tectlymealed.com/d091bbfd-5163-485c-820b-597512b5e981/2
18.197.208.17 0 B URL tectlymealed.com/d091bbfd-5163-485c-820b-597512b5e981/2
IP 18.197.208.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d091bbfd-5163-485c-820b-597512b5e981/2 HTTP/1.1
Host: tectlymealed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 09 Jun 2023 03:58:54 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://gozoboz.org/cl/3b690f95ceb2f7ed?p1=wqn1vrv269ltmbap2e3lmje6&p2=&source=27d856d5-e122-4277-a0f6-8de5e3162387&site=
pragma: no-cache
set-cookie: d091bbfd-5163-485c-820b-597512b5e981-v4=bls5OFD-aRPiinCvlwQZr-8MH7bz8-qUuV7W-raFH20; Max-Age=86400; Expires=Sat, 10-Jun-2023 03:58:54 GMT; Domain=tectlymealed.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=BK9jmSfA2hXqafIrJqjJWQmAfJu4zTjnIV89VS9iEcNIHYeb20iBxKoqN4qoPYdWlXFh5JTJqOAzfnpb9QtOjRwHMANK3ue4MNMUQER1wx%2FpaA4gOtp1KdiQsHBJH0x5f6WFEa5%2B9PEje8QXPlMx8Q%3D%3D; Max-Age=31536000; Expires=Sat, 08-Jun-2024 03:58:54 GMT; Domain=tectlymealed.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
151.101.130.133 1.4 kB URL ocsp.globalsign.com/gsrsaovsslca2018
IP 151.101.130.133:0
Hash e0f20d39d57737ee5666b5053b71d90f
275940d5e53ad3bed9672899495b55fa39194e54
7bc68e539ffeef296c189c6dab8a50aca64c87987b0353d1dda3eeb2863e1ad6
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Tue, 13 Jun 2023 01:09:47 GMT
ETag: "275940d5e53ad3bed9672899495b55fa39194e54"
Last-Modified: Fri, 09 Jun 2023 01:09:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 09 Jun 2023 03:58:55 GMT
Age: 650
X-Served-By: cache-qpg1268-QPG, cache-bma1633-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 3, 0
X-Timer: S1686283135.123404,VS0,VE393
gozoboz.org/cl/3b690f95ceb2f7ed?p1=wqn1vrv269ltmbap2e3lmje6&p2=&source=27d856d5-e122-4277-a0f6-8de5e3162387&site=
104.21.72.197 660 B URL gozoboz.org/cl/3b690f95ceb2f7ed?p1=wqn1vrv269ltmbap2e3lmje6&p2=&source=27d856d5-e122-4277-a0f6-8de5e3162387&site=
IP 104.21.72.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 6d195e61f35af2eee848dd3597c01f1e
c3b55aaedb907bf9465209a7c763270992944ed9
f07aaeefca718b6c10b9c35bee15d53c6dca710f1e013bd9634b5a8b6139ccd2
GET /cl/3b690f95ceb2f7ed?p1=wqn1vrv269ltmbap2e3lmje6&p2=&source=27d856d5-e122-4277-a0f6-8de5e3162387&site= HTTP/1.1
Host: gozoboz.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 09 Jun 2023 03:58:54 GMT
content-type: text/html; charset=UTF-8
location: https://p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4664990328
x-powered-by: PHP/8.1.19
cache-control: no-cache
x-frame-options: DENY
set-cookie: sbc3b690f95ceb2f7ed=eyJpdiI6IjRBSHVCUDJUQmdsTGNvVGZZY2sxQWc9PSIsInZhbHVlIjoiSXg5U0owaE56ZnZJUDdyU3J5MGcwdz09IiwibWFjIjoiZjNmYmI3NjdmOTZiY2U3ZDk1MDJhMGM4YWU3ODZkODlkYzlkYzM5YmRhMDU1OTBiYTZjMzllNTg1OGRmMGU2NiIsInRhZyI6IiJ9; expires=Fri, 09 Jun 2023 04:58:54 GMT; Max-Age=3600; path=/; httponly; samesite=lax
vis=eyJpdiI6IktKWTA2Ly9zMVhFR2ExSmx1Q3FhNmc9PSIsInZhbHVlIjoiQjBSeEVxaE1lZGVJOGpJV3VjdjM1dz09IiwibWFjIjoiMGMyMGFjOWRiZWU1YTBhYWM5NjVhNDRiZmJlOGZmNjkzYWI5OTE3NmUxZDY0ZGU2MTc5MDAxMTU1OTMzYTIzMCIsInRhZyI6IiJ9; expires=Thu, 07 Sep 2023 03:58:54 GMT; Max-Age=7776000; path=/; httponly; samesite=lax
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nz%2Bru%2FhqITC2C0X1sMuz2EmFXYN7ENcd0Wv3570M%2FSVc9VJMlJDJJBMR82ULIGMvM%2FA%2BAHuBqj2hU4JGpl51LRvX%2FOIqn2hYce4MdRC4OtSGeLT7eKgkLOMnTEdk8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d467576980c1c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
tectlymealed.com/
18.197.208.17 148 B IP 18.197.208.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash ae0e4972ac0d7df341f098ee2b534ebf
b76a8dd8a07d6701731ff3d315d88b961117611c
03c6c67d1a3633a16e9f5fcbe58844a61f9c44141d599fb0b48d4a10729e93bf
GET / HTTP/1.1
Host: tectlymealed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404
Server: nginx
Date: Fri, 09 Jun 2023 03:58:57 GMT
Content-Type: text/html
Content-Length: 148
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4664990328%2F
103.56.211.129 286 B URL 103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4664990328%2F
IP 103.56.211.129:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 88002476f674694897667621652cfb63
cf889207e837fa84f0fe03939fca3cd89b7802f8
b45494812082833d5d9012fae5a3e01329e49f2b0876436e6ea5de83b52a7bc9
Analyzer Verdict Alert quad9 Sinkholed
GET /he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4664990328%2F HTTP/1.1
Host: 103.56.211.129
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Fri, 09 Jun 2023 03:58:57 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 286
Connection: keep-alive
X-Powered-By: PHP/8.1.17
Location: https://p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4664990328/&mdnreturn=WDNadlpHRnRiM289
p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4664990328/&mdnreturn=WDNadlpHRnRiM289
103.56.211.129 6 B URL p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4664990328/&mdnreturn=WDNadlpHRnRiM289
IP 103.56.211.129:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with CRLF line terminators
Hash ed19ca99581136d44b35bbb2240a6bf6
d0ac1626cb4713dd5e6b3ff63d818efac90ab4b3
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0
GET /norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4664990328/&mdnreturn=WDNadlpHRnRiM289 HTTP/1.1
Host: p.hungama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1c142acf6e538f500b70b4b1914b9f1c_545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Fri, 09 Jun 2023 03:58:58 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6
Connection: keep-alive
X-Powered-By: PHP/8.1.17
Set-Cookie: PHPSESSID=1c142acf6e538f500b70b4b1914b9f1c_545; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://p.hungama.com/norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641
Access-Control-Allow-Origin: *
p.hungama.com/norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641
103.56.211.129 6 B URL p.hungama.com/norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641
IP 103.56.211.129:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with CRLF line terminators
Hash ed19ca99581136d44b35bbb2240a6bf6
d0ac1626cb4713dd5e6b3ff63d818efac90ab4b3
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0
GET /norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641 HTTP/1.1
Host: p.hungama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1c142acf6e538f500b70b4b1914b9f1c_545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Fri, 09 Jun 2023 03:59:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6
Connection: keep-alive
X-Powered-By: PHP/8.1.17
Set-Cookie: PHPSESSID=1c142acf6e538f500b70b4b1914b9f1c_545; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: http://gateway.mondiapay.com/v1/web/purchase/initiate/8d150320-e46f-408b-b8ea-55ec013ec3ea
Access-Control-Allow-Origin: *
gateway.mondiapay.com/v1/web/purchase/initiate/8d150320-e46f-408b-b8ea-55ec013ec3ea
84.17.170.222 2.3 kB URL gateway.mondiapay.com/v1/web/purchase/initiate/8d150320-e46f-408b-b8ea-55ec013ec3ea
IP 84.17.170.222:0
ASN #33873 Arvato Systems GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7c09a62ebdced24efdc07c4beff884f6
a9aee91d362fd01b0ff958f9c2b85294eff8ad3c
1b47e1ce2ec58e8510fe422cad0a59c50eaf9856ddf53ca84fe6d73b565b579d
GET /v1/web/purchase/initiate/8d150320-e46f-408b-b8ea-55ec013ec3ea HTTP/1.1
Host: gateway.mondiapay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Fri, 09 Jun 2023 03:59:02 GMT
Expires: 0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-MM-CORRELATION-ID: E38DEDFD-4DD4-36B4-8804-82D4E430EB1C, E38DEDFD-4DD4-36B4-8804-82D4E430EB1C
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Server: unknown
gateway.mondiapay.com/favicon.ico
84.17.170.222 946 B URL gateway.mondiapay.com/favicon.ico
IP 84.17.170.222:0
ASN #33873 Arvato Systems GmbH
File type MS Windows icon resource - 1 icon, 16x13, 32 bits/pixel\012- data
Hash 0488faca4c19046b94d07c3ee83cf9d6
02fb8c5e4c3d113f310651a4d021aecc68f79d54
a3fe67e3549fdbc5819762b43c7efd93b1caea734f87a33c909a4e4b2ba4e32b
GET /favicon.ico HTTP/1.1
Host: gateway.mondiapay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gateway.mondiapay.com/v1/web/purchase/initiate/8d150320-e46f-408b-b8ea-55ec013ec3ea
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
X-MM-CORRELATION-ID: 768267FF-6AFD-63E3-4562-33E58FEBB44B
Last-Modified: Thu, 13 Dec 2018 16:04:02 GMT
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 946
Date: Fri, 09 Jun 2023 03:59:03 GMT
Server: unknown
gateway.mondiapay.com/v1/web/purchase/validate/8d150320-e46f-408b-b8ea-55ec013ec3ea
84.17.170.222 19 B URL gateway.mondiapay.com/v1/web/purchase/validate/8d150320-e46f-408b-b8ea-55ec013ec3ea
IP 84.17.170.222:0
ASN #33873 Arvato Systems GmbH
File type JSON data\012- , ASCII text, with no line terminators
Hash 7371f4549137912d2f797e976caa3f7a
a6dbc3ae0138f2a5b50371323a7d8e3744f261ef
8519ccdbef3d14c543b2079d16bcc9c10e50ca44613391b0deb904a290ebe5ee
GET /v1/web/purchase/validate/8d150320-e46f-408b-b8ea-55ec013ec3ea HTTP/1.1
Host: gateway.mondiapay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://gateway.mondiapay.com/v1/web/purchase/initiate/8d150320-e46f-408b-b8ea-55ec013ec3ea
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Fri, 09 Jun 2023 03:59:05 GMT
Expires: 0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-MM-CORRELATION-ID: E60FB57C-84D5-83A0-6C30-F1E5CC803CD0, E60FB57C-84D5-83A0-6C30-F1E5CC803CD0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Content-Type: text/plain;charset=UTF-8
Transfer-Encoding: chunked
Server: unknown
ocsp2.globalsign.com/gsalphasha2g2
151.101.2.133 1.4 kB URL ocsp2.globalsign.com/gsalphasha2g2
IP 151.101.2.133:0
Hash 25ee50270e306f5d1b429c5376f79ebe
8557ce493ba5c9e3e4c3fa8b0226088a84e60ca9
1dfe89389d77d3cd439c02673b56218a54b620f79f07135a46ce24d0ec4f93ce
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Tue, 13 Jun 2023 03:59:04 GMT
ETag: "8557ce493ba5c9e3e4c3fa8b0226088a84e60ca9"
Last-Modified: Fri, 09 Jun 2023 03:59:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 09 Jun 2023 03:59:05 GMT
Age: 0
X-Served-By: cache-qpg1223-QPG, cache-bma1634-BMA
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1686283145.428773,VS0,VE440
gateway.mondiapay.com/mondiapay-strex-no-v1/web/purchase/subscription/8d150320-e46f-408b-b8ea-55ec013ec3ea
84.17.170.222302 0 B URL User Request GET HTTP/1.1 gateway.mondiapay.com/mondiapay-strex-no-v1/web/purchase/subscription/8d150320-e46f-408b-b8ea-55ec013ec3ea
IP 84.17.170.222:443
ASN #33873 Arvato Systems GmbH
Certificate IssuerGlobalSign nv-sa
Subject*.mondiapay.com
FingerprintEB:67:E7:F3:E1:19:5D:D5:07:C4:0A:C2:9F:1C:B4:41:F7:F5:86:45
ValidityMon, 07 Nov 2022 09:37:59 GMT - Sat, 09 Dec 2023 09:37:58 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mondiapay-strex-no-v1/web/purchase/subscription/8d150320-e46f-408b-b8ea-55ec013ec3ea HTTP/1.1
Host: gateway.mondiapay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gateway.mondiapay.com/v1/web/purchase/initiate/8d150320-e46f-408b-b8ea-55ec013ec3ea
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302
Date: Fri, 09 Jun 2023 03:59:06 GMT
Keep-Alive: timeout=60
X-MM-CORRELATION-ID: A05C1658-0B5A-EFE6-5B5E-D60C8EDFC8F2, A05C1658-0B5A-EFE6-5B5E-D60C8EDFC8F2
Location: https://track.greentropolo.com/g/4625709cd492e17ee2?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F8d150320-e46f-408b-b8ea-55ec013ec3ea%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=HSKd2oTSyb7LaoQxicuQ-aGlTw8_n5HA788zsnowpuY&external_id=8d150320-e46f-408b-b8ea-55ec013ec3ea&var1=7714&var2=77140001&var3=Hungama+Play+-+Weekly
Transfer-Encoding: chunked
Server: unknown
gateway.mondiapay.com/mondiapay-strex-no-v1/web/purchase/subscription/8d150320-e46f-408b-b8ea-55ec013ec3ea?clickid=track_20230609035906_dd80bba6_6405_48c4_8193_9623bb803aa1&opt=DRp6wHS%2FfaVOdeIMc1c9wduTvDJP6eswVQLR1xqUlvMpDCUQzi51JpcafT%2BXeth20JtvA8PaUuMHfHruXqJqBzmeNKrgzcvGAImiqa6Nl16VrIIGYMPiVD2HbUSIKFodfJz%2F69x95y1aH6UAt7F8jFB9wDlyPa8nyqOfxNBol2zkhAXOuRZfCC7aU7G%2FQATKgr3fA26ybvR5%2BWPro5p9WT26aRc6gK%2B35D22Q%2F%2FRMxLjWNsOlT8iz1xWmrUY9RPGzj2viU%2F7Nxn0S9eMSDqsPWnTpyX7LBNgymtQvTePbDBqSderNDEJIKzUMAWijoMzqtdT4fVvO6Du%2Bvo2y7fK1zDeQPz2hEwQQQFrVgWHufJVxWRDU4DWA%2BK5u6YTcrdzXTOC4R1%2BAMJofHjD17m37n5UtzsdwjcyJOLD1x%2F%2B7GfYNziI3Q5oY9qWO7z6VfeQoG5TD0diMk5h8uzLB7zi5Q%3D%3D&opt-hmac=XF06wbAImav8IHDCYXpg1PcdoyRBOMPd3L5b32DfBM8%3D
84.17.170.222 0 B URL User Request GET gateway.mondiapay.com/mondiapay-strex-no-v1/web/purchase/subscription/8d150320-e46f-408b-b8ea-55ec013ec3ea?clickid=track_20230609035906_dd80bba6_6405_48c4_8193_9623bb803aa1&opt=DRp6wHS%2FfaVOdeIMc1c9wduTvDJP6eswVQLR1xqUlvMpDCUQzi51JpcafT%2BXeth20JtvA8PaUuMHfHruXqJqBzmeNKrgzcvGAImiqa6Nl16VrIIGYMPiVD2HbUSIKFodfJz%2F69x95y1aH6UAt7F8jFB9wDlyPa8nyqOfxNBol2zkhAXOuRZfCC7aU7G%2FQATKgr3fA26ybvR5%2BWPro5p9WT26aRc6gK%2B35D22Q%2F%2FRMxLjWNsOlT8iz1xWmrUY9RPGzj2viU%2F7Nxn0S9eMSDqsPWnTpyX7LBNgymtQvTePbDBqSderNDEJIKzUMAWijoMzqtdT4fVvO6Du%2Bvo2y7fK1zDeQPz2hEwQQQFrVgWHufJVxWRDU4DWA%2BK5u6YTcrdzXTOC4R1%2BAMJofHjD17m37n5UtzsdwjcyJOLD1x%2F%2B7GfYNziI3Q5oY9qWO7z6VfeQoG5TD0diMk5h8uzLB7zi5Q%3D%3D&opt-hmac=XF06wbAImav8IHDCYXpg1PcdoyRBOMPd3L5b32DfBM8%3D
IP 84.17.170.222:0
ASN #33873 Arvato Systems GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mondiapay-strex-no-v1/web/purchase/subscription/8d150320-e46f-408b-b8ea-55ec013ec3ea?clickid=track_20230609035906_dd80bba6_6405_48c4_8193_9623bb803aa1&opt=DRp6wHS%2FfaVOdeIMc1c9wduTvDJP6eswVQLR1xqUlvMpDCUQzi51JpcafT%2BXeth20JtvA8PaUuMHfHruXqJqBzmeNKrgzcvGAImiqa6Nl16VrIIGYMPiVD2HbUSIKFodfJz%2F69x95y1aH6UAt7F8jFB9wDlyPa8nyqOfxNBol2zkhAXOuRZfCC7aU7G%2FQATKgr3fA26ybvR5%2BWPro5p9WT26aRc6gK%2B35D22Q%2F%2FRMxLjWNsOlT8iz1xWmrUY9RPGzj2viU%2F7Nxn0S9eMSDqsPWnTpyX7LBNgymtQvTePbDBqSderNDEJIKzUMAWijoMzqtdT4fVvO6Du%2Bvo2y7fK1zDeQPz2hEwQQQFrVgWHufJVxWRDU4DWA%2BK5u6YTcrdzXTOC4R1%2BAMJofHjD17m37n5UtzsdwjcyJOLD1x%2F%2B7GfYNziI3Q5oY9qWO7z6VfeQoG5TD0diMk5h8uzLB7zi5Q%3D%3D&opt-hmac=XF06wbAImav8IHDCYXpg1PcdoyRBOMPd3L5b32DfBM8%3D HTTP/1.1
Host: gateway.mondiapay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302
Date: Fri, 09 Jun 2023 03:59:06 GMT
Keep-Alive: timeout=60
X-MM-CORRELATION-ID: 7F1A072E-5E00-4B8B-731F-422744101633, 7F1A072E-5E00-4B8B-731F-422744101633
Location: http://35.200.222.172/v2/cgredirection/cgReturnTelenorNorwayMM.php?trans_id=20230609092900562159422047&status=403&message=PERMISSION_DENIED
Transfer-Encoding: chunked
Server: unknown
35.200.222.172/v2/cgredirection/cgReturnTelenorNorwayMM.php?trans_id=20230609092900562159422047&status=403&message=PERMISSION_DENIED
35.200.222.172 0 B URL User Request GET 35.200.222.172/v2/cgredirection/cgReturnTelenorNorwayMM.php?trans_id=20230609092900562159422047&status=403&message=PERMISSION_DENIED
IP 35.200.222.172:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /v2/cgredirection/cgReturnTelenorNorwayMM.php?trans_id=20230609092900562159422047&status=403&message=PERMISSION_DENIED HTTP/1.1
Host: 35.200.222.172
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Fri, 09 Jun 2023 03:59:09 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/8.0.9
Location: https://p.hungama.com/norway_mm_play/index.php/plan/norway_mm_play_consent_return/?&mdn=99999999999&message=&rescode=H199
track.greentropolo.com/l/4625709cd492e17ee2?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F8d150320-e46f-408b-b8ea-55ec013ec3ea%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=HSKd2oTSyb7LaoQxicuQ-aGlTw8_n5HA788zsnowpuY&external_id=8d150320-e46f-408b-b8ea-55ec013ec3ea&var1=7714&var2=77140001&var3=Hungama+Play+-+Weekly&&_tdf=174&_optBMQvn81TZUnO=cd6a819f&_m=1uc
0.0.0.0 0 B URL User Request POST track.greentropolo.com/l/4625709cd492e17ee2?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F8d150320-e46f-408b-b8ea-55ec013ec3ea%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=HSKd2oTSyb7LaoQxicuQ-aGlTw8_n5HA788zsnowpuY&external_id=8d150320-e46f-408b-b8ea-55ec013ec3ea&var1=7714&var2=77140001&var3=Hungama+Play+-+Weekly&&_tdf=174&_optBMQvn81TZUnO=cd6a819f&_m=1uc
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /l/4625709cd492e17ee2?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F8d150320-e46f-408b-b8ea-55ec013ec3ea%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=HSKd2oTSyb7LaoQxicuQ-aGlTw8_n5HA788zsnowpuY&external_id=8d150320-e46f-408b-b8ea-55ec013ec3ea&var1=7714&var2=77140001&var3=Hungama+Play+-+Weekly&&_tdf=174&_optBMQvn81TZUnO=cd6a819f&_m=1uc HTTP/1.1
Host: track.greentropolo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3668
Origin: https://track.greentropolo.com
DNT: 1
Connection: keep-alive
Referer: https://track.greentropolo.com/g/4625709cd492e17ee2?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F8d150320-e46f-408b-b8ea-55ec013ec3ea%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=HSKd2oTSyb7LaoQxicuQ-aGlTw8_n5HA788zsnowpuY&external_id=8d150320-e46f-408b-b8ea-55ec013ec3ea&var1=7714&var2=77140001&var3=Hungama+Play+-+Weekly
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 303 See Other
Connection: close
Date: Fri, 09 Jun 2023 03:59:06 GMT
Location: http://gateway.mondiapay.com/mondiapay-strex-no-v1/web/purchase/subscription/8d150320-e46f-408b-b8ea-55ec013ec3ea?clickid=track_20230609035906_dd80bba6_6405_48c4_8193_9623bb803aa1&opt=DRp6wHS%2FfaVOdeIMc1c9wduTvDJP6eswVQLR1xqUlvMpDCUQzi51JpcafT%2BXeth20JtvA8PaUuMHfHruXqJqBzmeNKrgzcvGAImiqa6Nl16VrIIGYMPiVD2HbUSIKFodfJz%2F69x95y1aH6UAt7F8jFB9wDlyPa8nyqOfxNBol2zkhAXOuRZfCC7aU7G%2FQATKgr3fA26ybvR5%2BWPro5p9WT26aRc6gK%2B35D22Q%2F%2FRMxLjWNsOlT8iz1xWmrUY9RPGzj2viU%2F7Nxn0S9eMSDqsPWnTpyX7LBNgymtQvTePbDBqSderNDEJIKzUMAWijoMzqtdT4fVvO6Du%2Bvo2y7fK1zDeQPz2hEwQQQFrVgWHufJVxWRDU4DWA%2BK5u6YTcrdzXTOC4R1%2BAMJofHjD17m37n5UtzsdwjcyJOLD1x%2F%2B7GfYNziI3Q5oY9qWO7z6VfeQoG5TD0diMk5h8uzLB7zi5Q%3D%3D&opt-hmac=XF06wbAImav8IHDCYXpg1PcdoyRBOMPd3L5b32DfBM8%3D
track.greentropolo.com/g/4625709cd492e17ee2?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F8d150320-e46f-408b-b8ea-55ec013ec3ea%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=HSKd2oTSyb7LaoQxicuQ-aGlTw8_n5HA788zsnowpuY&external_id=8d150320-e46f-408b-b8ea-55ec013ec3ea&var1=7714&var2=77140001&var3=Hungama+Play+-+Weekly
62.212.87.244200 OK 171 kB URL User Request GET HTTP/1.1 track.greentropolo.com/g/4625709cd492e17ee2?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F8d150320-e46f-408b-b8ea-55ec013ec3ea%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=HSKd2oTSyb7LaoQxicuQ-aGlTw8_n5HA788zsnowpuY&external_id=8d150320-e46f-408b-b8ea-55ec013ec3ea&var1=7714&var2=77140001&var3=Hungama+Play+-+Weekly
IP 62.212.87.244:443
ASN #60781 LeaseWeb Netherlands B.V.
Certificate IssuerLet's Encrypt
Subjectadvfilternow.com
Fingerprint00:58:47:CF:D4:D4:51:F7:30:7C:11:3F:ED:C8:3B:87:9C:4A:68:C3
ValidityTue, 11 Apr 2023 13:48:49 GMT - Mon, 10 Jul 2023 13:48:48 GMT
Size 171 kB (171326 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /g/4625709cd492e17ee2?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F8d150320-e46f-408b-b8ea-55ec013ec3ea%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=HSKd2oTSyb7LaoQxicuQ-aGlTw8_n5HA788zsnowpuY&external_id=8d150320-e46f-408b-b8ea-55ec013ec3ea&var1=7714&var2=77140001&var3=Hungama+Play+-+Weekly HTTP/1.1
Host: track.greentropolo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gateway.mondiapay.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Date: Fri, 09 Jun 2023 03:59:06 GMT
ETag: b1d087d86482a38a088d87f8c55b075c--gzip
Cache-Control: private, max-age=0, no-cache, must-revalidate
Pragma: no-cache
Accept-CH: Width, Viewport-Width, Viewport-Height, Device-Memory, Content-DPR, DPR, Save-Data, Downlink, ECT, RTT, Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
Content-Type: text/html;charset=utf-8
Vary: Accept-Encoding, User-Agent
Content-Encoding: gzip