urlscan.io logo urlscan.io
SecurityTrails logo

gmaegames.pro Open in urlscan Pro
212.83.191.99  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dipladoks.org/
Effective URL: http://gmaegames.pro/redirect-from-banner.html
Submission: On January 08 via manual from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 7 countries across 11 domains to perform 31 HTTP transactions. The main IP is 212.83.191.99, located in France and belongs to AS12876, FR. The main domain is gmaegames.pro.
This is the only time gmaegames.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 212.83.191.99 12876 (AS12876)
3 185.80.53.250 59711 (HZ-NL-AS)
1 2 88.212.201.193 39134 (UNITEDNET)
1 185.187.81.41 43332 (IDSTRATEG...)
1 185.187.81.35 43332 (IDSTRATEG...)
5 2a03:90c0:999... 199524 (GCORE)
1 185.80.53.247 59711 (HZ-NL-AS)
4 195.234.98.125 35415 (WEBZILLA)
3 78.140.146.126 35415 (WEBZILLA)
3 212.129.43.72 12876 (AS12876)
2 185.80.53.248 59711 (HZ-NL-AS)
2 193.200.65.33 59711 (HZ-NL-AS)
1 80.84.53.99 20860 (IOMART-AS)
2 2a00:1450:400... 15169 (GOOGLE)
31 15
3    212.83.191.99 (France)

ASN12876 (AS12876, FR)
PTR: 212-83-191-99.rev.poneytelecom.eu
dipladoks.org
gmaegames.pro
3    185.80.53.250 (Amsterdam, Netherlands)

ASN59711 (HZ-NL-AS, GB)
threedrive.su
2    88.212.201.193 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host193.rax.ru
counter.yadro.ru
1    185.187.81.41 (Ukraine)

ASN43332 (IDSTRATEGY-AS ---------- UPSTREAMS ----------, UA)
xk9o.amgload.net
1    185.187.81.35 (Ukraine)

ASN43332 (IDSTRATEGY-AS ---------- UPSTREAMS ----------, UA)
kz9c.piguiqproxy.com
5    2a03:90c0:9997::9997 (Austria)

ASN199524 (GCORE, AT)
jsc.traffic-media.co
imgg-cdn.traffic-media.co
1    185.80.53.247 (Amsterdam, Netherlands)

ASN59711 (HZ-NL-AS, GB)
et-cod.com
4    195.234.98.125 (Russian Federation)

ASN35415 (WEBZILLA, NL)
mrelko.com
3    78.140.146.126 (Netherlands)

ASN35415 (WEBZILLA, NL)
jfduv7.com
3    212.129.43.72 (Paris, France)

ASN12876 (AS12876, FR)
PTR: 212-129-43-72.rev.poneytelecom.eu
servicer.traffic-media.co
c.traffic-media.co
2    185.80.53.248 (Amsterdam, Netherlands)

ASN59711 (HZ-NL-AS, GB)
cs02.et-cod.com
2    193.200.65.33 (Ukraine)

ASN59711 (HZ-NL-AS, GB)
PTR: unallocated.giveme.network
cs03.et-cod.com
1    80.84.53.99 (United Kingdom)

ASN20860 (IOMART-AS, GB)
PTR: 99-53-84-80.rackcentre.redstation.net.uk
www.mrelko.com
2    2a00:1450:4001:81f::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
4 imgg-cdn.traffic-media.co gmaegames.pro
4 mrelko.com gmaegames.pro
mrelko.com
3 jfduv7.com gmaegames.pro
jfduv7.com
3 threedrive.su gmaegames.pro
threedrive.su
2 fonts.gstatic.com gmaegames.pro
2 c.traffic-media.co gmaegames.pro
2 cs03.et-cod.com gmaegames.pro
2 cs02.et-cod.com gmaegames.pro
2 counter.yadro.ru 1 redirects gmaegames.pro
2 gmaegames.pro gmaegames.pro
1 www.mrelko.com mrelko.com
1 servicer.traffic-media.co jsc.traffic-media.co
1 et-cod.com gmaegames.pro
1 jsc.traffic-media.co gmaegames.pro
1 kz9c.piguiqproxy.com gmaegames.pro
1 xk9o.amgload.net gmaegames.pro
1 dipladoks.org 1 redirects
31 17

This site contains links to these domains. Also see Links.

Domain
www.traffic-media.co
et-cod.com
traforet.com
Subject Issuer Validity Valid
*.traffic-media.co
Go Daddy Secure Certificate Authority - G2		 2018-03-20 -
2019-05-19		 a year crt.sh
mrelko.com
COMODO RSA Domain Validation Secure Server CA		 2018-05-17 -
2019-05-17		 a year crt.sh
jfduv7.com
Let's Encrypt Authority X3		 2018-12-27 -
2019-03-27		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-12-04 -
2019-02-26		 3 months crt.sh

This page contains 7 frames:

Primary Page: http://gmaegames.pro/redirect-from-banner.html
Frame ID: B2429ACD927A01C0B5B90EEA5F005BBC
Requests: 24 HTTP requests in this frame

Frame: http://jsc.traffic-media.co/g/m/gmaegames.pro.674834.js?t=119088
Frame ID: EF82C8C06E2C7DED1E1185472926705C
Requests: 3 HTTP requests in this frame

Frame: http://threedrive.su/code/partners.php?id=15469357513118221002
Frame ID: 4EDFE507C787A7AC18737A3520C2AA3C
Requests: 1 HTTP requests in this frame

Frame: http://threedrive.su/code/swf_banner.php?img_adv=&img2_adv=YmFubmVyXzQ0MDcwXjFhYTZhMWJkYzIzMmM3YTRiOTBlNjEyYTE0YjQyY2Uw.txt&img_sep=txt&dim_width=600&dim_height=300&data=&b_click=UjBkY3ZMM1JvY21WZlUyZWFIUjBjRG9jSDd3bFpISnBkbVV1YzNVdlkyeHBZMnR6TDJKaEwwMVVUWGxQVkd4bVRrUlJkMDU2UW1WTmFtY3pUVlJrYVUxcVpHbE9iVWwzVGxSVmVscHFTWGRaYW10NVRUSkdiVTVYVm0xTlJHTjZUbFJaUFM1d2FIYzRmOUhBPQ==&bhash=b11a3abf6a
Frame ID: E5CA006B958003979D12BE6D0742A2EE
Requests: 1 HTTP requests in this frame

Frame: https://mrelko.com/j/f.php?t=60&rnd=825124
Frame ID: B4F1276DD2749892365FF8C2459E9E75
Requests: 1 HTTP requests in this frame

Frame: https://jfduv7.com/s/h5/3852/?link=https://jfduv7.com/c/s.php?h=46fabcd45825885939187b517c0c8a0b&u=aHR0cHM6Ly9zbG90cy5ncmFuZC1jYXNpbm83OS5jb20vP3BhcnRuZXI9Z3JhbjA1ODcuJXN1YmFjYyUuJWlkYWQlLiVpZGJsb2NrJS4lZ2VvJS4ldHlwZSU=&s=17412&b=4394&sl=3852&c=DE&cc=
Frame ID: D093F81DFD23099E35F4FDF5413F1C18
Requests: 1 HTTP requests in this frame

Frame: https://www.mrelko.com/bnrs/h5/106410/index.html?subacc=17412&idad=106410&idblock=622&geo=DE&city=&type=0&fa=0&r=-62169993017&link=https://mrelko.com/c/s.php?h=f8c8774e06f5302ed70c362619786a93&u=aHR0cHM6Ly91Zm93aGVlbC5ncmFuZC1jYXNpbm83OS5jb20vP3BhcnRuZXI9Z3JhbjA4MTYuJXN1YmFjYyUuJWlkYWQlLiVpZGJsb2NrJS4lZ2VvJS4ldHlwZSU=&s=17412&b=622&f=106410&bn=6958&cc=DE&c=
Frame ID: 37D639412A90B1DEC98651F7A6C1B468
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://dipladoks.org/ HTTP 301
    http://gmaegames.pro/redirect-from-banner.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<script[^<>]*>[^]{0,128}?src\s*=\s*['"]\/\/counter\.yadro\.ru\/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r/i
  • html /<!--LiveInternet counter-->/i
  • html /<!--\/LiveInternet-->/i

Page Statistics

31
Requests

48 %
HTTPS

14 %
IPv6

11
Domains

17
Subdomains

15
IPs

7
Countries

400 kB
Transfer

557 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dipladoks.org/ HTTP 301
    http://gmaegames.pro/redirect-from-banner.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://counter.yadro.ru/hit;redirect-from-banner?r;s1600*1200*24;uhttp%3A//gmaegames.pro/redirect-from-banner.html;h%u0421%u0442%u0440%u0430%u043D%u0438%u0446%u0430%20%u0441%u043F%u043E%u043D%u0441%u043E%u0440%u043E%u0432;0.933729429650016 HTTP 302
  • http://counter.yadro.ru/hit;redirect-from-banner?q;r;s1600*1200*24;uhttp%3A//gmaegames.pro/redirect-from-banner.html;h%u0421%u0442%u0440%u0430%u043D%u0438%u0446%u0430%20%u0441%u043F%u043E%u043D%u0441%u043E%u0440%u043E%u0432;0.933729429650016

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request redirect-from-banner.html
gmaegames.pro/
Redirect Chain
  • http://dipladoks.org/
  • http://gmaegames.pro/redirect-from-banner.html
10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://gmaegames.pro/redirect-from-banner.html
Protocol
HTTP/1.1
Server
212.83.191.99 , France, ASN12876 (AS12876, FR),
Reverse DNS
212-83-191-99.rev.poneytelecom.eu
Software
Apache/2.2.22 (Debian) /
Resource Hash
f5760f20f0b13fc71ca7f5532351f5488f77dd2f848cc5d7e19ba69688b1c30c

Request headers

Host
gmaegames.pro
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 08:22:32 GMT
Server
Apache/2.2.22 (Debian)
Last-Modified
Tue, 01 Jan 2019 09:08:26 GMT
ETag
"4e0002-27a7-57e61df401680"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
5071
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Tue, 08 Jan 2019 08:22:28 GMT
Server
Apache/2.2.22 (Debian)
Location
http://gmaegames.pro/redirect-from-banner.html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
263
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
style-z.css
gmaegames.pro/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://gmaegames.pro/style-z.css
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
HTTP/1.1
Server
212.83.191.99 , France, ASN12876 (AS12876, FR),
Reverse DNS
212-83-191-99.rev.poneytelecom.eu
Software
Apache/2.2.22 (Debian) /
Resource Hash
a77914d0df27a53d29ef6b2549ea4f5f313a61bff9e943fa38b38e99696f5a1a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
gmaegames.pro
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://gmaegames.pro/redirect-from-banner.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 08:22:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Oct 2018 15:22:12 GMT
Server
Apache/2.2.22 (Debian)
ETag
"4e000d-966-577f588f4f100"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
931
bshow.php
threedrive.su/code/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://threedrive.su/code/bshow.php?id=13299&dimension=500x250&new_dimension=600x300
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
HTTP/1.1
Server
185.80.53.250 Amsterdam, Netherlands, ASN59711 (HZ-NL-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
eab49984a9a04fc6d7b3acc0689da4a188a696eb9adbc756ee3938a4d73e4019

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 08:22:32 GMT
Server
nginx
Connection
keep-alive
P3P
CP="NON DSP COR CURa TIA"
Content-Length
5394
Content-Type
text/javascript; charset=utf-8
hit;redirect-from-banner
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit;redirect-from-banner?r;s1600*1200*24;uhttp%3A//gmaegames.pro/redirect-from-banner.html;h%u0421%u0442%u0440%u0430%u043D%u0438%u0446%u0430%20%u0441%u043F%u043E%u043D%u0441...
  • http://counter.yadro.ru/hit;redirect-from-banner?q;r;s1600*1200*24;uhttp%3A//gmaegames.pro/redirect-from-banner.html;h%u0421%u0442%u0440%u0430%u043D%u0438%u0446%u0430%20%u0441%u043F%u043E%u043D%u04...
43 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://counter.yadro.ru/hit;redirect-from-banner?q;r;s1600*1200*24;uhttp%3A//gmaegames.pro/redirect-from-banner.html;h%u0421%u0442%u0440%u0430%u043D%u0438%u0446%u0430%20%u0441%u043F%u043E%u043D%u0441%u043E%u0440%u043E%u0432;0.933729429650016
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
HTTP/1.1
Server
88.212.201.193 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host193.rax.ru
Software
0W/0.8c /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 08 Jan 2019 08:22:32 GMT
Server
0W/0.8c
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
Close
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Jan 2018 00:38:46 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 08 Jan 2019 08:22:32 GMT
Server
0W/0.8c
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
http://counter.yadro.ru/hit;redirect-from-banner?q;r;s1600*1200*24;uhttp%3A//gmaegames.pro/redirect-from-banner.html;h%u0421%u0442%u0440%u0430%u043D%u0438%u0446%u0430%20%u0441%u043F%u043E%u043D%u0441%u043E%u0440%u043E%u0432;0.933729429650016
Cache-control
no-cache
Content-Type
text/html
Content-Length
32
Expires
Mon, 08 Jan 2018 00:38:46 GMT
z
xk9o.amgload.net/ 		16 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://xk9o.amgload.net/z
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
HTTP/1.1
Server
185.187.81.41 , Ukraine, ASN43332 (IDSTRATEGY-AS ---------- UPSTREAMS ----------, UA),
Reverse DNS
Software
nginx /
Resource Hash
5e33c9d89f41279c48f286c4729c1d87898e57bbb85fd81f8d9adf68a4918b27

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
Origin
http://gmaegames.pro
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 08 Jan 2019 08:22:32 GMT
Server
nginx
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check
Cache-Control
no-cache, no-store
X-Check
bdcea320d6f7615aac6c1c406381d57a
Connection
keep-alive
Content-Length
16
Expires
Thu, 01 Jan 1970 00:00:01 GMT
z
kz9c.piguiqproxy.com/ 		16 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://kz9c.piguiqproxy.com/z
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
HTTP/1.1
Server
185.187.81.35 , Ukraine, ASN43332 (IDSTRATEGY-AS ---------- UPSTREAMS ----------, UA),
Reverse DNS
Software
nginx /
Resource Hash
5e33c9d89f41279c48f286c4729c1d87898e57bbb85fd81f8d9adf68a4918b27

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
Origin
http://gmaegames.pro
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 08 Jan 2019 08:22:32 GMT
Server
nginx
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check
Cache-Control
no-cache, no-store
X-Check
bdcea320d6f7615aac6c1c406381d57a
Connection
keep-alive
Content-Length
16
Expires
Thu, 01 Jan 1970 00:00:01 GMT
gmaegames.pro.674834.js
jsc.traffic-media.co/g/m/ Frame EF82 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://jsc.traffic-media.co/g/m/gmaegames.pro.674834.js?t=119088
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
HTTP/1.1
Server
2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
a8cf0c530785145d34a9cfe99d65395d635041eedf9500c5dacbb675eafb8044

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-ID
cec-up-a10
Date
Tue, 08 Jan 2019 08:22:32 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Dec 2018 11:48:27 GMT
Server
nginx
x-amz-request-id
57885DDD2DFBA8AE
ETag
W/"2d1515208b6e7e1b75664d047054bc1f"
Transfer-Encoding
chunked
X-Cached-Since
2019-01-08T08:00:58+00:00
Content-Type
text/javascript
Cache
HIT
Connection
keep-alive
x-amz-id-2
VZq3HCMQ9BAy3UvOTLnyOWxgHrfpi7LEKMRZ6daRNaFMaBBN+VR9fHI7kfYex42GoYQifGry05c=
vinos.js
et-cod.com/bens/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://et-cod.com/bens/vinos.js?2164a0.43308014885692425
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
HTTP/1.1
Server
185.80.53.247 Amsterdam, Netherlands, ASN59711 (HZ-NL-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d8b103868217f758431abe09982bb4355df9784a045d1b8bcae4af4948a80c31

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 08:22:32 GMT
Server
nginx
Connection
keep-alive
P3P
CP="NON DSP COR CURa TIA"
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
w.php
mrelko.com/j/ 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mrelko.com/j/w.php?id=622&r=0.7644546021489647
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
HTTP/1.1
Server
195.234.98.125 , Russian Federation, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx/1.8.0 / PHP/5.6.18
Resource Hash
a9b37285ebcd6763817af35b5fc20724df98621e189f2605abd84f432a542418

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 08:22:32 GMT
Content-Encoding
gzip
Server
nginx/1.8.0
X-Powered-By
PHP/5.6.18
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
close
Cookie set partners.php
threedrive.su/code/ Frame 4EDF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://threedrive.su/code/partners.php?id=15469357513118221002
Requested by
Host: threedrive.su
URL: http://threedrive.su/code/bshow.php?id=13299&dimension=500x250&new_dimension=600x300
Protocol
HTTP/1.1
Server
185.80.53.250 Amsterdam, Netherlands, ASN59711 (HZ-NL-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
threedrive.su
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://gmaegames.pro/redirect-from-banner.html
Accept-Encoding
gzip, deflate
Cookie
uuid=15469357513118221002; range_bq=44070
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://gmaegames.pro/redirect-from-banner.html

Response headers

Server
nginx
Date
Tue, 08 Jan 2019 08:22:32 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
afterview_matching=1; expires=Tue, 08-Jan-2019 16:22:32 GMT; Max-Age=28800; path=/; domain=.threedrive.su roz_matching=1; expires=Tue, 08-Jan-2019 14:22:32 GMT; Max-Age=21600; path=/; domain=.threedrive.su
Vary
Accept-Encoding
Content-Encoding
gzip
swf_banner.php
threedrive.su/code/ Frame E5CA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://threedrive.su/code/swf_banner.php?img_adv=&img2_adv=YmFubmVyXzQ0MDcwXjFhYTZhMWJkYzIzMmM3YTRiOTBlNjEyYTE0YjQyY2Uw.txt&img_sep=txt&dim_width=600&dim_height=300&data=&b_click=UjBkY3ZMM1JvY21WZlUyZWFIUjBjRG9jSDd3bFpISnBkbVV1YzNVdlkyeHBZMnR6TDJKaEwwMVVUWGxQVkd4bVRrUlJkMDU2UW1WTmFtY3pUVlJrYVUxcVpHbE9iVWwzVGxSVmVscHFTWGRaYW10NVRUSkdiVTVYVm0xTlJHTjZUbFJaUFM1d2FIYzRmOUhBPQ==&bhash=b11a3abf6a
Requested by
Host: threedrive.su
URL: http://threedrive.su/code/bshow.php?id=13299&dimension=500x250&new_dimension=600x300
Protocol
HTTP/1.1
Server
185.80.53.250 Amsterdam, Netherlands, ASN59711 (HZ-NL-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
threedrive.su
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://gmaegames.pro/redirect-from-banner.html
Accept-Encoding
gzip, deflate
Cookie
uuid=15469357513118221002; range_bq=44070
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://gmaegames.pro/redirect-from-banner.html

Response headers

Server
nginx
Date
Tue, 08 Jan 2019 08:22:32 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
w.php
jfduv7.com/j/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://jfduv7.com/j/w.php?id=NDM5NA==&r=0.09211680059113703
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
HTTP/1.1
Server
78.140.146.126 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx/1.12.0 / PHP/5.6.30
Resource Hash
650c04d9f906738835c95be2b112cc2d4cfd230188b8905284a4f45434762fe0

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 08:22:32 GMT
Server
nginx/1.12.0
Connection
close
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Powered-By
PHP/5.6.30
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
truncated
/ 		632 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

Response headers

Content-Type
image/gif
1
servicer.traffic-media.co/674834/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.traffic-media.co/674834/1?w=1200&h=1404&cols=1&pv=5&cbuster=1546935752337451926114&ref=&lu=http%3A%2F%2Fgmaegames.pro%2Fredirect-from-banner.html&pageView=1&pvid=1682c8e56929f0feb0f&implVersion=10
Requested by
Host: jsc.traffic-media.co
URL: http://jsc.traffic-media.co/g/m/gmaegames.pro.674834.js?t=119088
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.43.72 Paris, France, ASN12876 (AS12876, FR),
Reverse DNS
212-129-43-72.rev.poneytelecom.eu
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1924d8cfc090231c8401048a37f85f473904a5b70fec94126978836997800648

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jan 2019 08:22:32 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
content-type
application/x-javascript; charset=utf-8
3002874.jpg
cs02.et-cod.com/content/53713/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cs02.et-cod.com/content/53713/3002874.jpg
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
HTTP/1.1
Server
185.80.53.248 Amsterdam, Netherlands, ASN59711 (HZ-NL-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ba68dbc08f879ce9db2fb940a8eef1a081bc306819e904e52a8bca2e47061f36

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 08:22:32 GMT
Last-Modified
Tue, 27 Nov 2018 11:50:24 GMT
Server
nginx
ETag
"5bfd2f80-6447"
Content-Type
image/jpeg
Cache-Control
public, max-age=28800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25671
2996148.jpg
cs03.et-cod.com/content/53713/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cs03.et-cod.com/content/53713/2996148.jpg
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
HTTP/1.1
Server
193.200.65.33 , Ukraine, ASN59711 (HZ-NL-AS, GB),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash
1489de2fe2950aef8c7b461fa26ff4b64e7fd83187a2a7cfa542dd02dceebfcc

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 08:22:32 GMT
Last-Modified
Mon, 29 Oct 2018 07:23:41 GMT
Server
nginx
ETag
"5bd6b57d-514f"
Content-Type
image/jpeg
Cache-Control
public, max-age=28800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20815
3002871.jpg
cs02.et-cod.com/content/53713/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cs02.et-cod.com/content/53713/3002871.jpg
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
HTTP/1.1
Server
185.80.53.248 Amsterdam, Netherlands, ASN59711 (HZ-NL-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
5c4836e3b1ca3faaa7a05c64460ff4f7e870f26e778f635e115e09ee03eb411d

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 08:22:32 GMT
Last-Modified
Tue, 27 Nov 2018 11:50:18 GMT
Server
nginx
ETag
"5bfd2f7a-9b71"
Content-Type
image/jpeg
Cache-Control
public, max-age=28800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39793
2996958.jpg
cs03.et-cod.com/content/53713/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cs03.et-cod.com/content/53713/2996958.jpg
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
HTTP/1.1
Server
193.200.65.33 , Ukraine, ASN59711 (HZ-NL-AS, GB),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash
587bd8c50344429db95df5ee57b477b58cbf6568e969fac1b67908e45167f07e

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 08:22:32 GMT
Last-Modified
Thu, 01 Nov 2018 12:49:18 GMT
Server
nginx
ETag
"5bdaf64e-6460"
Content-Type
image/jpeg
Cache-Control
public, max-age=28800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25696
f.php
mrelko.com/j/ Frame B4F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mrelko.com/j/f.php?t=60&rnd=825124
Requested by
Host: mrelko.com
URL: http://mrelko.com/j/w.php?id=622&r=0.7644546021489647
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.234.98.125 , Russian Federation, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx/1.8.0 / PHP/5.6.18
Resource Hash

Request headers

Host
mrelko.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://gmaegames.pro/redirect-from-banner.html
Accept-Encoding
gzip, deflate, br
Cookie
bnnruid=w+pifVw0XchbPOr9ikhtAg==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://gmaegames.pro/redirect-from-banner.html

Response headers

Server
nginx/1.8.0
Date
Tue, 08 Jan 2019 08:22:32 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.18
Content-Encoding
gzip
s.php
mrelko.com/j/ 		586 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mrelko.com/j/s.php?id=622&bf=1&fa=0&rnd=825124&c=DE&cc=UN&h=&r=0.0806660356489679
Requested by
Host: mrelko.com
URL: http://mrelko.com/j/w.php?id=622&r=0.7644546021489647
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.234.98.125 , Russian Federation, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx/1.8.0 / PHP/5.6.18
Resource Hash
bae29c63cc8af836d022fd03e6ad6033e1fb1b999120010a16201ae23446eef2

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 08:22:32 GMT
Content-Encoding
gzip
Server
nginx/1.8.0
Connection
close
X-Powered-By
PHP/5.6.18
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Cookie set /
jfduv7.com/s/h5/3852/ Frame D093 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://jfduv7.com/s/h5/3852/?link=https://jfduv7.com/c/s.php?h=46fabcd45825885939187b517c0c8a0b&u=aHR0cHM6Ly9zbG90cy5ncmFuZC1jYXNpbm83OS5jb20vP3BhcnRuZXI9Z3JhbjA1ODcuJXN1YmFjYyUuJWlkYWQlLiVpZGJsb2NrJS4lZ2VvJS4ldHlwZSU=&s=17412&b=4394&sl=3852&c=DE&cc=
Requested by
Host: jfduv7.com
URL: http://jfduv7.com/j/w.php?id=NDM5NA==&r=0.09211680059113703
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.146.126 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx/1.12.0 /
Resource Hash

Request headers

Host
jfduv7.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://gmaegames.pro/redirect-from-banner.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://gmaegames.pro/redirect-from-banner.html

Response headers

Server
nginx/1.12.0
Date
Tue, 08 Jan 2019 08:22:32 GMT
Content-Type
text/html
Last-Modified
Mon, 17 Sep 2018 11:58:46 GMT
Transfer-Encoding
chunked
Connection
close
ETag
W/"5b9f96f6-713"
Set-Cookie
sldruid=ToySflw0XchKmKb/ReixAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=smilered.com; path=/
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Content-Encoding
gzip
listen.php
jfduv7.com/c/ 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jfduv7.com/c/listen.php?b=4394&d=http://gmaegames.pro
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.146.126 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx/1.12.0 / PHP/5.6.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 08:22:32 GMT
Server
nginx/1.12.0
Connection
close
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Powered-By
PHP/5.6.30
Content-Type
text/html; charset=UTF-8
index.html
www.mrelko.com/bnrs/h5/106410/ Frame 37D6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mrelko.com/bnrs/h5/106410/index.html?subacc=17412&idad=106410&idblock=622&geo=DE&city=&type=0&fa=0&r=-62169993017&link=https://mrelko.com/c/s.php?h=f8c8774e06f5302ed70c362619786a93&u=aHR0cHM6Ly91Zm93aGVlbC5ncmFuZC1jYXNpbm83OS5jb20vP3BhcnRuZXI9Z3JhbjA4MTYuJXN1YmFjYyUuJWlkYWQlLiVpZGJsb2NrJS4lZ2VvJS4ldHlwZSU=&s=17412&b=622&f=106410&bn=6958&cc=DE&c=
Requested by
Host: mrelko.com
URL: http://mrelko.com/j/w.php?id=622&r=0.7644546021489647
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.84.53.99 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
99-53-84-80.rackcentre.redstation.net.uk
Software
nginx/1.6.2 /
Resource Hash

Request headers

Host
www.mrelko.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://gmaegames.pro/redirect-from-banner.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://gmaegames.pro/redirect-from-banner.html

Response headers

Server
nginx/1.6.2
Date
Tue, 08 Jan 2019 08:22:32 GMT
Content-Type
text/html
Last-Modified
Wed, 31 Oct 2018 12:13:46 GMT
Transfer-Encoding
chunked
Connection
close
Content-Encoding
gzip
logo_col.gif
mrelko.com/s/logo/ 		283 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mrelko.com/s/logo/logo_col.gif
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.234.98.125 , Russian Federation, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx/1.8.0 /
Resource Hash
d7f83bc1556bf4a71b09ab6e69c5f09075835923a9ee508ec7cbac56a4e268b2

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 08:22:32 GMT
Last-Modified
Wed, 29 Apr 2015 05:55:23 GMT
Server
nginx/1.8.0
ETag
"5540724b-11b"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
283
58156141_492x328.jpg
imgg-cdn.traffic-media.co/58156/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgg-cdn.traffic-media.co/58156/58156141_492x328.jpg?t=1532336002
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
86c4e6c3845ab564ac24c2094863cfb7fccd972753350d011b087ff36c54edbd

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-id
cec-up-gc11
date
Tue, 08 Jan 2019 08:22:32 GMT
last-modified
Sun, 23 Dec 2018 07:35:42 GMT
server
nginx
access-control-allow-origin
*, *
x-cached-since
2018-12-23T17:48:47+00:00
content-type
image/jpeg
status
200
cache-control
max-age=2592000
cache
HIT
accept-ranges
bytes
content-length
40808
expires
Tue, 22 Jan 2019 17:48:47 GMT
57916753_492x328.jpg
imgg-cdn.traffic-media.co/57916/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgg-cdn.traffic-media.co/57916/57916753_492x328.jpg?t=1527858740
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
0e39c5fb74eae7545333609571dff2d14f397ccf3ea125f8852f0f0b5df470c1

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-id
cec-up-gc11
date
Tue, 08 Jan 2019 08:22:32 GMT
last-modified
Fri, 21 Dec 2018 04:19:34 GMT
server
nginx
access-control-allow-origin
*, *
x-cached-since
2018-12-22T18:45:10+00:00
content-type
image/jpeg
status
200
cache-control
max-age=2592000
cache
HIT
accept-ranges
bytes
content-length
37893
expires
Mon, 21 Jan 2019 18:45:10 GMT
58498477_492x328.jpg
imgg-cdn.traffic-media.co/58498/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgg-cdn.traffic-media.co/58498/58498477_492x328.jpg?t=1538219968
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
72c3800a0abf25586f90172cfd8d0db2caa96c284b69a2419b8745d11ba42f3d

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-id
cec-up-gc11
date
Tue, 08 Jan 2019 08:22:32 GMT
last-modified
Thu, 20 Dec 2018 04:27:01 GMT
server
nginx
access-control-allow-origin
*, *
x-cached-since
2018-12-22T18:50:51+00:00
content-type
image/jpeg
status
200
cache-control
max-age=2592000
cache
HIT
accept-ranges
bytes
content-length
29989
expires
Mon, 21 Jan 2019 18:50:51 GMT
58432675_492x328.jpg
imgg-cdn.traffic-media.co/58432/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgg-cdn.traffic-media.co/58432/58432675_492x328.jpg?t=1537167644
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
cc76b49b92a04f8765dce62173e12a56326a0a432052bd6337892e91922b0af3

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-id
cec-up-gc11
date
Tue, 08 Jan 2019 08:22:32 GMT
last-modified
Sat, 05 Jan 2019 16:46:46 GMT
server
nginx
access-control-allow-origin
*, *
x-cached-since
2019-01-07T15:55:06+00:00
content-type
image/jpeg
status
200
cache-control
max-age=2592000
cache
HIT
accept-ranges
bytes
content-length
41339
expires
Wed, 06 Feb 2019 15:55:06 GMT
c
c.traffic-media.co/ Frame EF82 		43 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.traffic-media.co/c?pv=2&f=1&v=492|328|8|8hx0FovvJc2d-Kw2AeNysi6ZCtLn-DwYK6mWuvF5VnKoAy-oYDXJedkEpdlq0Jx6&fw=1&v=492|328|8|8hx0FovvJc2d-Kw2AeNysgC-wFo3vpDYYUX2AJZ7cqPVXMU1_b2AwzROpouPWMjU&v=492|328|8|8hx0FovvJc2d-Kw2AeNystGjyLOTPN_emp6M7efyO0JEcKHbuPH4NPj14CTVNpCT&cid=674834&h2=TIdlyWOmSBV8w-4_DUjONurwwt0vdPvN5zCEJZJn8co*&rid=8bb4d754-131e-11e9-beff-0cc47acef4ca&tt=Direct&cbuster=1546935752674704723390
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.43.72 Paris, France, ASN12876 (AS12876, FR),
Reverse DNS
212-129-43-72.rev.poneytelecom.eu
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Tue, 08 Jan 2019 08:22:32 GMT
cache-control
max-age=0, no-store, no-cache, must-revalidate
server
nginx/1.10.3 (Ubuntu)
content-type
image/gif
k3k702ZOKiLJc3WVjuplzOXREeHhJi4GEUJI9ob_ak4.woff2
fonts.gstatic.com/s/opensans/v10/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOXREeHhJi4GEUJI9ob_ak4.woff2
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8da489bfe3ba801f5e650f477a160e9a0bad62c872558d07573f4ca9e0e05e12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://gmaegames.pro/redirect-from-banner.html
Origin
http://gmaegames.pro

Response headers

date
Wed, 19 Dec 2018 07:30:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Aug 2014 18:06:33 GMT
server
sffe
age
1731096
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
21820
x-xss-protection
1; mode=block
expires
Thu, 19 Dec 2019 07:30:56 GMT
k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
Requested by
Host: gmaegames.pro
URL: http://gmaegames.pro/redirect-from-banner.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://gmaegames.pro/redirect-from-banner.html
Origin
http://gmaegames.pro

Response headers

date
Thu, 03 Jan 2019 07:10:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Aug 2014 18:08:16 GMT
server
sffe
age
436345
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
16224
x-xss-protection
1; mode=block
expires
Fri, 03 Jan 2020 07:10:07 GMT
c
c.traffic-media.co/ Frame EF82 		43 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.traffic-media.co/c?pv=2&v=288|192|8|8hx0FovvJc2d-Kw2AeNysh0rSMMsM3rmjHPUxz4m16O_ALV8k-sLeKFqRY9s9o6i&cid=674834&h2=TIdlyWOmSBV8w-4_DUjONurwwt0vdPvN5zCEJZJn8co*&rid=8bb4d754-131e-11e9-beff-0cc47acef4ca&tt=Direct&cbuster=1546935753674717494551
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.43.72 Paris, France, ASN12876 (AS12876, FR),
Reverse DNS
212-129-43-72.rev.poneytelecom.eu
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://gmaegames.pro/redirect-from-banner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Tue, 08 Jan 2019 08:22:33 GMT
cache-control
max-age=0, no-store, no-cache, must-revalidate
server
nginx/1.10.3 (Ubuntu)
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| b11a3abf6a_cancel_bubbling number| b11a3abf6a_dim_width number| b11a3abf6a_dim_height function| b11a3abf6a_MListener object| b11a3abf6a_partners object| b11a3abf6a_parent number| b11a3abf6a_while object| b11a3abf6a_banner_swf object| _mgIntExchangeNews object| onClickExcludes function| TrafficmediaLoadGoods674834 undefined| TrafficmediaCReject674834 object| _mgq function| _mgqp number| _mgqt number| _mgqi boolean| _mgPageView408478 function| EtargLoadGoods_ec3a9a728d number| m function| tftBnnrGnShwScrtWpr622 boolean| b_31ee8844c910a09b6fa12d02ed5acf8e boolean| ex_semaphore_622 object| a_825124 number| c_825124 object| e_825124 object| in_ch_622 object| ifr_622 function| tftBnnrGnStHtml622 boolean| b_2a68bcf091c3d6610fe9e60b27092819 function| rmbnHide function| rmbnOpen number| tm_622 object| _mgwcapping

6 Cookies

Domain/Path Name / Value
mrelko.com/ Name: bnnruid
Value: w+pifVw0XchbPOr9ikhtAg==
.threedrive.su/ Name: roz_matching
Value: 1
.threedrive.su/ Name: afterview_matching
Value: 1
.threedrive.su/ Name: range_bq
Value: 44070
.threedrive.su/ Name: uuid
Value: 15469357513118221002
gmaegames.pro/ Name: TrafficmediaStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22aukoVqvFd%22%7D%2C%22C674834%22%3A%7B%22page%22%3A1%2C%22time%22%3A1546935752655%7D%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.traffic-media.co
counter.yadro.ru
cs02.et-cod.com
cs03.et-cod.com
dipladoks.org
et-cod.com
fonts.gstatic.com
gmaegames.pro
imgg-cdn.traffic-media.co
jfduv7.com
jsc.traffic-media.co
kz9c.piguiqproxy.com
mrelko.com
servicer.traffic-media.co
threedrive.su
www.mrelko.com
xk9o.amgload.net
185.187.81.35
185.187.81.41
185.80.53.247
185.80.53.248
185.80.53.250
193.200.65.33
195.234.98.125
212.129.43.72
212.83.191.99
2a00:1450:4001:81f::2003
2a03:90c0:9997::9997
78.140.146.126
80.84.53.99
88.212.201.193
0e39c5fb74eae7545333609571dff2d14f397ccf3ea125f8852f0f0b5df470c1
1489de2fe2950aef8c7b461fa26ff4b64e7fd83187a2a7cfa542dd02dceebfcc
1924d8cfc090231c8401048a37f85f473904a5b70fec94126978836997800648
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
587bd8c50344429db95df5ee57b477b58cbf6568e969fac1b67908e45167f07e
5c4836e3b1ca3faaa7a05c64460ff4f7e870f26e778f635e115e09ee03eb411d
5e33c9d89f41279c48f286c4729c1d87898e57bbb85fd81f8d9adf68a4918b27
650c04d9f906738835c95be2b112cc2d4cfd230188b8905284a4f45434762fe0
72c3800a0abf25586f90172cfd8d0db2caa96c284b69a2419b8745d11ba42f3d
86c4e6c3845ab564ac24c2094863cfb7fccd972753350d011b087ff36c54edbd
8da489bfe3ba801f5e650f477a160e9a0bad62c872558d07573f4ca9e0e05e12
a77914d0df27a53d29ef6b2549ea4f5f313a61bff9e943fa38b38e99696f5a1a
a8cf0c530785145d34a9cfe99d65395d635041eedf9500c5dacbb675eafb8044
a9b37285ebcd6763817af35b5fc20724df98621e189f2605abd84f432a542418
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
ba68dbc08f879ce9db2fb940a8eef1a081bc306819e904e52a8bca2e47061f36
bae29c63cc8af836d022fd03e6ad6033e1fb1b999120010a16201ae23446eef2
cc76b49b92a04f8765dce62173e12a56326a0a432052bd6337892e91922b0af3
d7f83bc1556bf4a71b09ab6e69c5f09075835923a9ee508ec7cbac56a4e268b2
d8b103868217f758431abe09982bb4355df9784a045d1b8bcae4af4948a80c31
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab49984a9a04fc6d7b3acc0689da4a188a696eb9adbc756ee3938a4d73e4019
f5760f20f0b13fc71ca7f5532351f5488f77dd2f848cc5d7e19ba69688b1c30c