Submitted URL: http://bluntain.xyz/?cs=alnvtgxbzq5%2Fcqtnxxkjx2zxevxa&abt=0&red=1&sm=16&k=free%20yesmovies%20watch%20online%20respe...
Effective URL: https://v3m.gtarcade.com/?q=5b0ce9a29f0147427061
Submission Tags: falconsandbox
Submission: On September 27 via api from US — Scanned from DE

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 19 HTTP transactions. The main IP is 2.18.234.204, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is v3m.gtarcade.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on August 11th 2021. Valid for: a year.
This is the only time v3m.gtarcade.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.225.78.106 16509 (AMAZON-02)
1 2 95.211.229.246 60781 (LEASEWEB-...)
1 2 144.76.223.10 24940 (HETZNER-AS)
6 2.18.234.204 16625 (AKAMAI-AS)
11 104.111.225.222 16625 (AKAMAI-AS)
19 4
Apex Domain
Subdomains
Transfer
11 gtarcade.net
flash.gtarcade.net
1 MB
6 gtarcade.com
v3m.gtarcade.com
apipool.gtarcade.com
53 KB
2 aplide.com
aplide.com
613 B
2 optnx.com
s.optnx.com
3 KB
1 bluntain.xyz
bluntain.xyz
2 KB
19 5
Domain Requested by
11 flash.gtarcade.net v3m.gtarcade.com
flash.gtarcade.net
4 v3m.gtarcade.com v3m.gtarcade.com
2 apipool.gtarcade.com v3m.gtarcade.com
apipool.gtarcade.com
2 aplide.com 1 redirects s.optnx.com
2 s.optnx.com 1 redirects
1 bluntain.xyz 1 redirects
19 6

This site contains links to these domains. Also see Links.

Domain
profile.gtarcade.com
Subject Issuer Validity Valid
optnx.com
R3
2021-08-05 -
2021-11-03
3 months crt.sh
aplide.com
R3
2021-07-31 -
2021-10-29
3 months crt.sh
*.gtarcade.com
GeoTrust RSA CA 2018
2021-08-11 -
2022-08-11
a year crt.sh
flash.gtarcade.net
DigiCert SHA2 Secure Server CA
2021-09-11 -
2022-09-14
a year crt.sh

This page contains 1 frames:

Primary Page: https://v3m.gtarcade.com/?q=5b0ce9a29f0147427061
Frame ID: 5075A9E4190DC8E6C86FF555A85768CC
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

League of Angels Ⅲ

Page URL History Show full URLs

  1. http://bluntain.xyz/?cs=alnvtgxbzq5%2Fcqtnxxkjx2zxevxa&abt=0&red=1&sm=16&k=free%20yesmovies%20wa... HTTP 302
    https://s.optnx.com/cimp.php?data=TVRZek1qY3lOVGd5Tlh3eU1XUmlPR1kyTWpBNU1UVmpPVEZoWXpNMk5XTTJZel... Page URL
  2. https://s.optnx.com/cimp.php?data=TVRZek1qY3lOVGd5Tlh3eU1XUmlPR1kyTWpBNU1UVmpPVEZoWXpNMk5XTTJZel... HTTP 302
    https://aplide.com/click.php?key=wviu2m0y0l96es9ibpn1&tag=oodPNXHNRNHNNTHPNK7bc7qKrJ567nV1Uz0S0... HTTP 302
    https://aplide.com/nlp/index.php?q=5b0ce9a29f0147427061&url_bnm_redirect=https://v3m.gtarcade.com/ Page URL
  3. https://v3m.gtarcade.com/?q=5b0ce9a29f0147427061 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

4
IPs

3
Countries

1273 kB
Transfer

1382 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bluntain.xyz/?cs=alnvtgxbzq5%2Fcqtnxxkjx2zxevxa&abt=0&red=1&sm=16&k=free%20yesmovies%20watch%20online%20respect&v=1.34.23.2&sts=0&prn=0&emb=0&tid=762059&inc=8&u=xxxxxxxxxxxxxxxx&fs=1&ref=https%3A%2F%2Fyesmovies.ag%2Fmovie%2Frespect-xxxxxxxxxx%2F1-1%2Fwatching.html&osr=yesmovies.ag&jst=0&enr=0&lcua=mozilla%2F5.0%20%28windows%20nt%2010.0%3B%20win64%3B%20x64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2Fxxxxxxxxxxxx%20safari%2F537.36%20edg%2F93.0.961.44&tzd=-5&uloc&if=0&ct=3&ctc=0&_rana=xxxxxxxxxxxxx HTTP 302
    https://s.optnx.com/cimp.php?data=TVRZek1qY3lOVGd5Tlh3eU1XUmlPR1kyTWpBNU1UVmpPVEZoWXpNMk5XTTJZell5TVdabVpUZzVOQS0tfGh0dHBzOi8vYXBsaWRlLmNvbS9jbGljay5waHA_a2V5PXd2aXUybTB5MGw5NmVzOWlicG4xJnRhZz1vb2RQTlhITlJOSE5OVEhQTks3YmM3cUtySjU2N25WMVV6MFMwVXVsYzZxYVoxVTdwM1V5dWxkSzZWMU5WZHpwN3BhcUtKWFQzVDFWVVVPbGRLNmQwN3BYU3VtZEs2VjB6bEtVcFNsS1VwU2xLVXAxVlBIRm12R3MwMHQxSEUxRzB1dDFOdWRPLnU4MXRXOURySzU1YXJuTDNMLkZIZTVZOC5YT2RLNlYwcnJxSFN1bGRLNlYwcmcud0EtLSZjb3N0PTAuMDAwNjg3NDE2JnNvdXJjZT15ZXNtb3ZpZXMuYWcmc2l0ZWlkPTgxNTY1NSZ6b25laWQ9MzU3MjI2OSZjYXRpZD01MTEmY291bnRyeT1ERVV8aHR0cHN8MjE2LjEzMS4xMTQuMjEwfERFVXw1Mnx5ZXNtb3ZpZXMuYWd8MzAyNzg2fDQzMDY3NXw4MTU2NTV8MzU3MjI2OXw1MTF8NDY2MTI5Mnw2NTQyMzAzNHw0MHwyfDB8MHw0NTY5fDc2MjA1OXw2OC43NDE2fDc1fFVTRHxVU0R8MXwxfDIyfHwxfERFVXx8MTAyfDR8MXx8eHh4eHh4eHh4eHh4eHh4eHw1NGZmN2NmYzExMDkzZjEzZDBjOTQ4YTRlY2UxODVlM3wwfDJ8eWVzbW92aWVzLmFnfDB8MHwwfDAuMjJ8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDI5MDUzMzB8LTF8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MnwwfDB8OTN8MHwwfDF8MHxPS3xkN2ZmMGNiMjBhMTA4M2U4NDgzMTU2YjZkNGM1YjUyZg-- Page URL
  2. https://s.optnx.com/cimp.php?data=TVRZek1qY3lOVGd5Tlh3eU1XUmlPR1kyTWpBNU1UVmpPVEZoWXpNMk5XTTJZell5TVdabVpUZzVOQS0tfGh0dHBzOi8vYXBsaWRlLmNvbS9jbGljay5waHA_a2V5PXd2aXUybTB5MGw5NmVzOWlicG4xJnRhZz1vb2RQTlhITlJOSE5OVEhQTks3YmM3cUtySjU2N25WMVV6MFMwVXVsYzZxYVoxVTdwM1V5dWxkSzZWMU5WZHpwN3BhcUtKWFQzVDFWVVVPbGRLNmQwN3BYU3VtZEs2VjB6bEtVcFNsS1VwU2xLVXAxVlBIRm12R3MwMHQxSEUxRzB1dDFOdWRPLnU4MXRXOURySzU1YXJuTDNMLkZIZTVZOC5YT2RLNlYwcnJxSFN1bGRLNlYwcmcud0EtLSZjb3N0PTAuMDAwNjg3NDE2JnNvdXJjZT15ZXNtb3ZpZXMuYWcmc2l0ZWlkPTgxNTY1NSZ6b25laWQ9MzU3MjI2OSZjYXRpZD01MTEmY291bnRyeT1ERVV8aHR0cHN8MjE2LjEzMS4xMTQuMjEwfERFVXw1Mnx5ZXNtb3ZpZXMuYWd8MzAyNzg2fDQzMDY3NXw4MTU2NTV8MzU3MjI2OXw1MTF8NDY2MTI5Mnw2NTQyMzAzNHw0MHwyfDB8MHw0NTY5fDc2MjA1OXw2OC43NDE2fDc1fFVTRHxVU0R8MXwxfDIyfHwxfERFVXx8MTAyfDR8MXx8eHh4eHh4eHh4eHh4eHh4eHw1NGZmN2NmYzExMDkzZjEzZDBjOTQ4YTRlY2UxODVlM3wwfDJ8eWVzbW92aWVzLmFnfDB8MHwwfDAuMjJ8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDI5MDUzMzB8LTF8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MnwwfDB8OTN8MHwwfDF8MHxPS3xkN2ZmMGNiMjBhMTA4M2U4NDgzMTU2YjZkNGM1YjUyZg--&p=https%3A%2F%2Fyesmovies.ag&tested=1&check=029095063ea6bae44202d59eaf874aec&screen_resolution=1600x1200&container_resolution=1600x1200&iframe=0 HTTP 302
    https://aplide.com/click.php?key=wviu2m0y0l96es9ibpn1&tag=oodPNXHNRNHNNTHPNK7bc7qKrJ567nV1Uz0S0Uulc6qaZ1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0zlKUpSlKUpSlKUp1VPHFmvGs00t1HE1G0ut1NudO.u81tW9DrK55arnL3L.FHe5Y8.XOdK6V0rrqHSuldK6V0rg.wA--&cost=0.000687416&source=yesmovies.ag&siteid=815655&zoneid=3572269&catid=511&country=DEU&exffir=eyJjIjoiMDI5MDk1MDYzZWE2YmFlNDQyMDJkNTllYWY4NzRhZWMiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIxNjAweDEyMDAiLCJpIjoiMCJ9 HTTP 302
    https://aplide.com/nlp/index.php?q=5b0ce9a29f0147427061&url_bnm_redirect=https://v3m.gtarcade.com/ Page URL
  3. https://v3m.gtarcade.com/?q=5b0ce9a29f0147427061 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bluntain.xyz/?cs=alnvtgxbzq5%2Fcqtnxxkjx2zxevxa&abt=0&red=1&sm=16&k=free%20yesmovies%20watch%20online%20respect&v=1.34.23.2&sts=0&prn=0&emb=0&tid=762059&inc=8&u=xxxxxxxxxxxxxxxx&fs=1&ref=https%3A%2F%2Fyesmovies.ag%2Fmovie%2Frespect-xxxxxxxxxx%2F1-1%2Fwatching.html&osr=yesmovies.ag&jst=0&enr=0&lcua=mozilla%2F5.0%20%28windows%20nt%2010.0%3B%20win64%3B%20x64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2Fxxxxxxxxxxxx%20safari%2F537.36%20edg%2F93.0.961.44&tzd=-5&uloc&if=0&ct=3&ctc=0&_rana=xxxxxxxxxxxxx HTTP 302
  • https://s.optnx.com/cimp.php?data=TVRZek1qY3lOVGd5Tlh3eU1XUmlPR1kyTWpBNU1UVmpPVEZoWXpNMk5XTTJZell5TVdabVpUZzVOQS0tfGh0dHBzOi8vYXBsaWRlLmNvbS9jbGljay5waHA_a2V5PXd2aXUybTB5MGw5NmVzOWlicG4xJnRhZz1vb2RQTlhITlJOSE5OVEhQTks3YmM3cUtySjU2N25WMVV6MFMwVXVsYzZxYVoxVTdwM1V5dWxkSzZWMU5WZHpwN3BhcUtKWFQzVDFWVVVPbGRLNmQwN3BYU3VtZEs2VjB6bEtVcFNsS1VwU2xLVXAxVlBIRm12R3MwMHQxSEUxRzB1dDFOdWRPLnU4MXRXOURySzU1YXJuTDNMLkZIZTVZOC5YT2RLNlYwcnJxSFN1bGRLNlYwcmcud0EtLSZjb3N0PTAuMDAwNjg3NDE2JnNvdXJjZT15ZXNtb3ZpZXMuYWcmc2l0ZWlkPTgxNTY1NSZ6b25laWQ9MzU3MjI2OSZjYXRpZD01MTEmY291bnRyeT1ERVV8aHR0cHN8MjE2LjEzMS4xMTQuMjEwfERFVXw1Mnx5ZXNtb3ZpZXMuYWd8MzAyNzg2fDQzMDY3NXw4MTU2NTV8MzU3MjI2OXw1MTF8NDY2MTI5Mnw2NTQyMzAzNHw0MHwyfDB8MHw0NTY5fDc2MjA1OXw2OC43NDE2fDc1fFVTRHxVU0R8MXwxfDIyfHwxfERFVXx8MTAyfDR8MXx8eHh4eHh4eHh4eHh4eHh4eHw1NGZmN2NmYzExMDkzZjEzZDBjOTQ4YTRlY2UxODVlM3wwfDJ8eWVzbW92aWVzLmFnfDB8MHwwfDAuMjJ8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDI5MDUzMzB8LTF8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MnwwfDB8OTN8MHwwfDF8MHxPS3xkN2ZmMGNiMjBhMTA4M2U4NDgzMTU2YjZkNGM1YjUyZg--
Request Chain 1
  • https://s.optnx.com/cimp.php?data=TVRZek1qY3lOVGd5Tlh3eU1XUmlPR1kyTWpBNU1UVmpPVEZoWXpNMk5XTTJZell5TVdabVpUZzVOQS0tfGh0dHBzOi8vYXBsaWRlLmNvbS9jbGljay5waHA_a2V5PXd2aXUybTB5MGw5NmVzOWlicG4xJnRhZz1vb2RQTlhITlJOSE5OVEhQTks3YmM3cUtySjU2N25WMVV6MFMwVXVsYzZxYVoxVTdwM1V5dWxkSzZWMU5WZHpwN3BhcUtKWFQzVDFWVVVPbGRLNmQwN3BYU3VtZEs2VjB6bEtVcFNsS1VwU2xLVXAxVlBIRm12R3MwMHQxSEUxRzB1dDFOdWRPLnU4MXRXOURySzU1YXJuTDNMLkZIZTVZOC5YT2RLNlYwcnJxSFN1bGRLNlYwcmcud0EtLSZjb3N0PTAuMDAwNjg3NDE2JnNvdXJjZT15ZXNtb3ZpZXMuYWcmc2l0ZWlkPTgxNTY1NSZ6b25laWQ9MzU3MjI2OSZjYXRpZD01MTEmY291bnRyeT1ERVV8aHR0cHN8MjE2LjEzMS4xMTQuMjEwfERFVXw1Mnx5ZXNtb3ZpZXMuYWd8MzAyNzg2fDQzMDY3NXw4MTU2NTV8MzU3MjI2OXw1MTF8NDY2MTI5Mnw2NTQyMzAzNHw0MHwyfDB8MHw0NTY5fDc2MjA1OXw2OC43NDE2fDc1fFVTRHxVU0R8MXwxfDIyfHwxfERFVXx8MTAyfDR8MXx8eHh4eHh4eHh4eHh4eHh4eHw1NGZmN2NmYzExMDkzZjEzZDBjOTQ4YTRlY2UxODVlM3wwfDJ8eWVzbW92aWVzLmFnfDB8MHwwfDAuMjJ8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDI5MDUzMzB8LTF8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MnwwfDB8OTN8MHwwfDF8MHxPS3xkN2ZmMGNiMjBhMTA4M2U4NDgzMTU2YjZkNGM1YjUyZg--&p=https%3A%2F%2Fyesmovies.ag&tested=1&check=029095063ea6bae44202d59eaf874aec&screen_resolution=1600x1200&container_resolution=1600x1200&iframe=0 HTTP 302
  • https://aplide.com/click.php?key=wviu2m0y0l96es9ibpn1&tag=oodPNXHNRNHNNTHPNK7bc7qKrJ567nV1Uz0S0Uulc6qaZ1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0zlKUpSlKUpSlKUp1VPHFmvGs00t1HE1G0ut1NudO.u81tW9DrK55arnL3L.FHe5Y8.XOdK6V0rrqHSuldK6V0rg.wA--&cost=0.000687416&source=yesmovies.ag&siteid=815655&zoneid=3572269&catid=511&country=DEU&exffir=eyJjIjoiMDI5MDk1MDYzZWE2YmFlNDQyMDJkNTllYWY4NzRhZWMiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIxNjAweDEyMDAiLCJpIjoiMCJ9 HTTP 302
  • https://aplide.com/nlp/index.php?q=5b0ce9a29f0147427061&url_bnm_redirect=https://v3m.gtarcade.com/

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set cimp.php
s.optnx.com/
Redirect Chain
  • http://bluntain.xyz/?cs=alnvtgxbzq5%2Fcqtnxxkjx2zxevxa&abt=0&red=1&sm=16&k=free%20yesmovies%20watch%20online%20respect&v=1.34.23.2&sts=0&prn=0&emb=0&tid=762059&inc=8&u=xxxxxxxxxxxxxxxx&fs=1&ref=htt...
  • https://s.optnx.com/cimp.php?data=TVRZek1qY3lOVGd5Tlh3eU1XUmlPR1kyTWpBNU1UVmpPVEZoWXpNMk5XTTJZell5TVdabVpUZzVOQS0tfGh0dHBzOi8vYXBsaWRlLmNvbS9jbGljay5waHA_a2V5PXd2aXUybTB5MGw5NmVzOWlicG4xJnRhZz1vb2R...
4 KB
2 KB
Document
General
Full URL
https://s.optnx.com/cimp.php?data=TVRZek1qY3lOVGd5Tlh3eU1XUmlPR1kyTWpBNU1UVmpPVEZoWXpNMk5XTTJZell5TVdabVpUZzVOQS0tfGh0dHBzOi8vYXBsaWRlLmNvbS9jbGljay5waHA_a2V5PXd2aXUybTB5MGw5NmVzOWlicG4xJnRhZz1vb2RQTlhITlJOSE5OVEhQTks3YmM3cUtySjU2N25WMVV6MFMwVXVsYzZxYVoxVTdwM1V5dWxkSzZWMU5WZHpwN3BhcUtKWFQzVDFWVVVPbGRLNmQwN3BYU3VtZEs2VjB6bEtVcFNsS1VwU2xLVXAxVlBIRm12R3MwMHQxSEUxRzB1dDFOdWRPLnU4MXRXOURySzU1YXJuTDNMLkZIZTVZOC5YT2RLNlYwcnJxSFN1bGRLNlYwcmcud0EtLSZjb3N0PTAuMDAwNjg3NDE2JnNvdXJjZT15ZXNtb3ZpZXMuYWcmc2l0ZWlkPTgxNTY1NSZ6b25laWQ9MzU3MjI2OSZjYXRpZD01MTEmY291bnRyeT1ERVV8aHR0cHN8MjE2LjEzMS4xMTQuMjEwfERFVXw1Mnx5ZXNtb3ZpZXMuYWd8MzAyNzg2fDQzMDY3NXw4MTU2NTV8MzU3MjI2OXw1MTF8NDY2MTI5Mnw2NTQyMzAzNHw0MHwyfDB8MHw0NTY5fDc2MjA1OXw2OC43NDE2fDc1fFVTRHxVU0R8MXwxfDIyfHwxfERFVXx8MTAyfDR8MXx8eHh4eHh4eHh4eHh4eHh4eHw1NGZmN2NmYzExMDkzZjEzZDBjOTQ4YTRlY2UxODVlM3wwfDJ8eWVzbW92aWVzLmFnfDB8MHwwfDAuMjJ8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDI5MDUzMzB8LTF8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MnwwfDB8OTN8MHwwfDF8MHxPS3xkN2ZmMGNiMjBhMTA4M2U4NDgzMTU2YjZkNGM1YjUyZg--
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
37f84bbe4c6d3dcd3bf188ca81905c0a8cc1b2732349f404a490b6df8adfc0af

Request headers

Host
s.optnx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Mon, 27 Sep 2021 06:57:05 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2261516b41b15068.639078122345468651%22%3B%7D; expires=Wed, 27 Sep 2023 06:57:05 GMT; path=; domain=.optnx.com; Secure; SameSite=none
Content-Encoding
gzip

Redirect headers

Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Date
Mon, 27 Sep 2021 06:57:05 GMT
Server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
set-cookie
csu=b42797df-460d-4c71-92c6-4f3c4ae88ba3
Location
https://s.optnx.com/cimp.php?data=TVRZek1qY3lOVGd5Tlh3eU1XUmlPR1kyTWpBNU1UVmpPVEZoWXpNMk5XTTJZell5TVdabVpUZzVOQS0tfGh0dHBzOi8vYXBsaWRlLmNvbS9jbGljay5waHA_a2V5PXd2aXUybTB5MGw5NmVzOWlicG4xJnRhZz1vb2RQTlhITlJOSE5OVEhQTks3YmM3cUtySjU2N25WMVV6MFMwVXVsYzZxYVoxVTdwM1V5dWxkSzZWMU5WZHpwN3BhcUtKWFQzVDFWVVVPbGRLNmQwN3BYU3VtZEs2VjB6bEtVcFNsS1VwU2xLVXAxVlBIRm12R3MwMHQxSEUxRzB1dDFOdWRPLnU4MXRXOURySzU1YXJuTDNMLkZIZTVZOC5YT2RLNlYwcnJxSFN1bGRLNlYwcmcud0EtLSZjb3N0PTAuMDAwNjg3NDE2JnNvdXJjZT15ZXNtb3ZpZXMuYWcmc2l0ZWlkPTgxNTY1NSZ6b25laWQ9MzU3MjI2OSZjYXRpZD01MTEmY291bnRyeT1ERVV8aHR0cHN8MjE2LjEzMS4xMTQuMjEwfERFVXw1Mnx5ZXNtb3ZpZXMuYWd8MzAyNzg2fDQzMDY3NXw4MTU2NTV8MzU3MjI2OXw1MTF8NDY2MTI5Mnw2NTQyMzAzNHw0MHwyfDB8MHw0NTY5fDc2MjA1OXw2OC43NDE2fDc1fFVTRHxVU0R8MXwxfDIyfHwxfERFVXx8MTAyfDR8MXx8eHh4eHh4eHh4eHh4eHh4eHw1NGZmN2NmYzExMDkzZjEzZDBjOTQ4YTRlY2UxODVlM3wwfDJ8eWVzbW92aWVzLmFnfDB8MHwwfDAuMjJ8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDI5MDUzMzB8LTF8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MnwwfDB8OTN8MHwwfDF8MHxPS3xkN2ZmMGNiMjBhMTA4M2U4NDgzMTU2YjZkNGM1YjUyZg--
X-Cache
Miss from cloudfront
Via
1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
DZBbkOsSMg4y2flhyWGO2s87iC_rQ_b0YATSPcu7sUbDCSrIYo8cVQ==
index.php
aplide.com/nlp/
Redirect Chain
  • https://s.optnx.com/cimp.php?data=TVRZek1qY3lOVGd5Tlh3eU1XUmlPR1kyTWpBNU1UVmpPVEZoWXpNMk5XTTJZell5TVdabVpUZzVOQS0tfGh0dHBzOi8vYXBsaWRlLmNvbS9jbGljay5waHA_a2V5PXd2aXUybTB5MGw5NmVzOWlicG4xJnRhZz1vb2R...
  • https://aplide.com/click.php?key=wviu2m0y0l96es9ibpn1&tag=oodPNXHNRNHNNTHPNK7bc7qKrJ567nV1Uz0S0Uulc6qaZ1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0zlKUpSlKUpSlKUp1VPHFmvGs00t1HE1G0ut1NudO.u8...
  • https://aplide.com/nlp/index.php?q=5b0ce9a29f0147427061&url_bnm_redirect=https://v3m.gtarcade.com/
93 B
233 B
Document
General
Full URL
https://aplide.com/nlp/index.php?q=5b0ce9a29f0147427061&url_bnm_redirect=https://v3m.gtarcade.com/
Requested by
Host: s.optnx.com
URL: https://s.optnx.com/cimp.php?data=TVRZek1qY3lOVGd5Tlh3eU1XUmlPR1kyTWpBNU1UVmpPVEZoWXpNMk5XTTJZell5TVdabVpUZzVOQS0tfGh0dHBzOi8vYXBsaWRlLmNvbS9jbGljay5waHA_a2V5PXd2aXUybTB5MGw5NmVzOWlicG4xJnRhZz1vb2RQTlhITlJOSE5OVEhQTks3YmM3cUtySjU2N25WMVV6MFMwVXVsYzZxYVoxVTdwM1V5dWxkSzZWMU5WZHpwN3BhcUtKWFQzVDFWVVVPbGRLNmQwN3BYU3VtZEs2VjB6bEtVcFNsS1VwU2xLVXAxVlBIRm12R3MwMHQxSEUxRzB1dDFOdWRPLnU4MXRXOURySzU1YXJuTDNMLkZIZTVZOC5YT2RLNlYwcnJxSFN1bGRLNlYwcmcud0EtLSZjb3N0PTAuMDAwNjg3NDE2JnNvdXJjZT15ZXNtb3ZpZXMuYWcmc2l0ZWlkPTgxNTY1NSZ6b25laWQ9MzU3MjI2OSZjYXRpZD01MTEmY291bnRyeT1ERVV8aHR0cHN8MjE2LjEzMS4xMTQuMjEwfERFVXw1Mnx5ZXNtb3ZpZXMuYWd8MzAyNzg2fDQzMDY3NXw4MTU2NTV8MzU3MjI2OXw1MTF8NDY2MTI5Mnw2NTQyMzAzNHw0MHwyfDB8MHw0NTY5fDc2MjA1OXw2OC43NDE2fDc1fFVTRHxVU0R8MXwxfDIyfHwxfERFVXx8MTAyfDR8MXx8eHh4eHh4eHh4eHh4eHh4eHw1NGZmN2NmYzExMDkzZjEzZDBjOTQ4YTRlY2UxODVlM3wwfDJ8eWVzbW92aWVzLmFnfDB8MHwwfDAuMjJ8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDI5MDUzMzB8LTF8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MnwwfDB8OTN8MHwwfDF8MHxPS3xkN2ZmMGNiMjBhMTA4M2U4NDgzMTU2YjZkNGM1YjUyZg--
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
144.76.223.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.10.223.76.144.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
aad37ee241b8488147281efcce7fa47640dae4926b51189017761b67dbabcb86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
aplide.com
:scheme
https
:path
/nlp/index.php?q=5b0ce9a29f0147427061&url_bnm_redirect=https://v3m.gtarcade.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://s.optnx.com/
accept-encoding
gzip, deflate, br
cookie
uclick=ikm7xrxi; uclickhash=ikm7xrxi-ikm7xrxi-dvbl-pmy9-oja3-sy37-syx9-d0b001
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.optnx.com/cimp.php?data=TVRZek1qY3lOVGd5Tlh3eU1XUmlPR1kyTWpBNU1UVmpPVEZoWXpNMk5XTTJZell5TVdabVpUZzVOQS0tfGh0dHBzOi8vYXBsaWRlLmNvbS9jbGljay5waHA_a2V5PXd2aXUybTB5MGw5NmVzOWlicG4xJnRhZz1vb2RQTlhITlJOSE5OVEhQTks3YmM3cUtySjU2N25WMVV6MFMwVXVsYzZxYVoxVTdwM1V5dWxkSzZWMU5WZHpwN3BhcUtKWFQzVDFWVVVPbGRLNmQwN3BYU3VtZEs2VjB6bEtVcFNsS1VwU2xLVXAxVlBIRm12R3MwMHQxSEUxRzB1dDFOdWRPLnU4MXRXOURySzU1YXJuTDNMLkZIZTVZOC5YT2RLNlYwcnJxSFN1bGRLNlYwcmcud0EtLSZjb3N0PTAuMDAwNjg3NDE2JnNvdXJjZT15ZXNtb3ZpZXMuYWcmc2l0ZWlkPTgxNTY1NSZ6b25laWQ9MzU3MjI2OSZjYXRpZD01MTEmY291bnRyeT1ERVV8aHR0cHN8MjE2LjEzMS4xMTQuMjEwfERFVXw1Mnx5ZXNtb3ZpZXMuYWd8MzAyNzg2fDQzMDY3NXw4MTU2NTV8MzU3MjI2OXw1MTF8NDY2MTI5Mnw2NTQyMzAzNHw0MHwyfDB8MHw0NTY5fDc2MjA1OXw2OC43NDE2fDc1fFVTRHxVU0R8MXwxfDIyfHwxfERFVXx8MTAyfDR8MXx8eHh4eHh4eHh4eHh4eHh4eHw1NGZmN2NmYzExMDkzZjEzZDBjOTQ4YTRlY2UxODVlM3wwfDJ8eWVzbW92aWVzLmFnfDB8MHwwfDAuMjJ8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDI5MDUzMzB8LTF8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MnwwfDB8OTN8MHwwfDF8MHxPS3xkN2ZmMGNiMjBhMTA4M2U4NDgzMTU2YjZkNGM1YjUyZg--

Response headers

server
nginx/1.14.2
date
Mon, 27 Sep 2021 06:57:05 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000
content-encoding
gzip

Redirect headers

server
nginx/1.14.2
date
Mon, 27 Sep 2021 06:57:05 GMT
content-type
text/html; charset=UTF-8
location
https://aplide.com/nlp/index.php?q=5b0ce9a29f0147427061&url_bnm_redirect=https://v3m.gtarcade.com/
set-cookie
uclick=ikm7xrxi; expires=Tue, 28-Sep-2021 06:57:05 GMT; Max-Age=86400; path=/; SameSite=None; Secure; uclickhash=ikm7xrxi-ikm7xrxi-dvbl-pmy9-oja3-sy37-syx9-d0b001; expires=Tue, 28-Sep-2021 06:57:05 GMT; Max-Age=86400; path=/; SameSite=None; Secure;
strict-transport-security
max-age=31536000
Primary Request /
v3m.gtarcade.com/
35 KB
8 KB
Document
General
Full URL
https://v3m.gtarcade.com/?q=5b0ce9a29f0147427061
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.234.204 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-204.deploy.static.akamaitechnologies.com
Software
Tengine / PHP/7.0.29
Resource Hash
fec43f9078f273b3a25ec99aa620e7377cf8bdbc25e27fa01fdcec844fdb02f6

Request headers

Host
v3m.gtarcade.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://aplide.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aplide.com/

Response headers

Server
Tengine
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding Accept-Encoding
X-Powered-By
PHP/7.0.29
Access-Control-Allow-Origin
*
My-app
200 from 10.16.40.129:80
X-Server
10.16.40.129 49.51.44.33
Content-Encoding
gzip
Date
Mon, 27 Sep 2021 06:57:06 GMT
Content-Length
7339
Connection
keep-alive
t.js
v3m.gtarcade.com/public/js/
7 KB
3 KB
Script
General
Full URL
https://v3m.gtarcade.com/public/js/t.js
Requested by
Host: v3m.gtarcade.com
URL: https://v3m.gtarcade.com/?q=5b0ce9a29f0147427061
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.234.204 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-204.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
55a7c3262d8de8887f7bdb1f9c939e9ba98dc859e5a1056aacd397cdc7d23ead

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
v3m.gtarcade.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://v3m.gtarcade.com/?q=5b0ce9a29f0147427061
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://v3m.gtarcade.com/?q=5b0ce9a29f0147427061
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 06:57:06 GMT
Content-Encoding
gzip
My-app
200 from 10.16.40.128:80
Last-Modified
Mon, 22 Mar 2021 07:44:25 GMT
Server
Tengine
ETag
"60584ad9-1c30"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=7200
X-Server
10.16.40.128 49.51.44.33
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2901
Expires
Mon, 27 Sep 2021 08:57:06 GMT
main.css
flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/css/main.css
Requested by
Host: v3m.gtarcade.com
URL: https://v3m.gtarcade.com/?q=5b0ce9a29f0147427061
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.225.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-222.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a441583ac7be68ed960d2722e49af6d7091b17a0eb2dd3720312ce9254e44679
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v3m.gtarcade.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Encoding
gzip
My-app
from
Last-Modified
Mon, 19 Nov 2018 02:45:08 GMT
Server
nginx
ETag
"5bf223b4-2129"
Vary
Accept-Encoding
Content-Type
text/css
X-Server
49.51.44.70
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2019
Date
Mon, 27 Sep 2021 06:57:06 GMT
logo.png
flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/images/
40 KB
41 KB
Image
General
Full URL
https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/images/logo.png
Requested by
Host: v3m.gtarcade.com
URL: https://v3m.gtarcade.com/?q=5b0ce9a29f0147427061
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.225.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-222.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
df4616fba085c2953d01bfffebe134c4cf51f2ceb13975d13a776062154f31e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v3m.gtarcade.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains;
My-app
from
Last-Modified
Mon, 19 Nov 2018 02:45:08 GMT
Server
nginx
ETag
"5bf223b4-a1f9"
Content-Type
image/png
X-Server
49.51.44.40
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41465
Date
Mon, 27 Sep 2021 06:57:06 GMT
tips1.png
flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/images/
1 KB
2 KB
Image
General
Full URL
https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/images/tips1.png
Requested by
Host: v3m.gtarcade.com
URL: https://v3m.gtarcade.com/?q=5b0ce9a29f0147427061
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.225.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-222.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
074e6f45a61c9d8b5a817c39f8092381b077782dbce81d4a229d5a80b23a5472
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v3m.gtarcade.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains;
My-app
from
Last-Modified
Mon, 19 Nov 2018 02:45:08 GMT
Server
nginx
ETag
"5bf223b4-504"
Content-Type
image/png
X-Server
49.51.44.40
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1284
Date
Mon, 27 Sep 2021 06:57:06 GMT
jquery-1.7.min.js
v3m.gtarcade.com/public/js/
92 KB
33 KB
Script
General
Full URL
https://v3m.gtarcade.com/public/js/jquery-1.7.min.js
Requested by
Host: v3m.gtarcade.com
URL: https://v3m.gtarcade.com/?q=5b0ce9a29f0147427061
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.234.204 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-204.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
v3m.gtarcade.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://v3m.gtarcade.com/?q=5b0ce9a29f0147427061
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://v3m.gtarcade.com/?q=5b0ce9a29f0147427061
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 06:57:06 GMT
Content-Encoding
gzip
My-app
200 from 10.16.40.128:80
Last-Modified
Mon, 22 Mar 2021 07:44:25 GMT
Server
Tengine
ETag
"60584ad9-16f44"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=7200
X-Server
10.16.40.128 49.51.44.30
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33321
Expires
Mon, 27 Sep 2021 08:57:06 GMT
jquery.cookie.js
v3m.gtarcade.com/public/js/
3 KB
2 KB
Script
General
Full URL
https://v3m.gtarcade.com/public/js/jquery.cookie.js
Requested by
Host: v3m.gtarcade.com
URL: https://v3m.gtarcade.com/?q=5b0ce9a29f0147427061
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.234.204 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-204.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
v3m.gtarcade.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://v3m.gtarcade.com/?q=5b0ce9a29f0147427061
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://v3m.gtarcade.com/?q=5b0ce9a29f0147427061
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 06:57:06 GMT
Content-Encoding
gzip
My-app
200 from 10.16.40.129:80
Last-Modified
Mon, 22 Mar 2021 07:44:25 GMT
Server
Tengine
ETag
"60584ad9-c31"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=7200
X-Server
10.16.40.129 49.51.44.32
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1365
Expires
Mon, 27 Sep 2021 08:57:06 GMT
yz.min.js
apipool.gtarcade.com/sdk/
20 KB
7 KB
Script
General
Full URL
https://apipool.gtarcade.com/sdk/yz.min.js?v=2021827
Requested by
Host: v3m.gtarcade.com
URL: https://v3m.gtarcade.com/?q=5b0ce9a29f0147427061
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.234.204 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-204.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
960fab80edee03e8ec8f4f37bcdda5a3deec022d0c5b9284e316d276e3f8ff3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v3m.gtarcade.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 06:57:06 GMT
Content-Encoding
gzip
My-app
200 from 10.16.33.43:80
Last-Modified
Thu, 09 Apr 2020 04:00:44 GMT
Server
Tengine
ETag
"5e8e9dec-514d"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=7200
X-Server
10.16.33.43, 49.51.44.31
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6887
Expires
Mon, 27 Sep 2021 08:57:06 GMT
upload_event
apipool.gtarcade.com/v1/
1 B
405 B
XHR
General
Full URL
https://apipool.gtarcade.com/v1/upload_event?&data=%7B%22key%22%3A%20%22279d34fa1dfd71aa%22%2C%22source%22%3A%20%22vda%22%2C%22did%22%3A%20%2217c260afcf1233-0ea275ad431f0c-a7d193d-1d4c00-17c260afcf2ad1%22%2C%22ts%22%3A%20%221632725826%22%2C%22platformId%22%3A%203%2C%22gameId%22%3A%20312%2C%22data%22%3A%20%5B%0A%20%20%20%20%7B%22et%22%3A%20%22cus%22%2C%22eid%22%3A%20%22click%22%2C%22ad%22%3A%20%7B%22business_id%22%3A%202535%2C%22supplier_id%22%3A%201932%2C%22resource_id%22%3A%201391%2C%22campaign_id%22%3A%2010584%2C%22spread_platform_id%22%3A%2099%2C%22ads_id%22%3A%20515855%2C%22materiel_id%22%3A%20%222760%22%2C%22timezone_id%22%3A%202%2C%22language_id%22%3A%201%2C%22server_id%22%3A%20%221448311358%22%7D%2C%22ip%22%3A%20%22216.131.114.210%22%2C%22device%22%3A%20%7B%22os%22%3A%20%22Windows%22%2C%22br%22%3A%20%22Chrome%22%2C%22rs%22%3A%20%221600*1200%22%2C%22referrer%22%3A%20%22https%3A%2F%2Faplide.com%2F%22%2C%22referrer_domain%22%3A%20%22aplide.com%22%2C%22uuid%22%3A%20%2217c260afcf1233-0ea275ad431f0c-a7d193d-1d4c00-17c260afcf2ad1%22%7D%2C%22pr%22%3A%20%7B%7D%2C%22ts%22%3A%20%221632725826%22%7D%0A%5D%7D&_=1632725826808
Requested by
Host: apipool.gtarcade.com
URL: https://apipool.gtarcade.com/sdk/yz.min.js?v=2021827
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.234.204 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-204.deploy.static.akamaitechnologies.com
Software
Tengine / PHP/7.0.29
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v3m.gtarcade.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 06:57:06 GMT
My-app
200 from 10.16.48.212:80
Server
Tengine
X-Powered-By
PHP/7.0.29
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://v3m.gtarcade.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Server
10.16.48.212, 49.51.44.33
Content-Length
1
dragon.jpg
flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/images/
300 KB
301 KB
Image
General
Full URL
https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/images/dragon.jpg
Requested by
Host: flash.gtarcade.net
URL: https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.225.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-222.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
230bef09f844db46e1479453d6c46375115dcc58913d1111adf999f073a5bab4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains;
My-app
from
Last-Modified
Mon, 19 Nov 2018 02:45:08 GMT
Server
nginx
ETag
"5bf223b4-4b0fc"
Content-Type
image/jpeg
X-Server
49.51.44.41
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
307452
Date
Mon, 27 Sep 2021 06:57:06 GMT
ferry.png
flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/images/
119 KB
119 KB
Image
General
Full URL
https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/images/ferry.png
Requested by
Host: flash.gtarcade.net
URL: https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.225.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-222.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
15908237844e85b8cf60d44a648c2012a5718d30b8186bc1a2f18be8010ecb82
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains;
My-app
from
Last-Modified
Mon, 19 Nov 2018 02:45:08 GMT
Server
nginx
ETag
"5bf223b4-1dc78"
Content-Type
image/png
X-Server
49.51.44.41
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
121976
Date
Mon, 27 Sep 2021 06:57:06 GMT
ferry2.png
flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/images/
119 KB
119 KB
Image
General
Full URL
https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/images/ferry2.png
Requested by
Host: flash.gtarcade.net
URL: https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.225.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-222.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7f60ca1ebad70f596415901104b759af39dfc66292768c8483143846c9a6d6cb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains;
My-app
from
Last-Modified
Mon, 19 Nov 2018 02:45:08 GMT
Server
nginx
ETag
"5bf223b4-1dc82"
Content-Type
image/png
X-Server
49.51.44.40
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
121986
Date
Mon, 27 Sep 2021 06:57:06 GMT
tree.png
flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/images/
315 KB
315 KB
Image
General
Full URL
https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/images/tree.png
Requested by
Host: flash.gtarcade.net
URL: https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.225.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-222.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
487fd264c2c1415d37e5c0fcb268a92bf0806588ba0087d036aeca4902e4bd0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains;
My-app
from
Last-Modified
Mon, 19 Nov 2018 02:45:08 GMT
Server
nginx
ETag
"5bf223b4-4ec89"
Content-Type
image/png
X-Server
49.51.44.41
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
322697
Date
Mon, 27 Sep 2021 06:57:06 GMT
light.png
flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/images/
110 KB
110 KB
Image
General
Full URL
https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/images/light.png
Requested by
Host: flash.gtarcade.net
URL: https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.225.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-222.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5362c297323e72817b278f2265f6a36847a226ceaf9688f4760678d7a018f00b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains;
My-app
from
Last-Modified
Mon, 19 Nov 2018 02:45:08 GMT
Server
nginx
ETag
"5bf223b4-1b759"
Content-Type
image/png
X-Server
49.51.44.40
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
112473
Date
Mon, 27 Sep 2021 06:57:06 GMT
light2.png
flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/images/
110 KB
110 KB
Image
General
Full URL
https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/images/light2.png
Requested by
Host: flash.gtarcade.net
URL: https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.225.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-222.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5362c297323e72817b278f2265f6a36847a226ceaf9688f4760678d7a018f00b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains;
My-app
from
Last-Modified
Mon, 19 Nov 2018 02:45:08 GMT
Server
nginx
ETag
"5bf223b4-1b759"
Content-Type
image/png
X-Server
49.51.44.40
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
112473
Date
Mon, 27 Sep 2021 06:57:06 GMT
sprite.png
flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/images/
85 KB
85 KB
Image
General
Full URL
https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/images/sprite.png
Requested by
Host: flash.gtarcade.net
URL: https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.225.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-222.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
79d2ed37357ae82e6d214c1fa5bf7a8af5dde08d256086e300a761251d73f8bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains;
My-app
from
Last-Modified
Mon, 19 Nov 2018 02:45:08 GMT
Server
nginx
ETag
"5bf223b4-1525c"
Content-Type
image/png
X-Server
49.51.44.40
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86620
Date
Mon, 27 Sep 2021 06:57:06 GMT
playD.png
flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/images/
13 KB
14 KB
Image
General
Full URL
https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/images/playD.png
Requested by
Host: flash.gtarcade.net
URL: https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.225.222 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-222.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fb1c2e10f0bb4c1959c7cb0699f1182cddbbcfcbc2c3fd463709f39b7eb5dbee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://flash.gtarcade.net/31/static/usr/uploads/201811/20181119021108_15435/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains;
My-app
from
Last-Modified
Mon, 19 Nov 2018 02:45:08 GMT
Server
nginx
ETag
"5bf223b4-34c1"
Content-Type
image/png
X-Server
49.51.44.41
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13505
Date
Mon, 27 Sep 2021 06:57:06 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| isMobile boolean| is_mobilepay number| paygameId boolean| isComplete string| logUrl string| regUrl string| key function| loadcomplete boolean| isclick number| isMac string| downloadMac string| airMac number| system function| afterRegister function| callback function| callbackMicro function| third_login function| awtracepost function| download function| setCookie function| getCookie object| yz function| ajax function| ajaxJsonp number| hexcase string| b64pad number| chrsz function| hex_md5 function| b64_md5 function| str_md5 function| hex_hmac_md5 function| b64_hmac_md5 function| str_hmac_md5 function| md5_vm_test function| core_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| core_hmac_md5 function| safe_add function| bit_rol function| str2binl function| binl2str function| binl2hex function| binl2b64 object| data function| third_login_new string| game_serverId string| game_id function| $ function| jQuery

7 Cookies

Domain/Path Name / Value
bluntain.xyz/ Name: csu
Value: b42797df-460d-4c71-92c6-4f3c4ae88ba3
.optnx.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2261516b41b15068.639078122345468651%22%3B%7D
.optnx.com/ Name: impressions
Value: x%9C%ABV21334%B24%D253512606Q%B2%8A6%D41436272%B502%D51411%88%AD%05%00%AF%84%08%C0
.optnx.com/ Name: c-tag
Value: %7B%22tag-link%22%3A%22v3%7C%7CDEU%7C3572269%7C65423034%7C0%7C%7C511%7C52%7C2%7C40%7C0%7C0%7C0%7C4569%7C2905330%7C2925533%7C0%7C0%7C2%7C2%7C0%7C0%7C1%7C0%7C0%7C1%7C61516b41b15068.639078122345468651%7C54ff7cfc11093f13d0c948a4ece185e3%7C762059%7Cyesmovies.ag%7C1600x1200%7C%7C0%7C0%7C0%7C93%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
aplide.com/ Name: uclick
Value: ikm7xrxi
aplide.com/ Name: uclickhash
Value: ikm7xrxi-ikm7xrxi-dvbl-pmy9-oja3-sy37-syx9-d0b001
.gtarcade.com/ Name: _yz
Value: %7B%22uuid%22%3A%20%2217c260afcf1233-0ea275ad431f0c-a7d193d-1d4c00-17c260afcf2ad1%22%2C%22sid%22%3A%201632725826.803%2C%22updated%22%3A%201632725826.807%2C%22info%22%3A%201632725826805%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apipool.gtarcade.com
aplide.com
bluntain.xyz
flash.gtarcade.net
s.optnx.com
v3m.gtarcade.com
104.111.225.222
13.225.78.106
144.76.223.10
2.18.234.204
95.211.229.246
074e6f45a61c9d8b5a817c39f8092381b077782dbce81d4a229d5a80b23a5472
15908237844e85b8cf60d44a648c2012a5718d30b8186bc1a2f18be8010ecb82
230bef09f844db46e1479453d6c46375115dcc58913d1111adf999f073a5bab4
37f84bbe4c6d3dcd3bf188ca81905c0a8cc1b2732349f404a490b6df8adfc0af
487fd264c2c1415d37e5c0fcb268a92bf0806588ba0087d036aeca4902e4bd0c
5362c297323e72817b278f2265f6a36847a226ceaf9688f4760678d7a018f00b
55a7c3262d8de8887f7bdb1f9c939e9ba98dc859e5a1056aacd397cdc7d23ead
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
79d2ed37357ae82e6d214c1fa5bf7a8af5dde08d256086e300a761251d73f8bf
7f60ca1ebad70f596415901104b759af39dfc66292768c8483143846c9a6d6cb
960fab80edee03e8ec8f4f37bcdda5a3deec022d0c5b9284e316d276e3f8ff3c
a441583ac7be68ed960d2722e49af6d7091b17a0eb2dd3720312ce9254e44679
aad37ee241b8488147281efcce7fa47640dae4926b51189017761b67dbabcb86
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
df4616fba085c2953d01bfffebe134c4cf51f2ceb13975d13a776062154f31e2
fb1c2e10f0bb4c1959c7cb0699f1182cddbbcfcbc2c3fd463709f39b7eb5dbee
fec43f9078f273b3a25ec99aa620e7377cf8bdbc25e27fa01fdcec844fdb02f6
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce