app.hotspotshield.com Open in urlscan Pro
18.245.86.108 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://d1bqg89p9tb8wl.cloudfront.net/
Effective URL:
https://app.hotspotshield.com/
Submission: On September 25 via api (September 25th 2024, 6:16:17 am UTC) from LU — Scanned from DE

Summary HTTP 46 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 46 HTTP transactions. The main IP is 18.245.86.108, located in United States and belongs to AMAZON-02, US. The main domain is app.hotspotshield.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 20th 2023. Valid for: a year.

This is the only time app.hotspotshield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:206... 2600:9000:206f:2000:0:9ff4:b540:21	16509 (AMAZON-02) (AMAZON-02)
9	18.245.86.108 18.245.86.108	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:2251:1a00:18:24b:e840:21	16509 (AMAZON-02) (AMAZON-02)
2	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
4	2606:4700:11:... 2606:4700:11::6817:8a13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:401... 2a00:1450:4013:c18::54	15169 (GOOGLE) (GOOGLE)
1	184.30.208.159 184.30.208.159	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6811:1fae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	23.213.161.216 23.213.161.216	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
46	17

1 2600:9000:206f:2000:0:9ff4:b540:21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d1bqg89p9tb8wl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.245.86.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-108.fra60.r.cloudfront.net

app.hotspotshield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2251:1a00:18:24b:e840:21 (United States)

ASN16509 (AMAZON-02, US)

d2p1qyxxogka01.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.192.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:11::6817:8a13 (United States)

ASN13335 (CLOUDFLARENET, US)

www.hotspotshield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4013:c18::54 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.208.159 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-208-159.deploy.static.akamaitechnologies.com

appleid.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:1fae (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.213.161.216 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-216.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	hotspotshield.com app.hotspotshield.com www.hotspotshield.com — Cisco Umbrella Rank: 850858	580 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 821	137 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 3391	21 KB
4	stripe.com js.stripe.com — Cisco Umbrella Rank: 1391	159 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 378	15 KB
3	google.com accounts.google.com — Cisco Umbrella Rank: 20	87 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	304 KB
3	cloudfront.net 1 redirects d1bqg89p9tb8wl.cloudfront.net d2p1qyxxogka01.cloudfront.net	17 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 112	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 196	72 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 10473 prism.app-us1.com — Cisco Umbrella Rank: 10557	8 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 272	638 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 749	16 KB
1	cdn-apple.com appleid.cdn-apple.com — Cisco Umbrella Rank: 4197	17 KB
46	14

	Domain	Requested by
9	app.hotspotshield.com	app.hotspotshield.com
5	analytics.tiktok.com	app.hotspotshield.com analytics.tiktok.com
4	www.hotspotshield.com	d2p1qyxxogka01.cloudfront.net
4	js.stripe.com	app.hotspotshield.com js.stripe.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com app.hotspotshield.com
3	accounts.google.com	app.hotspotshield.com accounts.google.com
3	www.googletagmanager.com	d2p1qyxxogka01.cloudfront.net www.googletagmanager.com
2	www.facebook.com	app.hotspotshield.com
2	region1.google-analytics.com	app.hotspotshield.com
2	connect.facebook.net	app.hotspotshield.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com app.hotspotshield.com
2	d2p1qyxxogka01.cloudfront.net	app.hotspotshield.com
1	bam.nr-data.net	app.hotspotshield.com
1	js-agent.newrelic.com	app.hotspotshield.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	diffuser-cdn.app-us1.com	app.hotspotshield.com
1	appleid.cdn-apple.com	app.hotspotshield.com
1	d1bqg89p9tb8wl.cloudfront.net	1 redirects
46	18

This site contains links to these domains. Also see Links.

Domain
hotspotshield.com
www.hotspotshield.com

Subject Issuer	Validity	Valid
app.hotspotshield.com Amazon RSA 2048 M02	`2023-12-20` - `2025-01-18`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-08-29` - `2024-12-05`	3 months	crt.sh
hotspotshield.com WE1	`2024-09-09` - `2024-12-08`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
accounts.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
appleid.cdn-apple.com Apple Public EV Server RSA CA 2 - G1	`2024-06-06` - `2024-12-03`	6 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
diffuser-cdn.app-us1.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-04` - `2024-10-02`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
prism.app-us1.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-12` - `2025-08-12`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://app.hotspotshield.com/
Frame ID: B66A3B7741B411A055037B5AF5FCFB3C
Requests: 43 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-b49317380ba8946a72a1bc61bce8261c.html
Frame ID: CF293B8C1906E203D9BA199722AA9066
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?theme=outline&size=large&width=375&logo_alignment=center&context=signin&text=Sign%20in%20with%20Google&client_id=821760748138-i4k146uvkoqnk0f20uq87g88ls5svsa6.apps.googleusercontent.com&iframe_id=gsi_968149_686099&as=A%2BV1Rexjl3by%2FIE460jy6w
Frame ID: 07FFC27996AF8475C003A2DF087D4006
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: FE4B90C1731C4D9F40CCC718C1089CDD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in

Page URL History Show full URLs

http://d1bqg89p9tb8wl.cloudfront.net/ HTTP 307
https://d1bqg89p9tb8wl.cloudfront.net/ HTTP 302
https://app.hotspotshield.com/ Page URL

Detected technologies

Apple Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

appleid\.auth\.js

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

46
Requests

100 %
HTTPS

67 %
IPv6

14
Domains

18
Subdomains

17
IPs

3
Countries

1436 kB
Transfer

4457 kB
Size

22
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://hotspotshield.com/

Search URL Search Domain Scan URL

URL: https://www.hotspotshield.com/privacy-policy/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.hotspotshield.com/terms/
Title: Terms of service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://d1bqg89p9tb8wl.cloudfront.net/ HTTP 307
https://d1bqg89p9tb8wl.cloudfront.net/ HTTP 302
https://app.hotspotshield.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
app.hotspotshield.com/
Redirect Chain

http://d1bqg89p9tb8wl.cloudfront.net/
https://d1bqg89p9tb8wl.cloudfront.net/
https://app.hotspotshield.com/

32 KB
33 KB

1416ms
1325ms

Document
text/html

18.245.86.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hotspotshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-108.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

450bb536178cf8ba6a2a75fa234eb8c82cf74a2981c6b7c68645854280317dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	DENY ALLOW-FROM https://hsselite.zendesk.com/

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36

Response headers

afs: 8a3aa188941d0aaacd073ecc5b831ba9
cache-control: no-store, no-cache, must-revalidate no-cache, private
content-security-policy-report-only: default-src https:; connect-src https: wss:; script-src https: 'unsafe-eval' 'unsafe-inline'; worker-src blob:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri https://www.hsselite.com/csp-report
content-type: text/html; charset=UTF-8
date: Wed, 25 Sep 2024 06:16:03 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: CP="Dummy p3p policy"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
x-amz-cf-id: yNmGr-OyXAsnJL-hWaBJwJGt7ge-FkcSSUZ5Jc9kiX3u57MQUXdgMg==
x-amz-cf-pop: FRA60-P6
x-cache: Miss from cloudfront
x-frame-options: DENY ALLOW-FROM https://hsselite.zendesk.com/

Redirect headers

afs: 1d215d27c123ddf67f3ae0e9a1e381e2
cache-control: no-cache, private
content-security-policy-report-only: default-src https:; connect-src https: wss:; script-src https: 'unsafe-eval' 'unsafe-inline'; worker-src blob:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri https://www.hsselite.com/csp-report
content-type: text/html; charset=UTF-8
date: Wed, 25 Sep 2024 06:16:02 GMT
location: https://app.hotspotshield.com/
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront), 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
x-amz-cf-id: OHM5h2h61p3bvdvH38sRW45QDeVgdWeBOne1d3H0yblbfs3dnfuItA==
x-amz-cf-pop: FRA60-P6 FRA56-C1
x-cache: Miss from cloudfront
x-frame-options: DENY ALLOW-FROM https://hsselite.zendesk.com/

GET
H2 200 spa.gpr.min.js Show response
d2p1qyxxogka01.cloudfront.net/js/ 43 KB
12 KB 540ms
60ms Script
application/javascript 2600:9000:2251:1a00:18:24b:e840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2p1qyxxogka01.cloudfront.net/js/spa.gpr.min.js?v=797005938

Requested by

Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:1a00:18:24b:e840:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f171ea32999957a20892e1f89f964ca3453380cc362fbdedef42f186d2c5888

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"66f2d117-acdd"
age: 55266
x-content-type-options: nosniff
expires: Wed, 25 Sep 2024 09:16:04 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: 2SzfL8eRJ0lb07yuDga5zcAu2iDNHoCQI2GHe9p2sv1CSLkRlacs_g==
date: Wed, 25 Sep 2024 06:16:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 24 Sep 2024 14:47:51 GMT
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=10800
via: hotspotshield-5948f5898c-ps47g, 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cf-ray: 8c88e222adde4d59-FRA
x-amz-cf-pop: FRA60-P3
server: cloudflare

GET
H2 200 bundle.js Show response
app.hotspotshield.com/js/ 1 MB
335 KB 63ms
24ms Script
application/javascript 18.245.86.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hotspotshield.com/js/bundle.js?v=797005938

Requested by

Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-108.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

6901220f56a3cf618c9f33fc9bb1bcb1119b6d0607a4ed5eb87530abf9235d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	ALLOW-FROM https://hsselite.zendesk.com/

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

content-encoding: gzip
etag: W/"66f2b0de-1314ca"
age: 2943
expires: Wed, 25 Sep 2024 06:27:00 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: ZhspQlBQg4HU3F-YS0OEYTT4O2ZRnU_91d3iZBzebqWwnFIrwj-7nQ==
date: Wed, 25 Sep 2024 05:54:42 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 24 Sep 2024 12:30:22 GMT
x-frame-options: ALLOW-FROM https://hsselite.zendesk.com/
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=3600
content-security-policy-report-only: default-src https:; connect-src https: wss:; script-src https: 'unsafe-eval' 'unsafe-inline'; worker-src blob:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri https://www.hsselite.com/csp-report
via: 1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
server: nginx

GET
H2 200 v3 Show response
js.stripe.com/ 655 KB
159 KB 345ms
36ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/js/bundle.js?v=797005938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

02959b6821696c21598ce6ec968c6276471b688bb6bf177013b1b8fdb6f56339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

x-request-id: 375fb4c2-2393-4703-8568-f1d56c37ddbb
content-encoding: br
etag: "2c76ac99816397a1d7d79a37d0f103ff"
age: 22
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Wed, 25 Sep 2024 06:16:05 GMT
last-modified: Wed, 25 Sep 2024 00:02:37 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-fra-etou8220132-FRA
x-cache-hits: 4
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 162105
server: Fastly

GET
H2 200 en.json Show response
app.hotspotshield.com/locales/ 219 KB
58 KB 96ms
40ms XHR
application/json 18.245.86.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hotspotshield.com/locales/en.json

Requested by

Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/js/bundle.js?v=797005938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-108.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

deff6b98e3c719ae7ea7cb2fef8f4971586ef54602e87a2643e94b94535be329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	ALLOW-FROM https://hsselite.zendesk.com/

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://app.hotspotshield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-encoding: gzip
etag: W/"66f2b018-36a6e"
age: 1523
content-security-policy-report-only: default-src https:; connect-src https: wss:; script-src https: 'unsafe-eval' 'unsafe-inline'; worker-src blob:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri https://www.hsselite.com/csp-report
via: 1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: EskF6kRXjMRZEKa6a59Q-16n_bHn8F01LM0clxs156ekKebesk00Ng==
date: Wed, 25 Sep 2024 05:54:44 GMT
content-type: application/json
last-modified: Tue, 24 Sep 2024 12:27:04 GMT
server: nginx
x-amz-cf-pop: FRA60-P6
x-frame-options: ALLOW-FROM https://hsselite.zendesk.com/

GET
H2 200 39D315_2_0.woff2
app.hotspotshield.com/fonts/Gordita/webfonts/ 46 KB
46 KB 75ms
69ms Font
application/octet-stream 18.245.86.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hotspotshield.com/fonts/Gordita/webfonts/39D315_2_0.woff2

Requested by

Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-108.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

d9af3f23bc4141fd78d1f803e1feda045f24c7273b8a643d331ee3ef982908e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	ALLOW-FROM https://hsselite.zendesk.com/

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Origin: https://app.hotspotshield.com
Referer: https://app.hotspotshield.com/

Response headers

etag: "66f2b0de-b71e"
age: 2474
expires: Wed, 25 Sep 2024 06:34:51 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: BmMDd_9n_vNw_EhJTPXC7N1JzObF0C3pAyJOS93AoIUs-tgCROgdAg==
date: Wed, 25 Sep 2024 05:54:44 GMT
content-type: application/octet-stream
vary: Accept-Encoding
last-modified: Tue, 24 Sep 2024 12:30:22 GMT
x-frame-options: ALLOW-FROM https://hsselite.zendesk.com/
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=3600
content-security-policy-report-only: default-src https:; connect-src https: wss:; script-src https: 'unsafe-eval' 'unsafe-inline'; worker-src blob:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri https://www.hsselite.com/csp-report
via: 1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 46878
x-amz-cf-pop: FRA60-P6
server: nginx

POST
H2 200 gpr
www.hotspotshield.com/ 0
404 B 561ms
201ms Ping
text/plain 2606:4700:11::6817:8a13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotspotshield.com/gpr?data=

Requested by

Host: d2p1qyxxogka01.cloudfront.net
URL: https://d2p1qyxxogka01.cloudfront.net/js/spa.gpr.min.js?v=797005938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:11::6817:8a13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://app.hotspotshield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-methods: OPTIONS, GET, POST
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
cf-ray: 8c88e22d79119f2b-FRA
access-control-request-method: *
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: 8oWLJKS2PcHpGkWkl9gJvUaHSbBf_cjOhNPgvV5OQETbtCiLC39-0w==
date: Wed, 25 Sep 2024 06:16:06 GMT
x-amz-cf-pop: FRA60-P1
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: origin, x-csrftoken, content-type, accept

GET
H2 200 gdpr-v2.js Show response
d2p1qyxxogka01.cloudfront.net/js/ 9 KB
4 KB 82ms
76ms Script
application/javascript 2600:9000:2251:1a00:18:24b:e840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2p1qyxxogka01.cloudfront.net/js/gdpr-v2.js

Requested by

Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/js/bundle.js?v=797005938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:1a00:18:24b:e840:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcf735d5e931f19ad3727404730708e7dcaeec77c17ce4ff3dcec82b5941989f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

content-encoding: gzip
cf-bgj: minify
etag: W/"66f2d115-2c59"
age: 55094
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Wed, 25 Sep 2024 09:16:05 GMT
cf-polished: origSize=11353
x-cache: Miss from cloudfront
x-amz-cf-id: Ky7xKTBnCXN20_U6jfqVf_fQWMVJluQKMD_cEiqwKhCbFVxeO2_ZKA==
date: Wed, 25 Sep 2024 06:16:05 GMT
content-type: application/javascript
last-modified: Tue, 24 Sep 2024 14:47:49 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=10800
via: hotspotshield-5948f5898c-rfcqj, 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cf-ray: 8c88e22b5f0235e7-FRA
x-amz-cf-pop: FRA60-P3
server: cloudflare

GET
H2 401 info Show response
app.hotspotshield.com/api/user/ 100 B
542 B 687ms
680ms XHR
application/json 18.245.86.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hotspotshield.com/api/user/info

Requested by

Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/js/bundle.js?v=797005938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-108.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

5f9c47584228446d6da8452f15152572a5849d443bb3182573c2dda15d6436f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

sentry-trace: 99a1018b6b86499ba0e08359850c33e2-9350865ec0388654-0
Referer: https://app.hotspotshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Accept: application/json, text/plain, */*
baggage: sentry-environment=production,sentry-public_key=7aafa0e4a0c54058a064d14933308f98,sentry-trace_id=99a1018b6b86499ba0e08359850c33e2,sentry-sample_rate=0.1,sentry-sampled=false

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, no-cache, private
pragma: no-cache
afs: 01f0b9e45d35086973689480d7455dc1
via: 1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
expires: Thu, 19 Nov 1981 08:52:00 GMT
x-cache: Error from cloudfront
x-amz-cf-id: Zz_vNmnR8xl1RHzvTN7MAaZBxeqnnhOljbARCQhdvERSUIp0Ac7fEQ==
date: Wed, 25 Sep 2024 06:16:06 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P6
server: nginx
x-frame-options: DENY

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 347 KB
117 KB 387ms
121ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2M4SV5

Requested by

Host: d2p1qyxxogka01.cloudfront.net
URL: https://d2p1qyxxogka01.cloudfront.net/js/gdpr-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

641fa4d27c194452431ec067ce933f956a0fd2ae2d49f56b7e8b21a3c57ca57d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

content-encoding: br
expires: Wed, 25 Sep 2024 06:16:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 06:16:06 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 25 Sep 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 119713
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 39D315_1_0.woff2
app.hotspotshield.com/fonts/Gordita/webfonts/ 46 KB
46 KB 52ms
28ms Font
application/octet-stream 18.245.86.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hotspotshield.com/fonts/Gordita/webfonts/39D315_1_0.woff2

Requested by

Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-108.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

cfd331c3d10a660b39bf355bae991de859464d729b4480954aa56d7591b207f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	ALLOW-FROM https://hsselite.zendesk.com/

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Origin: https://app.hotspotshield.com
Referer: https://app.hotspotshield.com/

Response headers

etag: "66f2b0de-b609"
age: 2475
expires: Wed, 25 Sep 2024 06:34:51 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: oqx6egdxvc0c33fG-pePLyBqQ3IcRgiq0TxwLodo5vlMBC-jHOhRBw==
date: Wed, 25 Sep 2024 05:54:45 GMT
content-type: application/octet-stream
vary: Accept-Encoding
last-modified: Tue, 24 Sep 2024 12:30:22 GMT
x-frame-options: ALLOW-FROM https://hsselite.zendesk.com/
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=3600
content-security-policy-report-only: default-src https:; connect-src https: wss:; script-src https: 'unsafe-eval' 'unsafe-inline'; worker-src blob:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri https://www.hsselite.com/csp-report
via: 1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 46601
x-amz-cf-pop: FRA60-P6
server: nginx

GET
H2 200 39D315_0_0.woff2
app.hotspotshield.com/fonts/Gordita/webfonts/ 46 KB
47 KB 69ms
16ms Font
application/octet-stream 18.245.86.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hotspotshield.com/fonts/Gordita/webfonts/39D315_0_0.woff2

Requested by

Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-108.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

c409b7649c6d470ad2eaa9704469a61457875d9989341632741a76fa87cac256

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	ALLOW-FROM https://hsselite.zendesk.com/

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Origin: https://app.hotspotshield.com
Referer: https://app.hotspotshield.com/

Response headers

etag: "66f2b0de-b7ce"
age: 2475
expires: Wed, 25 Sep 2024 06:34:51 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 1E4-HVwBvnVJ4C321inNFj4CfUtp92LYsOjbzABMK2ramOAPqt1FXQ==
date: Wed, 25 Sep 2024 05:54:45 GMT
content-type: application/octet-stream
vary: Accept-Encoding
last-modified: Tue, 24 Sep 2024 12:30:22 GMT
x-frame-options: ALLOW-FROM https://hsselite.zendesk.com/
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=3600
content-security-policy-report-only: default-src https:; connect-src https: wss:; script-src https: 'unsafe-eval' 'unsafe-inline'; worker-src blob:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri https://www.hsselite.com/csp-report
via: 1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 47054
x-amz-cf-pop: FRA60-P6
server: nginx

GET
H2 200 hss-logo.svg
app.hotspotshield.com/img/logos/ 8 KB
4 KB 59ms
6ms Image
image/svg+xml 18.245.86.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.hotspotshield.com/img/logos/hss-logo.svg

Requested by

Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-108.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

b81756e4bd1365fb0963bd2aab245b9d50082ebc7c6c624c62a7f2b4c4bcc9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	ALLOW-FROM https://hsselite.zendesk.com/

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/sign-in

Response headers

content-encoding: gzip
etag: W/"66f2b0de-2112"
age: 2943
expires: Wed, 25 Sep 2024 06:27:03 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: vAvHbMwI7KnJvpqZVbHC2rZkLUFjboH1HJJe3Jo0J_RL7GCTrYWBag==
date: Wed, 25 Sep 2024 05:54:45 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 24 Sep 2024 12:30:22 GMT
x-frame-options: ALLOW-FROM https://hsselite.zendesk.com/
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=3600
content-security-policy-report-only: default-src https:; connect-src https: wss:; script-src https: 'unsafe-eval' 'unsafe-inline'; worker-src blob:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri https://www.hsselite.com/csp-report
via: 1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
server: nginx

GET
H2 200 client Show response
accounts.google.com/gsi/ 227 KB
86 KB 643ms
162ms Script
application/javascript 2a00:1450:4013:c18::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/js/bundle.js?v=797005938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c18::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a631c4f7459b56e225cf7e981714934312027c6e16639eb02429ab44c049ce98

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-95osbHA36hluca2UQmbyfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-95osbHA36hluca2UQmbyfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=1800
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Wed, 25 Sep 2024 06:16:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Wed, 25 Sep 2024 06:16:06 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK appleid.auth.js Show response
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 42 KB
17 KB 804ms
137ms Script
application/javascript 184.30.208.159
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js

Requested by

Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/js/bundle.js?v=797005938

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.30.208.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-208-159.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: public, max-age=86400,stale-while-revalidate=86400
Content-Encoding: gzip
ETag: W/"43171-1726530311681"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 17356
Date: Wed, 25 Sep 2024 06:16:07 GMT
Content-Type: application/javascript;charset=UTF-8
Last-Modified: Mon, 16 Sep 2024 23:45:11 GMT
Server: Apple
Vary: accept-encoding

POST
H2 200 gpr
www.hotspotshield.com/ 0
136 B 129ms
97ms Ping
text/plain 2606:4700:11::6817:8a13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotspotshield.com/gpr?data=

Requested by

Host: d2p1qyxxogka01.cloudfront.net
URL: https://d2p1qyxxogka01.cloudfront.net/js/spa.gpr.min.js?v=797005938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:11::6817:8a13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://app.hotspotshield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-methods: OPTIONS, GET, POST
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
cf-ray: 8c88e230dc649f2b-FRA
access-control-request-method: *
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: 7cMq4Knm-vlvSe4wMk3Vt-FsjlNBjuiAmzslS_IepkFQy3p8ictvRg==
date: Wed, 25 Sep 2024 06:16:06 GMT
x-amz-cf-pop: FRA60-P1
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: origin, x-csrftoken, content-type, accept

POST
H2 200 gpr
www.hotspotshield.com/ 0
137 B 178ms
147ms Ping
text/plain 2606:4700:11::6817:8a13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotspotshield.com/gpr?data=

Requested by

Host: d2p1qyxxogka01.cloudfront.net
URL: https://d2p1qyxxogka01.cloudfront.net/js/spa.gpr.min.js?v=797005938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:11::6817:8a13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://app.hotspotshield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-methods: OPTIONS, GET, POST
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
cf-ray: 8c88e230dc659f2b-FRA
access-control-request-method: *
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: 2qR6wjHFRcP7k_EEqN75iqYMR59S7BXNh2eoX2Z8Xnkmrk3_zlbh8g==
date: Wed, 25 Sep 2024 06:16:06 GMT
x-amz-cf-pop: FRA60-P1
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: origin, x-csrftoken, content-type, accept

GET
H2 200 controller-with-preconnect-b49317380ba8946a72a1bc61bce8261c.html
js.stripe.com/v3/ Frame CF29 0
0 159ms
12ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-b49317380ba8946a72a1bc61bce8261c.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.hotspotshield.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 10
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 403
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 25 Sep 2024 06:16:06 GMT
etag: "b49317380ba8946a72a1bc61bce8261c"
last-modified: Tue, 24 Sep 2024 23:29:04 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 4
x-content-type-options: nosniff
x-request-id: fdcbfa69-5e39-41a5-aa63-5ab58796e451
x-served-by: cache-fra-etou8220130-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
100 KB 353ms
222ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DELK9F8HW3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2M4SV5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6dd91faeed694d6ea1aabb73663a7cf4a3163996bf7b0b665bee61cc3f95b213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Wed, 25 Sep 2024 06:16:06 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102125
date: Wed, 25 Sep 2024 06:16:06 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 855ms
189ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2M4SV5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
content-encoding: gzip
age: 2992
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 25 Sep 2024 07:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
date: Wed, 25 Sep 2024 05:26:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
server: Golfe2
vary: Accept-Encoding

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
15 KB 856ms
189ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2M4SV5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "803483b3aaadb1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 36EBA6CA519941A5AF6C559303BA9D6A Ref B: FRA31EDGE0809 Ref C: 2024-09-25T06:16:07Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14402
date: Wed, 25 Sep 2024 06:16:06 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 15:43:41 GMT
vary: Accept-Encoding

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 246 KB
87 KB 339ms
222ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-714949573&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2M4SV5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

126cd5c99c57b0264ed10697651ee42a3d477b88117a3e09842d2487633c26f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

content-encoding: br
expires: Wed, 25 Sep 2024 06:16:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 06:16:06 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 25 Sep 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 88976
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 32 KB
8 KB 524ms
9ms Script
application/javascript 2606:4700::6811:1fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:1fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26db36707844fa367f47c47b4b614db27a608286fe71d9ff8c3012dbe71c5499

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"234346615b452270c8ee1158258c83bb"
age: 295
x-cache: Hit from cloudfront
x-amz-cf-id: RGVXItuwTMLrXr12Jqtl9fsZ-MAOO656x9dkH-4meXNewjkvxE2cOg==
date: Wed, 25 Sep 2024 06:16:07 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 15:47:53 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=300
via: 1.1 7ccd3c44ed70cdb4cd40f0ff29b1254c.cloudfront.net (CloudFront)
cf-ray: 8c88e235b8838ed0-FRA
x-amz-cf-pop: FRA60-P10
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 369ms
43ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68fdc316e5a11d1e2430511eaf2b62d8a1b8de21814924a567473ecb3c4b4fae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Wed, 25 Sep 2024 06:16:07 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: MODERATE; q=0.3, rtt=150, rtx=0, c=24, mss=1232, tbw=8261, tp=14, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: kFReWnoQ1DONbKZjcoGGICG6X9P7fzd8ikWWKidtw3G/Y9vjQlg826zV2sDJxQuJUUWXbw1CYIMJZAuUk8Hbvg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer: 0
document-policy: force-load-at-top
content-length: 58975
x-xss-protection: 0

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 818ms
304ms Script
application/javascript 23.213.161.216
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE9O4AJC77UA05ON0BI0&lib=ttq
Requested by: Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-216.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4eabf825529d7ad616d0a3af2a5d08eb0510f7964c51ddc02f02571d4065c978

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-215.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
expires: Wed, 25 Sep 2024 06:16:07 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=123, origin; dur=13, inner; dur=3
x-cache: TCP_MISS from a23-213-160-210.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
date: Wed, 25 Sep 2024 06:16:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 79db2f3d.247e5117
x-tt-trace-host: 01d9080a2d25d242f218926392faff9e6d63147dc4241b85399dba240c963c04edafe93e8452b7a286e7339b8abbc2c71fef01fed85ecfc6715d44f37adb145d117fe4756ebd2861e069442a162965af0b411f993bd2b92f0b773ec065d74e5aedd00b35fdbef5b6bad10b00a5367f1c86
x-origin-response-time: 13,23.220.104.215
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240925061607D518D2B095EB5CAB0968-1327C1FDE996EA44-00
content-length: 1739
x-parent-response-time: 136,23.213.160.210
x-tt-logid: 20240925061607D518D2B095EB5CAB0968
server: nginx

GET
H2 200 / Show response
prism.app-us1.com/ 0
313 B 514ms
237ms Script
application/javascript 2606:4700::6811:1fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=800646021&u=https%3A%2F%2Fapp.hotspotshield.com%2Fsign-in

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:1fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.29

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache, private
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 68
cf-ray: 8c88e237fe6bd370-FRA
content-length: 0
date: Wed, 25 Sep 2024 06:16:07 GMT
content-type: application/javascript
x-powered-by: PHP/8.1.29
server: cloudflare

GET
H2 200 main.MWE3ZGFjMzZkMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 336 KB
94 KB 105ms
89ms Script
application/javascript 23.213.161.216
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE3ZGFjMzZkMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE9O4AJC77UA05ON0BI0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-216.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c6403368f879c7beeac34230a15e8c034ffe4b53cb12e1aa164c5d40095f5c6f

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

x-cache: TCP_MEM_HIT from a23-213-160-210.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id: 00-2409241250253CA4BFFFEAF2A53B8D65-247BA6DC6BBC6CAF-00
content-length: 95191
date: Wed, 25 Sep 2024 06:16:07 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202409241250253CA4BFFFEAF2A53B8D65
server: nginx
x-akamai-request-id: 247e552a
x-tt-trace-host: 015d0cdb0652eeb4a45d6450cf948bf362fe15e1b96a7f6ec2beabbf19ad10603833a1fe667ffb0af16d44c5585c7cb8903de0d34eedaa489d205b71d7cb3d92ac73271780122d71a745b98b62cf2f5e5d2a1d80405524fb90a4dcf3f14ed921c8

GET
H2 200 52013101.js Show response
bat.bing.com/p/action/ 370 B
429 B 119ms
51ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/52013101.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a791796f72eea3c5febcbe84acc17e5e8e434e71036ea481b168dc4f41f12a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 10AEC403FE424FB380A168F3EF410D0D Ref B: FRA31EDGE0809 Ref C: 2024-09-25T06:16:07Z
x-cache: CONFIG_NOCACHE
date: Wed, 25 Sep 2024 06:16:07 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H3 200 1142332929694473 Show response
connect.facebook.net/signals/config/ 73 KB
15 KB 72ms
62ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1142332929694473?v=2.9.167&r=stable&domain=app.hotspotshield.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3ca3f54006e12f5c61281f3041dcf640abdda71e7cea9ebbfb6a8e3f15b2d3cc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Wed, 25 Sep 2024 06:16:08 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=59, rtx=4, c=74, mss=1232, tbw=75807, tp=72, tpl=4, uplat=1, ullat=-1
pragma: public
x-fb-debug: vrIT1UHkeLa6Kgi//56vJdfFi7prlb/NHJ8qmfaYV4cz6RkP7guUp2yrRtWOIXvf3hNR12qU6ZquiXFxEeVY/g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 14742
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
212 B 76ms
42ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1778304649&t=pageview&_s=1&dl=https%3A%2F%2Fapp.hotspotshield.com%2Fsign-in&ul=de-de&de=UTF-8&dt=Sign%20in&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAEK~&jid=1244733887&gjid=2092913342&cid=1609357810.1727244968&tid=UA-246226-92&_gid=1923847845.1727244968&_r=1&_slc=1&gtm=45He49n0n81T2M4SV5v77009789za200&cd6=1727244966779.0yckujnu&cd7=1727244966&cd8=exta5681750-7b05-11ef-b04b-5729aba5857e&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&cd5=1609357810.1727244968&npa=1&z=1873348020

Requested by

Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/js/bundle.js?v=797005938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Content-Type: text/plain
Referer: https://app.hotspotshield.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://app.hotspotshield.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
date: Wed, 25 Sep 2024 06:16:08 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 style
accounts.google.com/gsi/ 533 B
609 B 76ms
38ms Stylesheet
text/css 2a00:1450:4013:c18::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c18::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-BvbejJZb3abjpHr0JSHPQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-BvbejJZb3abjpHr0JSHPQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=86400
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Wed, 25 Sep 2024 06:16:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Wed, 25 Sep 2024 06:16:08 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 button
accounts.google.com/gsi/ Frame 07FF 0
0 173ms
72ms Document
text/html 2a00:1450:4013:c18::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/button?theme=outline&size=large&width=375&logo_alignment=center&context=signin&text=Sign%20in%20with%20Google&client_id=821760748138-i4k146uvkoqnk0f20uq87g88ls5svsa6.apps.googleusercontent.com&iframe_id=gsi_968149_686099&as=A%2BV1Rexjl3by%2FIE460jy6w

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c18::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nA7LL4_cOHaKwGv-q-Q6KA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.hotspotshield.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-nA7LL4_cOHaKwGv-q-Q6KA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: same-site
date: Wed, 25 Sep 2024 06:16:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 392ms
39ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DELK9F8HW3&gtm=45je49n0v9120696703z877009789za200zb77009789&_p=1727244965791&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035&cid=1609357810.1727244968&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1727244968&sct=1&seg=0&dl=https%3A%2F%2Fapp.hotspotshield.com%2Fsign-in&dt=Sign%20in&en=page_view&_fv=1&_ss=2&tfd=6950
Requested by: Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/js/bundle.js?v=797005938
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://app.hotspotshield.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 Sep 2024 06:16:08 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 identify_7bf75739.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 63ms
63ms Script
application/javascript 23.213.161.216
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE3ZGFjMzZkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-216.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

x-cache: TCP_MEM_HIT from a23-213-160-210.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id: 00-24083002252950025D613AEAED5E2E70-5FCAA6CF46C69E27-00
content-length: 39330
date: Wed, 25 Sep 2024 06:16:08 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2024083002252950025D613AEAED5E2E70
server: nginx
x-akamai-request-id: 247e5e85
x-tt-trace-host: 0143abac0f4003bd96af5c29253b82c47e8db99c3db24377a0ec0f593a97ff9053ed8bacb2facd45510bd70fd5888da7ef0bb467635bf5910beb0397f1ea6f235de9eceeaeab5dc847218a3c21479232eaedc14dee6e452a6b12499eec72aa4719

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
718 B 211ms
209ms Ping
text/plain 23.213.161.216
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE3ZGFjMzZkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-216.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://app.hotspotshield.com/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Wed, 25 Sep 2024 06:16:08 GMT
server-timing: inner; dur=26, cdn-cache; desc=MISS, edge; dur=10, origin; dur=140
x-cache: TCP_MISS from a23-213-160-210.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
date: Wed, 25 Sep 2024 06:16:08 GMT
x-akamai-request-id: 247e5ec0
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01d9080a2d25d242f218926392faff9e6d785ee943fc013203f3d6b8a8471326227121a39f5902937556e63cf881a1ea70a60b537d343765c24050c1562ab124dd21d0b4e6811cf7ca8d0989e0eeb8ca63dccfe8ddddad41c3d595a1696c2ba1c4
x-origin-response-time: 140,23.213.160.210
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-240925061608195075C37252747FCAFE-45AB61E112A17247-00
content-length: 0
x-tt-logid: 20240925061608195075C37252747FCAFE
server: nginx

GET
H2 204 0
bat.bing.com/action/ 0
179 B 165ms
114ms Image
text/plain 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=52013101&tm=gtm002&Ver=2&mid=29916a6e-af5d-4e91-bd2a-a6243be75fd2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Sign%20in&p=https%3A%2F%2Fapp.hotspotshield.com%2Fsign-in&r=&lt=3776&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=721356

Requested by

Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/sign-in

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E003D2A9D0A04B6EBDD61F0F1DCB1F8E Ref B: FRA31EDGE0809 Ref C: 2024-09-25T06:16:08Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Wed, 25 Sep 2024 06:16:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 287ms
24ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1142332929694473&ev=PageView&dl=https%3A%2F%2Fapp.hotspotshield.com%2Fsign-in&rl=&if=false&ts=1727244968627&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1727244968578.432158492391127788&cs_est=true&ler=empty&cdl=API_unavailable&it=1727244967981&coo=false&rqm=GET

Requested by

Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1328, tbw=2818, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 25 Sep 2024 06:16:08 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 539ms
276ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1142332929694473&ev=PageView&dl=https%3A%2F%2Fapp.hotspotshield.com%2Fsign-in&rl=&if=false&ts=1727244968627&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1727244968578.432158492391127788&cs_est=true&ler=empty&cdl=API_unavailable&it=1727244967981&coo=false&rqm=FGET

Requested by

Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7418460651216630585"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 25 Sep 2024 06:16:09 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: tqB0XOPbu+A3ZJCAdgKuENd0JqbZ2wWoAelum4waT3lBHM+2jxIJ+TPCxKGHj54YFFFDkNqtnjgH5ZTmAKd5oQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7418460651216630585", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1328, tbw=3136, tp=-1, tpl=-1, uplat=248, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
876 B 162ms
151ms Ping
text/plain 23.213.161.216
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE3ZGFjMzZkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-216.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://app.hotspotshield.com/

Response headers

x-cache-remote: TCP_MISS from a23-220-104-203.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Wed, 25 Sep 2024 06:16:08 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=110, origin; dur=22, inner; dur=18
x-cache: TCP_MISS from a23-213-160-210.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
date: Wed, 25 Sep 2024 06:16:08 GMT
x-akamai-request-id: 366e3b5.247e6286
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01d9080a2d25d242f218926392faff9e6d63147dc4241b85399dba240c963c04eddfafbc799061f092c9d26e04720974047b819fd048c4c85fdc01f7ef1c92313af45820ab609d51e8632dcd67e4efc20e876644134a8bfe7899d6cfce57d5e97c2e97410ec6d31584019b1f07eb732f52
x-origin-response-time: 22,23.220.104.203
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2409250616086251E48E6800D1A04042-63DF52AF812C1438-00
content-length: 0
x-parent-response-time: 119,23.213.160.210
x-tt-logid: 202409250616086251E48E6800D1A04042
server: nginx

GET
H2 200 nr-rum-1.266.0.min.js Show response
js-agent.newrelic.com/ 48 KB
16 KB 85ms
30ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-rum-1.266.0.min.js

Requested by

Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a3ee54c213b3cd9dba3f85ff3180d86508d10355e05aea05007e69017f3e7659

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Origin: https://app.hotspotshield.com
Referer: https://app.hotspotshield.com/

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "a73fa66525c975545b7de6a28b8da6c9"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 15580
date: Wed, 25 Sep 2024 06:16:09 GMT
last-modified: Tue, 17 Sep 2024 14:19:27 GMT
content-type: application/javascript
x-served-by: cache-fra-eddf8230107-FRA
x-cache-hits: 43725
vary: Accept-Encoding

POST
H2 200 gpr
www.hotspotshield.com/ 0
159 B 132ms
127ms Ping
text/plain 2606:4700:11::6817:8a13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotspotshield.com/gpr?data=

Requested by

Host: d2p1qyxxogka01.cloudfront.net
URL: https://d2p1qyxxogka01.cloudfront.net/js/spa.gpr.min.js?v=797005938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:11::6817:8a13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://app.hotspotshield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-methods: OPTIONS, GET, POST
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
cf-ray: 8c88e2418e609f2b-FRA
access-control-request-method: *
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: bShnwKvN3wvUEisKCEsekYZ8_Uru8stvooFxGrfwBQ86lC3AxS1Plw==
date: Wed, 25 Sep 2024 06:16:09 GMT
x-amz-cf-pop: FRA60-P1
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: origin, x-csrftoken, content-type, accept

GET
H2 200 favicon.ico
app.hotspotshield.com/img/ 8 KB
9 KB 25ms
25ms Other
image/x-icon 18.245.86.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hotspotshield.com/img/favicon.ico?v=797005938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-108.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

2b27d36c554b28db91aef75eb82e51aa7e392c57791c5fe57689407b352dc0a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	ALLOW-FROM https://hsselite.zendesk.com/

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/sign-in

Response headers

etag: "66f2b0de-209c"
age: 1729
expires: Wed, 25 Sep 2024 06:47:20 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 9qfyUDhIAb180KkQJL1g3aSlBn4-YKcKi638ZNh-ZVVCMlhU0r64-w==
date: Wed, 25 Sep 2024 06:09:29 GMT
content-type: image/x-icon
vary: Accept-Encoding
last-modified: Tue, 24 Sep 2024 12:30:22 GMT
x-frame-options: ALLOW-FROM https://hsselite.zendesk.com/
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=3600
content-security-policy-report-only: default-src https:; connect-src https: wss:; script-src https: 'unsafe-eval' 'unsafe-inline'; worker-src blob:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri https://www.hsselite.com/csp-report
via: 1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 8348
x-amz-cf-pop: FRA60-P6
server: nginx

POST
H/1.1 200 NRJS-83fe0c24956d1dd3020 Show response
bam.nr-data.net/1/ 179 B
638 B 718ms
579ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-83fe0c24956d1dd3020?a=421867278&v=1.266.0&to=YgRTZkdTWUEFUBdfCVtOcFFBW1hcS3YPXxJQPVBCRV5eUQVHClkIaSBBQn1BRG4nXA1CFFoNXVdHbn5cAFYbdQlbFUNdWV5SQA%3D%3D&rst=7853&ck=0&s=f5c7c638a4d23f4b&ref=https://app.hotspotshield.com/sign-in&ptid=54fa4c3061a61901&ap=527&be=2197&fe=5537&dc=1579&at=TkNQEA9JSk8%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1727244961443,%22n%22:0,%22f%22:779,%22dn%22:782,%22dne%22:791,%22c%22:791,%22s%22:812,%22ce%22:872,%22rq%22:872,%22rp%22:2197,%22rpe%22:2207,%22di%22:3746,%22ds%22:3746,%22de%22:3776,%22dc%22:7731,%22l%22:7732,%22le%22:7734%7D,%22navigation%22:%7B%7D%7D&fp=4291&fcp=5067
Requested by: Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/js/bundle.js?v=797005938
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c28b4afa5ac77a814bb9703643d10365de90e8e357d4bd79106f9a2517cc072c

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
content-type: text/plain
Referer: https://app.hotspotshield.com/

Response headers

access-control-expose-headers: Date
timing-allow-origin: https://app.hotspotshield.com
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
cross-origin-resource-policy: cross-origin
access-control-allow-origin: https://app.hotspotshield.com
Content-Length: 179
date: Wed, 25 Sep 2024 06:16:09 GMT
content-type: text/plain
x-served-by: cache-fra-eddf8230159-FRA

GET
H3 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame FE4B 0
0 29ms
26ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.hotspotshield.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1562639
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 25 Sep 2024 06:16:11 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 257870
x-content-type-options: nosniff
x-request-id: f114b4b5-bcd4-4435-ba77-943409a1815e
x-served-by: cache-fra-etou8220047-FRA

GET
H2 200 trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js Show response
js.stripe.com/v3/fingerprinted/js/ 176 B
298 B 24ms
22ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Referer: https://app.hotspotshield.com/

Response headers

x-request-id: f3059543-eb96-45c6-915b-630cb77e732c
content-encoding: br
etag: "96f5b26d366f47393b3ff36fe7471474"
age: 111479
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Wed, 25 Sep 2024 06:16:14 GMT
last-modified: Thu, 21 Dec 2023 18:13:43 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-fra-etou8220132-FRA
x-cache-hits: 3984
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=31536000
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 127
server: Fastly

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 35ms
33ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DELK9F8HW3&gtm=45je49n0v9120696703z877009789za200zb77009789&_p=1727244965791&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035&cid=1609357810.1727244968&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&sid=1727244968&sct=1&seg=0&dl=https%3A%2F%2Fapp.hotspotshield.com%2Fsign-in&dt=Sign%20in&_s=2&tfd=12751
Requested by: Host: app.hotspotshield.com
URL: https://app.hotspotshield.com/js/bundle.js?v=797005938
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://app.hotspotshield.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://app.hotspotshield.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 25 Sep 2024 06:16:14 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.hotspotshield.com/	1970-01-21 00:30:36	Name: af_country Value: DE
.hotspotshield.com/	1970-01-21 00:47:24	Name: PHPSESSID Value: 3ebaf96d77ed15ca50c7d6548f181fc2
.hotspotshield.com/	1970-01-21 00:30:36	Name: hprchs_vstr_hsh Value: exta5681750-7b05-11ef-b04b-5729aba5857e
.hotspotshield.com/	1970-01-21 00:30:36	Name: af_pl Value: 3
.hotspotshield.com/	1970-01-21 00:30:36	Name: af_br Value: 1
.hotspotshield.com/	1969-12-31 23:59:59	Name: _GDPR_user_agreement Value:
.hotspotshield.com/	1969-12-31 23:59:59	Name: _GDPR_user_agreement_version Value:
.hotspotshield.com/	1969-12-31 23:59:59	Name: _GDPR_user_agreement_time Value:
.hotspotshield.com/	1969-12-31 23:59:59	Name: _GDPR_user_agreement_timezone Value:
.hotspotshield.com/	1970-01-21 01:57:00	Name: _gcl_au Value: 1.1.1718954777.1727244967
.tiktok.com/	1970-01-21 09:09:00	Name: _ttp Value: 2mYEAfDGye9k66faDEXE6Q0s6Xj
prism.app-us1.com/	1970-01-21 00:30:36	Name: prism_800646021 Value: c580faf5-ca15-4084-aea7-72c7b0f268e8
.hotspotshield.com/	1970-01-20 23:48:51	Name: _gid Value: GA1.2.1923847845.1727244968
.hotspotshield.com/	1970-01-20 23:47:25	Name: _gat_UA-246226-92 Value: 1
.hotspotshield.com/	1970-01-21 09:23:24	Name: _ga Value: GA1.1.1609357810.1727244968
.hotspotshield.com/	1970-01-21 09:09:00	Name: _tt_enable_cookie Value: 1
.hotspotshield.com/	1970-01-21 09:09:00	Name: _ttp Value: zQCh52ZyoxHRCmldMBo_m7s-KE0
.hotspotshield.com/	1970-01-21 01:57:00	Name: _fbp Value: fb.1.1727244968578.432158492391127788
.hotspotshield.com/	1970-01-21 09:23:24	Name: _ga_DELK9F8HW3 Value: GS1.1.1727244968.1.0.1727244969.0.0.0
m.stripe.com/	1970-01-21 09:23:24	Name: m Value: 27ec906d-2eeb-4c81-9a74-19acc827cf9e43becb
.app.hotspotshield.com/	1970-01-21 08:33:00	Name: __stripe_mid Value: 996f1ebc-04bc-48bb-80dc-4b381fee79c5a0f08b
.app.hotspotshield.com/	1970-01-20 23:47:26	Name: __stripe_sid Value: 80b669d4-63c5-4746-baed-2dd6ee1e8c179d4488

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://app.hotspotshield.com/api/user/info Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	DENY ALLOW-FROM https://hsselite.zendesk.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
analytics.tiktok.com
app.hotspotshield.com
appleid.cdn-apple.com
bam.nr-data.net
bat.bing.com
connect.facebook.net
d1bqg89p9tb8wl.cloudfront.net
d2p1qyxxogka01.cloudfront.net
diffuser-cdn.app-us1.com
js-agent.newrelic.com
js.stripe.com
prism.app-us1.com
region1.google-analytics.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.hotspotshield.com
151.101.128.176
151.101.192.176
162.247.243.29
18.245.86.108
184.30.208.159
2001:4860:4802:32::36
23.213.161.216
2600:9000:206f:2000:0:9ff4:b540:21
2600:9000:2251:1a00:18:24b:e840:21
2602:816:5001::39
2606:4700:11::6817:8a13
2606:4700::6811:1fae
2620:1ec:33::10
2a00:1450:4001:808::2008
2a00:1450:4001:82b::200e
2a00:1450:4013:c18::54
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
02959b6821696c21598ce6ec968c6276471b688bb6bf177013b1b8fdb6f56339
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
126cd5c99c57b0264ed10697651ee42a3d477b88117a3e09842d2487633c26f6
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
26db36707844fa367f47c47b4b614db27a608286fe71d9ff8c3012dbe71c5499
2b27d36c554b28db91aef75eb82e51aa7e392c57791c5fe57689407b352dc0a8
2f171ea32999957a20892e1f89f964ca3453380cc362fbdedef42f186d2c5888
3ca3f54006e12f5c61281f3041dcf640abdda71e7cea9ebbfb6a8e3f15b2d3cc
450bb536178cf8ba6a2a75fa234eb8c82cf74a2981c6b7c68645854280317dff
4eabf825529d7ad616d0a3af2a5d08eb0510f7964c51ddc02f02571d4065c978
5f9c47584228446d6da8452f15152572a5849d443bb3182573c2dda15d6436f8
641fa4d27c194452431ec067ce933f956a0fd2ae2d49f56b7e8b21a3c57ca57d
68fdc316e5a11d1e2430511eaf2b62d8a1b8de21814924a567473ecb3c4b4fae
6901220f56a3cf618c9f33fc9bb1bcb1119b6d0607a4ed5eb87530abf9235d64
6dd91faeed694d6ea1aabb73663a7cf4a3163996bf7b0b665bee61cc3f95b213
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
a3ee54c213b3cd9dba3f85ff3180d86508d10355e05aea05007e69017f3e7659
a631c4f7459b56e225cf7e981714934312027c6e16639eb02429ab44c049ce98
a791796f72eea3c5febcbe84acc17e5e8e434e71036ea481b168dc4f41f12a9c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b81756e4bd1365fb0963bd2aab245b9d50082ebc7c6c624c62a7f2b4c4bcc9f5
c28b4afa5ac77a814bb9703643d10365de90e8e357d4bd79106f9a2517cc072c
c409b7649c6d470ad2eaa9704469a61457875d9989341632741a76fa87cac256
c6403368f879c7beeac34230a15e8c034ffe4b53cb12e1aa164c5d40095f5c6f
cfd331c3d10a660b39bf355bae991de859464d729b4480954aa56d7591b207f4
d9af3f23bc4141fd78d1f803e1feda045f24c7273b8a643d331ee3ef982908e6
dcf735d5e931f19ad3727404730708e7dcaeec77c17ce4ff3dcec82b5941989f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deff6b98e3c719ae7ea7cb2fef8f4971586ef54602e87a2643e94b94535be329
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

app.hotspotshield.com Open in urlscan Pro 18.245.86.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

67 %IPv6

14 Domains

18 Subdomains

17 IPs

3 Countries

1436 kBTransfer

4457 kBSize

22 Cookies

3 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.hotspotshield.com Open in urlscan Pro
18.245.86.108 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

67 %
IPv6

14
Domains

18
Subdomains

17
IPs

3
Countries

1436 kB
Transfer

4457 kB
Size

22
Cookies

46 HTTP transactions
0 data transactions