r.honeygain.me Open in urlscan Pro
2606:4700:3031::6818:764f  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request MARTOD6C63 Show response r.honeygain.me/	38 KB 8 KB	52ms 30ms	Document text/html	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c5dfed23fd364d077186d459ff1c71121ec31c72ba3106bbae85b73bd64d956 Request headers :method GET :authority r.honeygain.me :scheme https :path /MARTOD6C63 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT content-type text/html set-cookie __cfduid=de6c7ec89ffcb8f2a995e73835f38ecb01608601492; expires=Thu, 21-Jan-21 01:44:52 GMT; path=/; domain=.honeygain.me; HttpOnly; SameSite=Lax; Secure last-modified Fri, 18 Dec 2020 08:28:33 GMT vary Accept-Encoding cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 cf-cache-status DYNAMIC cf-request-id 0729b7f58a00002c2295128000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H1TFPkguexHL%2F5Vvk%2FW91CffE5PQHzkZVuuUfdZFHbjfOP7YseVbDL%2BitXoQve1spfoE5pwUNV3Y73x%2BYSrk1ZcksWDxeU5a5JCBXaQtw1Nd2MUAi%2BABORf6bw%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 605629027d2c2c22-FRA content-encoding br
GET H2	200	latofonts.css r.honeygain.me/assets/font/	1 KB 634 B	11ms 10ms	Stylesheet text/css	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/font/latofonts.css Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d9f2894db5089a5a0f3beba6c9544ac3c375edb18525cbc95342aca831e987e Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT content-encoding br cf-cache-status HIT last-modified Fri, 25 Sep 2020 14:57:26 GMT server cloudflare age 508365 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LbMjPnVOX8VnRIXMoM9fnsH3maZUi%2BkyfGglcin2tEd2Kpw7Z%2B2mMz315pLaMFD7jBtOne0f8SI5NHIm9x8nS962SE%2Ftc1cECmM4D0rl65yDAkCj%2Ff8eCeXVBw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60562902bd672c22-FRA cf-request-id 0729b7f5af00002c22b4ae8000000001 expires Wed, 23 Dec 2020 04:32:07 GMT
GET H2	200	reset.css r.honeygain.me/assets/style/	7 KB 2 KB	12ms 11ms	Stylesheet text/css	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/style/reset.css Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e3a49f0be535dbf4df69cd76e32ea3d61171b88a3886f4b3c2b6efce624b745 Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT content-encoding br cf-cache-status HIT last-modified Fri, 25 Sep 2020 14:57:26 GMT server cloudflare age 414798 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5ihN3Z3UClCimUtIk988Cu0%2BdNEY15EXpw97Vhpv1AK08gppvD7J8td2piyAGYkLHbgEIpYm4bDsr8CR2Vy3sc0wxHrw4GHH4Fi%2BGZ9dp7Mt5tXZCE3P2r4Kmw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60562902bd692c22-FRA cf-request-id 0729b7f5af00002c22710c7000000001 expires Thu, 24 Dec 2020 06:31:34 GMT
GET H2	200	modal.css r.honeygain.me/assets/style/	3 KB 1 KB	11ms 11ms	Stylesheet text/css	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/style/modal.css Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1526e134419d59094af13750da144583e4b07511f9d22b82a164df6b8e260b01 Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 65806 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Fsf71lRp2Ndv5PZASB0AidVQNS5aDZQDDJuZpas27Kom7t6g9wW4zxBG2AIChdYIkZiPyR2IVGQYFf3yuXxElBIboLk46wAuAr22mmjqgekekBDadU%2Fwo9Z%2BFg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60562902bd6a2c22-FRA cf-request-id 0729b7f5af00002c227b0f1000000001 expires Mon, 28 Dec 2020 07:28:06 GMT
GET H2	200	style.css r.honeygain.me/assets/style/	7 KB 2 KB	13ms 12ms	Stylesheet text/css	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/style/style.css?v=202012181027 Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 83d3807b3bf0d009ab4027a08af30505cdcccc943526a8e572a5dbb9929b1bb5 Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT content-encoding br cf-cache-status HIT last-modified Fri, 18 Dec 2020 08:25:09 GMT server cloudflare age 321137 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XdVRXZ%2FnHQWxwvyWTKwTpFbw71JVcGwmskNXF2iRwiLALTMvB98TqyH9YmGOvXwX0hJvZGTeLVVIx49i7N45s9NKNwJX8Ek6sX2XdpLBs372tDWBjOe7XZ5KBg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60562902bd6c2c22-FRA cf-request-id 0729b7f5af00002c223a11f000000001 expires Fri, 25 Dec 2020 08:32:35 GMT
GET H2	200	tp.widget.bootstrap.min.js Show response widget.trustpilot.com/bootstrap/v5/	20 KB 7 KB	118ms 39ms	Script application/x-javascript	13.32.240.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.240.21 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-240-21.ams50.r.cloudfront.net Software AmazonS3 / Resource Hash c5741c28b6cb20aedd60d64973e806ee01f5540e752f6c0302910ac44bf9c54a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff age 22179 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront date Mon, 21 Dec 2020 20:45:37 GMT content-length 6593 x-xss-protection 1; mode=block last-modified Tue, 03 Nov 2020 10:58:47 GMT server AmazonS3 etag "01edd1d433529d4e7a5fa7a1d22985c1" content-type application/x-javascript via 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront) cache-control max-age=86400 x-amz-cf-pop AMS50-C1 accept-ranges bytes x-amz-cf-id 1lSnuJ0S3ROKGC9qsKv3NMhKGGpmwVTJic4pWSjlw0hcXl9G-b7lrA==
GET H2	200	logo.svg r.honeygain.me/assets/img/	8 KB 4 KB	13ms 9ms	Image image/svg+xml	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/logo.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c546caec07099d8d6632b6249c74f29bad317f28062508239f550759e2b1e63 Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 1545 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b7Z6cXXJVlkIXw7XcvIRzYt%2FTP%2FKEtnRKMmNBdJY3BwCdi2rLMcuRhbXDGFVUHUZMDD0oB2CAKV%2Bv%2FQyliK%2BqVjhmqPRqkwHpt8XJ%2FLWU3wJfgTpCQMWr01sEw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60562902bd752c22-FRA cf-request-id 0729b7f5b200002c2232276000000001
GET H2	200	star.svg r.honeygain.me/assets/img/	324 B 518 B	14ms 11ms	Image image/svg+xml	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/star.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b9a398a97d33786f05252fcf98a8b603860f974ac609e296664605be37e342db Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 189 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jRV%2BxwF%2FgH0Mh1%2FI9tY%2BCHZiQZaVZLzPvEBNsz4hcZW3gDMoqP06%2F9hxgsqAtEu1Q04nTbKiBh7WXoDOvY4%2B7OvtRZya%2B96eCBU2EyXdnq2BsbHyKBe%2B%2FGeohA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60562902bd762c22-FRA cf-request-id 0729b7f5b200002c2274224000000001
GET H2	200	img_sofa_money.svg r.honeygain.me/assets/img/	11 KB 5 KB	17ms 14ms	Image image/svg+xml	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/img_sofa_money.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8dc9f2d18de2ed41c8c476fded650cb4f3b8009e185a83f2916230143bc1832d Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 4892 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X8hilo32AEOVeNXAsMM8XxgCExkfYTGUB3%2FZwB4BVM0gaGqMSdoqhvIsHAYq8pWTSI0yz63I9oeDd8MgujNzr0XVV8M5WzTfCMaftzrwQkGAQ8IljUONo0fwRA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60562902bd772c22-FRA cf-request-id 0729b7f5b300002c228026f000000001
GET H2	200	logo-white.svg r.honeygain.me/assets/img/	7 KB 3 KB	17ms 14ms	Image image/svg+xml	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/logo-white.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 165828643ff380762db5b7b63e56598dd370fefb0df9446b24d2f30e6724828e Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 189 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zlAZwDI3Bqvt4KRb8BToDzECZDrDdTnY0zZKUKb5QlOCEvNDggYFfaC%2FWrtOs8CeFzSehSuR0Bz90swu32LJLV559a8hwUye%2BLirFuh4Z%2F%2FZMBr1XSMZ2ExSqg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60562902bd782c22-FRA cf-request-id 0729b7f5b300002c223681d000000001
GET H2	200	instagram.svg r.honeygain.me/assets/img/	3 KB 1 KB	13ms 10ms	Image image/svg+xml	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/instagram.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f9509b1f2fb4698a9c8e5ff926a039330b22ec0bc340e1024bdfb89eabd95318 Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 189 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L1n3pjYh8J9upD70tkYovuMuxlZbLEXaWjr9h6LOKdYZYKsAvH6WyfPxO%2FFZUQYlJo4X4e9HDuQp98GOol0KYh3LkQWIeuRr%2B19Y7PL0iyngGHK8BRs6x2l10A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60562902bd792c22-FRA cf-request-id 0729b7f5b300002c2232990000000001
GET H2	200	facebook.svg r.honeygain.me/assets/img/	2 KB 965 B	14ms 11ms	Image image/svg+xml	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/facebook.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2e9485db22a4801386b6503609974fc35be4df7e6ed2a0fd5b2875474180376 Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 4730 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LJmYuVKyfWryRH9jquBnKlwhdP%2FfHnifoUiEyYGQSl2Dpi6oUA6Mk%2B%2FLt8YAgskGgSTgGGHUytTEdZKewQZGs3292QwkckBzHm0YwRB3cmVGCvCt%2FVtcjd4iTg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60562902bd7c2c22-FRA cf-request-id 0729b7f5b300002c22a62a7000000001
GET H2	200	twitter.svg r.honeygain.me/assets/img/	1 KB 897 B	15ms 12ms	Image image/svg+xml	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/twitter.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84c80c9483681ef1046639b78bb180e8a4d4ab9e8f3eb8848d6952b986b7d2ca Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 1544 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=znADfXiW%2BnCAPO6pnHZL8XyvEd%2FcRwswC%2Bg2vzCd7%2BFFgI7EQHqdJPuAmhlEP5CBEAdbsn%2Brxg1L7iGVzs%2BFsPNwGLtswqLXoMzL6gVV8bi1aSOex%2F9UHhyq9Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60562902bd7d2c22-FRA cf-request-id 0729b7f5b400002c227716f000000001
GET H2	200	background-comb.svg r.honeygain.me/assets/img/	2 KB 1 KB	15ms 12ms	Image image/svg+xml	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/background-comb.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 763cf337b291e35a08bda68f22053cc97b5e372961e0daac1c361c03d25b1682 Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 3411 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1otNiAVRxwlCbFxNAIn%2BjQta6WGuXN4%2B28oqT45AF461Y4eU%2BVjOF5ATKyIYJMGXJiZWogE06j4Zvac9KZXBX2jJbYt7eagNw%2FyJyq7sNoZIVnfW%2F%2B4DMNiG0Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60562902bd7e2c22-FRA cf-request-id 0729b7f5b400002c22acb43000000001
GET H2	200	close.svg r.honeygain.me/assets/img/	314 B 483 B	15ms 13ms	Image image/svg+xml	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/close.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e65e5d6e7eabbb6e5f01eee3fd2f817bf2c40207862b0ca93fc4fd417b20b18c Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 1544 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uWblEWP9OdJ%2FEgj6dxFEoMon0zKTv7SWMQnYnbDXKwNKtcpKwP5kqrCwz2Vr%2BwF1jX1Qu09gVmCIKZ%2B2o1F5owFm9trYJWxTzAECp4pAkp4ByVwh1kPJhMdqzg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60562902bd7f2c22-FRA cf-request-id 0729b7f5b400002c225b94b000000001
GET H2	200	skeleton-screen.svg r.honeygain.me/assets/img/	406 B 424 B	13ms 11ms	Image image/svg+xml	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.honeygain.me/assets/img/skeleton-screen.svg Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a7b3277b7abd4d5edfaf6b32a437e32afd318dd38920da4b8774b7887cbc4d5 Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 3411 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EAtSt6H66XWUTFvn0MyMgc8NHJTPS%2BlHA5yDted2rPficvVSFqbEXJVfimji7gtZhA4Yjo9XjgAmEnVMDNBQbypcIs%2B4Hks7BQUHp3wYpBHGNvz5R2dGefnBbw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60562902bd802c22-FRA cf-request-id 0729b7f5b400002c229f24a000000001
GET H2	200	email-decode.min.js Show response r.honeygain.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	11ms 7ms	Script application/javascript	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to":"cf-nel","max_age":604800} cf-request-id 0729b7f5b200002c2247b9a000000001 last-modified Thu, 17 Dec 2020 18:39:38 GMT server cloudflare x-frame-options DENY etag W/"5fdba5ea-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MWQ5Btf9bYjL4PqzhMFYuCX4wZYY2z23ok93d%2BjptWDwwvgPW4duKVpSCUr9guMppbj28DSmC3BtVrCWr16C6ZqsFnZvHrJk9CxF7QP40WjNg9JkJ4vW77o2Fg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public cf-ray 60562902bd732c22-FRA expires Thu, 24 Dec 2020 01:44:52 GMT
GET H2	200	micromodal.min.js Show response cdn.jsdelivr.net/npm/micromodal@0.3.2/dist/	5 KB 2 KB	31ms 5ms	Script application/javascript	2a04:4e42:3::621 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/micromodal@0.3.2/dist/micromodal.min.js Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b97983141ab60fe651cb16850bd11d1a3a472aee6a43f2acdc0b2cf5d2eb2c17 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 955271 x-cache HIT cross-origin-resource-policy cross-origin content-length 2020 etag W/"154b-n3dCyO9apYwkviqmMdpnSalw07E" x-served-by cache-fra19169-FRA date Tue, 22 Dec 2020 01:44:52 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	ajax.js Show response r.honeygain.me/	388 B 568 B	22ms 18ms	Script application/javascript	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/ajax.js Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 506fefe430b0c1ddf26ce246c97f4a497484bd9bdb59a66775f8e3a0265459b6 Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:26:47 GMT server cloudflare age 340428 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q2pkTvoDAVFwUoRpd8VCa9B122T1kefv5vSg3yILIH2UrtWmtPEtlUQ%2FTjAi8lj9tojagaxHEv99PJk252PGSsUsLHBxBONgwVVDLQcih3lBhZw%2FsGWZqJJ72g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=604800 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60562902bd742c22-FRA cf-request-id 0729b7f5b200002c22af252000000001 expires Fri, 25 Dec 2020 03:11:04 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	96 KB 38 KB	17ms 14ms	Script application/javascript	2a00:1450:4001:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-140379814-2 Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9c66d007827acc8c873376910a1601487298b0f21b79bf89409b799125788830 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39020 x-xss-protection 0 last-modified Tue, 22 Dec 2020 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 22 Dec 2020 01:44:52 GMT
GET H2	200	6RDNT-f8Pv4 www.youtube.com/embed/ Frame 831A	0 0	112ms 89ms	Document text/html	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/6RDNT-f8Pv4 Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software YouTube Frontend Proxy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.youtube.com :scheme https :path /embed/6RDNT-f8Pv4 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://r.honeygain.me/MARTOD6C63 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://r.honeygain.me/MARTOD6C63 Response headers cache-control no-cache content-encoding br p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." x-content-type-options nosniff strict-transport-security max-age=31536000 content-length 20796 content-type text/html; charset=utf-8 expires Tue, 27 Apr 1971 19:44:06 GMT date Tue, 22 Dec 2020 01:44:53 GMT server YouTube Frontend Proxy x-xss-protection 0 set-cookie VISITOR_INFO1_LIVE=rzOiHxuHSVU; path=/; domain=.youtube.com; secure; expires=Sun, 20-Jun-2021 01:44:52 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 22-Dec-2020 02:14:52 GMT VISITOR_INFO1_LIVE=rzOiHxuHSVU; path=/; domain=.youtube.com; secure; expires=Sun, 20-Jun-2021 01:44:52 GMT; httponly; samesite=None YSC=KmBZsqUOTWs; path=/; domain=.youtube.com; secure; httponly; samesite=None alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	Lato-Heavy.ttf r.honeygain.me/assets/font/fonts/	589 KB 590 KB	13ms 10ms	Font application/x-font-ttf	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/font/fonts/Lato-Heavy.ttf Requested by Host: r.honeygain.me URL: https://r.honeygain.me/assets/font/latofonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b2d1ea8ac370e573b4ac505c468759d74a0564efdb1df4784a50c098767e3fa Request headers Origin https://r.honeygain.me Referer https://r.honeygain.me/assets/font/latofonts.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 758 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ghu19Whugnw71WolW0Hy7HnaqHofrMcz5zr%2BlKVPh3X%2BtQk9Ai6cfWizg6k5Vp54KwmqlNXCNnPJV3Cx0oMRerBcNJM1C3wjJC35i22%2F0B3RorJg3vFZpeA82Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-font-ttf cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60562902dda12c22-FRA cf-request-id 0729b7f5c900002c2247b9b000000001
GET H2	200	Lato-Bold2.ttf r.honeygain.me/assets/font/fonts/	72 KB 72 KB	19ms 16ms	Font application/x-font-ttf	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/font/fonts/Lato-Bold2.ttf Requested by Host: r.honeygain.me URL: https://r.honeygain.me/assets/font/latofonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b720599f8aed3bac5b9531fecf6750c8fa7e593b727739bc0692fcc0f55b678 Request headers Origin https://r.honeygain.me Referer https://r.honeygain.me/assets/font/latofonts.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 4892 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=44%2BFBZiXps%2BnAEjUbeco88TrXnvmaIAX%2BWkF3%2BcbU3PtsVEreYeIUgdb3BSdcXTaOhxlzxhg%2BzOYb52dLDYnV3zu4WdcMowJNPs%2F1DGjkVD7TJrqE8s7Di24aA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-font-ttf cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60562902dda52c22-FRA cf-request-id 0729b7f5c900002c22af254000000001
GET H2	200	Lato-Regular.ttf r.honeygain.me/assets/font/fonts/	593 KB 594 KB	19ms 16ms	Font application/x-font-ttf	2606:4700:3031::6818:764f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://r.honeygain.me/assets/font/fonts/Lato-Regular.ttf Requested by Host: r.honeygain.me URL: https://r.honeygain.me/assets/font/latofonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6818:764f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 089ab6d4a57e0e6c4dd3b681b6fd50a5184f1b902429d35e1227e52d6ccad1bd Request headers Origin https://r.honeygain.me Referer https://r.honeygain.me/assets/font/latofonts.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 01:44:52 GMT cf-cache-status HIT last-modified Thu, 17 Dec 2020 07:22:22 GMT server cloudflare age 758 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JqTYZ4wJPumTkKX71mO336HDJ8x7IQqsi0xKZd9M5mFa3LrJz%2F4pF2mdwCrOKVw4mz2Iv6R1fAHe0q9APiMGKgZSHYxcbHQiwih5RG%2FqFL4IlmMVmVW%2FR1Wn6g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-font-ttf cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60562902dda72c22-FRA cf-request-id 0729b7f5c900002c2232277000000001
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 18 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:81e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-140379814-2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 6000 date Tue, 22 Dec 2020 00:04:53 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Tue, 22 Dec 2020 02:04:53 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	2 B 65 B	13ms 13ms	XHR text/plain	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1606832782&t=pageview&_s=1&dl=https%3A%2F%2Fr.honeygain.me%2FMARTOD6C63&ul=en-us&de=UTF-8&dt=Honeygain%20Referral%20%7C%20Claim%20your%20%245%20bonus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=692296747&gjid=482439380&cid=1978735184.1608601493&tid=UA-140379814-2&_gid=1830373010.1608601493&_r=1&gtm=2oubu0&z=828594424 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 22 Dec 2020 01:44:53 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://r.honeygain.me cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	index.html widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/ Frame 32EE	0 0	38ms 37ms	Document text/html	13.32.240.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5db47bcc4de43a0001b54999 Requested by Host: widget.trustpilot.com URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.240.21 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-240-21.ams50.r.cloudfront.net Software AmazonS3 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority widget.trustpilot.com :scheme https :path /trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5db47bcc4de43a0001b54999 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://r.honeygain.me/MARTOD6C63 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://r.honeygain.me/MARTOD6C63 Response headers content-type text/html content-length 1922 date Mon, 21 Dec 2020 11:38:10 GMT last-modified Mon, 09 Nov 2020 10:14:27 GMT etag "0f33c997f4a775ba9f06ec605e0a832c" x-amz-server-side-encryption AES256 cache-control max-age=86400 content-encoding gzip accept-ranges bytes server AmazonS3 x-xss-protection 1; mode=block x-content-type-options nosniff strict-transport-security max-age=31536000 x-cache Hit from cloudfront via 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront) x-amz-cf-pop AMS50-C1 x-amz-cf-id CFWWcCTPTayflQm41lrcd3H4wGTFIplXXSoZfSczGoKdZku3xuB1PQ== age 50804
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 89 B	15ms 15ms	XHR text/plain	2a00:1450:400c:c06::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-140379814-2&cid=1978735184.1608601493&jid=692296747&gjid=482439380&_gid=1830373010.1608601493&_u=IEBAAUAAAAAAAC~&z=2139348115 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 22 Dec 2020 01:44:53 GMT content-type text/plain access-control-allow-origin https://r.honeygain.me cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 505 B	37ms 17ms	Image image/gif	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-140379814-2&cid=1978735184.1608601493&jid=692296747&_u=IEBAAUAAAAAAAC~&z=1541764721 Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 22 Dec 2020 01:44:53 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 505 B	36ms 16ms	Image image/gif	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-140379814-2&cid=1978735184.1608601493&jid=692296747&_u=IEBAAUAAAAAAAC~&z=1541764721 Requested by Host: r.honeygain.me URL: https://r.honeygain.me/MARTOD6C63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://r.honeygain.me/MARTOD6C63 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 22 Dec 2020 01:44:53 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| MicroModal function| getAjax object| termsText string| refCode object| elements function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| Trustpilot

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1970-01-19 19:09:13	Name: VISITOR_INFO1_LIVE Value: rzOiHxuHSVU
			.honeygain.me/	1970-01-19 14:50:01	Name: _gat_gtag_UA_140379814_2 Value: 1
			.honeygain.me/	1970-01-19 15:33:13	Name: __cfduid Value: de6c7ec89ffcb8f2a995e73835f38ecb01608601492
			.honeygain.me/	1970-01-20 08:21:13	Name: _ga Value: GA1.2.1978735184.1608601493
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: KmBZsqUOTWs
			.honeygain.me/	1970-01-19 14:51:27	Name: _gid Value: GA1.2.1830373010.1608601493

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
r.honeygain.me
stats.g.doubleclick.net
widget.trustpilot.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
13.32.240.21
2606:4700:3031::6818:764f
2a00:1450:4001:802::200e
2a00:1450:4001:806::2003
2a00:1450:4001:806::2004
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:81e::200e
2a00:1450:400c:c06::9a
2a04:4e42:3::621
089ab6d4a57e0e6c4dd3b681b6fd50a5184f1b902429d35e1227e52d6ccad1bd
0d9f2894db5089a5a0f3beba6c9544ac3c375edb18525cbc95342aca831e987e
1526e134419d59094af13750da144583e4b07511f9d22b82a164df6b8e260b01
165828643ff380762db5b7b63e56598dd370fefb0df9446b24d2f30e6724828e
1b2d1ea8ac370e573b4ac505c468759d74a0564efdb1df4784a50c098767e3fa
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3c5dfed23fd364d077186d459ff1c71121ec31c72ba3106bbae85b73bd64d956
506fefe430b0c1ddf26ce246c97f4a497484bd9bdb59a66775f8e3a0265459b6
5a7b3277b7abd4d5edfaf6b32a437e32afd318dd38920da4b8774b7887cbc4d5
5e3a49f0be535dbf4df69cd76e32ea3d61171b88a3886f4b3c2b6efce624b745
6c546caec07099d8d6632b6249c74f29bad317f28062508239f550759e2b1e63
763cf337b291e35a08bda68f22053cc97b5e372961e0daac1c361c03d25b1682
7b720599f8aed3bac5b9531fecf6750c8fa7e593b727739bc0692fcc0f55b678
83d3807b3bf0d009ab4027a08af30505cdcccc943526a8e572a5dbb9929b1bb5
84c80c9483681ef1046639b78bb180e8a4d4ab9e8f3eb8848d6952b986b7d2ca
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8dc9f2d18de2ed41c8c476fded650cb4f3b8009e185a83f2916230143bc1832d
9c66d007827acc8c873376910a1601487298b0f21b79bf89409b799125788830
b97983141ab60fe651cb16850bd11d1a3a472aee6a43f2acdc0b2cf5d2eb2c17
b9a398a97d33786f05252fcf98a8b603860f974ac609e296664605be37e342db
c2e9485db22a4801386b6503609974fc35be4df7e6ed2a0fd5b2875474180376
c5741c28b6cb20aedd60d64973e806ee01f5540e752f6c0302910ac44bf9c54a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e65e5d6e7eabbb6e5f01eee3fd2f817bf2c40207862b0ca93fc4fd417b20b18c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9509b1f2fb4698a9c8e5ff926a039330b22ec0bc340e1024bdfb89eabd95318