urlscan.io logo urlscan.io
SecurityTrails logo

namel.net Open in urlscan Pro
185.66.201.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lh-vip.xyz/
Effective URL: https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrGdCrdrkZAZdZCiGkkjdCpCrkpNkkNrxANkkCrCk...
Submission: On February 05 via manual from PH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 6 HTTP transactions. The main IP is 185.66.201.34, located in Slovakia and belongs to SKHOSTING-EU, SK. The main domain is namel.net.
TLS certificate: Issued by R3 on January 1st 2021. Valid for: 3 months.
This is the only time namel.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 185.66.200.220 201702 (SKHOSTING-EU)
1 185.66.201.34 201702 (SKHOSTING-EU)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 18.195.195.71 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 6
2    2606:4700:3035::ac43:9ad9 (United States)

ASN13335 (CLOUDFLARENET, US)
lh-vip.xyz
1    185.66.200.220 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu
goraps.com
1    185.66.201.34 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: at-public.skhosting.eu
namel.net
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.195.195.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-195-71.eu-central-1.compute.amazonaws.com
cortments-knosis.com
1    2606:4700:3031::6815:4f07 (United States)

ASN13335 (CLOUDFLARENET, US)
track.startprocess.live
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Domain Requested by
2 www.google-analytics.com namel.net
www.google-analytics.com
2 lh-vip.xyz 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 track.startprocess.live namel.net
1 cortments-knosis.com 1 redirects
1 namel.net lh-vip.xyz
1 goraps.com 1 redirects
6 7

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-01-20 -
2022-01-19		 a year crt.sh
namel.net
R3		 2021-01-01 -
2021-04-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh

This page contains 1 frames:

Frame: https://track.startprocess.live/?utm_medium=0f15c529f021d650330046ef8f65b73ea5453741&cid=wlvdjgef6gone4a5i422fsfc
Frame ID: 4C7F563742C43C75397B23705C1C3A05
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://lh-vip.xyz/ HTTP 301
    https://lh-vip.xyz/ Page URL
  2. https://goraps.com/fullpage.php?section=General&pub=961842&ga=g HTTP 302
    https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrGdCrdrkZAZdZCiGkkjd... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

6
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

21 kB
Transfer

47 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lh-vip.xyz/ HTTP 301
    https://lh-vip.xyz/ Page URL
  2. https://goraps.com/fullpage.php?section=General&pub=961842&ga=g HTTP 302
    https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrGdCrdrkZAZdZCiGkkjdCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_70514&adApiR=loaded_string_40375922c068bffff4067537aa840979a890f_2397364_1612529051.2025_53173&refferer=3916922530_aHR0cHM6Ly9saC12aXAueHl6Lw==&yxDom=Z29yYXBzLmNvbQ==_d8938421060b08e96eef6193049d6923 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://lh-vip.xyz/ HTTP 301
  • https://lh-vip.xyz/
Request Chain 2
  • https://cortments-knosis.com/316b1735-151d-4076-92d2-42b88a0841ec?c2=25150861&c1=affC1612529051affe20ab4b049732a858a566 HTTP 302
  • https://track.startprocess.live/?utm_medium=0f15c529f021d650330046ef8f65b73ea5453741&cid=wlvdjgef6gone4a5i422fsfc

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
lh-vip.xyz/
Redirect Chain
  • http://lh-vip.xyz/
  • https://lh-vip.xyz/
110 B
700 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lh-vip.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9ad9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
lh-vip.xyz
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 12:44:10 GMT
content-type
text/html
set-cookie
__cfduid=d04eb05f6005a58d061f12a49aedc42091612529050; expires=Sun, 07-Mar-21 12:44:10 GMT; path=/; domain=.lh-vip.xyz; HttpOnly; SameSite=Lax; Secure
last-modified
Thu, 21 Jan 2021 04:03:24 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0813d1bbbe0000d6f506b42000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3imFykGkmNYPbcuCopNaVOblmofz0kgHOWZ1r12TaR%2BhtO5CM9PoGPnegwx8eu1O3cYaTA%2B6%2BhosoZWHNW1SZoT5MjIdLEmrKh57NNNr8Bwjabs6ITpQ"}]}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
61ccb8a5fe77d6f5-FRA
content-encoding
br

Redirect headers

Date
Fri, 05 Feb 2021 12:44:10 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Fri, 05 Feb 2021 13:44:10 GMT
Location
https://lh-vip.xyz/
cf-request-id
0813d1bb9c00001f4d749f0000000001
Report-To
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mN0zbElk3aMZMofoD4CBfTPJph3ewMxD4oqa5eYMyCdC%2B5DwxvYzRck%2B0zD61%2FQRuYYCy5dEupPpl1pDc04oym3TpjbY6bGQacWinoZdRoLoR5fc6HTR"}]}
NEL
{"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
61ccb8a5c91e1f4d-FRA
Primary Request /
namel.net/d0d63e31e7/070a954047/
Redirect Chain
  • https://goraps.com/fullpage.php?section=General&pub=961842&ga=g
  • https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrGdCrdrkZAZdZCiGkkjdCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_70514&adApiR=loaded_string_40375922c068bffff4067537a...
893 B
813 B 		Document
General
Check archive.org
Download Go to
Full URL
https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrGdCrdrkZAZdZCiGkkjdCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_70514&adApiR=loaded_string_40375922c068bffff4067537aa840979a890f_2397364_1612529051.2025_53173&refferer=3916922530_aHR0cHM6Ly9saC12aXAueHl6Lw==&yxDom=Z29yYXBzLmNvbQ==_d8938421060b08e96eef6193049d6923
Requested by
Host: lh-vip.xyz
URL: https://lh-vip.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
at-public.skhosting.eu
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
namel.net
:scheme
https
:path
/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrGdCrdrkZAZdZCiGkkjdCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_70514&adApiR=loaded_string_40375922c068bffff4067537aa840979a890f_2397364_1612529051.2025_53173&refferer=3916922530_aHR0cHM6Ly9saC12aXAueHl6Lw==&yxDom=Z29yYXBzLmNvbQ==_d8938421060b08e96eef6193049d6923
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://lh-vip.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://lh-vip.xyz/

Response headers

server
nginx
date
Fri, 05 Feb 2021 12:44:11 GMT
content-type
text/html; charset=UTF-8
set-cookie
total_impressions=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; secure; SameSite=None used_ad2397364=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None
expires
Sun, 01 Jan 2014 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex,nofollow
content-encoding
br

Redirect headers

server
nginx
date
Fri, 05 Feb 2021 12:44:11 GMT
content-type
text/html; charset=UTF-8
location
https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrGdCrdrkZAZdZCiGkkjdCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_70514&adApiR=loaded_string_40375922c068bffff4067537aa840979a890f_2397364_1612529051.2025_53173&refferer=3916922530_aHR0cHM6Ly9saC12aXAueHl6Lw==&yxDom=Z29yYXBzLmNvbQ==_d8938421060b08e96eef6193049d6923
expires
Fri, 05 Feb 2021 12:44:10 GMT
last-modified
Fri, 05 Feb 2021 12:44:10 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex, nofollow, noarchive, nosnippet
set-cookie
used_ad2397364=1; expires=Sat, 06-Feb-2021 05:00:00 GMT; Max-Age=58549; path=/; domain=goraps.com; secure; HttpOnly; SameSite=None total_impressions=1; expires=Sat, 06-Feb-2021 05:00:00 GMT; Max-Age=58549; path=/; domain=goraps.com; secure; HttpOnly; SameSite=None cpa_673873=popup_161925262_4; expires=Sun, 07-Mar-2021 12:44:11 GMT; Max-Age=2592000; path=/; domain=goraps.com; secure; SameSite=None
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: namel.net
URL: https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrGdCrdrkZAZdZCiGkkjdCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_70514&adApiR=loaded_string_40375922c068bffff4067537aa840979a890f_2397364_1612529051.2025_53173&refferer=3916922530_aHR0cHM6Ly9saC12aXAueHl6Lw==&yxDom=Z29yYXBzLmNvbQ==_d8938421060b08e96eef6193049d6923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrGdCrdrkZAZdZCiGkkjdCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_70514&adApiR=loaded_string_40375922c068bffff4067537aa840979a890f_2397364_1612529051.2025_53173&refferer=3916922530_aHR0cHM6Ly9saC12aXAueHl6Lw==&yxDom=Z29yYXBzLmNvbQ==_d8938421060b08e96eef6193049d6923
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
4744
date
Fri, 05 Feb 2021 11:25:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Fri, 05 Feb 2021 13:25:07 GMT
/
track.startprocess.live/
Redirect Chain
  • https://cortments-knosis.com/316b1735-151d-4076-92d2-42b88a0841ec?c2=25150861&c1=affC1612529051affe20ab4b049732a858a566
  • https://track.startprocess.live/?utm_medium=0f15c529f021d650330046ef8f65b73ea5453741&cid=wlvdjgef6gone4a5i422fsfc
0
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://track.startprocess.live/?utm_medium=0f15c529f021d650330046ef8f65b73ea5453741&cid=wlvdjgef6gone4a5i422fsfc
Requested by
Host: namel.net
URL: https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrGdCrdrkZAZdZCiGkkjdCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_70514&adApiR=loaded_string_40375922c068bffff4067537aa840979a890f_2397364_1612529051.2025_53173&refferer=3916922530_aHR0cHM6Ly9saC12aXAueHl6Lw==&yxDom=Z29yYXBzLmNvbQ==_d8938421060b08e96eef6193049d6923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4f07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.10
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
track.startprocess.live
:scheme
https
:path
/?utm_medium=0f15c529f021d650330046ef8f65b73ea5453741&cid=wlvdjgef6gone4a5i422fsfc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrGdCrdrkZAZdZCiGkkjdCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_70514&adApiR=loaded_string_40375922c068bffff4067537aa840979a890f_2397364_1612529051.2025_53173&refferer=3916922530_aHR0cHM6Ly9saC12aXAueHl6Lw==&yxDom=Z29yYXBzLmNvbQ==_d8938421060b08e96eef6193049d6923
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrGdCrdrkZAZdZCiGkkjdCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_70514&adApiR=loaded_string_40375922c068bffff4067537aa840979a890f_2397364_1612529051.2025_53173&refferer=3916922530_aHR0cHM6Ly9saC12aXAueHl6Lw==&yxDom=Z29yYXBzLmNvbQ==_d8938421060b08e96eef6193049d6923

Response headers

date
Fri, 05 Feb 2021 12:44:16 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d0982965cda92b4f9bbb4479361cf0a731612529052; expires=Sun, 07-Mar-21 12:44:12 GMT; path=/; domain=.startprocess.live; HttpOnly; SameSite=Lax; Secure u=0ff79a6047515e028ddb305a41bd1c14; expires=Sat, 05-Feb-2022 12:44:12 GMT; Max-Age=31536000; path=/
x-powered-by
PHP/7.4.10
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
cf-cache-status
DYNAMIC
cf-request-id
0813d1c20c00004a61b1acf000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BlfMjDFZ0nzTXDSIeV4dqhv3F6AFN0yu7mRxtPrkNHseuwoB8t7Nj4y0LiCIFBjXkufTsBX9HK5SJuCcDQmkQ8dLrRbIS94oVxOU9yaiyraztHDXXic3FzOzc9ljoaZGWle%2Fcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
61ccb8b01b7e4a61-FRA

Redirect headers

Server
nginx
Date
Fri, 05 Feb 2021 12:44:12 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://track.startprocess.live/?utm_medium=0f15c529f021d650330046ef8f65b73ea5453741&cid=wlvdjgef6gone4a5i422fsfc
Pragma
no-cache
Set-Cookie
316b1735-151d-4076-92d2-42b88a0841ec-v4=316b1735-151d-4076-92d2-42b88a0841ec; Max-Age=86400; Expires=Sat, 06-Feb-2021 12:44:12 GMT; Domain=cortments-knosis.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=eY%2FB3zQZN93Wlw40H6JEvyNFH1I0%2Bhs6j8eXehKka7rsob32LFk1OD6XzMJKtS9iPR0ceGSP7z40x7Q7J1R66xC4srswfEwcjMPbaJj%2BBQH%2FJFdXGyJbwbxK1N5yAMXjeQhrLOB2LFTVtVM6w5jx5A%3D%3D; Max-Age=31536000; Expires=Sat, 05-Feb-2022 12:44:12 GMT; Domain=cortments-knosis.com; Path=/; Secure; HttpOnly;SameSite=None
collect
www.google-analytics.com/j/ 		4 B
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=439329501&t=pageview&_s=1&dl=https%3A%2F%2Fnamel.net%2Fd0d63e31e7%2F070a954047%2F%3FplacementName%3DROTATOR%26type%3Dn%26cv%3DXrGdCrdrkZAZdZCiGkkjdCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_70514%26adApiR%3Dloaded_string_40375922c068bffff4067537aa840979a890f_2397364_1612529051.2025_53173%26refferer%3D3916922530_aHR0cHM6Ly9saC12aXAueHl6Lw%3D%3D%26yxDom%3DZ29yYXBzLmNvbQ%3D%3D_d8938421060b08e96eef6193049d6923&dr=https%3A%2F%2Flh-vip.xyz%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=69123786&gjid=1984985296&cid=190617095.1612529052&tid=UA-68398243-1&_gid=2143106641.1612529052&_r=1&_slc=1&z=1415664455
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrGdCrdrkZAZdZCiGkkjdCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_70514&adApiR=loaded_string_40375922c068bffff4067537aa840979a890f_2397364_1612529051.2025_53173&refferer=3916922530_aHR0cHM6Ly9saC12aXAueHl6Lw==&yxDom=Z29yYXBzLmNvbQ==_d8938421060b08e96eef6193049d6923
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Feb 2021 12:44:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://namel.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-68398243-1&cid=190617095.1612529052&jid=69123786&gjid=1984985296&_gid=2143106641.1612529052&_u=IEBAAEAAAAAAAC~&z=921908361
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrGdCrdrkZAZdZCiGkkjdCpCrkpNkkNrxANkkCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_70514&adApiR=loaded_string_40375922c068bffff4067537aa840979a890f_2397364_1612529051.2025_53173&refferer=3916922530_aHR0cHM6Ly9saC12aXAueHl6Lw==&yxDom=Z29yYXBzLmNvbQ==_d8938421060b08e96eef6193049d6923
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 05 Feb 2021 12:44:12 GMT
content-type
text/plain
access-control-allow-origin
https://namel.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

2 Cookies

Domain/Path Name / Value
track.startprocess.live/ Name: u
Value: 0ff79a6047515e028ddb305a41bd1c14
.startprocess.live/ Name: __cfduid
Value: d0982965cda92b4f9bbb4479361cf0a731612529052