amz-cf-id
13YW6poBdk6_Wf1WRYX1x3ulIWZCTTm61hmIdfAyJJ8ZAbW8nGB2Kw==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10788504824/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10788504824/?random=1709442181891&cv=11&fst=1709442181891&bg=ffffff&guid=ON&async=1&gtm=45be42t1v893586000z877084124za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.betternet.co%2Forder&hn=www.googleadservices.com&frm=0&tiba=Betternet&npa=0&pscdl=noapi&auid=959409191.1709442182&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10788504824&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
771edf577b15cdcf0bbe0eb02c28b7ef331ae95eb716863e454480fcdf7502c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Mar 2024 05:03:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1269
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
52013112.js
bat.bing.com/p/action/ 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/52013112.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Sun, 03 Mar 2024 05:03:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4C97139074BD495C9103B7FA097A15E5 Ref B: FRAEDGE2007 Ref C: 2024-03-03T05:03:01Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=52013112&tm=gtm002&Ver=2&mid=9cb2d46d-6804-45d6-84b0-c31488ea1ea9&sid=4faa37c0d91b11ee8bfcc329d9caa8b4&vid=4faa4380d91b11ee97012f25fe4169a4&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Betternet&p=https%3A%2F%2Fsecure.betternet.co%2Forder&r=&lt=408&evt=pageLoad&sv=1&rn=6251
Requested by
Host: secure.betternet.co
URL: https://secure.betternet.co/order
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 03 Mar 2024 05:03:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CFBA0E591D4D422AA4E3B53179E23134 Ref B: FRAEDGE2007 Ref C: 2024-03-03T05:03:01Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-57049247-6&cid=1484711403.1709442182&jid=1207420074&gjid=1963085629&_gid=823161172.1709442182&_u=YADAAEAAAAAAACAAI~&z=325932099
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.betternet.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 03 Mar 2024 05:03:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.betternet.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		251 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JMCCL3679T&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c6bd4beb5c2d1fa1175408b1931f9f5380b06b1f6a83a1bc0219439cc1b67f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:03:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89521
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 03 Mar 2024 05:03:01 GMT
diffuser.js
diffuser-cdn.app-us1.com/diffuser/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by
Host: secure.betternet.co
URL: https://secure.betternet.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:b0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:03:01 GMT
content-encoding
gzip
via
1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
cf-cache-status
HIT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P2
age
5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 04 Apr 2023 18:58:37 GMT
server
cloudflare
etag
W/"613257bb316d347d9417023321c6d62f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
cf-ray
85e713e528853668-FRA
x-amz-cf-id
yuFz28GZLL1fkt0MkLR9Whe0YbB6EIO4xaYxRzXEhOJbFOr1_D_GVw==
controller-84b3483cf4b9ef779ca0ec217fc9000d.html
js.stripe.com/v3/ Frame 5C06 		297 B
746 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-84b3483cf4b9ef779ca0ec217fc9000d.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
6dd24cae2a98eee3350c6e6c582c8daf11dcadb0478fa7928c89ba44d583e03e
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.betternet.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
58
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
181
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 03 Mar 2024 05:03:01 GMT
etag
"84b3483cf4b9ef779ca0ec217fc9000d"
last-modified
Fri, 01 Mar 2024 22:43:17 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
6
x-content-type-options
nosniff
x-request-id
812cab67-5ba5-4145-926e-141b289e988e
x-served-by
cache-fra-eddf8230127-FRA
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-57049247-6&cid=1484711403.1709442182&jid=1207420074&_u=YADAAEAAAAAAACAAI~&z=331297515
Requested by
Host: secure.betternet.co
URL: https://secure.betternet.co/order
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Mar 2024 05:03:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-57049247-6&cid=1484711403.1709442182&jid=1207420074&_u=YADAAEAAAAAAACAAI~&z=331297515
Requested by
Host: secure.betternet.co
URL: https://secure.betternet.co/order
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Mar 2024 05:03:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10788504824/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10788504824/?random=1709442181891&cv=11&fst=1709442000000&bg=ffffff&guid=ON&async=1&gtm=45be42t1v893586000z877084124za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.betternet.co%2Forder&frm=0&tiba=Betternet&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqKa4CBKbhC_my-kU5VU9x8A89YaaRDg&random=3430831328&rmt_tld=0&ipr=y
Requested by
Host: secure.betternet.co
URL: https://secure.betternet.co/order
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Mar 2024 05:03:02 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10788504824/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10788504824/?random=1709442181891&cv=11&fst=1709442000000&bg=ffffff&guid=ON&async=1&gtm=45be42t1v893586000z877084124za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.betternet.co%2Forder&frm=0&tiba=Betternet&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqKa4CBKbhC_my-kU5VU9x8A89YaaRDg&random=3430831328&rmt_tld=1&ipr=y
Requested by
Host: secure.betternet.co
URL: https://secure.betternet.co/order
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Mar 2024 05:03:02 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
set-cookies
order.hotspotshield.com/gdpr/agreement/ 		43 B
900 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://order.hotspotshield.com/gdpr/agreement/set-cookies?af_params[0][name]=hprchs_vstr_hsh&af_params[0][value]=ext4fb5e850-d91b-11ee-b9d5-0b9b903f6af4
Requested by
Host: secure.betternet.co
URL: https://secure.betternet.co/order
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:2e00:18:7807:44c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY, ALLOW-FROM https://hsselite.zendesk.com/

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:03:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b61ff825a3ca0ff851caf7741034ca52.cloudfront.net (CloudFront)
afs
fc3f7383251fd4b5e4e78557f3d04a56
server
nginx
x-amz-cf-pop
FRA56-P10
x-frame-options
DENY, ALLOW-FROM https://hsselite.zendesk.com/
content-security-policy-report-only
default-src https:; connect-src https: wss:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri https://www.hsselite.com/csp-report
content-type
image/gif
access-control-allow-origin
*
x-cache
Miss from cloudfront
p3p
CP="Dummy p3p policy"
cache-control
no-cache, private
access-control-allow-credentials
true
x-amz-cf-id
lJAKWz8NZp7L-VHvfFbTgZZK7gJcHBYFWG5V5temybEdPeY4Dv5T4A==
gpr
www.hotspotshield.com/ 		0
406 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.hotspotshield.com/gpr?data=
Requested by
Host: d2p1qyxxogka01.cloudfront.net
URL: https://d2p1qyxxogka01.cloudfront.net/js/spa.gpr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8a13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://secure.betternet.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 03 Mar 2024 05:03:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
access-control-request-method
*
server
cloudflare
x-amz-cf-pop
FRA60-P1
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST
x-cache
Miss from cloudfront
access-control-allow-origin
*
cf-ray
85e713e599cc1e6a-FRA
access-control-allow-headers
origin, x-csrftoken, content-type, accept
content-length
0
x-amz-cf-id
oZ5lJNTU3FW7rEXhS0uiKO2x6pyN_IGrAl6LB73BjEMD-yU-AWBYdQ==
gpr
www.hotspotshield.com/ 		0
136 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.hotspotshield.com/gpr?data=
Requested by
Host: d2p1qyxxogka01.cloudfront.net
URL: https://d2p1qyxxogka01.cloudfront.net/js/spa.gpr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8a13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://secure.betternet.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 03 Mar 2024 05:03:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
access-control-request-method
*
server
cloudflare
x-amz-cf-pop
FRA60-P1
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST
x-cache
Miss from cloudfront
access-control-allow-origin
*
cf-ray
85e713e599ce1e6a-FRA
access-control-allow-headers
origin, x-csrftoken, content-type, accept
content-length
0
x-amz-cf-id
63cPwdA-aaL5d84t-pZjV2vN2olzGu3vjglf5cKYsrbJG8XEkLpwgw==
/
prism.app-us1.com/ 		0
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prism.app-us1.com/?a=800646021&u=https%3A%2F%2Fsecure.betternet.co%2Forder
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.25
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:03:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/8.1.25
content-type
application/javascript
cache-control
no-cache, private
x-envoy-upstream-service-time
77
cf-ray
85e713e58edf3723-FRA
content-length
0
shared-d793f7fb0d144b2da164852a09f413d1.js
js.stripe.com/v3/fingerprinted/js/ Frame 5C06 		537 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-84b3483cf4b9ef779ca0ec217fc9000d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
1a449ff11fea90b34626d8f7939a194e7f1d5a66f73b17726f9f976dbcf097f3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-84b3483cf4b9ef779ca0ec217fc9000d.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 03 Mar 2024 05:03:01 GMT
via
1.1 varnish
age
109031
x-cache
HIT
content-length
133396
x-request-id
d89ac850-de2c-4d2c-a228-7d461c936a4c
x-served-by
cache-fra-eddf8230127-FRA
last-modified
Fri, 01 Mar 2024 22:43:31 GMT
server
Fastly
etag
"9e80652734c7eb23b9efc47ca6f589ae"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1563
controller-ced2780f0727aafd9a863251afeca18b.js
js.stripe.com/v3/fingerprinted/js/ Frame 5C06 		699 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-ced2780f0727aafd9a863251afeca18b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-84b3483cf4b9ef779ca0ec217fc9000d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
24491ab052d65e1f6edc81f421983075a99cb6e97887a4d8db8f7a0a81d90f94
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-84b3483cf4b9ef779ca0ec217fc9000d.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 03 Mar 2024 05:03:01 GMT
via
1.1 varnish
age
109032
x-cache
HIT
content-length
187618
x-request-id
33d998a8-6f73-43b7-9d51-b9c0bee1c4b5
x-served-by
cache-fra-eddf8230127-FRA
last-modified
Fri, 01 Mar 2024 22:43:29 GMT
server
Fastly
etag
"a1d0142d2705b5d7ac9284ccd93cf651"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1455
.deploy_status_henson.json
js.stripe.com/v3/ Frame 5C06 		474 B
610 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ac67ee275b08720e7ba9585cc37aa260c368de10d988540e6b44e48e0ef872d0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-84b3483cf4b9ef779ca0ec217fc9000d.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 03 Mar 2024 05:03:02 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
32
x-cache
HIT
content-length
296
x-request-id
f9047d45-0180-4816-a808-7fc226952765
x-served-by
cache-fra-eddf8230139-FRA
last-modified
Fri, 01 Mar 2024 23:20:33 GMT
server
Fastly
etag
"9b37718291a109364a3a81ff03daf5ad"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
5
.deploy_status_henson.json
js.stripe.com/v3/ Frame 5C06 		474 B
370 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ac67ee275b08720e7ba9585cc37aa260c368de10d988540e6b44e48e0ef872d0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-84b3483cf4b9ef779ca0ec217fc9000d.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 03 Mar 2024 05:03:02 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
32
x-cache
HIT
content-length
296
x-request-id
4d8ef915-c988-4aad-8860-402733a849ab
x-served-by
cache-fra-eddf8230139-FRA
last-modified
Fri, 01 Mar 2024 23:20:33 GMT
server
Fastly
etag
"9b37718291a109364a3a81ff03daf5ad"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6
releasesettings
client-api.auryc.com/ 		2 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-api.auryc.com/releasesettings?lib=Web
Requested by
Host: cdn.auryc.com
URL: https://cdn.auryc.com/4495-Betternet-Production-/container.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.73.66.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

x-authorized-identity
4495-Betternet-Production-
Referer
https://secure.betternet.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
x-authorized-token
b0b70c8796ac64e476db7ac27f0db53

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 03 Mar 2024 05:03:01 GMT
server
istio-envoy
vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://secure.betternet.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
x-xss-protection
1; mode=block
expires
0
releasesettings
client-api.auryc.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-api.auryc.com/releasesettings?lib=Web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.73.66.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-authorized-identity,x-authorized-token
Access-Control-Request-Method
GET
Origin
https://secure.betternet.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-authorized-identity, x-authorized-token
access-control-allow-methods
OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://secure.betternet.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Sun, 03 Mar 2024 05:03:01 GMT
expires
0
pragma
no-cache
server
istio-envoy
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
x-frame-options
DENY
x-xss-protection
1; mode=block
auryc.lib.js
cdn.auryc.com/libs/latest/ 		695 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auryc.com/libs/latest/auryc.lib.js
Requested by
Host: cdn.auryc.com
URL: https://cdn.auryc.com/4495-Betternet-Production-/container.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.103.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.103.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7453f365efcae51a65348be81f1fa623448c5df91843e1d242915c3dbd202064

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.betternet.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:02:06 GMT
content-encoding
gzip
age
56
x-guploader-uploadid
ABPtcPr9hdizKD3J_UcyQyJldk_nbjzVDrvjbpQEyVwOgb5TYNSBVvjgUpeD27_EqgI41nLSQs8SXaUy_g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190057
last-modified
Tue, 13 Feb 2024 17:59:25 GMT
server
UploadServer
etag
"b85cbe17cab1c3d3eb4f535358d825bb"
x-goog-generation
1707847164972295
x-goog-hash
crc32c=2MkXMA==, md5=uFy+F8qxw9PrT1NTWNgluw==
content-type
application/javascript
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
190057
accept-ranges
bytes
expires
Sun, 03 Mar 2024 06:02:06 GMT
siteconfig
client-api.auryc.com/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-api.auryc.com/siteconfig?lib=web
Requested by
Host: cdn.auryc.com
URL: https://cdn.auryc.com/libs/latest/auryc.lib.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.73.66.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
7889697d74e86d95dccd3135e93bab68989c2a5c630ee664b679937882ca4c0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

x-authorized-identity
4495-Betternet-Production-
Referer
https://secure.betternet.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
x-authorized-token
b0b70c8796ac64e476db7ac27f0db53
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 03 Mar 2024 05:03:01 GMT
server
istio-envoy
vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://secure.betternet.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
expires
0
siteconfig
client-api.auryc.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-api.auryc.com/siteconfig?lib=web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.73.66.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-authorized-identity,x-authorized-token
Access-Control-Request-Method
GET
Origin
https://secure.betternet.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type, x-authorized-identity, x-authorized-token
access-control-allow-methods
OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://secure.betternet.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Sun, 03 Mar 2024 05:03:02 GMT
expires
0
pragma
no-cache
server
istio-envoy
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
x-frame-options
DENY
x-xss-protection
1; mode=block
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 0F73 		200 B
957 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.betternet.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2865902
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 03 Mar 2024 05:03:02 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
264819
x-content-type-options
nosniff
x-request-id
b4283391-d6cd-4d9e-9533-a6524de43917
x-served-by
cache-fra-eddf8230127-FRA
gpr
www.hotspotshield.com/ 		0
136 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.hotspotshield.com/gpr?data=
Requested by
Host: d2p1qyxxogka01.cloudfront.net
URL: https://d2p1qyxxogka01.cloudfront.net/js/spa.gpr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8a13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://secure.betternet.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 03 Mar 2024 05:03:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
access-control-request-method
*
server
cloudflare
x-amz-cf-pop
FRA60-P1
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST
x-cache
Miss from cloudfront
access-control-allow-origin
*
cf-ray
85e713e9ab881e6a-FRA
access-control-allow-headers
origin, x-csrftoken, content-type, accept
content-length
0
x-amz-cf-id
GX8iV_Ym_NihrDpf9rF9boWvgdaTbCIZfa18zpzz7FoSGaTgnoeGzg==
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 0F73 		526 B
473 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 03 Mar 2024 05:03:02 GMT
via
1.1 varnish
age
2853812
x-cache
HIT
content-length
315
x-request-id
349783ed-9a1d-4752-8408-3d1fa8d95ee3
x-served-by
cache-fra-eddf8230127-FRA
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Fastly
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
253186
inner.html
m.stripe.network/ Frame 7E32 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
181
cache-control
max-age=300, public
content-encoding
br
content-length
540
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 03 Mar 2024 05:03:02 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
42
x-content-type-options
nosniff
x-request-id
41cab673-a94d-4d8c-86a5-de69277687d6
x-served-by
cache-fra-eddf8230127-FRA
x-timer
S1709442183.696203,VS0,VE0
out-4.5.43.js
m.stripe.network/ Frame 7E32 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Sun, 03 Mar 2024 05:03:02 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
65
x-cache
HIT
content-length
15509
x-request-id
d2d12476-d318-465e-9915-4c5353d3e186
x-served-by
cache-fra-eddf8230127-FRA
server
Fastly
x-timer
S1709442183.707431,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
15
6
m.stripe.com/ Frame 7E32 		156 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.70.166 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-70-166.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
bc76b1387b2124ad8155b5898b9b54f672d028b47d772ef7ccd39929863ccb16
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Sun, 03 Mar 2024 05:03:03 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1709442183211377
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1709442183211078
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JMCCL3679T&gtm=45je42t1v9122616035z877084124za220&_p=1709442181582&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1484711403.1709442182&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAI&sid=1709442181&sct=1&seg=0&dl=https%3A%2F%2Fsecure.betternet.co%2Forder&dt=Betternet&_s=2&tfd=1398
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JMCCL3679T&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.betternet.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 03 Mar 2024 05:03:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.betternet.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
528a955b-4eb1-493f-998a-b5ee75f1c078
https://secure.betternet.co/ 		67 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://secure.betternet.co/528a955b-4eb1-493f-998a-b5ee75f1c078
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af2090527babea2e20eba22eaae877ed8725189e5cb319807042e7f65c56f354

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length
67
Content-Type
application/javascript
4729c52d-467f-4987-a495-d4cfffa5aa96
https://secure.betternet.co/ 		67 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://secure.betternet.co/4729c52d-467f-4987-a495-d4cfffa5aa96
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af2090527babea2e20eba22eaae877ed8725189e5cb319807042e7f65c56f354

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length
67
Content-Type
application/javascript
b
r.stripe.com/ Frame 5C06 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sun, 03 Mar 2024 05:03:03 GMT
x-stripe-server-envoy-start-time-us
1709442183519195
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1709442183518969
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 5C06 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sun, 03 Mar 2024 05:03:03 GMT
x-stripe-server-envoy-start-time-us
1709442183519324
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1709442183518939
access-control-allow-credentials
true
content-length
0
event
mt.auryc.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mt.auryc.com/v1/event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.73.66.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-authorized-identity
Access-Control-Request-Method
POST
Origin
https://secure.betternet.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers
Origin,Content-Length,Content-Type,Authorization,X-Authorized-Identity,X-Authorized-Token,X-Message-Type,Payload-Type,Dnt
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin
*
access-control-max-age
43200
date
Sun, 03 Mar 2024 05:03:03 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
b
r.stripe.com/ Frame 5C06 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sun, 03 Mar 2024 05:03:04 GMT
x-stripe-server-envoy-start-time-us
1709442184386872
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1709442184386653
access-control-allow-credentials
true
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
app.betternet.co
URL
https://app.betternet.co/vendorPlan/list?vendorPlanGroupId=5a4b77d2-b0c5-49b4-ab6d-8aa1a0cb4ca3&country=US
Domain
app.betternet.co
URL
https://app.betternet.co/vendorPlan/list?vendorPlanGroupId=5a4b77d2-b0c5-49b4-ab6d-8aa1a0cb4ca3&country=US

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer function| gtag object| ENV object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| convert_temp object| loglyjson object| convertData undefined| $ undefined| jQuery object| matched function| REED_$ object| REED object| convert object| _conv_q object| aurycReadyCb object| auryc object| aurycEventPropertiesCb function| setImmediate function| clearImmediate object| regeneratorRuntime object| gaplugins object| gaData function| UET function| UET_init function| UET_push object| GooglebQhCsO object| ueto_397d5f641a object| uetq string| visitorGlobalObjectAlias function| vgo object| webpackChunkStripeJSouter function| noop function| Stripe string| prismGlobalObjectAlias object| visitorGlobalObject function| AntiblockTest function| ToolSet function| SwitchBtnUpdater function| GetStartedBtnUpdater function| DownloadBtnUpdater function| EliteBtnUpdater function| AFCookie function| CrossdomainController function| AFRequestGetParams function| AFIrParams function| AFIrInitializer function| AFUserAgent function| AFUtms function| AFgclid function| ReferralProgram function| AFUtmInitializer function| SeoAttribution function| AFVisitorHash function| AFVisitorHashInitializer function| AFHasOffersInitializer function| gaTrack function| reportTracking function| PagePerformance object| config object| AFGPR object| ErrorLogger object| AFHSSTracker function| uuidv1 boolean| aurycInit number| aurycLoadedTime object| aurycJsLibConfig function| launchAurycEventMarker object| aurycBehaviorAPI object| aurycRecordAPI object| aurycFeedbackAPI

18 Cookies

Domain/Path Name / Value
.betternet.co/ Name: _gcl_au
Value: 1.1.959409191.1709442182
.betternet.co/ Name: _ga
Value: GA1.2.1484711403.1709442182
.betternet.co/ Name: _gid
Value: GA1.2.823161172.1709442182
.betternet.co/ Name: _gat_UA-57049247-6
Value: 1
.betternet.co/ Name: _uetsid
Value: 4faa37c0d91b11ee8bfcc329d9caa8b4
.betternet.co/ Name: _uetvid
Value: 4faa4380d91b11ee97012f25fe4169a4
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.betternet.co/ Name: hprchs_vstr_hsh
Value: ext4fb5e850-d91b-11ee-b9d5-0b9b903f6af4
.betternet.co/ Name: af_pl
Value: 3
.betternet.co/ Name: af_br
Value: 1
.bing.com/ Name: MUID
Value: 2151A4311B2467491430B0061AF666A2
prism.app-us1.com/ Name: prism_800646021
Value: 05a6b7d3-5dc2-45c0-ba16-72076b4b2636
.betternet.co/ Name: _ga_JMCCL3679T
Value: GS1.1.1709442181.1.1.1709442182.0.0.0
.betternet.co/ Name: userty.core.p.c7667e
Value: __2VySWQiOiIzNjAyNTZjZDJjOGZlZWM0MzNlOGM0ZDg3NGRmZjI4NiJ9eyJ1c
.betternet.co/ Name: userty.core.s.c7667e
Value: __SI6MTcwOTQ0Mzk4Mjg4Nywic2lkIjoiM2Y5M2E5MDE3OTI4MDg5YzZjM2E2MGVhMjEzYTgwNTkiLCJzdCI6MTcwOTQ0MjE4Mjg4NywicHYiOjEsInJlYWR5Ijp0cnVlLCJ3cyI6IntcIndcIjoxNjAwLFwiaFwiOjEyMDB9In0=eyJzZ
m.stripe.com/ Name: m
Value: d1ad95f1-8635-41da-b1df-dac732b955b48957cd
.secure.betternet.co/ Name: __stripe_mid
Value: a0b0693d-4256-44c9-8828-8391f32aa6ac655873
.secure.betternet.co/ Name: __stripe_sid
Value: 51bd84bf-3cdb-48d0-8406-0697875c467746d0a5

8 Console Messages

Source Level URL
Text
javascript error URL: https://secure.betternet.co/order
Message:
Access to XMLHttpRequest at 'https://app.betternet.co/vendorPlan/list?vendorPlanGroupId=5a4b77d2-b0c5-49b4-ab6d-8aa1a0cb4ca3&country=US' from origin 'https://secure.betternet.co' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://app.betternet.co/vendorPlan/list?vendorPlanGroupId=5a4b77d2-b0c5-49b4-ab6d-8aa1a0cb4ca3&country=US
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://secure.betternet.co/order
Message:
Access to XMLHttpRequest at 'https://app.betternet.co/vendorPlan/list?vendorPlanGroupId=5a4b77d2-b0c5-49b4-ab6d-8aa1a0cb4ca3&country=US' from origin 'https://secure.betternet.co' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://app.betternet.co/vendorPlan/list?vendorPlanGroupId=5a4b77d2-b0c5-49b4-ab6d-8aa1a0cb4ca3&country=US
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://secure.betternet.co/order
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.betternet.co/order
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.betternet.co/order
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.betternet.co/order
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' data: www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.impactradius-event.com https://*.auryc.com https://*.wisepops.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/* https://geoip-js.com/js/apis/geoip2/v2.1/geoip2.js https://bat.bing.com https://*.doubleclick.net https://optimize.google.com https://connect.facebook.net https://s.yimg.com https://sp.analytics.yahoo.com https://card.aurasvc.io https://www.clarity.ms https://*.taboola.com https://www.recaptcha.net https://www.gstatic.com https://analytics.tiktok.com https://*.visualwebsiteoptimizer.com https://*.hotjar.com/ https://*.clarity.ms/ https://diffuser-cdn.app-us1.com/ https://prism.app-us1.com/ https://tags.crwdcntrl.net/ https://js.go2sdk.com https://*.stripe.js https://*.stripe.com https://*.app.betternet.com/ https://cdn-4.convertexperiments.com https://cdn-3.convertexperiments.com https://d2p1qyxxogka01.cloudfront.net; img-src * data:; font-src 'self' https://fonts.gstatic.com data:; worker-src 'self' blob:; report-uri /csp-report
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.betternet.co
bat.bing.com
cdn-3.convertexperiments.com
cdn.auryc.com
client-api.auryc.com
d2p1qyxxogka01.cloudfront.net
diffuser-cdn.app-us1.com
googleads.g.doubleclick.net
js.stripe.com
m.stripe.com
m.stripe.network
mt.auryc.com
order.hotspotshield.com
prism.app-us1.com
r.stripe.com
region1.google-analytics.com
secure.betternet.co
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.hotspotshield.com
app.betternet.co
143.204.215.81
151.101.64.176
2001:4860:4802:34::36
23.57.22.19
2600:9000:2251:7200:18:24b:e840:21
2600:9000:26e8:2e00:18:7807:44c0:93a1
2606:4700:11::6817:8a13
2606:4700::6810:a0d
2606:4700::6810:b0d
2620:1ec:c11::200
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:829::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:400c:c02::9b
3.161.82.103
34.120.103.20
34.66.73.214
44.237.70.166
54.187.159.182
10c6f994a600851e7d04a8a97bfea3c84af780f735b2798fa9715ac45a852068
1a449ff11fea90b34626d8f7939a194e7f1d5a66f73b17726f9f976dbcf097f3
1be7b7d53ad743ff79ff8ff1a171387556531c8183dee61c21fbfaf17526cecc
24491ab052d65e1f6edc81f421983075a99cb6e97887a4d8db8f7a0a81d90f94
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
379502255a925ca88c7b396a6a69e8fa9b3cd7dbb552ffd659461b3370c830ec
3e66a4ebeabb7fa3db5ec1cc212dbeeb8ffbbc278f4ccdc43ede526d34c1c2db
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5bc4f4627330aab1402a2b05c64e97d18582887093617fbfb9fc6c89f772d0f6
6dd24cae2a98eee3350c6e6c582c8daf11dcadb0478fa7928c89ba44d583e03e
7453f365efcae51a65348be81f1fa623448c5df91843e1d242915c3dbd202064
750d4cbe6db644dea68014ee37843b3c484c66177d0b2c4b2a0de953316dac29
771edf577b15cdcf0bbe0eb02c28b7ef331ae95eb716863e454480fcdf7502c7
7889697d74e86d95dccd3135e93bab68989c2a5c630ee664b679937882ca4c0c
79ce35508fc3a0f776c9c093072d1a2c2e45e1669cd5737728953c6f88bf9687
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9fc9d78a7945ff912e7bd31c52d8ef7e0ea81bc860092b0c284757fb1eda9f89
a47379c55a11da03b7dd35882819e06fe90808c995500b0f6fd3965bf42bf111
ac67ee275b08720e7ba9585cc37aa260c368de10d988540e6b44e48e0ef872d0
af2090527babea2e20eba22eaae877ed8725189e5cb319807042e7f65c56f354
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b46819f3527d5c0b193a616ef38bb89cc69ca583c1d2b5e97556d6293a783738
b8fb4cc9db340b97c06a145400f1afb39bacac2b2e20702beb6eb80d2d386290
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bc76b1387b2124ad8155b5898b9b54f672d028b47d772ef7ccd39929863ccb16
c6bd4beb5c2d1fa1175408b1931f9f5380b06b1f6a83a1bc0219439cc1b67f1e
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
cc8c62f40e365294d96aed4d5b09555988aba0735a0f39751f4d378fb32d2bfc
d85e6956374267377a0946aee2689e97c1d5ae740393a2eb23250479fac6274b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629