ocsp.globalsign.com/gsrsaovsslca2018
1.4 kB URL ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 1c76f7f7b2565d03b62c374d3e3af681
263875b6b1dca9d18f70ccb54a43360f31b7bda3
337276d2111ece7c9f7d9fc5d1eef111377f100935f38c767fc453cbadbb0895
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 04:34:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 11 Jun 2023 00:54:43 GMT
ETag: "263875b6b1dca9d18f70ccb54a43360f31b7bda3"
Last-Modified: Wed, 07 Jun 2023 00:54:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 166
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d362e526967b4ed-OSL
p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4659153375
302 Found 6 B URL User Request GET HTTP/1.1 p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4659153375
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerGlobalSign nv-sa
Subject*.hungama.com
FingerprintDE:C2:A1:9B:10:8C:5D:B6:7D:2D:6C:80:01:2E:D1:37:53:A8:F0:3C
ValidityTue, 07 Feb 2023 08:08:59 GMT - Sun, 10 Mar 2024 08:08:58 GMT
File type ASCII text, with CRLF line terminators
Hash ed19ca99581136d44b35bbb2240a6bf6
d0ac1626cb4713dd5e6b3ff63d818efac90ab4b3
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0
GET /norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4659153375 HTTP/1.1
Host: p.hungama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Wed, 07 Jun 2023 04:34:08 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6
Connection: keep-alive
X-Powered-By: PHP/8.1.17
Set-Cookie: PHPSESSID=c0105d1be210f1c8ca417e3ff64c6468_545; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: http://103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4659153375%2F
Access-Control-Allow-Origin: *
103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4659153375%2F
302 Found 286 B URL User Request GET HTTP/1.1 103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4659153375%2F
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 88002476f674694897667621652cfb63
cf889207e837fa84f0fe03939fca3cd89b7802f8
b45494812082833d5d9012fae5a3e01329e49f2b0876436e6ea5de83b52a7bc9
Analyzer Verdict Alert quad9 Sinkholed
GET /he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4659153375%2F HTTP/1.1
Host: 103.56.211.129
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Wed, 07 Jun 2023 04:34:09 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 286
Connection: keep-alive
X-Powered-By: PHP/8.1.17
Location: https://p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4659153375/&mdnreturn=WDNadlpHRnRiM289
spaceflowg.com/
191 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (51572)
Size 191 kB (190729 bytes)
Hash d77d34966a4a75989fed67ad8e14be0b
a12be6787513dfc8f34807a623cf142712660786
327ee59b58a954dd048ced9c3c6e94d38b4c8ac91e53c9cef7c2fbd526d0e61c
GET / HTTP/1.1
Host: spaceflowg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 04:34:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.1.18
Cache-Control: no-cache
X-Frame-Options: DENY
Expires: Thu, 01 Jan 1970 00:00:01 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zZiGwg8bcQ1i1HNde3oZzFu2l8VwxNY2sCg0hrhB0m4BwOW2N2YORvj0sn9hHuMP%2BJU7zrhzdbPPtOG7wWzHCqW2W3Js0JudjqxJEkIIUeMBqIRxJCfL8OA3%2F9aOOwtgw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7d362e60b8df0b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4659153375/&mdnreturn=WDNadlpHRnRiM289
0 B URL User Request GET p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4659153375/&mdnreturn=WDNadlpHRnRiM289
IP
Certificate IssuerGlobalSign nv-sa
Subject*.hungama.com
FingerprintDE:C2:A1:9B:10:8C:5D:B6:7D:2D:6C:80:01:2E:D1:37:53:A8:F0:3C
ValidityTue, 07 Feb 2023 08:08:59 GMT - Sun, 10 Mar 2024 08:08:58 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4659153375/&mdnreturn=WDNadlpHRnRiM289 HTTP/1.1
Host: p.hungama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=c0105d1be210f1c8ca417e3ff64c6468_545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4659153375/&mdnreturn=WDNadlpHRnRiM289
0 B URL User Request GET p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4659153375/&mdnreturn=WDNadlpHRnRiM289
IP
Certificate IssuerGlobalSign nv-sa
Subject*.hungama.com
FingerprintDE:C2:A1:9B:10:8C:5D:B6:7D:2D:6C:80:01:2E:D1:37:53:A8:F0:3C
ValidityTue, 07 Feb 2023 08:08:59 GMT - Sun, 10 Mar 2024 08:08:58 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4659153375/&mdnreturn=WDNadlpHRnRiM289 HTTP/1.1
Host: p.hungama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=c0105d1be210f1c8ca417e3ff64c6468_545
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
spaceflowg.com/cl/1f2a277d127a93e3
302 Found 0 B URL User Request GET HTTP/2 spaceflowg.com/cl/1f2a277d127a93e3
IP
Certificate IssuerGoogle Trust Services LLC
Subjectspaceflowg.com
Fingerprint1D:C2:2C:1B:1A:57:50:B7:B6:57:45:80:93:20:B5:0F:82:4E:E1:08
ValiditySat, 20 May 2023 08:33:08 GMT - Fri, 18 Aug 2023 08:33:07 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cl/1f2a277d127a93e3 HTTP/1.1
Host: spaceflowg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 07 Jun 2023 04:34:07 GMT
content-type: text/html; charset=UTF-8
location: https://p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4659153375
x-powered-by: PHP/8.1.18
cache-control: no-cache
x-frame-options: DENY
set-cookie: sbc1f2a277d127a93e3=eyJpdiI6InNwNVFNcEI5V3QxeDJvbW8yWmNUWEE9PSIsInZhbHVlIjoiK2tPOVM3cjdLTHlZUEZCZ3RoK21oUT09IiwibWFjIjoiYTUzOGFlMzQxMWVlMzRkNzhlYjcwYTVhNWMzZjMwNDVhNjQ2N2MxMWI1ZDI0NjdjMGM0YWYwNTllMzgzMWZiZCIsInRhZyI6IiJ9; expires=Wed, 07 Jun 2023 05:34:07 GMT; Max-Age=3600; path=/; httponly; samesite=lax
vis=eyJpdiI6InRjWjRSRFFvNWJ2UUxHelBFb1BqWHc9PSIsInZhbHVlIjoiYk5uN2o4VGQ1MFhvZndueHg3MmJwdz09IiwibWFjIjoiZjcwMGQ0OTQ4YWExNWVlNTJkZTc4ZGQxOWVlMDQ4MmQ4YWQ1ODgzZjQyMGUxNDRjNzg2MGQwODEwNjVlZDQ0YiIsInRhZyI6IiJ9; expires=Tue, 05 Sep 2023 04:34:07 GMT; Max-Age=7776000; path=/; httponly; samesite=lax
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXJgVPOZ1%2B4OHuyidJOdHs%2Bna%2F9CtxeoU65KelPTSdtYEdKKhFi%2BNf63zLrQbHJkRXU4Ug%2FWv2%2Fk6VtRb6gSL5fkar20zv%2FvYpVybqb7P4yw4nSdb4K63WkKapO051SbMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d362e4e5c80b527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
104.21.70.119
103.56.211.129
172.67.223.99