better.com Open in urlscan Pro
13.225.80.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.better.com/
Effective URL:
https://better.com/
Submission: On January 17 via api (January 17th 2021, 11:45:38 pm UTC) from TW

Summary HTTP 132 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 17 domains to perform 132 HTTP transactions. The main IP is 13.225.80.68, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is better.com.
TLS certificate: Issued by Amazon on July 20th 2020. Valid for: a year.

This is the only time better.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	65.9.58.93 65.9.58.93	16509 (AMAZON-02) (AMAZON-02)
92	13.225.80.68 13.225.80.68	16509 (AMAZON-02) (AMAZON-02)
9	65.9.58.64 65.9.58.64	16509 (AMAZON-02) (AMAZON-02)
1	143.204.99.83 143.204.99.83	16509 (AMAZON-02) (AMAZON-02)
1	54.70.9.247 54.70.9.247	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
1	13.225.80.7 13.225.80.7	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:baa9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b140:28d8:9783:2a08:4b54	14618 (AMAZON-AES) (AMAZON-AES)
1	34.199.213.67 34.199.213.67	14618 (AMAZON-AES) (AMAZON-AES)
1	3.229.228.113 3.229.228.113	14618 (AMAZON-AES) (AMAZON-AES)
132	23

1 65.9.58.93 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.better.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

92 13.225.80.68 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-68.fra2.r.cloudfront.net

better.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 65.9.58.64 (Seattle, United States)

ASN16509 (AMAZON-02, US)

media.better.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.99.83 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-99-83.fra50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.70.9.247 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-70-9-247.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.112.186 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.80.7 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-7.fra2.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:baa9 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b140:28d8:9783:2a08:4b54 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.213.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-213-67.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.228.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-228-113.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
102	better.com 1 redirects www.better.com better.com media.better.com	1 MB
4	google-analytics.com www.google-analytics.com	20 KB
4	fullstory.com edge.fullstory.com rs.fullstory.com	63 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	liadm.com 1 redirects b-code.liadm.com rp.liadm.com rp4.liadm.com	11 KB
3	facebook.net connect.facebook.net	37 KB
2	google.de www.google.de	1 KB
2	google.com www.google.com	1 KB
2	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
2	googletagmanager.com www.googletagmanager.com	77 KB
2	heapanalytics.com cdn.heapanalytics.com heapanalytics.com	41 KB
2	bing.com bat.bing.com	9 KB
1	facebook.com www.facebook.com	297 B
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	13 KB
1	segment.io api.segment.io	138 B
1	segment.com cdn.segment.com	84 KB
132	17

	Domain	Requested by
92	better.com	better.com
9	media.better.com	better.com
4	www.google-analytics.com	cdn.segment.com www.google-analytics.com
3	rs.fullstory.com	edge.fullstory.com
3	connect.facebook.net	cdn.segment.com connect.facebook.net
2	px.ads.linkedin.com	1 redirects
2	www.google.de
2	www.google.com
2	www.googletagmanager.com	cdn.segment.com
2	bat.bing.com	cdn.segment.com
1	heapanalytics.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.linkedin.com	1 redirects
1	www.facebook.com
1	b-code.liadm.com	www.googletagmanager.com
1	snap.licdn.com	better.com
1	www.googleadservices.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.heapanalytics.com	cdn.segment.com
1	edge.fullstory.com	cdn.segment.com
1	api.segment.io	cdn.segment.com
1	cdn.segment.com	better.com
1	www.better.com	1 redirects
132	25

This site contains links to these domains. Also see Links.

Domain
welcome.better.com
www.goldmansachs.com
www.citi.com
www.kpcb.com
www.americanexpress.com
www.ally.com
www.pinebrookpartners.com
www.activantcapital.com
twitter.com
www.facebook.com
www.instagram.com
www.linkedin.com
www.nmlsconsumeraccess.org

Subject Issuer	Validity	Valid
better.com Amazon	`2020-07-20` - `2021-08-20`	a year	crt.sh
*.better.com Amazon	`2020-07-14` - `2021-08-14`	a year	crt.sh
*.segment.com DigiCert SHA2 Secure Server CA	`2020-06-12` - `2021-07-27`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2020-10-27` - `2021-04-27`	6 months	crt.sh
edge.fullstory.com GTS CA 1D2	`2020-12-26` - `2021-03-26`	3 months	crt.sh
cdn.heapanalytics.com Amazon	`2020-09-24` - `2021-10-26`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
b-code.liadm.com DigiCert Secure Site ECC CA-1	`2020-06-23` - `2021-09-22`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
*.fullstory.com Let's Encrypt Authority X3	`2020-11-29` - `2021-02-27`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.liadm.com Amazon	`2020-01-17` - `2021-02-17`	a year	crt.sh
heapanalytics.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://better.com/
Frame ID: 4E46D4C1645FFC6FF3C4AC3B84972BB0
Requests: 136 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.better.com/ HTTP 301
https://better.com/ Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

132
Requests

100 %
HTTPS

56 %
IPv6

17
Domains

25
Subdomains

23
IPs

5
Countries

1661 kB
Transfer

5949 kB
Size

2
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://welcome.better.com/agents/
Title: For agents

Search URL Search Domain Scan URL

URL: http://www.goldmansachs.com/

Search URL Search Domain Scan URL

URL: http://www.citi.com/

Search URL Search Domain Scan URL

URL: http://www.kpcb.com/

Search URL Search Domain Scan URL

URL: http://www.americanexpress.com/

Search URL Search Domain Scan URL

URL: http://www.ally.com/

Search URL Search Domain Scan URL

URL: http://www.pinebrookpartners.com/

Search URL Search Domain Scan URL

URL: https://www.activantcapital.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/betterdotcom

Search URL Search Domain Scan URL

URL: https://www.facebook.com/betterdotcom/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/betterdotcom/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/betterdotcom/

Search URL Search Domain Scan URL

URL: https://welcome.better.com/covid-19/
Title: COVID-19 Response

Search URL Search Domain Scan URL

URL: http://www.nmlsconsumeraccess.org/EntityDetails.aspx/COMPANY/330511
Title: NMLS Consumer Access

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.better.com/ HTTP 301
https://better.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 126

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=285097&time=1610927122771&url=https%3A%2F%2Fbetter.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D285097%26time%3D1610927122771%26url%3Dhttps%253A%252F%252Fbetter.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=285097&time=1610927122771&url=https%3A%2F%2Fbetter.com%2F&liSync=true

Request Chain 131

https://rp.liadm.com/j?tna=v2.0.0&aid=a-02i4&wpn=lc-bundle&pu=https%3A%2F%2Fbetter.com%2F&ext_ajs_user_id=null&duid=1d5e8c2a202d--01ew9btaefx2d1dsfdhjn3qa9x&se=e30&dtstmp=1610927123010 HTTP 302
https://rp4.liadm.com/j?tna=v2.0.0&aid=a-02i4&wpn=lc-bundle&pu=https%3A%2F%2Fbetter.com%2F&ext_ajs_user_id=null&duid=1d5e8c2a202d--01ew9btaefx2d1dsfdhjn3qa9x&se=e30&dtstmp=1610927123010&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

132 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
better.com/
Redirect Chain

https://www.better.com/
https://better.com/

74 KB
18 KB

485ms
378ms

Document
text/html

13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront / Next.js

Resource Hash

a3e9c0c7dc58b8317d44b62714f88fcb7ed78c5f37fe8d25c0a91372ff681772

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

:method: GET
:authority: better.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: CloudFront
cache-control: no-cache
content-encoding: gzip
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
date: Sun, 17 Jan 2021 23:45:21 GMT
etag: "126ed-Jp2QY7lGzLaR6as0HvG7P775bM0"
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
frame-options: sameorigin
referrer-policy: no-referrer-when-downgrade
set-cookie: ajs_anonymous_id=%22f4db7476-be16-4a29-a475-f85e23635441%22; path=/; samesite=lax; secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff always
x-frame-options: sameorigin
x-powered-by: Next.js
x-xss-protection: 1
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: YSAyGmsXMuk6TMV4oYayE0wkqI-eXd6G0RksBoIaI_HQY9QiM0Ab2Q==

Redirect headers

content-length: 0
location: https://better.com/
server: CloudFront
date: Sun, 17 Jan 2021 23:45:20 GMT
x-cache: Miss from cloudfront
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Sbe4ArKrkmUgeOczddEmWFER69OK58aKClCZ2FlEf5_ypyBo1xL8xQ==

GET
H2 200 63c8b5cf01fe33d09ae0.css
better.com/_next/static/css/ 170 KB
27 KB 78ms
74ms Stylesheet
text/css 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/css/63c8b5cf01fe33d09ae0.css

Requested by

Host: better.com
URL: https://better.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

440f177383f4f5a258f0be48b14d11a1af90ca2e1e604cd55f35512fd2d9f2dd

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 35681
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 13:50:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"2a7c4-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: jGaJV139tkJyvcPsCEA0hPFQ9bPwtYKHBt5BmE-kCH4DS2j9i1TfWg==

GET
H2 200 80798bdd9283be4ca3d8.css
better.com/_next/static/css/ 35 KB
7 KB 59ms
55ms Stylesheet
text/css 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/css/80798bdd9283be4ca3d8.css

Requested by

Host: better.com
URL: https://better.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

a8e8481ac489e2efd193d1bf0f0748b9e4bff357ec5b5c3aff87cdfd4b354821

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 41964
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 12:05:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"8d79-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: aOFGYmb16pVOAavPTwbeyhiUCvzXO5alavryIxgPnQXOzGCvFwyFSQ==

GET
H2 200 main-6db6f0a7f23be51516f5.js Show response
better.com/_next/static/chunks/ 14 KB
7 KB 51ms
48ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/main-6db6f0a7f23be51516f5.js

Requested by

Host: better.com
URL: https://better.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

bcf06810029ad6d4cfaa8cfc46e1f58acc12b5bd8053066bf1763b182f278884

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 39465
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:47:36 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"394d-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: GHlKM_ag7ui87n5UzbY_Z7NHWUXWueTHLx4fwH9kcFVJ7vajecSTSQ==
x-content-type-options: nosniff always

GET
H2 200 webpack-b430b282b2d70e9c42cb.js Show response
better.com/_next/static/chunks/ 3 KB
3 KB 134ms
130ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/webpack-b430b282b2d70e9c42cb.js

Requested by

Host: better.com
URL: https://better.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

b2b0314d4c5134841ed400accc59b002d736ca30e840f84c5f7f339b06e10f93

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 43318
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 1629
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 11:43:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"d2f-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 4mLdIW_SrBnsvirrKz59ds06Q5se6RXUteqAVj6fpaJ0iJARKWBXPg==

GET
H2 200 framework.0a8ee368eb8825ce2b89.js Show response
better.com/_next/static/chunks/ 127 KB
41 KB 126ms
123ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/framework.0a8ee368eb8825ce2b89.js

Requested by

Host: better.com
URL: https://better.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e75df0e37b99a88e7ba7cc5947512e18a0a0ed58c96d71d0661c770731427e83

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 35681
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 13:50:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"1fb80-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 02iUv5Tt2viMy7ucIVOeogISMklm65Pi322OsZBkIXc83v6nwnSmQw==

GET
H2 200 c78d26b1.575f5c73b5bc91cd9688.js Show response
better.com/_next/static/chunks/ 70 KB
25 KB 138ms
134ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/c78d26b1.575f5c73b5bc91cd9688.js

Requested by

Host: better.com
URL: https://better.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

ac41ffb47fa919d77629b8d2f685d961f9a223d8e200973696c57d49ef8c65f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 35681
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 13:50:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"117a2-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: Qm8qhn1o8hn6MQUXCcloHYs1c0zVSSfWtpD7m_gdW8i7qsjTj-97YQ==

GET
H2 200 f4604786.26d254f925f1b16047cb.js Show response
better.com/_next/static/chunks/ 443 KB
125 KB 137ms
134ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/f4604786.26d254f925f1b16047cb.js

Requested by

Host: better.com
URL: https://better.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

98c42ff682581af7bfa0e7965ddbb74b7fa7e4cc067c52b846ac31cc0ffd24cd

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 35681
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 13:50:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"6edef-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: txm_BnGrr17_WfGFnlAU3b3YlvjI6vdK2ABuhgPoNqndvp5mw71cBg==

GET
H2 200 commons.8fae62fef323a4ea0ed4.js Show response
better.com/_next/static/chunks/ 370 KB
101 KB 95ms
93ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/commons.8fae62fef323a4ea0ed4.js

Requested by

Host: better.com
URL: https://better.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

6e791b8c704fac985101b83f467de2c11a8aa73d3459bed40be1c4bf940afdad

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 35681
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 13:50:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"5c994-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: tyCYVt4UqxzJiFjuMlSwrras-tos-yfZTjbq6laOpepzJRdtMriTKQ==

GET
H2 200 e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js Show response
better.com/_next/static/chunks/ 23 KB
9 KB 132ms
130ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Requested by

Host: better.com
URL: https://better.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

8d1ed9fb9153d5cfa80ae1d9c03249c2e2d0d7e763ce671196c8e063ac0aa729

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 73084
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 03:27:17 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"5a36-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: A-KEi0wixvsW-zQXl8qKRAMwAoRp9lXauGH-ouPoMrezByblPygcqg==
x-content-type-options: nosniff always

GET
H2 200 _app-4adf971e6813cd696a49.js Show response
better.com/_next/static/chunks/pages/ 11 KB
5 KB 134ms
131ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/_app-4adf971e6813cd696a49.js

Requested by

Host: better.com
URL: https://better.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

adc7b3fbeaa4d163f092f6ef4dba6ad9b0bde42455a93a040178d099d6f48bee

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 67772
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 04:55:49 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"2a2f-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: QChrTZhJU8-0S_sIxEtbbxPeFX_tBliis8hrUaa1hnl14hyIB9_90Q==
x-content-type-options: nosniff always

GET
H2 200 f9356b289db1ff0e710b35abe93756dbe20be327.621623112fa03432f333.js Show response
better.com/_next/static/chunks/ 19 KB
8 KB 153ms
150ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/f9356b289db1ff0e710b35abe93756dbe20be327.621623112fa03432f333.js

Requested by

Host: better.com
URL: https://better.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

5f492c3c4681d7f9fbd5d8307c09fadfc2fbf453e05af0fb38cd32aefeaeff2f

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 39465
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:47:36 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"4c2a-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: blY7D1cGd9dAqQ_UGrv3LuTaLtA_WuwaOIHiapmBlUCxg7DmADtNRw==
x-content-type-options: nosniff always

GET
H2 200 a13a82985a12ae3eb05b8a29717da227490082b2.56db578706330116ecc9.js Show response
better.com/_next/static/chunks/ 17 KB
6 KB 154ms
151ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/a13a82985a12ae3eb05b8a29717da227490082b2.56db578706330116ecc9.js

Requested by

Host: better.com
URL: https://better.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

260f3050baa92141e5c38a1a90c6c78ed3ac6c5524462145e54482269d2ea042

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 9380
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 21:09:01 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"42c9-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: Hq32PFR1GSSWOeOVtEiSApNY9W7P5-q9AXbqSIrxmwdAcCU-u1YT3g==
x-content-type-options: nosniff always

GET
H2 200 fa9386fc24e0c8954ee6cf1c3b698a4cbe648e4c.6733159713ba77f66380.js Show response
better.com/_next/static/chunks/ 119 KB
41 KB 155ms
153ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/fa9386fc24e0c8954ee6cf1c3b698a4cbe648e4c.6733159713ba77f66380.js

Requested by

Host: better.com
URL: https://better.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

2b7bd1e8b387bdea068e1c4454aa6f3ba112372c16f30f3eee16482d600020ec

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 73084
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 03:27:17 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"1dc04-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 9_k7qh4RWzQ0iX76Od7GBuHWbHyts8dxKBGczBsCU8zZqNOSOeMrWQ==
x-content-type-options: nosniff always

GET
H2 200 42a2e8238c1084562d588e418bb6eca6f619d75e.d95c5bb5ce29b5a77dcb.js Show response
better.com/_next/static/chunks/ 12 KB
5 KB 153ms
151ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/42a2e8238c1084562d588e418bb6eca6f619d75e.d95c5bb5ce29b5a77dcb.js

Requested by

Host: better.com
URL: https://better.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

aaee1a745804a35c1ff3daab2e636c8cf61f25b4a8c120fcadeb1c3cc32e37b9

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 39577
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:45:44 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"2edd-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: H1PnLUfpNHizWOKEuKIKC84yEIFO4gGNiLmrc3tF0P_N2thQuG4QnA==
x-content-type-options: nosniff always

GET
H2 200 index-9d2ce8e1cd8bf4cedaad.js Show response
better.com/_next/static/chunks/pages/ 58 KB
19 KB 155ms
154ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/index-9d2ce8e1cd8bf4cedaad.js

Requested by

Host: better.com
URL: https://better.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

369c2ee39feda225678a830df29247a43f86414a3069774bf8c907044c7bf831

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 39577
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:45:44 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"e639-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: Jl4IEaUbBhTx-375xJfySH_bEQ6b5DZPX7xyPlCTBktmWpaEb226cw==
x-content-type-options: nosniff always

GET
H2 200 _buildManifest.js Show response
better.com/_next/static/QD7lC6Ii59902XYDoagVD/ 13 KB
5 KB 102ms
101ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/QD7lC6Ii59902XYDoagVD/_buildManifest.js

Requested by

Host: better.com
URL: https://better.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

4bdd948e03881b1b48af2e588db9450ced069406d201ee2b7f4ca7f49c1450ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 35681
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 13:50:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"33f1-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: X_6Ly3iaLv1Gfrau1clJ7L9e4-lnTKikl4Gw_VHJKvm-gArkv7HQ_g==

GET
H2 200 _ssgManifest.js Show response
better.com/_next/static/QD7lC6Ii59902XYDoagVD/ 91 B
1 KB 101ms
101ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/QD7lC6Ii59902XYDoagVD/_ssgManifest.js

Requested by

Host: better.com
URL: https://better.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

852f934477d955c9885abe8f602b4fd8ab821d1221a3742907130a3677895203

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-content-type-options: nosniff always
frame-options: sameorigin
age: 34026
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 91
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:29 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 14:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"5b-176fde4a5c8"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: djC5yljO2kbiG9Bqnx8WvIrTq2eW1oTDenWJ2sh-tI0gvgKNP0AGMw==

GET
H2 200 Graphik-Medium-Web.woff2
media.better.com/fonts/graphik/ 33 KB
33 KB 184ms
64ms Font
binary/octet-stream 65.9.58.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.better.com/fonts/graphik/Graphik-Medium-Web.woff2
Requested by: Host: better.com
URL: https://better.com/_next/static/css/63c8b5cf01fe33d09ae0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d7d0a5fedec86bae65a7b290aebee01090574a142ecbd9944653315e957481f

Request headers

Origin: https://better.com
Referer: https://better.com/_next/static/css/63c8b5cf01fe33d09ae0.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 18:28:51 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
vary: Origin
age: 191790
x-cache: Hit from cloudfront
content-length: 33401
last-modified: Fri, 15 Jan 2021 18:24:02 GMT
server: AmazonS3
etag: "6c39df52df42af614c9f39853811b281"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: rMQKigwBSOndYtsgCQ.n7bxRJ8O_.qh0
access-control-allow-origin: *
cache-control: max-age=15552000,public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: jtEXrY2CXE_g_mUygO_kcDNH3RxjmZKsMb3tCGT5ad6Kg8DfDCOKEw==

GET
H2 200 Graphik-Regular-Web.woff2
media.better.com/fonts/graphik/ 30 KB
30 KB 184ms
64ms Font
binary/octet-stream 65.9.58.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.better.com/fonts/graphik/Graphik-Regular-Web.woff2
Requested by: Host: better.com
URL: https://better.com/_next/static/css/63c8b5cf01fe33d09ae0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b52d4ca08cf2f3d8e511ee2e0fe49fce7ab3de7f93f7ad632dcbe86dd81a501

Request headers

Origin: https://better.com
Referer: https://better.com/_next/static/css/63c8b5cf01fe33d09ae0.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 18:28:51 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
vary: Origin
age: 191790
x-cache: Hit from cloudfront
content-length: 30241
last-modified: Fri, 15 Jan 2021 18:24:02 GMT
server: AmazonS3
etag: "d465c7a8ff0c52b9d0f5a70475e428cd"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: zRVE7eBanjEeLTj4rphS1rZX6ZJDTKd7
access-control-allow-origin: *
cache-control: max-age=15552000,public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: dPSJ7F-lVPm33rTKvmiAnD_OdsNVdorwYPs21WGhl6UX9GcwgJDwzQ==

GET
H2 200 Graphik-Semibold-Web.woff2
media.better.com/fonts/graphik/ 46 KB
47 KB 184ms
65ms Font
binary/octet-stream 65.9.58.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.better.com/fonts/graphik/Graphik-Semibold-Web.woff2
Requested by: Host: better.com
URL: https://better.com/_next/static/css/63c8b5cf01fe33d09ae0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45f97d01fbcba7faa78003368617968425fec993336cbe46e6533abb773b02d4

Request headers

Origin: https://better.com
Referer: https://better.com/_next/static/css/63c8b5cf01fe33d09ae0.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 18:28:51 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
vary: Origin
age: 191790
x-cache: Hit from cloudfront
content-length: 47313
last-modified: Fri, 15 Jan 2021 18:24:02 GMT
server: AmazonS3
etag: "b810e0b79fa2e9673a558fef851edf31"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: OoY9ce5BIe6amP0ncSOWdIwuJzqnVkFM
access-control-allow-origin: *
cache-control: max-age=15552000,public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: KYaEpdSKQ1ADmK8aXrsP4929Exmi9VyIg7sHZeACF7WBxrJOxWSUuA==

GET
H2 200 Graphik-Bold-Web.woff2
media.better.com/fonts/graphik/ 33 KB
34 KB 184ms
64ms Font
binary/octet-stream 65.9.58.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.better.com/fonts/graphik/Graphik-Bold-Web.woff2
Requested by: Host: better.com
URL: https://better.com/_next/static/css/63c8b5cf01fe33d09ae0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 546ad1c6f8924f5863939ed6d414ff3983c1cd97937a85a59fb9bcb19a7dcf08

Request headers

Origin: https://better.com
Referer: https://better.com/_next/static/css/63c8b5cf01fe33d09ae0.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 18:28:51 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
vary: Origin
age: 191790
x-cache: Hit from cloudfront
content-length: 34061
last-modified: Fri, 15 Jan 2021 18:24:02 GMT
server: AmazonS3
etag: "a18a912495d70582312e8ed4646758f4"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 3Ym7uweuYNjMjEIAPCggbAVOW9i.TEpl
access-control-allow-origin: *
cache-control: max-age=15552000,public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: Labo_UgcHTGVZii-vsSBMOSOU6-vEeuj9J7c_iGJSfxH-OssRasXMQ==

GET
H2 200 d5ecc0d7e88cd9c3767a.css
better.com/_next/static/css/ 16 KB
4 KB 47ms
46ms Stylesheet
text/css 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/css/d5ecc0d7e88cd9c3767a.css

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/webpack-b430b282b2d70e9c42cb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

d5cd20bf02c1fddb9fb1ea1db11b277192cc0f0887d62809a042d7d6c3030513

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 38828
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:58:13 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"3e99-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: mouRhGV1Gpko0Bl1Ct8j74_pxae86y8v_ANh3kCPaxYc25rLAsSdyg==
x-content-type-options: nosniff always

GET
H2 200 91.fd8ebb6737e09e1634b0.js Show response
better.com/_next/static/chunks/ 109 KB
75 KB 46ms
46ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/91.fd8ebb6737e09e1634b0.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/webpack-b430b282b2d70e9c42cb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

12964e5b93045697353c3ea60bce52d8c6061ec118bd6d053c5f5a89ae03a986

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 27016
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 16:15:04 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"1b34b-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: lZAEUzpEC7HMzsDzXGiguGk1ytQGH-RAV0QLeXcJiZs_Zgf9_KqiIw==
x-content-type-options: nosniff always

GET
H2 200 93.501e45ec558e5c544afd.js Show response
better.com/_next/static/chunks/ 14 KB
7 KB 46ms
46ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/93.501e45ec558e5c544afd.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/webpack-b430b282b2d70e9c42cb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

72dff9c4b9f9d5128f16067316c7e88b40edbf4be9f152f915969abb5c10d333

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 1763
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 23:18:38 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"3862-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: -DBZczVQSrDoePnFTm383b224VcUdpnQF3xi2TE_t5qXj-5mGSHVxw==
x-content-type-options: nosniff always

GET
H2 200 phone-poster.png
media.better.com/pages/homepage/ 11 KB
11 KB 188ms
64ms Image
image/png 65.9.58.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.better.com/pages/homepage/phone-poster.png
Requested by: Host: better.com
URL: https://better.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 316e7fd78870e135359f682f56be56bcb8b913191a7ce82d3d89091f7cc6028f

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 18:27:01 GMT
via: 1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jan 2021 18:23:59 GMT
server: AmazonS3
age: 191901
etag: "075a5794a1a28f8b3d11026da3231975"
x-cache: Hit from cloudfront
x-amz-version-id: womVg85Ckmf77JKrL4r8hHJV85TRpMcl
cache-control: max-age=15552000,public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 10973
x-amz-cf-id: CWC0O70NMOrXhZa_7hhUc6NrC2ashznAlMc1QMawGustbvrcohCoBg==

GET
H2 206 phone-wordless-logo-20200826.mp4
media.better.com/pages/homepage/ 34 KB
0 196ms
89ms Media
video/mp4 65.9.58.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.better.com/pages/homepage/phone-wordless-logo-20200826.mp4
Requested by: Host: better.com
URL: https://better.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://better.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 15 Jan 2021 18:27:03 GMT
via: 1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jan 2021 18:23:59 GMT
server: AmazonS3
age: 191899
etag: "a9bbea089b3b8cc0982980c88b2dd675"
x-cache: Hit from cloudfront
x-amz-version-id: fWIuePxqGM88rexvBlNl4IeNMxuFqMFj
Content-Range: bytes 0-1799257/1799258
cache-control: max-age=15552000,public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: video/mp4
Content-Length: 1799258
x-amz-cf-id: KnMkYGmPcbnjWaHmguZNkzySIAkFBmUjS6SdJ5BDENd_eh5IIgX2-g==

GET
H2 206 phone-wordless-logo-20200826.mp4
media.better.com/pages/homepage/ 0
0 170ms
64ms Media
video/mp4 65.9.58.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.better.com/pages/homepage/phone-wordless-logo-20200826.mp4
Requested by: Host: better.com
URL: https://better.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://better.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 15 Jan 2021 18:27:03 GMT
via: 1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jan 2021 18:23:59 GMT
server: AmazonS3
age: 191899
etag: "a9bbea089b3b8cc0982980c88b2dd675"
x-cache: Hit from cloudfront
x-amz-version-id: fWIuePxqGM88rexvBlNl4IeNMxuFqMFj
Content-Range: bytes 0-1799257/1799258
cache-control: max-age=15552000,public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: video/mp4
Content-Length: 1799258
x-amz-cf-id: x9kcXedaPPovN5L6gTQqhtFKuYJmcQGfGc7Y3-LWNfw8mxoc9DB0wQ==

GET
H2 200 f9356b289db1ff0e710b35abe93756dbe20be327.621623112fa03432f333.js
better.com/_next/static/chunks/ 0
8 KB 55ms
50ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/f9356b289db1ff0e710b35abe93756dbe20be327.621623112fa03432f333.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 39465
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:47:36 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"4c2a-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: _rYpFaOukA2Q7Gae-iogL8PPAJm7fT1oN3QfQmAOUe6wfkkwVog8og==
x-content-type-options: nosniff always

GET
H2 200 a13a82985a12ae3eb05b8a29717da227490082b2.56db578706330116ecc9.js
better.com/_next/static/chunks/ 0
6 KB 53ms
48ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/a13a82985a12ae3eb05b8a29717da227490082b2.56db578706330116ecc9.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 9380
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 21:09:01 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"42c9-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: wC6vNV1FoS2qVuxliwLNYJF39lHXGG41TwSqaGKpUHw1S-Qw0a3LNw==
x-content-type-options: nosniff always

GET
H2 200 fa9386fc24e0c8954ee6cf1c3b698a4cbe648e4c.6733159713ba77f66380.js
better.com/_next/static/chunks/ 0
41 KB 55ms
50ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/fa9386fc24e0c8954ee6cf1c3b698a4cbe648e4c.6733159713ba77f66380.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 73084
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 03:27:17 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"1dc04-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: KezBJIh6cAljsamVgcUpb1QhYtVP6uksGZz0c2fZSPXFwttT-n7F-g==
x-content-type-options: nosniff always

GET
H2 200 42a2e8238c1084562d588e418bb6eca6f619d75e.d95c5bb5ce29b5a77dcb.js
better.com/_next/static/chunks/ 0
5 KB 60ms
55ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/42a2e8238c1084562d588e418bb6eca6f619d75e.d95c5bb5ce29b5a77dcb.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 39577
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:45:44 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"2edd-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: nEiNajxVKqqsaico-FK_7eqPG5MhszbzygPGGI5W78wZWyvvQ9Ia9g==
x-content-type-options: nosniff always

GET
H2 200 index-9d2ce8e1cd8bf4cedaad.js
better.com/_next/static/chunks/pages/ 0
19 KB 57ms
52ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/index-9d2ce8e1cd8bf4cedaad.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 39577
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:45:44 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"e639-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: _0DcYcS_vJ9E1I3M7pfU3qJeckkHjbo_-TUdSGw5kBC6PjdKtrH0NQ==
x-content-type-options: nosniff always

GET
H2 200 27206f115e6bc76c246d464c71841e2eb354f9bd_CSS.b6240012ec0b1f686af6.js
better.com/_next/static/chunks/ 0
2 KB 50ms
46ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/27206f115e6bc76c246d464c71841e2eb354f9bd_CSS.b6240012ec0b1f686af6.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-content-type-options: nosniff always
frame-options: sameorigin
age: 27462
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 164
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 16:07:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"a4-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: RjQeoR2rPQBBkoauO4BdeXylYQXB6RnZE-mgREVacqEDX_HEoswKrw==

GET
H2 200 722281df825d5b711d4f3b42a296d08a15669576.42196a40e5f263376941.js
better.com/_next/static/chunks/ 0
5 KB 51ms
46ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/722281df825d5b711d4f3b42a296d08a15669576.42196a40e5f263376941.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 74332
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 03:06:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"3ded-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: uJ5NZQ8P6JKHMld4Ei57LU5q78gAZeIwFs9IxCFOoE678MEqsVv61Q==

GET
H2 200 mortgage-dd7004cc4666038210fd.js
better.com/_next/static/chunks/pages/ 0
4 KB 59ms
54ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/mortgage-dd7004cc4666038210fd.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 24579
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 16:55:42 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"1b31-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: Y_dLAJK4mmtK6H6PGhTaYwTCv-wwWQjCdkS1RauWoqtizANpozOqsw==
x-content-type-options: nosniff always

GET
H2 200 realestate-9c40c2078e99df9238f0.js
better.com/_next/static/chunks/pages/ 0
4 KB 53ms
49ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/realestate-9c40c2078e99df9238f0.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 14056
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 19:51:05 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"2079-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: Af0zzD83SGWihbNYt5QPQ0h46KJWidYzv3LGOag4V50ps-E_ZTJZfg==
x-content-type-options: nosniff always

GET
H2 200 title-74a4550bc161bc82a7fc.js
better.com/_next/static/chunks/pages/ 0
5 KB 52ms
48ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/title-74a4550bc161bc82a7fc.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 24579
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 16:55:42 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"2ab1-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 9M5zSelqeBRMF_t2iRyzuIf-xQRtA4_0Djpje9E7huEGwEDCSwsi0g==
x-content-type-options: nosniff always

GET
H2 200 hoi-7ca74ebc87071aca1051.js
better.com/_next/static/chunks/pages/ 0
5 KB 80ms
75ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/hoi-7ca74ebc87071aca1051.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 42250
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:01:11 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"2d99-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: aoQv1w7kp77ci0iritTIjsFcwiFn69r5ukb-DnkHDif5pZoxDgs9Vg==
x-content-type-options: nosniff always

GET
H2 200 5c8dd9eb5e2c4861fd58572cf679b109d666dfcd.7e37901088eba0022f6b.js
better.com/_next/static/chunks/ 0
9 KB 77ms
72ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/5c8dd9eb5e2c4861fd58572cf679b109d666dfcd.7e37901088eba0022f6b.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 20020
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 18:11:41 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"5934-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: PCdGd21kNhvMny1QT6e3Ni2Su_gbdQTqElJ9fTYiAKpolDuigJFDsw==
x-content-type-options: nosniff always

GET
H2 200 5c8dd9eb5e2c4861fd58572cf679b109d666dfcd_CSS.2a5729bf9a12607575a3.js
better.com/_next/static/chunks/ 0
2 KB 76ms
71ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/5c8dd9eb5e2c4861fd58572cf679b109d666dfcd_CSS.2a5729bf9a12607575a3.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
vary: Accept-Encoding
frame-options: sameorigin
age: 42250
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:01:11 GMT
content-length: 164
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"a4-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: q9KpCk3_ia86TPwXw-qinmGIxmTQKZ21L6aF5FOLCWJ5qLR0BCiCOQ==
x-content-type-options: nosniff always

GET
H2 200 about-us-6b240d808288ec904282.js
better.com/_next/static/chunks/pages/ 0
20 KB 80ms
75ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/about-us-6b240d808288ec904282.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 42250
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:01:11 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"c8d9-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: WQyCBSdr7XHe47X6NkQJ2MHhAU-RDbF-5oVYtjB4tGQymDejCasIag==
x-content-type-options: nosniff always

GET
H2 200 reviews-fb024266442885e04cf9.js
better.com/_next/static/chunks/pages/about-us/ 0
22 KB 79ms
74ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/about-us/reviews-fb024266442885e04cf9.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 42250
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:01:11 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"10e3d-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: hUFXN5GlkglbF_VOUdo9GTDneGL2HDpm8Qdb2wJuwLsCUcXQEMvNKg==
x-content-type-options: nosniff always

GET
H2 200 media-d5efdd68c59a101f203d.js
better.com/_next/static/chunks/pages/about-us/ 0
13 KB 89ms
85ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/about-us/media-d5efdd68c59a101f203d.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 14446
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 19:44:35 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"aa96-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: lDudzCNl7Vz2rMx-wyygH0yJ-o7uZ5GYn0cTeq0xK7XztdRX5-tT_w==
x-content-type-options: nosniff always

GET
H2 200 careers-b745c6b334f2d20fcde8.js
better.com/_next/static/chunks/pages/about-us/ 0
8 KB 81ms
77ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/about-us/careers-b745c6b334f2d20fcde8.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 42250
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:01:11 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"5e39-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: rDNWIgbLagEQ7SHfQShA1Gu-6YYMC5Ohl2-fzHGDqt4V3jYJS_iq3g==
x-content-type-options: nosniff always

GET
H2 200 contact-us-44bd03bf76a0c10ced81.js
better.com/_next/static/chunks/pages/about-us/ 0
3 KB 81ms
77ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/about-us/contact-us-44bd03bf76a0c10ced81.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 42250
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:01:11 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"1da1-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: idIKA4BYSUKfmFIGr8OqXmDU-k0hCBglR9-2cZ4O0Ll0oNWT-vpW_A==
x-content-type-options: nosniff always

GET
H2 200 fcca23026da91fbda6ec200ab8527dc8c4c9e621_CSS.f0cc3b1c3624314c8a68.js
better.com/_next/static/chunks/ 0
2 KB 77ms
73ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/fcca23026da91fbda6ec200ab8527dc8c4c9e621_CSS.f0cc3b1c3624314c8a68.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
vary: Accept-Encoding
frame-options: sameorigin
age: 28116
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 15:56:45 GMT
content-length: 163
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"a3-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: -kbbkEvJtfrKXvCZOmzjWw_7hmSlky_UeonmuDbSSZVIbxgY54vYcw==
x-content-type-options: nosniff always

GET
H2 200 89c2147cbc2635e41a5cb7e85c66e50658fa0300.74ddf3751110686d5f42.js
better.com/_next/static/chunks/ 0
5 KB 87ms
84ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/89c2147cbc2635e41a5cb7e85c66e50658fa0300.74ddf3751110686d5f42.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 8428
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 21:24:53 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"2c79-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: ncDfw55NiXKW36e-DX3Qy3ipFJ-54Jazp6bB_gr5-x9T-RfdhEr4tQ==
x-content-type-options: nosniff always

GET
H2 200 0c0008a9c900ec564562a0c47202d51214081117.51df03c6b0f545180d77.js
better.com/_next/static/chunks/ 0
38 KB 82ms
78ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/0c0008a9c900ec564562a0c47202d51214081117.51df03c6b0f545180d77.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 27462
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 16:07:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"1b749-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: c6xlasdq4oUQe1ul7UUl6pNzMwyOx3kFVsfqCzvjgfrSwUMmAPh6SA==

GET
H2 200 3bb98672962d5872d255b1ce777e176b15b52802.fedc3894b60dde533950.js
better.com/_next/static/chunks/ 0
5 KB 87ms
83ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/3bb98672962d5872d255b1ce777e176b15b52802.fedc3894b60dde533950.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 14907
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 19:36:54 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"36ee-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: AN52AS_TmxIa4qu3jQ6SsHj3Ar3L0NR7RW15bTzxQ3q2pNbCi-fseg==
x-content-type-options: nosniff always

GET
H2 200 a0897ac911791c7e068f3e891893f25942b5a522.0f95f3c1550c8079e3a9.js
better.com/_next/static/chunks/ 0
7 KB 83ms
80ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/a0897ac911791c7e068f3e891893f25942b5a522.0f95f3c1550c8079e3a9.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 74332
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 03:06:29 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"42cf-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: qhJypPRO2o7F7E4PrAYKfCC4HW6N5ocX7EY7nzFw93JB1bxe7lsLig==
x-content-type-options: nosniff always

GET
H2 200 169631170806afb2ca714617869eed9015963e68.f4275456efda3eb50608.js
better.com/_next/static/chunks/ 0
4 KB 84ms
81ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/169631170806afb2ca714617869eed9015963e68.f4275456efda3eb50608.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 28116
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 15:56:45 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"1d9c-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: hv3ecC8rQINcZWPbN5mH4IvZ85IzEW3TmcmuHtr-E5PY1JLGhXYK9A==
x-content-type-options: nosniff always

GET
H2 200 content-602837fa993e7301283d.js
better.com/_next/static/chunks/pages/ 0
5 KB 83ms
80ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/content-602837fa993e7301283d.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 27462
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 16:07:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"2d78-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: ha4zVtmrgNIQAD61-UHnA7S7diRu_NYvepB61oq6Q9QYHiy_U2pLlw==

GET
H2 200 350ee17cd53e6a71e2f72a40dc0f7d4ba577dcf8_CSS.b5d1b3768e2f6619da36.js
better.com/_next/static/chunks/ 0
2 KB 84ms
81ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/350ee17cd53e6a71e2f72a40dc0f7d4ba577dcf8_CSS.b5d1b3768e2f6619da36.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
vary: Accept-Encoding
frame-options: sameorigin
age: 14060
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 19:51:01 GMT
content-length: 164
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"a4-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: Ud_L3T7xijAk9KZ5nU9yrvPmwDlj1aFKKwtImse_5U9pU3BU8yFadA==
x-content-type-options: nosniff always

GET
H2 200 glossary-d3e4c566523e08144259.js
better.com/_next/static/chunks/pages/ 0
6 KB 89ms
86ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/glossary-d3e4c566523e08144259.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 27462
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 16:07:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"366f-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: tgkhGhW5kcuCm1GoqCaU9hJLz2exfPhTRWe9TUc0Bxqs5nR6ws4L2A==

GET
H2 200 faq.json Show response
better.com/_next/data/QD7lC6Ii59902XYDoagVD/ 129 KB
32 KB 379ms
377ms Fetch
application/json 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/data/QD7lC6Ii59902XYDoagVD/faq.json

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

37506720fde1de1f21f0fe03f296afe82ef90e80d5a8dd6ce2df727ed7f54168

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 23:45:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: s-maxage=300, stale-while-revalidate
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: "205f7-xJ0PCr18fBiHN9FtNHcI1z21ysI"
x-amz-cf-id: BH8hk3giRPpgAvbatVJnEZi3biqnXiL04buAcUOTpf8BX9-mmSTpaw==

GET
H2 200 997783c6e53cd8b5790f6d566256053aa257acf5.e66930220be94b0b6fc9.js
better.com/_next/static/chunks/ 0
13 KB 83ms
82ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/997783c6e53cd8b5790f6d566256053aa257acf5.e66930220be94b0b6fc9.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 27462
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 16:07:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"8ec7-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: VHEgRKkCKTmJM4tQsb7Y7tPGYFaJZpy8Sc0rYoWxtyWp7pHORSwjxg==

GET
H2 200 faq-995a22c27e1074e6f08e.js
better.com/_next/static/chunks/pages/ 0
6 KB 85ms
84ms Other
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/faq-995a22c27e1074e6f08e.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 43039
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 11:48:02 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"4a8c-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 7WHf1N66P4uQ6zwb5-_Us9LYqazjNOt85WQq1jRTb4PLMiUTu_seHA==
x-content-type-options: nosniff always

GET
DATA 200
OK truncated
/ 21 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b3af1022905d725abe4a9203e60cc1ebd29b5bc2d7d696bebe1345c3460a315

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8938a637fac54e89db134fb40efccea5093dd6418bc5e73463aad4a43a59f71

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 20 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9eefb329fe4282aec576ed55f919485fff650e50e88a4445f74eada2ad7b5a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb2d09b43cd0f28deb8638a38c8f9ad87db0f62f55ad1a197d28b88984ca57c0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/dfxs74OduAHr1AzaYKFRWOI8yNJ3oiq9/ 420 KB
84 KB 746ms
648ms Script
text/javascript 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/dfxs74OduAHr1AzaYKFRWOI8yNJ3oiq9/analytics.min.js
Requested by: Host: better.com
URL: https://better.com/_next/static/chunks/93.501e45ec558e5c544afd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.99.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d93494616e262afa7c1031ab5fc524d136c72a706ffb346c7c1688a41e02918c

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: ApvL3nnPe4Lc.W2TeyJhiRCsUl23RjhY
content-encoding: gzip
etag: "31e5aa93e8addf4683f0cb0696a3ca8a"
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 84910
access-control-allow-origin: *
last-modified: Fri, 15 Jan 2021 19:25:13 GMT
server: AmazonS3
date: Sun, 17 Jan 2021 23:45:23 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: public, max-age=300
accept-ranges: bytes
x-amz-cf-id: KKiUKtE-c_6Y7KBtVBn8qzGtfZrf8PmNQvfkVihFJAExBiTP8P6wMA==

GET
H2 200 27206f115e6bc76c246d464c71841e2eb354f9bd_CSS.b6240012ec0b1f686af6.js Show response
better.com/_next/static/chunks/ 164 B
2 KB 54ms
51ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/27206f115e6bc76c246d464c71841e2eb354f9bd_CSS.b6240012ec0b1f686af6.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

fc1e5a88d84e531295a9e1cbb4a2eaf046831fce865bf9c94ae7e8272a6ae298

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-content-type-options: nosniff always
frame-options: sameorigin
age: 27462
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 164
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 16:07:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"a4-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: hpfvR2SFVw9nDJRAVfMLeWC2Ff5-XDdvwoyB-8Fn5LmPuxtdQjQU9Q==

GET
H2 200 722281df825d5b711d4f3b42a296d08a15669576.42196a40e5f263376941.js Show response
better.com/_next/static/chunks/ 15 KB
5 KB 53ms
49ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/722281df825d5b711d4f3b42a296d08a15669576.42196a40e5f263376941.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

88e5aeec6265e2626590cfabf782accf0b15093a6e9dab1626def148f7210ffd

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 74332
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 03:06:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"3ded-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: kA-rJpshDVd3OwHHn0aLYloKRYHX1Dm8gz1soeOhd8dq9a9lqmdUVQ==

GET
H2 200 title-74a4550bc161bc82a7fc.js Show response
better.com/_next/static/chunks/pages/ 11 KB
5 KB 53ms
50ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/title-74a4550bc161bc82a7fc.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

eecf7ca9e55ba365bb71231950d47ceb79a160c369ce04a30e1d445f9bd91edd

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 24579
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 16:55:42 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"2ab1-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: k0Kntk-ZenRFQtASxKYi4rwI8akhSuLCrju8vwIyfT1yP0YCM1IMhg==
x-content-type-options: nosniff always

GET
H2 200 27396876ad4db0549e0a.css Show response
better.com/_next/static/css/ 24 KB
5 KB 51ms
49ms Fetch
text/css 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/css/27396876ad4db0549e0a.css

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

18fc405ab7b35ca566458f0464c2201f746e9a79ad0b0306d86c502497ffe826

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 27462
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 16:07:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"614e-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: YjgdrqJ-XT6V6eQ4VxjmtEcsmKcAzaa5i4w3QXJuJ_0kG7FEvL9Zyw==

GET
H2 200 ea9525f7074be624435d.css Show response
better.com/_next/static/css/ 6 KB
3 KB 48ms
46ms Fetch
text/css 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/css/ea9525f7074be624435d.css

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

867f86b3f188068178da6074157f720fbe0e21ce137e36480341427beb7b2a27

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 27462
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 1472
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 16:07:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"1783-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: OMGdt1mut7KL-kmXf4ds1-OlG-anh9coeP6GQ2qkLZTU5g0tNQvEKQ==

GET
H2 200 realestate-9c40c2078e99df9238f0.js Show response
better.com/_next/static/chunks/pages/ 8 KB
4 KB 53ms
51ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/realestate-9c40c2078e99df9238f0.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

8f2f93c83ec343c1b5d3734eb917825770805518ab873c2204a58817e49f940b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 14056
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 19:51:05 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"2079-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 7eZL1NEd5Fw7idGYnZ8JMV6HEBNtIiKs3sJOxDP1z6ay0X__ca6ZWw==
x-content-type-options: nosniff always

GET
H2 200 dd76646470b38b9ffe2b.css Show response
better.com/_next/static/css/ 5 KB
3 KB 48ms
46ms Fetch
text/css 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/css/dd76646470b38b9ffe2b.css

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

2029f78486e7344306cd67fb7baa370026e2df155a84e61714ef6538a59e8ee8

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 26360
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 1337
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 16:26:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"1599-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: iIkKwMd_-_kvfzcCHceqnIZxqYApdiBVOWvc4GSmcwwONapTdTegfA==

GET
H2 200 80798bdd9283be4ca3d8.css Show response
better.com/_next/static/css/ 35 KB
7 KB 50ms
48ms Fetch
text/css 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/css/80798bdd9283be4ca3d8.css

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

a8e8481ac489e2efd193d1bf0f0748b9e4bff357ec5b5c3aff87cdfd4b354821

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 41964
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 12:05:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"8d79-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: JBGDF93HRVX5YpKj2xdTn7HqnePTjMHvlKCmd959ITFLSG-itzbMOg==

GET
H2 200 mortgage-dd7004cc4666038210fd.js Show response
better.com/_next/static/chunks/pages/ 7 KB
4 KB 50ms
48ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/mortgage-dd7004cc4666038210fd.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

418724d7edd7c92fc14e5b656c39035d1e73e871d4e1e1ead30ac894176d49b5

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 24579
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 16:55:42 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"1b31-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: wS9DrF3A9ruUA-680ijMUwtgQpF50OH0CbwSacN3KKfTUXLr4H8B6g==
x-content-type-options: nosniff always

GET
H2 200 b62b63686a2a9653c01e.css Show response
better.com/_next/static/css/ 5 KB
3 KB 48ms
46ms Fetch
text/css 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/css/b62b63686a2a9653c01e.css

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

fda9666e2da5b98e1b127cb8dc2c0e13fd9ebef15237003bfb77068b5557f5ab

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 27462
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 1283
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 16:07:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"14f0-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: RXR7-JkNin1qaz-YzkAFY1-HjcvmZsN1HW-NymnQl8eUMOX-TqPkVw==

GET
H2 200 hoi-7ca74ebc87071aca1051.js Show response
better.com/_next/static/chunks/pages/ 11 KB
5 KB 57ms
57ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/hoi-7ca74ebc87071aca1051.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

19463639c549d6ada9fa2b59951c42bd208ba60746d1dffdf720a77733e9cbd5

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 42250
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:01:11 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"2d99-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: SyUCzqrdewo42qXGbVi_mUqiVvw6eGBEYtJSdx6EWLx0HY10bEFZeQ==
x-content-type-options: nosniff always

GET
H2 200 27dcd0d9d7cc8e16b1a2.css Show response
better.com/_next/static/css/ 6 KB
3 KB 50ms
49ms Fetch
text/css 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/css/27dcd0d9d7cc8e16b1a2.css

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

b9630cd164610a53f97cfa51f0d005cb1896a3af43047b5eb3434da46cfd1f9e

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 4565
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 1545
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 22:29:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"19b4-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 2oCuIv1BErdPFRc31FswW92wqxEJy_Se24ts_ikAygsCDVl15srLeQ==

GET
H2 200 reviews-fb024266442885e04cf9.js Show response
better.com/_next/static/chunks/pages/about-us/ 68 KB
22 KB 51ms
51ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/about-us/reviews-fb024266442885e04cf9.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

df55d224a098712b20eed371c00c0ae396ef3ea0b9794cf7d288a1a33cea5930

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 42250
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:01:11 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"10e3d-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: iCqm5EUBsq_ZVnq2GkzWJbcyh7Ba0KoXHGOsX_dj4327eNhvLFW41A==
x-content-type-options: nosniff always

GET
H2 200 947a8129557e5d826f31.css Show response
better.com/_next/static/css/ 38 KB
7 KB 54ms
54ms Fetch
text/css 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/css/947a8129557e5d826f31.css

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

b691ea9b6747987b85d75813a5fcc5e471120e07aeb15aded860ff710e164a84

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 71844
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 03:47:57 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"986b-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: UDxNZtgJAnI1PmyCnE5UQNHote_LESpom-q1piXmYEpRaF6EeYM05A==
x-content-type-options: nosniff always

GET
H2 200 5c8dd9eb5e2c4861fd58572cf679b109d666dfcd.7e37901088eba0022f6b.js Show response
better.com/_next/static/chunks/ 22 KB
9 KB 53ms
52ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/5c8dd9eb5e2c4861fd58572cf679b109d666dfcd.7e37901088eba0022f6b.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

7b14933e9157d064e3c9620bf8f43dfd72ecd38a569007281f85d5f8318bfd95

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 20020
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 18:11:41 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"5934-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: TrcHdL1BwCFNciZspsGG8U1sv8uOaEvzjJG5brR2eoMvyVY2EAYV9g==
x-content-type-options: nosniff always

GET
H2 200 5c8dd9eb5e2c4861fd58572cf679b109d666dfcd_CSS.2a5729bf9a12607575a3.js Show response
better.com/_next/static/chunks/ 164 B
2 KB 57ms
57ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/5c8dd9eb5e2c4861fd58572cf679b109d666dfcd_CSS.2a5729bf9a12607575a3.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

dc53e8a5d0de69ed3e672cdcbf07a71f9f95a1a32e2dbcc28647d4d83e324e8b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
vary: Accept-Encoding
frame-options: sameorigin
age: 42250
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:01:11 GMT
content-length: 164
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"a4-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: HES1ktYTNX8EZEmPUfq8tPsjCURKfukoXb_Qe_2bzKL8hOLk6mVoiw==
x-content-type-options: nosniff always

GET
H2 200 about-us-6b240d808288ec904282.js Show response
better.com/_next/static/chunks/pages/ 50 KB
20 KB 55ms
54ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/about-us-6b240d808288ec904282.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

3afb091f10c79b7d009e2d7538c5bcce632e2a7ff477b36bcae278b2679613f6

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 42250
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:01:11 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"c8d9-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 3QSlI4twCmhmwVuG8O9GAdjZbQ4kcEjZyDiow-2kTBPsrkOOdFBP1w==
x-content-type-options: nosniff always

GET
H2 200 37de6f56f4931e0e441f.css Show response
better.com/_next/static/css/ 28 KB
6 KB 54ms
53ms Fetch
text/css 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/css/37de6f56f4931e0e441f.css

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

366768c117f94b70101db4b5166bd9f4cf662b69661f04d2c4da13e452379af3

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 71844
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 03:47:57 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"71df-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: t71kpHf7_uEX4xAhD-DcIvbnYqypQ9Z0H7z5zwqYyf6kv7N_8hlAfA==
x-content-type-options: nosniff always

GET
H2 200 b8eb1531ed4e3308128e.css Show response
better.com/_next/static/css/ 30 KB
5 KB 53ms
53ms Fetch
text/css 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/css/b8eb1531ed4e3308128e.css

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

a28dca010c104335765090b0c85c2333091425e96802f5dc02ad3be6d69ade50

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 71844
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 03:47:57 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"77f4-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: z3wn05jUBKeH_2lEuuVjyq3pzfCn9nuMdjjvjdvDuzlSw3vzA-lIKg==
x-content-type-options: nosniff always

GET
H2 200 careers-b745c6b334f2d20fcde8.js Show response
better.com/_next/static/chunks/pages/about-us/ 24 KB
8 KB 55ms
55ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/about-us/careers-b745c6b334f2d20fcde8.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

77f7945ccfcd7f82301c159f7e886809f2b4b202b71580358494f811463cc7d8

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 42250
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:01:11 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"5e39-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: seDuIpOeiDEzc5HID2ZM1e3CzNY6Hgkse31_y9NxCqIz8Ij3rYt-AA==
x-content-type-options: nosniff always

GET
H2 200 18e9a29ff22f8fce5a44.css Show response
better.com/_next/static/css/ 38 KB
5 KB 56ms
55ms Fetch
text/css 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/css/18e9a29ff22f8fce5a44.css

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

93943fd9de84efd981daa3b7d8718ffe69cb8f4d76feab3971a12945e60f5cfa

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 26510
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 16:23:31 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"9789-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: hGyoBDeAEmfB8OKky1TcNXbWL_cMehyFEMk_x_tM-XInqffMTuiV4Q==
x-content-type-options: nosniff always

GET
H2 200 contact-us-44bd03bf76a0c10ced81.js Show response
better.com/_next/static/chunks/pages/about-us/ 7 KB
3 KB 57ms
56ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/about-us/contact-us-44bd03bf76a0c10ced81.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

ab8e66618fab2fb1ac6b5039d85d4b3f08173a950c58a419c48e3f12d2767ba0

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 42250
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:01:11 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"1da1-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: c1pHYBTKgzs35Uvfy6qsawvFLLXD2ntgg4D7_rlK4nxFKz3CUwtHhQ==
x-content-type-options: nosniff always

GET
H2 200 67cc0ecb00bf2cc21c00.css Show response
better.com/_next/static/css/ 30 KB
6 KB 56ms
56ms Fetch
text/css 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/css/67cc0ecb00bf2cc21c00.css

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

ea68bc0df8698c4730a8329e46b9edbf1ac927972d085f615848d4f2448cb08d

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 42250
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:01:11 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"7793-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: -u5S_brwLE-xkXg4616K8Gknbo0uh61OEMEHockvBGAUqNOIHGQ1zg==
x-content-type-options: nosniff always

GET
H2 200 fcca23026da91fbda6ec200ab8527dc8c4c9e621_CSS.f0cc3b1c3624314c8a68.js Show response
better.com/_next/static/chunks/ 163 B
2 KB 68ms
59ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/fcca23026da91fbda6ec200ab8527dc8c4c9e621_CSS.f0cc3b1c3624314c8a68.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

64b3c92ee23c5e07a1052eb8b09d114bf1a899f1a21d7a569b5bfcbef3fad700

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
vary: Accept-Encoding
frame-options: sameorigin
age: 28116
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 15:56:45 GMT
content-length: 163
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"a3-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: dYWe2x3sEfv9B3s9kiKg_rCbqjf6Kz7dTVlBkeIF0-bj_TO-fYSt2A==
x-content-type-options: nosniff always

GET
H2 200 89c2147cbc2635e41a5cb7e85c66e50658fa0300.74ddf3751110686d5f42.js Show response
better.com/_next/static/chunks/ 11 KB
5 KB 72ms
63ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/89c2147cbc2635e41a5cb7e85c66e50658fa0300.74ddf3751110686d5f42.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

54ba3d2d0bfe50474ec39e9ada6b9cf8411f6d8164a34cc0e4d6ee52e0e7c5ab

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 8428
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 21:24:53 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"2c79-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: T7WGGomdKLhSx1P1DGbfztQkRO2g1pDPFNbk1Zl0oe7QVPW7wQVz7A==
x-content-type-options: nosniff always

GET
H2 200 0c0008a9c900ec564562a0c47202d51214081117.51df03c6b0f545180d77.js Show response
better.com/_next/static/chunks/ 110 KB
38 KB 64ms
55ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/0c0008a9c900ec564562a0c47202d51214081117.51df03c6b0f545180d77.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

1243d8477329626a281726ac0c4167ce327c0f60de2123ce53ff7f56dd943be0

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 27462
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 16:07:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"1b749-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: Vr0YBtBq-JtC8druOv686adr2ZQtzZc_fMAqDbnbR1w2m7RDVyl6GA==

GET
H2 200 3bb98672962d5872d255b1ce777e176b15b52802.fedc3894b60dde533950.js Show response
better.com/_next/static/chunks/ 14 KB
5 KB 71ms
63ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/3bb98672962d5872d255b1ce777e176b15b52802.fedc3894b60dde533950.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

0efb4cc97fcc4a8fb35578cf3302d7ba2e3a47bf06e95908d0014eaf6a46af5c

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 14907
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 19:36:54 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"36ee-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 4mwnLhC0t5Al1IgYUAb-qj4iUwbZATYwssl7DGBKW49ttEa9P1CcpQ==
x-content-type-options: nosniff always

GET
H2 200 a0897ac911791c7e068f3e891893f25942b5a522.0f95f3c1550c8079e3a9.js Show response
better.com/_next/static/chunks/ 17 KB
7 KB 64ms
59ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/a0897ac911791c7e068f3e891893f25942b5a522.0f95f3c1550c8079e3a9.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

65f857f0411899cfa6a44bfd9dba8ef14684d54aaa10a940ef202720d39e76d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 74332
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 03:06:29 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"42cf-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: Ds7wmFAFs07tLr0Q0AXa-f5GsR-7MeG6euJA2wCrXtaz3_6Z2ZAoDQ==
x-content-type-options: nosniff always

GET
H2 200 169631170806afb2ca714617869eed9015963e68.f4275456efda3eb50608.js Show response
better.com/_next/static/chunks/ 7 KB
4 KB 67ms
62ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/169631170806afb2ca714617869eed9015963e68.f4275456efda3eb50608.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

44a72bfe13a8714f2abda584180021a26ce104e70235001c303a092aeeceeb8d

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 28116
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 15:56:45 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"1d9c-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 1_dSmCk4VvphTqAe6QZbYbFUyExnHUY2h7HMorVBvK3X6R416aI3yw==
x-content-type-options: nosniff always

GET
H2 200 content-602837fa993e7301283d.js Show response
better.com/_next/static/chunks/pages/ 11 KB
5 KB 61ms
57ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/content-602837fa993e7301283d.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

1933f3d70dc55f85fdf0b48c93e063b00232dec7be5c1c8fe9722b787ac756ad

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 27462
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 16:07:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"2d78-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 9uEI-PG1cGKFxpE0-vwMS48uMZLS6tzPFQO0IN-PNoNG1T7Nk1HImg==

GET
H2 200 cf4bbad59f1a3fe15773.css Show response
better.com/_next/static/css/ 27 KB
5 KB 57ms
52ms Fetch
text/css 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/css/cf4bbad59f1a3fe15773.css

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

d22cc2448206a61bf010732920601b7d77e802bf8669d751e3fd90be760e1b40

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 27462
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 16:07:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"6bd9-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: k46X09w6EvK5HqNtVuj2ZoDUWdedvwFFz3f_OGSuVQBuI_pG3xRJ6A==

GET
H2 200 6f73a9ce4d397e5ce1a7.css Show response
better.com/_next/static/css/ 10 KB
4 KB 57ms
53ms Fetch
text/css 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/css/6f73a9ce4d397e5ce1a7.css

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

a8ba32d1ec89ba4d7fe087327cd9492b8c6d6b1a65c582c72c5847c6031237a2

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 27462
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 16:07:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"29bc-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: NuxncLiGboOSHf7ZSx95PtsvimcjcJMX_OGGE67z_q37RPTci8BmZg==

GET
H2 200 350ee17cd53e6a71e2f72a40dc0f7d4ba577dcf8_CSS.b5d1b3768e2f6619da36.js Show response
better.com/_next/static/chunks/ 164 B
2 KB 68ms
63ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/350ee17cd53e6a71e2f72a40dc0f7d4ba577dcf8_CSS.b5d1b3768e2f6619da36.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

e8f3ca40b68dda0eb2786b984fb8d3ad91c1dc41a767dc73507a4395a8ce5936

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
vary: Accept-Encoding
frame-options: sameorigin
age: 14060
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 19:51:01 GMT
content-length: 164
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"a4-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: _deltFP7t7XoDFxqLxYn7QCfymZ9O4XtFJS6SxMoliScVDCwGmPOSg==
x-content-type-options: nosniff always

GET
H2 200 glossary-d3e4c566523e08144259.js Show response
better.com/_next/static/chunks/pages/ 14 KB
6 KB 58ms
54ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/glossary-d3e4c566523e08144259.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

712e751c1ec89f414de7ec62ef5e6280960d67ae63bab17a27cc75b1680d419b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 27462
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 16:07:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"366f-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: cwCFHCglCN9IbLcxpOH8inYA3MHWKWNUTHfY3wS4aTBaw4qfNhpJdg==

GET
H2 200 232a9630d4ab18a53874.css Show response
better.com/_next/static/css/ 20 KB
5 KB 65ms
61ms Fetch
text/css 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/css/232a9630d4ab18a53874.css

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

dcd968c9673fc2d2b64cfc4dabf3d27b078e5408ccd902988ad65554edc62aa9

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 71843
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 03:47:58 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"4f3c-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: Wwt00MNpXRHIGA41EtfJQdrZhFGEifMAF_ZPHnlTyPDciVQ-uotwfg==
x-content-type-options: nosniff always

GET
H2 200 5d9fde1fc9de38e85594.css Show response
better.com/_next/static/css/ 9 KB
3 KB 57ms
53ms Fetch
text/css 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/css/5d9fde1fc9de38e85594.css

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

b9c5accd60dcf589142698b3d055026c800abd84e8a011dcff48b3bb7144730e

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 71843
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 1738
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 03:47:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"24f2-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: IUtvln_Wo22Y0X43Lrplr8EiejKHsdEnbrqstmDXSB67P_uUwtOv6w==

GET
H2 200 997783c6e53cd8b5790f6d566256053aa257acf5.e66930220be94b0b6fc9.js Show response
better.com/_next/static/chunks/ 36 KB
13 KB 68ms
64ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/997783c6e53cd8b5790f6d566256053aa257acf5.e66930220be94b0b6fc9.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

f4dfde9974ffae839899e66f2500ef0412a3762f59aefe04142c26f93dd27b8f

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 27462
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 16:07:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"8ec7-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: Me0NPs3Tv5PXO68xXu1-SY38kclq5iJOVEi8jauxULrPR4Fw31scFQ==

GET
H2 200 faq-995a22c27e1074e6f08e.js Show response
better.com/_next/static/chunks/pages/ 19 KB
6 KB 61ms
57ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/faq-995a22c27e1074e6f08e.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

50082f5917b8f64ec6c30e53e53338c454fed901d64876f310a06fe1b6373e32

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 43039
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 11:48:02 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"4a8c-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: bJkwAVjLf-4K-h9kZjE7aL5q8d_HQX4x2RFqWsPA-850KPP8y7c2CQ==
x-content-type-options: nosniff always

GET
H2 200 a6ebe43c9a2707428042.css Show response
better.com/_next/static/css/ 37 KB
5 KB 63ms
59ms Fetch
text/css 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/css/a6ebe43c9a2707428042.css

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

1c8cc387d75b594af2b692b647685060c5ea5d6531bfbc742b079a9ce36abc0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 42250
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 12:01:11 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"93b4-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: APUWzpQn-kdmc7tQC1C6mjykR3FLN57SV3qMFbZ4zkkqj1U0DmjNJw==
x-content-type-options: nosniff always

GET
H2 200 media-d5efdd68c59a101f203d.js Show response
better.com/_next/static/chunks/pages/about-us/ 43 KB
13 KB 61ms
58ms Script
application/javascript 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/chunks/pages/about-us/media-d5efdd68c59a101f203d.js

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

7c9f77ab5d11bf87d494b485976fb2368722f22fa4e0cc26981a983f9aee25b9

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
vary: Accept-Encoding
frame-options: sameorigin
age: 14446
x-cache: Hit from cloudfront
date: Sun, 17 Jan 2021 19:44:35 GMT
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
etag: W/"aa96-176fde49628"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: eDGVT0OLSrTpTquy50WRxCKBnBTUQA0lHRk4kFbwgdis5iGVq6X-9w==
x-content-type-options: nosniff always

GET
H2 200 ad7827b226793f04fef0.css Show response
better.com/_next/static/css/ 33 KB
6 KB 65ms
62ms Fetch
text/css 13.225.80.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://better.com/_next/static/css/ad7827b226793f04fef0.css

Requested by

Host: better.com
URL: https://better.com/_next/static/chunks/e9b6dec40ec4208df3e0c9b88ecc5daaa9f4011a.c1fede2fd51b22d2877a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-68.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

262a7601a8df66523bfd6ac6ada69f90115dd1b74f5e2b69bdb12af4928b3855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' *.better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com *.better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://*.pusher.com *.pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
content-encoding: gzip
x-content-type-options: nosniff always
frame-options: sameorigin
age: 27462
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Jan 2021 22:36:25 GMT
server: CloudFront
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 16:07:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=UTF-8
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
feature-policy: geolocation *; sync-xhr *; microphone *; camera *; fullscreen *; payment *
etag: W/"82e1-176fde49628"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: bRh2NkmAEzrwRcSA9j2saE9QuxI8ALtRB4q6Qfy3frt8TdKPPQASmQ==

GET
H2 206 phone-wordless-logo-20200826.mp4
media.better.com/pages/homepage/ 29 KB
30 KB 93ms
92ms Media
video/mp4 65.9.58.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.better.com/pages/homepage/phone-wordless-logo-20200826.mp4
Requested by: Host: better.com
URL: https://better.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f9a818f40c7aa179d087aa335e6bc2ce3787bff776049e78c7f256dee8b818c0

Request headers

Referer: https://better.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=1769472-

Response headers

date: Fri, 15 Jan 2021 18:27:03 GMT
via: 1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jan 2021 18:23:59 GMT
server: AmazonS3
age: 191900
etag: "a9bbea089b3b8cc0982980c88b2dd675"
x-cache: Hit from cloudfront
x-amz-version-id: fWIuePxqGM88rexvBlNl4IeNMxuFqMFj
Content-Range: bytes 1769472-1799257/1799258
cache-control: max-age=15552000,public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: video/mp4
Content-Length: 29786
x-amz-cf-id: aMCZMdC80l6WCbv8SRkPMoUVIbFsFMoUenPCSFQcytAycpxC9q415w==

GET
H2 206 phone-wordless-logo-20200826.mp4
media.better.com/pages/homepage/ 2 MB
0 63ms
63ms Media
video/mp4 65.9.58.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.better.com/pages/homepage/phone-wordless-logo-20200826.mp4
Requested by: Host: better.com
URL: https://better.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://better.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=32768-

Response headers

date: Fri, 15 Jan 2021 18:27:03 GMT
via: 1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jan 2021 18:23:59 GMT
server: AmazonS3
age: 191900
etag: "a9bbea089b3b8cc0982980c88b2dd675"
x-cache: Hit from cloudfront
x-amz-version-id: fWIuePxqGM88rexvBlNl4IeNMxuFqMFj
Content-Range: bytes 32768-1799257/1799258
cache-control: max-age=15552000,public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: video/mp4
Content-Length: 1766490
x-amz-cf-id: xOVFN5jaDP7JAZjffveu88LN-Lwxj4ZrrnrAWo6suTykwmzoACvMMw==

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
138 B 628ms
208ms XHR
application/json 54.70.9.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dfxs74OduAHr1AzaYKFRWOI8yNJ3oiq9/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.70.9.247 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-70-9-247.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://better.com
date: Sun, 17 Jan 2021 23:45:23 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
9 KB 46ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dfxs74OduAHr1AzaYKFRWOI8yNJ3oiq9/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 23:45:22 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: 88D890AE20E74868BD34170D45631F9E Ref B: FRAEDGE1513 Ref C: 2021-01-17T23:45:22Z
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 200 KB
61 KB 140ms
45ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dfxs74OduAHr1AzaYKFRWOI8yNJ3oiq9/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 33eee65eb2089a8564016e30b41cfe959f9cf50016c4f4bdc1b17e1268c24fa8

Request headers

Origin: https://better.com
Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 23:44:59 GMT
content-encoding: gzip
age: 23
x-guploader-uploadid: ABg5-Uy097fucTmiwZoT6LyTFy251jvTYngDzGyUiW9ao663etpzl10kGknzRtTWThGcHztIFBixqoNSnHRdv0IxIoU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 61604
last-modified: Thu, 07 Jan 2021 15:53:32 GMT
server: UploadServer
etag: "88528feb21b4f41e4b96fd571c64e491"
x-goog-hash: crc32c=mjiUMA==, md5=iFKP6yG09B5Llv1XHGTkkQ==
x-goog-generation: 1610034812761924
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=600,no-transform
x-goog-stored-content-length: 61604
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 17 Jan 2021 23:54:59 GMT

GET
H2 200 heap-1497711400.js Show response
cdn.heapanalytics.com/js/ 103 KB
41 KB 277ms
174ms Script
application/javascript 13.225.80.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heapanalytics.com/js/heap-1497711400.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dfxs74OduAHr1AzaYKFRWOI8yNJ3oiq9/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.7 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-7.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 02e9b175c3ba7629509e80736a24a02abbcb05152aee3854bf3835acb32a485e

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 23:45:22 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"19d24-TJ4eEYE95B6vN6gqMvnRmA"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-id: qUwicBpRpj03cTJGWB3uwzNxS-RQoJMMlAiFjm97AZpMKKQ0E3UsAg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 43ms
21ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-940313254

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dfxs74OduAHr1AzaYKFRWOI8yNJ3oiq9/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee967f04defbdcd7d1206c724f827856960bd42dcf470931b35cb6731921246b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 23:45:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38980
x-xss-protection: 0
last-modified: Sun, 17 Jan 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 17 Jan 2021 23:45:22 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
24 KB 23ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dfxs74OduAHr1AzaYKFRWOI8yNJ3oiq9/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23366
x-fb-rlafr: 0
pragma: public
x-fb-debug: 2tFtXp0SNnLAubt1kXi3zxQjAa0BP/ov3lGbK/aj8seNPKMYH2Kji0ncKeo6ZJ1cxRVRCRNGmbEulv6bIPVYcQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Sun, 17 Jan 2021 23:45:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
38 KB 55ms
34ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TPF8DS&l=dataLayer

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dfxs74OduAHr1AzaYKFRWOI8yNJ3oiq9/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2eba5bb4771dcbd94bb338b664122b779b9796682a4da88584093b0567505034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 23:45:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38886
x-xss-protection: 0
last-modified: Sun, 17 Jan 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 17 Jan 2021 23:45:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 27ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dfxs74OduAHr1AzaYKFRWOI8yNJ3oiq9/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 821
date: Sun, 17 Jan 2021 23:31:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 18 Jan 2021 01:31:41 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.32

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-fb-rlafr: 0
pragma: public
x-fb-debug: vNvYLVf46vZFBwnnDuiua8SEoc2YpIBlKXDjqER/Iv/5JCI3Yrv6dPqOsSgjt4Eqapvl4QGVLWRT4+gRgxLJ4Q==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 17 Jan 2021 23:45:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1471724169793020 Show response
connect.facebook.net/signals/config/ 27 KB
8 KB 52ms
52ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1471724169793020?v=2.9.32&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6d62a1d341213990c3926a4fb9e1617f91920d0648d5bec77292e864ec778f3e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: fR8a551r7ntn8Lkof3EOdI3kLL+8sW7RjF2SssEYh4p2QLRR0zq4sJrc1lWaTeEG8xLFyUjeaS8UCGBGpASXSA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 17 Jan 2021 23:45:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 300910004
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1011 B 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 23:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 730
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Mon, 18 Jan 2021 00:33:12 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 41ms
14ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-64912988-2&cid=2097879944.1610927123&jid=2041497530&gjid=1735955498&_gid=635010572.1610927123&_u=aGBAgEAjAAAAAE~&z=1471041170

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 17 Jan 2021 23:45:22 GMT
content-type: text/plain
access-control-allow-origin: https://better.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
384 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&aip=1&a=196463271&t=pageview&_s=1&dl=https%3A%2F%2Fbetter.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAj~&jid=2041497530&gjid=1735955498&cid=2097879944.1610927123&tid=UA-64912988-2&_gid=635010572.1610927123&z=179598946

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 15:31:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29603
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&aip=1&a=196463271&t=event&ni=1&_s=2&dl=https%3A%2F%2Fbetter.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=Viewed%20homepage%20Page&ev=0&_u=aGBAgEAjAAAAAE~&jid=&gjid=&cid=2097879944.1610927123&tid=UA-64912988-2&_gid=635010572.1610927123&z=1648245977

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 15:31:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29603
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 28ms
27ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5224292&Ver=2&mid=91fbb42e-ae60-4233-b7dd-5f4f7daa4bba&sid=10984bc0591e11ebb4ce599b3955fa96&vid=10985750591e11eb8e037fe19be32e8b&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Simple,%20Online%20Mortgage%20%7C%20Better%20Mortgage&kw=home%20loans,mortgage%20interest%20rates,refinance%20rates,refinance%20calculator,refinance%20mortgage%20online&p=https%3A%2F%2Fbetter.com%2F&r=&lt=2069&evt=pageLoad&msclkid=N&sv=1&rn=511126
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 17 Jan 2021 23:45:22 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: A897E3DCF0BD40C09B24CC23DB72B6B2 Ref B: FRAEDGE1513 Ref C: 2021-01-17T23:45:22Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
13 KB 168ms
61ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-940313254

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

0760449cf607277e85c0b2f456cc04da73515bf4bf85832a66e24faeffe7676b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 23:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12184
x-xss-protection: 0
server: cafe
etag: 16153075511613835353
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 17 Jan 2021 23:45:22 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 22ms
8ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: better.com
URL: https://better.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 17 Jan 2021 23:45:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=52925
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 a-02i4.min.js Show response
b-code.liadm.com/ 27 KB
10 KB 139ms
115ms Script
application/javascript 2a02:26f0:6c00::210:baa9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-02i4.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPF8DS&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baa9 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a040c10e7c2e987160420db99e2ea5ec2bcfa8ed4d2927c75904b356b510f5a3

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 23:45:22 GMT
content-encoding: gzip
last-modified: Thu, 19 Nov 2020 12:20:50 GMT
etag: "d90c87680f358f78f1280e6afc4ea9b1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3594
accept-ranges: bytes
content-length: 10229

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 20ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1471724169793020&ev=PageView&dl=https%3A%2F%2Fbetter.com%2F&rl=&if=false&ts=1610927122758&sw=1600&sh=1200&v=2.9.32&r=stable&a=seg&ec=0&o=28&fbp=fb.1.1610927122756.184816086&it=1610927122695&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 23:45:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 17 Jan 2021 23:45:22 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
505 B 36ms
16ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-64912988-2&cid=2097879944.1610927123&jid=2041497530&_u=aGBAgEAjAAAAAE~&z=1200285934

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 23:45:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 37ms
17ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-64912988-2&cid=2097879944.1610927123&jid=2041497530&_u=aGBAgEAjAAAAAE~&z=1200285934

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 23:45:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=285097&time=1610927122771&url=https%3A%2F%2Fbetter.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D285097%26time%3D1610927122771%26url%3Dhttps%253A%252F%252Fbetter.com%252F%26liSyn...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=285097&time=1610927122771&url=https%3A%2F%2Fbetter.com%2F&liSync=true

0
81 B

180ms
180ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=285097&time=1610927122771&url=https%3A%2F%2Fbetter.com%2F&liSync=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 23:45:23 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: li8z+64pWxZA8rJBhysAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: Q9Lw8q4pWxbQWM0SFisAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: EAEBF1EEFEB04114AD692F73800AD0D8 Ref B: FRAEDGE1316 Ref C: 2021-01-17T23:45:23Z
x-frame-options: sameorigin
date: Sun, 17 Jan 2021 23:45:22 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=31536000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=285097&time=1610927122771&url=https%3A%2F%2Fbetter.com%2F&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 4 KB
2 KB 429ms
330ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 44df94f056570bf3b19f4d813c5b1c80a3fe57e0335b5a4f3e5cba19d56fb25f

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 Jan 2021 23:45:23 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: https://better.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 1636
via: 1.1 google

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/940313254/ 2 KB
2 KB 36ms
16ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/940313254/?random=1610927122911&cv=9&fst=1610927122911&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbetter.com%2F&tiba=Simple%2C%20Online%20Mortgage%20%7C%20Better%20Mortgage&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b129de4386841b7c08c58b5661050b90ec98aa294002aba03a795fed58207b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 23:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1035
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/940313254/ 42 B
530 B 48ms
34ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/940313254/?random=1610927122911&cv=9&fst=1610924400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbetter.com%2F&tiba=Simple%2C%20Online%20Mortgage%20%7C%20Better%20Mortgage&async=1&fmt=3&is_vtc=1&random=3385079046&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 23:45:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/940313254/ 42 B
530 B 43ms
29ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/940313254/?random=1610927122911&cv=9&fst=1610924400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbetter.com%2F&tiba=Simple%2C%20Online%20Mortgage%20%7C%20Better%20Mortgage&async=1&fmt=3&is_vtc=1&random=3385079046&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 23:45:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?tna=v2.0.0&aid=a-02i4&wpn=lc-bundle&pu=https%3A%2F%2Fbetter.com%2F&ext_ajs_user_id=null&duid=1d5e8c2a202d--01ew9btaefx2d1dsfdhjn3qa9x&se=e30&dtstmp=1610927123010
https://rp4.liadm.com/j?tna=v2.0.0&aid=a-02i4&wpn=lc-bundle&pu=https%3A%2F%2Fbetter.com%2F&ext_ajs_user_id=null&duid=1d5e8c2a202d--01ew9btaefx2d1dsfdhjn3qa9x&se=e30&dtstmp=1610927123010&i6=MmEwMTo0...

13 B
569 B

413ms
138ms

XHR
application/json

34.199.213.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?tna=v2.0.0&aid=a-02i4&wpn=lc-bundle&pu=https%3A%2F%2Fbetter.com%2F&ext_ajs_user_id=null&duid=1d5e8c2a202d--01ew9btaefx2d1dsfdhjn3qa9x&se=e30&dtstmp=1610927123010&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.199.213.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-199-213-67.compute-1.amazonaws.com

Software

nginx/1.16.1 /

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 17 Jan 2021 23:45:23 GMT
x-pixel-event-id: 6a01de7b-9b72-4a33-8b85-71f7eb0ff819
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
request-time: 0
vary: Origin
content-length: 13
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.16.1
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 034e4a7ba53fadd3

Redirect headers

date: Sun, 17 Jan 2021 23:45:23 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.16.1
vary: Origin
location: https://rp4.liadm.com/j?tna=v2.0.0&aid=a-02i4&wpn=lc-bundle&pu=https%3A%2F%2Fbetter.com%2F&ext_ajs_user_id=null&duid=1d5e8c2a202d--01ew9btaefx2d1dsfdhjn3qa9x&se=e30&dtstmp=1610927123010&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://better.com
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: af0cd43633e9c134
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H2 200 h
heapanalytics.com/ 37 B
213 B 419ms
137ms Image
image/gif 3.229.228.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heapanalytics.com/h?a=1497711400&u=7478532581578658&v=4296344675387387&s=460793422145666&b=web&tv=4.0&z=0&h=%2F&d=better.com&t=Simple%2C%20Online%20Mortgage%20%7C%20Better%20Mortgage&ts=1610927123039&st=1610927123041
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.228.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-228-113.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jan 2021 23:45:23 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-length: 37
content-type: image/gif

POST
H2 200 bundle Show response
rs.fullstory.com/rec/ 29 B
91 B 384ms
333ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=1GkE&UserId=5526353762172928&SessionId=4666838196011008&PageId=6734840320081920&Seq=1&PageStart=1610927123097&PrevBundleTime=0&LastActivity=460&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 66f35ecfd024a72daf2b0d3232631fd121ee64682d6a92086143b063e3b8e0de

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://better.com
date: Sun, 17 Jan 2021 23:45:23 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 29
content-type: application/json; charset=utf-8

POST
H2 200 bundle Show response
rs.fullstory.com/rec/ 29 B
88 B 209ms
209ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=1GkE&UserId=5526353762172928&SessionId=4666838196011008&PageId=6734840320081920&Seq=2&PageStart=1610927123097&PrevBundleTime=1610927123569&LastActivity=4868&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 8fc8e783a21d342c572954d02f68c42bb59aec95d3c873174285e47549c56337

Request headers

Referer: https://better.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://better.com
date: Sun, 17 Jan 2021 23:45:28 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 29
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.better.com/	1970-01-20 00:14:23	Name: ajs_anonymous_id Value: %22f4db7476-be16-4a29-a475-f85e23635441%22
			better.com/	1969-12-31 23:59:59	Name: ajs_anonymous_id Value: %22f4db7476-be16-4a29-a475-f85e23635441%22

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' blob:;default-src 'self';object-src 'self';img-src data: https: 'self' .better.com images.ctfassets.net heapanalytics.com 'unsafe-inline';style-src 'self' 'unsafe-inline' data: blob: fonts.googleapis.com assets.braintreegateway.com .better.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com media.better.com data:;media-src media.better.com 'self' chat-assets.frontapp.com https://player.vimeo.com https:;connect-src wss://.pusher.com .pusherapp.com https: 'self';frame-ancestors 'self' https://mobile2.accountchek.net https://borrower.accountchek.com https://web.pointserv.com https://flex.twilio.com;frame-src https://*.hellosign.com https://accounts.google.com https://assets.braintreegateway.com https://cdn.plaid.com https://useast1.pcipal.cloud/ bid.g.doubleclick.net dntcl.qualaroo.com insight.adsrvr.org match.adsrvr.org player.vimeo.com www.google.com 'self' https:;report-uri https://bettermg.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff always
X-Frame-Options	sameorigin
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
b-code.liadm.com
bat.bing.com
better.com
cdn.heapanalytics.com
cdn.segment.com
connect.facebook.net
edge.fullstory.com
googleads.g.doubleclick.net
heapanalytics.com
media.better.com
px.ads.linkedin.com
rp.liadm.com
rp4.liadm.com
rs.fullstory.com
snap.licdn.com
stats.g.doubleclick.net
www.better.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
13.225.80.68
13.225.80.7
143.204.99.83
172.217.22.98
2600:1f18:730:b140:28d8:9783:2a08:4b54
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:801::2002
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:818::2008
2a00:1450:400c:c00::9d
2a02:26f0:6c00:28c::25ea
2a02:26f0:6c00::210:baa9
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
3.229.228.113
34.199.213.67
35.186.194.58
35.201.112.186
54.70.9.247
65.9.58.64
65.9.58.93
02e9b175c3ba7629509e80736a24a02abbcb05152aee3854bf3835acb32a485e
0760449cf607277e85c0b2f456cc04da73515bf4bf85832a66e24faeffe7676b
0b129de4386841b7c08c58b5661050b90ec98aa294002aba03a795fed58207b5
0efb4cc97fcc4a8fb35578cf3302d7ba2e3a47bf06e95908d0014eaf6a46af5c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1243d8477329626a281726ac0c4167ce327c0f60de2123ce53ff7f56dd943be0
12964e5b93045697353c3ea60bce52d8c6061ec118bd6d053c5f5a89ae03a986
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
18fc405ab7b35ca566458f0464c2201f746e9a79ad0b0306d86c502497ffe826
1933f3d70dc55f85fdf0b48c93e063b00232dec7be5c1c8fe9722b787ac756ad
19463639c549d6ada9fa2b59951c42bd208ba60746d1dffdf720a77733e9cbd5
1c8cc387d75b594af2b692b647685060c5ea5d6531bfbc742b079a9ce36abc0a
1d7d0a5fedec86bae65a7b290aebee01090574a142ecbd9944653315e957481f
2029f78486e7344306cd67fb7baa370026e2df155a84e61714ef6538a59e8ee8
260f3050baa92141e5c38a1a90c6c78ed3ac6c5524462145e54482269d2ea042
262a7601a8df66523bfd6ac6ada69f90115dd1b74f5e2b69bdb12af4928b3855
2b7bd1e8b387bdea068e1c4454aa6f3ba112372c16f30f3eee16482d600020ec
2eba5bb4771dcbd94bb338b664122b779b9796682a4da88584093b0567505034
316e7fd78870e135359f682f56be56bcb8b913191a7ce82d3d89091f7cc6028f
33eee65eb2089a8564016e30b41cfe959f9cf50016c4f4bdc1b17e1268c24fa8
366768c117f94b70101db4b5166bd9f4cf662b69661f04d2c4da13e452379af3
369c2ee39feda225678a830df29247a43f86414a3069774bf8c907044c7bf831
37506720fde1de1f21f0fe03f296afe82ef90e80d5a8dd6ce2df727ed7f54168
3afb091f10c79b7d009e2d7538c5bcce632e2a7ff477b36bcae278b2679613f6
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
418724d7edd7c92fc14e5b656c39035d1e73e871d4e1e1ead30ac894176d49b5
440f177383f4f5a258f0be48b14d11a1af90ca2e1e604cd55f35512fd2d9f2dd
44a72bfe13a8714f2abda584180021a26ce104e70235001c303a092aeeceeb8d
44df94f056570bf3b19f4d813c5b1c80a3fe57e0335b5a4f3e5cba19d56fb25f
45f97d01fbcba7faa78003368617968425fec993336cbe46e6533abb773b02d4
4bdd948e03881b1b48af2e588db9450ced069406d201ee2b7f4ca7f49c1450ae
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
50082f5917b8f64ec6c30e53e53338c454fed901d64876f310a06fe1b6373e32
546ad1c6f8924f5863939ed6d414ff3983c1cd97937a85a59fb9bcb19a7dcf08
54ba3d2d0bfe50474ec39e9ada6b9cf8411f6d8164a34cc0e4d6ee52e0e7c5ab
5b3af1022905d725abe4a9203e60cc1ebd29b5bc2d7d696bebe1345c3460a315
5b52d4ca08cf2f3d8e511ee2e0fe49fce7ab3de7f93f7ad632dcbe86dd81a501
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
5f492c3c4681d7f9fbd5d8307c09fadfc2fbf453e05af0fb38cd32aefeaeff2f
64b3c92ee23c5e07a1052eb8b09d114bf1a899f1a21d7a569b5bfcbef3fad700
65f857f0411899cfa6a44bfd9dba8ef14684d54aaa10a940ef202720d39e76d3
66f35ecfd024a72daf2b0d3232631fd121ee64682d6a92086143b063e3b8e0de
6d62a1d341213990c3926a4fb9e1617f91920d0648d5bec77292e864ec778f3e
6e791b8c704fac985101b83f467de2c11a8aa73d3459bed40be1c4bf940afdad
712e751c1ec89f414de7ec62ef5e6280960d67ae63bab17a27cc75b1680d419b
72dff9c4b9f9d5128f16067316c7e88b40edbf4be9f152f915969abb5c10d333
77f7945ccfcd7f82301c159f7e886809f2b4b202b71580358494f811463cc7d8
7b14933e9157d064e3c9620bf8f43dfd72ecd38a569007281f85d5f8318bfd95
7c9f77ab5d11bf87d494b485976fb2368722f22fa4e0cc26981a983f9aee25b9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852f934477d955c9885abe8f602b4fd8ab821d1221a3742907130a3677895203
867f86b3f188068178da6074157f720fbe0e21ce137e36480341427beb7b2a27
88e5aeec6265e2626590cfabf782accf0b15093a6e9dab1626def148f7210ffd
8d1ed9fb9153d5cfa80ae1d9c03249c2e2d0d7e763ce671196c8e063ac0aa729
8f2f93c83ec343c1b5d3734eb917825770805518ab873c2204a58817e49f940b
8fc8e783a21d342c572954d02f68c42bb59aec95d3c873174285e47549c56337
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93943fd9de84efd981daa3b7d8718ffe69cb8f4d76feab3971a12945e60f5cfa
98c42ff682581af7bfa0e7965ddbb74b7fa7e4cc067c52b846ac31cc0ffd24cd
9eefb329fe4282aec576ed55f919485fff650e50e88a4445f74eada2ad7b5a22
a040c10e7c2e987160420db99e2ea5ec2bcfa8ed4d2927c75904b356b510f5a3
a28dca010c104335765090b0c85c2333091425e96802f5dc02ad3be6d69ade50
a3e9c0c7dc58b8317d44b62714f88fcb7ed78c5f37fe8d25c0a91372ff681772
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
a8938a637fac54e89db134fb40efccea5093dd6418bc5e73463aad4a43a59f71
a8ba32d1ec89ba4d7fe087327cd9492b8c6d6b1a65c582c72c5847c6031237a2
a8e8481ac489e2efd193d1bf0f0748b9e4bff357ec5b5c3aff87cdfd4b354821
aaee1a745804a35c1ff3daab2e636c8cf61f25b4a8c120fcadeb1c3cc32e37b9
ab8e66618fab2fb1ac6b5039d85d4b3f08173a950c58a419c48e3f12d2767ba0
ac41ffb47fa919d77629b8d2f685d961f9a223d8e200973696c57d49ef8c65f1
adc7b3fbeaa4d163f092f6ef4dba6ad9b0bde42455a93a040178d099d6f48bee
b2b0314d4c5134841ed400accc59b002d736ca30e840f84c5f7f339b06e10f93
b691ea9b6747987b85d75813a5fcc5e471120e07aeb15aded860ff710e164a84
b9630cd164610a53f97cfa51f0d005cb1896a3af43047b5eb3434da46cfd1f9e
b9c5accd60dcf589142698b3d055026c800abd84e8a011dcff48b3bb7144730e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcf06810029ad6d4cfaa8cfc46e1f58acc12b5bd8053066bf1763b182f278884
d22cc2448206a61bf010732920601b7d77e802bf8669d751e3fd90be760e1b40
d5cd20bf02c1fddb9fb1ea1db11b277192cc0f0887d62809a042d7d6c3030513
d93494616e262afa7c1031ab5fc524d136c72a706ffb346c7c1688a41e02918c
dc53e8a5d0de69ed3e672cdcbf07a71f9f95a1a32e2dbcc28647d4d83e324e8b
dcd968c9673fc2d2b64cfc4dabf3d27b078e5408ccd902988ad65554edc62aa9
df55d224a098712b20eed371c00c0ae396ef3ea0b9794cf7d288a1a33cea5930
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e75df0e37b99a88e7ba7cc5947512e18a0a0ed58c96d71d0661c770731427e83
e8f3ca40b68dda0eb2786b984fb8d3ad91c1dc41a767dc73507a4395a8ce5936
ea68bc0df8698c4730a8329e46b9edbf1ac927972d085f615848d4f2448cb08d
eb2d09b43cd0f28deb8638a38c8f9ad87db0f62f55ad1a197d28b88984ca57c0
ee967f04defbdcd7d1206c724f827856960bd42dcf470931b35cb6731921246b
eecf7ca9e55ba365bb71231950d47ceb79a160c369ce04a30e1d445f9bd91edd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f4dfde9974ffae839899e66f2500ef0412a3762f59aefe04142c26f93dd27b8f
f9a818f40c7aa179d087aa335e6bc2ce3787bff776049e78c7f256dee8b818c0
fc1e5a88d84e531295a9e1cbb4a2eaf046831fce865bf9c94ae7e8272a6ae298
fda9666e2da5b98e1b127cb8dc2c0e13fd9ebef15237003bfb77068b5557f5ab

better.com Open in urlscan Pro 13.225.80.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

132 Requests

100 %HTTPS

56 %IPv6

17 Domains

25 Subdomains

23 IPs

5 Countries

1661 kBTransfer

5949 kBSize

2 Cookies

14 Outgoing links

Page URL History

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

better.com Open in urlscan Pro
13.225.80.68 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

100 %
HTTPS

56 %
IPv6

17
Domains

25
Subdomains

23
IPs

5
Countries

1661 kB
Transfer

5949 kB
Size

2
Cookies

132 HTTP transactions
4 data transactions