trk.vmtrckhost.com/79e7c64f-587e-459a-b3da-6b2f3f0cd59b
200 544 B URL HTTP/1.1 trk.vmtrckhost.com/79e7c64f-587e-459a-b3da-6b2f3f0cd59b
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (544), with no line terminators
Hash 7d998fe98f98fd636cf707a279a7db67
e1950c8cb6ff98a063bb9bc2b8686314a63c9b34
5e1c78afc8aaa911b4ee67743ec6f5d94f4abc41f1d9264a63b14b4b1ac8d3cd
Analyzer Verdict Alert fortinet Phishing
GET /79e7c64f-587e-459a-b3da-6b2f3f0cd59b HTTP/1.1
Host: trk.vmtrckhost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Server: nginx
Date: Thu, 15 Dec 2022 03:58:23 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Set-Cookie: 79e7c64f-587e-459a-b3da-6b2f3f0cd59b-v4=bmHvp-F2_feHgYkItr7mCGmRzzVmojalY4-VHmRV-dw; Max-Age=86400; Expires=Fri, 16-Dec-2022 03:58:23 GMT; Domain=trk.vmtrckhost.com; Path=/; HttpOnly
cc-v4=PV1y905tapXYOSrcTsDwvX8XicQrwPs5LqxLt%2BWMrZ8ehbHEWTelE5U6BIwjmi%2FklcDC%2BfeTN57SMVdots1AYdSwytBZ4Xej2Hl2CxN1eJY4ZHwvPt%2BjJK4c4BsCQJFjJAEmUgt1b9b4lymlkP8r8Q%3D%3D; Max-Age=31536000; Expires=Fri, 15-Dec-2023 03:58:23 GMT; Domain=trk.vmtrckhost.com; Path=/; HttpOnly
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 358212db02ecc7c1fa088906bd2dba14
091a0688da9de609d97349215ba9e452dfc346a4
7486e512e4de8172ac07f07f47da3a96dd3ac7cb054b335f3e4929261440e672
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7486E512E4DE8172AC07F07F47DA3A96DD3AC7CB054B335F3E4929261440E672"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15344
Expires: Thu, 15 Dec 2022 08:14:07 GMT
Date: Thu, 15 Dec 2022 03:58:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 555d8608594803d49eeb9581c6b70702
d01e0201e0ba0cf751ef97226620338a853bc635
2885cdac311a30161a8ac9ef8e54c788afafd4f86ed197a651fc6d8bda077908
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2885CDAC311A30161A8AC9EF8E54C788AFAFD4F86ED197A651FC6D8BDA077908"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2440
Expires: Thu, 15 Dec 2022 04:39:03 GMT
Date: Thu, 15 Dec 2022 03:58:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 15 Dec 2022 03:08:56 GMT
content-type: application/json
age: 2967
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 51bd0cc75ed746fd33c950eb12936b7e
4a1007ea6c6e4f5e8b4a7d1f85f7a3e329dc8f50
188d4a0d544f40048dc7476cb4f5e478f1eb49a8ef1d51699fb155d2ae258655
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "188D4A0D544F40048DC7476CB4F5E478F1EB49A8EF1D51699FB155D2AE258655"
Last-Modified: Tue, 13 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3992
Expires: Thu, 15 Dec 2022 05:04:55 GMT
Date: Thu, 15 Dec 2022 03:58:23 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mLEmn6e8KDxLY9pSTaxj/1+K1y1aVQiLlgF300kJYZSjt9Rl+/ZcsPbiPJLpsmqSuCj03MI8/CY=
x-amz-request-id: WR3S1PW690C8GB5N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 15 Dec 2022 03:50:46 GMT
age: 457
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Dec 2022 03:58:23 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 11bbbc143f9df4c36051256332a35e8d
433e0ea91b29aa7a60d889fd29f4e7f6d833f3ba
fa5269ff932604d18d4782234216bdf3c813de8e27b56c95f120d1bd42b5eaf9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FA5269FF932604D18D4782234216BDF3C813DE8E27B56C95F120D1BD42B5EAF9"
Last-Modified: Tue, 13 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21591
Expires: Thu, 15 Dec 2022 09:58:15 GMT
Date: Thu, 15 Dec 2022 03:58:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 15 Dec 2022 03:33:21 GMT
age: 1503
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 11bbbc143f9df4c36051256332a35e8d
433e0ea91b29aa7a60d889fd29f4e7f6d833f3ba
fa5269ff932604d18d4782234216bdf3c813de8e27b56c95f120d1bd42b5eaf9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FA5269FF932604D18D4782234216BDF3C813DE8E27B56C95F120D1BD42B5EAF9"
Last-Modified: Tue, 13 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21591
Expires: Thu, 15 Dec 2022 09:58:15 GMT
Date: Thu, 15 Dec 2022 03:58:24 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 210b7a2584ae55362c4b582e325f37f7
5f1982f961f1c5db96bbb66af075bab3cb535963
cb3767debad90cb8a34ce287de194cdb2a4f7146e7b51560fd2e0eb11fbfbc2f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 945
Cache-Control: max-age=105857
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 03:58:24 GMT
Etag: "63999230-1d7"
Expires: Fri, 16 Dec 2022 09:22:41 GMT
Last-Modified: Wed, 14 Dec 2022 09:06:56 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash cfedb90533ae346da93845e774254bd5
32062112658283b00893014230b3774a3e661193
495c5789cd6ac65361c857cc4efb82d16185d4ca6aaa3a206ebe644d474f4e88
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 03:58:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 19 Dec 2022 01:02:41 GMT
ETag: "32062112658283b00893014230b3774a3e661193"
Last-Modified: Thu, 15 Dec 2022 01:02:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779c42bbdb8bb51e-OSL
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UExHnXpvLAxcpfm2GVcO+w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8qLwcwXwKCO7CBxb63pufiyZS0w=
deciner.com/cl/476fc238ccbf345b?p1=wgfd3ug9ilaiob6l2p0m9ub2&source=propellerads&site=c6ee1892a1
302 Found 660 B URL HTTP/2 deciner.com/cl/476fc238ccbf345b?p1=wgfd3ug9ilaiob6l2p0m9ub2&source=propellerads&site=c6ee1892a1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 3c2c9eafc8e64589d037ce587d4bd3a5
cad6e4b03c6e560eb176eecbdfe205e45d633683
7a1f683507f7376c999e1987ccc9da6b24d737e1474f7878f9b3886a8ba881cf
GET /cl/476fc238ccbf345b?p1=wgfd3ug9ilaiob6l2p0m9ub2&source=propellerads&site=c6ee1892a1 HTTP/1.1
Host: deciner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 15 Dec 2022 03:58:24 GMT
content-type: text/html; charset=UTF-8
location: https://p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4181156885
x-powered-by: PHP/8.1.13
cache-control: no-cache
x-frame-options: DENY
set-cookie: sbc476fc238ccbf345b=eyJpdiI6Ijd3Sm5kVFJuWFRNL1M4VURZSG9namc9PSIsInZhbHVlIjoiT2xkVnNrTjhMVE55UE9GdHpzNE5IZz09IiwibWFjIjoiYTllM2U4MzFiMjU4NDA1YjA3OWNhMjM5MGJkNTI3MzQ1MmM1OGZiNTgzMTZjYWMxYjJkZWRjYjQwMTJjMTc5YSIsInRhZyI6IiJ9; expires=Thu, 15 Dec 2022 04:58:24 GMT; Max-Age=3600; path=/; httponly; samesite=lax
ml476fc238ccbf345b=eyJpdiI6IlRwK1I5WGZPV2pkMlhBUW1ZeXFrSmc9PSIsInZhbHVlIjoibGVPelRiK2I4c0c2L2JsS1RHWGE2Y1RDbFRoUlZQNEMzcEJib3hYL3YvND0iLCJtYWMiOiI5NzQzODkzMWI5OTEwODkxMTVmZGMyMmQ5NmRhYmU3ZjlhY2ZjZTFhNzk3M2NlZTA3OTczZDE4YTA5NWY3NGVjIiwidGFnIjoiIn0%3D; expires=Fri, 16 Dec 2022 03:58:24 GMT; Max-Age=86400; path=/; httponly; samesite=lax
vis=eyJpdiI6IkMzbXd4MVZCV05OSHJOb1BCc2dYSHc9PSIsInZhbHVlIjoiajlCWk8zSW9zcHJlQzZwbW15bHMrUT09IiwibWFjIjoiZWFiYmJmYzExNmNhMWJlNTJiMjAxYWIxYjI0ODcxZjBjZWZhYWVkMDk4MmNkNDhmNWMzNDJhNjk1NWViMjM1NSIsInRhZyI6IiJ9; expires=Wed, 15 Mar 2023 03:58:24 GMT; Max-Age=7776000; path=/; httponly; samesite=lax
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPSE%2BVH4yWZjf8tR%2BZtHA%2FkzO4jMYZ3EkLV4kW28OuyiW0g3%2B3FV4UAuSqYQsrL9pdyvHRFwQG5Pj6BL4uFisLBaB85oZ2G%2FF6sTNE7lRziYdylqGYTnK366BXF6eg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779c42b89c02b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4181156885%2F
302 Found 0 B URL HTTP/1.1 103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4181156885%2F
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4181156885%2F HTTP/1.1
Host: 103.56.211.129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Thu, 15 Dec 2022 03:58:25 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/8.0.11
Location: https://p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4181156885/&mdnreturn=WDNadlpHRnRiM289
p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4181156885/&mdnreturn=WDNadlpHRnRiM289
302 Found 6 B URL HTTP/1.1 p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4181156885/&mdnreturn=WDNadlpHRnRiM289
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with CRLF line terminators
Hash ed19ca99581136d44b35bbb2240a6bf6
d0ac1626cb4713dd5e6b3ff63d818efac90ab4b3
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0
GET /norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4181156885/&mdnreturn=WDNadlpHRnRiM289 HTTP/1.1
Host: p.hungama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=6d490e3c6205a542b5e36d299c98d872_545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Thu, 15 Dec 2022 03:58:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.11
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=6d490e3c6205a542b5e36d299c98d872_545; path=/
Location: https://p.hungama.com/norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641
Access-Control-Allow-Origin: *
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2533
Expires: Thu, 15 Dec 2022 04:40:38 GMT
Date: Thu, 15 Dec 2022 03:58:25 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2533
Expires: Thu, 15 Dec 2022 04:40:38 GMT
Date: Thu, 15 Dec 2022 03:58:25 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2533
Expires: Thu, 15 Dec 2022 04:40:38 GMT
Date: Thu, 15 Dec 2022 03:58:25 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2533
Expires: Thu, 15 Dec 2022 04:40:38 GMT
Date: Thu, 15 Dec 2022 03:58:25 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4368d88-830e-4776-bbdb-c2457233983a.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4368d88-830e-4776-bbdb-c2457233983a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b031e56b256ee8ed21093f8c5398815
ef4ac091b1804b68c1d8e073d73f7a57e08739a6
f332c68ba6b31d67c02d16412c85e760cbc2e7a67073876c8799365e80b6dbab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4368d88-830e-4776-bbdb-c2457233983a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9851
x-amzn-requestid: 38f12682-d3c4-4e4f-9b24-afe81ca85dde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c-FX9FsVoAMF5AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63958299-3d25cec26bcb2ccf73e3526f;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 07:11:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AhjBxWNu8LWdEfZRVxXxNXnqG9nfSGiPECfO1_pg9FxR5mxPw9k0Iw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 02:23:31 GMT
etag: "ef4ac091b1804b68c1d8e073d73f7a57e08739a6"
content-type: image/jpeg
age: 5694
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cff467d-ce7f-4454-8f95-b9c6348a2347.jpeg
200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cff467d-ce7f-4454-8f95-b9c6348a2347.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 651b0f2569cf044585ce4f571cfd89fb
4c5e9db56536dd4145d63200d0fd74e2aa243fbf
c561267909b1e19768a2c11d78bab18faaa0de11d822e56324d7642daf798bf5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cff467d-ce7f-4454-8f95-b9c6348a2347.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5820
x-amzn-requestid: aea526e4-f177-483a-bf63-4dbc3e526bf6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dHHBHE8HIAMFn0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63991ed3-2fdc5eed7f4c006224bd29c5;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 00:54:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: usEmccGMldP3GGjxbRfQ_TuRDdRzDqo8C31tNcjXVpz3ke03xykUfg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 13:45:56 GMT
etag: "4c5e9db56536dd4145d63200d0fd74e2aa243fbf"
content-type: image/jpeg
age: 51149
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5326af81-e7e2-4d6c-93a6-779a6e46a642.webp
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5326af81-e7e2-4d6c-93a6-779a6e46a642.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26fd0eea87bdde875285073a695d3005
03ec879b4eaef86b85f7528abecf1f383b9367d3
f0fbee34d53cc5ff66722caab6917f0833c778ed26b1b31a87424c06af7d480c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5326af81-e7e2-4d6c-93a6-779a6e46a642.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7028
x-amzn-requestid: f516be09-a7cf-486c-8bbd-75593c381048
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dJ8xJEPVIAMFdLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a41a0-00fdce7b73e084af4ce63583;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 21:35:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AUZTGtM2WUYSAjcONdieLwogB9Wav1U5Ouc4kydxuoC4_SbBj0PVdw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 21:42:07 GMT
etag: "03ec879b4eaef86b85f7528abecf1f383b9367d3"
content-type: image/jpeg
age: 22578
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67718f84-6fff-48ff-a2eb-1c126c960c8d.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67718f84-6fff-48ff-a2eb-1c126c960c8d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 389dadf2919f0ece2a3efa46303259bb
e3302acd5b173db8a5aa2fde0224faa9ce448e40
a93452a3e32f99069aa747d31c2abadc750b772c00345d338069929b340a91ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67718f84-6fff-48ff-a2eb-1c126c960c8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10650
x-amzn-requestid: 9bb462c3-bf7c-448f-8c02-5f03f988f32e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dJ8yaGmAoAMF7hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a41a8-7b4e68860442f801753694ca;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 21:35:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Gfj-qmeVPyeZ94vWLbwxaSTEBRuTypit6mJXg1uUZNH3K-tSEU77bg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 21:51:41 GMT
age: 22004
etag: "e3302acd5b173db8a5aa2fde0224faa9ce448e40"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F874ce85e-7786-4e92-aea7-1c22181143e6.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F874ce85e-7786-4e92-aea7-1c22181143e6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 389fe7dd5f3f80351a97fe4106be49b5
a91f474e6d320797c2ea32ecaf7a341f5f77fe82
11957edbfb3dc06abbe8ee6aa9dac0a25f84ba909a6404030c9f081343384513
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F874ce85e-7786-4e92-aea7-1c22181143e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9108
x-amzn-requestid: 2134a88c-a745-4061-ac63-16989306d7da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dH_FlF6MoAMFQsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63997889-18ba85822302c07e672f17e3;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 07:17:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cqlGj6xu4etxgHqsCba0T3DmafdJe71e4CRzfte5w2HSr-CQqweufQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 07:51:02 GMT
age: 72443
etag: "a91f474e6d320797c2ea32ecaf7a341f5f77fe82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f56798-4039-4a1a-9490-f61d1b1e77da.jpeg
200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f56798-4039-4a1a-9490-f61d1b1e77da.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 672ae812012d060ba75fbb8cb9d6038c
2ab1016451432b6cd1d6b9756c6cc6a926ffa7ce
cd9c002af775a6ba6ff8902a67e19c2ed2663d23bf8a1c3fe763598a60ba8d69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f56798-4039-4a1a-9490-f61d1b1e77da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5259
x-amzn-requestid: 21c0e355-e696-4785-a162-5f96e02836f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c3fV1HHKIAMFsjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6392df58-608335604793d9f46939a81a;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 07:10:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YF20vWN7faRilx8H98vMPeAimGKAPA-32GulYRed4h-vQAzwkYNgbA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 22:14:27 GMT
age: 20638
etag: "2ab1016451432b6cd1d6b9756c6cc6a926ffa7ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
p.hungama.com/norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641
302 Found 6 B URL HTTP/1.1 p.hungama.com/norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with CRLF line terminators
Hash ed19ca99581136d44b35bbb2240a6bf6
d0ac1626cb4713dd5e6b3ff63d818efac90ab4b3
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0
GET /norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641 HTTP/1.1
Host: p.hungama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=6d490e3c6205a542b5e36d299c98d872_545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Thu, 15 Dec 2022 03:58:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.11
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=6d490e3c6205a542b5e36d299c98d872_545; path=/
Location: http://gateway.mondiapay.com/v1/web/purchase/initiate/1961d238-8c20-4969-9162-2c28bebdfa9a
Access-Control-Allow-Origin: *
gateway.mondiapay.com/v1/web/purchase/initiate/1961d238-8c20-4969-9162-2c28bebdfa9a
200 2.3 kB URL HTTP/1.1 gateway.mondiapay.com/v1/web/purchase/initiate/1961d238-8c20-4969-9162-2c28bebdfa9a
IP
ASN #33873 Arvato Systems GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7c84b8ea453b0ac17e380536d1829b6d
5ceb2c85b42a77c1b336d15758fa796edee14cad
4422723d70518112694f2b974940c6fa0d29bc4e79ff1f657ae9353a231f0d5e
GET /v1/web/purchase/initiate/1961d238-8c20-4969-9162-2c28bebdfa9a HTTP/1.1
Host: gateway.mondiapay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Thu, 15 Dec 2022 03:58:27 GMT
Expires: 0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-MM-CORRELATION-ID: 3600D21F-8B24-3ED1-F267-A7F6ADB85215, 3600D21F-8B24-3ED1-F267-A7F6ADB85215
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Server: unknown
gateway.mondiapay.com/favicon.ico
200 946 B URL HTTP/1.1 gateway.mondiapay.com/favicon.ico
IP
ASN #33873 Arvato Systems GmbH
File type MS Windows icon resource - 1 icon, 16x13, 32 bits/pixel\012- data
Hash 0488faca4c19046b94d07c3ee83cf9d6
02fb8c5e4c3d113f310651a4d021aecc68f79d54
a3fe67e3549fdbc5819762b43c7efd93b1caea734f87a33c909a4e4b2ba4e32b
GET /favicon.ico HTTP/1.1
Host: gateway.mondiapay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gateway.mondiapay.com/v1/web/purchase/initiate/1961d238-8c20-4969-9162-2c28bebdfa9a
HTTP/1.1 200
X-MM-CORRELATION-ID: 77D7D282-1E30-FABC-3F0D-B654400EF62E
Last-Modified: Thu, 13 Dec 2018 16:04:02 GMT
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 946
Date: Thu, 15 Dec 2022 03:58:27 GMT
Server: unknown
gateway.mondiapay.com/v1/web/purchase/validate/1961d238-8c20-4969-9162-2c28bebdfa9a
200 19 B URL HTTP/1.1 gateway.mondiapay.com/v1/web/purchase/validate/1961d238-8c20-4969-9162-2c28bebdfa9a
IP
ASN #33873 Arvato Systems GmbH
File type JSON data\012- , ASCII text, with no line terminators
Hash 7371f4549137912d2f797e976caa3f7a
a6dbc3ae0138f2a5b50371323a7d8e3744f261ef
8519ccdbef3d14c543b2079d16bcc9c10e50ca44613391b0deb904a290ebe5ee
GET /v1/web/purchase/validate/1961d238-8c20-4969-9162-2c28bebdfa9a HTTP/1.1
Host: gateway.mondiapay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://gateway.mondiapay.com/v1/web/purchase/initiate/1961d238-8c20-4969-9162-2c28bebdfa9a
HTTP/1.1 200
Date: Thu, 15 Dec 2022 03:58:29 GMT
Expires: 0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-MM-CORRELATION-ID: D3B61445-11A7-33EC-B442-47C140777587, D3B61445-11A7-33EC-B442-47C140777587
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Content-Type: text/plain;charset=UTF-8
Transfer-Encoding: chunked
Server: unknown
gateway.mondiapay.com/mondiapay-strex-no-v1/web/purchase/subscription/1961d238-8c20-4969-9162-2c28bebdfa9a
302 0 B URL HTTP/1.1 gateway.mondiapay.com/mondiapay-strex-no-v1/web/purchase/subscription/1961d238-8c20-4969-9162-2c28bebdfa9a
IP
ASN #33873 Arvato Systems GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mondiapay-strex-no-v1/web/purchase/subscription/1961d238-8c20-4969-9162-2c28bebdfa9a HTTP/1.1
Host: gateway.mondiapay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gateway.mondiapay.com/v1/web/purchase/initiate/1961d238-8c20-4969-9162-2c28bebdfa9a
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Date: Thu, 15 Dec 2022 03:58:30 GMT
X-MM-CORRELATION-ID: F12C588C-0FCD-FC06-55AD-38CDDBFB3D22, F12C588C-0FCD-FC06-55AD-38CDDBFB3D22
Location: https://track.greentropolo.com/g/25649095a9b1a16d63?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F1961d238-8c20-4969-9162-2c28bebdfa9a%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=4Ekrui1U2XzBvdHTNaSxupZyN6-bXzfHzLVKS9txACI&external_id=1961d238-8c20-4969-9162-2c28bebdfa9a&var1=7714&var2=77140001
Transfer-Encoding: chunked
Server: unknown
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 03414bd758523af3327c719638f10c2a
bf9e052322889268bb91ea738dfe13397599023c
d4b77bd136ac3e32febd649c23add5d0aa16ac8e564b8420f80dc0c57a3fbbbd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D4B77BD136AC3E32FEBD649C23ADD5D0AA16AC8E564B8420F80DC0C57A3FBBBD"
Last-Modified: Mon, 12 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13607
Expires: Thu, 15 Dec 2022 07:45:17 GMT
Date: Thu, 15 Dec 2022 03:58:30 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 03414bd758523af3327c719638f10c2a
bf9e052322889268bb91ea738dfe13397599023c
d4b77bd136ac3e32febd649c23add5d0aa16ac8e564b8420f80dc0c57a3fbbbd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D4B77BD136AC3E32FEBD649C23ADD5D0AA16AC8E564B8420F80DC0C57A3FBBBD"
Last-Modified: Mon, 12 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13607
Expires: Thu, 15 Dec 2022 07:45:17 GMT
Date: Thu, 15 Dec 2022 03:58:30 GMT
Connection: keep-alive
gateway.mondiapay.com/mondiapay-strex-no-v1/web/purchase/subscription/1961d238-8c20-4969-9162-2c28bebdfa9a?clickid=track_20221215035830_494f6678_2088_4dca_ab82_7911395e487e&opt=y1OmIf3vX5Uvq3t4IoET2%2FToNZwodokfUc2lKjXIpR2Js6o%2F1cq%2Ffsy4kP2FRFWmcZVU06DKcBHq0fvYVKN1iqV9KVPlrAMuEtOv1imVt%2FqYkLiJomJmRy1Z04822S5vQBgBsp%2F2kcoO6SBqFJfY9%2BUFuE8R4XCvGK8KvH5dOSExsAnE1mnPloRezrUA9svSlYugHwk09t4BVqInTfu2WNG8eSDGM7WCyEr9c6hcJMTsUiB85NnWzXpfBmF95%2B%2BeDJ9LXOquxcfBpnPFZQ9dJt1WR2kms3x8w9a69LfpKiO2iYvPlUUPLgn%2BuI8fgcLkSMI%2Fvxn7DB0HaG%2FD9bT%2FvOM%2B20TLOEa1ye78yXs%2BB4ECEJbN9NajrF6NjET7aDcoLly21Sq9KEm%2ByJCe9rGivgPy1XYg%2BAXZs6mIdgf9Ss%2BKanvcztv3qTRsWQ%2BsKJAq&opt-hmac=VSr09T%2Bo1G9kWMvz%2BsJ8j6Aq7iVmYpeVHJ5ikozOa8U%3D
200 1.8 kB URL HTTP/1.1 gateway.mondiapay.com/mondiapay-strex-no-v1/web/purchase/subscription/1961d238-8c20-4969-9162-2c28bebdfa9a?clickid=track_20221215035830_494f6678_2088_4dca_ab82_7911395e487e&opt=y1OmIf3vX5Uvq3t4IoET2%2FToNZwodokfUc2lKjXIpR2Js6o%2F1cq%2Ffsy4kP2FRFWmcZVU06DKcBHq0fvYVKN1iqV9KVPlrAMuEtOv1imVt%2FqYkLiJomJmRy1Z04822S5vQBgBsp%2F2kcoO6SBqFJfY9%2BUFuE8R4XCvGK8KvH5dOSExsAnE1mnPloRezrUA9svSlYugHwk09t4BVqInTfu2WNG8eSDGM7WCyEr9c6hcJMTsUiB85NnWzXpfBmF95%2B%2BeDJ9LXOquxcfBpnPFZQ9dJt1WR2kms3x8w9a69LfpKiO2iYvPlUUPLgn%2BuI8fgcLkSMI%2Fvxn7DB0HaG%2FD9bT%2FvOM%2B20TLOEa1ye78yXs%2BB4ECEJbN9NajrF6NjET7aDcoLly21Sq9KEm%2ByJCe9rGivgPy1XYg%2BAXZs6mIdgf9Ss%2BKanvcztv3qTRsWQ%2BsKJAq&opt-hmac=VSr09T%2Bo1G9kWMvz%2BsJ8j6Aq7iVmYpeVHJ5ikozOa8U%3D
IP
ASN #33873 Arvato Systems GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 5b6205a52461329238df7eb42438b22e
fbd43521a9a8763efd993991dc26d11bf708b28f
072b0223e108e8b829a55717e1ed8da558e7dd13147a5acaeb3e1bdcbe351237
GET /mondiapay-strex-no-v1/web/purchase/subscription/1961d238-8c20-4969-9162-2c28bebdfa9a?clickid=track_20221215035830_494f6678_2088_4dca_ab82_7911395e487e&opt=y1OmIf3vX5Uvq3t4IoET2%2FToNZwodokfUc2lKjXIpR2Js6o%2F1cq%2Ffsy4kP2FRFWmcZVU06DKcBHq0fvYVKN1iqV9KVPlrAMuEtOv1imVt%2FqYkLiJomJmRy1Z04822S5vQBgBsp%2F2kcoO6SBqFJfY9%2BUFuE8R4XCvGK8KvH5dOSExsAnE1mnPloRezrUA9svSlYugHwk09t4BVqInTfu2WNG8eSDGM7WCyEr9c6hcJMTsUiB85NnWzXpfBmF95%2B%2BeDJ9LXOquxcfBpnPFZQ9dJt1WR2kms3x8w9a69LfpKiO2iYvPlUUPLgn%2BuI8fgcLkSMI%2Fvxn7DB0HaG%2FD9bT%2FvOM%2B20TLOEa1ye78yXs%2BB4ECEJbN9NajrF6NjET7aDcoLly21Sq9KEm%2ByJCe9rGivgPy1XYg%2BAXZs6mIdgf9Ss%2BKanvcztv3qTRsWQ%2BsKJAq&opt-hmac=VSr09T%2Bo1G9kWMvz%2BsJ8j6Aq7iVmYpeVHJ5ikozOa8U%3D HTTP/1.1
Host: gateway.mondiapay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Thu, 15 Dec 2022 03:58:31 GMT
vary: accept-encoding
Content-Encoding: gzip
X-MM-CORRELATION-ID: 4FC35886-5142-23C3-F1BD-4AFED606216B, 4FC35886-5142-23C3-F1BD-4AFED606216B
Content-Language: nn
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Server: unknown
menad2c.mondiamedia.com/mpay/default/css/app.css
200 OK 5.0 kB URL HTTP/1.1 menad2c.mondiamedia.com/mpay/default/css/app.css
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 4572baf2f21139c911fd7817a74eee3b
0993a70cda1bcf5cb143e861d7b74c3b21012619
657db6c50eac58b0f5981e7f71c74967bf9e80a3d796c6078f1ea26f20cd463a
GET /mpay/default/css/app.css HTTP/1.1
Host: menad2c.mondiamedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gateway.mondiapay.com/
HTTP/1.1 200 OK
Content-Length: 4981
Content-Type: text/css
Date: Thu, 15 Dec 2022 03:58:31 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With
Access-Control-Allow-Methods: GET, PUT, POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Content-Encoding: gzip
ETag: "079c7d48576d81:0"
Last-Modified: Thu, 02 Jun 2022 13:36:58 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash cfedb90533ae346da93845e774254bd5
32062112658283b00893014230b3774a3e661193
495c5789cd6ac65361c857cc4efb82d16185d4ca6aaa3a206ebe644d474f4e88
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 03:58:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 19 Dec 2022 01:02:41 GMT
ETag: "32062112658283b00893014230b3774a3e661193"
Last-Modified: Thu, 15 Dec 2022 01:02:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 11
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779c42ea1e1db51e-OSL
w.hungama.com/utility/images/hungama-play.png
200 OK 12 kB URL HTTP/1.1 w.hungama.com/utility/images/hungama-play.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 368 x 124, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ed21e2dd8c3a923a9af035dc69cdb66
a4f2d398503033b98df5a7e218a1efb34fc71f36
d2e505bbe6fb01305cf96ad3e9faf62d8bd3e50c52624af98a48110b5af74c30
GET /utility/images/hungama-play.png HTTP/1.1
Host: w.hungama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gateway.mondiapay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 15 Dec 2022 03:58:32 GMT
Content-Type: image/png
Content-Length: 12542
Connection: keep-alive
Last-Modified: Thu, 18 Aug 2022 10:39:24 GMT
ETag: "30fe-5e68198549d0f"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
track.greentropolo.com/g/25649095a9b1a16d63?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F1961d238-8c20-4969-9162-2c28bebdfa9a%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=4Ekrui1U2XzBvdHTNaSxupZyN6-bXzfHzLVKS9txACI&external_id=1961d238-8c20-4969-9162-2c28bebdfa9a&var1=7714&var2=77140001
200 OK 0 B URL HTTP/2 track.greentropolo.com/g/25649095a9b1a16d63?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F1961d238-8c20-4969-9162-2c28bebdfa9a%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=4Ekrui1U2XzBvdHTNaSxupZyN6-bXzfHzLVKS9txACI&external_id=1961d238-8c20-4969-9162-2c28bebdfa9a&var1=7714&var2=77140001
IP
GET /g/25649095a9b1a16d63?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F1961d238-8c20-4969-9162-2c28bebdfa9a%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=4Ekrui1U2XzBvdHTNaSxupZyN6-bXzfHzLVKS9txACI&external_id=1961d238-8c20-4969-9162-2c28bebdfa9a&var1=7714&var2=77140001 HTTP/1.1
Host: track.greentropolo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gateway.mondiapay.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 03:58:30 GMT
content-type: text/html;charset=utf-8
cache-control: private, max-age=0, no-cache, must-revalidate
pragma: no-cache
accept-ch: Width, Viewport-Width, Viewport-Height, Device-Memory, Content-DPR, DPR, Save-Data, Downlink, ECT, RTT, Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
vary: Accept-Encoding, User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yv95TnVmFeVc36DurvivdxR%2FCMRBwx%2BrXBq6o87tRoupL3dUEp%2FlnwM7X6egD9O5g8GhEpzhQVHmYFdwIYEJozAq9ufDDRhJ2GbfEVX5NK8AO%2BI7hMb3FTQlidVL3CtgRykICDUjcHx%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779c42df0e4fb50b-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
18.195.128.171
23.36.77.32
52.41.91.37
93.184.220.29
104.18.21.226
103.56.211.129
23.97.224.11