namatin.gq Open in urlscan Pro
2606:4700:30::681b:9991  Malicious Activity! Public Scan

URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Submission: On June 14 via automatic, source phishtank

Summary

This website contacted 23 IPs in 2 countries across 16 domains to perform 71 HTTP transactions. The main IP is 2606:4700:30::681b:9991, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is namatin.gq.
This is the only time namatin.gq was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: GDrive and other (Online)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:30:... 13335 (CLOUDFLAR...)
6 36 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 52.1.170.233 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:30:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 151.101.2.110 54113 (FASTLY)
1 162.247.242.18 23467 (NEWRELIC-...)
71 23
Domain Requested by
35 user.safelinkreview.com 5 redirects namatin.gq
6 pagead2.googlesyndication.com namatin.gq
pagead2.googlesyndication.com
4 translate.googleapis.com translate.google.com
translate.googleapis.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 www.gstatic.com namatin.gq
3 fonts.gstatic.com namatin.gq
3 traffic.alexa.com 1 redirects namatin.gq
2 piwik.photoeditshop.com namatin.gq
2 cdnjs.cloudflare.com namatin.gq
2 safelinkreview.com 1 redirects namatin.gq
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com namatin.gq
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 fonts.googleapis.com namatin.gq
1 translate.google.com namatin.gq
1 maps.googleapis.com namatin.gq
1 safelinkconverter.com namatin.gq
1 cdn.ampproject.org namatin.gq
1 ajax.googleapis.com namatin.gq
1 namatin.gq
71 22
Subject Issuer Validity Valid

1970-01-01 -
1970-01-01
a few seconds crt.sh
misc-sni.google.com
Google Internet Authority G3
2019-05-21 -
2019-08-13
3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2019-05-21 -
2019-08-13
3 months crt.sh
sni136895.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-05-24 -
2019-11-30
6 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-03-02 -
2019-09-08
6 months crt.sh
traffic.alexa.com
Amazon
2018-09-12 -
2019-10-12
a year crt.sh
*.googleapis.com
Google Internet Authority G3
2019-05-21 -
2019-08-13
3 months crt.sh
*.google.com
Google Internet Authority G3
2019-05-21 -
2019-08-13
3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-04-10 -
2020-03-21
a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018
2018-01-11 -
2020-03-17
2 years crt.sh

This page contains 6 frames:

Primary Page: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Frame ID: 0F234626C4E8BD587CB0ED8DEDDE6DD7
Requests: 65 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js
Frame ID: 8037D7A990AC586E8F8F2D160C8D0DB3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190612/r20190131/zrt_lookup.html
Frame ID: 3314A2F73F8BBB6FE6ED68906445F34B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8615770876029522&output=html&adk=1812271804&adf=3025194257&lmt=1560485614&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fnamatin.gq%2Fen%2Fcost%2Fstratoplot.com%3Fid%3DaHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg%3D%3D%26c%3D0%26user%3D43272&ea=0&flash=0&pra=5&wgl=1&dt=1560485614395&bpp=26&bdt=410&fdt=114&idt=114&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=5792581217503&frm=20&pv=2&ga_vid=1532036915.1560485615&ga_sid=1560485615&ga_hid=1878425084&ga_fc=0&iag=0&icsg=8424096&dssz=24&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C26835105%2C21062174%2C20040011%2C21063907&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=0.3bxs2rhn0zqa&fsb=1&dtd=184
Frame ID: 1E0B974956B9EE9A3D6BED53587B3D93
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8615770876029522&output=html&h=90&slotname=4994924893&adk=3124101115&adf=470157328&w=728&fwr_io=true&fwrn=4&fwrnh=100&lmt=1560485614&rafmt=1&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fnamatin.gq%2Fen%2Fcost%2Fstratoplot.com%3Fid%3DaHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg%3D%3D%26c%3D0%26user%3D43272&flash=0&fwr=0&fwrattr=true&resp_fmts=3&wgl=1&adsid=NT&dt=1560485614421&bpp=11&bdt=436&fdt=192&idt=193&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5792581217503&frm=20&pv=1&ga_vid=1532036915.1560485615&ga_sid=1560485615&ga_hid=1878425084&ga_fc=0&iag=0&icsg=41978528&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C26835105%2C21062174%2C20040011%2C21063907&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=1&uci=1.dlxl7xbd7hhu&fsb=1&xpc=0meypglXY7&p=http%3A//namatin.gq&dtd=201
Frame ID: 7F3DDE2E975812DF528FF7C7F07C5CA8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1043490860142941&output=html&h=250&adk=3813986223&adf=3261221786&w=300&lmt=1560485614&guci=1.2.0.0.2.2.0.0&format=300x250_as&color_link=0088cc&color_text=333333&color_url=333333&url=http%3A%2F%2Fnamatin.gq%2Fen%2Fcost%2Fstratoplot.com%3Fid%3DaHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg%3D%3D%26c%3D0%26user%3D43272&flash=0&wgl=1&adsid=NT&dt=1560485614436&bpp=9&bdt=451&fdt=193&idt=194&shv=r20190612&cbv=r20190131&saldr=sa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5792581217503&frm=20&pv=2&ga_vid=1532036915.1560485615&ga_sid=1560485615&ga_hid=1878425084&ga_fc=0&iag=0&icsg=167914112&dssz=30&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=291&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C26835105%2C21062174%2C20040011%2C21063907&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=2.i37cu1sot92y&fsb=1&xpc=n1qfXnIEbo&p=http%3A//namatin.gq&dtd=199
Frame ID: F4E06A93011F07B06DCF347691C7CD49
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i

Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • env /^NREUM/i

Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Overall confidence: 100%
Detected patterns
  • script /piwik\.js|piwik\.php/i
  • env /^Piwik$/i
  • env /^_paq$/i

Page Statistics

71
Requests

35 %
HTTPS

86 %
IPv6

16
Domains

22
Subdomains

23
IPs

2
Countries

635 kB
Transfer

1584 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://user.safelinkreview.com/css/yeti.bootstrap.min.css HTTP 301
  • http://user.safelinkreview.com/css/yeti.bootstrap.min.css
Request Chain 1
  • https://user.safelinkreview.com/css/app.css HTTP 301
  • http://user.safelinkreview.com/css/app.css
Request Chain 2
  • https://user.safelinkreview.com/css/font-awesome.min.css HTTP 301
  • http://user.safelinkreview.com/css/font-awesome.min.css
Request Chain 4
  • https://user.safelinkreview.com/js/bootstrap.min.js HTTP 301
  • http://user.safelinkreview.com/js/bootstrap.min.js
Request Chain 5
  • https://user.safelinkreview.com/js/base.js HTTP 301
  • http://user.safelinkreview.com/js/base.js
Request Chain 8
  • https://safelinkreview.com/images/antivirus.png HTTP 301
  • http://safelinkreview.com/images/antivirus.png
Request Chain 29
  • https://traffic.alexa.com/graph?&w=320&h=230&o=f&c=1&y=r&b=ffffff&r=1m&u=stratoplot.com HTTP 308
  • https://traffic.alexa.com/graph/error

71 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set stratoplot.com
namatin.gq/en/cost/
87 KB
20 KB
Document
General
Full URL
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Server
2606:4700:30::681b:9991 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
321b47bc49c1c8679f929bff3cd855fb6306be8a4f701e16d7986c22e924e674

Request headers

Host
namatin.gq
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:33 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d85ee430a0517ca921817a1fdc6b0fde91560485613; expires=Sat, 13-Jun-20 04:13:33 GMT; path=/; domain=.namatin.gq; HttpOnly
Cache-Control
public, max-age=600
Expires
Fri, 14 Jun 2019 04:23:33 GMT
Vary
Accept-Encoding,User-Agent
X-Turbo-Charged-By
LiteSpeed
Server
cloudflare
CF-RAY
4e6978eca8dbc2e5-FRA
Content-Encoding
gzip
yeti.bootstrap.min.css
user.safelinkreview.com/css/
Redirect Chain
  • https://user.safelinkreview.com/css/yeti.bootstrap.min.css
  • http://user.safelinkreview.com/css/yeti.bootstrap.min.css
104 KB
23 KB
Stylesheet
General
Full URL
http://user.safelinkreview.com/css/yeti.bootstrap.min.css
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8b4a995f328c98eb55bf3aff8fd232abd890422d071ea5604731661954db715

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:26:58 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f01bc3972a-FRA
Content-Length
22837
Expires
Sun, 14 Jul 2019 04:13:34 GMT

Redirect headers

date
Fri, 14 Jun 2019 04:13:34 GMT
server
cloudflare
location
http://user.safelinkreview.com/css/yeti.bootstrap.min.css
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
status
301
cache-control
max-age=3600
cf-ray
4e6978efdeac9724-FRA
expires
Fri, 14 Jun 2019 05:13:34 GMT
app.css
user.safelinkreview.com/css/
Redirect Chain
  • https://user.safelinkreview.com/css/app.css
  • http://user.safelinkreview.com/css/app.css
3 KB
2 KB
Stylesheet
General
Full URL
http://user.safelinkreview.com/css/app.css
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
808cc72fa3df991c293029c833812eecf3a266051b0a3434999f0bccac97eac0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Cf-Bgj
minify
Server
cloudflare
Cf-Polished
origSize=4180
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Last-Modified
Tue, 23 Jun 2015 09:26:58 GMT
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
CF-RAY
4e6978f01f2fd6f1-FRA
Expires
Sun, 14 Jul 2019 04:13:34 GMT

Redirect headers

date
Fri, 14 Jun 2019 04:13:34 GMT
server
cloudflare
location
http://user.safelinkreview.com/css/app.css
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
status
301
cache-control
max-age=3600
cf-ray
4e6978efdeae9724-FRA
expires
Fri, 14 Jun 2019 05:13:34 GMT
font-awesome.min.css
user.safelinkreview.com/css/
Redirect Chain
  • https://user.safelinkreview.com/css/font-awesome.min.css
  • http://user.safelinkreview.com/css/font-awesome.min.css
20 KB
6 KB
Stylesheet
General
Full URL
http://user.safelinkreview.com/css/font-awesome.min.css
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:26:58 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f00c6cd709-FRA
Content-Length
5283
Expires
Sun, 14 Jul 2019 04:13:34 GMT

Redirect headers

date
Fri, 14 Jun 2019 04:13:34 GMT
server
cloudflare
location
http://user.safelinkreview.com/css/font-awesome.min.css
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
status
301
cache-control
max-age=3600
cf-ray
4e6978efdeaf9724-FRA
expires
Fri, 14 Jun 2019 05:13:34 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/
91 KB
33 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Jun 2019 23:03:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
18595
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
33593
X-XSS-Protection
0
Expires
Fri, 12 Jun 2020 23:03:39 GMT
bootstrap.min.js
user.safelinkreview.com/js/
Redirect Chain
  • https://user.safelinkreview.com/js/bootstrap.min.js
  • http://user.safelinkreview.com/js/bootstrap.min.js
27 KB
9 KB
Script
General
Full URL
http://user.safelinkreview.com/js/bootstrap.min.js
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
13d9e9ce4061c6b648768b09a36d000a7bfba969d4570cf329f938ede6a8f393

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:26:58 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f018449ac2-FRA
Content-Length
8684
Expires
Sun, 14 Jul 2019 04:13:34 GMT

Redirect headers

date
Fri, 14 Jun 2019 04:13:34 GMT
server
cloudflare
location
http://user.safelinkreview.com/js/bootstrap.min.js
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
status
301
cache-control
max-age=3600
cf-ray
4e6978efdeb09724-FRA
expires
Fri, 14 Jun 2019 05:13:34 GMT
base.js
user.safelinkreview.com/js/
Redirect Chain
  • https://user.safelinkreview.com/js/base.js
  • http://user.safelinkreview.com/js/base.js
3 KB
2 KB
Script
General
Full URL
http://user.safelinkreview.com/js/base.js
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
651da949ca15d9e4834d9ee5720e5e42c89f997c87a7fef9ad423fd159c76582

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Cf-Bgj
minify
Server
cloudflare
Cf-Polished
origSize=4239
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Last-Modified
Tue, 23 Jun 2015 09:26:58 GMT
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
CF-RAY
4e6978f01c95d709-FRA
Expires
Sun, 14 Jul 2019 04:13:34 GMT

Redirect headers

date
Fri, 14 Jun 2019 04:13:34 GMT
server
cloudflare
location
http://user.safelinkreview.com/js/base.js
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
status
301
cache-control
max-age=3600
cf-ray
4e6978efdeb19724-FRA
expires
Fri, 14 Jun 2019 05:13:34 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
90 KB
34 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
23b424f945ed3155a4f5d0b653c3a916ff01f10b7ec38321eadd8d2e943cfde1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
12539002823267831608
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
34056
X-XSS-Protection
0
Expires
Fri, 14 Jun 2019 04:13:34 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/
17 KB
7 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2e6fe3233ab91c1d1c1eed8e8281ef29cd4875b6344751209dda484f9e6220a5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
status
200
date
Fri, 14 Jun 2019 04:13:34 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
5827
x-xss-protection
0
server
sffe
etag
"6323f1148ce7b651"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 14 Jun 2019 04:13:34 GMT
antivirus.png
safelinkreview.com/images/
Redirect Chain
  • https://safelinkreview.com/images/antivirus.png
  • http://safelinkreview.com/images/antivirus.png
5 KB
5 KB
Image
General
Full URL
http://safelinkreview.com/images/antivirus.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a81f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea9784c2f3c024eccaf7bbeb7ea5e59671aae6f17c59c7258b7da090a6d3a8aa

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Fri, 30 Jun 2017 13:40:05 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f05804649d-FRA
Content-Length
5029
Expires
Sun, 14 Jul 2019 04:13:34 GMT

Redirect headers

date
Fri, 14 Jun 2019 04:13:34 GMT
server
cloudflare
location
http://safelinkreview.com/images/antivirus.png
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
status
301
cache-control
max-age=3600
cf-ray
4e6978f04f1b9724-FRA
expires
Fri, 14 Jun 2019 05:13:34 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/
63 KB
25 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
d6487ec4d423cfac5a746740b6e65a9099056082d3e9b38aba33d8e58727cdf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 14 Jun 2019 04:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
24820
x-xss-protection
0
server
cafe
etag
3512979671081092688
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 14 Jun 2019 04:13:34 GMT
google.png
user.safelinkreview.com/images/
2 KB
2 KB
Image
General
Full URL
http://user.safelinkreview.com/images/google.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d77856271d2779dfbcb1dab710e3b37942bd4b4f07e0a1c0268335cc5eefb36

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f0cc3b972a-FRA
Content-Length
1684
Expires
Sun, 14 Jul 2019 04:13:34 GMT
untested.png
user.safelinkreview.com/images/
4 KB
4 KB
Image
General
Full URL
http://user.safelinkreview.com/images/untested.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c6612bbf0521ac758fc1ae4ca5cff8149291d2d897b52fe193896cf1166eca

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f0c8d09ac2-FRA
Content-Length
3778
Expires
Sun, 14 Jul 2019 04:13:34 GMT
alexa.png
user.safelinkreview.com/images/
3 KB
3 KB
Image
General
Full URL
http://user.safelinkreview.com/images/alexa.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bda8f2eaf8e48162c6d11e3319f3e284849ab0c1cad3fc2a60155ad05feeda86

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f0ce09d709-FRA
Content-Length
2731
Expires
Sun, 14 Jul 2019 04:13:34 GMT
Tick1.png
safelinkconverter.com/wp-content/uploads/2013/06/
992 B
1 KB
Image
General
Full URL
https://safelinkconverter.com/wp-content/uploads/2013/06/Tick1.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:af3b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
10951df6bd145e3f9b943e493e501502915c96df0e7bf227968dbb19bc3ccf50

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 14 Jun 2019 04:13:34 GMT
cf-cache-status
HIT
last-modified
Mon, 28 Mar 2016 12:56:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4e6978f13d3b6479-FRA
content-length
992
expires
Sun, 14 Jul 2019 04:13:34 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/
94 KB
32 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 14 Jun 2019 04:13:34 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:21:00 GMT
server
cloudflare
etag
W/"5afd497c-176f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 03 Jun 2020 04:13:34 GMT
cache-control
public, max-age=30672000
cf-ray
4e6978f0685f97a2-FRA
served-in-seconds
0.021
fuckadblock.min.js
cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/
5 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 14 Jun 2019 04:13:34 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:19:59 GMT
server
cloudflare
etag
W/"5afd493f-1285"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 03 Jun 2020 04:13:34 GMT
cache-control
public, max-age=30672000
cf-ray
4e6978f0887b97a2-FRA
served-in-seconds
0.001
coins.png
user.safelinkreview.com/images/
11 KB
11 KB
Image
General
Full URL
http://user.safelinkreview.com/images/coins.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
730098975d7531f577b849a6148bfa719bcf45893771fe56e5897bed799965f8

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f0d8b2d6f1-FRA
Content-Length
10753
Expires
Sun, 14 Jul 2019 04:13:34 GMT
analytics.png
user.safelinkreview.com/images/
665 B
1 KB
Image
General
Full URL
http://user.safelinkreview.com/images/analytics.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
902c0fd167176a2432bc678512ec11b468fc6c5f35f2269963fa23fffee49975

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f0d966bebf-FRA
Content-Length
665
Expires
Sun, 14 Jul 2019 04:13:34 GMT
visitors.png
user.safelinkreview.com/images/
2 KB
2 KB
Image
General
Full URL
http://user.safelinkreview.com/images/visitors.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
af8cc8d5e1ac11873a8e7ca37e977c037d5b4592cdac6c9f3ed0c7f7d296591d

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f0ee15d6c1-FRA
Content-Length
1957
Expires
Sun, 14 Jul 2019 04:13:34 GMT
pageviews.png
user.safelinkreview.com/images/
4 KB
4 KB
Image
General
Full URL
http://user.safelinkreview.com/images/pageviews.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
76569376bca8aca9adf6b577e3f4f55f8ebdb66b3507d58331789d50c3f67753

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f0e8e69ac2-FRA
Content-Length
3877
Expires
Sun, 14 Jul 2019 04:13:34 GMT
revenue.png
user.safelinkreview.com/images/
3 KB
4 KB
Image
General
Full URL
http://user.safelinkreview.com/images/revenue.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4bdafb349ba28203aef06372029837c0f248982b73db2fe9c72c8326762732a

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f0e97ebebf-FRA
Content-Length
3557
Expires
Sun, 14 Jul 2019 04:13:34 GMT
info.png
user.safelinkreview.com/images/
4 KB
5 KB
Image
General
Full URL
http://user.safelinkreview.com/images/info.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae61835f9e7022c9584685c73decc65cf5a35175338bb9d9c595ec95e6cc9624

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f0ec4f972a-FRA
Content-Length
4599
Expires
Sun, 14 Jul 2019 04:13:34 GMT
search_engine.png
user.safelinkreview.com/images/
1 KB
2 KB
Image
General
Full URL
http://user.safelinkreview.com/images/search_engine.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1c59e93d6c5932aa25cf0fe2de7d44fbe2859c9c017c414a5ee1c76e9862d50

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f0e915d6f1-FRA
Content-Length
1148
Expires
Sun, 14 Jul 2019 04:13:34 GMT
yahoo.png
user.safelinkreview.com/images/
3 KB
3 KB
Image
General
Full URL
http://user.safelinkreview.com/images/yahoo.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b6c1e1b33c085efad5bdc32654ec90b4ddc934eb1c1aca71a439ff89867f468

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f149259ac2-FRA
Content-Length
2830
Expires
Sun, 14 Jul 2019 04:13:34 GMT
bing.png
user.safelinkreview.com/images/
1 KB
2 KB
Image
General
Full URL
http://user.safelinkreview.com/images/bing.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
914e6010ae41678122b8d63486796ad17ebaa988e6badda1afc8243de24a38b0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f14c85972a-FRA
Content-Length
1275
Expires
Sun, 14 Jul 2019 04:13:34 GMT
page_rank_icon.png
user.safelinkreview.com/images/
4 KB
4 KB
Image
General
Full URL
http://user.safelinkreview.com/images/page_rank_icon.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9323570409f95cb4b09682c324720e3a5a7a7a5c5bcb61b98ba12a02b9330ae5

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f149e0d6f1-FRA
Content-Length
3980
Expires
Sun, 14 Jul 2019 04:13:34 GMT
n-a.png
user.safelinkreview.com/images/pr/
4 KB
4 KB
Image
General
Full URL
http://user.safelinkreview.com/images/pr/n-a.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b1521bd420404de7dd4740b1be31b22f9bca9c723c129d0af246bc83f0190ce

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f149dfbebf-FRA
Content-Length
3832
Expires
Sun, 14 Jul 2019 04:13:34 GMT
backlink.png
user.safelinkreview.com/images/
1 KB
2 KB
Image
General
Full URL
http://user.safelinkreview.com/images/backlink.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcc6c323289739f7330093aa4bf3a0a27354a1d72806c282f42aafd1bf6224fb

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f14edad6c1-FRA
Content-Length
1480
Expires
Sun, 14 Jul 2019 04:13:34 GMT
graph
traffic.alexa.com/
5 KB
5 KB
Image
General
Full URL
https://traffic.alexa.com/graph?&w=320&h=230&o=f&c=1&y=t&b=ffffff&r=1m&u=stratoplot.com
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.170.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-170-233.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a0edab7c44f54b4c0b7abf7e49a06ed9f0f4bc055cce6c8216ac863cbcd8f7c4

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 14 Jun 2019 04:13:34 GMT
via
1.1 ip-172-30-61-68 (squid/3.5.20)
x-cache-lookup
HIT from ip-172-30-61-68:3128
server
nginx
x-cache
MISS from ip-172-30-61-68
content-type
image/png
status
200
content-length
5121
error
traffic.alexa.com/graph/
Redirect Chain
  • https://traffic.alexa.com/graph?&w=320&h=230&o=f&c=1&y=r&b=ffffff&r=1m&u=stratoplot.com
  • https://traffic.alexa.com/graph/error
3 KB
3 KB
Image
General
Full URL
https://traffic.alexa.com/graph/error
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.170.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-170-233.compute-1.amazonaws.com
Software
nginx /
Resource Hash
27fd2c65db7519d9c4120eabaa3e08764b9ab2975c512828de4de4fd10fb7162

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 14 Jun 2019 04:13:34 GMT
via
1.1 ip-172-30-52-127 (squid/3.5.20)
x-cache-lookup
HIT from ip-172-30-52-127:3128
server
nginx
x-cache
MISS from ip-172-30-52-127
content-type
image/png
status
200
content-length
2769

Redirect headers

date
Fri, 14 Jun 2019 04:13:34 GMT
via
1.1 ip-172-30-42-141 (squid/3.5.20)
x-cache-lookup
HIT from ip-172-30-42-141:3128
server
nginx
location
/graph/error
x-cache
MISS from ip-172-30-42-141
status
308
content-length
0
facebook.png
user.safelinkreview.com/images/
865 B
1 KB
Image
General
Full URL
http://user.safelinkreview.com/images/facebook.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8755c3830cd00faa5a0658cbbe133834c3e318a280032220c9a24da3c6aaac36

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f14f27d709-FRA
Content-Length
865
Expires
Sun, 14 Jul 2019 04:13:34 GMT
social.png
user.safelinkreview.com/images/
2 KB
3 KB
Image
General
Full URL
http://user.safelinkreview.com/images/social.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1f0ca18309376cce0530673de23fae91eba07acfcba5bb4f1006ac60329574

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f16f28d6c1-FRA
Content-Length
2224
Expires
Sun, 14 Jul 2019 04:13:34 GMT
twitter.png
user.safelinkreview.com/images/
1 KB
1 KB
Image
General
Full URL
http://user.safelinkreview.com/images/twitter.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e36aba4e9f396af22a05341bb83e521bc236a21b8e855a555ac7b424b6db44df

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f169febebf-FRA
Content-Length
1089
Expires
Sun, 14 Jul 2019 04:13:34 GMT
gplus.png
user.safelinkreview.com/images/
1 KB
2 KB
Image
General
Full URL
http://user.safelinkreview.com/images/gplus.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8b86c9c5466c866172a729f5c4575fa0acae924c0b8c01dfb1f868b40421658

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f16f8bd709-FRA
Content-Length
1523
Expires
Sun, 14 Jul 2019 04:13:34 GMT
antivirus.png
user.safelinkreview.com/images/
5 KB
5 KB
Image
General
Full URL
http://user.safelinkreview.com/images/antivirus.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea9784c2f3c024eccaf7bbeb7ea5e59671aae6f17c59c7258b7da090a6d3a8aa

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f16a3dd6f1-FRA
Content-Length
5029
Expires
Sun, 14 Jul 2019 04:13:34 GMT
avg.png
user.safelinkreview.com/images/
4 KB
5 KB
Image
General
Full URL
http://user.safelinkreview.com/images/avg.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8ffee17d85aed2cd2f6368bc4b7baef3df8427d0c5cb12a649b0ea0a48a4191

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f1693e9ac2-FRA
Content-Length
4600
Expires
Sun, 14 Jul 2019 04:13:34 GMT
catalog.png
user.safelinkreview.com/images/
1016 B
1 KB
Image
General
Full URL
http://user.safelinkreview.com/images/catalog.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3d517ce80803d923d014037899ddd208350b45866e2be6a2ed9ffec93efdd6a

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f16caa972a-FRA
Content-Length
1016
Expires
Sun, 14 Jul 2019 04:13:34 GMT
failed.png
user.safelinkreview.com/images/
2 KB
3 KB
Image
General
Full URL
http://user.safelinkreview.com/images/failed.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
257ce3d9363aebe93fc53a85768a4f707728a04c894a45da179c45d9e9ebd302

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f17f57d6c1-FRA
Content-Length
2513
Expires
Sun, 14 Jul 2019 04:13:34 GMT
dmoz.png
user.safelinkreview.com/images/
4 KB
4 KB
Image
General
Full URL
http://user.safelinkreview.com/images/dmoz.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a5d12259a2c34365fcb134a7179e86a0ae9c86c18120ccb0d39676ea02a49d9

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f17fbcd709-FRA
Content-Length
3724
Expires
Sun, 14 Jul 2019 04:13:34 GMT
location.png
user.safelinkreview.com/images/
2 KB
2 KB
Image
General
Full URL
http://user.safelinkreview.com/images/location.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a91f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a005d794ff8c3e5d4d8ba3faa517f1d49aa3db01736e4ed6ff443fdfa11f7e11

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jun 2015 09:29:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e6978f18cb9972a-FRA
Content-Length
1747
Expires
Sun, 14 Jul 2019 04:13:34 GMT
staticmap
maps.googleapis.com/maps/api/
0
0
Image
General
Full URL
https://maps.googleapis.com/maps/api/staticmap?center=0,0&sensor=false&zoom=5&size=640x250&markers=0,0&key=AIzaSyDPbOXnf9pRDT8JT-NSXrrUsTe-nDuryQM
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin
*
element.js
translate.google.com/translate_a/
2 KB
1 KB
Script
General
Full URL
http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
59f4c29cdc86bb10a09c2dfae2deed30055e80c439f5570eaed447b6efdde9c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Jun 2019 04:13:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
HTTP server (unknown)
Content-Language
en
Cache-Control
no-cache, must-revalidate
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
726
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/
14 KB
1 KB
Stylesheet
General
Full URL
http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
c7d391043f2d7498d31b52ca62c1803f889671d87180ecb4d1129cc128f4fdb3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Jun 2019 04:13:34 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Fri, 14 Jun 2019 04:13:34 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/
9 KB
9 KB
Font
General
Full URL
http://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700
Origin
http://namatin.gq

Response headers

Date
Sat, 01 Jun 2019 08:43:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 25 Mar 2019 20:11:28 GMT
Server
sffe
Age
1107016
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
9016
X-XSS-Protection
0
Expires
Sun, 31 May 2020 08:43:18 GMT
fontawesome-webfont.woff
user.safelinkreview.com/fonts/
0
0

mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v16/
9 KB
9 KB
Font
General
Full URL
http://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700
Origin
http://namatin.gq

Response headers

Date
Thu, 13 Jun 2019 23:05:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 25 Mar 2019 20:10:29 GMT
Server
sffe
Age
18488
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
9132
X-XSS-Protection
0
Expires
Fri, 12 Jun 2020 23:05:26 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/
9 KB
9 KB
Font
General
Full URL
http://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700
Origin
http://namatin.gq

Response headers

Date
Fri, 31 May 2019 19:56:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 25 Mar 2019 20:12:28 GMT
Server
sffe
Age
1153005
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
9080
X-XSS-Protection
0
Expires
Sat, 30 May 2020 19:56:49 GMT
fontawesome-webfont.ttf
user.safelinkreview.com/fonts/
0
0

integrator.js
adservice.google.de/adsid/
109 B
481 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=namatin.gq
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 14 Jun 2019 04:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
249 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=namatin.gq
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 14 Jun 2019 04:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/
211 KB
79 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ba11e996f0bf929759f9a2676719c8b3b7bee396da3d852bc40780302fd0a341
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
15902781700480540952
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
79883
X-XSS-Protection
0
Expires
Fri, 14 Jun 2019 04:13:34 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/ Frame 8037
211 KB
79 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ba11e996f0bf929759f9a2676719c8b3b7bee396da3d852bc40780302fd0a341
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
15902781700480540952
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
79883
X-XSS-Protection
0
Expires
Fri, 14 Jun 2019 04:13:34 GMT
ca-pub-8615770876029522.js
pagead2.googlesyndication.com/pub-config/r20160913/
108 B
270 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8615770876029522.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
617229202229089622770a111fef4f514877475b89056525185a70e0cbc5bc95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 13 Jun 2019 23:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Jun 2019 19:37:00 GMT
server
sffe
age
16173
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
118
x-xss-protection
0
expires
Fri, 14 Jun 2019 11:44:01 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190612/r20190131/ Frame 3314
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190612/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190612/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 13 Jun 2019 20:55:25 GMT
expires
Thu, 27 Jun 2019 20:55:25 GMT
content-type
text/html; charset=UTF-8
etag
9107516332936589630
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
7041
x-xss-protection
0
cache-control
public, max-age=1209600
age
26289
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
ads
googleads.g.doubleclick.net/pagead/ Frame 1E0B
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8615770876029522&output=html&adk=1812271804&adf=3025194257&lmt=1560485614&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fnamatin.gq%2Fen%2Fcost%2Fstratoplot.com%3Fid%3DaHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg%3D%3D%26c%3D0%26user%3D43272&ea=0&flash=0&pra=5&wgl=1&dt=1560485614395&bpp=26&bdt=410&fdt=114&idt=114&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=5792581217503&frm=20&pv=2&ga_vid=1532036915.1560485615&ga_sid=1560485615&ga_hid=1878425084&ga_fc=0&iag=0&icsg=8424096&dssz=24&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C26835105%2C21062174%2C20040011%2C21063907&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=0.3bxs2rhn0zqa&fsb=1&dtd=184
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8615770876029522&output=html&adk=1812271804&adf=3025194257&lmt=1560485614&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fnamatin.gq%2Fen%2Fcost%2Fstratoplot.com%3Fid%3DaHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg%3D%3D%26c%3D0%26user%3D43272&ea=0&flash=0&pra=5&wgl=1&dt=1560485614395&bpp=26&bdt=410&fdt=114&idt=114&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=5792581217503&frm=20&pv=2&ga_vid=1532036915.1560485615&ga_sid=1560485615&ga_hid=1878425084&ga_fc=0&iag=0&icsg=8424096&dssz=24&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C26835105%2C21062174%2C20040011%2C21063907&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=0.3bxs2rhn0zqa&fsb=1&dtd=184
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 14 Jun 2019 04:13:34 GMT
server
cafe
content-length
534
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 14-Jun-2019 04:28:34 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Fri, 14 Jun 2019 04:13:34 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
75 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2efd07df1aab7f9138d590d5c039addb49a9b6259df5296f325fce4f180089c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 14 Jun 2019 04:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1560360206413241"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28289
x-xss-protection
0
expires
Fri, 14 Jun 2019 04:13:34 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 7F3D
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8615770876029522&output=html&h=90&slotname=4994924893&adk=3124101115&adf=470157328&w=728&fwr_io=true&fwrn=4&fwrnh=100&lmt=1560485614&rafmt=1&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fnamatin.gq%2Fen%2Fcost%2Fstratoplot.com%3Fid%3DaHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg%3D%3D%26c%3D0%26user%3D43272&flash=0&fwr=0&fwrattr=true&resp_fmts=3&wgl=1&adsid=NT&dt=1560485614421&bpp=11&bdt=436&fdt=192&idt=193&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5792581217503&frm=20&pv=1&ga_vid=1532036915.1560485615&ga_sid=1560485615&ga_hid=1878425084&ga_fc=0&iag=0&icsg=41978528&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C26835105%2C21062174%2C20040011%2C21063907&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=1&uci=1.dlxl7xbd7hhu&fsb=1&xpc=0meypglXY7&p=http%3A//namatin.gq&dtd=201
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8615770876029522&output=html&h=90&slotname=4994924893&adk=3124101115&adf=470157328&w=728&fwr_io=true&fwrn=4&fwrnh=100&lmt=1560485614&rafmt=1&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fnamatin.gq%2Fen%2Fcost%2Fstratoplot.com%3Fid%3DaHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg%3D%3D%26c%3D0%26user%3D43272&flash=0&fwr=0&fwrattr=true&resp_fmts=3&wgl=1&adsid=NT&dt=1560485614421&bpp=11&bdt=436&fdt=192&idt=193&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5792581217503&frm=20&pv=1&ga_vid=1532036915.1560485615&ga_sid=1560485615&ga_hid=1878425084&ga_fc=0&iag=0&icsg=41978528&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C26835105%2C21062174%2C20040011%2C21063907&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=1&uci=1.dlxl7xbd7hhu&fsb=1&xpc=0meypglXY7&p=http%3A//namatin.gq&dtd=201
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 14 Jun 2019 04:13:34 GMT
server
cafe
content-length
18907
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 14-Jun-2019 04:28:34 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Fri, 14 Jun 2019 04:13:34 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame F4E0
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1043490860142941&output=html&h=250&adk=3813986223&adf=3261221786&w=300&lmt=1560485614&guci=1.2.0.0.2.2.0.0&format=300x250_as&color_link=0088cc&color_text=333333&color_url=333333&url=http%3A%2F%2Fnamatin.gq%2Fen%2Fcost%2Fstratoplot.com%3Fid%3DaHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg%3D%3D%26c%3D0%26user%3D43272&flash=0&wgl=1&adsid=NT&dt=1560485614436&bpp=9&bdt=451&fdt=193&idt=194&shv=r20190612&cbv=r20190131&saldr=sa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5792581217503&frm=20&pv=2&ga_vid=1532036915.1560485615&ga_sid=1560485615&ga_hid=1878425084&ga_fc=0&iag=0&icsg=167914112&dssz=30&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=291&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C26835105%2C21062174%2C20040011%2C21063907&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=2.i37cu1sot92y&fsb=1&xpc=n1qfXnIEbo&p=http%3A//namatin.gq&dtd=199
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1043490860142941&output=html&h=250&adk=3813986223&adf=3261221786&w=300&lmt=1560485614&guci=1.2.0.0.2.2.0.0&format=300x250_as&color_link=0088cc&color_text=333333&color_url=333333&url=http%3A%2F%2Fnamatin.gq%2Fen%2Fcost%2Fstratoplot.com%3Fid%3DaHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg%3D%3D%26c%3D0%26user%3D43272&flash=0&wgl=1&adsid=NT&dt=1560485614436&bpp=9&bdt=451&fdt=193&idt=194&shv=r20190612&cbv=r20190131&saldr=sa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5792581217503&frm=20&pv=2&ga_vid=1532036915.1560485615&ga_sid=1560485615&ga_hid=1878425084&ga_fc=0&iag=0&icsg=167914112&dssz=30&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=291&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C26835105%2C21062174%2C20040011%2C21063907&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=2.i37cu1sot92y&fsb=1&xpc=n1qfXnIEbo&p=http%3A//namatin.gq&dtd=199
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 14 Jun 2019 04:13:34 GMT
server
cafe
content-length
21398
x-xss-protection
0
set-cookie
IDE=AHWqTUkeTmEwhO3SstTUHljHUMrQ-i44OE-8dyKqS32HmvY80VLjwNAbjGnGQURi; expires=Wed, 08-Jul-2020 04:13:34 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Fri, 14 Jun 2019 04:13:34 GMT
cache-control
private
translateelement.css
translate.googleapis.com/translate_static/css/
18 KB
4 KB
Stylesheet
General
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
99b27633e72d0a0efc23402c62b01cc0ec5ff40821cd1a84c89a1ef31773612d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 14 Jun 2019 04:01:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 May 2019 20:15:00 GMT
server
sffe
age
748
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
3619
x-xss-protection
0
expires
Fri, 14 Jun 2019 05:01:06 GMT
main.js
translate.googleapis.com/translate_static/js/element/
3 KB
2 KB
Script
General
Full URL
https://translate.googleapis.com/translate_static/js/element/main.js
Requested by
Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
86f3495600283e9deefe4e44e80ee7b4ddc8de48f76a339ce1bed042487b0452
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 14 Jun 2019 04:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 08 May 2019 20:45:00 GMT
server
sffe
age
522
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1527
x-xss-protection
0
expires
Fri, 14 Jun 2019 05:04:52 GMT
piwik.js
piwik.photoeditshop.com/
66 KB
23 KB
Script
General
Full URL
http://piwik.photoeditshop.com/piwik.js
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681c:b9f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
389580678ff6b3ca4e96161844ea43828f9fee1ff1518c5e1f86fb6383d195a8

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Cf-Bgj
minify
Server
cloudflare
Cf-Polished
origSize=67245
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Last-Modified
Thu, 18 Apr 2019 18:23:08 GMT
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
CF-RAY
4e6978f39c74c2f9-FRA
Expires
Sun, 14 Jul 2019 04:13:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8037
0
415 B
Image
General
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-8615770876029522&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=true&a=6%2C1%2C5%2C7&apv=20190611_140337&afm=0&as_count=2&d_count=0&ng_count=0&am_count=0&atf_count=2&su=namatin.gq&r=0.1
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Jun 2019 04:13:34 GMT
X-Content-Type-Options
nosniff
Content-Type
image/gif
Server
cafe
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
element_main.js
translate.googleapis.com/element/TE_20190506_00/e/js/element/
239 KB
86 KB
Script
General
Full URL
https://translate.googleapis.com/element/TE_20190506_00/e/js/element/element_main.js
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
89c11d8b34714ec4fd59a8521ad438be75fe0ef29133c72384379ebe344794f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Jun 2019 21:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1061624
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
88234
x-xss-protection
0
last-modified
Mon, 06 May 2019 09:48:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 May 2020 21:19:50 GMT
piwik.php
piwik.photoeditshop.com/
43 B
292 B
Image
General
Full URL
http://piwik.photoeditshop.com/piwik.php?action_name=stratoplot.com%20worth%20is%20%24%20149.62&idsite=5&rec=1&r=438523&h=4&m=13&s=34&url=http%3A%2F%2Fnamatin.gq%2Fen%2Fcost%2Fstratoplot.com%3Fid%3DaHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg%3D%3D%26c%3D0%26user%3D43272&_id=874f8f07ab89c43e&_idts=1560485615&_idvc=1&_idn=0&_refts=0&_viewts=1560485615&send_image=1&cookie=1&res=1600x1200&cvar=%7B%221%22%3A%5B%22Author%22%2C%22Viruz13%22%5D%2C%222%22%3A%5B%22No%20Author%22%2C%22%22%5D%2C%223%22%3A%5B%22Author%20With%20Referer%22%2C%22Viruz13%20%22%5D%7D&gt_ms=554&pv_id=e7XYzT
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681c:b9f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 04:13:34 GMT
Server
cloudflare
Vary
User-Agent
Content-Type
image/gif
Cache-Control
no-store
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
CF-RAY
4e6978f3dce8c2f9-FRA
Content-Length
43
l
translate.googleapis.com/translate_a/
3 KB
1 KB
Script
General
Full URL
https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=_callbacks____0jwvkueg9
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20190506_00/e/js/element/element_main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
aed15324bfcc79338fac5bb756b9263435c6f31b1084f6bdeda32b512346bdca
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Sg0ICzgmGknLnvRBLA9Gbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', script-src 'nonce-Sg0ICzgmGknLnvRBLA9Gbg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com;report-uri /_/TranslateApiHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'report-sample' 'nonce-Sg0ICzgmGknLnvRBLA9Gbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', script-src 'nonce-Sg0ICzgmGknLnvRBLA9Gbg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com;report-uri /_/TranslateApiHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
date
Fri, 14 Jun 2019 04:13:34 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/1x/
825 B
907 B
Image
General
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 10:19:21 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
150853
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
825
x-xss-protection
0
expires
Thu, 11 Jun 2020 10:19:21 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/
910 B
990 B
Image
General
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Jun 2019 04:52:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Jan 2017 15:45:00 GMT
server
sffe
age
1120894
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
910
x-xss-protection
0
expires
Sun, 31 May 2020 04:52:00 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 06 Jun 2019 13:51:19 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
656535
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1847
x-xss-protection
0
expires
Fri, 05 Jun 2020 13:51:19 GMT
nr-1123.min.js
js-agent.newrelic.com/
24 KB
9 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-1123.min.js
Requested by
Host: namatin.gq
URL: http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.110 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94cdf5b7f868883de0e1248cd80b42dd84e3f38685f2b234747550c02190dc82

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 14 Jun 2019 04:13:36 GMT
content-encoding
gzip
x-amz-request-id
DAB7530374B347EE
x-cache
HIT
status
200
content-length
9288
x-amz-id-2
G8v/8sth6lcgQXZWLNdY+rVR+p75PDRsoIAIItLlbBphnRjxy9btqi9TaHYHN3ZHt9yov4ScsJU=
x-served-by
cache-fra19142-FRA
last-modified
Fri, 22 Mar 2019 14:06:15 GMT
server
AmazonS3
x-timer
S1560485616.481217,VS0,VE0
etag
"7ffb242072196e9db5f4f1bfbfa2ed7d"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
9153
7af8e03bd7
bam.nr-data.net/1/
57 B
261 B
Script
General
Full URL
https://bam.nr-data.net/1/7af8e03bd7?a=65293090&v=1123.df1c7f8&to=YFUHN0sDXhZRABFZWVkfMBFQTVkLVAYdHkZfQA%3D%3D&rst=2955&ref=http://namatin.gq/en/cost/stratoplot.com&ap=197&be=469&fe=2942&dc=1107&perf=%7B%22timing%22:%7B%22of%22:1560485613534,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:1,%22c%22:1,%22ce%22:7,%22rq%22:7,%22rp%22:448,%22rpe%22:561,%22dl%22:451,%22di%22:1107,%22ds%22:1107,%22de%22:1114,%22dc%22:2942,%22l%22:2942,%22le%22:2944%7D,%22navigation%22:%7B%7D%7D&at=TBIEQQMZTRg%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1123.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
http://namatin.gq/en/cost/stratoplot.com?id=aHR0cDovL3N0cmF0b3Bsb3QuY29tL1dFNg==&c=0&user=43272
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
user.safelinkreview.com
URL
http://user.safelinkreview.com/fonts/fontawesome-webfont.woff?v=4.1.0
Domain
user.safelinkreview.com
URL
http://user.safelinkreview.com/fonts/fontawesome-webfont.ttf?v=4.1.0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: GDrive and other (Online)

212 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| NREUM object| newrelic function| __nr_require function| $ function| jQuery object| jQuery18307484268843179267 function| dynamicThumbnail function| PagePeekerHelper object| _global string| x string| str1 string| str2 number| n object| adsbygoogle function| myshowcontent boolean| isMobile function| showDiv string| p_name string| d_link number| aff object| adUnit number| adWidth object| google_ad_client object| google_ad_width object| google_ad_height object| google_ad_format object| google_ad_channel object| google_color_link object| google_color_text object| google_color_url object| AMP object| google_js_reporting_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars number| _gfp_ number| google_lpabyc number| google_unique_id boolean| google_onload_fired object| google_ad_block object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_slot object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_available_width object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_core_dbp object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_bfa object| ebfa object| ebfaca object| google_eids object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_lact object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_only_pyv_ads object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_scs object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_video_url_to_fetch object| google_webgl_support object| google_yt_pt object| google_yt_up object| google_package object| google_debug_params object| google_enable_single_iframe object| dash object| google_refresh_count boolean| google_apltlad function| getCookie function| checkCookie function| createCookie function| myFunction function| getQueryVariable function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded function| FuckAdBlock object| fuckAdBlock function| adBlockDetected function| adBlockNotDetected function| checkAgain function| papulateErrors function| request function| googleTranslateElementInit object| google object| _paq object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| closure_lm_698250

0 Cookies

17 Console Messages

Source Level URL
Text
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js(Line 1)
Message:
[FuckAdBlock][setOption] The option "debug" he was assigned to "true"
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js(Line 1)
Message:
[FuckAdBlock][on] A type of event "detected" was added
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js(Line 1)
Message:
[FuckAdBlock][on] A type of event "notDetected" was added
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js(Line 1)
Message:
[FuckAdBlock][onload->eventCallback] A check loading is launched
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js(Line 1)
Message:
[FuckAdBlock][_creatBait] Bait has been created
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js(Line 1)
Message:
[FuckAdBlock][check] An audit was requested with a loop
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js(Line 1)
Message:
[FuckAdBlock][check] A check is in progress ...
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js(Line 1)
Message:
[FuckAdBlock][_checkBait] A check (1/5 ~1ms) was conducted and detection is negative
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js(Line 1)
Message:
[FuckAdBlock][_checkBait] A check (2/5 ~51ms) was conducted and detection is negative
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js(Line 1)
Message:
[FuckAdBlock][_checkBait] A check (3/5 ~101ms) was conducted and detection is negative
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js(Line 1)
Message:
[FuckAdBlock][_checkBait] A check (4/5 ~151ms) was conducted and detection is negative
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js(Line 1)
Message:
[FuckAdBlock][_checkBait] A check (5/5 ~201ms) was conducted and detection is negative
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js(Line 1)
Message:
[FuckAdBlock][_stopLoop] A loop has been stopped
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js(Line 1)
Message:
[FuckAdBlock][_destroyBait] Bait has been removed
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js(Line 1)
Message:
[FuckAdBlock][emitEvent] An event with a negative detection was called
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js(Line 1)
Message:
[FuckAdBlock][emitEvent] Call function 1/1
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js(Line 1)
Message:
[FuckAdBlock][clearEvent] The event list has been cleared

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
bam.nr-data.net
cdn.ampproject.org
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js-agent.newrelic.com
maps.googleapis.com
namatin.gq
pagead2.googlesyndication.com
piwik.photoeditshop.com
safelinkconverter.com
safelinkreview.com
traffic.alexa.com
translate.google.com
translate.googleapis.com
user.safelinkreview.com
www.googletagservices.com
www.gstatic.com
user.safelinkreview.com
151.101.2.110
162.247.242.18
2606:4700:30::681b:9991
2606:4700:30::681b:a81f
2606:4700:30::681b:a91f
2606:4700:30::681b:af3b
2606:4700:30::681c:b9f
2606:4700::6813:c497
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:816::2003
2a00:1450:4001:817::2003
2a00:1450:4001:817::200a
2a00:1450:4001:817::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::200a
2a00:1450:4001:81e::200a
2a00:1450:4001:81f::2002
2a00:1450:4001:825::200a
52.1.170.233
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0b6c1e1b33c085efad5bdc32654ec90b4ddc934eb1c1aca71a439ff89867f468
10951df6bd145e3f9b943e493e501502915c96df0e7bf227968dbb19bc3ccf50
13d9e9ce4061c6b648768b09a36d000a7bfba969d4570cf329f938ede6a8f393
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
23b424f945ed3155a4f5d0b653c3a916ff01f10b7ec38321eadd8d2e943cfde1
257ce3d9363aebe93fc53a85768a4f707728a04c894a45da179c45d9e9ebd302
27fd2c65db7519d9c4120eabaa3e08764b9ab2975c512828de4de4fd10fb7162
2e6fe3233ab91c1d1c1eed8e8281ef29cd4875b6344751209dda484f9e6220a5
2efd07df1aab7f9138d590d5c039addb49a9b6259df5296f325fce4f180089c0
321b47bc49c1c8679f929bff3cd855fb6306be8a4f701e16d7986c22e924e674
389580678ff6b3ca4e96161844ea43828f9fee1ff1518c5e1f86fb6383d195a8
4a5d12259a2c34365fcb134a7179e86a0ae9c86c18120ccb0d39676ea02a49d9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56c6612bbf0521ac758fc1ae4ca5cff8149291d2d897b52fe193896cf1166eca
59f4c29cdc86bb10a09c2dfae2deed30055e80c439f5570eaed447b6efdde9c9
5b1521bd420404de7dd4740b1be31b22f9bca9c723c129d0af246bc83f0190ce
5e1f0ca18309376cce0530673de23fae91eba07acfcba5bb4f1006ac60329574
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
617229202229089622770a111fef4f514877475b89056525185a70e0cbc5bc95
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
651da949ca15d9e4834d9ee5720e5e42c89f997c87a7fef9ad423fd159c76582
730098975d7531f577b849a6148bfa719bcf45893771fe56e5897bed799965f8
76569376bca8aca9adf6b577e3f4f55f8ebdb66b3507d58331789d50c3f67753
7d77856271d2779dfbcb1dab710e3b37942bd4b4f07e0a1c0268335cc5eefb36
808cc72fa3df991c293029c833812eecf3a266051b0a3434999f0bccac97eac0
86f3495600283e9deefe4e44e80ee7b4ddc8de48f76a339ce1bed042487b0452
8755c3830cd00faa5a0658cbbe133834c3e318a280032220c9a24da3c6aaac36
89c11d8b34714ec4fd59a8521ad438be75fe0ef29133c72384379ebe344794f8
902c0fd167176a2432bc678512ec11b468fc6c5f35f2269963fa23fffee49975
914e6010ae41678122b8d63486796ad17ebaa988e6badda1afc8243de24a38b0
9323570409f95cb4b09682c324720e3a5a7a7a5c5bcb61b98ba12a02b9330ae5
94cdf5b7f868883de0e1248cd80b42dd84e3f38685f2b234747550c02190dc82
99b27633e72d0a0efc23402c62b01cc0ec5ff40821cd1a84c89a1ef31773612d
a005d794ff8c3e5d4d8ba3faa517f1d49aa3db01736e4ed6ff443fdfa11f7e11
a0edab7c44f54b4c0b7abf7e49a06ed9f0f4bc055cce6c8216ac863cbcd8f7c4
a3d517ce80803d923d014037899ddd208350b45866e2be6a2ed9ffec93efdd6a
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a8b4a995f328c98eb55bf3aff8fd232abd890422d071ea5604731661954db715
ae61835f9e7022c9584685c73decc65cf5a35175338bb9d9c595ec95e6cc9624
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
aed15324bfcc79338fac5bb756b9263435c6f31b1084f6bdeda32b512346bdca
af8cc8d5e1ac11873a8e7ca37e977c037d5b4592cdac6c9f3ed0c7f7d296591d
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
ba11e996f0bf929759f9a2676719c8b3b7bee396da3d852bc40780302fd0a341
bcc6c323289739f7330093aa4bf3a0a27354a1d72806c282f42aafd1bf6224fb
bda8f2eaf8e48162c6d11e3319f3e284849ab0c1cad3fc2a60155ad05feeda86
c1c59e93d6c5932aa25cf0fe2de7d44fbe2859c9c017c414a5ee1c76e9862d50
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
c7d391043f2d7498d31b52ca62c1803f889671d87180ecb4d1129cc128f4fdb3
c8ffee17d85aed2cd2f6368bc4b7baef3df8427d0c5cb12a649b0ea0a48a4191
d6487ec4d423cfac5a746740b6e65a9099056082d3e9b38aba33d8e58727cdf6
e36aba4e9f396af22a05341bb83e521bc236a21b8e855a555ac7b424b6db44df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bdafb349ba28203aef06372029837c0f248982b73db2fe9c72c8326762732a
e8b86c9c5466c866172a729f5c4575fa0acae924c0b8c01dfb1f868b40421658
ea9784c2f3c024eccaf7bbeb7ea5e59671aae6f17c59c7258b7da090a6d3a8aa
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23