r.honeygain.me Open in urlscan Pro
2606:4700:3031::6818:764f  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request ANAGA4D6ED Show response r.honeygain.me/	38 KB 8 KB	62ms 34ms	Document text/html	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4564e83c52662a76913664d0dd039294f0a8a794a30c7b4b46a3ae94387b7482 Request headers :method GET :authority r.honeygain.me :scheme https :path /ANAGA4D6ED pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT content-type text/html set-cookie __cfduid=dec01ab057732a8843ee9e524d8fba5761608294038; expires=Sun, 17-Jan-21 12:20:38 GMT; path=/; domain=.honeygain.me; HttpOnly; SameSite=Lax; Secure last-modified Fri, 18 Dec 2020 08:28:33 GMT vary Accept-Encoding cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 cf-cache-status DYNAMIC cf-request-id 07176491f40000062954245000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kFGWufqXP5f42gTpNVesvZpoLTzVc3C5E8kn10MsRCy4ADmmofT2DhOnsvGA707tDBxGt5WOdmBCvH9dzX%2Fqu823B41jbgBVHF3NfhhYgIk9TogEhjRsU4GzYw%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6038d6c9889d0629-FRA content-encoding br
GET H2	200	latofonts.css r.honeygain.me/assets/font/	1 KB 636 B	12ms 11ms	Stylesheet text/css	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/font/latofonts.css Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d9f2894db5089a5a0f3beba6c9544ac3c375edb18525cbc95342aca831e987e Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT content-encoding br cf-cache-status HIT last-modified Fri, 25 Sep 2020 14:57:26 GMT server cloudflare age 200911 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=96tsGm5CCf%2F%2F7KmN4UG4YY6DIzolgMKy5QtpcXN7NGN8P1WRvwXkDZf9r5sV38DKR8zQO0JNN8vbbspZ0D97F4BX%2FK8kUlS7PO4TWsPEEgiu%2FlMd9hUJxozjZg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6038d6c9d96a0629-FRA cf-request-id 0717649224000006296bbd4000000001 expires Wed, 23 Dec 2020 04:32:07 GMT
GET H2	200	reset.css r.honeygain.me/assets/style/	7 KB 2 KB	13ms 12ms	Stylesheet text/css	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/style/reset.css Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e3a49f0be535dbf4df69cd76e32ea3d61171b88a3886f4b3c2b6efce624b745 Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT content-encoding br cf-cache-status HIT last-modified Fri, 25 Sep 2020 14:57:26 GMT server cloudflare age 107344 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gjd1%2BGKQA%2FGSZgt0QqXBQc1cU%2B%2BlOhZ7l05wWdyKrkKRIE1tebWRPbT%2BfnvaWVky6JtzD6kCVepPQ1BJMEQb8rm%2FpwssIKfyfsDuc5wu31nue8RiOdL9N5vRrg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6038d6c9d96c0629-FRA cf-request-id 07176492240000062940009000000001 expires Thu, 24 Dec 2020 06:31:34 GMT
GET H2	200	modal.css r.honeygain.me/assets/style/	3 KB 1 KB	13ms 13ms	Stylesheet text/css	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/style/modal.css Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1526e134419d59094af13750da144583e4b07511f9d22b82a164df6b8e260b01 Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT content-encoding br cf-cache-status HIT last-modified Fri, 25 Sep 2020 14:57:26 GMT server cloudflare age 363181 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uLKTJ%2Fmcfl0N994CJ85ZD5Zp6iitb1%2FlKSPvC%2BYRjFtINefr6lPKMfJHrtdM9itM972MB9DPplruRXE1BUig8IVRAJClYm2d5fF1winoZKHQKg8Z0PuJIUr1ow%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6038d6c9d96e0629-FRA cf-request-id 07176492240000062970383000000001 expires Mon, 21 Dec 2020 07:27:37 GMT
GET H2	200	style.css r.honeygain.me/assets/style/	7 KB 2 KB	14ms 13ms	Stylesheet text/css	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/style/style.css?v=202012181027 Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 83d3807b3bf0d009ab4027a08af30505cdcccc943526a8e572a5dbb9929b1bb5 Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT content-encoding br cf-cache-status HIT last-modified Fri, 18 Dec 2020 08:25:09 GMT server cloudflare age 13683 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q597HgGSxa%2FdGULPtDFvNIzfDMUoTbvJUplPzoVCPMZ49RuKglKlIm%2FLU9nrwTIDSgt1PlFevWrcBYttmtOpUNGIcv5cPVK24XXYvY1zM5RpF4FmUcdKh1Ohfg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6038d6c9d9710629-FRA cf-request-id 0717649224000006299b33d000000001 expires Fri, 25 Dec 2020 08:32:35 GMT
GET H2	200	tp.widget.bootstrap.min.js Show response widget.trustpilot.com/bootstrap/v5/	20 KB 7 KB	144ms 35ms	Script application/x-javascript	13.32.240.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.240.21 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-240-21.ams50.r.cloudfront.net Software AmazonS3 / Resource Hash c5741c28b6cb20aedd60d64973e806ee01f5540e752f6c0302910ac44bf9c54a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff age 50263 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront date Thu, 17 Dec 2020 22:22:56 GMT content-length 6593 x-xss-protection 1; mode=block last-modified Tue, 03 Nov 2020 10:58:47 GMT server AmazonS3 etag "01edd1d433529d4e7a5fa7a1d22985c1" content-type application/x-javascript via 1.1 36782ce80608b4ebb0112f2f4fdd01bf.cloudfront.net (CloudFront) cache-control max-age=86400 x-amz-cf-pop AMS50-C1 accept-ranges bytes x-amz-cf-id E8VA9l3m2yQwADMkwLuQOXNzX_60jIJDhEtzV2G8KFpFleyLXBFE_A==
GET H2	200	logo.svg r.honeygain.me/assets/img/	8 KB 3 KB	38ms 33ms	Image image/svg+xml	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/logo.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c546caec07099d8d6632b6249c74f29bad317f28062508239f550759e2b1e63 Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 573 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FrlxJssL4rXrKDKYp1Ld1ydl2EYGzNe4XFLrPy0A3SSKUWHvfXySTX9TKhDQwa2bdTRa8x5FTKN99K3OE4AExb%2B%2BbmJT%2FLm%2F%2B7tRTiMijIDMLONJaWemFmEdQw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6038d6c9d99d0629-FRA cf-request-id 071764922d000006295424f000000001
GET H2	200	star.svg r.honeygain.me/assets/img/	324 B 696 B	19ms 14ms	Image image/svg+xml	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/star.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b9a398a97d33786f05252fcf98a8b603860f974ac609e296664605be37e342db Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 6586 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TfpbE9PB%2Bfmy7sQdG1rcnF0N8fDwNtjEfhEQew%2BZHqg0Nn8r0C%2BOggrQFZNEdrTBDlfbN80B%2FwUz6lP9%2BMNHOqbUHNch7bUpGkPOX6x9ypFilLopP1JDOguEtA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6038d6c9d9a10629-FRA cf-request-id 071764922b00000629848ec000000001
GET H2	200	img_sofa_money.svg r.honeygain.me/assets/img/	11 KB 4 KB	22ms 17ms	Image image/svg+xml	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/img_sofa_money.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8dc9f2d18de2ed41c8c476fded650cb4f3b8009e185a83f2916230143bc1832d Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 4184 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DskSMzkDLcRvrQTlwbB5P3bSJYvGHSAToBC0I28xk9pHpaMRnx0Azj1Z0VVAb5odD2qv6F1uhBrkXcU3oCvZ3L%2Bs0cJxiU5I9ZHrRwZpGbUWtu1y8WNpnvpTaA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6038d6c9d9a20629-FRA cf-request-id 071764922b00000629593ab000000001
GET H2	200	logo-white.svg r.honeygain.me/assets/img/	7 KB 3 KB	33ms 29ms	Image image/svg+xml	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/logo-white.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 165828643ff380762db5b7b63e56598dd370fefb0df9446b24d2f30e6724828e Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 5956 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pu6lkD0uSlRJ8mg%2FuwuG6ieXxF8jS7lAOHjsZ37m4q4Q5wT7O9NeTJcQwP0xEqY2ksV6HRDNbRhCoABPqqM7gDqWoCGjlE%2FsVdKoGa6%2Bx%2Fn7%2BKiFWkvX132x9Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6038d6c9d9a70629-FRA cf-request-id 071764922b00000629522ab000000001
GET H2	200	instagram.svg r.honeygain.me/assets/img/	3 KB 1 KB	19ms 14ms	Image image/svg+xml	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/instagram.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f9509b1f2fb4698a9c8e5ff926a039330b22ec0bc340e1024bdfb89eabd95318 Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 6586 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HQw21glS5EanO%2F%2Bm1IBWzw64D0ORXsT494ERcEkX427XWKHN8sdiz1o7PsUsgzg9RrqisCLlaqFBmMHWeEtA5i1xOBoelaeubK2qhaieligTTUed%2FrnjQgAGfA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6038d6c9d9a90629-FRA cf-request-id 071764922b0000062945993000000001
GET H2	200	facebook.svg r.honeygain.me/assets/img/	2 KB 961 B	33ms 29ms	Image image/svg+xml	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/facebook.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2e9485db22a4801386b6503609974fc35be4df7e6ed2a0fd5b2875474180376 Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 4184 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a8E33hL05lRkK09f%2FxEhvhuKoDWzNSaM4ZXuLL265clqCBd4bCY40wO6GjDCb6Ggc2R7oFG5hh1IgFcfWRPn8xt0ZIshvaGCjHiAy%2BE4NjmaNTr7V4INwW%2F%2BQw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6038d6c9d9ac0629-FRA cf-request-id 071764922b000006298ea59000000001
GET H2	200	twitter.svg r.honeygain.me/assets/img/	1 KB 889 B	35ms 31ms	Image image/svg+xml	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/twitter.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84c80c9483681ef1046639b78bb180e8a4d4ab9e8f3eb8848d6952b986b7d2ca Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 573 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YScQW8Rrzgk0NUkFhh0jVivpvmzSROIxaiz%2B0Et6G%2BAAd1QLrOwfJrDdM0sniJ6hYWPO7ITn%2Bm%2ByAq7blo4bQ1qfSouaHxK4AixKXH6NA6BwNf7uSQmK%2B2jxTw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6038d6c9d9ae0629-FRA cf-request-id 071764922c0000062996bdf000000001
GET H2	200	background-comb.svg r.honeygain.me/assets/img/	2 KB 1 KB	33ms 30ms	Image image/svg+xml	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/background-comb.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 763cf337b291e35a08bda68f22053cc97b5e372961e0daac1c361c03d25b1682 Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 1375 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8LgvJRuSZR0F3hXbB%2FQfFDW39AiOzRihEKPwYnJv%2BKGWx23NLyXiBWi3MXS2xzhCYkl4ijLll0%2BsszkTaOxiN%2FJERNVG17KP0jhFot4E%2B35MfDMWfdWTFvZwug%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6038d6c9d9b20629-FRA cf-request-id 071764922c00000629b32fa000000001
GET H2	200	close.svg r.honeygain.me/assets/img/	314 B 464 B	30ms 27ms	Image image/svg+xml	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/close.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e65e5d6e7eabbb6e5f01eee3fd2f817bf2c40207862b0ca93fc4fd417b20b18c Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 573 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lkLh7XVVKGBnOwqeALRtDUR4fnEcrqDxzvXxjApnOVcEdgLN2WD9uZJH2%2B%2FZbvgf9Ta9bdNOyB0tZHiGtr%2B4UUXQOCik0wcPv9xZCA4pT4s4wbm5FUfq56WawQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6038d6c9d9b50629-FRA cf-request-id 071764922c0000062969005000000001
GET H2	200	skeleton-screen.svg r.honeygain.me/assets/img/	406 B 419 B	80ms 78ms	Image image/svg+xml	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/skeleton-screen.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a7b3277b7abd4d5edfaf6b32a437e32afd318dd38920da4b8774b7887cbc4d5 Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 1375 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RfvJ0tXZl8IE1hOQsVC1UYpsLqW26vM99dGzuBz5SzdviJWAeEClXvgnJXQGF7Niuy4zAfj5vqG96xF28JV%2BuoMzMQCSmRjw1SMl0Aalzn7ZxQ2HpvIO4pEcZQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6038d6c9d9bb0629-FRA cf-request-id 071764922f000006299b33f000000001
GET H2	200	email-decode.min.js Show response r.honeygain.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	18ms 12ms	Script application/javascript	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to":"cf-nel","max_age":604800} cf-request-id 071764922a000006294000a000000001 last-modified Mon, 14 Dec 2020 18:08:54 GMT server cloudflare x-frame-options DENY etag W/"5fd7aa36-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ggTgjS98EO3fOcK77Y8UrZnIkrZ3ZmgA4uGzvUQ27mat%2FvxCpIslR9u5Ay4Eh2EA58UyjAI%2BWBC9BWTwwQqHxxhMbI9qSo15Arz0JreET2KXShUSqZwJwczXLQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public cf-ray 6038d6c9d9930629-FRA expires Sun, 20 Dec 2020 12:20:38 GMT
GET H2	200	micromodal.min.js Show response cdn.jsdelivr.net/npm/micromodal@0.3.2/dist/	5 KB 2 KB	14ms 8ms	Script application/javascript	2a04:4e42:1b::621 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/micromodal@0.3.2/dist/micromodal.min.js Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b97983141ab60fe651cb16850bd11d1a3a472aee6a43f2acdc0b2cf5d2eb2c17 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 131300 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 2020 etag W/"154b-n3dCyO9apYwkviqmMdpnSalw07E" x-served-by cache-fra19140-FRA, cache-hhn4030-HHN date Fri, 18 Dec 2020 12:20:38 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	ajax.js Show response r.honeygain.me/	388 B 727 B	38ms 32ms	Script application/javascript	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/ajax.js Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 506fefe430b0c1ddf26ce246c97f4a497484bd9bdb59a66775f8e3a0265459b6 Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:26:47 GMT server cloudflare age 32974 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vot%2BMoWNzOaxXoawqxDjputN%2B2hb7UXQGbBh3V57sgCPqu%2BEC6MnUyfbr6Jorqrr7T9yG%2FQHu9BFRxJgwW3ba46CKZOYIqKtcLfyJGsDpRn1j4G9FtbFwmpagg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=604800 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6038d6c9d99b0629-FRA cf-request-id 071764922e0000062970385000000001 expires Fri, 25 Dec 2020 03:11:04 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	96 KB 38 KB	49ms 47ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-140379814-2 Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9c66d007827acc8c873376910a1601487298b0f21b79bf89409b799125788830 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39020 x-xss-protection 0 last-modified Fri, 18 Dec 2020 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 18 Dec 2020 12:20:38 GMT
GET H2	200	6RDNT-f8Pv4 www.youtube.com/embed/ Frame 5816	0 0	101ms 85ms	Document text/html	2a00:1450:4001:816::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/6RDNT-f8Pv4 Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software YouTube Frontend Proxy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.youtube.com :scheme https :path /embed/6RDNT-f8Pv4 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://r.honeygain.me/ANAGA4D6ED accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://r.honeygain.me/ANAGA4D6ED Response headers p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." content-type text/html; charset=utf-8 content-encoding br expires Tue, 27 Apr 1971 19:44:06 GMT content-length 20878 x-content-type-options nosniff cache-control no-cache strict-transport-security max-age=31536000 date Fri, 18 Dec 2020 12:20:38 GMT server YouTube Frontend Proxy x-xss-protection 0 set-cookie VISITOR_INFO1_LIVE=deY3sfA4Rtk; path=/; domain=.youtube.com; secure; expires=Wed, 16-Jun-2021 12:20:38 GMT; httponly; samesite=None YSC=EE71-GLJy-A; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 18-Dec-2020 12:50:38 GMT VISITOR_INFO1_LIVE=deY3sfA4Rtk; path=/; domain=.youtube.com; secure; expires=Wed, 16-Jun-2021 12:20:38 GMT; httponly; samesite=None alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	Lato-Heavy.ttf r.honeygain.me/assets/font/fonts/	589 KB 590 KB	11ms 11ms	Font application/x-font-ttf	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/font/fonts/Lato-Heavy.ttf Requested by Host: r.honeygain.me URL: https://r.honeygain.me/assets/font/latofonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b2d1ea8ac370e573b4ac505c468759d74a0564efdb1df4784a50c098767e3fa Request headers Origin https://r.honeygain.me Referer https://r.honeygain.me/assets/font/latofonts.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 6585 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sdn%2F67%2BYBK%2FKpTCH4hBp4zk0WNEp%2B6Miau53cxOfIGEuousBQqej89fVC3ymnzm12fRyP6RNm4LY0%2FZEsZ%2Fa99hmBPV7Vp3mP62Vlux99IX%2BhAWd1dY8FjiL4g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-font-ttf cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6038d6ca5b1a0629-FRA cf-request-id 0717649277000006293e2fa000000001
GET H2	200	Lato-Bold2.ttf r.honeygain.me/assets/font/fonts/	72 KB 72 KB	17ms 15ms	Font application/x-font-ttf	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/font/fonts/Lato-Bold2.ttf Requested by Host: r.honeygain.me URL: https://r.honeygain.me/assets/font/latofonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b720599f8aed3bac5b9531fecf6750c8fa7e593b727739bc0692fcc0f55b678 Request headers Origin https://r.honeygain.me Referer https://r.honeygain.me/assets/font/latofonts.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 4184 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FX4oDjGQXufTGZREkVn4jiHoHdnziqXS0NBgnpXxnSis%2Fh9zyQVvJCKifvLi4IhU%2BNJw3dP0arHt3VYPHKqLxeZKwaTvl4JNoT7r8RE34NPa9kj2K5IOv06Cuw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-font-ttf cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6038d6ca5b200629-FRA cf-request-id 07176492790000062960921000000001
GET H2	200	Lato-Regular.ttf r.honeygain.me/assets/font/fonts/	593 KB 594 KB	17ms 15ms	Font application/x-font-ttf	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/font/fonts/Lato-Regular.ttf Requested by Host: r.honeygain.me URL: https://r.honeygain.me/assets/font/latofonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 089ab6d4a57e0e6c4dd3b681b6fd50a5184f1b902429d35e1227e52d6ccad1bd Request headers Origin https://r.honeygain.me Referer https://r.honeygain.me/assets/font/latofonts.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 12:20:38 GMT cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 6585 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mri5VEaOig06MJLamFsITS4Unu850eIiWB3FOZYySu54t4tpA8ZR9YLYEJaZhhl5Iz6I4JV2rHStLiTOw5owEHCarpZY40myvmSZZgvA5S9FJ0U9CfrhTHULYw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-font-ttf cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6038d6ca5b230629-FRA cf-request-id 071764927b000006293d929000000001
GET H2	200	index.html widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/ Frame D20D	0 0	37ms 36ms	Document text/html	13.32.240.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5db47bcc4de43a0001b54999 Requested by Host: widget.trustpilot.com URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.240.21 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-240-21.ams50.r.cloudfront.net Software AmazonS3 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority widget.trustpilot.com :scheme https :path /trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5db47bcc4de43a0001b54999 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://r.honeygain.me/ANAGA4D6ED accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://r.honeygain.me/ANAGA4D6ED Response headers content-type text/html content-length 1922 last-modified Mon, 09 Nov 2020 10:14:27 GMT x-amz-server-side-encryption AES256 content-encoding gzip accept-ranges bytes server AmazonS3 x-xss-protection 1; mode=block x-content-type-options nosniff strict-transport-security max-age=31536000 date Fri, 18 Dec 2020 06:10:52 GMT etag "0f33c997f4a775ba9f06ec605e0a832c" cache-control max-age=86400 x-cache Hit from cloudfront via 1.1 36782ce80608b4ebb0112f2f4fdd01bf.cloudfront.net (CloudFront) x-amz-cf-pop AMS50-C1 x-amz-cf-id EnKX4JZGMHXGtlr27LAbMbVsCMWe6GgUj5OHMkA5SmEWv0LWV53s6A== age 44021
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 18 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-140379814-2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 945 date Fri, 18 Dec 2020 12:04:53 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Fri, 18 Dec 2020 14:04:53 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	2 B 387 B	50ms 13ms	XHR text/plain	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=99806420&t=pageview&_s=1&dl=https%3A%2F%2Fr.honeygain.me%2FANAGA4D6ED&ul=en-us&de=UTF-8&dt=Honeygain%20Referral%20%7C%20Claim%20your%20%245%20bonus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=159881312&gjid=1413706928&cid=1571339501.1608294038&tid=UA-140379814-2&_gid=845580038.1608294038&_r=1&gtm=2oubu0&z=392052527 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 18 Dec 2020 12:20:38 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://r.honeygain.me cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 87 B	15ms 14ms	XHR text/plain	2a00:1450:400c:c0c::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-140379814-2&cid=1571339501.1608294038&jid=159881312&gjid=1413706928&_gid=845580038.1608294038&_u=IEBAAUAAAAAAAC~&z=526087557 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 18 Dec 2020 12:20:38 GMT content-type text/plain access-control-allow-origin https://r.honeygain.me cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	ga-audiences www.google.com/ads/	42 B 271 B	21ms 20ms	Image image/gif	2a00:1450:4001:814::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-140379814-2&cid=1571339501.1608294038&jid=159881312&_u=IEBAAUAAAAAAAC~&z=1368126517 Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 18 Dec 2020 12:20:38 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	18ms 16ms	Image image/gif	2a00:1450:4001:824::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-140379814-2&cid=1571339501.1608294038&jid=159881312&_u=IEBAAUAAAAAAAC~&z=1368126517 Requested by Host: r.honeygain.me URL: https://r.honeygain.me/ANAGA4D6ED Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://r.honeygain.me/ANAGA4D6ED User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 18 Dec 2020 12:20:38 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| MicroModal function| getAjax object| termsText string| refCode object| elements function| gtag object| dataLayer object| google_tag_manager object| Trustpilot object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1970-01-19 19:04:06	Name: VISITOR_INFO1_LIVE Value: deY3sfA4Rtk
			.honeygain.me/	1970-01-19 14:44:54	Name: _gat_gtag_UA_140379814_2 Value: 1
			.honeygain.me/	1970-01-19 15:28:06	Name: __cfduid Value: dec01ab057732a8843ee9e524d8fba5761608294038
			.honeygain.me/	1970-01-20 08:16:06	Name: _ga Value: GA1.2.1571339501.1608294038
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: EE71-GLJy-A
			.honeygain.me/	1970-01-19 14:46:20	Name: _gid Value: GA1.2.845580038.1608294038

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
r.honeygain.me
stats.g.doubleclick.net
widget.trustpilot.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
13.32.240.21
2606:4700:3031::6818:764f
2a00:1450:4001:808::2008
2a00:1450:4001:809::200e
2a00:1450:4001:814::2004
2a00:1450:4001:816::200e
2a00:1450:4001:820::200e
2a00:1450:4001:824::2003
2a00:1450:400c:c0c::9d
2a04:4e42:1b::621
089ab6d4a57e0e6c4dd3b681b6fd50a5184f1b902429d35e1227e52d6ccad1bd
0d9f2894db5089a5a0f3beba6c9544ac3c375edb18525cbc95342aca831e987e
1526e134419d59094af13750da144583e4b07511f9d22b82a164df6b8e260b01
165828643ff380762db5b7b63e56598dd370fefb0df9446b24d2f30e6724828e
1b2d1ea8ac370e573b4ac505c468759d74a0564efdb1df4784a50c098767e3fa
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
4564e83c52662a76913664d0dd039294f0a8a794a30c7b4b46a3ae94387b7482
506fefe430b0c1ddf26ce246c97f4a497484bd9bdb59a66775f8e3a0265459b6
5a7b3277b7abd4d5edfaf6b32a437e32afd318dd38920da4b8774b7887cbc4d5
5e3a49f0be535dbf4df69cd76e32ea3d61171b88a3886f4b3c2b6efce624b745
6c546caec07099d8d6632b6249c74f29bad317f28062508239f550759e2b1e63
763cf337b291e35a08bda68f22053cc97b5e372961e0daac1c361c03d25b1682
7b720599f8aed3bac5b9531fecf6750c8fa7e593b727739bc0692fcc0f55b678
83d3807b3bf0d009ab4027a08af30505cdcccc943526a8e572a5dbb9929b1bb5
84c80c9483681ef1046639b78bb180e8a4d4ab9e8f3eb8848d6952b986b7d2ca
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8dc9f2d18de2ed41c8c476fded650cb4f3b8009e185a83f2916230143bc1832d
9c66d007827acc8c873376910a1601487298b0f21b79bf89409b799125788830
b97983141ab60fe651cb16850bd11d1a3a472aee6a43f2acdc0b2cf5d2eb2c17
b9a398a97d33786f05252fcf98a8b603860f974ac609e296664605be37e342db
c2e9485db22a4801386b6503609974fc35be4df7e6ed2a0fd5b2875474180376
c5741c28b6cb20aedd60d64973e806ee01f5540e752f6c0302910ac44bf9c54a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e65e5d6e7eabbb6e5f01eee3fd2f817bf2c40207862b0ca93fc4fd417b20b18c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9509b1f2fb4698a9c8e5ff926a039330b22ec0bc340e1024bdfb89eabd95318