URL: https://r.honeygain.me/TRVES98AA2
Submission: On December 25 via manual from PE — Scanned from DE

Summary

This website contacted 21 IPs in 4 countries across 14 domains to perform 75 HTTP transactions. The main IP is 2606:4700:e2::ac40:8317, located in United States and belongs to CLOUDFLARENET, US. The main domain is r.honeygain.me.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 17th 2023. Valid for: a year.
This is the only time r.honeygain.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
10 18.239.69.36 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 172.67.71.104 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:bdf::63 8075 (MICROSOFT...)
10 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 20.114.190.119 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
75 21
Apex Domain
Subdomains
Transfer
21 honeygain.me
r.honeygain.me
652 KB
10 youtube.com
www.youtube.com — Cisco Umbrella Rank: 71
1 MB
10 trustpilot.com
widget.trustpilot.com — Cisco Umbrella Rank: 4867
49 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 796
x.clarity.ms — Cisco Umbrella Rank: 7265
c.clarity.ms — Cisco Umbrella Rank: 1377
28 KB
5 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
static.doubleclick.net — Cisco Umbrella Rank: 248
3 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
72 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
jnn-pa.googleapis.com — Cisco Umbrella Rank: 203
41 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
288 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6765
562 B
2 honeygain.com
ff.honeygain.com — Cisco Umbrella Rank: 425883
2 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 228
762 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 89
3 KB
75 14
Domain Requested by
21 r.honeygain.me r.honeygain.me
10 www.youtube.com r.honeygain.me
www.youtube.com
10 widget.trustpilot.com r.honeygain.me
widget.trustpilot.com
4 jnn-pa.googleapis.com www.youtube.com
3 www.google.com r.honeygain.me
www.youtube.com
3 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
www.youtube.com
3 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
3 www.googletagmanager.com r.honeygain.me
www.googletagmanager.com
2 c.clarity.ms 1 redirects
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 x.clarity.ms www.clarity.ms
2 www.google.de r.honeygain.me
2 region1.google-analytics.com www.googletagmanager.com
2 www.clarity.ms www.googletagmanager.com
www.clarity.ms
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 ff.honeygain.com r.honeygain.me
1 c.bing.com 1 redirects
1 i.ytimg.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.googleapis.com r.honeygain.me
75 21
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-02-17 -
2024-02-17
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.trustpilot.com
Amazon RSA 2048 M02
2023-02-02 -
2024-03-02
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
honeygain.com
E1
2023-11-04 -
2024-02-02
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-12-07 -
2024-12-07
a year crt.sh
*.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.google.de
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06
2023-02-13 -
2024-02-08
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
edgestatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh

This page contains 4 frames:

Primary Page: https://r.honeygain.me/TRVES98AA2
Frame ID: 17F9F570B1E9D89ABA37082526DBB086
Requests: 47 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
Frame ID: 1861C6D64F0FAFDDB9BF43763C3AFAC7
Requests: 5 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
Frame ID: F48711A414012D2177F0FA34DB7CB21A
Requests: 4 HTTP requests in this frame

Frame: https://www.youtube.com/embed/6RDNT-f8Pv4?enablejsapi=1&origin=https%3A%2F%2Fr.honeygain.me&widgetid=1
Frame ID: 5DBE802432527D60B386471813D6FF90
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Passive Income – Effortlessly | Honeygain

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

75
Requests

97 %
HTTPS

81 %
IPv6

14
Domains

21
Subdomains

21
IPs

4
Countries

2248 kB
Transfer

6879 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 72
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2531B7FFD00A4C4FAEA768773BA6E08E&RedC=c.clarity.ms&MXFR=39E5984A0D2D621001278BB8092D6CAD HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2531B7FFD00A4C4FAEA768773BA6E08E&MUID=3F8E25215BE167A509ED36D35A336668

75 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request TRVES98AA2
r.honeygain.me/
1 KB
1 KB
Document
General
Full URL
https://r.honeygain.me/TRVES98AA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0014ca3a1629dc051baea93296e1c6d9d4d1f945c90b0fb8609708c35d93a0a1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
83b45028ccf13639-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 25 Dec 2023 21:52:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeTqpJ7pjRXDnJ%2BWrGzYaQCdhZ5soLUVsQxw%2Btq%2FD85%2F1Jp3%2Bv3b7lwuSPSPhece6nF7I9n8Kf7UXTJ2pQ%2BCakf0%2FaPGe8w1eSeKcDH%2FoAnS6mrLeo0VradUzLftYXO%2BHmxWwK741ey93%2FE6hg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
css2
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Manrope:wght@400;500;700&display=swap
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/TRVES98AA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0082539171b2381ca3ce547b3c5139c16dc8bfaf1f4ee00c07b8e22fdea8f6bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Dec 2023 21:52:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Dec 2023 21:52:47 GMT
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/
21 KB
7 KB
Script
General
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/TRVES98AA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-36.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 25 Dec 2023 03:02:06 GMT
via
1.1 0f98b23785e0aac311e2d09ea5460eb8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
age
67842
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6759
x-xss-protection
1; mode=block
last-modified
Thu, 26 Oct 2023 12:27:20 GMT
server
AmazonS3
etag
"15864ce88fa79a3e954417d0c3396798"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
eXO0_T-jKUrin9ifNllnedhpIZsCMM8HI8uk6n5Oj5zRBTHOcjH8iA==
index-b09187c9.js
r.honeygain.me/assets/
1 MB
404 KB
Script
General
Full URL
https://r.honeygain.me/assets/index-b09187c9.js
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/TRVES98AA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f31c8b8972bd01522ed4a969cca56609d4b06539f9cd16ccb5aec87c263d721

Request headers

Referer
https://r.honeygain.me/TRVES98AA2
Origin
https://r.honeygain.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 12:16:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
379503
etag
W/"65842c87-148d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3n7A1XsKTqpRYU0hPcHGzfrOV%2B7rYgQWB6nmgudqtveP9vLRjZZSgnXGvAGnf6w60txNtErU9qOVy8RwBh0Gq%2BOOfOFcEVux%2FwSPvyM%2FYk7psQ6NWfIlPlplBSrGMrVv5a2rUl0genXfzP82rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
83b45028fd1e3639-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Dec 2023 12:27:44 GMT
index-e9c4a8bb.css
r.honeygain.me/assets/
53 KB
15 KB
Stylesheet
General
Full URL
https://r.honeygain.me/assets/index-e9c4a8bb.css
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/TRVES98AA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9c4a8bb276d35b9f0ed43e927cac469552a0d60964150386d63215b6e634eda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/TRVES98AA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 12:16:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
379503
etag
W/"65842c87-d31f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBBCjRwayam%2B9CEeaKc8NmDA77aMM%2BXJAr7KXnXoz4594ETJuyyP4fsyrN3JA5W3O%2BasWiSfjD%2BIW%2BGfJIUmrlPd%2Fklz5SKmdk8DxMj5K%2B%2BfRR9cezJPvOcr7WJO3LsvX8gBU9CtRNf50iBQ2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
cf-ray
83b45028fd1d3639-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Dec 2023 12:27:44 GMT
gtm.js
www.googletagmanager.com/
335 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KQKKBZ4&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/TRVES98AA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e52ef889c373ef4bf4fa8e4eed20dbe26a3cf9c71e7ab36158089da6f012495
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
99841
x-xss-protection
0
last-modified
Mon, 25 Dec 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Dec 2023 21:52:47 GMT
en-95084d8b.js
r.honeygain.me/assets/
7 KB
2 KB
Script
General
Full URL
https://r.honeygain.me/assets/en-95084d8b.js
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-b09187c9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7347fe56bbf0d63b64027444251bfcd137da97fb31c39f7c0d22512ff52e7667

Request headers

Referer
https://r.honeygain.me/assets/index-b09187c9.js
Origin
https://r.honeygain.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 12:16:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
154292
etag
W/"65842c87-1a6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdUvsfk%2BjAGgU9i9rlqD5%2Fxj%2BTFUL%2FwSZvBV6Ca5lfntsC%2BTONkdwPWr1N0vi0VIy8Wzs18MqFaljzQWqBJz5G7C8izDcmIGuGartWQcP3h7oeg0UX2TjenPvWOR37f4LHd5hstTE75vWpXpxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
83b450299836913d-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 31 Dec 2023 03:01:15 GMT
sdk-YT98zDqghSsvvQDf
ff.honeygain.com/api/features/
4 KB
2 KB
Fetch
General
Full URL
https://ff.honeygain.com/api/features/sdk-YT98zDqghSsvvQDf
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-b09187c9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
158b9315fa246e45d9166137a3b59d88de1d1853a106bd9f64ba1dd225a657d7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-sse-support
enabled
date
Mon, 25 Dec 2023 21:52:47 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"fc7-KNIJpLbMycaZF3ns6DX2nK0pdpM"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6HvY74mONQBGllOqChE%2BIQ6C9nnMpQJfoaoI6BE6fEhRocv8Z6gZTq5EhZZVgILnb%2F5r6VKS8ASMnRo9sinpGFj5LPYTPwJ0yC5JbidatxaeCoftvYH190Q4YnRf2T10bs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-sse-support
cf-ray
83b45029c9611da0-FRA
polygon-40d9ca9e.js
r.honeygain.me/assets/
638 B
884 B
Script
General
Full URL
https://r.honeygain.me/assets/polygon-40d9ca9e.js
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-b09187c9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1929c9c891124ef996d588554edb9df696b40be4a07dc7b192e09984c05770c

Request headers

Referer
https://r.honeygain.me/assets/index-b09187c9.js
Origin
https://r.honeygain.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 12:16:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
379274
etag
W/"65842c87-27e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d61stZGnthh6dMFplJNmki2tvLh7SDJ57L0iGnjOa4dhnK0xs%2FB7%2FpQBUf83dqIVOs3ZPU2kxRfO%2FhSuNGV2EbUoxv6hY%2BsX%2FWnTqVzIidlHZEW%2FErQnWhEeoCh%2BHwnkiJnlvBkbOBo5UKoZLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
83b45029e871913d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Dec 2023 12:31:33 GMT
bee-coin-1-d4723ccc.js
r.honeygain.me/assets/
32 KB
14 KB
Script
General
Full URL
https://r.honeygain.me/assets/bee-coin-1-d4723ccc.js
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-b09187c9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e39e970e76086a2e5850a7ffb52598a89dfbd68afd41a0ff33e73f96219238a

Request headers

Referer
https://r.honeygain.me/assets/index-b09187c9.js
Origin
https://r.honeygain.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 12:16:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
379274
etag
W/"65842c87-80f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QK9eH%2BFyO5G%2FESPie%2FQSNCsJXTL7NanpxtCghdvg6XLPzOpGblZ8pLjlJMvZ1pgkJQE2ZLhXlKurb1%2BTYlCi3nwoOse8WV2oqVqUzej7191ACJIpBGsM7cpmVd7daGlKaYKkS8i7wxLuRzr7GA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
83b45029e872913d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Dec 2023 12:31:33 GMT
bee-coin-2-488ab0dd.js
r.honeygain.me/assets/
25 KB
11 KB
Script
General
Full URL
https://r.honeygain.me/assets/bee-coin-2-488ab0dd.js
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-b09187c9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a816fbb7a71347ed9a4f22ed45d2ccad4d0f54ee0d6d0a65b672c572b4dc33c

Request headers

Referer
https://r.honeygain.me/assets/index-b09187c9.js
Origin
https://r.honeygain.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 12:16:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
379274
etag
W/"65842c87-6221"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BC4HYp7Wne4Jp%2BmcUJZQy%2BpbY6SCNHaZaEX%2FJNph%2FkyeJWmILzbHuFY0vuVh8FOZWdb55JJ4%2Bgz5JB%2Fe0mKJsnZ7tH3xRGClYVf67sqTnnUgedaSXD8xoIiF3Jr9JIxFllLGswlAYVRBCO0gXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
83b45029e875913d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Dec 2023 12:31:33 GMT
bee-coin-3-111dd18a.js
r.honeygain.me/assets/
46 KB
19 KB
Script
General
Full URL
https://r.honeygain.me/assets/bee-coin-3-111dd18a.js
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-b09187c9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f19ff743ed3d5663a19dafd3528cb01278369c40f8487af63322a574888dfc73

Request headers

Referer
https://r.honeygain.me/assets/index-b09187c9.js
Origin
https://r.honeygain.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 12:16:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
379274
etag
W/"65842c87-b6dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWimK9MDieOVFqQKHTKvIphJXFz6SmZJX2CRqLV3L%2FFYFFcWE2uPxJSC0oRHOUwbJrYrmUGJaTq7%2F8O39%2FN908PQm8cgcWNoXm0BsQmJTXNdo7CBjVtbTFePokBDM7D2TAVPi5e7vlYOhSQZsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
83b45029e876913d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Dec 2023 12:31:33 GMT
gift-icon-c9acf28e.js
r.honeygain.me/assets/
2 KB
1 KB
Script
General
Full URL
https://r.honeygain.me/assets/gift-icon-c9acf28e.js
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-b09187c9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edadcf502fddcbfbe943fb488f38a86790c39ef492090fa5cfafc999817b894d

Request headers

Referer
https://r.honeygain.me/assets/index-b09187c9.js
Origin
https://r.honeygain.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 12:16:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
379274
etag
W/"65842c87-630"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dh4b6gzgILJ0BDoEp96mgZuKVhYjDdo9H0iJbZQCvm6Yp4aFdWLPnX8nPzHlzRDCASfSNt8i0rPbaOR%2F858TnMvk%2FsgbF0WHrDbuzDyS2%2BQ6glDRR%2FvBLuIQ2YEqUYtbOvcfAnRqYhm558OicQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
83b45029e877913d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Dec 2023 12:31:33 GMT
register-step-94c14a78.js
r.honeygain.me/assets/
21 KB
8 KB
Script
General
Full URL
https://r.honeygain.me/assets/register-step-94c14a78.js
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-b09187c9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dad560ae6ddb5bfb430e1f0984f95af9e41742a0f8c696675cac23447f2ab0b6

Request headers

Referer
https://r.honeygain.me/assets/index-b09187c9.js
Origin
https://r.honeygain.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 12:16:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
379274
etag
W/"65842c87-554b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2IUUkodX8%2BZppyCjJ13P64sroNYLAS6b4iClfez%2BRufdA43LCB0vaj8C4RFJBCIgVPsimsZlv60DKc7OfGLNFde3dU788%2BxMEw1x9bCXHu%2F747vwZtOTp4fD%2Fz235LLYrSw8oIitFZ5J7NpjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
83b45029e87e913d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Dec 2023 12:31:33 GMT
setup-step-10f3593e.js
r.honeygain.me/assets/
61 KB
22 KB
Script
General
Full URL
https://r.honeygain.me/assets/setup-step-10f3593e.js
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-b09187c9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4abe2b05d4f8d6a77b21136b002b041b116f15b7c8ab705e9985dc4c25657926

Request headers

Referer
https://r.honeygain.me/assets/index-b09187c9.js
Origin
https://r.honeygain.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 12:16:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
379274
etag
W/"65842c87-f4d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pz%2F%2Fcvxg5nBTmgxAUth1wQ%2B8R2cR2ksT3fyPjQy7FzqOdt2FKHS8MUkywbu0F9GOlTlTVIjedkFU7RTUICSDz%2FGs8uJPOA%2Bn4n4l2WWx5hXmDFwg3iazaApHSGu9%2F1Qp1ImK5XqQujF23u7ihg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
83b45029e87f913d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Dec 2023 12:31:33 GMT
gather-step-b337b00b.js
r.honeygain.me/assets/
21 KB
8 KB
Script
General
Full URL
https://r.honeygain.me/assets/gather-step-b337b00b.js
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-b09187c9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae48d07c34bb7f0c96d3f662d40c0e8774c09e7860ee0704c77936e922fbadba

Request headers

Referer
https://r.honeygain.me/assets/index-b09187c9.js
Origin
https://r.honeygain.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 12:16:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
379274
etag
W/"65842c87-5554"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ivEG18buIcGhvfiVvbVGG1qAYZW%2FsA5hTEAUNwwEiTg8nOuFNELPT6kCxUtJftDgZPEgLJWx%2F0T5oNUMaJvEx%2F9yyJnvzBmwGoxXQCQ0tA5%2FAOkdxPeN89NT1JukQhV%2F7Qv7uqFrgFob0pkkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
83b45029e882913d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Dec 2023 12:31:33 GMT
registration-stats-f8c4f58e.js
r.honeygain.me/assets/
2 KB
1 KB
Script
General
Full URL
https://r.honeygain.me/assets/registration-stats-f8c4f58e.js
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-b09187c9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
810c8f1ad773a1339e1d12593c78c8ec6d49e3766e352ee9964f5663bf7b82fe

Request headers

Referer
https://r.honeygain.me/assets/index-b09187c9.js
Origin
https://r.honeygain.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 12:16:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
379274
etag
W/"65842c87-847"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGciIHXSRhwhoGUKkNnniFYyQMVLmDKwDp9qbuGq7IrbYUJnXgrMRG1PmVgTAQFfoq4cQlM8yC%2F%2Brw%2BR4N5A3vOO7T6%2F%2BCzFhcxF3jSoE9Ro%2FhEzjEpCfv1dRWkUY5UlHVF%2BIU0SuSUYeGbxvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
83b45029e884913d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Dec 2023 12:31:33 GMT
money-stats-6b411fe0.js
r.honeygain.me/assets/
13 KB
6 KB
Script
General
Full URL
https://r.honeygain.me/assets/money-stats-6b411fe0.js
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-b09187c9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c600d27f80e9a812ca8ef748ef809a86168323f0f7deb7770e6e799751d09d37

Request headers

Referer
https://r.honeygain.me/assets/index-b09187c9.js
Origin
https://r.honeygain.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 12:16:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
379274
etag
W/"65842c87-342e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1bFvVlcgKFAytcBh0%2F2aw4So4pjPOomSlUpNISUy8%2BoWKOiLvgwRJlG81vaNYRZ1MxyISp3vKcmLsgi6vGWEabTsi81rozTeY%2FLnw3zezss2hdtY7ZQNFayhF42EmcBfX2o%2FgbUB4KC0uwTb%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
83b45029e887913d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Dec 2023 12:31:33 GMT
money-bag-stats-0e52441c.js
r.honeygain.me/assets/
28 KB
12 KB
Script
General
Full URL
https://r.honeygain.me/assets/money-bag-stats-0e52441c.js
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-b09187c9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4679e6752e88a40e3493ef515e0845530d529ecc6da93aeada684a60c38619

Request headers

Referer
https://r.honeygain.me/assets/index-b09187c9.js
Origin
https://r.honeygain.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 12:16:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
379274
etag
W/"65842c87-719d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1zudvyGn%2BD%2Fhcnzps0kaGPX6L07n32vBCqYo5wQWEsAjysTeJZ5Gar8D3h7wNwnrW81AEUFCVHMzW8NSgXMNL%2FeD%2BTg1cqzwlaMYn19RUQkty%2FmMfUntE6OKuD00r3s%2BcJGjGNRPO%2FXlIUmTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
83b45029e888913d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Dec 2023 12:31:33 GMT
what-is-honeygain-21edf675.js
r.honeygain.me/assets/
20 KB
8 KB
Script
General
Full URL
https://r.honeygain.me/assets/what-is-honeygain-21edf675.js
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-b09187c9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6afda5356f570f78c99016bc4c6e2c3e28d6911aea838e8609aef2a3030e10a0

Request headers

Referer
https://r.honeygain.me/assets/index-b09187c9.js
Origin
https://r.honeygain.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 12:16:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
379274
etag
W/"65842c87-4ff9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jb2rSm6AsN2mXdQOhz6yp%2F4Vc%2BiCTw8ekYFQVA4TbzCtYBk5kIsVEg2fhpzbeKk0VtjAZFjZlo5QSnzwvtyv%2BZhZETsCfHbVjA56bDXP%2BkXuCznnox%2BJZoMlYye%2Bi8OOe9%2B1v58QCEgYI%2Flfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
83b45029e889913d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Dec 2023 12:31:33 GMT
reviews-b232f024.js
r.honeygain.me/assets/
1 KB
1 KB
Script
General
Full URL
https://r.honeygain.me/assets/reviews-b232f024.js
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-b09187c9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd806af7d3dd07dcbff6a918aace76a8852bfe7fc4bccc8f27ff6f0cc59222de

Request headers

Referer
Origin
https://r.honeygain.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 12:16:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
379274
etag
W/"65842c87-58e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mk8ABgWj460IUcXK8zjcG7Fj1BRB7sxqxQLm2fu3s7TJBXMJLnqxH5Tm7e5XALdV%2FFwcvOqp7zCDk%2Fc4KI0F%2FKxFy%2BgnelqhKfTNc0BvZuyGeYucWL%2FeCJZ6uSZDCar7o6JGmuvuy4P1OhN5kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
83b45029e88a913d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Dec 2023 12:31:33 GMT
reviews-f6c8f2ff.css
r.honeygain.me/assets/
11 KB
4 KB
Stylesheet
General
Full URL
https://r.honeygain.me/assets/reviews-f6c8f2ff.css
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-b09187c9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6c8f2ffb49d3598bbad84a6b11f2cc3a8f792e57e413af62bfa790365341dd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/TRVES98AA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 10:46:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
417495
etag
W/"6572f3f2-2dbf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emxmjLXsJGM91%2FzNasx33UVOUbTXTr%2FAX2ZUeC7GUyY2dt6lE4A7tRGj5oX6WsEtG74u9iuNw%2Bc0KBX37YSR9c%2B9a4ECNlwJvWOuXsGYaMnwV95S1qNp3nWGvpouqwmOsXn%2FdLqdF3LdHlrFuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
cf-ray
83b45029e88b913d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Dec 2023 01:54:32 GMT
illustration-tv-sofa.svg
r.honeygain.me/images/
159 KB
61 KB
Image
General
Full URL
https://r.honeygain.me/images/illustration-tv-sofa.svg
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/TRVES98AA2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd8d318ba3f0d1b6eecc7e0d29dd2aa8746225519fe32f9b1e36bc9833a16dc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/TRVES98AA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 10:46:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
571496
etag
W/"6572f3f2-27d08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrOfe2kbP7RMi8ynwGrrcDljPSCoMRUde%2FU%2F0bipv9enrrPrpxSlAxPq%2B2NVctf0trIZJ2Tes1Y6TK2NbcOQMMaj5BzuwqQE3ewtlyAd790gSL8iINA3Ehn9Z5XmFGGL0ekRAr4D0ffMsgorZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
83b45029f893913d-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 07:07:51 GMT
sdk-YT98zDqghSsvvQDf
ff.honeygain.com/sub/
14 B
0
EventSource
General
Full URL
https://ff.honeygain.com/sub/sdk-YT98zDqghSsvvQDf
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/TRVES98AA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://r.honeygain.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MxLmE7Y57BMSgPh8%2B9DVul2bhX5X3R3u%2FkUNnZ89vWPuhcAiISyJK%2B%2Bd4h2rglZf1U6iR6ewFgkgPmW5Kc8XO8mZNWznIvJypLn0o8E%2Biuf1V64OUEeTc4PmIoDlJwTyT%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/event-stream
access-control-allow-origin
*
cache-control
no-cache
cf-ray
83b4502a09981da0-FRA
js
www.googletagmanager.com/gtag/
249 KB
86 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CHVR3SF3WD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQKKBZ4&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d229eb8e009d72bc1b0f2b385f7d13008f4cd832a5bd641a50b73af825ae386
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87576
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 25 Dec 2023 21:52:47 GMT
js
www.googletagmanager.com/gtag/
324 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3LNFBDTH6H&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQKKBZ4&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
707099252647c72a6df433cf62d168eea22667feeb862835f0cf257c44a3ab42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106773
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 25 Dec 2023 21:52:47 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQKKBZ4&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 25 Dec 2023 21:22:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1822
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 25 Dec 2023 23:22:25 GMT
ev7mc2gk2f
www.clarity.ms/tag/
650 B
1013 B
Script
General
Full URL
https://www.clarity.ms/tag/ev7mc2gk2f?ref=gtm
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQKKBZ4&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3ddcce3761ab6024f94e0444930f4e3ab8728dc266c0cba4174036c3dd132765

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
-1
date
Mon, 25 Dec 2023 21:52:47 GMT
x-azure-ref
20231225T215247Z-fgdtbz6h5t78r552dax0v0m3cs00000009mg00000000pxp0
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba9f73a1364d8f7db5ec4f8f2baa5c6a301daaaaec488ebc7ee89438d7ca5c2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/assets/what-is-honeygain-21edf675.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7ac9f0e85d1ed4d4ccf7a151ec6b9b80f89baa745841db8efd82713671ff5ab8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-agRiKQ45ZZ12q-_qiIW7PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Mon, 25 Dec 2023 21:52:47 GMT
xn7gYHE41ni1AdIRggexSg.woff2
fonts.gstatic.com/s/manrope/v15/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://r.honeygain.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 09:01:13 GMT
x-content-type-options
nosniff
age
564694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24376
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:22:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 09:01:13 GMT
index.html
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/ Frame 1861
8 KB
3 KB
Document
General
Full URL
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-36.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7eed928596fc3d1c1180c26f81e1847c6aac858cca19c4a69fd9f1220ef5ff3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://r.honeygain.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6660
cache-control
max-age=86400
content-encoding
gzip
content-length
2144
content-type
text/html
date
Mon, 25 Dec 2023 20:03:54 GMT
etag
"1307e3fd5846bacc989c2fd05996f010"
last-modified
Mon, 08 May 2023 11:44:09 GMT
server
AmazonS3
strict-transport-security
max-age=31536000
via
1.1 0f98b23785e0aac311e2d09ea5460eb8.cloudfront.net (CloudFront)
x-amz-cf-id
l3nQYQjToffOhDj2DkQvF87ATiyzK3VXxvei8_GPn1Sw9A4sfXaEVQ==
x-amz-cf-pop
AMS58-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
index.html
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/ Frame F487
8 KB
3 KB
Document
General
Full URL
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-36.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7eed928596fc3d1c1180c26f81e1847c6aac858cca19c4a69fd9f1220ef5ff3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://r.honeygain.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6660
cache-control
max-age=86400
content-encoding
gzip
content-length
2144
content-type
text/html
date
Mon, 25 Dec 2023 20:03:54 GMT
etag
"1307e3fd5846bacc989c2fd05996f010"
last-modified
Mon, 08 May 2023 11:44:09 GMT
server
AmazonS3
strict-transport-security
max-age=31536000
via
1.1 0f98b23785e0aac311e2d09ea5460eb8.cloudfront.net (CloudFront)
x-amz-cf-id
Y96_ez7LKjSI4vAJE6Is1Y3nmeRCVjxJu8Ppo0wC19KCDXtDFpDTug==
x-amz-cf-pop
AMS58-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
TRVES98AA2
r.honeygain.me/api/v1/coupons/
102 B
508 B
Fetch
General
Full URL
https://r.honeygain.me/api/v1/coupons/TRVES98AA2
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/assets/index-b09187c9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
832e19ec2a39dd287d91393046d60d0bce93b52ea3d36654fe3771cd9af85793

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/TRVES98AA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5uDm%2FYRySAVm7alcsPE2X2V65bkC27ty%2Bk71K2Vn2Nz3Y3vCFE4q%2F%2BfMekSWq7%2BBbHj3nlGWSyXEfUDPC99niVqv%2F%2B3PGCFyGh3IwUFKwO4hmoWTfUXuFuLGIPIeM4Ro9PLXSuIaoJfuTf4AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
cf-ray
83b4502a8920913d-FRA
alt-svc
h3=":443"; ma=86400
video-thumbnail.png
r.honeygain.me/images/
52 KB
53 KB
Image
General
Full URL
https://r.honeygain.me/images/video-thumbnail.png
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/TRVES98AA2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4623537c0781d4474ff3e20a2595313d46279c7531e5018195b122d4153b828e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/TRVES98AA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
507171
alt-svc
h3=":443"; ma=86400
content-length
53723
last-modified
Fri, 08 Dec 2023 10:46:10 GMT
server
cloudflare
etag
"6572f3f2-d1db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BK%2Fpqy7xIbww9zdafAsxmtz%2BLtVfMb%2FHaSqeydGbgpoOqQdr2xxybI%2FMtgY2IBnBnqMiFf9Ir1y%2Fmbh8jXmUQe7NtzFwa02S50CQcqhe8dd4fhLZJbRcQLLokch%2BZPeT%2B3Mdr0hRlNVjfI2wpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
83b4502a8923913d-FRA
expires
Wed, 27 Dec 2023 00:59:56 GMT
main.js
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/ Frame 1861
54 KB
17 KB
Script
General
Full URL
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-36.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
000cf4f67c9474f0eb6361bd3ab9f493e17f1873e4a36ef95c11bd685c89683d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 25 Dec 2023 01:55:20 GMT
via
1.1 0f98b23785e0aac311e2d09ea5460eb8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
age
71847
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
17136
x-xss-protection
1; mode=block
last-modified
Mon, 08 May 2023 11:44:11 GMT
server
AmazonS3
etag
"dc592904280a455012599b68215eae0f"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
z-eHKQRQmrX0Frxu44KZddzk82pIx256nQXKeVBqcHAiR7hVBPB93A==
main.js
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/ Frame F487
54 KB
17 KB
Script
General
Full URL
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-36.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
000cf4f67c9474f0eb6361bd3ab9f493e17f1873e4a36ef95c11bd685c89683d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 25 Dec 2023 01:55:20 GMT
via
1.1 0f98b23785e0aac311e2d09ea5460eb8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
age
71847
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
17136
x-xss-protection
1; mode=block
last-modified
Mon, 08 May 2023 11:44:11 GMT
server
AmazonS3
etag
"dc592904280a455012599b68215eae0f"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
Bd7TnFX7BSeRA72TbnhKk05UILpTUruhPC3g4kEvoQxVP3N4pKvPBg==
collect
www.google-analytics.com/j/
4 B
208 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=490552550&t=event&ni=0&_s=1&dl=https%3A%2F%2Fr.honeygain.me%2FTRVES98AA2&ul=en-us&de=UTF-8&dt=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Pageview&ea=pageview_referral&_u=YEBAAEABAAAAACAAI~&jid=875537549&gjid=1805548420&cid=187344107.1703541168&tid=UA-140379814-1&_gid=1696127380.1703541168&_r=1&_slc=1&gtm=45He3bt0n81KQKKBZ4v811958282&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=162442050
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://r.honeygain.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 21:52:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.honeygain.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
253 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CHVR3SF3WD&gtm=45je3bt0v877468943z8811958282&_p=1703541167611&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=187344107.1703541168&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703541167&sct=1&seg=0&dl=https%3A%2F%2Fr.honeygain.me%2FTRVES98AA2&dt=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&en=page_view&_fv=1&_ss=1&tfd=398
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CHVR3SF3WD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 21:52:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.honeygain.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
348 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-140379814-1&cid=187344107.1703541168&jid=875537549&gjid=1805548420&_gid=1696127380.1703541168&_u=YEBAAEAAAAAAACAAI~&z=761754853
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://r.honeygain.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 25 Dec 2023 21:52:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.honeygain.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11420082605/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11420082605/?random=1703541167884&cv=11&fst=1703541167884&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v9172071281z8811958282&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fr.honeygain.me%2FTRVES98AA2&hn=www.googleadservices.com&frm=0&tiba=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&auid=665639550.1703541168&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3LNFBDTH6H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e72dc36f0baca10cf727419e221eb6d047443a03aba33e7a558af082220a1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1305
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3LNFBDTH6H&gtm=45je3bt0v9172071281z8811958282&_p=1703541167611&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=187344107.1703541168&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703541167&sct=1&seg=0&dl=https%3A%2F%2Fr.honeygain.me%2FTRVES98AA2&dt=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&en=page_view&_fv=1&_ss=1&tfd=453
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3LNFBDTH6H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 21:52:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.honeygain.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/da154528/www-widgetapi.vflset/
216 KB
67 KB
Script
General
Full URL
https://www.youtube.com/s/player/da154528/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:19:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
2007
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68553
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 02:48:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 24 Dec 2024 21:19:20 GMT
clarity.js
www.clarity.ms/s/0.7.20/
60 KB
25 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ev7mc2gk2f?ref=gtm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:47 GMT
content-encoding
br
last-modified
Wed, 13 Dec 2023 19:57:52 GMT
etag
W/"0x8DBFC15CAB825ED"
vary
Accept-Encoding
x-azure-ref
20231225T215247Z-fgdtbz6h5t78r552dax0v0m3cs00000009mg00000000pxp6
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
98bcc8ab-201e-0051-02cb-30b357000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
5419b6ffb0d04a076446a9af
widget.trustpilot.com/trustbox-data/ Frame 1861
926 B
841 B
XHR
General
Full URL
https://widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5db47bcc4de43a0001b54999&locale=en-US
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-36.ams58.r.cloudfront.net
Software
Kestrel /
Resource Hash
15f9bdfc9ed17f729f0abec68854fdd2c0f02ea0e52f55f864c50a62cbe1b1fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 25 Dec 2023 21:32:39 GMT
via
1.1 0f98b23785e0aac311e2d09ea5460eb8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
age
1305
x-cache
Hit from cloudfront
content-length
420
x-xss-protection
1; mode=block
server
Kestrel
etag
"5eca57fbc2149c37655f889ef0cc4587"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
public,max-age=1800
x-amz-cf-id
vIGQ1cSGccW_1xrXmtc5WkiOZ7cdd6EeHD-FnrzvfVl5m18ZzpISxw==
TrustboxImpression
widget.trustpilot.com/stats/ Frame 1861
0
322 B
XHR
General
Full URL
https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fr.honeygain.me%2FTRVES98AA2&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=5db47bcc4de43a0001b54999&widgetId=5419b6ffb0d04a076446a9af
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-36.ams58.r.cloudfront.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 21:52:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 0f98b23785e0aac311e2d09ea5460eb8.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
AMS58-P4
x-cache
Miss from cloudfront
cache-control
no-store,no-cache
x-amz-cf-id
EUsQw7LxCV1A_saQ161NOZR58fY77UODbWkPfs8RBmZd0XwXKKqjRA==
x-xss-protection
1; mode=block
TrustboxView
widget.trustpilot.com/stats/ Frame 1861
0
322 B
XHR
General
Full URL
https://widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fr.honeygain.me%2FTRVES98AA2&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=5db47bcc4de43a0001b54999&widgetId=5419b6ffb0d04a076446a9af
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-36.ams58.r.cloudfront.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 21:52:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 0f98b23785e0aac311e2d09ea5460eb8.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
AMS58-P4
x-cache
Miss from cloudfront
cache-control
no-store,no-cache
x-amz-cf-id
73DMKpD1LyxMoxF-jkhzAvogo-LwWXharz6l2KYywQgQBgRUnUhFnw==
x-xss-protection
1; mode=block
5419b6ffb0d04a076446a9af
widget.trustpilot.com/trustbox-data/ Frame F487
926 B
842 B
XHR
General
Full URL
https://widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5db47bcc4de43a0001b54999&locale=en-US
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-36.ams58.r.cloudfront.net
Software
Kestrel /
Resource Hash
15f9bdfc9ed17f729f0abec68854fdd2c0f02ea0e52f55f864c50a62cbe1b1fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 25 Dec 2023 21:32:39 GMT
via
1.1 0f98b23785e0aac311e2d09ea5460eb8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
age
1305
x-cache
Hit from cloudfront
content-length
420
x-xss-protection
1; mode=block
server
Kestrel
etag
"5eca57fbc2149c37655f889ef0cc4587"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
public,max-age=1800
x-amz-cf-id
h9S5TkNOZ3myFpKzG8kPq0DJvODvvfRMZO2uk6xAkJWSKsfnt2ESnQ==
TrustboxImpression
widget.trustpilot.com/stats/ Frame F487
0
321 B
XHR
General
Full URL
https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fr.honeygain.me%2FTRVES98AA2&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=5db47bcc4de43a0001b54999&widgetId=5419b6ffb0d04a076446a9af
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-36.ams58.r.cloudfront.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 21:52:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 0f98b23785e0aac311e2d09ea5460eb8.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
AMS58-P4
x-cache
Miss from cloudfront
cache-control
no-store,no-cache
x-amz-cf-id
8gxqer1-AifRuyvP_JiGdYh_5pbQgJCLcGh4T0xuSZhYRSFsJL_RUA==
x-xss-protection
1; mode=block
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-140379814-1&cid=187344107.1703541168&jid=875537549&_u=YEBAAEAAAAAAACAAI~&z=1317581840
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/TRVES98AA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 21:52:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-140379814-1&cid=187344107.1703541168&jid=875537549&_u=YEBAAEAAAAAAACAAI~&z=1317581840
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/TRVES98AA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 21:52:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6RDNT-f8Pv4
www.youtube.com/embed/ Frame 5DBE
92 KB
39 KB
Document
General
Full URL
https://www.youtube.com/embed/6RDNT-f8Pv4?enablejsapi=1&origin=https%3A%2F%2Fr.honeygain.me&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9fed9387c33e6073d50f7c5814911f6c580b28d0f3958c9d193fe8aa471e52c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://r.honeygain.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-cb7MW2lHR34sASGE2Ndbeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Dec 2023 21:52:47 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/11420082605/
42 B
154 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/11420082605/?random=1703541167884&cv=11&fst=1703538000000&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v9172071281z8811958282&u_w=1600&u_h=1200&url=https%3A%2F%2Fr.honeygain.me%2FTRVES98AA2&frm=0&tiba=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_yY9AOufujJZxLzz24DsyiaNL8ywUaQ&random=2027674835&rmt_tld=0&ipr=y
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/TRVES98AA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 21:52:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/11420082605/
42 B
154 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/11420082605/?random=1703541167884&cv=11&fst=1703538000000&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v9172071281z8811958282&u_w=1600&u_h=1200&url=https%3A%2F%2Fr.honeygain.me%2FTRVES98AA2&frm=0&tiba=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_yY9AOufujJZxLzz24DsyiaNL8ywUaQ&random=2027674835&rmt_tld=1&ipr=y
Requested by
Host: r.honeygain.me
URL: https://r.honeygain.me/TRVES98AA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 21:52:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player.css
www.youtube.com/s/player/da154528/ Frame 5DBE
358 KB
46 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/da154528/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/6RDNT-f8Pv4?enablejsapi=1&origin=https%3A%2F%2Fr.honeygain.me&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af17d4cff542b33c97ee3a95f82a21d8993c87fd3472dff534fa855828a3b615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/6RDNT-f8Pv4?enablejsapi=1&origin=https%3A%2F%2Fr.honeygain.me&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 20:46:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
3971
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47436
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 02:48:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 24 Dec 2024 20:46:36 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5DBE
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/6RDNT-f8Pv4?enablejsapi=1&origin=https%3A%2F%2Fr.honeygain.me&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 23:26:56 GMT
x-content-type-options
nosniff
age
339951
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Dec 2024 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5DBE
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/6RDNT-f8Pv4?enablejsapi=1&origin=https%3A%2F%2Fr.honeygain.me&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 21:01:27 GMT
x-content-type-options
nosniff
age
435080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Dec 2024 21:01:27 GMT
embed.js
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame 5DBE
52 KB
16 KB
Script
General
Full URL
https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/6RDNT-f8Pv4?enablejsapi=1&origin=https%3A%2F%2Fr.honeygain.me&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abbda51c88a9a22c60f30b677f8925355382798bfcabb143d3938400c484d0f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/6RDNT-f8Pv4?enablejsapi=1&origin=https%3A%2F%2Fr.honeygain.me&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:24:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
48482
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16336
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 02:48:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 24 Dec 2024 08:24:45 GMT
www-embed-player.js
www.youtube.com/s/player/da154528/www-embed-player.vflset/ Frame 5DBE
322 KB
96 KB
Script
General
Full URL
https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/6RDNT-f8Pv4?enablejsapi=1&origin=https%3A%2F%2Fr.honeygain.me&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d854531f9c3833536d6971b4fd7617dafe1a2c6fd0bbed9469122e73ff3b13a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/6RDNT-f8Pv4?enablejsapi=1&origin=https%3A%2F%2Fr.honeygain.me&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:49:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
189
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98735
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 02:48:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 24 Dec 2024 21:49:38 GMT
base.js
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame 5DBE
2 MB
768 KB
Script
General
Full URL
https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/6RDNT-f8Pv4?enablejsapi=1&origin=https%3A%2F%2Fr.honeygain.me&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e43938512568a6819be40d8c79292dc4b5d9ac9888f23a9f5ba931f98ce81aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/6RDNT-f8Pv4?enablejsapi=1&origin=https%3A%2F%2Fr.honeygain.me&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48479
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
786305
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 02:48:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 24 Dec 2024 08:24:48 GMT
collect
x.clarity.ms/
0
294 B
XHR
General
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://r.honeygain.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://r.honeygain.me
Date
Mon, 25 Dec 2023 21:52:48 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
id
googleads.g.doubleclick.net/pagead/ Frame 5DBE
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
144 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/6RDNT-f8Pv4?enablejsapi=1&origin=https%3A%2F%2Fr.honeygain.me&widgetid=1
Protocol
H3
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8864eb94e003a94656494dd2490604fde77e68c30db5deb8bff1ab1c57d5d194
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 25 Dec 2023 21:52:48 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 5DBE
29 B
494 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:51:11 GMT
x-content-type-options
nosniff
age
97
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Dec 2023 22:06:11 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 25 Dec 2023 21:52:48 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5DBE
86 KB
40 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eead7a6f5a50094dfe01890a25e30a74a81358ad1027c80f9da5afe46d98f282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 25 Dec 2023 21:52:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40711
x-xss-protection
0
remote.js
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame 5DBE
116 KB
33 KB
Script
General
Full URL
https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e50b3437118e3987bcf15bbe18094b785119f764d2af29be181b531de3b1bb08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/6RDNT-f8Pv4?enablejsapi=1&origin=https%3A%2F%2Fr.honeygain.me&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:24:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
48482
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33735
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 02:48:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 24 Dec 2024 08:24:46 GMT
Tsw0Yn1BA_u41wm3FNlInuFvbxWhU_qzb8oN8tyvKnc.js
www.google.com/js/th/ Frame 5DBE
51 KB
19 KB
Script
General
Full URL
https://www.google.com/js/th/Tsw0Yn1BA_u41wm3FNlInuFvbxWhU_qzb8oN8tyvKnc.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ecc34627d4103fbb8d709b714d9489ee16f6f15a153fab36fca0df2dcaf2a77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 20:44:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
90491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19777
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Dec 2024 20:44:37 GMT
default.jpg
i.ytimg.com/vi/6RDNT-f8Pv4/ Frame 5DBE
3 KB
3 KB
Image
General
Full URL
https://i.ytimg.com/vi/6RDNT-f8Pv4/default.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/6RDNT-f8Pv4?enablejsapi=1&origin=https%3A%2F%2Fr.honeygain.me&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34e901422e79b18ffc7b0c015be74cae1ede9cbd74fe65cc0f541c6961c1ec2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:46:44 GMT
x-content-type-options
nosniff
age
364
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2903
x-xss-protection
0
server
sffe
etag
"1607943246"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 25 Dec 2023 23:46:44 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 5DBE
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 25 Dec 2023 21:52:48 GMT
generate_204
www.youtube.com/ Frame 5DBE
0
10 B
Image
General
Full URL
https://www.youtube.com/generate_204?WwyOAA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/6RDNT-f8Pv4?enablejsapi=1&origin=https%3A%2F%2Fr.honeygain.me&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/6RDNT-f8Pv4?enablejsapi=1&origin=https%3A%2F%2Fr.honeygain.me&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:52:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 25 Dec 2023 21:52:48 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5DBE
90 B
134 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a71d127dea8f431aed6b79647649fd82970ff205bb514974e19cf9af07bbff9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 25 Dec 2023 21:52:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame 5DBE
50 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/120/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 19:47:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7521
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 15:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 26 Dec 2023 19:47:27 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2531B7FFD00A4C4FAEA768773BA6E08E&RedC=c.clarity.ms&MXFR=39E5984A0D2D621001278BB8092D6CAD
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2531B7FFD00A4C4FAEA768773BA6E08E&MUID=3F8E25215BE167A509ED36D35A336668
42 B
442 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2531B7FFD00A4C4FAEA768773BA6E08E&MUID=3F8E25215BE167A509ED36D35A336668
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.honeygain.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 21:52:47 GMT
last-modified
Tue, 12 Dec 2023 19:03:29 GMT
server
Microsoft-IIS/10.0
etag
"e8d91e42d2dda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 25 Dec 2023 21:52:48 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2CBAB58BBFA9497CAC15008725AC0E7A Ref B: FRAEDGE1316 Ref C: 2023-12-25T21:52:48Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2531B7FFD00A4C4FAEA768773BA6E08E&MUID=3F8E25215BE167A509ED36D35A336668
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
x.clarity.ms/
0
294 B
XHR
General
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://r.honeygain.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://r.honeygain.me
Date
Mon, 25 Dec 2023 21:52:49 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
log_event
www.youtube.com/youtubei/v1/ Frame 5DBE
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
X-Goog-Request-Time
1703541170124
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/6RDNT-f8Pv4?enablejsapi=1&origin=https%3A%2F%2Fr.honeygain.me&widgetid=1
X-YouTube-Client-Version
1.20231217.00.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtENG1DWXFQTHJ1Yyiv86esBjIKCgJERRIEEgAgRg%3D%3D
X-YouTube-Ad-Signals
dt=1703541168018&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date
Mon, 25 Dec 2023 21:52:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Mon, 25 Dec 2023 21:52:50 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| Trustpilot object| dataLayer object| _growthbook object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| clarity function| onYouTubeIframeAPIReady object| gaplugins object| gaGlobal object| gaData object| GooglebQhCsO object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_

19 Cookies

Domain/Path Name / Value
.honeygain.me/ Name: _gid
Value: GA1.2.1696127380.1703541168
.honeygain.me/ Name: _gat_UA-140379814-1
Value: 1
.youtube.com/ Name: YSC
Value: xyQXD6xD_tI
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: D4mCYqPLruc
.honeygain.me/ Name: _ga_CHVR3SF3WD
Value: GS1.1.1703541167.1.0.1703541167.0.0.0
.honeygain.me/ Name: _ga
Value: GA1.1.187344107.1703541168
.honeygain.me/ Name: _gcl_au
Value: 1.1.665639550.1703541168
.honeygain.me/ Name: _ga_3LNFBDTH6H
Value: GS1.1.1703541167.1.0.1703541167.0.0.0
www.clarity.ms/ Name: CLID
Value: e9e12a1734a446dcade77cc896b8c731.20231225.20241224
.honeygain.me/ Name: _clck
Value: 1tc4148%7C2%7Cfhu%7C0%7C1454
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bing.com/ Name: MUID
Value: 3F8E25215BE167A509ED36D35A336668
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 3F8E25215BE167A509ED36D35A336668
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 3F8E25215BE167A509ED36D35A336668
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.honeygain.me/ Name: _clsk
Value: 5fmj7s%7C1703541168679%7C1%7C1%7Cx.clarity.ms%2Fcollect

1 Console Messages

Source Level URL
Text
other warning URL: https://www.youtube.com/s/player/da154528/www-widgetapi.vflset/www-widgetapi.js(Line 1254)
Message:
Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
ff.honeygain.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
r.honeygain.me
region1.google-analytics.com
static.doubleclick.net
stats.g.doubleclick.net
widget.trustpilot.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
x.clarity.ms
172.67.71.104
18.239.69.36
20.114.190.119
2001:4860:4802:34::36
2606:4700:e2::ac40:8317
2620:1ec:bdf::63
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2006
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2016
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9c
68.219.88.97
000cf4f67c9474f0eb6361bd3ab9f493e17f1873e4a36ef95c11bd685c89683d
0014ca3a1629dc051baea93296e1c6d9d4d1f945c90b0fb8609708c35d93a0a1
0082539171b2381ca3ce547b3c5139c16dc8bfaf1f4ee00c07b8e22fdea8f6bc
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7
158b9315fa246e45d9166137a3b59d88de1d1853a106bd9f64ba1dd225a657d7
15f9bdfc9ed17f729f0abec68854fdd2c0f02ea0e52f55f864c50a62cbe1b1fd
2e43938512568a6819be40d8c79292dc4b5d9ac9888f23a9f5ba931f98ce81aa
34e901422e79b18ffc7b0c015be74cae1ede9cbd74fe65cc0f541c6961c1ec2b
3ddcce3761ab6024f94e0444930f4e3ab8728dc266c0cba4174036c3dd132765
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4623537c0781d4474ff3e20a2595313d46279c7531e5018195b122d4153b828e
4abe2b05d4f8d6a77b21136b002b041b116f15b7c8ab705e9985dc4c25657926
4ecc34627d4103fbb8d709b714d9489ee16f6f15a153fab36fca0df2dcaf2a77
5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee
5a816fbb7a71347ed9a4f22ed45d2ccad4d0f54ee0d6d0a65b672c572b4dc33c
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6afda5356f570f78c99016bc4c6e2c3e28d6911aea838e8609aef2a3030e10a0
6e52ef889c373ef4bf4fa8e4eed20dbe26a3cf9c71e7ab36158089da6f012495
707099252647c72a6df433cf62d168eea22667feeb862835f0cf257c44a3ab42
7347fe56bbf0d63b64027444251bfcd137da97fb31c39f7c0d22512ff52e7667
7ac9f0e85d1ed4d4ccf7a151ec6b9b80f89baa745841db8efd82713671ff5ab8
7d4679e6752e88a40e3493ef515e0845530d529ecc6da93aeada684a60c38619
810c8f1ad773a1339e1d12593c78c8ec6d49e3766e352ee9964f5663bf7b82fe
832e19ec2a39dd287d91393046d60d0bce93b52ea3d36654fe3771cd9af85793
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8864eb94e003a94656494dd2490604fde77e68c30db5deb8bff1ab1c57d5d194
8d229eb8e009d72bc1b0f2b385f7d13008f4cd832a5bd641a50b73af825ae386
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e39e970e76086a2e5850a7ffb52598a89dfbd68afd41a0ff33e73f96219238a
9e72dc36f0baca10cf727419e221eb6d047443a03aba33e7a558af082220a1e9
9f31c8b8972bd01522ed4a969cca56609d4b06539f9cd16ccb5aec87c263d721
9fed9387c33e6073d50f7c5814911f6c580b28d0f3958c9d193fe8aa471e52c5
a71d127dea8f431aed6b79647649fd82970ff205bb514974e19cf9af07bbff9d
abbda51c88a9a22c60f30b677f8925355382798bfcabb143d3938400c484d0f4
ae48d07c34bb7f0c96d3f662d40c0e8774c09e7860ee0704c77936e922fbadba
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af17d4cff542b33c97ee3a95f82a21d8993c87fd3472dff534fa855828a3b615
ba9f73a1364d8f7db5ec4f8f2baa5c6a301daaaaec488ebc7ee89438d7ca5c2f
bd806af7d3dd07dcbff6a918aace76a8852bfe7fc4bccc8f27ff6f0cc59222de
bd8d318ba3f0d1b6eecc7e0d29dd2aa8746225519fe32f9b1e36bc9833a16dc7
c600d27f80e9a812ca8ef748ef809a86168323f0f7deb7770e6e799751d09d37
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d854531f9c3833536d6971b4fd7617dafe1a2c6fd0bbed9469122e73ff3b13a1
dad560ae6ddb5bfb430e1f0984f95af9e41742a0f8c696675cac23447f2ab0b6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1929c9c891124ef996d588554edb9df696b40be4a07dc7b192e09984c05770c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50b3437118e3987bcf15bbe18094b785119f764d2af29be181b531de3b1bb08
e7eed928596fc3d1c1180c26f81e1847c6aac858cca19c4a69fd9f1220ef5ff3
e9c4a8bb276d35b9f0ed43e927cac469552a0d60964150386d63215b6e634eda
edadcf502fddcbfbe943fb488f38a86790c39ef492090fa5cfafc999817b894d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eead7a6f5a50094dfe01890a25e30a74a81358ad1027c80f9da5afe46d98f282
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19ff743ed3d5663a19dafd3528cb01278369c40f8487af63322a574888dfc73
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f6c8f2ffb49d3598bbad84a6b11f2cc3a8f792e57e413af62bfa790365341dd9