GET widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
200 OK 7.4 kB URL GET HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (23588)
Hash aaede52b3eb338a4c40a92d3dbe23826
230358c6626a991066aa9d0a759961ddf864be8a
682ab4c8be1cb38cf575dddee00463eb0a6b4c21c322c9be24eb76ca899117f2
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 7350
last-modified: Wed, 09 Oct 2024 12:04:38 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Tue, 26 Nov 2024 04:40:34 GMT
cache-control: max-age=86400
etag: "7d4644d89e45fe92623bdd628e60e8dd"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HlW-5E8zEVnI-a6nYKvS5yOWDjbHffBCXA_h-m0uR3Fk8tWYglmL1Q==
age: 49820
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtm.js?id=GTM-KQKKBZ4>m_auth=>m_preview=>m_cookies_win=x
200 OK 132 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KQKKBZ4>m_auth=>m_preview=>m_cookies_win=x
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint8F:6D:67:20:75:1C:E2:F2:C3:65:DF:AC:EA:22:D8:AD:ED:0A:08:BA
ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT
File type JavaScript source, ASCII text, with very long lines (60009)
Size 132 kB (131772 bytes)
Hash dbb452523ae5786e2bffbb5efb355e59
6c4d2c383c4c20aab5256ed00cc90ec507b41fa8
4f8966cab82110dd650eb6bdf02ed2d9165bdede78838f1e1a4337371ce3fe1e
GET /gtm.js?id=GTM-KQKKBZ4>m_auth=>m_preview=>m_cookies_win=x HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 26 Nov 2024 16:33:14 GMT
expires: Tue, 26 Nov 2024 16:33:14 GMT
cache-control: private, max-age=900
last-modified: Tue, 26 Nov 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
server: Google Tag Manager
content-length: 131772
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET r.honeygain.me/assets/setup-step-4577a50c.js
200 OK 6.3 kB URL GET HTTP/3 r.honeygain.me/assets/setup-step-4577a50c.js
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.me
Fingerprint98:0F:E9:57:2D:25:3A:BB:63:21:41:00:08:69:EA:51:59:15:ED:81
ValidityFri, 08 Nov 2024 05:01:17 GMT - Thu, 06 Feb 2025 05:01:16 GMT
File type ASCII text, with very long lines (15328)
Hash 2ea6d317f235779547c56a859363069a
c59fae89e7f541a6f91cd5a73669f7742c305c0c
07e631916dd6cbf57707f2d0d505f3677893c7072283654625fb4884cb1fe34c
GET /assets/setup-step-4577a50c.js HTTP/1.1
Host: r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/assets/index-c5ad6e20.js
Cookie: hg-id=referral-e3ah028wnr8oslc2gbzfx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 26 Nov 2024 16:33:14 GMT
content-type: application/javascript
last-modified: Thu, 21 Nov 2024 14:10:26 GMT
etag: W/"673f3f52-3be1"
expires: Thu, 28 Nov 2024 18:41:28 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 424306
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uNR9mVoSzDV%2Fr9LbjL7LX1dnXVH2VM4KduQNkHSVA0yCEqSUfryKYO%2FTgHgGDmv0AzuRfYuyaG5SYx4Ie0LxHdTA6T%2FeAcm74P%2Fce1FZWbghNYgjIk66jP5i1x%2FA2c%2FXcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e8b4770cc8d56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17941&sent=624&recv=36&lost=0&retrans=0&sent_bytes=724070&recv_bytes=4623&delivery_rate=105224&cwnd=286800&unsent_bytes=0&cid=03d95ba966053fff&ts=650&x=1", cfHdrFlush;dur=0
GET www.googletagmanager.com/gtag/js?id=G-CHVR3SF3WD&l=dataLayer&cx=c>m=45He4bk0v811958282za200
200 OK 108 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-CHVR3SF3WD&l=dataLayer&cx=c>m=45He4bk0v811958282za200
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint8F:6D:67:20:75:1C:E2:F2:C3:65:DF:AC:EA:22:D8:AD:ED:0A:08:BA
ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT
File type JavaScript source, ASCII text, with very long lines (5945)
Size 108 kB (108268 bytes)
Hash 1a997d6f7acdc62b0aaefeea7b7c9502
204397a02d1221e3bef51a5cd0d36d1927e1d069
dab419bfbe55437d2b47d8c699c11c66a567018267414c9087b4fac874ada119
GET /gtag/js?id=G-CHVR3SF3WD&l=dataLayer&cx=c>m=45He4bk0v811958282za200 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 26 Nov 2024 16:33:14 GMT
expires: Tue, 26 Nov 2024 16:33:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 108268
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET ff.honeygain.com/api/features/sdk-YT98zDqghSsvvQDf
200 OK 142 kB URL GET HTTP/2 ff.honeygain.com/api/features/sdk-YT98zDqghSsvvQDf
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.com
Fingerprint77:D4:51:F5:90:38:C1:D5:4B:3F:5E:90:CE:8C:9A:6D:2D:59:BC:BC
ValiditySat, 09 Nov 2024 11:58:17 GMT - Fri, 07 Feb 2025 12:58:14 GMT
Size 142 kB (141605 bytes)
Hash 059c54859e53054060f3dfb21d3b792f
c1501587895695b32a7bf26ad4fae63477831e07
a3f405cefcb8c6018842000f36afa54a48155284afb5a58b0ac37fa18542d105
GET /api/features/sdk-YT98zDqghSsvvQDf HTTP/1.1
Host: ff.honeygain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://r.honeygain.me/
Origin: https://r.honeygain.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 26 Nov 2024 16:33:14 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
x-sse-support: enabled
access-control-expose-headers: x-sse-support
etag: W/"17d7-wVAVh4lWlbMqe/Jq1PrmNHeDHgc"
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hBfX19MO3YMgmakq7xg4GX0FJtXPVMK81Y516Hctpkj1zUp7k1%2FYJYTBU80PM%2BIuyj%2BuXtoxr8LKiQy%2B%2FrUCJzHR6zq8MTMqwFfahyIic8Hz9BrEvJz6AWVGiE5WZn%2BnNqo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8e8b4770ddee56c1-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=17886&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3208&recv_bytes=1098&delivery_rate=222620&cwnd=253&unsent_bytes=0&cid=c2ca5de7c22cd29b&ts=85&x=0"
X-Firefox-Spdy: h2
GET r.honeygain.me/assets/gather-step-6ed5fa6b.js
200 OK 28 kB URL GET HTTP/3 r.honeygain.me/assets/gather-step-6ed5fa6b.js
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.me
Fingerprint98:0F:E9:57:2D:25:3A:BB:63:21:41:00:08:69:EA:51:59:15:ED:81
ValidityFri, 08 Nov 2024 05:01:17 GMT - Thu, 06 Feb 2025 05:01:16 GMT
File type ASCII text, with very long lines (54696)
Hash 5466593bcfd769bbcd2ece4423f84c1c
f6d9f0ccb465166b046746520d7908174c7a8912
f8fa9cbc4409185290ef15cdf802f21e50d86b7dea0a0760436153a93408be9b
GET /assets/gather-step-6ed5fa6b.js HTTP/1.1
Host: r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/assets/index-c5ad6e20.js
Cookie: hg-id=referral-e3ah028wnr8oslc2gbzfx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 26 Nov 2024 16:33:14 GMT
content-type: application/javascript
last-modified: Thu, 21 Nov 2024 14:10:26 GMT
etag: W/"673f3f52-d5a9"
expires: Mon, 02 Dec 2024 05:17:55 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 126919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZRaiqaRwEViqFmQ9CidbWK4cnJPU3ctTP8o%2FOEuyLahsXlFjhHCiePeVoT7yFxto%2F0e2hZeFAnVYm8astFEPy%2BlhwtCz077wzq%2BA%2BGUWBVVBnLKxmrAy%2FpEmIBY3ypKMPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e8b4770cc9556a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17941&sent=602&recv=36&lost=0&retrans=0&sent_bytes=698354&recv_bytes=4623&delivery_rate=105224&cwnd=286800&unsent_bytes=0&cid=03d95ba966053fff&ts=645&x=1", cfHdrFlush;dur=0
GET r.honeygain.me/assets/index-c5ad6e20.js
200 OK 656 kB URL GET HTTP/3 r.honeygain.me/assets/index-c5ad6e20.js
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.me
Fingerprint98:0F:E9:57:2D:25:3A:BB:63:21:41:00:08:69:EA:51:59:15:ED:81
ValidityFri, 08 Nov 2024 05:01:17 GMT - Thu, 06 Feb 2025 05:01:16 GMT
File type JavaScript source, ASCII text, with very long lines (32844)
Size 656 kB (655585 bytes)
Hash ec05a6353eb5d32fdacc697288ed6936
dbfda1dfad5cfc67c603362243c96a3ea26ca7ee
5f8482f7a96f5fb6f165cac110f83415b2d13d5237d284723b57816ae70d77b4
GET /assets/index-c5ad6e20.js HTTP/1.1
Host: r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/KINGS172F9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 26 Nov 2024 16:33:13 GMT
content-type: application/javascript
last-modified: Thu, 21 Nov 2024 14:10:26 GMT
etag: W/"673f3f52-1f4201"
expires: Mon, 02 Dec 2024 05:17:54 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 126919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=viYqShGPJ4ZaqRS%2BLEN8Q10i7RFiZpx4nRaf03O%2B%2BAeSU8%2FC4Kcn6bxUuKWQrbxDw1Zd%2BnxetGTUsMM6dmu%2BTp9S9eWLBKGTB2bBugzAUB86a36cpc3he%2B77T4jT%2BlRoxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e8b476defbd56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18467&sent=22&recv=8&lost=0&retrans=0&sent_bytes=16095&recv_bytes=1404&delivery_rate=34134&cwnd=12000&unsent_bytes=0&cid=03d95ba966053fff&ts=194&x=1", cfHdrFlush;dur=10
GET r.honeygain.me/assets/reviews-f6c8f2ff.css
200 OK 13 kB URL GET HTTP/3 r.honeygain.me/assets/reviews-f6c8f2ff.css
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.me
Fingerprint98:0F:E9:57:2D:25:3A:BB:63:21:41:00:08:69:EA:51:59:15:ED:81
ValidityFri, 08 Nov 2024 05:01:17 GMT - Thu, 06 Feb 2025 05:01:16 GMT
File type ASCII text, with very long lines (11710)
Hash 2e13df450b40caad094fadce05999220
e85cb92bc5a65694618a63998057eeb227aabf9a
f6c8f2ffb49d3598bbad84a6b11f2cc3a8f792e57e413af62bfa790365341dd9
GET /assets/reviews-f6c8f2ff.css HTTP/1.1
Host: r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/KINGS172F9
Cookie: hg-id=referral-e3ah028wnr8oslc2gbzfx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 26 Nov 2024 16:33:14 GMT
content-type: text/css
last-modified: Thu, 21 Nov 2024 14:10:26 GMT
etag: W/"673f3f52-2dbf"
expires: Fri, 29 Nov 2024 14:27:36 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 353138
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jZcBwjDZeoFSs1f%2Btp3IcPjimTFkKM6p%2FoglgVmmqE7yyyoBBTN3wh9Pt5IaP%2F216Mvb6xo0YBFOM9KgmnELTCA7Rz7%2Buc%2FK3s%2ForjldOvNmO%2FcEY%2B5mFd1s7ZIbIx%2FtLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e8b4771adbc56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17501&sent=638&recv=44&lost=0&retrans=0&sent_bytes=736760&recv_bytes=5470&delivery_rate=1339029&cwnd=286800&unsent_bytes=0&cid=03d95ba966053fff&ts=776&x=1", cfHdrFlush;dur=0
200 OK 2.2 kB URL widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
IP
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (6920)
Hash d33ee02fc81097cd2d24aaf6db3205d8
4b5060f9a8ee13bfc34e2b4469c7429ad186e2d2
2c09918b1bb0cca3b2a3e63803f0d47fd9cef0319c84efcdd2cd968081f40bb8
GET /trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 2178
last-modified: Wed, 21 Aug 2024 15:41:13 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Tue, 26 Nov 2024 01:06:05 GMT
cache-control: max-age=86400
etag: "5288708c90afdbae795c84f220d61802"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ca3Blh5XtRXr0WrAe_lPT21f8rz8dpxBO6P62NOJaCHr_XdiW_3yqA==
age: 55630
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
200 OK 2.2 kB URL widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
IP
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (6920)
Hash d33ee02fc81097cd2d24aaf6db3205d8
4b5060f9a8ee13bfc34e2b4469c7429ad186e2d2
2c09918b1bb0cca3b2a3e63803f0d47fd9cef0319c84efcdd2cd968081f40bb8
GET /trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 2178
last-modified: Wed, 21 Aug 2024 15:41:13 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Tue, 26 Nov 2024 01:06:05 GMT
cache-control: max-age=86400
etag: "5288708c90afdbae795c84f220d61802"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RrKotasAq6IShkOfCqnc6QLI3lnwz-DxO-6T-s9O2P8ZxuiwfsyEIg==
age: 55630
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2
200 OK 24 kB URL GET HTTP/2 fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT
File type Web Open Font Format (Version 2), TrueType, length 24376, version 1.0
Hash fc03edc2c67353b7608b593ee05565c6
72106071998b0ef5f145ea4f9d53459e52a33e9f
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7
GET /s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://r.honeygain.me
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Nov 2024 18:51:38 GMT
expires: Sat, 22 Nov 2025 18:51:38 GMT
cache-control: public, max-age=31536000
age: 337297
last-modified: Wed, 13 Sep 2023 23:22:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET js-eu1.hs-scripts.com/144271241.js
200 OK 586 B URL GET HTTP/2 js-eu1.hs-scripts.com/144271241.js
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecths-scripts.com
Fingerprint23:46:07:BD:8F:26:6A:EA:1C:B7:F8:ED:36:DB:46:EB:1F:06:EC:3E
ValiditySun, 24 Nov 2024 01:27:54 GMT - Sat, 22 Feb 2025 01:27:53 GMT
File type ASCII text, with very long lines (512)
Hash 5b0fe3f1999a3ccef6f345063bfe7ead
3ff3674166c9733cf90a8e164eca1fc21d1c495e
513832863c970e1c4ccf0bce276dda903ebe72c5362facfc99ee07c79a547f2e
GET /144271241.js HTTP/1.1
Host: js-eu1.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 26 Nov 2024 16:33:15 GMT
content-type: application/javascript;charset=utf-8
content-length: 586
vary: origin, Accept-Encoding
x-hubspot-correlation-id: ab258859-cef3-4448-bd60-eba7838d851c
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-max-age: 3600
access-control-allow-origin: https://dashboard.honeygain.com
last-modified: Tue, 26 Nov 2024 14:32:21 GMT
cf-cache-status: HIT
age: 5493
accept-ranges: bytes
server: cloudflare
cf-ray: 8e8b4774cab70a1c-ARN
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2
200 OK 24 kB URL GET HTTP/2 fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT
File type Web Open Font Format (Version 2), TrueType, length 24376, version 1.0
Hash fc03edc2c67353b7608b593ee05565c6
72106071998b0ef5f145ea4f9d53459e52a33e9f
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7
GET /s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://r.honeygain.me
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Nov 2024 18:51:38 GMT
expires: Sat, 22 Nov 2025 18:51:38 GMT
cache-control: public, max-age=31536000
age: 337297
last-modified: Wed, 13 Sep 2023 23:22:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
200 OK 25 kB URL GET HTTP/2 widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
IP
Requested by https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999#locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (63980), with no line terminators
Hash 848ebf731471796a9b697da82594216f
d8875045503f1f5aa757dd0fca289731f9854597
218ca5b9738cad9eccee7e9be81b8648bebc9583458a0764c8534aef85263281
GET /trustboxes/5419b6ffb0d04a076446a9af/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 25159
last-modified: Wed, 21 Aug 2024 15:41:15 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Tue, 26 Nov 2024 05:44:22 GMT
cache-control: max-age=86400
etag: "52dd54599464e4043086322a1edf99ef"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X2sKf5nZxw2Mq-3waf54QDtzeOLj5WjWeoHeroz8LrDzggZehk3bTA==
age: 39062
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
GET widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
200 OK 25 kB URL GET HTTP/2 widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
IP
Requested by https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999#locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (63980), with no line terminators
Hash 848ebf731471796a9b697da82594216f
d8875045503f1f5aa757dd0fca289731f9854597
218ca5b9738cad9eccee7e9be81b8648bebc9583458a0764c8534aef85263281
GET /trustboxes/5419b6ffb0d04a076446a9af/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 25159
last-modified: Wed, 21 Aug 2024 15:41:15 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Tue, 26 Nov 2024 05:44:22 GMT
cache-control: max-age=86400
etag: "52dd54599464e4043086322a1edf99ef"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lOFsUBXg___OGw_OnEM4_I8T6_QE1oRjdvcCFe-nlh8mA_e3vcqb3Q==
age: 39062
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2
200 OK 24 kB URL GET HTTP/2 fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT
File type Web Open Font Format (Version 2), TrueType, length 24376, version 1.0
Hash fc03edc2c67353b7608b593ee05565c6
72106071998b0ef5f145ea4f9d53459e52a33e9f
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7
GET /s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://r.honeygain.me
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Nov 2024 18:51:38 GMT
expires: Sat, 22 Nov 2025 18:51:38 GMT
cache-control: public, max-age=31536000
age: 337297
last-modified: Wed, 13 Sep 2023 23:22:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET r.honeygain.me/assets/money-stats-c1307fb0.js
200 OK 3.4 kB URL GET HTTP/3 r.honeygain.me/assets/money-stats-c1307fb0.js
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.me
Fingerprint98:0F:E9:57:2D:25:3A:BB:63:21:41:00:08:69:EA:51:59:15:ED:81
ValidityFri, 08 Nov 2024 05:01:17 GMT - Thu, 06 Feb 2025 05:01:16 GMT
File type Java source, ASCII text, with very long lines (8078)
Hash bea9e1e7618b4437f302ab52b6cbdee5
88dd4b63b0efc40073b80d668d1f2c4c1915b654
99b146788a63413f496800fa66baefcb75d03268fccfca3fea2b187315a31af6
GET /assets/money-stats-c1307fb0.js HTTP/1.1
Host: r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/assets/index-c5ad6e20.js
Cookie: hg-id=referral-e3ah028wnr8oslc2gbzfx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 26 Nov 2024 16:33:14 GMT
content-type: application/javascript
last-modified: Thu, 21 Nov 2024 14:10:26 GMT
etag: W/"673f3f52-1f8f"
expires: Thu, 28 Nov 2024 18:41:28 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 424306
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tn3hLWG3KK%2BPW5iSoX0QBvFr40wIigW9q4wDcBJfTnWcpGvcrUwuSSJ8XIIQ74tZ%2FfhYiMzgnc7tozYhaE5wAx%2BPr2Ra5NKY79tzhAvu2hvf3QfDacqb8aXDnkDmOrjMYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e8b4770dc9f56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17941&sent=620&recv=36&lost=0&retrans=0&sent_bytes=719940&recv_bytes=4623&delivery_rate=105224&cwnd=286800&unsent_bytes=0&cid=03d95ba966053fff&ts=649&x=1", cfHdrFlush;dur=0
GET webassets.honeygain.com/uploads/2024/11/26141309/hero-B-left.png
200 OK 346 kB URL GET HTTP/2 webassets.honeygain.com/uploads/2024/11/26141309/hero-B-left.png
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.com
Fingerprint77:D4:51:F5:90:38:C1:D5:4B:3F:5E:90:CE:8C:9A:6D:2D:59:BC:BC
ValiditySat, 09 Nov 2024 11:58:17 GMT - Fri, 07 Feb 2025 12:58:14 GMT
File type PNG image data, 588 x 915, 8-bit/color RGBA, non-interlaced
Size 346 kB (346133 bytes)
Hash 079160447980d78972f9ba2f6094e2c3
03307fbc7690e10fe05b6abef2359d867382ad52
e0677d877bd6c4f95a59b0d22cf1a2f72a35135c7ceb5e0ceaafc7c67b857d0e
GET /uploads/2024/11/26141309/hero-B-left.png HTTP/1.1
Host: webassets.honeygain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 26 Nov 2024 16:33:15 GMT
content-type: image/png
content-length: 346133
x-amz-id-2: 3ZYyV7F8spxs0L3LnjCK63+N8JZHLm/o1hfjPVonJRGNyiifJO+VfZ7tzNiwbLYHCPRucsQaIdA=
x-amz-request-id: GEBYD33FJD5FXRQQ
last-modified: Tue, 26 Nov 2024 14:13:10 GMT
etag: "079160447980d78972f9ba2f6094e2c3"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6168
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RhjqcLtolTj%2B03NclK73LJPgZI7YCP%2BpjctO6%2Bj579tz%2FWyoSZPlpmGDDezINLYODTQYcgtPMeBNPksG8QcEmIUXKcgW2KUVSVgjgra%2FZ%2F%2FKw%2B9Nmbolu21BUAXZFeaI0bUmqsX%2F%2Fr8s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e8b47775c6e1c0a-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=16923&min_rtt=16508&rtt_var=2974&sent=53&recv=11&lost=0&retrans=0&sent_bytes=67325&recv_bytes=1195&delivery_rate=261371&cwnd=253&unsent_bytes=31856&cid=5088be871428cf62&ts=62&x=0"
X-Firefox-Spdy: h2
GET widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fr.honeygain.me%2FKINGS172F9&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5db47bcc4de43a0001b54999&widgetId=5419b6ffb0d04a076446a9af
204 No Content 0 B URL GET HTTP/2 widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fr.honeygain.me%2FKINGS172F9&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5db47bcc4de43a0001b54999&widgetId=5419b6ffb0d04a076446a9af
IP
Requested by https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999#locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxView?locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fr.honeygain.me%2FKINGS172F9&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5db47bcc4de43a0001b54999&widgetId=5419b6ffb0d04a076446a9af HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
DNT: 1
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Tue, 26 Nov 2024 16:33:15 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2PLe1H4JjlMWas3LOIVpdJa-MY-UmiJcm2uOmBzkzptowffarS0QFA==
X-Firefox-Spdy: h2
GET webassets.honeygain.com/uploads/2024/11/26141307/hero-B-right.png
200 OK 429 kB URL GET HTTP/2 webassets.honeygain.com/uploads/2024/11/26141307/hero-B-right.png
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.com
Fingerprint77:D4:51:F5:90:38:C1:D5:4B:3F:5E:90:CE:8C:9A:6D:2D:59:BC:BC
ValiditySat, 09 Nov 2024 11:58:17 GMT - Fri, 07 Feb 2025 12:58:14 GMT
File type PNG image data, 563 x 878, 8-bit/color RGBA, non-interlaced
Size 429 kB (429223 bytes)
Hash 2fa701b35ef1af5c015220ceaeba2188
0e63d88ba762c43bd1ac5db441bb76a1eba46962
8c5401e17889b4256b757eb24b89be14e507cab9a9543c08e812723b90df9897
GET /uploads/2024/11/26141307/hero-B-right.png HTTP/1.1
Host: webassets.honeygain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 26 Nov 2024 16:33:15 GMT
content-type: image/png
content-length: 429223
x-amz-id-2: gRR8D3vUcXB56mt5ab7vtZrr+CKRPPXF4j6r/WzjfFWYx0avo398/jpbW9wgDDnc+c2gLdCKROowvAjHjP3GLnV3tiSsC5jO
x-amz-request-id: 6FXTE3C1BP2KZ2HY
last-modified: Tue, 26 Nov 2024 14:13:08 GMT
etag: "2fa701b35ef1af5c015220ceaeba2188"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6168
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eLHpHnKDkuZBJEJWITg0LHHUfDBkJ2dCT3XvaKB4ttRRq9PANqGnl6RmMbwXmcqUjvrKK51pVCLKH1ALZAMfz0LAYdnUdVCyL7t%2F1YiFH5DvtnvkAh9Zgmoeix37uFsWYQCT4vJO7D2l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e8b47775c761c0a-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=16850&min_rtt=16508&rtt_var=3772&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3228&recv_bytes=1164&delivery_rate=261371&cwnd=252&unsent_bytes=0&cid=5088be871428cf62&ts=56&x=0"
X-Firefox-Spdy: h2
GET widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fr.honeygain.me%2FKINGS172F9&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5db47bcc4de43a0001b54999&widgetId=5419b6ffb0d04a076446a9af
204 No Content 0 B URL GET HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fr.honeygain.me%2FKINGS172F9&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5db47bcc4de43a0001b54999&widgetId=5419b6ffb0d04a076446a9af
IP
Requested by https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999#locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fr.honeygain.me%2FKINGS172F9&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5db47bcc4de43a0001b54999&widgetId=5419b6ffb0d04a076446a9af HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
DNT: 1
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Tue, 26 Nov 2024 16:33:14 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PDsiuEVbSPlq4NEEOJMUp-OuDHxlvDfHzBjs1Lur-4TKTh20kmJL4A==
X-Firefox-Spdy: h2
GET widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fr.honeygain.me%2FKINGS172F9&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5db47bcc4de43a0001b54999&widgetId=5419b6ffb0d04a076446a9af
204 No Content 0 B URL GET HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fr.honeygain.me%2FKINGS172F9&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5db47bcc4de43a0001b54999&widgetId=5419b6ffb0d04a076446a9af
IP
Requested by https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999#locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fr.honeygain.me%2FKINGS172F9&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5db47bcc4de43a0001b54999&widgetId=5419b6ffb0d04a076446a9af HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
DNT: 1
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Tue, 26 Nov 2024 16:33:15 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CbU_0l2U1f30pDkUxSUcJtdc1sPNPlfQRn5gxk6rmVa2jwhEl81DOw==
X-Firefox-Spdy: h2
GET js-eu1.hs-banner.com/v2/144271241/banner.js
200 OK 165 kB URL GET HTTP/2 js-eu1.hs-banner.com/v2/144271241/banner.js
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecths-banner.com
Fingerprint9E:7F:CB:66:5C:4A:1B:C5:18:35:98:BE:35:15:90:66:39:D1:B3:2A
ValidityFri, 22 Nov 2024 22:12:57 GMT - Thu, 20 Feb 2025 22:12:56 GMT
File type gzip compressed data, max speed, from Unix
Size 165 kB (164911 bytes)
Hash f40b047456ce1a5bec761e044586c93e
d65132b2dcdca41a7005972c94dc514ac8053d9c
f1fe144c1f3be8034678cc4e307a7f605d2c7a7ac1bb504736deef8485dfd967
GET /v2/144271241/banner.js HTTP/1.1
Host: js-eu1.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 26 Nov 2024 16:33:15 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: rG4FvVzFsxkoHOR/V8cvwJMUjF0Ki8nml1y77v9u8AbCS3+DDDWYRVKZtbuFj99RUTT8yHzZsDrCioitWw1WAGLU+FzKBZ7PxIMuv74BMK4=
x-amz-request-id: SNSVW2SGR95MW351
last-modified: Wed, 10 Jul 2024 04:01:30 GMT
etag: W/"02ef0bbdb7fe808f1f4841d4c6a2b59d"
x-amz-server-side-encryption: AES256
cache-control: max-age=300,public
x-amz-version-id: dCsiMttdhLFelqxUrVMBZMjFXBKOY308
access-control-allow-origin: https://dashboard.honeygain.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Tue, 26 Nov 2024 16:28:56 GMT
content-encoding: gzip
x-envoy-upstream-service-time: 73
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 838b4583-a9be-47d5-a28b-d435b8a572ef
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-7c7578766c-8qj96
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 838b4583-a9be-47d5-a28b-d435b8a572ef
cf-cache-status: HIT
age: 292
server: cloudflare
cf-ray: 8e8b4778692a95f7-ARN
X-Firefox-Spdy: h2
GET bat.bing.com/bat.js
200 OK 15 kB IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
Fingerprint84:F6:91:27:23:11:2C:0D:0C:76:36:12:C9:98:53:3E:A7:F5:A7:37
ValidityMon, 16 Sep 2024 23:16:19 GMT - Sat, 15 Mar 2025 23:16:19 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (51384), with no line terminators
Hash 6626c1362840ebfc8f48294e8f023e18
4ec0dfb37c3e536c1b5ec04b68c9846fdbaf9eef
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 14570
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
accept-ranges: bytes
etag: "028e0691d20db1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F0F5E1F105634581B6C26ABAC9C6CD26 Ref B: OSL30EDGE0506 Ref C: 2024-11-26T16:33:16Z
date: Tue, 26 Nov 2024 16:33:16 GMT
X-Firefox-Spdy: h2
GET bat.bing.com/action/0?ti=97142146&Ver=2&mid=2f056a6c-8989-4074-9457-842bd691c6ae&bo=1&sid=23498f40ac1411efac74bfecc30ec15b&vid=23498ac0ac1411efa5eee5a3969b50e3&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&p=https%3A%2F%2Fr.honeygain.me%2FKINGS172F9&r=<=1166&evt=pageLoad&sv=1&cdb=AQAQ&rn=618231
204 No Content 0 B URL GET HTTP/2 bat.bing.com/action/0?ti=97142146&Ver=2&mid=2f056a6c-8989-4074-9457-842bd691c6ae&bo=1&sid=23498f40ac1411efac74bfecc30ec15b&vid=23498ac0ac1411efa5eee5a3969b50e3&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&p=https%3A%2F%2Fr.honeygain.me%2FKINGS172F9&r=<=1166&evt=pageLoad&sv=1&cdb=AQAQ&rn=618231
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
Fingerprint84:F6:91:27:23:11:2C:0D:0C:76:36:12:C9:98:53:3E:A7:F5:A7:37
ValidityMon, 16 Sep 2024 23:16:19 GMT - Sat, 15 Mar 2025 23:16:19 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=97142146&Ver=2&mid=2f056a6c-8989-4074-9457-842bd691c6ae&bo=1&sid=23498f40ac1411efac74bfecc30ec15b&vid=23498ac0ac1411efa5eee5a3969b50e3&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Passive%20Income%20%E2%80%93%20Effortlessly%20%7C%20Honeygain&p=https%3A%2F%2Fr.honeygain.me%2FKINGS172F9&r=<=1166&evt=pageLoad&sv=1&cdb=AQAQ&rn=618231 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=15285CF3F9646561383349B0F8916427; domain=.bing.com; expires=Sun, 21-Dec-2025 16:33:16 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 753ADF978BFA4A52AF7AA02E4B87DA14 Ref B: OSL30EDGE0506 Ref C: 2024-11-26T16:33:16Z
date: Tue, 26 Nov 2024 16:33:16 GMT
X-Firefox-Spdy: h2
GET r.honeygain.me/assets/hero-centered-old-27435404.js
200 OK 4.0 kB URL GET HTTP/3 r.honeygain.me/assets/hero-centered-old-27435404.js
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.me
Fingerprint98:0F:E9:57:2D:25:3A:BB:63:21:41:00:08:69:EA:51:59:15:ED:81
ValidityFri, 08 Nov 2024 05:01:17 GMT - Thu, 06 Feb 2025 05:01:16 GMT
File type Java source, ASCII text, with very long lines (400)
Hash 65d8b7d1de0d82b06df497a80b2882f1
8d01f53d2937f4b437ca90fc332090d712982873
de519e9dfeddf72593383cd4e0c3f4414fa74833548c00996c119d10efc27a39
GET /assets/hero-centered-old-27435404.js HTTP/1.1
Host: r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/assets/index-c5ad6e20.js
Cookie: hg-id=referral-e3ah028wnr8oslc2gbzfx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 26 Nov 2024 16:33:14 GMT
content-type: application/javascript
last-modified: Thu, 21 Nov 2024 14:10:26 GMT
etag: W/"673f3f52-191"
expires: Fri, 29 Nov 2024 07:10:50 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 379344
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Q202bsgsy0AgrIR5gBF7HEevu5PvKCHZByQHxMBRiMhWGsAQKnxfFFcJQ4QFSzsIOvB4%2F4TNg1win%2BUpaqDb8uBZcedQy93TAKx6PTJRXdBn08NklCtBVaK4HLfIJPREA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e8b4770bc7256a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17941&sent=587&recv=33&lost=0&retrans=0&sent_bytes=684743&recv_bytes=3739&delivery_rate=105224&cwnd=286800&unsent_bytes=0&cid=03d95ba966053fff&ts=634&x=1", cfHdrFlush;dur=0
GET r.honeygain.me/assets/index-56a71f99.css
200 OK 54 kB URL GET HTTP/3 r.honeygain.me/assets/index-56a71f99.css
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.me
Fingerprint98:0F:E9:57:2D:25:3A:BB:63:21:41:00:08:69:EA:51:59:15:ED:81
ValidityFri, 08 Nov 2024 05:01:17 GMT - Thu, 06 Feb 2025 05:01:16 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/index-56a71f99.css HTTP/1.1
Host: r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/KINGS172F9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 26 Nov 2024 16:33:13 GMT
content-type: text/css
last-modified: Thu, 21 Nov 2024 14:10:26 GMT
etag: W/"673f3f52-d31f"
expires: Fri, 29 Nov 2024 14:27:35 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 353138
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CVTZMYYUenbqA57DxphZOT7AOgoNs8tb7KDU5Rx7KrPUYx%2BGlAXkRytkLEuybUojwuYE3D1aQVJKhLWAiyGtpu6xPYSnxoiew%2BoxiyHlssIb0X0olbvUHhBbgcA7toA9eA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e8b476defc256a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18467&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4095&recv_bytes=1404&delivery_rate=34134&cwnd=12000&unsent_bytes=0&cid=03d95ba966053fff&ts=186&x=1", cfHdrFlush;dur=0
GET api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=144271241
200 OK 117 B URL GET HTTP/2 api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=144271241
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthubapi.com
Fingerprint62:89:D2:CD:C0:62:1A:89:3B:1B:75:C1:31:3B:B4:47:20:D7:23:F2
ValidityThu, 07 Nov 2024 16:56:54 GMT - Wed, 05 Feb 2025 17:56:52 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash c0e907995386b9f8556cb20c3228cd1b
b3d08f22850faa95d3f98467382661d4f25da83a
58b34942bbcfd1b3fadfc1c1fbbba47cd9d856f08955ec1c888e901572cf0c2f
GET /hs-script-loader-public/v1/config/pixels-and-events/json?portalId=144271241 HTTP/1.1
Host: api-eu1.hubapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://r.honeygain.me
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 26 Nov 2024 16:33:15 GMT
content-type: application/json;charset=utf-8
vary: origin
x-hubspot-correlation-id: c92ee696-0921-4115-a058-49bdf4104e09
access-control-allow-credentials: false
x-content-type-options: nosniff
access-control-allow-origin: https://r.honeygain.me
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: *
access-control-max-age: 180
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MOrP1Dwct1xjFSBAaQIiQgCNP08KIKEdbqVh9baqSGMA%2B9L9Xg9ROLEvzn276asUH2Eth8M6Y%2FXm5aEViWnwah60e8SXna4zsu1pCpo%2FU9BRoIy6o5H%2FJh2%2FkPcYt9uIN%2B%2Fc6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8e8b47798a8d2e03-ARN
content-encoding: br
X-Firefox-Spdy: h2
GET r.honeygain.me/assets/registration-stats-1230e650.js
200 OK 4.4 kB URL GET HTTP/3 r.honeygain.me/assets/registration-stats-1230e650.js
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.me
Fingerprint98:0F:E9:57:2D:25:3A:BB:63:21:41:00:08:69:EA:51:59:15:ED:81
ValidityFri, 08 Nov 2024 05:01:17 GMT - Thu, 06 Feb 2025 05:01:16 GMT
File type ASCII text, with very long lines (4460), with no line terminators
Hash ee993bfd136d89329458afebd7073c91
909c90e1055a1dfba8031d1d2e7d407ddc462753
125f2fe2c7e1c7df1605964be088acc8ef4e403275e917b7eb0a925c7c48790d
GET /assets/registration-stats-1230e650.js HTTP/1.1
Host: r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/assets/index-c5ad6e20.js
Cookie: hg-id=referral-e3ah028wnr8oslc2gbzfx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 26 Nov 2024 16:33:14 GMT
content-type: application/javascript
last-modified: Thu, 21 Nov 2024 14:10:26 GMT
etag: W/"673f3f52-1131"
expires: Mon, 02 Dec 2024 05:17:55 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 126919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R5yHM5QK%2FOMW%2BUj19dsbz9HvSF8FHMAsiN%2BNPqKc%2BPnCSe8nbMWz%2BHqAyo5Ce7pxG47PdIqBkG8J6X91zInhIjxexYQtxDNqWSRsV8YwSf%2FelU5QRhbvVIQwLsvn8TpObg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e8b4770dc9c56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17941&sent=618&recv=36&lost=0&retrans=0&sent_bytes=717550&recv_bytes=4623&delivery_rate=105224&cwnd=286800&unsent_bytes=0&cid=03d95ba966053fff&ts=646&x=1", cfHdrFlush;dur=0
GET widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5db47bcc4de43a0001b54999&locale=en-US
200 OK 1.0 kB URL GET HTTP/2 widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5db47bcc4de43a0001b54999&locale=en-US
IP
Requested by https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999#locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1111), with no line terminators
Hash ac2778ab5ab65651c19f4f46fd12629e
a2e89d34bcb7bf1cb5eab23737e5ec6fad95651c
452e84f9b91d4aa0bb31def8df76d9aa545600d97e8643a356d2a74422920f9c
GET /trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5db47bcc4de43a0001b54999&locale=en-US HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
DNT: 1
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Tue, 26 Nov 2024 16:25:53 GMT
server: Kestrel
cache-control: public,max-age=1800
content-encoding: gzip
etag: "74300019276b34735ab6f67e7c53c527"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nvQnkzGBukMIwf18Zy6NsSSM9U2CxKeCzAxXhI2k98hfpITK9_Q--w==
age: 442
X-Firefox-Spdy: h2
GET js-eu1.hsadspixel.net/fb.js
200 OK 5.8 kB URL GET HTTP/2 js-eu1.hsadspixel.net/fb.js
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthsadspixel.net
FingerprintCA:26:1D:0A:04:F6:D0:2F:B0:F9:69:F1:0A:D4:90:2F:18:1E:8D:87
ValidityThu, 10 Oct 2024 05:56:46 GMT - Wed, 08 Jan 2025 05:56:45 GMT
File type ASCII text, with very long lines (5972), with no line terminators
Hash 1fd2cb98e1d4d32ff66549fc862f2b07
24d379aba157ac8748cb537ba9860ecbb50b4183
6d95848c04bc9ae4b5867d81dd95cb8a1da4ba949fdbdad3f1b2d8837950662b
GET /fb.js HTTP/1.1
Host: js-eu1.hsadspixel.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 26 Nov 2024 16:33:15 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Tue, 26 Nov 2024 15:22:21 UTC
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-amz-version-id: xH1F_SGiDKKzCp1MeJx8PpqsLNKoWQDS
etag: W/"437bd1c41c503897cb639229507d94d7"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: Q9JgcE6qnV1r8h2DT0AgsGay21un2ymRI2jRE67e6K6Hco87xEogEg==
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.811/bundles/pixels-release.js&cfRay=8e8aee64bc8eeebf-WAW
cache-control: max-age=600
x-hs-target-asset: adsscriptloaderstatic/static-1.811/bundles/pixels-release.js
x-content-type-options: nosniff
x-hs-cache-status: MISS
x-envoy-upstream-service-time: 5
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: e286d601-e7e8-4d21-9882-97bd41b5fff0
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-df5c94fff-ptdqn
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: e286d601-e7e8-4d21-9882-97bd41b5fff0
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 42
server: cloudflare
cf-ray: 8e8b47786f5815e0-ARN
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=AW-11420082605
200 OK 449 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=AW-11420082605
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint8F:6D:67:20:75:1C:E2:F2:C3:65:DF:AC:EA:22:D8:AD:ED:0A:08:BA
ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT
File type JavaScript source, ASCII text, with very long lines (16791)
Size 449 kB (448799 bytes)
Hash 88194fd6c3c98792091e3dedd5a0ea4b
42995ffd857e7657d7fd63328a58bae9e824d3da
925fc8a59f2866d9d943d1d59cab6c167499e71ff34e30c3fac955af7d6c5954
GET /gtag/js?id=AW-11420082605 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 26 Nov 2024 16:33:15 GMT
expires: Tue, 26 Nov 2024 16:33:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 139640
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET r.honeygain.me/assets/earnings-stats-fde2b0e1.js
200 OK 13 kB URL GET HTTP/3 r.honeygain.me/assets/earnings-stats-fde2b0e1.js
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.me
Fingerprint98:0F:E9:57:2D:25:3A:BB:63:21:41:00:08:69:EA:51:59:15:ED:81
ValidityFri, 08 Nov 2024 05:01:17 GMT - Thu, 06 Feb 2025 05:01:16 GMT
File type ASCII text, with very long lines (13086)
Hash 106bee01636fdc3372e60601067318d3
bd602132cbcb85ca8a7142bfad772ac496207b93
a5419921219b4e1d1178bdb6eac9e23bb6aae80343cae874ba3babb3a8e8e9b5
GET /assets/earnings-stats-fde2b0e1.js HTTP/1.1
Host: r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/assets/index-c5ad6e20.js
Cookie: hg-id=referral-e3ah028wnr8oslc2gbzfx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 26 Nov 2024 16:33:14 GMT
content-type: application/javascript
last-modified: Thu, 21 Nov 2024 14:10:26 GMT
etag: W/"673f3f52-331f"
expires: Thu, 28 Nov 2024 18:41:28 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 424306
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=surRSbVM1Y%2FEO5wR4jonKs%2FoVeReRk5K%2Flv8pfxbanRLbeABhJCA7POvnxwI9syBVaUhbdNe5w2RvRnd3JTKBDtIr1M6SMIUc1VSGfopk%2F6qoiXozlbs%2Ffr2AtcDqd6hJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e8b4770dca856a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17941&sent=630&recv=36&lost=0&retrans=0&sent_bytes=730662&recv_bytes=4623&delivery_rate=105224&cwnd=286800&unsent_bytes=0&cid=03d95ba966053fff&ts=654&x=1", cfHdrFlush;dur=0
GET r.honeygain.me/favicon.ico
200 OK 22 kB URL GET HTTP/3 r.honeygain.me/favicon.ico
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.me
Fingerprint98:0F:E9:57:2D:25:3A:BB:63:21:41:00:08:69:EA:51:59:15:ED:81
ValidityFri, 08 Nov 2024 05:01:17 GMT - Thu, 06 Feb 2025 05:01:16 GMT
File type MS Windows icon resource - 3 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel
Hash 30a3eded94cba26d8bd534d715fdc252
c2b53132498c2762d28f217ff9e2b58cdb68fe05
79cbc7cc24786d64a3d7cbfaedf93d4bec814d234ab5e864ac430b00e228bddb
GET /favicon.ico HTTP/1.1
Host: r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/KINGS172F9
Cookie: hg-id=referral-e3ah028wnr8oslc2gbzfx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 26 Nov 2024 16:33:14 GMT
content-type: image/x-icon
last-modified: Mon, 25 Nov 2024 14:24:04 GMT
etag: W/"67448884-576e"
expires: Tue, 03 Dec 2024 04:18:43 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 44071
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=32XWAl4fv6Ry4CXonU7K%2B6vIk3cF0G1LbY1dMaMjuhYpgyrI%2FNjafOzGudcUYHyT%2BULFEJIQovZFaMyNxrXmV0BRko%2FUCtdR9n%2BAlcqVUc1y1m%2FuU16xYH8GqYJPxZqkLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e8b47720e8056a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17645&sent=703&recv=51&lost=0&retrans=0&sent_bytes=808794&recv_bytes=6581&delivery_rate=1927902&cwnd=286800&unsent_bytes=0&cid=03d95ba966053fff&ts=847&x=1", cfHdrFlush;dur=0
GET r.honeygain.me/assets/reviews-abf588ca.js
200 OK 1.4 kB URL GET HTTP/3 r.honeygain.me/assets/reviews-abf588ca.js
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.me
Fingerprint98:0F:E9:57:2D:25:3A:BB:63:21:41:00:08:69:EA:51:59:15:ED:81
ValidityFri, 08 Nov 2024 05:01:17 GMT - Thu, 06 Feb 2025 05:01:16 GMT
File type Unicode text, UTF-8 text, with very long lines (1406), with no line terminators
Hash f5bd345350d172e7d40ba0424c48a7b5
91f17de338f2872766f180bd85f308e618dc319f
fa8ba6eb000f692db54a2b05f79034d9bb893332f918a4ae7f73a1731bb6af24
GET /assets/reviews-abf588ca.js HTTP/1.1
Host: r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/assets/index-c5ad6e20.js
Cookie: hg-id=referral-e3ah028wnr8oslc2gbzfx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 26 Nov 2024 16:33:14 GMT
content-type: application/javascript
last-modified: Thu, 21 Nov 2024 14:10:26 GMT
etag: W/"673f3f52-56c"
expires: Sun, 01 Dec 2024 13:48:19 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 182695
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OTTwcn6AD%2BusAYLIAf7HjGo0x%2FucEAagl1V5R1Y89zhlVbgK1W94T0DeJsZbqLrKAcil4x8kciBXffWrZi7ZH1vJ%2F5HM7MuU9aUenJPHhFO6FrWRqlYAfFVkQGQzUQM3tg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e8b47728f2a56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18080&sent=710&recv=53&lost=0&retrans=0&sent_bytes=815615&recv_bytes=6916&delivery_rate=163594&cwnd=286800&unsent_bytes=0&cid=03d95ba966053fff&ts=921&x=1", cfHdrFlush;dur=0
GET ff.honeygain.com/sub/sdk-YT98zDqghSsvvQDf
200 OK 0 B URL GET ff.honeygain.com/sub/sdk-YT98zDqghSsvvQDf
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.com
Fingerprint77:D4:51:F5:90:38:C1:D5:4B:3F:5E:90:CE:8C:9A:6D:2D:59:BC:BC
ValiditySat, 09 Nov 2024 11:58:17 GMT - Fri, 07 Feb 2025 12:58:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sub/sdk-YT98zDqghSsvvQDf HTTP/1.1
Host: ff.honeygain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/event-stream
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://r.honeygain.me
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 26 Nov 2024 16:33:15 GMT
content-type: text/event-stream
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dxgK2QxtGedazCRpge2gJPN%2F%2Fuok176riohpHLAYLspDsVFveq3J%2FCZrwADUuLESzD5gmwWR%2BZ4VPnfTPd43y6ov4up4vt28i7CovGkOe9RN8UKGwFQZTHQtI6iZKdU4uEg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8e8b4776d82a56c1-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=23243&sent=11&recv=13&lost=0&retrans=0&sent_bytes=5990&recv_bytes=1199&delivery_rate=222620&cwnd=256&unsent_bytes=0&cid=c2ca5de7c22cd29b&ts=1037&x=0"
X-Firefox-Spdy: h2
POST www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fr.honeygain.me%2FKINGS172F9&scrsrc=www.googletagmanager.com&frm=0&rnd=64276108.1732638795&auid=1830501203.1732638795&npa=0>m=45He4bk0v811958282za200&gcs=G111&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732638794714&tfd=1195&apve=1
200 OK 0 B URL POST HTTP/2 www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fr.honeygain.me%2FKINGS172F9&scrsrc=www.googletagmanager.com&frm=0&rnd=64276108.1732638795&auid=1830501203.1732638795&npa=0>m=45He4bk0v811958282za200&gcs=G111&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732638794714&tfd=1195&apve=1
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjectwww.google.com
FingerprintC1:5D:47:A6:B2:09:5F:1C:78:06:A8:63:D5:80:5A:A2:73:83:A3:B3
ValidityMon, 21 Oct 2024 08:38:45 GMT - Mon, 13 Jan 2025 08:38:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ccm/collect?en=page_view&dl=https%3A%2F%2Fr.honeygain.me%2FKINGS172F9&scrsrc=www.googletagmanager.com&frm=0&rnd=64276108.1732638795&auid=1830501203.1732638795&npa=0>m=45He4bk0v811958282za200&gcs=G111&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732638794714&tfd=1195&apve=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://r.honeygain.me
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Tue, 26 Nov 2024 16:33:15 GMT
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-type: text/plain
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://r.honeygain.me
access-control-expose-headers: date,vary,vary,vary,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET fonts.googleapis.com/css2?family=Manrope:wght@400;500;700&display=swap
200 OK 6.4 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Manrope:wght@400;500;700&display=swap
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintE8:18:86:79:89:2E:F0:7C:66:1F:C3:43:81:D2:6D:9E:0C:9C:AB:05
ValidityMon, 21 Oct 2024 08:38:00 GMT - Mon, 13 Jan 2025 08:37:59 GMT
File type ASCII text, with very long lines (6594), with no line terminators
Hash 7e4d3549fc630113b8747adfd12508d6
c0e908c31fcb7bfc4de8c3bcf393c969a7f70b09
7d57e9ddc07a2d0eb2adfffe3b203a141bb0b83562247c8921e0beb474e620f1
GET /css2?family=Manrope:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 26 Nov 2024 16:33:14 GMT
date: Tue, 26 Nov 2024 16:33:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET r.honeygain.me/sprite.svg
200 OK 85 kB URL GET HTTP/3 r.honeygain.me/sprite.svg
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.me
Fingerprint98:0F:E9:57:2D:25:3A:BB:63:21:41:00:08:69:EA:51:59:15:ED:81
ValidityFri, 08 Nov 2024 05:01:17 GMT - Thu, 06 Feb 2025 05:01:16 GMT
File type SVG Scalable Vector Graphics image
Hash 6f9c61b040b86d38f04138fc18c6c19d
e7c9b1551694de8567369199cf75b7d8c56c6f41
12d7548a3e58e5ce8dfd1cdd3d0f28f77bd19659457b881d6ab75b1888d30328
GET /sprite.svg HTTP/1.1
Host: r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/KINGS172F9
Cookie: hg-id=referral-e3ah028wnr8oslc2gbzfx; _gcl_au=1.1.1830501203.1732638795
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 26 Nov 2024 16:33:14 GMT
content-type: image/svg+xml
last-modified: Thu, 21 Nov 2024 14:10:26 GMT
etag: W/"673f3f52-14c4d"
expires: Mon, 02 Dec 2024 07:22:12 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 119462
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mk74WwK9re1Yibsbc%2BvlhVh584PDtekfI7dGglWGEb2%2BSVy%2FjebuDgRJDuZ0jQKHz78yVibLTTpXwaRMFmHTof5vCmI62DyvVzda9mXvJqKaP7QXK2KLlKS5iGmLqJUbbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e8b47744a2656a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18021&sent=713&recv=55&lost=0&retrans=0&sent_bytes=817081&recv_bytes=7275&delivery_rate=44300&cwnd=286800&unsent_bytes=0&cid=03d95ba966053fff&ts=1203&x=1", cfHdrFlush;dur=0
GET r.honeygain.me/assets/reviews-abf588ca.js
200 OK 1.4 kB URL GET HTTP/3 r.honeygain.me/assets/reviews-abf588ca.js
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.me
Fingerprint98:0F:E9:57:2D:25:3A:BB:63:21:41:00:08:69:EA:51:59:15:ED:81
ValidityFri, 08 Nov 2024 05:01:17 GMT - Thu, 06 Feb 2025 05:01:16 GMT
File type Unicode text, UTF-8 text, with very long lines (1406), with no line terminators
Hash f5bd345350d172e7d40ba0424c48a7b5
91f17de338f2872766f180bd85f308e618dc319f
fa8ba6eb000f692db54a2b05f79034d9bb893332f918a4ae7f73a1731bb6af24
GET /assets/reviews-abf588ca.js HTTP/1.1
Host: r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://r.honeygain.me/KINGS172F9
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 26 Nov 2024 16:33:14 GMT
content-type: application/javascript
last-modified: Thu, 21 Nov 2024 14:10:26 GMT
etag: W/"673f3f52-56c"
expires: Sun, 01 Dec 2024 13:48:19 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 182695
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OEOYS6a%2FAHxYmuqZR6Au%2FR3AVkzQTLnqdhAVlotkYagy4%2F11JMU1ffPHMySxZl2f3w0XvpxSdg7Ylu6WaId3z038w3UuBwUXEjO19QFpXDKQ0sfYHCjtd8MRj%2FfSaNfVRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e8b4771adcc56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17501&sent=642&recv=44&lost=0&retrans=0&sent_bytes=741181&recv_bytes=5470&delivery_rate=1339029&cwnd=286800&unsent_bytes=0&cid=03d95ba966053fff&ts=781&x=1", cfHdrFlush;dur=0
GET widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
200 OK 8.0 kB URL GET HTTP/2 widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (8134), with no line terminators
Hash 51dd99b20889c35b0695080501520662
160ac4130b9f2f70b0fa55ee12740263c5070c46
82f912d3a686de6e6822818c1887342bebbdfa10a29a1aef2a3732aafa0d0cb1
GET /trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 2178
last-modified: Wed, 21 Aug 2024 15:41:13 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Tue, 26 Nov 2024 01:06:05 GMT
cache-control: max-age=86400
etag: "5288708c90afdbae795c84f220d61802"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ca3Blh5XtRXr0WrAe_lPT21f8rz8dpxBO6P62NOJaCHr_XdiW_3yqA==
age: 55630
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=G-3LNFBDTH6H&l=dataLayer&cx=c>m=45He4bk0v811958282za200
200 OK 449 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-3LNFBDTH6H&l=dataLayer&cx=c>m=45He4bk0v811958282za200
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint8F:6D:67:20:75:1C:E2:F2:C3:65:DF:AC:EA:22:D8:AD:ED:0A:08:BA
ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT
File type JavaScript source, ASCII text, with very long lines (16791)
Size 449 kB (448814 bytes)
Hash 00fe44b152718b27827a4907ebbcf148
53707f3cf23637170e01049a789d637c269d5fad
f1f9277b44ce306de78b4751114190bdbbcab1c5c25acc75c1e4bb2099b7764f
GET /gtag/js?id=G-3LNFBDTH6H&l=dataLayer&cx=c>m=45He4bk0v811958282za200 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 26 Nov 2024 16:33:14 GMT
expires: Tue, 26 Nov 2024 16:33:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 139597
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET r.honeygain.me/assets/register-step-2ba0ed48.js
200 OK 34 kB URL GET HTTP/3 r.honeygain.me/assets/register-step-2ba0ed48.js
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.me
Fingerprint98:0F:E9:57:2D:25:3A:BB:63:21:41:00:08:69:EA:51:59:15:ED:81
ValidityFri, 08 Nov 2024 05:01:17 GMT - Thu, 06 Feb 2025 05:01:16 GMT
File type ASCII text, with very long lines (33471)
Hash ed3ecdec30107909c70e1c3d1ec6e73b
5fbd4b98e38af3fab2fa31a96a136cbcb39b0354
74a5205ddec952089a16baa50bb5871c4a035cb35ca4ba930023b9c67012488e
GET /assets/register-step-2ba0ed48.js HTTP/1.1
Host: r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/assets/index-c5ad6e20.js
Cookie: hg-id=referral-e3ah028wnr8oslc2gbzfx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 26 Nov 2024 16:33:14 GMT
content-type: application/javascript
last-modified: Thu, 21 Nov 2024 14:10:26 GMT
etag: W/"673f3f52-82c0"
expires: Mon, 02 Dec 2024 05:17:55 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 126919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GgBm%2F6a4V0Yue44XK5QaQcN60AvIw%2FxVOLxrEw%2FN76ATBusSL9WAxU2zY1yNYWJLV15gV3f1PNMOTa6Mn2kH%2BTDVKzJps5obGjcMrTuvQzIQ6IDnhHe%2B%2BqdCAvNNMU9EoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e8b4770cc8656a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17941&sent=590&recv=35&lost=0&retrans=0&sent_bytes=685715&recv_bytes=4329&delivery_rate=105224&cwnd=286800&unsent_bytes=0&cid=03d95ba966053fff&ts=638&x=1", cfHdrFlush;dur=0
GET r.honeygain.me/KINGS172F9
200 OK 1.5 kB URL User Request GET HTTP/2 r.honeygain.me/KINGS172F9
IP
Certificate IssuerGoogle Trust Services
Subjecthoneygain.me
Fingerprint98:0F:E9:57:2D:25:3A:BB:63:21:41:00:08:69:EA:51:59:15:ED:81
ValidityFri, 08 Nov 2024 05:01:17 GMT - Thu, 06 Feb 2025 05:01:16 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (1569), with no line terminators
Hash 27445b5e502da0eb691195ac8a301062
22b7779240f8231568cd4d446f334f63568e06bb
a6c40223f52c26fcf8f35830f0ceccda4f5f83a7e66ee60956c5a43bd315725e
GET /KINGS172F9 HTTP/1.1
Host: r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 26 Nov 2024 16:33:13 GMT
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YfRM%2BVqzPkTxWDc0dzmzOhVIEupud8U76vyx5ttIhE6u9fSj9QA2%2B5MnQKj45AHWifqReRT%2B%2B3UA6dwXac5kTcJVDWkCkwsxZRQt%2BCXTs1qsdWg9XFRkHlIVsse5BsJ2qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8e8b476c1eb60b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=22363&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3275&recv_bytes=1251&delivery_rate=250678&cwnd=254&unsent_bytes=0&cid=c83f90e79110fcdd&ts=136&x=0"
X-Firefox-Spdy: h2
GET r.honeygain.me/assets/en-f049d024.js
200 OK 5.7 kB URL GET HTTP/3 r.honeygain.me/assets/en-f049d024.js
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.me
Fingerprint98:0F:E9:57:2D:25:3A:BB:63:21:41:00:08:69:EA:51:59:15:ED:81
ValidityFri, 08 Nov 2024 05:01:17 GMT - Thu, 06 Feb 2025 05:01:16 GMT
File type Unicode text, UTF-8 text, with very long lines (6017), with no line terminators
Hash 8c6f49985f2ddda860784a897e726b6e
97826685deb6ab75e31ae2b02b81f9048647a398
c0618dcb947e5256f855dc4cb1e6093d2621b1d0b2991d064c313dff52c24aef
GET /assets/en-f049d024.js HTTP/1.1
Host: r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/assets/index-c5ad6e20.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 26 Nov 2024 16:33:14 GMT
content-type: application/javascript
last-modified: Thu, 21 Nov 2024 14:10:26 GMT
etag: W/"673f3f52-1619"
expires: Sun, 01 Dec 2024 13:24:11 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 184143
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nf%2FlSJxslTr5eIGfgq4VP5jrqtrlQw2gdy3mSpVxpG%2Bf4wQRj5AbOI6wkBGntNojGONB5LXKOnIEN0VKsz6dpOXlZ91GkHcaAyE2uGHK5JR17DAFzLFy%2F%2BspiRPj4%2Bg%2B0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e8b47704bd156a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17815&sent=580&recv=28&lost=0&retrans=0&sent_bytes=681388&recv_bytes=2518&delivery_rate=9074416&cwnd=286800&unsent_bytes=0&cid=03d95ba966053fff&ts=555&x=1", cfHdrFlush;dur=0
GET r.honeygain.me/images/hero-left.svg
200 OK 88 kB URL GET HTTP/3 r.honeygain.me/images/hero-left.svg
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.me
Fingerprint98:0F:E9:57:2D:25:3A:BB:63:21:41:00:08:69:EA:51:59:15:ED:81
ValidityFri, 08 Nov 2024 05:01:17 GMT - Thu, 06 Feb 2025 05:01:16 GMT
File type SVG Scalable Vector Graphics image
Hash ada9749e8602a2e37567efbf7caa8f01
15018312d57b3a98aadaac61c71146d2dba80b8d
e6e796f8fda8cba65e4d5fbdcff80dbedcd93e02166dd4ba9d877adf9fd3a46a
GET /images/hero-left.svg HTTP/1.1
Host: r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/KINGS172F9
Cookie: hg-id=referral-e3ah028wnr8oslc2gbzfx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 26 Nov 2024 16:33:14 GMT
content-type: image/svg+xml
last-modified: Thu, 21 Nov 2024 14:10:26 GMT
etag: W/"673f3f52-15919"
expires: Fri, 29 Nov 2024 14:27:36 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 353138
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YHO1MdOH1Dr61S7D2xlg3dCIVR9iUpwpff3OsMwlMh2fSlqXNycuOEZsSNE%2BqXLIGNJ1bk8a6bWGVdsl1d7E8M7qzcSaRzq4WydnN3EDjN2ZTTZFVPrb4mvKl4PXO4Vw5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e8b4771cde356a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17446&sent=646&recv=47&lost=0&retrans=0&sent_bytes=742677&recv_bytes=6140&delivery_rate=149729&cwnd=286800&unsent_bytes=0&cid=03d95ba966053fff&ts=798&x=1", cfHdrFlush;dur=0
GET r.honeygain.me/api/v1/coupons/KINGS172F9
200 OK 102 B URL GET HTTP/3 r.honeygain.me/api/v1/coupons/KINGS172F9
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.me
Fingerprint98:0F:E9:57:2D:25:3A:BB:63:21:41:00:08:69:EA:51:59:15:ED:81
ValidityFri, 08 Nov 2024 05:01:17 GMT - Thu, 06 Feb 2025 05:01:16 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 47d6a617c1473bc0c45ba4a610a4a2e9
20cad9f92c23838fa19d20a1b131ebc16fd73dee
6e059cce5484f8f15fa2e5077d26b6ca525e6328bc07eb10e12a79d268660474
GET /api/v1/coupons/KINGS172F9 HTTP/1.1
Host: r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://r.honeygain.me/KINGS172F9
DNT: 1
Connection: keep-alive
Cookie: hg-id=referral-e3ah028wnr8oslc2gbzfx; _gcl_au=1.1.1830501203.1732638795
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 26 Nov 2024 16:33:15 GMT
content-type: application/json
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rKfgeUmVvNKU4t1a8ugRlVp8AWOusuap3WRjCks4IYprIaOS3JpLEwDB%2FmrmOqrgal1A2V%2BRU9ldx8e04lM7RnZO5S7M1%2FXeZJ0RkiKOUEbml%2BoIWK1Y%2BOdfKvmH%2BxtoBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8e8b4774cad356a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18071&sent=741&recv=57&lost=0&retrans=0&sent_bytes=848995&recv_bytes=7640&delivery_rate=889894&cwnd=286800&unsent_bytes=0&cid=03d95ba966053fff&ts=1345&x=1", cfHdrFlush;dur=0
GET bat.bing.com/p/action/97142146.js
200 OK 364 B URL GET HTTP/2 bat.bing.com/p/action/97142146.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
Fingerprint84:F6:91:27:23:11:2C:0D:0C:76:36:12:C9:98:53:3E:A7:F5:A7:37
ValidityMon, 16 Sep 2024 23:16:19 GMT - Sat, 15 Mar 2025 23:16:19 GMT
File type JavaScript source, ASCII text, with very long lines (374), with no line terminators
Hash 6ac84e597f14c2941c47920fc20071ec
9210e932e5ac06aea5bba7880c54986ac1d81eff
00e3ffbb900f4aad07f55af27cc0381984d54b21b45e00b851a11b72f8e063e7
GET /p/action/97142146.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private,max-age=1800
content-type: application/javascript; charset=utf-8
content-encoding: br
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9C687D5C13EE4FFB91948BE15DEAF9C7 Ref B: OSL30EDGE0506 Ref C: 2024-11-26T16:33:16Z
date: Tue, 26 Nov 2024 16:33:16 GMT
X-Firefox-Spdy: h2
GET widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5db47bcc4de43a0001b54999&locale=en-US
200 OK 1.0 kB URL GET HTTP/2 widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5db47bcc4de43a0001b54999&locale=en-US
IP
Requested by https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999#locale=en-US&styleHeight=20px&styleWidth=100%25&theme=light
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1111), with no line terminators
Hash ac2778ab5ab65651c19f4f46fd12629e
a2e89d34bcb7bf1cb5eab23737e5ec6fad95651c
452e84f9b91d4aa0bb31def8df76d9aa545600d97e8643a356d2a74422920f9c
GET /trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5db47bcc4de43a0001b54999&locale=en-US HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
DNT: 1
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Tue, 26 Nov 2024 16:25:53 GMT
server: Kestrel
cache-control: public,max-age=1800
content-encoding: gzip
etag: "74300019276b34735ab6f67e7c53c527"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1-JmBTMjPBmFQbNFazgc4oNWIG7-E2LhXNfb6eLhxF5JcOstDzlp0Q==
age: 442
X-Firefox-Spdy: h2
GET r.honeygain.me/images/hero-right.svg
200 OK 76 kB URL GET HTTP/3 r.honeygain.me/images/hero-right.svg
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerGoogle Trust Services
Subjecthoneygain.me
Fingerprint98:0F:E9:57:2D:25:3A:BB:63:21:41:00:08:69:EA:51:59:15:ED:81
ValidityFri, 08 Nov 2024 05:01:17 GMT - Thu, 06 Feb 2025 05:01:16 GMT
File type SVG Scalable Vector Graphics image
Hash 70d5ec52ed7ae719fc586be3fa5f6366
499e265183ce5d35bf9c6e0c325b4204a938c53a
3cedd573030a3f7d9c00a69a4d5152e1cfc2fa6f7e6fc459301fbbc8457d413e
GET /images/hero-right.svg HTTP/1.1
Host: r.honeygain.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/KINGS172F9
Cookie: hg-id=referral-e3ah028wnr8oslc2gbzfx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 26 Nov 2024 16:33:14 GMT
content-type: image/svg+xml
last-modified: Thu, 21 Nov 2024 14:10:26 GMT
etag: W/"673f3f52-12aa2"
expires: Fri, 29 Nov 2024 14:27:36 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 353138
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7qQwPdZJ2mYbv7o%2F9RXyVglmGMCnprsvUZ%2BG6JIAI4dqjoeoPH1fOXQX582D%2Fh357l4dEpwOc5DdzJMOeClBJD1J2mCvxVRojaScJpNT2jDzmCMN6uikQKN%2BoMAYbZx%2Bmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e8b4771cde656a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17461&sent=666&recv=48&lost=0&retrans=0&sent_bytes=766677&recv_bytes=6185&delivery_rate=198601&cwnd=286800&unsent_bytes=0&cid=03d95ba966053fff&ts=799&x=1", cfHdrFlush;dur=0
GET widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
200 OK 8.0 kB URL GET HTTP/2 widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999
IP
Requested by https://r.honeygain.me/KINGS172F9
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (8134), with no line terminators
Hash 51dd99b20889c35b0695080501520662
160ac4130b9f2f70b0fa55ee12740263c5070c46
82f912d3a686de6e6822818c1887342bebbdfa10a29a1aef2a3732aafa0d0cb1
GET /trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5db47bcc4de43a0001b54999 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.honeygain.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 2178
last-modified: Wed, 21 Aug 2024 15:41:13 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Tue, 26 Nov 2024 01:06:05 GMT
cache-control: max-age=86400
etag: "5288708c90afdbae795c84f220d61802"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RrKotasAq6IShkOfCqnc6QLI3lnwz-DxO-6T-s9O2P8ZxuiwfsyEIg==
age: 55630
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
104.21.49.227
172.65.202.201
188.114.96.1
0.0.0.0