r.honeygain.me Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://r.honeygain.me/LENIE61365
Submission: On July 24 via manual (July 24th 2024, 9:27:59 pm UTC) from DE — Scanned from NL

Summary HTTP 67 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 21 domains to perform 67 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is r.honeygain.me.
TLS certificate: Issued by WE1 on July 13th 2024. Valid for: 3 months.

This is the only time r.honeygain.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	108.156.2.123 108.156.2.123	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
17	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.71.104 172.67.71.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::60 2620:1ec:bdf::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.65.208.22 172.65.208.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2.18.64.26 2.18.64.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	108.156.2.80 108.156.2.80	16509 (AMAZON-02) (AMAZON-02)
1 3	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.65.202.201 172.65.202.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.238.60 172.65.238.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.219.229 172.65.219.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	172.175.38.6 172.175.38.6	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.65.240.166 172.65.240.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:320... 2a06:98c1:3200::90:0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.136 142.250.186.136	15169 (GOOGLE) (GOOGLE)
67	27

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

r.honeygain.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.2.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-2-123.mxp63.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

r.honeygain.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.71.104 (United States)

ASN13335 (CLOUDFLARENET, US)

ff.honeygain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.64.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-26.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.156.2.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-2-80.mxp63.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.132 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.219.229 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.175.38.6 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)

track-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3200::90:0 (United States)

ASN13335 (CLOUDFLARENET, US)

api-eu1.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	honeygain.me r.honeygain.me	797 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123	21 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 c.clarity.ms — Cisco Umbrella Rank: 1838 k.clarity.ms — Cisco Umbrella Rank: 18159	28 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 963	142 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	456 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	3 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 10	152 B
3	honeygain.com ff.honeygain.com — Cisco Umbrella Rank: 124014	2 KB
3	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 7072	7 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6716	128 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	73 KB
1	hubapi.com api-eu1.hubapi.com — Cisco Umbrella Rank: 41639	1 KB
1	hubspot.com track-eu1.hubspot.com — Cisco Umbrella Rank: 28501	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	274 B
1	hsadspixel.net js-eu1.hsadspixel.net — Cisco Umbrella Rank: 40376	4 KB
1	hs-analytics.net js-eu1.hs-analytics.net — Cisco Umbrella Rank: 28245	24 KB
1	hs-banner.com js-eu1.hs-banner.com — Cisco Umbrella Rank: 27842	26 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 341	775 B
1	gstatic.com fonts.gstatic.com	24 KB
1	hs-scripts.com js-eu1.hs-scripts.com — Cisco Umbrella Rank: 25412	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
67	21

	Domain	Requested by
20	r.honeygain.me	r.honeygain.me
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	analytics.tiktok.com	r.honeygain.me analytics.tiktok.com
4	www.googletagmanager.com	r.honeygain.me www.googletagmanager.com js-eu1.hsadspixel.net
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	www.google.com	1 redirects
3	ff.honeygain.com	r.honeygain.me
3	widget.trustpilot.com	r.honeygain.me widget.trustpilot.com
2	k.clarity.ms	analytics.tiktok.com
2	c.clarity.ms	1 redirects
2	www.google.de
2	region1.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	r.honeygain.me connect.facebook.net
2	www.clarity.ms	www.googletagmanager.com www.clarity.ms
1	api-eu1.hubapi.com	analytics.tiktok.com
1	track-eu1.hubspot.com
1	www.facebook.com
1	js-eu1.hsadspixel.net	js-eu1.hs-scripts.com
1	js-eu1.hs-analytics.net	js-eu1.hs-scripts.com
1	js-eu1.hs-banner.com	js-eu1.hs-scripts.com
1	c.bing.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	js-eu1.hs-scripts.com	www.googletagmanager.com
1	fonts.googleapis.com	r.honeygain.me
67	24

This site contains links to these domains. Also see Links.

Domain
dashboard.honeygain.com
www.trustpilot.com
www.honeygain.com
support.honeygain.com
apps.apple.com
galaxystore.samsung.com
www.facebook.com
www.instagram.com
twitter.com
discord.com
www.tiktok.com
www.youtube.com

Subject Issuer	Validity	Valid
honeygain.me WE1	`2024-07-13` - `2024-10-11`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.trustpilot.com Amazon RSA 2048 M03	`2024-01-03` - `2025-01-31`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
honeygain.com E6	`2024-06-27` - `2024-09-25`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
hs-scripts.com E1	`2024-05-31` - `2024-08-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-03` - `2024-08-01`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.google.de WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
hs-banner.com E1	`2024-05-30` - `2024-08-28`	3 months	crt.sh
hs-analytics.net WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
hsadspixel.net E6	`2024-06-14` - `2024-09-12`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
hubspot.com E5	`2024-07-21` - `2024-10-19`	3 months	crt.sh
hubapi.com E6	`2024-07-02` - `2024-09-30`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://r.honeygain.me/LENIE61365
Frame ID: 686E7A8B350999858F611FC9D29FCEA1
Requests: 65 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
Frame ID: 2D2F51EB89D65578BBC4D74CDDCFDECD
Requests: 1 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
Frame ID: F55ADD47B4B1123468A1A0097AFF9D6E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Passive Income – Effortlessly | Honeygain

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

67
Requests

96 %
HTTPS

41 %
IPv6

21
Domains

24
Subdomains

27
IPs

4
Countries

1613 kB
Transfer

5008 kB
Size

25
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://dashboard.honeygain.com/ref/LENIE61365
Title: Register

Search URL Search Domain Scan URL

URL: https://www.trustpilot.com/users/62b0aac1e373890012377e18
Title: Andryu Vera

Search URL Search Domain Scan URL

URL: https://www.trustpilot.com/users/62b052202bd0db0012a89908
Title: Matthew Talbot-Paine

Search URL Search Domain Scan URL

URL: https://www.trustpilot.com/users/629ff259d11c0d00110b8796
Title: ANNA LISA AGUILA

Search URL Search Domain Scan URL

URL: https://www.trustpilot.com/users/62aa989d574a300011984142
Title: Nicolas Ricardo

Search URL Search Domain Scan URL

URL: https://www.trustpilot.com/users/62a8eab231098800117ff350
Title: Marijan Kuzmanovski

Search URL Search Domain Scan URL

URL: https://www.trustpilot.com/users/62a801b645819b001204498e
Title: Boipelo Petros

Search URL Search Domain Scan URL

URL: https://www.honeygain.com/features/
Title: Earn more

Search URL Search Domain Scan URL

URL: https://www.honeygain.com/refer-a-friend/
Title: Refer a friend

Search URL Search Domain Scan URL

URL: https://www.honeygain.com/affiliates/
Title: Affiliates

Search URL Search Domain Scan URL

URL: https://www.honeygain.com/jumptask-mode/
Title: JumpTask Mode

Search URL Search Domain Scan URL

URL: https://www.honeygain.com/honeygain-review/
Title: Review

Search URL Search Domain Scan URL

URL: https://www.honeygain.com/about-us/
Title: About us

Search URL Search Domain Scan URL

URL: https://www.honeygain.com/what-is-honeygain/
Title: What is Honeygain

Search URL Search Domain Scan URL

URL: https://www.honeygain.com/blog/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.honeygain.com/download/
Title: Download

Search URL Search Domain Scan URL

URL: https://www.honeygain.com/swarmbytes
Title: Swarmbytes

Search URL Search Domain Scan URL

URL: https://www.honeygain.com/carebuzz/
Title: CareBuzz

Search URL Search Domain Scan URL

URL: https://www.honeygain.com/sdk/
Title: Honeygain SDK

Search URL Search Domain Scan URL

URL: https://support.honeygain.com/hc/en-us
Title: Support Center

Search URL Search Domain Scan URL

URL: https://support.honeygain.com/hc/en-us/articles/360011188679-How-to-start-
Title: How to start?

Search URL Search Domain Scan URL

URL: https://support.honeygain.com/hc/en-us/sections/360003343520-Payout-questions
Title: Payout process

Search URL Search Domain Scan URL

URL: https://www.honeygain.com/privacy-policy/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.honeygain.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/honeygain-make-money-online/id1479049768

Search URL Search Domain Scan URL

URL: https://galaxystore.samsung.com/detail/com.honeygain.passive.income

Search URL Search Domain Scan URL

URL: https://www.facebook.com/honeygainapp/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/honeygain_app/

Search URL Search Domain Scan URL

URL: https://twitter.com/Honeygain_App

Search URL Search Domain Scan URL

URL: https://discord.com/invite/j5xtRF2BcH

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@official_honeygain

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@Honeygain

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3tPt2t5&tag_exp=99312314&rnd=1400877619.1721856474&url=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&dma_cps=syphamo&dma=1&npa=0&gtm=45je47o0v9172071281z8811958282za200zb811958282&auid=445962269.1721856474&frm=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3tPt2t5&tag_exp=99312314&rnd=1400877619.1721856474&url=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&dma_cps=syphamo&dma=1&npa=0&gtm=45je47o0v9172071281z8811958282za200zb811958282&auid=445962269.1721856474&frm=0

Request Chain 51

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=90332FFBD97F482C98A961D5BC519510&RedC=c.clarity.ms&MXFR=009A201D6852632338E034DB6C526D96 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=90332FFBD97F482C98A961D5BC519510&MUID=1C72077F5F066F7B1BED13B95EC66EDE

Request Chain 58

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=515704137479053&ev=PageView&dl=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&rl=&if=false&ts=1721856474565&sw=1600&sh=1200&v=2.9.162&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1721856474563.516939534433668958&cs_est=true&ler=empty&cdl=API_unavailable&it=1721856474354&coo=false&rqm=FGET HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D515704137479053%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fr.honeygain.me%252FLENIE61365%26rl%26if%3Dfalse%26ts%3D1721856474565%26sw%3D1600%26sh%3D1200%26v%3D2.9.162%26r%3Dstable%26a%3Dtmgoogletagmanager%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1721856474563.516939534433668958%26cs_est%3Dtrue%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1721856474354%26coo%3Dfalse%26rqm%3DFGET

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request LENIE61365 Show response
r.honeygain.me/ 1 KB
1 KB 105ms
48ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r.honeygain.me/LENIE61365

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4989ae929de61eb7da9b31263163d459347b8d876f4b7b7ff9528c33438869c3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8a86ff2fffb39b1c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 24 Jul 2024 21:27:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dnTWYq4S9PUzgsyIiQ61op7nvxyrgODzrSh0rvkXFbUYEanXzwQM7mbqWJgVFap3c8n4tZPnZBstAVsOV1arhLeyFgXzP25RJZCfX1LVgr8ejMPvMg9Ztx%2BF97aDi0IAK%2B8sdGWc28NYOtV73Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 91ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Manrope:wght@400;500;700&display=swap

Requested by

Host: r.honeygain.me
URL: https://r.honeygain.me/LENIE61365

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab164a7daa1b4bc4dc7547c789460db5c393c72d639eafba0356dcd59507f998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jul 2024 21:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jul 2024 21:27:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jul 2024 21:27:53 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 109ms
34ms Script
application/x-javascript 108.156.2.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: r.honeygain.me
URL: https://r.honeygain.me/LENIE61365

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.2.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-2-123.mxp63.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 01:20:26 GMT
content-encoding: gzip
via: 1.1 8b15d366b8a05fea04eb2afabb997d46.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MXP63-P4
age: 72448
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6759
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
server: AmazonS3
etag: "15864ce88fa79a3e954417d0c3396798"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: oB2CRIWRptSJ6dyKucAqhMsFWQ1NriYLwBnz2lfDhkFCS7JYjRbYFQ==

GET
H2 200 index-4977ca3f.js Show response
r.honeygain.me/assets/ 2 MB
583 KB 48ms
47ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.honeygain.me/assets/index-4977ca3f.js
Requested by: Host: r.honeygain.me
URL: https://r.honeygain.me/LENIE61365
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e2f3d66b779f887242b6e545e29310b91e3c23362d27cb19e2a8134bfd36850

Request headers

Referer: https://r.honeygain.me/LENIE61365
Origin: https://r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:11:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 44579
etag: W/"667292a4-1d14c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kjcLcAW%2BVDvuMfh1RQOrbEoXl35STBQ2L0GYGwq%2FLQ%2BxBdXNOFaUDwlbUZgRi8ldGnpyqEcWWnCgotXe5r2vQSj7RbJHpnwW63AglgbBDeycRX%2Fg71xOHAAh2loTEg3asb39oGTyeP17S69oUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 8a86ff30681c9b1c-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jul 2024 09:04:54 GMT

GET
H2 200 index-56a71f99.css
r.honeygain.me/assets/ 53 KB
15 KB 33ms
33ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.honeygain.me/assets/index-56a71f99.css
Requested by: Host: r.honeygain.me
URL: https://r.honeygain.me/LENIE61365
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56a71f99a192f6eed27f88b9a14cd3a8ffc9e7a04269e9ba5e63c6e2ae27ea03

Request headers

Referer: https://r.honeygain.me/LENIE61365
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:11:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 435939
etag: W/"667292a4-d31f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IYGn32ldErt%2BhWPgLL4Xew9Rv1Mq%2FvGzBzUX1TgfQaMqaHzRdyb2U3GAmuRbZOdN%2FsP3c26nE%2B3g2BmEM5gpFs90V1myOqIszqmksl9It%2B5ceIDh%2FWevZ2bNRyD0BVeKubaHP8Uyjxac2rtYlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 8a86ff30681b9b1c-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 26 Jul 2024 20:22:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 409 KB
115 KB 103ms
49ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KQKKBZ4&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: r.honeygain.me
URL: https://r.honeygain.me/LENIE61365

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

66cefce936134aaca343dab9f43f1b9f8b8f982ef57b26f3b1ff2953fa4577b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117759
x-xss-protection: 0
last-modified: Wed, 24 Jul 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jul 2024 21:27:53 GMT

GET
H3 200 en-95084d8b.js Show response
r.honeygain.me/assets/ 7 KB
2 KB 36ms
35ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.honeygain.me/assets/en-95084d8b.js
Requested by: Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-4977ca3f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7347fe56bbf0d63b64027444251bfcd137da97fb31c39f7c0d22512ff52e7667

Request headers

Referer: https://r.honeygain.me/assets/index-4977ca3f.js
Origin: https://r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:11:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 416799
etag: W/"667292a4-1a6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wn4GLjnE65z1RlRGu2mzpj%2BgGl560I4jG%2BvdodbgRAZilbzBWZACyIvSJpOEp9nZqizfkf59lwS6VpkCyeMZkH%2B5uAkuEZiKmFvZ1pfBa3nvNptIUn6NLk12NG24hAv1kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 8a86ff319f665caa-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jul 2024 01:41:14 GMT

GET
H2 200 sdk-YT98zDqghSsvvQDf Show response
ff.honeygain.com/api/features/ 4 KB
2 KB 306ms
251ms Fetch
application/json 172.67.71.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ff.honeygain.com/api/features/sdk-YT98zDqghSsvvQDf

Requested by

Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-4977ca3f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

835ee12b72341d21a9b95cdece0f440fbec33ace8169481a231d96e519e8d101

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-sse-support: enabled
date: Wed, 24 Jul 2024 21:27:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"11fe-WjKieih50YGxYm6UuqDWPo5Cm7k"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FDnF6mjnKvhIrvcg4ENrnsskUG76bK3O9yi%2BmQBTTzrcVzFK9x2hV9MgzG%2FxIt2QDR1m3lI%2Fpqn1E1zuqVvqe6Ck8yCOrLcDGNKZCqicJN9QfAbg19E5BpDuR5idP5cZtE8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-sse-support
cf-ray: 8a86ff31ff7c3a70-FRA

GET
H3 200 sprite.svg
r.honeygain.me/ 79 KB
29 KB 39ms
38ms Other
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.honeygain.me/sprite.svg
Requested by: Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-4977ca3f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5870a74f9b205646aa7f9c9a2d4d0310b159ea77ef72ffdfcc212f0f3634ee07

Request headers

Referer: https://r.honeygain.me/LENIE61365
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:11:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 408011
etag: W/"667292a4-13a85"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GnMyLe4FChtxlX5Ky90ClvnWgRwn%2FiWIQTdyR1Iq6y6pltzpCCH5dQI8Y4HPkgfJa8ulFIS1HUDKT%2Fm%2Fx918KTI2ZQVI4s6vLedcR6EV58tfAZDw0rbjOutEQk5s2m79pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=604800
cf-ray: 8a86ff320fcd5caa-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jul 2024 04:07:42 GMT

GET
H3 200 register-step-08d9ebc6.js Show response
r.honeygain.me/assets/ 33 KB
12 KB 59ms
59ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.honeygain.me/assets/register-step-08d9ebc6.js
Requested by: Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-4977ca3f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc9c9c2ff94cceaa9fb62245a105a2c26b6e652c6eb3fea42d7207303367ff4c

Request headers

Referer: https://r.honeygain.me/assets/index-4977ca3f.js
Origin: https://r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:11:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 45550
etag: W/"667292a4-82c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R5OBh3l0VkrZTBn2mqt7xzS3hfzx%2BOBdr8RHbSv8rBVba2lWG1AzJxab7kessfRMVkfUlgCpY4Sl63dtwS5bc%2F0R27KeeEqU5zd7%2Bdwt1RCyafyDx6KWXkNrJ%2F27UWJy1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 8a86ff320fce5caa-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jul 2024 08:48:43 GMT

GET
H3 200 setup-step-0e6b9f6e.js Show response
r.honeygain.me/assets/ 15 KB
6 KB 58ms
58ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.honeygain.me/assets/setup-step-0e6b9f6e.js
Requested by: Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-4977ca3f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe8ec0638c40dc5d1fa0a0971125ae70dcd8e2a3caf8b96ed46a329bb1a905e

Request headers

Referer: https://r.honeygain.me/assets/index-4977ca3f.js
Origin: https://r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:11:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 45550
etag: W/"667292a4-3be1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6zVqgUYreDvvlWM4zEXJSWMEsHVr06CEgIilK122ZwO5K2%2BqBECph14rhssUb8RvGPRfDMUVf3Tm8LSiPn3mY0oIirL7n8veympM4YzzfBpsMY5FQ8px2DkTTknOn8k%2BkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 8a86ff320fd55caa-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jul 2024 08:48:43 GMT

GET
H3 200 gather-step-73d8638c.js Show response
r.honeygain.me/assets/ 53 KB
18 KB 79ms
79ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.honeygain.me/assets/gather-step-73d8638c.js
Requested by: Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-4977ca3f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 188dc4b3d35f06711669e7c4df694adcd5ff04d389c41c2cf30fdc584a369c23

Request headers

Referer: https://r.honeygain.me/assets/index-4977ca3f.js
Origin: https://r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:11:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 45550
etag: W/"667292a4-d5a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Udca6BNk%2B3Uaw7FtBGbY%2FE59l%2B0fbHYBIwkwOL4E7qpfiEeGnbCz1IWGp9b6uEQsDV3gaK4zdhVGREU4PlFk1VwzJtSsOjloDshQ1Cc4Mvkkcekj4%2B2DYllVrP44JF%2B%2Fuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 8a86ff320fd65caa-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jul 2024 08:48:43 GMT

GET
H3 200 registration-stats-1bd3434c.js Show response
r.honeygain.me/assets/ 4 KB
2 KB 81ms
80ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.honeygain.me/assets/registration-stats-1bd3434c.js
Requested by: Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-4977ca3f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ab616018dc9486c92f2f6288f7545d6ad948f644bdee02e68619454a0f734e

Request headers

Referer: https://r.honeygain.me/assets/index-4977ca3f.js
Origin: https://r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:11:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 45550
etag: W/"667292a4-1131"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=98CJS7uhktGwACrPsNPBUs2Sdue0LxF4v%2B6S9QBm1phmHAUkGPF17zaUR8zsMJEeBEUZ%2FuU7VF18ay%2B15RpP85DzqcjmPnt%2FvHuhHaSxhHfX%2BpoLU0rqe9vxcefheTSMVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 8a86ff320fd85caa-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jul 2024 08:48:43 GMT

GET
H3 200 money-stats-324047b4.js Show response
r.honeygain.me/assets/ 8 KB
4 KB 80ms
80ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.honeygain.me/assets/money-stats-324047b4.js
Requested by: Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-4977ca3f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 471ef233c63a63952b4dd8db8bbdf5b8114bd93d1d1c8a49827529f036a00195

Request headers

Referer: https://r.honeygain.me/assets/index-4977ca3f.js
Origin: https://r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:11:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 45550
etag: W/"667292a4-1f8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6I8Mhfu%2Fw3W64sRIq90uOCMGpGPC7UWmHfoyi%2FFF3ErOGK1k4gYiAFQp%2FnjWsGcOwrodUNxYLLK9GcUHJA4kJdZ8AoGNK4cFvBzfX4Xd81ooZ%2Bx5HvCXQhJM%2FcW93N2yPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 8a86ff320fd95caa-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jul 2024 08:48:43 GMT

GET
H3 200 earnings-stats-a0e353a8.js Show response
r.honeygain.me/assets/ 13 KB
6 KB 80ms
79ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.honeygain.me/assets/earnings-stats-a0e353a8.js
Requested by: Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-4977ca3f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 952d9d591e69bf860e7ad9af8780cf68cb978e9de9ae07a4198feca7b51aebcc

Request headers

Referer: https://r.honeygain.me/assets/index-4977ca3f.js
Origin: https://r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:11:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 212150
etag: W/"667292a4-331f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FKp7CcHe2O%2BrmhvS0tSqiP8vMwahhHJO27GNr1jCD%2Fdqt7mS%2BaaqsXdbqBdGNGXnGfw8h0pXcKvU9qi7iNRdv9NQyynkxff5avQwIYiQqfLDuHJBHzejqKkujBATjLWCKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 8a86ff320fda5caa-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 29 Jul 2024 10:32:03 GMT

GET
H3 200 reviews-11797dd5.js Show response
r.honeygain.me/assets/ 1 KB
1 KB 76ms
76ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.honeygain.me/assets/reviews-11797dd5.js
Requested by: Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-4977ca3f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2359c3bb8bea3ae01317573462bfeaf786aee62f87a78a8ad16f261dcd48becf

Request headers

Referer
Origin: https://r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:11:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 45550
etag: W/"667292a4-564"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OgzpsuqFoZ%2FUJCviq9rKdKAyTLCsdh8NjS4UWoJre4MIIsfNBOPrdQhI%2B1D7tYUDUhVkWFi2bBZBDmnharqLYQBB1s7a121%2FwgXoqjntFWLmv42xJash%2F2%2F2IYKAkhysQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 8a86ff322ff65caa-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jul 2024 08:48:43 GMT

GET
H3 200 reviews-f6c8f2ff.css
r.honeygain.me/assets/ 11 KB
4 KB 76ms
76ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.honeygain.me/assets/reviews-f6c8f2ff.css
Requested by: Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-4977ca3f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6c8f2ffb49d3598bbad84a6b11f2cc3a8f792e57e413af62bfa790365341dd9

Request headers

Referer: https://r.honeygain.me/LENIE61365
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:11:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 419217
etag: W/"667292a4-2dbf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vRjvgqfu7HipqJdCUxpkiOkEHTru%2BdAgqp8pAHX%2BAABgO9Z4nxwORMy0SdpwcL660dmTFPpH0mnEcJqIjtCN8jF6Eh7iuWSCOjPsD87PvU%2FjrgkC7lZsUIeQNnuGOaolLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 8a86ff322ff75caa-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jul 2024 01:00:56 GMT

GET
H3 200 hero-left.svg
r.honeygain.me/images/ 86 KB
33 KB 62ms
61ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.honeygain.me/images/hero-left.svg
Requested by: Host: r.honeygain.me
URL: https://r.honeygain.me/LENIE61365
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6e796f8fda8cba65e4d5fbdcff80dbedcd93e02166dd4ba9d877adf9fd3a46a

Request headers

Referer: https://r.honeygain.me/LENIE61365
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:11:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 45550
etag: W/"667292a3-15919"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EhFGDUqz2bHDKwIH9I1uUxFOdOYuDWOwcCkQsa1i%2FnLZzyRJJXFq7Vj8o7impPnfMYpvtHuNG%2B6cp4rJwLjoeOx%2FMVEpRF4JeDQdiHtyoQ%2FifYgZ1qegyiyfR%2BXpjGorJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=604800
cf-ray: 8a86ff32480e5caa-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jul 2024 08:48:43 GMT

GET
H3 200 hero-right.svg
r.honeygain.me/images/ 75 KB
29 KB 65ms
64ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.honeygain.me/images/hero-right.svg
Requested by: Host: r.honeygain.me
URL: https://r.honeygain.me/LENIE61365
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cedd573030a3f7d9c00a69a4d5152e1cfc2fa6f7e6fc459301fbbc8457d413e

Request headers

Referer: https://r.honeygain.me/LENIE61365
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:11:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 431622
etag: W/"667292a3-12aa2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CwXdcrHIGujuoe2g3qAO8AMFJG1aGztt%2BX7II5yepaf35IrEmXxK0QIwpAtXgd9WXbQsOaL6FnlsiMrvchoAN00556992AMWa%2BwMkWaqkUPSPcT0iFnGjIH3EFdn4YnKtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=604800
cf-ray: 8a86ff32480f5caa-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 26 Jul 2024 21:34:11 GMT

GET
H3 200 hero-mobile.svg
r.honeygain.me/images/ 96 KB
36 KB 65ms
64ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.honeygain.me/images/hero-mobile.svg
Requested by: Host: r.honeygain.me
URL: https://r.honeygain.me/LENIE61365
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aefc342aac7295c682d85ff73020854cb574bc2d7be3bb2e3ad3f30256c2f74

Request headers

Referer: https://r.honeygain.me/LENIE61365
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:11:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1600
etag: W/"667292a3-17f46"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hQvi1mqUopKP6OWyfo8jd4owyA0KXFigtZ0NlLlos1IWX%2BJQMehkYQEWC3iM4SpBiL6J1tjUoGMxTrZm6hYPE0D8TziZMwxLXB%2BnyPM5ypq2eQslmkEqTDxSsBkIKJODlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=604800
cf-ray: 8a86ff3248105caa-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jul 2024 21:01:13 GMT

GET
H3 200 apple-store-download.svg
r.honeygain.me/images/ 9 KB
4 KB 85ms
84ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.honeygain.me/images/apple-store-download.svg
Requested by: Host: r.honeygain.me
URL: https://r.honeygain.me/LENIE61365
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b465ad95c9742ca7ad64ce4abc4ed7be9e5a9ef3b50bdba20e1f728bade481c7

Request headers

Referer: https://r.honeygain.me/LENIE61365
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:11:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 407400
etag: W/"667292a3-24a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EtXttklUy7pNLylECNeyEQ2p7Uh1u9IUbKvfF2F0GaqucFqGIJ9Hy8jiPewDgIEvPnajQjpCMccIch3ADY3jpWpaiEEjoWlp5LEcNsCeR6bQPiul4yLrxl4Xb5g8C7HFpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=604800
cf-ray: 8a86ff3248115caa-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jul 2024 04:17:53 GMT

GET
H3 200 galaxy-store-download.svg
r.honeygain.me/images/ 13 KB
5 KB 86ms
85ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.honeygain.me/images/galaxy-store-download.svg
Requested by: Host: r.honeygain.me
URL: https://r.honeygain.me/LENIE61365
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04640fc156f172461ec1aef1a4988a9670217ce48b358632c527298d65664b0d

Request headers

Referer: https://r.honeygain.me/LENIE61365
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:11:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 596450
etag: W/"667292a3-33f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2FQ%2FVbXFphQLCJK0V4VUFLUQ54U2UdB3lBuXoOBqU3lUi%2BxK0v608%2FwhZCRfEBSF2YJ9q6i39GedilxqCkKW20ivSViBv3yP54pBOcOjcsb%2Foe8m%2BSce5VeBC9iqhpC%2F4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=604800
cf-ray: 8a86ff3248125caa-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 24 Jul 2024 23:47:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
100 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CHVR3SF3WD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQKKBZ4&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b733c3b6563b7f8d2714dc87f6b4ec8d3068f6c0e41ddd04df3abbf9d13e49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102297
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jul 2024 21:27:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 376 KB
120 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3LNFBDTH6H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQKKBZ4&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d5b71e6e05a157412b80bb90e42dc13e6911106792fc9c7f75d2f080ec8fcf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 122858
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jul 2024 21:27:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 96ms
21ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQKKBZ4&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:53:22 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2072
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 24 Jul 2024 22:53:22 GMT

GET
H2 200 ev7mc2gk2f Show response
www.clarity.ms/tag/ 638 B
1003 B 322ms
230ms Script
application/x-javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ev7mc2gk2f?ref=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQKKBZ4&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4c11c92fdd73ae427087079aa583090d80dd169b67516e7841b0b1639db67127

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
date: Wed, 24 Jul 2024 21:27:54 GMT
x-azure-ref: 20240724T212754Z-r159c8798fdgjbxxu4mubwympc0000000h90000000001h0y
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 638
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 144271241.js Show response
js-eu1.hs-scripts.com/ 1 KB
1 KB 374ms
44ms Script
application/javascript 172.65.208.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hs-scripts.com/144271241.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQKKBZ4&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d51a727b997996741fa714237435f1f71ecda2e80d21a70b0e411b00ff66d58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 8a4a1b0e-768b-4082-8bc0-233fa4c1afae
cf-polished: origSize=1524
age: 5114
x-envoy-upstream-service-time: 16
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8a4a1b0e-768b-4082-8bc0-233fa4c1afae
cf-bgj: minify
last-modified: Wed, 24 Jul 2024 20:02:40 GMT
server: cloudflare
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://r.honeygain.me
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-576d445cf9-vpmcm
x-evy-trace-virtual-host: all
access-control-allow-credentials: true
cf-ray: 8a86ff352b809164-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 68ms
23ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: r.honeygain.me
URL: https://r.honeygain.me/LENIE61365

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 24 Jul 2024 21:27:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1297, tbw=2812, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: WEc8WnMIIm1eOOaipiP20W5u9OljwXhF5NG8Oq0bweQ9+zoiIdil5h46JxGAbnWP9YkUK3oezsg4Gy3Y7C76LQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 301ms
120ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CQGDPRBC77U09334B9G0&lib=ttq
Requested by: Host: r.honeygain.me
URL: https://r.honeygain.me/LENIE61365
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6c28d3f533e934d003ebf6bb71a97c3c94f857aa8bcdb7407501c63cd6d3c058

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 19a751d7
date: Wed, 24 Jul 2024 21:27:54 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2407242127540954B6091325863C1AA4-5C652887C0A3ECD7-00
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=95
content-length: 2006
pragma: no-cache
server: nginx
x-tt-logid: 202407242127540954B6091325863C1AA4
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 95,2.20.179.90
x-tt-trace-host: 0137b851f819b3b554b0c296d171c85345c029a1b1954124d8ecbd6efe73a87b3f5d1b4401c7383c5e5f3edd02707e4f38d49220af9a9e9fd673d5175ac1785cf940cc495fd9999ebf47a1a61de59d8839e8547539260cde63306a55aabd7c7339
expires: Wed, 24 Jul 2024 21:27:54 GMT

GET
H3 200 favicon.ico
r.honeygain.me/ 22 KB
6 KB 42ms
41ms Other
image/x-icon 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.honeygain.me/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79cbc7cc24786d64a3d7cbfaedf93d4bec814d234ab5e864ac430b00e228bddb

Request headers

Referer: https://r.honeygain.me/LENIE61365
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:11:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 272107
etag: W/"667292a3-576e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=db2bUofgAuKUPI6MiVmjPaYk%2BDJmotKsknCGmki9b%2FLQlMQGQa9yUi2lejG89ruGjrGCJQYRKl%2Bm0eXT%2B7me%2F8lJN9YDcQ3%2Fr2OVSJugdNlA%2Ba47uRFT67UkLhCiQIAaTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=604800
cf-ray: 8a86ff3339075caa-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jul 2024 17:52:47 GMT

GET
H2 200 xn7gYHE41ni1AdIRggexSg.woff2
fonts.gstatic.com/s/manrope/v15/ 24 KB
24 KB 86ms
20ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:24:00 GMT
x-content-type-options: nosniff
age: 108234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24376
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 15:24:00 GMT

GET
H2 200 index.html
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/ Frame 2D2F 0
0 74ms
30ms Document
text/html 108.156.2.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.2.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-2-80.mxp63.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.honeygain.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 37187
cache-control: max-age=86400
content-encoding: gzip
content-length: 2171
content-type: text/html
date: Wed, 24 Jul 2024 14:58:14 GMT
etag: "e991b3bf94fd48d12173072b90a8b0e1"
last-modified: Tue, 23 Jul 2024 11:06:13 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 d580de5c96a7c9961c3c26ff049e04de.cloudfront.net (CloudFront)
x-amz-cf-id: j1lQ9Jouy1GCeKr0kq8jCzWtJSuHTj0cwySoVGtgS8uVK0TrRV7_dQ==
x-amz-cf-pop: MXP63-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 index.html
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/ Frame F55A 0
0 75ms
74ms Document
text/html 108.156.2.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.2.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-2-80.mxp63.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.honeygain.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 37187
cache-control: max-age=86400
content-encoding: gzip
content-length: 2171
content-type: text/html
date: Wed, 24 Jul 2024 14:58:14 GMT
etag: "e991b3bf94fd48d12173072b90a8b0e1"
last-modified: Tue, 23 Jul 2024 11:06:13 GMT
server: AmazonS3
via: 1.1 d580de5c96a7c9961c3c26ff049e04de.cloudfront.net (CloudFront)
x-amz-cf-id: j1lQ9Jouy1GCeKr0kq8jCzWtJSuHTj0cwySoVGtgS8uVK0TrRV7_dQ==
x-amz-cf-pop: MXP63-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 LENIE61365 Show response
r.honeygain.me/api/v1/coupons/ 102 B
485 B 62ms
61ms Fetch
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.honeygain.me/api/v1/coupons/LENIE61365
Requested by: Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-4977ca3f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43800d6255a2cbb84a3daab01597008bbd6165cd9afc2d1a16abc53295801257

Request headers

Referer: https://r.honeygain.me/LENIE61365
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N59A%2BZ8GbkImjmsjJB57CycsQsjndFphv2bQUN8g8OI5Wt9qWydqALn8XXsKeegwD9liE9Q7dNb9K8XAOn4rXaKCYP5UBNw9f2h994tu5vFBnohov%2FcIV40q%2B5ncr86wJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
cf-ray: 8a86ff33e9b35caa-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3tPt2t5&tag_exp=99312314&rnd=1400877619.1721856474&url=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&dma_cps=syphamo&dma=1&npa=0&gtm=45je47o0v91720...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3tPt2t5&tag_exp=99312314&rnd=1400877619.1721856474&url=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&dma_cps=syphamo&dma=1&npa=0&gtm=4...

42 B
66 B

34ms
33ms

Ping
image/gif

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3tPt2t5&tag_exp=99312314&rnd=1400877619.1721856474&url=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&dma_cps=syphamo&dma=1&npa=0&gtm=45je47o0v9172071281z8811958282za200zb811958282&auid=445962269.1721856474&frm=0

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 21:27:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Jul 2024 21:27:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3tPt2t5&tag_exp=99312314&rnd=1400877619.1721856474&url=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&dma_cps=syphamo&dma=1&npa=0&gtm=45je47o0v9172071281z8811958282za200zb811958282&auid=445962269.1721856474&frm=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11420082605/ 3 KB
1 KB 78ms
35ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11420082605/?random=1721856474292&cv=11&fst=1721856474292&bg=ffffff&guid=ON&async=1&gtm=45je47o0v9172071281z8811958282za200zb811958282&gcd=13t3tPt2t5&dma_cps=syphamo&dma=1&tag_exp=99312314&u_w=1600&u_h=1200&url=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&hn=www.googleadservices.com&frm=0&tiba=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&npa=0&pscdl=noapi&auid=445962269.1721856474&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3LNFBDTH6H&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

193a9d742b94a580c26d6a27243aa2005e803b5ac7645bf48bb5ee3cabab570a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 21:27:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1435
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 58ms
20ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3LNFBDTH6H&gtm=45je47o0v9172071281z8811958282za200zb811958282&_p=1721856473849&gcs=G111&gcd=13t3tPt2t5&npa=0&dma_cps=syphamo&dma=1&tag_exp=99312314&cid=669839324.1721856474&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721856474&sct=1&seg=0&dl=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&dt=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=780
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3LNFBDTH6H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 21:27:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r.honeygain.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11395421092/ 3 KB
1 KB 63ms
33ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11395421092/?random=1721856474315&cv=11&fst=1721856474315&bg=ffffff&guid=ON&async=1&gtm=45je47o0v9172071281z8811958282za200zb811958282&gcd=13t3tPt2t5&dma_cps=syphamo&dma=1&tag_exp=99312314&u_w=1600&u_h=1200&url=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&hn=www.googleadservices.com&frm=0&tiba=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&npa=0&pscdl=noapi&auid=445962269.1721856474&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3LNFBDTH6H&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

141fccd1fd5451f5b9bdbd61617fd6eb3e58e968ca1ebe69dd72bf193f1d728f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 21:27:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1436
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 33ms
32ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1798133559&t=event&ni=0&_s=1&dl=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&ul=nl-nl&de=UTF-8&dt=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Pageview&ea=pageview_referral&_u=YADAAEABAAAAACAAI~&jid=879812624&gjid=1352920095&cid=669839324.1721856474&tid=UA-140379814-1&_gid=1470678350.1721856474&_r=1&_slc=1&gtm=45He47o0n81KQKKBZ4v811958282za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=syphamo&dma=1&tag_exp=0&z=2088263871

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 21:27:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r.honeygain.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
133 B 25ms
23ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1798133559&t=event&ni=0&_s=1&dl=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&ul=nl-nl&de=UTF-8&dt=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scrolling&ea=25&el=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=669839324.1721856474&tid=UA-140379814-1&_gid=1470678350.1721856474&gtm=45He47o0n81KQKKBZ4v811958282za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=syphamo&dma=1&tag_exp=0&z=512379088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 23:46:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78059
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
92 B 27ms
26ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1798133559&t=event&ni=0&_s=1&dl=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&ul=nl-nl&de=UTF-8&dt=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scrolling&ea=50&el=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=669839324.1721856474&tid=UA-140379814-1&_gid=1470678350.1721856474&gtm=45He47o0n81KQKKBZ4v811958282za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=syphamo&dma=1&tag_exp=0&z=1914997085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 23:46:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78059
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
92 B 26ms
25ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1798133559&t=event&ni=0&_s=1&dl=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&ul=nl-nl&de=UTF-8&dt=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scrolling&ea=75&el=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=669839324.1721856474&tid=UA-140379814-1&_gid=1470678350.1721856474&gtm=45He47o0n81KQKKBZ4v811958282za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=syphamo&dma=1&tag_exp=0&z=657515717

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 23:46:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78059
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
92 B 26ms
25ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1798133559&t=event&ni=0&_s=1&dl=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&ul=nl-nl&de=UTF-8&dt=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scrolling&ea=90&el=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=669839324.1721856474&tid=UA-140379814-1&_gid=1470678350.1721856474&gtm=45He47o0n81KQKKBZ4v811958282za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=syphamo&dma=1&tag_exp=0&z=2118219197

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 23:46:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78059
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 515704137479053 Show response
connect.facebook.net/signals/config/ 66 KB
14 KB 159ms
158ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/515704137479053?v=2.9.162&r=stable&domain=r.honeygain.me&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f7a6d48a0b1902e75bcc9d2ead7e6a8e313899ea0528b407f8a54d066445d4b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 24 Jul 2024 21:27:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=66, mss=1297, tbw=64242, tp=-1, tpl=-1, uplat=133, ullat=0
pragma: public
x-fb-debug: DMaXDg01YYjHwzF0mjTGz5CLrIVPIMSbAgiqwV9Jan0BndiYjlCdKL05PP4bF0nBRNFDwCSkyxQzKrWx6a0Oog==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk-YT98zDqghSsvvQDf
ff.honeygain.com/sub/ 14 B
0 35ms
35ms EventSource
text/event-stream 172.67.71.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ff.honeygain.com/sub/sdk-YT98zDqghSsvvQDf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fn7rTZMMF9z1qLrIOyJN4fYOrE3%2FRQIJtFNIVDjNdc8X%2FotgY6UAdt1XXdwk7Eqr0qR6uQPMBzt8bSKIW6ZOd2z9x%2FZzTOX471vgCqSEGDV8wKbxQieINzgCiFyB86TEtD4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/event-stream
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 8a86ff34db363a70-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 24ms
23ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CHVR3SF3WD&gtm=45je47o0v877468943z8811958282za200zb811958282&_p=1721856473849&gcs=G111&gcd=13t3t3t2t5&npa=0&dma_cps=syphamo&dma=1&tag_exp=0&cid=669839324.1721856474&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721856474&sct=1&seg=0&dl=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&dt=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&en=page_view&_fv=1&_ss=1&tfd=874
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CHVR3SF3WD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 21:27:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r.honeygain.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11395421092/ 42 B
64 B 41ms
39ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11395421092/?random=1721856474315&cv=11&fst=1721854800000&bg=ffffff&guid=ON&async=1&gtm=45je47o0v9172071281z8811958282za200zb811958282&gcd=13t3tPt2t5&dma_cps=syphamo&dma=1&tag_exp=99312314&u_w=1600&u_h=1200&url=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&hn=www.googleadservices.com&frm=0&tiba=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&npa=0&pscdl=noapi&auid=445962269.1721856474&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLvkFQxLIizlw_x-APZ8g_QzRJoh1bgw&random=259562687&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 21:27:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/11395421092/ 42 B
64 B 69ms
31ms Image
image/gif 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11395421092/?random=1721856474315&cv=11&fst=1721854800000&bg=ffffff&guid=ON&async=1&gtm=45je47o0v9172071281z8811958282za200zb811958282&gcd=13t3tPt2t5&dma_cps=syphamo&dma=1&tag_exp=99312314&u_w=1600&u_h=1200&url=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&hn=www.googleadservices.com&frm=0&tiba=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&npa=0&pscdl=noapi&auid=445962269.1721856474&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLvkFQxLIizlw_x-APZ8g_QzRJoh1bgw&random=259562687&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 21:27:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11420082605/ 42 B
64 B 38ms
35ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11420082605/?random=1721856474292&cv=11&fst=1721854800000&bg=ffffff&guid=ON&async=1&gtm=45je47o0v9172071281z8811958282za200zb811958282&gcd=13t3tPt2t5&dma_cps=syphamo&dma=1&tag_exp=99312314&u_w=1600&u_h=1200&url=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&hn=www.googleadservices.com&frm=0&tiba=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&npa=0&pscdl=noapi&auid=445962269.1721856474&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL7C7ggRSKNcLscKlteprh_SSowMwJMA&random=303821402&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 21:27:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/11420082605/ 42 B
64 B 69ms
32ms Image
image/gif 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11420082605/?random=1721856474292&cv=11&fst=1721854800000&bg=ffffff&guid=ON&async=1&gtm=45je47o0v9172071281z8811958282za200zb811958282&gcd=13t3tPt2t5&dma_cps=syphamo&dma=1&tag_exp=99312314&u_w=1600&u_h=1200&url=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&hn=www.googleadservices.com&frm=0&tiba=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&npa=0&pscdl=noapi&auid=445962269.1721856474&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL7C7ggRSKNcLscKlteprh_SSowMwJMA&random=303821402&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 21:27:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTNjMWMzYmIwMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 343 KB
99 KB 29ms
27ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CQGDPRBC77U09334B9G0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f3fd02c434faaab6f6aae08e857ba15472e64f7ecba5a989b6a53c478649f6ee

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 19a753f6
date: Wed, 24 Jul 2024 21:27:54 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024072317210833B0E45984B15BB5511C
x-tt-trace-id: 00-24072317210833B0E45984B15BB5511C-49D6804C76646958-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01c771b1538f942fdb69874c1d59d1f494e57c5c64be97ce02cd6af92fb9b3d7f540554a999760f3b4a462d8c435eb38459511306c07bd8fbe08fc9f18ecb756aee8bba1e87d75e85dcaca47400626cdea1bf1579e4c89e540d2a10a1dd14b8015
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 100270

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.41/ 62 KB
26 KB 36ms
35ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.41/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ev7mc2gk2f?ref=gtm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:54 GMT
content-encoding: br
last-modified: Tue, 23 Jul 2024 16:31:04 GMT
etag: W/"0x8DCAB34D8B5EEBD"
vary: Accept-Encoding
x-azure-ref: 20240724T212754Z-r159c8798fdgjbxxu4mubwympc0000000h90000000001h1c
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: ce806347-001e-0079-041e-ddd2ff000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=90332FFBD97F482C98A961D5BC519510&RedC=c.clarity.ms&MXFR=009A201D6852632338E034DB6C526D96
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=90332FFBD97F482C98A961D5BC519510&MUID=1C72077F5F066F7B1BED13B95EC66EDE

42 B
442 B

31ms
31ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=90332FFBD97F482C98A961D5BC519510&MUID=1C72077F5F066F7B1BED13B95EC66EDE
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 21:27:54 GMT
last-modified: Tue, 25 Jun 2024 19:30:12 GMT
server: Microsoft-IIS/10.0
etag: "7473f1936c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 24 Jul 2024 21:27:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1D4DA89725B64EC0B69F92687C72FE8C Ref B: DUS30EDGE0312 Ref C: 2024-07-24T21:27:54Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=90332FFBD97F482C98A961D5BC519510&MUID=1C72077F5F066F7B1BED13B95EC66EDE
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 banner.js Show response
js-eu1.hs-banner.com/v2/144271241/ 71 KB
26 KB 131ms
43ms Script
text/javascript 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-banner.com/v2/144271241/banner.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144271241.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9af60bb44d5c010607c10c358e7fb0f655c09979c916871b791b4c3c6dfe396

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:54 GMT
x-amz-version-id: dCsiMttdhLFelqxUrVMBZMjFXBKOY308
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: W6FTC6VPXEN6Z21H
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 56740497-0cf6-447e-9758-61486e44153a
age: 300
x-envoy-upstream-service-time: 63
x-amz-id-2: 6hngnZhDzeVMeaq+EQoBZ+3bIdAWuPkVHR9VIJqBZQd6WQddgBNEhmgpNpKMEH5hv3xMzcKpkpA=
x-evy-trace-listener: listener_https
x-request-id: 56740497-0cf6-447e-9758-61486e44153a
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 10 Jul 2024 04:01:30 GMT
server: cloudflare
etag: W/"02ef0bbdb7fe808f1f4841d4c6a2b59d"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://dashboard.honeygain.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-f5f6f765-8wv55
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8a86ff35fbab1e0c-FRA
expires: Wed, 24 Jul 2024 21:27:54 GMT

GET
H2 200 144271241.js Show response
js-eu1.hs-analytics.net/analytics/1721851200000/ 68 KB
24 KB 114ms
33ms Script
text/javascript 172.65.238.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-analytics.net/analytics/1721851200000/144271241.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144271241.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d63066fe3084076d8bac22885da71408b40fc3671659babd10f81db9ce571dc

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:54 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 02KPSFGGPNC5JATC
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 1fb194a7-a8e0-4e49-8e8e-444da8e93e33
age: 232
x-envoy-upstream-service-time: 24
x-amz-id-2: gCL4oSyBOGDNJ99Z406itZKAWr4Lj4ZET6I6kFBEPkvLR4YKf+sCeCO5jnc70inB2eGAFw23Duc=
x-evy-trace-listener: listener_https
x-request-id: 1fb194a7-a8e0-4e49-8e8e-444da8e93e33
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 23 Jul 2024 19:53:57 GMT
server: cloudflare
etag: W/"1d06b307c532182625c394509913871c"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-5cc6cdbf4d-2t9gr
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8a86ff35fa391d90-FRA
expires: Wed, 24 Jul 2024 21:29:02 GMT

GET
H2 200 fb.js Show response
js-eu1.hsadspixel.net/ 6 KB
4 KB 113ms
29ms Script
application/javascript 172.65.219.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hsadspixel.net/fb.js

Requested by

Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144271241.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.219.229 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dea7d93054c054d6908de184845b8db289207bb4928bbdd07d0ad8d52ec0708f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:54 GMT
x-amz-version-id: kl1dxvjzkssE.fV_O4PhpuAJA5n_6jGg
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 146c0f4d7da9f5b3108ac41c3becbb82.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P6
age: 551
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.571/bundles/pixels-release.js&cfRay=8a86f1bebbac9bb8-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 726695ca-7157-40d0-ac6a-003e6886508a
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 726695ca-7157-40d0-ac6a-003e6886508a
last-modified: Fri, 19 Jul 2024 20:16:33 UTC
server: cloudflare
etag: W/"5d8f21e5e9508f10da257acb3360bbbd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-75dd7fb59f-qrw6z
cf-ray: 8a86ff35ffe12bfc-FRA
x-amz-cf-id: aVaLtzekyzscpTgXSSG_dOcTBJo61wxvOGNtZxI7dIwe1H0kXmq7Hw==
x-hs-target-asset: adsscriptloaderstatic/static-1.571/bundles/pixels-release.js

GET
H2 200 identify_59f29ac9.js Show response
analytics.tiktok.com/i18n/pixel/static/ 147 KB
40 KB 22ms
21ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_59f29ac9.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a2c34a121ed6cbe3441551d02daf013972fb8626bb6c5faec4def09c6689d8b2

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 19a7553e
date: Wed, 24 Jul 2024 21:27:54 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240723172110A5783681237BE6325AEE
x-tt-trace-id: 00-240723172110A5783681237BE6325AEE-5DFBC67976BBB326-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 014cf0e2ae59ab73fa756858375d5467efcbb76d5aeb8ddfe11bb8e1c6dea3516b1e6858dd2ce74316c0a4abe2f8489f65111299de585e9495fd42abcaf1ae282f1d4ae7102a652b25c5163e5c68297a6519b152c8c2561c374809713157611ff6
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 39956

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
698 B 156ms
154ms Ping
text/plain 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 19a75570
date: Wed, 24 Jul 2024 21:27:54 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240724212754E8AA597119CAF5A1CDC9-483CBF066BE2F6A8-00
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
server-timing: inner; dur=35, cdn-cache; desc=MISS, edge; dur=3, origin; dur=128
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240724212754E8AA597119CAF5A1CDC9
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 128,2.20.179.90
x-tt-trace-host: 0137b851f819b3b554b0c296d171c85345c029a1b1954124d8ecbd6efe73a87b3f002767be98275f83e713c1e5820a2bcedf173a834363bfa29c7b515df99a8ccbf9ec05ee6a90cbcb04f9b29a11ac17b0d07801a7d79b1599b7e0bbf2d9218112
access-control-allow-headers: Authorization,*
expires: Wed, 24 Jul 2024 21:27:54 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 62ms
23ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=515704137479053&ev=PageView&dl=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&rl=&if=false&ts=1721856474565&sw=1600&sh=1200&v=2.9.162&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1721856474563.516939534433668958&cs_est=true&ler=empty&cdl=API_unavailable&it=1721856474354&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1297, tbw=2795, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 24 Jul 2024 21:27:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET

/
www.facebook.com/login/
Redirect Chain

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=515704137479053&ev=PageView&dl=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&rl=&if=false&ts=1721856474565&sw=1600&sh=1200&v=2.9.162&...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D515704137479053%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fr.honeygain.m...

0
0

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
278 B 1714ms
331ms XHR
text/plain 172.175.38.6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwMQ.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://r.honeygain.me
Date: Wed, 24 Jul 2024 21:27:56 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
1 KB 134ms
52ms Image
image/gif 172.65.240.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=nl-nl&bfp=4130527673&v=1.1&a=144271241&pu=https%3A%2F%2Fr.honeygain.me%2FLENIE61365&t=Passive+Income+%E2%80%93+Effortlessly+%7C+Honeygain&cts=1721856474639&vi=bbaef3ed24d254af1de637cd03e0bb93&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7afb7003-d6bf-47c6-8063-11a8e86e3927
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7afb7003-d6bf-47c6-8063-11a8e86e3927
last-modified: Wed, 24 Jul 2024 21:27:54 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wm4sIpgsckFKFOkfnQfGfYIzaxQ019XSP4C%2BhZQmIDtgE1g2mhnI4cxZ0U%2BZBEhWg6zKWnGqbwdys8n1oVJG6GaY7mcjfQNHS4iwCGay3FCRb3SMqZBx7gsLJyde8dCzM7lppJZPxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: fra04/analytics-tracking-td/envoy-proxy-6c6cdbccc5-9fjdl
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 8a86ff371baf2bc0-FRA
x-robots-tag: none

GET
H2 200 json Show response
api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 117 B
1 KB 106ms
48ms XHR
application/json 2a06:98c1:3200::90:0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=144271241

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwMQ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3200::90:0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f58e536ef16cc93462b62f19710fafed7eb503465c82b283e718a49b747ba347

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f4f8c75e-4c4e-44b2-a202-fbd1a88a2b49
content-encoding: br
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f4f8c75e-4c4e-44b2-a202-fbd1a88a2b49
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://r.honeygain.me
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-576d445cf9-j8lrz
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0bMCf42y4ToVxixXkyU0hP90Gt5ttqwAm266JOUzieICsHJrnMAeI1mMS7gd%2FD8IJ1ivb7%2FsOy8QZCmzz0KApkwkANkm8tPxeGdPO39GwnAjNQ3h73Fu2BD0kxSMYoyfha%2Bw%2Btjx9hKT6gYKjpYVSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a86ff36fb746907-FRA
access-control-allow-headers: *

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 376 KB
120 KB 44ms
43ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11420082605

Requested by

Host: js-eu1.hsadspixel.net
URL: https://js-eu1.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b45da13b287a9491b93cc854532d89d11c46da1091c94c4d217bff0049b69b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 122879
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jul 2024 21:27:54 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
840 B 142ms
141ms Ping
text/plain 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: ce72b9e7.19a75858
date: Wed, 24 Jul 2024 21:27:54 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24072421275468355160E53C27F45BB3-15D88DCE872007BD-00
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
x-parent-response-time: 117,2.20.179.90
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=21, inner; dur=18
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024072421275468355160E53C27F45BB3
x-cache-remote: TCP_MISS from a23-48-100-141.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 21,23.48.100.141
x-tt-trace-host: 0137b851f819b3b554b0c296d171c8534523023ce2a2bf7c594121a8b48cc745bbe9753357a182a30928570ed0d9129b1a971908bebfad6fe1c68d58323984bae1187fa6aa48898b52aacfff18f988e3650df955c501eb8f20dfcb86ed066be21d15f46208702f847710f09104602ece38
access-control-allow-headers: Authorization,*
expires: Wed, 24 Jul 2024 21:27:54 GMT

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
278 B 791ms
98ms XHR
text/plain 172.175.38.6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwMQ.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://r.honeygain.me
Date: Wed, 24 Jul 2024 21:27:56 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 sdk-YT98zDqghSsvvQDf
ff.honeygain.com/sub/ 14 B
0 39ms
39ms EventSource
text/event-stream 172.67.71.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ff.honeygain.com/sub/sdk-YT98zDqghSsvvQDf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://r.honeygain.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 21:27:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ca88fila3BtJUc3e98WaiqKPUTbF2IEG8xnflAGC9gZx91U%2FgFlOFo%2BmCLO%2FqxBMrzp6bjAKK5Df5GdDRyjEH%2FvsoVyeVQ3iYQJy7Qr1GA9pLAenP8RDEb0PiB6EFSm%2Bpbo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/event-stream
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 8a86ff4fec863a70-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D515704137479053%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fr.honeygain.me%252FLENIE61365%26rl%26if%3Dfalse%26ts%3D1721856474565%26sw%3D1600%26sh%3D1200%26v%3D2.9.162%26r%3Dstable%26a%3Dtmgoogletagmanager%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1721856474563.516939534433668958%26cs_est%3Dtrue%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1721856474354%26coo%3Dfalse%26rqm%3DFGET

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.honeygain.me/	1970-01-21 00:27:12	Name: _gcl_au Value: 1.1.445962269.1721856474
.honeygain.me/	1970-01-21 07:53:36	Name: _ga_3LNFBDTH6H Value: GS1.1.1721856474.1.0.1721856474.0.0.0
.honeygain.me/	1970-01-20 22:19:02	Name: _gid Value: GA1.2.1470678350.1721856474
.honeygain.me/	1970-01-20 22:17:36	Name: _gat_UA-140379814-1 Value: 1
.tiktok.com/	1970-01-21 07:39:12	Name: _ttp Value: 2ji4HPfDmo8X48vo3TCnSfqFkzJ
www.clarity.ms/	1970-01-21 07:03:12	Name: CLID Value: 516a98e392224a6e85ca5220a22b73f8.20240724.20250724
.honeygain.me/	1970-01-21 07:53:36	Name: _ga_CHVR3SF3WD Value: GS1.1.1721856474.1.0.1721856474.0.0.0
.honeygain.me/	1970-01-21 07:53:36	Name: _ga Value: GA1.1.669839324.1721856474
.doubleclick.net/	1970-01-21 07:39:12	Name: IDE Value: AHWqTUkvuhVWYEmTbTLcPSClCB5ZYg7fTilyJ6FdKIjZIR-JxBoYF1zoQ3GedfkR
.honeygain.me/	1970-01-21 07:39:12	Name: _tt_enable_cookie Value: 1
.honeygain.me/	1970-01-21 07:39:12	Name: _ttp Value: Bfqwt6tmNXrXUwnVbwCJj05l3Ys
.honeygain.me/	1970-01-21 00:27:12	Name: _fbp Value: fb.1.1721856474563.516939534433668958
r.honeygain.me/	1970-01-21 02:36:48	Name: __hstc Value: 154656935.bbaef3ed24d254af1de637cd03e0bb93.1721856474638.1721856474638.1721856474638.1
r.honeygain.me/	1970-01-21 02:36:48	Name: hubspotutk Value: bbaef3ed24d254af1de637cd03e0bb93
r.honeygain.me/	1969-12-31 23:59:59	Name: __hssrc Value: 1
r.honeygain.me/	1970-01-20 22:17:38	Name: __hssc Value: 154656935.1.1721856474638
.bing.com/	1970-01-21 07:39:12	Name: MUID Value: 1C72077F5F066F7B1BED13B95EC66EDE
.c.bing.com/	1970-01-20 22:27:41	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:39:12	Name: SRM_B Value: 1C72077F5F066F7B1BED13B95EC66EDE
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:39:12	Name: MUID Value: 1C72077F5F066F7B1BED13B95EC66EDE
.c.clarity.ms/	1970-01-20 22:27:41	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 22:17:37	Name: ANONCHK Value: 0
.hubspot.com/	1970-01-20 22:17:38	Name: __cf_bm Value: lG99r44F93bPZfcfcEqJOE61_D2602qgf72wFUiKtbs-1721856474-1.0.1.1-hXdSyG51Md9wWWYeM0MS15RWlam4zAhj7RklGvOLxXSAXK4uAndJ.6cHkmZbwoa6UwAccOkGDcSQXH6tzKjDVA
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: b9DPfF2rf4PFm3Wwd6tu2hCkR5T5eXKfHRQ134R.jzk-1721856474760-0.0.1.1-604800000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api-eu1.hubapi.com
c.bing.com
c.clarity.ms
connect.facebook.net
ff.honeygain.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hsadspixel.net
k.clarity.ms
r.honeygain.me
region1.google-analytics.com
track-eu1.hubspot.com
widget.trustpilot.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.facebook.com
108.156.2.123
108.156.2.80
13.74.129.1
142.250.181.227
142.250.184.194
142.250.185.132
142.250.186.136
172.175.38.6
172.65.202.201
172.65.208.22
172.65.219.229
172.65.238.60
172.65.240.166
172.67.71.104
188.114.96.3
2.18.64.26
2001:4860:4802:32::36
2620:1ec:bdf::60
2620:1ec:c11::237
2a00:1450:4001:810::2008
2a00:1450:4001:811::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:831::200a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3200::90:0
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
04640fc156f172461ec1aef1a4988a9670217ce48b358632c527298d65664b0d
0d5b71e6e05a157412b80bb90e42dc13e6911106792fc9c7f75d2f080ec8fcf5
141fccd1fd5451f5b9bdbd61617fd6eb3e58e968ca1ebe69dd72bf193f1d728f
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7
188dc4b3d35f06711669e7c4df694adcd5ff04d389c41c2cf30fdc584a369c23
193a9d742b94a580c26d6a27243aa2005e803b5ac7645bf48bb5ee3cabab570a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2359c3bb8bea3ae01317573462bfeaf786aee62f87a78a8ad16f261dcd48becf
39ab616018dc9486c92f2f6288f7545d6ad948f644bdee02e68619454a0f734e
3cedd573030a3f7d9c00a69a4d5152e1cfc2fa6f7e6fc459301fbbc8457d413e
3e2f3d66b779f887242b6e545e29310b91e3c23362d27cb19e2a8134bfd36850
43800d6255a2cbb84a3daab01597008bbd6165cd9afc2d1a16abc53295801257
471ef233c63a63952b4dd8db8bbdf5b8114bd93d1d1c8a49827529f036a00195
4989ae929de61eb7da9b31263163d459347b8d876f4b7b7ff9528c33438869c3
4b733c3b6563b7f8d2714dc87f6b4ec8d3068f6c0e41ddd04df3abbf9d13e49f
4c11c92fdd73ae427087079aa583090d80dd169b67516e7841b0b1639db67127
4fe8ec0638c40dc5d1fa0a0971125ae70dcd8e2a3caf8b96ed46a329bb1a905e
56a71f99a192f6eed27f88b9a14cd3a8ffc9e7a04269e9ba5e63c6e2ae27ea03
5870a74f9b205646aa7f9c9a2d4d0310b159ea77ef72ffdfcc212f0f3634ee07
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69
66cefce936134aaca343dab9f43f1b9f8b8f982ef57b26f3b1ff2953fa4577b5
6aefc342aac7295c682d85ff73020854cb574bc2d7be3bb2e3ad3f30256c2f74
6c28d3f533e934d003ebf6bb71a97c3c94f857aa8bcdb7407501c63cd6d3c058
7347fe56bbf0d63b64027444251bfcd137da97fb31c39f7c0d22512ff52e7667
79cbc7cc24786d64a3d7cbfaedf93d4bec814d234ab5e864ac430b00e228bddb
7d63066fe3084076d8bac22885da71408b40fc3671659babd10f81db9ce571dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835ee12b72341d21a9b95cdece0f440fbec33ace8169481a231d96e519e8d101
8d51a727b997996741fa714237435f1f71ecda2e80d21a70b0e411b00ff66d58
952d9d591e69bf860e7ad9af8780cf68cb978e9de9ae07a4198feca7b51aebcc
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a2c34a121ed6cbe3441551d02daf013972fb8626bb6c5faec4def09c6689d8b2
ab164a7daa1b4bc4dc7547c789460db5c393c72d639eafba0356dcd59507f998
b45da13b287a9491b93cc854532d89d11c46da1091c94c4d217bff0049b69b47
b465ad95c9742ca7ad64ce4abc4ed7be9e5a9ef3b50bdba20e1f728bade481c7
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc9c9c2ff94cceaa9fb62245a105a2c26b6e652c6eb3fea42d7207303367ff4c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea7d93054c054d6908de184845b8db289207bb4928bbdd07d0ad8d52ec0708f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e796f8fda8cba65e4d5fbdcff80dbedcd93e02166dd4ba9d877adf9fd3a46a
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3fd02c434faaab6f6aae08e857ba15472e64f7ecba5a989b6a53c478649f6ee
f58e536ef16cc93462b62f19710fafed7eb503465c82b283e718a49b747ba347
f6c8f2ffb49d3598bbad84a6b11f2cc3a8f792e57e413af62bfa790365341dd9
f7a6d48a0b1902e75bcc9d2ead7e6a8e313899ea0528b407f8a54d066445d4b4
f9af60bb44d5c010607c10c358e7fb0f655c09979c916871b791b4c3c6dfe396

r.honeygain.me Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

67 Requests

96 %HTTPS

41 %IPv6

21 Domains

24 Subdomains

27 IPs

4 Countries

1613 kBTransfer

5008 kBSize

25 Cookies

32 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

r.honeygain.me Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

96 %
HTTPS

41 %
IPv6

21
Domains

24
Subdomains

27
IPs

4
Countries

1613 kB
Transfer

5008 kB
Size

25
Cookies

67 HTTP transactions
0 data transactions