r.honeygain.me Open in urlscan Pro
2606:4700:3035::6818:774f  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request RICHA9A5E1 Show response r.honeygain.me/	37 KB 8 KB	57ms 33ms	Document text/html	2606:4700:3035::6818:774f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:774f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 139004222c8753e791ec38b4b9247b6911b6ef0881d429eed1f03c87c2d25540 Request headers :method GET :authority r.honeygain.me :scheme https :path /RICHA9A5E1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Mon, 02 Nov 2020 02:15:46 GMT content-type text/html set-cookie __cfduid=df6940627bb5fb8556682e8832ac379381604283346; expires=Wed, 02-Dec-20 02:15:46 GMT; path=/; domain=.honeygain.me; HttpOnly; SameSite=Lax; Secure last-modified Fri, 25 Sep 2020 14:46:45 GMT vary Accept-Encoding cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 cf-cache-status DYNAMIC cf-request-id 062856460b00001782fa835000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=libaqeXEZp%2BDrgAXgvLZkTo4dRO4h6Cgi%2Fhe9kmGXY6%2BodfO69HGe%2FOI9XUTQxytY6yt6lbiqW1YQqHUW3zTuUiraWVk19m9xOsr93xr67BExbApcTw%2BVCvmrA%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5eba5983497f1782-FRA content-encoding br
GET H2	200	latofonts.css r.honeygain.me/assets/font/	1 KB 570 B	14ms 12ms	Stylesheet text/css	2606:4700:3035::6818:774f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/font/latofonts.css Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:774f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d9f2894db5089a5a0f3beba6c9544ac3c375edb18525cbc95342aca831e987e Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 02:15:46 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 393757 status 200 cf-request-id 062856463100001782dcb04000000001 last-modified Fri, 25 Sep 2020 14:46:45 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a38D3GcegbLWUTcl6tnR809Z56OeNLZnKZHrRpgpr9Il2wb1qHYOJ6nBkLjkXJpXWjQ4AhM7noRO1fHDbsGRWiwqxQhWx83N8RkAvm4t8yGvuJP0C%2Bs8S%2BvD9Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800 cf-ray 5eba598389a21782-FRA expires Wed, 04 Nov 2020 12:53:09 GMT
GET H2	200	reset.css r.honeygain.me/assets/style/	7 KB 2 KB	15ms 14ms	Stylesheet text/css	2606:4700:3035::6818:774f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/style/reset.css Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:774f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e3a49f0be535dbf4df69cd76e32ea3d61171b88a3886f4b3c2b6efce624b745 Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 02:15:46 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 421571 status 200 cf-request-id 06285646320000178209072000000001 last-modified Fri, 25 Sep 2020 14:46:45 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9I3tB0MgO2mrZWY3uk6bojjAg46WFDNkq3LC1%2F1XgPu5tNZM3mQJKWxbeQh02pHxuQOoQ%2FUCorMpsxZLjy4R2z9XHCTFMcygi4rmIF4Vl4FXc3p0IR59wtPNTg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800 cf-ray 5eba598389a31782-FRA expires Wed, 04 Nov 2020 05:09:35 GMT
GET H2	200	modal.css r.honeygain.me/assets/style/	3 KB 1 KB	11ms 10ms	Stylesheet text/css	2606:4700:3035::6818:774f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/style/modal.css Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:774f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1526e134419d59094af13750da144583e4b07511f9d22b82a164df6b8e260b01 Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 02:15:46 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 393757 status 200 cf-request-id 062856463200001782b53dd000000001 last-modified Fri, 25 Sep 2020 14:46:45 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FCR7lPAQ8X%2ByWJNrCKDvCGJxKYHaQtdxzvuAuX2trCk%2BVxAZ1Oh43tnz9Y4dW4ajy318vDzQplVmNfIPG3oP4ENJQfe3ScwytpmpZ1Bkavx3Qd%2FoU1GP2oq%2Byw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800 cf-ray 5eba598389a41782-FRA expires Wed, 04 Nov 2020 12:53:09 GMT
GET H2	200	style.css r.honeygain.me/assets/style/	7 KB 2 KB	14ms 13ms	Stylesheet text/css	2606:4700:3035::6818:774f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/style/style.css?v=3 Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:774f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 911d0501a55d0b47b4daee3fb7aa89b73b6d0b8ccbd7429116a0a0b921d4c1fd Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 02:15:46 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 384764 status 200 cf-request-id 062856463200001782cb3be000000001 last-modified Fri, 25 Sep 2020 14:46:45 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7gDuNwtg4r%2BLhIXV7U%2FT0V4K0YPZhDMG1d6xqIB%2B3owzbcaeMbqCcl5a3xd3kgXhXfSXMhqu6e9nn2tUxmFNJE%2Bj8WpMlpwUzQGPnfo78aulmJlgWs6xVkG%2FEQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800 cf-ray 5eba598389a51782-FRA expires Wed, 04 Nov 2020 15:23:02 GMT
GET H2	200	tp.widget.bootstrap.min.js Show response widget.trustpilot.com/bootstrap/v5/	20 KB 7 KB	119ms 38ms	Script application/x-javascript	52.85.32.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.32.5 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-32-5.ham50.r.cloudfront.net Software AmazonS3 / Resource Hash f52e1850f14b17fc45f243134ece0f4c22f0835cd787a0be727ddcd6c97924d2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 01 Nov 2020 07:28:59 GMT content-encoding gzip x-content-type-options nosniff age 67607 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront status 200 content-length 6578 x-xss-protection 1; mode=block last-modified Wed, 28 Oct 2020 07:28:43 GMT server AmazonS3 etag "b56c84ccc9b127c619294b1daf916e66" content-type application/x-javascript via 1.1 acc2c574ca468bfb1281581bb9fd9e8a.cloudfront.net (CloudFront) cache-control max-age=86400 x-amz-cf-pop HAM50-C1 accept-ranges bytes x-amz-cf-id 2hpeRXGR0oXkZt2knmMBAykGBU8c2BZSPUx-iM7kh-6hP9Z60PdGBQ==
GET H2	200	logo.svg r.honeygain.me/assets/img/	8 KB 3 KB	18ms 14ms	Image image/svg+xml	2606:4700:3035::6818:774f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/logo.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:774f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c546caec07099d8d6632b6249c74f29bad317f28062508239f550759e2b1e63 Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 02:15:46 GMT content-encoding br cf-cache-status HIT last-modified Fri, 25 Sep 2020 14:46:45 GMT server cloudflare age 4152 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pkU3DCRBewH78DEvXYC6mfN%2FdgNp4f9wCen%2FNoHka5p3SD%2FZxWJ1k6u07ZSk3%2BX9r6IPv%2BBQIFLMeBpkxT%2Fi%2Bh4Fb%2FoJZGcRUtPw8xuIZtYid0zW4M28t3QW4Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5eba598389b31782-FRA cf-request-id 062856463700001782b5bfa000000001
GET H2	200	star.svg r.honeygain.me/assets/img/	324 B 491 B	16ms 12ms	Image image/svg+xml	2606:4700:3035::6818:774f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/star.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:774f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b9a398a97d33786f05252fcf98a8b603860f974ac609e296664605be37e342db Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 02:15:46 GMT content-encoding br cf-cache-status HIT last-modified Fri, 25 Sep 2020 14:46:45 GMT server cloudflare age 4152 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7Buuht9IB%2B2cxxjDy39%2Bb7mXUIbSERWlYcJg%2BEKUI4BZES5ZxnxkCUBR3bhdZvGbZ5L4IjTArVWRLg%2Ba8biDZJy%2FjWqy08D3LVVllItpXhziWK75kIlaz3MkhQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5eba598389b41782-FRA cf-request-id 062856463700001782ffba6000000001
GET H2	200	img_sofa_money.svg r.honeygain.me/assets/img/	11 KB 4 KB	17ms 13ms	Image image/svg+xml	2606:4700:3035::6818:774f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/img_sofa_money.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:774f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8dc9f2d18de2ed41c8c476fded650cb4f3b8009e185a83f2916230143bc1832d Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 02:15:46 GMT content-encoding br cf-cache-status HIT last-modified Fri, 25 Sep 2020 14:46:45 GMT server cloudflare age 4152 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IWKhVdM6qUYRv%2BgkbZfTQVQxr8%2FO%2BYizpds%2BbAh3idCm2e%2BFVpyS8NfUzrwbcLxedHgsNtfQJlch43eE%2FtUxUaRBc1xKZnhMY6AO1FwMIJlCFfrx%2F48ukkfEvQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5eba598389b61782-FRA cf-request-id 06285646370000178206a8b000000001
GET H2	200	logo-white.svg r.honeygain.me/assets/img/	7 KB 3 KB	16ms 13ms	Image image/svg+xml	2606:4700:3035::6818:774f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/logo-white.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:774f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 165828643ff380762db5b7b63e56598dd370fefb0df9446b24d2f30e6724828e Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 02:15:46 GMT content-encoding br cf-cache-status HIT last-modified Fri, 25 Sep 2020 14:46:45 GMT server cloudflare age 4152 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tVAm%2B8w8%2BafV%2F7aj%2BD4GTJkyxQ5pM4v693OKAdcfGUJTh0cEB4jyHJBiL9hwlERYFv5I2e8w2oeDftTp6ZLRY84o%2FKMbchvr%2Fwubuq%2BbT93tIQ79Y8SdEOeFlQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5eba598389b71782-FRA cf-request-id 062856463700001782053c3000000001
GET H2	200	instagram.svg r.honeygain.me/assets/img/	3 KB 2 KB	18ms 15ms	Image image/svg+xml	2606:4700:3035::6818:774f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/instagram.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:774f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f9509b1f2fb4698a9c8e5ff926a039330b22ec0bc340e1024bdfb89eabd95318 Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 02:15:46 GMT content-encoding br cf-cache-status HIT last-modified Fri, 25 Sep 2020 14:46:45 GMT server cloudflare age 4152 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5OtDUpLl0UttkSsLa696fx53pHfmCMyPwiBW0x4aV2HUZfI%2BkeL1KDvwSLrbmmGMDzY3M8FhAcGmvBXMvFiwKg%2BIwZi5VqLLkUgjM%2B2pJo6Q5kassAgpAuDtkg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5eba598389b91782-FRA cf-request-id 062856463700001782bdac9000000001
GET H2	200	facebook.svg r.honeygain.me/assets/img/	2 KB 1 KB	14ms 11ms	Image image/svg+xml	2606:4700:3035::6818:774f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/facebook.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:774f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2e9485db22a4801386b6503609974fc35be4df7e6ed2a0fd5b2875474180376 Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 02:15:46 GMT content-encoding br cf-cache-status HIT last-modified Fri, 25 Sep 2020 14:46:45 GMT server cloudflare age 4152 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lYX8DOwUSbqGQQ4IcP3%2FfBixGXEPX0m429H5lN4B%2BoiJ7C3pUyB6T6ebSj9KHp8rsw%2F6iZtylhHNLXSYissz0dtaTS4dV%2BJRm1LjPIrdcqwYktBDrhZxmtU9nw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5eba598389ba1782-FRA cf-request-id 062856463800001782112b3000000001
GET H2	200	twitter.svg r.honeygain.me/assets/img/	1 KB 886 B	15ms 12ms	Image image/svg+xml	2606:4700:3035::6818:774f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/twitter.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:774f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84c80c9483681ef1046639b78bb180e8a4d4ab9e8f3eb8848d6952b986b7d2ca Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 02:15:46 GMT content-encoding br cf-cache-status HIT last-modified Fri, 25 Sep 2020 14:46:45 GMT server cloudflare age 4152 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TAcgMcxCfLEBdEe0Gnyh3q0ZbKUZoLiRNzpuaSSQNdJUjoDm9qPvnOxlDTCQXDBtQgzuqSzxuYJE%2FB0oD2Q1wBAn0mpo8JZmlb%2FN790yazJtqNCvCKitmMcPBw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5eba598389bb1782-FRA cf-request-id 062856463800001782261f0000000001
GET H2	200	background-comb.svg r.honeygain.me/assets/img/	2 KB 1 KB	14ms 11ms	Image image/svg+xml	2606:4700:3035::6818:774f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/background-comb.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:774f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 763cf337b291e35a08bda68f22053cc97b5e372961e0daac1c361c03d25b1682 Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 02:15:46 GMT content-encoding br cf-cache-status HIT last-modified Fri, 25 Sep 2020 14:46:45 GMT server cloudflare age 4152 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AusSXd7ybIUYh9Q4n7DtN3X1QwYYIa7J7XoKT5DTjsdo1LjzeEHYLxkZ7aBbGZo6lYLCXrW6ju%2BrugrrQkgVD32dRj%2F9HArqKals%2B1hlOEcsvBEWNHh7h%2Fo0GA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5eba598389bc1782-FRA cf-request-id 06285646380000178223a06000000001
GET H2	200	close.svg r.honeygain.me/assets/img/	314 B 477 B	13ms 11ms	Image image/svg+xml	2606:4700:3035::6818:774f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/close.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:774f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e65e5d6e7eabbb6e5f01eee3fd2f817bf2c40207862b0ca93fc4fd417b20b18c Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 02:15:46 GMT content-encoding br cf-cache-status HIT last-modified Fri, 25 Sep 2020 14:46:45 GMT server cloudflare age 4152 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SPGCdsZ1Ht6Xj6VfRg%2FMDJumxvRsFQvgSx8Ft5rNJ6evyLDZh5MhVfdHTYBOZkl%2Fboj6SGl%2FTpvdUEOTgxobjfqG%2F0yxk04wPqpruUqhWdFv2oIFv1lHbpVGKg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5eba598389bd1782-FRA cf-request-id 062856463800001782fbb4b000000001
GET H2	200	skeleton-screen.svg r.honeygain.me/assets/img/	406 B 424 B	15ms 13ms	Image image/svg+xml	2606:4700:3035::6818:774f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/skeleton-screen.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:774f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a7b3277b7abd4d5edfaf6b32a437e32afd318dd38920da4b8774b7887cbc4d5 Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 02:15:46 GMT content-encoding br cf-cache-status HIT last-modified Fri, 25 Sep 2020 14:46:45 GMT server cloudflare age 4152 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PmMP5H4NgLHLiQGIDSPf6ACWDhPqTgtSzoMN2y0uEibZjAQJNxaLc5H2oCI%2F%2FHoZFXRauGyE2EVLKPma9z%2BJqHCWoJ0t0zPNwl9UWO%2BXSyBTwlmp7Rsy4cGpVw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5eba598389be1782-FRA cf-request-id 06285646380000178219391000000001
GET H2	200	email-decode.min.js Show response r.honeygain.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	12ms 8ms	Script application/javascript	2606:4700:3035::6818:774f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:774f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 02:15:46 GMT content-encoding gzip vary Accept-Encoding nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 062856463600001782ed39d000000001 last-modified Tue, 27 Oct 2020 17:31:31 GMT server cloudflare etag W/"5f985973-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w66Li%2FRbqe0WWs%2FHHs2Avda%2FjWD5WlMmCt6U2ZpI9hIcvz3YoyqfEshi1KMXaSRii83egJuAoTXaQIHIifilYX%2FM3i5ZLfImS43kDMeycBDfGBLXwNPhxtw9iQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public cf-ray 5eba598389ae1782-FRA expires Wed, 04 Nov 2020 02:15:46 GMT
GET H2	200	micromodal.min.js Show response cdn.jsdelivr.net/npm/micromodal@0.3.2/dist/	5 KB 2 KB	10ms 6ms	Script application/javascript	2a04:4e42:1b::621 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/micromodal@0.3.2/dist/micromodal.min.js Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b97983141ab60fe651cb16850bd11d1a3a472aee6a43f2acdc0b2cf5d2eb2c17 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 367323 x-cache HIT, HIT status 200 cross-origin-resource-policy cross-origin content-length 2020 etag W/"154b-n3dCyO9apYwkviqmMdpnSalw07E" x-served-by cache-fra19126-FRA, cache-hhn4029-HHN date Mon, 02 Nov 2020 02:15:46 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	ajax.js Show response r.honeygain.me/	388 B 554 B	15ms 10ms	Script application/javascript	2606:4700:3035::6818:774f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/ajax.js Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:774f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 506fefe430b0c1ddf26ce246c97f4a497484bd9bdb59a66775f8e3a0265459b6 Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 02:15:46 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 393757 status 200 cf-request-id 062856463700001782d0a4e000000001 last-modified Fri, 25 Sep 2020 14:46:44 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uiZ3EnEK0eGJOuORuBn53tskGzxb%2F2QQ04eMn2Hdj%2F1KTWNBBPBsmvYSnjZhXDO3w1VRhCQlBYBclwHenFzi3%2FWBrtKQqBLKqm%2FQIVFngq%2BQONdzXoV3f9%2FKFw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=604800 cf-ray 5eba598389b11782-FRA expires Wed, 04 Nov 2020 12:53:09 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	95 KB 37 KB	17ms 15ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-140379814-2 Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e5eaab2ed22ec7360ab720d9ed7f4b415c325a885e8adda840f0502ab4cd977f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 02:15:46 GMT content-encoding br vary Accept-Encoding status 200 cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38219 x-xss-protection 0 last-modified Mon, 02 Nov 2020 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 02 Nov 2020 02:15:46 GMT
GET H2	200	Lato-Heavy.ttf r.honeygain.me/assets/font/fonts/	589 KB 590 KB	36ms 33ms	Font application/x-font-ttf	2606:4700:3035::6818:774f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/font/fonts/Lato-Heavy.ttf Requested by Host: r.honeygain.me URL: https://r.honeygain.me/assets/font/latofonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:774f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b2d1ea8ac370e573b4ac505c468759d74a0564efdb1df4784a50c098767e3fa Request headers Origin https://r.honeygain.me Referer https://r.honeygain.me/assets/font/latofonts.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 02:15:46 GMT cf-cache-status REVALIDATED last-modified Fri, 25 Sep 2020 14:46:45 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Yb4fkzheSKHtszlPlvttfH1FRKsKeowa9LkX94NLa5UVI7ne035PmcglH65oTcAM4bQY06d319hr%2BUe0hr9D%2BWSI4lLqMqodA934FZJ2tHq5qpoQkxhpBmnRPA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-font-ttf status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5eba5983a9cc1782-FRA cf-request-id 062856464a000017822712e000000001
GET H2	200	Lato-Bold2.ttf r.honeygain.me/assets/font/fonts/	72 KB 72 KB	29ms 27ms	Font application/x-font-ttf	2606:4700:3035::6818:774f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/font/fonts/Lato-Bold2.ttf Requested by Host: r.honeygain.me URL: https://r.honeygain.me/assets/font/latofonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:774f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b720599f8aed3bac5b9531fecf6750c8fa7e593b727739bc0692fcc0f55b678 Request headers Origin https://r.honeygain.me Referer https://r.honeygain.me/assets/font/latofonts.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 02:15:46 GMT cf-cache-status REVALIDATED last-modified Fri, 25 Sep 2020 14:46:45 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zBeVyHOj9EoP65Ll0eUlHDsDUCMQU2flBbfFhY6DAzRlb6cQW6zUhFIkcHRHvk3u72%2FUXqoTkatzOjN8za%2BbjIB7GaDBHOLSCQh6bSH%2FqD4ZTAw3zr0yvnXJcQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-font-ttf status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5eba5983a9cf1782-FRA cf-request-id 062856464b00001782d3a31000000001
GET H2	200	Lato-Regular.ttf r.honeygain.me/assets/font/fonts/	593 KB 594 KB	28ms 26ms	Font application/x-font-ttf	2606:4700:3035::6818:774f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/font/fonts/Lato-Regular.ttf Requested by Host: r.honeygain.me URL: https://r.honeygain.me/assets/font/latofonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:774f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 089ab6d4a57e0e6c4dd3b681b6fd50a5184f1b902429d35e1227e52d6ccad1bd Request headers Origin https://r.honeygain.me Referer https://r.honeygain.me/assets/font/latofonts.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 02:15:46 GMT cf-cache-status REVALIDATED last-modified Fri, 25 Sep 2020 14:46:45 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FxwyLBwFTYGw2UQ7Pf0rzEaCkLGDp4s7JE3%2B0G6ns1b%2BY%2Fp2k7ZQua%2FmZ8TTHhVoMjWs2t3369%2FRrgCBkSofeD7b5NISNMCulWMk5BDWrrnyydcb2dKCMmRNVg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-font-ttf status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5eba5983a9d01782-FRA cf-request-id 062856464b00001782dcb05000000001
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 18 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:816::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-140379814-2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 3598 date Mon, 02 Nov 2020 01:15:48 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Mon, 02 Nov 2020 03:15:48 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	2 B 102 B	13ms 13ms	XHR text/plain	2a00:1450:4001:816::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=871663163&t=pageview&_s=1&dl=https%3A%2F%2Fr.honeygain.me%2FRICHA9A5E1&ul=en-us&de=UTF-8&dt=Honeygain%20Referral%20%7C%20Claim%20your%20%245%20bonus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1993537501&gjid=1109752590&cid=195115468.1604283347&tid=UA-140379814-2&_gid=629495011.1604283347&_r=1&gtm=2oual2&z=1847234271 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 02 Nov 2020 02:15:46 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type text/plain access-control-allow-origin https://r.honeygain.me cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	index.html widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/ Frame 2012	0 0	39ms 39ms	Document text/html	52.85.32.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5db47bcc4de43a0001b54999 Requested by Host: widget.trustpilot.com URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.32.5 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-32-5.ham50.r.cloudfront.net Software AmazonS3 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority widget.trustpilot.com :scheme https :path /trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5db47bcc4de43a0001b54999 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://r.honeygain.me/RICHA9A5E1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://r.honeygain.me/RICHA9A5E1 Response headers status 200 content-type text/html content-length 1922 last-modified Thu, 22 Oct 2020 10:51:57 GMT x-amz-server-side-encryption AES256 content-encoding gzip accept-ranges bytes server AmazonS3 x-xss-protection 1; mode=block x-content-type-options nosniff date Mon, 02 Nov 2020 00:33:57 GMT etag "0f33c997f4a775ba9f06ec605e0a832c" cache-control max-age=86400 x-cache Hit from cloudfront via 1.1 acc2c574ca468bfb1281581bb9fd9e8a.cloudfront.net (CloudFront) x-amz-cf-pop HAM50-C1 x-amz-cf-id 6eWYxkRkoAQfRqwtL5Q1upmHP_zD2FXFO8S_biVjLkEdeDWqFp5A8A== age 26046
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 87 B	15ms 14ms	XHR text/plain	2a00:1450:400c:c07::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-140379814-2&cid=195115468.1604283347&jid=1993537501&gjid=1109752590&_gid=629495011.1604283347&_u=IEBAAUAAAAAAAC~&z=739938098 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 02 Nov 2020 02:15:46 GMT status 200 content-type text/plain access-control-allow-origin https://r.honeygain.me cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 256 B	20ms 19ms	Image image/gif	2a00:1450:4001:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-140379814-2&cid=195115468.1604283347&jid=1993537501&_u=IEBAAUAAAAAAAC~&z=403114476 Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 02 Nov 2020 02:15:46 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 106 B	17ms 16ms	Image image/gif	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-140379814-2&cid=195115468.1604283347&jid=1993537501&_u=IEBAAUAAAAAAAC~&z=403114476 Requested by Host: r.honeygain.me URL: https://r.honeygain.me/RICHA9A5E1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://r.honeygain.me/RICHA9A5E1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 02 Nov 2020 02:15:46 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| MicroModal function| getAjax object| termsText string| refCode object| elements function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| Trustpilot

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.honeygain.me/	1970-01-19 13:38:03	Name: _gat_gtag_UA_140379814_2 Value: 1
			.honeygain.me/	1970-01-20 07:09:15	Name: _ga Value: GA1.2.195115468.1604283347
			.honeygain.me/	1970-01-19 13:39:29	Name: _gid Value: GA1.2.629495011.1604283347
			.honeygain.me/	1970-01-19 14:21:15	Name: __cfduid Value: df6940627bb5fb8556682e8832ac379381604283346

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
r.honeygain.me
stats.g.doubleclick.net
widget.trustpilot.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
2606:4700:3035::6818:774f
2a00:1450:4001:80b::2008
2a00:1450:4001:816::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::2004
2a00:1450:400c:c07::9b
2a04:4e42:1b::621
52.85.32.5
089ab6d4a57e0e6c4dd3b681b6fd50a5184f1b902429d35e1227e52d6ccad1bd
0d9f2894db5089a5a0f3beba6c9544ac3c375edb18525cbc95342aca831e987e
139004222c8753e791ec38b4b9247b6911b6ef0881d429eed1f03c87c2d25540
1526e134419d59094af13750da144583e4b07511f9d22b82a164df6b8e260b01
165828643ff380762db5b7b63e56598dd370fefb0df9446b24d2f30e6724828e
1b2d1ea8ac370e573b4ac505c468759d74a0564efdb1df4784a50c098767e3fa
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
506fefe430b0c1ddf26ce246c97f4a497484bd9bdb59a66775f8e3a0265459b6
5a7b3277b7abd4d5edfaf6b32a437e32afd318dd38920da4b8774b7887cbc4d5
5e3a49f0be535dbf4df69cd76e32ea3d61171b88a3886f4b3c2b6efce624b745
6c546caec07099d8d6632b6249c74f29bad317f28062508239f550759e2b1e63
763cf337b291e35a08bda68f22053cc97b5e372961e0daac1c361c03d25b1682
7b720599f8aed3bac5b9531fecf6750c8fa7e593b727739bc0692fcc0f55b678
84c80c9483681ef1046639b78bb180e8a4d4ab9e8f3eb8848d6952b986b7d2ca
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8dc9f2d18de2ed41c8c476fded650cb4f3b8009e185a83f2916230143bc1832d
911d0501a55d0b47b4daee3fb7aa89b73b6d0b8ccbd7429116a0a0b921d4c1fd
b97983141ab60fe651cb16850bd11d1a3a472aee6a43f2acdc0b2cf5d2eb2c17
b9a398a97d33786f05252fcf98a8b603860f974ac609e296664605be37e342db
c2e9485db22a4801386b6503609974fc35be4df7e6ed2a0fd5b2875474180376
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e5eaab2ed22ec7360ab720d9ed7f4b415c325a885e8adda840f0502ab4cd977f
e65e5d6e7eabbb6e5f01eee3fd2f817bf2c40207862b0ca93fc4fd417b20b18c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f52e1850f14b17fc45f243134ece0f4c22f0835cd787a0be727ddcd6c97924d2
f9509b1f2fb4698a9c8e5ff926a039330b22ec0bc340e1024bdfb89eabd95318