ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226 1.4 kB URL ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 2a2dd70fb12ddaecf0fa0c600f50de25
7c9f387b9993e017494e9266c53bb51d8a670381
78852546e8f0fbbb554d59a00917aa568f587a52aef0ddb856b6c66dcce86bcc
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 27 May 2023 21:30:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 31 May 2023 19:44:02 GMT
ETag: "7c9f387b9993e017494e9266c53bb51d8a670381"
Last-Modified: Sat, 27 May 2023 19:44:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ce15b891d480b61-OSL
p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4626119585
103.56.211.129302 Found 6 B URL User Request GET HTTP/1.1 p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4626119585
IP 103.56.211.129:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerGlobalSign nv-sa
Subject*.hungama.com
FingerprintDE:C2:A1:9B:10:8C:5D:B6:7D:2D:6C:80:01:2E:D1:37:53:A8:F0:3C
ValidityTue, 07 Feb 2023 08:08:59 GMT - Sun, 10 Mar 2024 08:08:58 GMT
File type ASCII text, with CRLF line terminators
Hash ed19ca99581136d44b35bbb2240a6bf6
d0ac1626cb4713dd5e6b3ff63d818efac90ab4b3
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0
GET /norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4626119585 HTTP/1.1
Host: p.hungama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Sat, 27 May 2023 21:30:11 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6
Connection: keep-alive
X-Powered-By: PHP/8.1.17
Set-Cookie: PHPSESSID=7c915f336eae3d95266b1a0c9671fe09_545; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: http://103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4626119585%2F
Access-Control-Allow-Origin: *
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226 1.4 kB URL ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 2a2dd70fb12ddaecf0fa0c600f50de25
7c9f387b9993e017494e9266c53bb51d8a670381
78852546e8f0fbbb554d59a00917aa568f587a52aef0ddb856b6c66dcce86bcc
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 27 May 2023 21:30:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 31 May 2023 19:44:02 GMT
ETag: "7c9f387b9993e017494e9266c53bb51d8a670381"
Last-Modified: Sat, 27 May 2023 19:44:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ce15b8eeb200b61-OSL
103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4626119585%2F
103.56.211.129 286 B URL User Request GET 103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4626119585%2F
IP 103.56.211.129:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 88002476f674694897667621652cfb63
cf889207e837fa84f0fe03939fca3cd89b7802f8
b45494812082833d5d9012fae5a3e01329e49f2b0876436e6ea5de83b52a7bc9
Analyzer Verdict Alert quad9 Sinkholed
GET /he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4626119585%2F HTTP/1.1
Host: 103.56.211.129
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Sat, 27 May 2023 21:30:12 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 286
Connection: keep-alive
X-Powered-By: PHP/8.1.17
Location: https://p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4626119585/&mdnreturn=WDNadlpHRnRiM289
p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4626119585/&mdnreturn=WDNadlpHRnRiM289
103.56.211.129 6 B URL User Request GET p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4626119585/&mdnreturn=WDNadlpHRnRiM289
IP 103.56.211.129:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerGlobalSign nv-sa
Subject*.hungama.com
FingerprintDE:C2:A1:9B:10:8C:5D:B6:7D:2D:6C:80:01:2E:D1:37:53:A8:F0:3C
ValidityTue, 07 Feb 2023 08:08:59 GMT - Sun, 10 Mar 2024 08:08:58 GMT
File type ASCII text, with CRLF line terminators
Hash ed19ca99581136d44b35bbb2240a6bf6
d0ac1626cb4713dd5e6b3ff63d818efac90ab4b3
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0
GET /norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4626119585/&mdnreturn=WDNadlpHRnRiM289 HTTP/1.1
Host: p.hungama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7c915f336eae3d95266b1a0c9671fe09_545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Sat, 27 May 2023 21:30:12 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6
Connection: keep-alive
X-Powered-By: PHP/8.1.17
Set-Cookie: PHPSESSID=7c915f336eae3d95266b1a0c9671fe09_545; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://p.hungama.com/norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641
Access-Control-Allow-Origin: *
pu3hj.bemobpath.com/favicon.ico
0.0.0.0 0 B URL GET pu3hj.bemobpath.com/favicon.ico
IP 0.0.0.0:0
Requested by https://pu3hj.bemobpath.com/?redirectUrl=https%3A%2F%2Ftrafpuma.org%2Fcl%2F3a697b619ff5576c%3Fp1%3DMj4Z891h4txUQwk2EFaS23
Certificate IssuerLet's Encrypt
Subjectbemobpath.com
Fingerprint8C:DD:86:D6:E0:BA:C2:21:EF:FC:70:C8:D8:53:6A:92:75:E3:75:88
ValidityMon, 22 May 2023 09:02:47 GMT - Sun, 20 Aug 2023 09:02:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: pu3hj.bemobpath.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pu3hj.bemobpath.com/?redirectUrl=https%3A%2F%2Ftrafpuma.org%2Fcl%2F3a697b619ff5576c%3Fp1%3DMj4Z891h4txUQwk2EFaS23
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
trafpuma.org/cl/3a697b619ff5576c?p1=Mj4Z891h4txUQwk2EFaS23
188.114.97.1302 Found 0 B URL User Request GET HTTP/2 trafpuma.org/cl/3a697b619ff5576c?p1=Mj4Z891h4txUQwk2EFaS23
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjecttrafpuma.org
Fingerprint71:13:BD:F3:1D:90:6A:69:2E:2E:2A:B9:7B:40:76:75:94:D6:4E:C5
ValiditySat, 27 May 2023 09:53:46 GMT - Fri, 25 Aug 2023 09:53:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cl/3a697b619ff5576c?p1=Mj4Z891h4txUQwk2EFaS23 HTTP/1.1
Host: trafpuma.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 27 May 2023 21:30:10 GMT
content-type: text/html; charset=UTF-8
location: https://p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4626119585
x-powered-by: PHP/8.1.18
cache-control: no-cache
x-frame-options: DENY
set-cookie: sbc3a697b619ff5576c=eyJpdiI6IlA3dXFSdWVCWS9ZZEdtRm5sdTRTK0E9PSIsInZhbHVlIjoidUJiMWFOQnJaVWVnZm9Cb2NjS0pUQT09IiwibWFjIjoiYTM5MTY1OGIzZGM5YTM0NDc1MTA5ZGIxYjkyZjU5NmFmYzIzOGY4MzM4MTZiZDBiN2VkZTA3ODM1OWJmOTM1YSIsInRhZyI6IiJ9; expires=Sat, 27 May 2023 22:30:10 GMT; Max-Age=3600; path=/; httponly; samesite=lax
vis=eyJpdiI6IkVVeUp2Z3FaKzNqcmlaY211akJzcVE9PSIsInZhbHVlIjoiMkhoNmRVSThhRUo4aFJaei96WWNldz09IiwibWFjIjoiNTJkMGIyYzA2ZWViYWQxMTUyYmE3MGY5NmNhMzFiYWUwYzI1ZWEzYTlmODIyZTFhYjExODdiZDNhZjRmZWVjMyIsInRhZyI6IiJ9; expires=Fri, 25 Aug 2023 21:30:10 GMT; Max-Age=7776000; path=/; httponly; samesite=lax
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAaY5NDdIca2hhqFbielP0BoYDhfroMEP%2BXORRCrhd56WdieQUBKR2MumRYzmdereWJnwnwhrf5I56n5%2FYdnu4%2Bgab8%2FHynyc%2FYeuSyMJQLL1plyo6iRsXj6wn4CO3Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce15b852d600b49-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
p.hungama.com/norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641
0.0.0.0 0 B URL User Request GET p.hungama.com/norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641
IP 0.0.0.0:0
Certificate IssuerGlobalSign nv-sa
Subject*.hungama.com
FingerprintDE:C2:A1:9B:10:8C:5D:B6:7D:2D:6C:80:01:2E:D1:37:53:A8:F0:3C
ValidityTue, 07 Feb 2023 08:08:59 GMT - Sun, 10 Mar 2024 08:08:58 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641 HTTP/1.1
Host: p.hungama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7c915f336eae3d95266b1a0c9671fe09_545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
pu3hj.bemobpath.com/?redirectUrl=https%3A%2F%2Ftrafpuma.org%2Fcl%2F3a697b619ff5576c%3Fp1%3DMj4Z891h4txUQwk2EFaS23
3.70.16.242200 OK 194 B URL User Request GET HTTP/2 pu3hj.bemobpath.com/?redirectUrl=https%3A%2F%2Ftrafpuma.org%2Fcl%2F3a697b619ff5576c%3Fp1%3DMj4Z891h4txUQwk2EFaS23
IP 3.70.16.242:443
Certificate IssuerLet's Encrypt
Subjectbemobpath.com
Fingerprint8C:DD:86:D6:E0:BA:C2:21:EF:FC:70:C8:D8:53:6A:92:75:E3:75:88
ValidityMon, 22 May 2023 09:02:47 GMT - Sun, 20 Aug 2023 09:02:46 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 73018a43fea77508b056873c6a7ffdf3
bcd7180bbf2ddfba5dd4dc2cce972aacafb148ed
076018c97435850bb6e122a3355a0f4cd42ec97cbe83e94843d476503574ac37
GET /?redirectUrl=https%3A%2F%2Ftrafpuma.org%2Fcl%2F3a697b619ff5576c%3Fp1%3DMj4Z891h4txUQwk2EFaS23 HTTP/1.1
Host: pu3hj.bemobpath.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Sat, 27 May 2023 21:30:09 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
etag: W/"c2-3yYOd5liEHkbLrMaNJzAXmcuRbk"
x-response-time: 2.341ms
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2