Report - goatraffik.com/tracking.php

Report Overview

Submitted URL
goatraffik.com/tracking.php
IP
185.32.28.169
ASN
#15699 OGIC Informatica S.L.
Submitted
2023-06-01 11:04:01
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.globalsign.com	2075	1999-04-19	2012-07-20	2023-05-31	698 B	3.8 kB	104.18.21.226
romele.ru	683016	2020-07-24	2020-07-24	2023-05-31	578 B	2.0 kB	104.21.69.131
1d6ceb551fc.terrifictc.net	unknown	2021-11-29	2022-10-27	2023-05-31	554 B	1.6 kB	94.237.99.118
p.hungama.com	unknown	1999-01-29	2022-06-02	2023-05-30	1.8 kB	1.1 kB	103.56.211.129
103.56.211.129	unknown	unknown	2022-02-09	2023-05-30	1.2 kB	331 B	0.0.0.0
goatraffik.com	unknown	2022-04-05	2022-04-06	2023-05-31	483 B	357 B	185.32.28.169

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-06-01	medium	103.56.211.129
2023-06-01	medium	103.56.211.129

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	1d6ceb551fc.terrifictc.net/?p=12663&media_type=mainstream&click_id=1685617423goa64787b0f85beb&pi=0	174 B	2023-06-01	2023-06-01
Pretty URL 1d6ceb551fc.terrifictc.net/?p=12663&media_type=mainstream&click_id=1685617423goa64787b0f85beb&pi=0 IP 94.237.99.118 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 13:04:01 Last Seen2023-06-01 13:04:01 Times Seen1 Hash 303f89b263b8cc6d7844ddb79a87d815 f0e7474dccdfa02de4cd4d944efead729bbda0d4 42740ea7276156b607a86e939a0b7714f31ad99071e2a480f56e1728f8d1ac81 Loading...

	1d6ceb551fc.terrifictc.net/?p=12663&media_type=mainstream&click_id=1685617423goa64787b0f85beb&pi=0	246 B	2023-06-01	2023-06-01
Pretty URL 1d6ceb551fc.terrifictc.net/?p=12663&media_type=mainstream&click_id=1685617423goa64787b0f85beb&pi=0 IP 94.237.99.118 ASN #202053 UpCloud Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 13:04:01 Last Seen2023-06-01 13:04:01 Times Seen1 Hash 87c3d19b09de38d91984c521141b0111 32de35ad54a8d71d6c5e59e9afb509e8d9fd52ab 40e2bfb83e73098fa999b4f6f831af8a918875a450cac557d4c84a197fb691e8 Loading...

HTTP Transactions (10)

URL IP Response Size

goatraffik.com/tracking.php

185.32.28.169

25 B

URL
goatraffik.com/tracking.php
IP
185.32.28.169:0
ASN
#15699 OGIC Informatica S.L.

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
bb1ca97ec761fc37101737ba0aa2e7c5
0b99cebe565822c64ac5d84aecb00fe40e59cbd3
d98ee0e5f9399db9381014c9f890f896d3fcb272c2a7a521d0a13aa23085a284

HTTP Headers

GET /tracking.php HTTP/1.1
Host: goatraffik.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 11:03:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Refresh: 0; url=https://1d6ceb551fc.terrifictc.net/?p=12663&media_type=mainstream&click_id=1685617423goa64787b0f85beb&pi=0
Content-Encoding: gzip

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

1.4 kB

URL
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
70ffd5de338af34e36b45a6982e24233
290ccb6498e132add1a6fde8ac9a19c85b186a0e
66efe637f64a4a91901acdf83dbace7827fada10a60b7d0752b121935b46ef0c

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 11:03:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 05 Jun 2023 08:00:49 GMT
ETag: "290ccb6498e132add1a6fde8ac9a19c85b186a0e"
Last-Modified: Thu, 01 Jun 2023 08:00:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d06f8ce184a0b55-OSL

romele.ru/cl/887d9c4bddf3b660?p1=lid13czpccak9w616sgkgscws,16947923,5,12663&p2=12663&source=mysite&site=trafficcompany.com

104.21.69.131

302 Found

660 B

URL User Request GET HTTP/2
romele.ru/cl/887d9c4bddf3b660?p1=lid13czpccak9w616sgkgscws,16947923,5,12663&p2=12663&source=mysite&site=trafficcompany.com
IP
104.21.69.131:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectromele.ru
FingerprintA0:E3:DF:56:00:07:0C:06:BB:B1:42:75:94:EB:E2:8C:E6:5A:84:86
ValidityMon, 24 Apr 2023 01:02:39 GMT - Sun, 23 Jul 2023 01:02:38 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
660 B (660 bytes)
Hash
5cb8c6347a08a1a0ebf9775a6670bf5b
ba976033de256c57700552c957a9fd01bb0c6f76
d29bb24026f7dcc916522d2351a9421970d00394297e227a4a95c5ee64344fa8

HTTP Headers

GET /cl/887d9c4bddf3b660?p1=lid13czpccak9w616sgkgscws,16947923,5,12663&p2=12663&source=mysite&site=trafficcompany.com HTTP/1.1
Host: romele.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 01 Jun 2023 11:03:45 GMT
content-type: text/html; charset=UTF-8
location: https://p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4642842392
x-powered-by: PHP/8.1.18
cache-control: no-cache
x-frame-options: DENY
set-cookie: sbc887d9c4bddf3b660=eyJpdiI6IllNYjFlTXk5SU1yUHZQcm1UeWpoTWc9PSIsInZhbHVlIjoiaGFFYlZKL2FwM0RoOWRlaGQ1SXA4dz09IiwibWFjIjoiOTczZmI4ZDUwZGFkZTQyOWI0ZGViYWNkYzgxOThjMDZjMjQ3ZGM0ZDBmMDc4YTYxNDNjMzQ4NzA3NzU3OTI4NSIsInRhZyI6IiJ9; expires=Thu, 01 Jun 2023 12:03:45 GMT; Max-Age=3600; path=/; httponly; samesite=lax
vis=eyJpdiI6IjRMOXI2clVVN3lMUUtobmpCbjRvYlE9PSIsInZhbHVlIjoiRjFTMGZMTUxnZ1ZNNHJ4MXZpMEM2Zz09IiwibWFjIjoiOTBjNzViNjQ3MzQyZjEwOTgyMzUzZjc0MWZjYTMzMjJlYzczYmYzYjJmOWZkNWE2ZDFhMmZjODlmYjU1MzU5YiIsInRhZyI6IiJ9; expires=Wed, 30 Aug 2023 11:03:45 GMT; Max-Age=7776000; path=/; httponly; samesite=lax
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cl3q5I5xPJHb8a3Jk8%2Bq4BFyni1u0GzBzQLxwQDhoqUd5Sxh4vAzKOJge99s9ZQdhGZstCfqiZJjawfYa6gp4y8lN9Pc4qRqQXd2aglVUwf1JOZoHM4fymeJY8I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d06f8ca1f0d0afe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

1.4 kB

URL
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
70ffd5de338af34e36b45a6982e24233
290ccb6498e132add1a6fde8ac9a19c85b186a0e
66efe637f64a4a91901acdf83dbace7827fada10a60b7d0752b121935b46ef0c

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 11:03:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 05 Jun 2023 08:00:49 GMT
ETag: "290ccb6498e132add1a6fde8ac9a19c85b186a0e"
Last-Modified: Thu, 01 Jun 2023 08:00:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d06f8d30df00b55-OSL

1d6ceb551fc.terrifictc.net/?p=12663&media_type=mainstream&click_id=1685617423goa64787b0f85beb&pi=0

94.237.99.118

200 OK

754 B

URL User Request GET HTTP/2
1d6ceb551fc.terrifictc.net/?p=12663&media_type=mainstream&click_id=1685617423goa64787b0f85beb&pi=0
IP
94.237.99.118:443
ASN
#202053 UpCloud Ltd

Certificate
IssuerLet's Encrypt
Subject*.terrifictc.net
FingerprintE9:8D:07:AC:D1:68:9E:F0:1E:99:28:4E:12:0A:DE:64:2D:BD:77:1C
ValidityFri, 28 Apr 2023 13:54:57 GMT - Thu, 27 Jul 2023 13:54:56 GMT

File type
gzip compressed data, from Unix\012- data
Size
754 B (754 bytes)
Hash
8d9abdccf8c4739d01ac1afcd9c12141
d904fc758f96816c624a719c2c7f5c804bda92e6
a5fe1d96dec455aaa5c92e6d0476fc894d5b22da18992359480e96b661d12708

HTTP Headers

GET /?p=12663&media_type=mainstream&click_id=1685617423goa64787b0f85beb&pi=0 HTTP/1.1
Host: 1d6ceb551fc.terrifictc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 11:03:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: rts-trck=1; expires=Thu, 01 Jun 2023 11:13:44 GMT; Max-Age=600; path=/; domain=1d6ceb551fc.terrifictc.net
t-uuid=5z3maxlx1650ys1pr2scggw80; expires=Wed, 01 Jun 2033 11:03:44 GMT; Max-Age=315619200; path=/; domain=.terrifictc.net
rts-trck=1; expires=Thu, 01 Jun 2023 11:13:44 GMT; Max-Age=600; path=/; domain=1d6ceb551fc.terrifictc.net
traffic-back=ok; expires=Thu, 01 Jun 2023 11:04:14 GMT; Max-Age=30; path=/; domain=.terrifictc.net
last-modified: Thu, 1 Jun 2023 11:03:44 GMT
expires: Thu, 1 Jun 2023 11:03:44 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow
content-encoding: gzip
X-Firefox-Spdy: h2

p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4642842392/&mdnreturn=WDNadlpHRnRiM289

103.56.211.129

6 B

URL User Request GET
p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4642842392/&mdnreturn=WDNadlpHRnRiM289
IP
103.56.211.129:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with CRLF line terminators
Size
6 B (6 bytes)
Hash
ed19ca99581136d44b35bbb2240a6bf6
d0ac1626cb4713dd5e6b3ff63d818efac90ab4b3
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0

HTTP Headers

GET /norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4642842392/&mdnreturn=WDNadlpHRnRiM289 HTTP/1.1
Host: p.hungama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=57473eda2bf69dbef537a2d0dd861541_545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Thu, 01 Jun 2023 11:03:47 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6
Connection: keep-alive
X-Powered-By: PHP/8.1.17
Set-Cookie: PHPSESSID=57473eda2bf69dbef537a2d0dd861541_545; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://p.hungama.com/norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641
Access-Control-Allow-Origin: *

103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4642842392%2F

0.0.0.0

0 B

URL User Request GET
103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4642842392%2F
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4642842392%2F HTTP/1.1
Host: 103.56.211.129
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Thu, 01 Jun 2023 11:03:47 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 286
Connection: keep-alive
X-Powered-By: PHP/8.1.17
Location: https://p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4642842392/&mdnreturn=WDNadlpHRnRiM289

p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4642842392

103.56.211.129

302 Found

0 B

URL User Request GET HTTP/1.1
p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4642842392
IP
103.56.211.129:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerGlobalSign nv-sa
Subject*.hungama.com
FingerprintDE:C2:A1:9B:10:8C:5D:B6:7D:2D:6C:80:01:2E:D1:37:53:A8:F0:3C
ValidityTue, 07 Feb 2023 08:08:59 GMT - Sun, 10 Mar 2024 08:08:58 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4642842392 HTTP/1.1
Host: p.hungama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Thu, 01 Jun 2023 11:03:45 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6
Connection: keep-alive
X-Powered-By: PHP/8.1.17
Set-Cookie: PHPSESSID=57473eda2bf69dbef537a2d0dd861541_545; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: http://103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4642842392%2F
Access-Control-Allow-Origin: *

103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4642842392%2F

0.0.0.0

0 B

URL User Request GET
103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4642842392%2F
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4642842392%2F HTTP/1.1
Host: 103.56.211.129
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

p.hungama.com/norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641

0.0.0.0

0 B

URL User Request GET
p.hungama.com/norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641 HTTP/1.1
Host: p.hungama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=57473eda2bf69dbef537a2d0dd861541_545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (10)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP