lajonu.com/cl/6878f949d4b49e11
302 Found 654 B URL HTTP/1.1 lajonu.com/cl/6878f949d4b49e11
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c424305885fe351b30efb3a09f7c9806
b135bc24cd09c6323a651b2c643edc7f0f6f564a
d3a13a95ce7e8dbff40f6c72eb4873576a3bbd2554afd7eb90a53f3e2916e58b
Analyzer Verdict Alert fortinet Phishing
GET /cl/6878f949d4b49e11 HTTP/1.1
Host: lajonu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 31 Mar 2023 22:59:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.1.17
Cache-Control: no-cache
Location: https://p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4438170158
X-Frame-Options: DENY
Set-Cookie: sbc6878f949d4b49e11=eyJpdiI6ImRoaEs5MlJBUkNSTDZuVktUUGtKQXc9PSIsInZhbHVlIjoiV0N0Z241VUxRcUNiMFBkdUwwbEdIZz09IiwibWFjIjoiM2Q2OTNlMjE0ZmUwNzcxNDE4M2NhMjgxYTg0ZmMzZjM5OTU5YjQzYThkYjdiOTlhYTczZjA4MzEyOTkxNjU0NiIsInRhZyI6IiJ9; expires=Fri, 31 Mar 2023 23:59:40 GMT; Max-Age=3600; path=/; httponly; samesite=lax
vis=eyJpdiI6IkFlbE9pWHlKQjBqSWRsVWNQS0U3MVE9PSIsInZhbHVlIjoiWjhmSU5oSHNaVm4wMUMwYi9DU0ZKZz09IiwibWFjIjoiNjRlZjNlZDg3YWFjNTZhNjA2MzE1ODg0ODE4NGI2MzA0OTI3MDAwNjYyNWZhNWIwYzgxNjk0YjY3MDYzOGY5ZSIsInRhZyI6IiJ9; expires=Thu, 29 Jun 2023 22:59:40 GMT; Max-Age=7776000; path=/; httponly; samesite=lax
Expires: Thu, 01 Jan 1970 00:00:01 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKyjUvlsXtrIsxaaMvAGBvHlNAstu0n%2BWLZye%2F3YNvsZPZNipMBDVs6Wu%2B7kfaeCHiPDa4xpzE38e3C7vtynrzUGO6NCB54bj8r71%2BuTqbPEMpOeywI%2Bq65H%2Fd6u"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b0c343e8e88067b-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2313
Expires: Fri, 31 Mar 2023 23:38:13 GMT
Date: Fri, 31 Mar 2023 22:59:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19796
Expires: Sat, 01 Apr 2023 04:29:36 GMT
Date: Fri, 31 Mar 2023 22:59:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ed282214b024a7895d90e229e92bb1cc
1f447aa59287ce2b45860a1a909d005a41305f77
a35ae9f89cbc77ed5fe849acdc2701592799c335f2674776d69c25bca0a00c2e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Type, Alert, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 22:16:13 GMT
content-type: application/json
age: 2607
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 76218c893040d958ae1c4231cdd2133c
6a7b336dee91d4aec26ace0a5883ecdfac52e68f
d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5076
Expires: Sat, 01 Apr 2023 00:24:16 GMT
Date: Fri, 31 Mar 2023 22:59:40 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: lrWGZ8+T7fF0t1HtLGGe5NcrQZ9pDBqIQWAzJhDRNix4EVLRZFFBROmdXKG/Lb2x/cyTWtFJIXk=
x-amz-request-id: WZV2DK268HN6AVXX
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 22:12:21 GMT
age: 2839
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 22:59:40 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f89764b5529b0921337bd77a61e1e56a
9306a0bd5335fc1d8fa08780164b26560f1cb8d3
e0f499802da95da189595b16aceb1984eece3fbf88f7494d3290fbec4df5b4eb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0F499802DA95DA189595B16ACEB1984EECE3FBF88F7494D3290FBEC4DF5B4EB"
Last-Modified: Fri, 31 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16277
Expires: Sat, 01 Apr 2023 03:30:57 GMT
Date: Fri, 31 Mar 2023 22:59:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Expires, Cache-Control, Content-Length, Retry-After, Last-Modified, Pragma, ETag, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 31 Mar 2023 22:14:39 GMT
age: 2701
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mnOu4RbeeMb8kpq0xYpzJQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: peYR6nYdh7MTptscOxUG62v9U8U=
Date: Fri, 31 Mar 2023 22:59:40 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash d7f8b3633431829b8766601b5bf20e91
e2f0249c89a3588937eed8009130f958a2701068
4d327fc80031586072e9959bb58dd8ceb45417a41a587881fd861d5bbce64bf6
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Tue, 04 Apr 2023 22:59:39 GMT
ETag: "e2f0249c89a3588937eed8009130f958a2701068"
Last-Modified: Fri, 31 Mar 2023 22:59:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 31 Mar 2023 22:59:40 GMT
Age: 0
X-Served-By: cache-qpg1268-QPG, cache-bma1646-BMA
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1680303581.721056,VS0,VE216
p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4438170158
302 Found 6 B URL HTTP/1.1 p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4438170158
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with CRLF line terminators
Hash ed19ca99581136d44b35bbb2240a6bf6
d0ac1626cb4713dd5e6b3ff63d818efac90ab4b3
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0
GET /norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4438170158 HTTP/1.1
Host: p.hungama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Fri, 31 Mar 2023 22:59:41 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6
Connection: keep-alive
X-Powered-By: PHP/8.0.11
Set-Cookie: PHPSESSID=e0e1368adfbdfa0d08e6c575b2a32460_545; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: http://103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4438170158%2F
Access-Control-Allow-Origin: *
103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4438170158%2F
302 Found 0 B URL HTTP/1.1 103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4438170158%2F
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4438170158%2F HTTP/1.1
Host: 103.56.211.129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Fri, 31 Mar 2023 22:59:41 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/8.0.11
Location: https://p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4438170158/&mdnreturn=WDNadlpHRnRiM289
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13347
Expires: Sat, 01 Apr 2023 02:42:09 GMT
Date: Fri, 31 Mar 2023 22:59:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13347
Expires: Sat, 01 Apr 2023 02:42:09 GMT
Date: Fri, 31 Mar 2023 22:59:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13347
Expires: Sat, 01 Apr 2023 02:42:09 GMT
Date: Fri, 31 Mar 2023 22:59:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b04f715-df83-425c-b3e1-5703d926f759.jpeg
200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b04f715-df83-425c-b3e1-5703d926f759.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a88f6c7b5bce83cc00e9e8271cf56702
21835a62ac378c55a61a762636b811a837749648
40b4e80bf0a5ac477804025c56beb2263d77a9f84933eabf6d464589e6f1d573
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b04f715-df83-425c-b3e1-5703d926f759.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5257
x-amzn-requestid: 694e361b-d59f-4a35-b547-de5a42689670
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ClU6mHJuIAMF5Iw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64253510-4f0d883b2f15ceee32b013da;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 07:06:56 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 4E6V54wVgPXKvD4UNObxUE7CnWL18b7pGRf4a4Ntoe5r3JcVLQUyqg==
via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 07:13:24 GMT
age: 56778
etag: "21835a62ac378c55a61a762636b811a837749648"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc960713a-d448-4b65-8d89-5da5a2031c7b.jpeg
200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc960713a-d448-4b65-8d89-5da5a2031c7b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7abfd37bfd9b14a195c3de2d399b6d8a
65c966c2dd0015ffa61acea36212a538eccd5fd9
c80e0dc705226d0b96fbb2fc7dde331ba5ebca2e887d6b77661d7c6a6efdd49d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc960713a-d448-4b65-8d89-5da5a2031c7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14764
x-amzn-requestid: 76fa5c4f-2fa7-4310-9ad8-80cd096fb636
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CqnIXF_aoAMFtGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64275235-2846a8ee4376c7c02a919ed9;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:35:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: xJUHKE8Bh953Z2jOnjklqpmLOxq-UITKQhncKJ6f87w1-vpRcIM2Hw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:59:12 GMT
age: 3630
etag: "65c966c2dd0015ffa61acea36212a538eccd5fd9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ff5ce6b-6aa5-4dee-8d16-aa3f8b265b59.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ff5ce6b-6aa5-4dee-8d16-aa3f8b265b59.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95b4bec205ae2333b5364e6c6bcc0bbf
931e351c6f6938fae4988f25297f010acd48a6ae
dc0a45c6e520ced7b4f0d936c58289be840d22ed09db6f4814456cdf1448e934
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ff5ce6b-6aa5-4dee-8d16-aa3f8b265b59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6416
x-amzn-requestid: 4c3ca82d-15c6-4f86-b5a4-209c6562aaf6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CiC9XFtMIAMFhbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6423e522-63bd33c127169a6455fd64cf;Sampled=0
x-amzn-remapped-date: Wed, 29 Mar 2023 07:13:38 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 89ixkGejIjUHzMpSiSpuGjnWlFdA1NWHu9pZG9PD6kLCvv-Abwqbgw==
via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 05:21:57 GMT
age: 63465
etag: "931e351c6f6938fae4988f25297f010acd48a6ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F808d12ec-c97a-4c49-976e-6025ea897112.jpeg
200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F808d12ec-c97a-4c49-976e-6025ea897112.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 800c2662fd6ab8829a02b7d63084c38d
0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239
76545e9f75dc558fdb7b54550934c7775318fb4150a9309f60e65d982d2e576e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F808d12ec-c97a-4c49-976e-6025ea897112.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5950
x-amzn-requestid: 5d5a94f5-db2f-4c4c-9c9f-08c14b0ccd80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm7NG2NIAMF-sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751e1-57c957f442c42fe148e66831;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:25 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: KkjS04mCLqFET4v9-sePYK-zcztrds608GECT1Fxz3BEpslgxnpLOg==
via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:37:17 GMT
age: 4945
etag: "0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfa5d643-243c-4157-97e2-d929d9b82514.jpeg
200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfa5d643-243c-4157-97e2-d929d9b82514.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 613b90b49678a72443e992713b7eb711
f4216e9b06d9cb62aadfafce434789a3cc5d1fe2
7cb101a12e824bf26552b2aaeb00df0e3f239c254168b9dee65192b484f1b61e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfa5d643-243c-4157-97e2-d929d9b82514.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4697
x-amzn-requestid: 9bed2cbf-18d6-4cac-8ac0-32e831ff1d9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ClWGeHbhIAMFn5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642536f5-3d548aea13f757a85ca99750;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 07:15:01 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: cWC8mfkQdpMt1CB3QLj4CRjiegMidFxcrzKqAnvyF1RLJ6_0bYCUSA==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 07:29:07 GMT
age: 55835
etag: "f4216e9b06d9cb62aadfafce434789a3cc5d1fe2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9720e87-c9ea-45dd-b03b-959a201d1cd5.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9720e87-c9ea-45dd-b03b-959a201d1cd5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 63f65b3207378879c6e794007b8a11ee
f0ee85f6acc45822ca5dc638bedefb21618d9127
dadd45018a3f500653176e5d585284fa28ca8140ec71c666feb4ab1b93f54c54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9720e87-c9ea-45dd-b03b-959a201d1cd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8479
x-amzn-requestid: 918a80ec-9fed-420b-b213-3c7e34e007ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm9WEw_IAMF53g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751ee-7cdad9533b2617c0043823f2;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: jh-3_Rb1rG13lHKqhXtUe3dt6pO2CADP7IL_zAadlgCvgoNiWDQ8jQ==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 22:00:04 GMT
age: 3578
etag: "f0ee85f6acc45822ca5dc638bedefb21618d9127"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4438170158/&mdnreturn=WDNadlpHRnRiM289
302 Found 6 B URL HTTP/1.1 p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4438170158/&mdnreturn=WDNadlpHRnRiM289
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with CRLF line terminators
Hash ed19ca99581136d44b35bbb2240a6bf6
d0ac1626cb4713dd5e6b3ff63d818efac90ab4b3
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0
GET /norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4438170158/&mdnreturn=WDNadlpHRnRiM289 HTTP/1.1
Host: p.hungama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=e0e1368adfbdfa0d08e6c575b2a32460_545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Fri, 31 Mar 2023 22:59:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6
Connection: keep-alive
X-Powered-By: PHP/8.0.11
Set-Cookie: PHPSESSID=e0e1368adfbdfa0d08e6c575b2a32460_545; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://p.hungama.com/norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641
Access-Control-Allow-Origin: *
p.hungama.com/norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641
302 Found 6 B URL HTTP/1.1 p.hungama.com/norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with CRLF line terminators
Hash ed19ca99581136d44b35bbb2240a6bf6
d0ac1626cb4713dd5e6b3ff63d818efac90ab4b3
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0
GET /norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641 HTTP/1.1
Host: p.hungama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=e0e1368adfbdfa0d08e6c575b2a32460_545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Fri, 31 Mar 2023 22:59:43 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6
Connection: keep-alive
X-Powered-By: PHP/8.0.11
Set-Cookie: PHPSESSID=e0e1368adfbdfa0d08e6c575b2a32460_545; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: http://gateway.mondiapay.com/v1/web/purchase/initiate/326d521b-7b78-4208-9854-e117bbd176c1
Access-Control-Allow-Origin: *
gateway.mondiapay.com/v1/web/purchase/initiate/326d521b-7b78-4208-9854-e117bbd176c1
200 2.3 kB URL HTTP/1.1 gateway.mondiapay.com/v1/web/purchase/initiate/326d521b-7b78-4208-9854-e117bbd176c1
IP
ASN #33873 Arvato Systems GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cd9e95ddf82cff3770ab9f62a3222b44
ad69c4d77feb159b52cd0fd7cba4a8450317562a
27e9b5ec1e53d14be11c3136750162ef8b92d53a129e5a40ea555f2c2e5b202f
GET /v1/web/purchase/initiate/326d521b-7b78-4208-9854-e117bbd176c1 HTTP/1.1
Host: gateway.mondiapay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Fri, 31 Mar 2023 22:59:44 GMT
Expires: 0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-MM-CORRELATION-ID: 76DE86F8-CD87-DDF6-EED2-55D7E48F143F, 76DE86F8-CD87-DDF6-EED2-55D7E48F143F
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Server: unknown
gateway.mondiapay.com/favicon.ico
200 946 B URL HTTP/1.1 gateway.mondiapay.com/favicon.ico
IP
ASN #33873 Arvato Systems GmbH
File type MS Windows icon resource - 1 icon, 16x13, 32 bits/pixel\012- data
Hash 0488faca4c19046b94d07c3ee83cf9d6
02fb8c5e4c3d113f310651a4d021aecc68f79d54
a3fe67e3549fdbc5819762b43c7efd93b1caea734f87a33c909a4e4b2ba4e32b
GET /favicon.ico HTTP/1.1
Host: gateway.mondiapay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gateway.mondiapay.com/v1/web/purchase/initiate/326d521b-7b78-4208-9854-e117bbd176c1
HTTP/1.1 200
X-MM-CORRELATION-ID: E7422CBC-315D-402E-E763-DE73D0EDA5D3
Last-Modified: Thu, 13 Dec 2018 16:04:02 GMT
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 946
Date: Fri, 31 Mar 2023 22:59:43 GMT
Server: unknown
gateway.mondiapay.com/v1/web/purchase/validate/326d521b-7b78-4208-9854-e117bbd176c1
200 19 B URL HTTP/1.1 gateway.mondiapay.com/v1/web/purchase/validate/326d521b-7b78-4208-9854-e117bbd176c1
IP
ASN #33873 Arvato Systems GmbH
File type JSON data\012- , ASCII text, with no line terminators
Hash 7371f4549137912d2f797e976caa3f7a
a6dbc3ae0138f2a5b50371323a7d8e3744f261ef
8519ccdbef3d14c543b2079d16bcc9c10e50ca44613391b0deb904a290ebe5ee
GET /v1/web/purchase/validate/326d521b-7b78-4208-9854-e117bbd176c1 HTTP/1.1
Host: gateway.mondiapay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://gateway.mondiapay.com/v1/web/purchase/initiate/326d521b-7b78-4208-9854-e117bbd176c1
HTTP/1.1 200
Date: Fri, 31 Mar 2023 22:59:46 GMT
Expires: 0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-MM-CORRELATION-ID: 324243CD-B082-D1E7-AB4E-6AE2358D20E5, 324243CD-B082-D1E7-AB4E-6AE2358D20E5
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Content-Type: text/plain;charset=UTF-8
Transfer-Encoding: chunked
Server: unknown
gateway.mondiapay.com/mondiapay-strex-no-v1/web/purchase/subscription/326d521b-7b78-4208-9854-e117bbd176c1
302 0 B URL HTTP/1.1 gateway.mondiapay.com/mondiapay-strex-no-v1/web/purchase/subscription/326d521b-7b78-4208-9854-e117bbd176c1
IP
ASN #33873 Arvato Systems GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mondiapay-strex-no-v1/web/purchase/subscription/326d521b-7b78-4208-9854-e117bbd176c1 HTTP/1.1
Host: gateway.mondiapay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gateway.mondiapay.com/v1/web/purchase/initiate/326d521b-7b78-4208-9854-e117bbd176c1
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Date: Fri, 31 Mar 2023 22:59:46 GMT
X-MM-CORRELATION-ID: 2420FFB5-CBEB-A75B-6B1E-DC1A6657C1BF, 2420FFB5-CBEB-A75B-6B1E-DC1A6657C1BF
Location: https://track.greentropolo.com/g/4625709cd492e17ee2?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F326d521b-7b78-4208-9854-e117bbd176c1%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=LjsYBRcassS6HaymCJoBqoabvXD4y-l-FmHA7xGRcDg&external_id=326d521b-7b78-4208-9854-e117bbd176c1&var1=7714&var2=77140001&var3=Hungama+Play+-+Weekly
Transfer-Encoding: chunked
Server: unknown
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ce78f2d0b42959a52218a8c2d5b7f78
1bc3bd0a0505ad27659f4e5635e34e8e19d7efa9
8b3e5c9fbeaf4fc23940111b61de9eb26af9b3f2c9bfe1b9f3ec56f0ef028b8c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B3E5C9FBEAF4FC23940111B61DE9EB26AF9B3F2C9BFE1B9F3EC56F0EF028B8C"
Last-Modified: Fri, 31 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=412
Expires: Fri, 31 Mar 2023 23:06:38 GMT
Date: Fri, 31 Mar 2023 22:59:46 GMT
Connection: keep-alive
gateway.mondiapay.com/mondiapay-strex-no-v1/web/purchase/subscription/326d521b-7b78-4208-9854-e117bbd176c1?clickid=track_20230331225946_7461175d_5999_4781_bdd7_0df8591c255a&opt=1gVTUtlhW%2B0UP%2FA99BEVvgd970ADx0jISaYUUCoQA5jsf6TV0FTUGc%2Fzfnu42EqWEJJwwcHcXW94Mbds4RNLfBo465BbjeEyh5%2FfMzsqYvmaLQDsghxn9%2FzUCMN8NKHWn%2FsomkNg8%2B6cHuSqADm0SeonZrRcdI0SC8xGwuA2uL7uUSM0y7oDPAZfW6IdTtpbE8puLEA6GnCVAyCypxusWjTg%2F6H0K6hjMvkMR1E1yuJUiwUMisbvW7kYC4qP3WtR5NF303WJsAv%2FENQhpQIIR5i9YafIuAoYmx93mbFdztZFzP%2F%2FAiJ0W95DXOhundSyIiFLwfLRDgAB%2FI08zCn0U9uAIiwtlp83mwRyMD2e7ZSa6g2cgizbjQ0402QaU3m6PYpjMjwvKfMRyKXlnvLhX3MKaO4c0Ysvf8Bkh%2FBJQIVzBz8CJZ1eWLcvGMFEa0R9AijVNBDq3aGxOiZAqD4kuslASK1wIWFeWgVTCoOkFfnGOK88XyKsabUzVolYEgbSsoCMQo3gcINWqCFxrXsGYzU5KCAvs3k%2FH34bvBC67kE9GtmAT7SZGwk5bJVWcBEhv276YSceJBJeLlEpBRR45Q%3D%3D&opt-hmac=ZTwIbojfiYmI6k61%2FqGR9SrC%2BRdPCZyzIoaH2Forww0%3D
302 0 B URL HTTP/1.1 gateway.mondiapay.com/mondiapay-strex-no-v1/web/purchase/subscription/326d521b-7b78-4208-9854-e117bbd176c1?clickid=track_20230331225946_7461175d_5999_4781_bdd7_0df8591c255a&opt=1gVTUtlhW%2B0UP%2FA99BEVvgd970ADx0jISaYUUCoQA5jsf6TV0FTUGc%2Fzfnu42EqWEJJwwcHcXW94Mbds4RNLfBo465BbjeEyh5%2FfMzsqYvmaLQDsghxn9%2FzUCMN8NKHWn%2FsomkNg8%2B6cHuSqADm0SeonZrRcdI0SC8xGwuA2uL7uUSM0y7oDPAZfW6IdTtpbE8puLEA6GnCVAyCypxusWjTg%2F6H0K6hjMvkMR1E1yuJUiwUMisbvW7kYC4qP3WtR5NF303WJsAv%2FENQhpQIIR5i9YafIuAoYmx93mbFdztZFzP%2F%2FAiJ0W95DXOhundSyIiFLwfLRDgAB%2FI08zCn0U9uAIiwtlp83mwRyMD2e7ZSa6g2cgizbjQ0402QaU3m6PYpjMjwvKfMRyKXlnvLhX3MKaO4c0Ysvf8Bkh%2FBJQIVzBz8CJZ1eWLcvGMFEa0R9AijVNBDq3aGxOiZAqD4kuslASK1wIWFeWgVTCoOkFfnGOK88XyKsabUzVolYEgbSsoCMQo3gcINWqCFxrXsGYzU5KCAvs3k%2FH34bvBC67kE9GtmAT7SZGwk5bJVWcBEhv276YSceJBJeLlEpBRR45Q%3D%3D&opt-hmac=ZTwIbojfiYmI6k61%2FqGR9SrC%2BRdPCZyzIoaH2Forww0%3D
IP
ASN #33873 Arvato Systems GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mondiapay-strex-no-v1/web/purchase/subscription/326d521b-7b78-4208-9854-e117bbd176c1?clickid=track_20230331225946_7461175d_5999_4781_bdd7_0df8591c255a&opt=1gVTUtlhW%2B0UP%2FA99BEVvgd970ADx0jISaYUUCoQA5jsf6TV0FTUGc%2Fzfnu42EqWEJJwwcHcXW94Mbds4RNLfBo465BbjeEyh5%2FfMzsqYvmaLQDsghxn9%2FzUCMN8NKHWn%2FsomkNg8%2B6cHuSqADm0SeonZrRcdI0SC8xGwuA2uL7uUSM0y7oDPAZfW6IdTtpbE8puLEA6GnCVAyCypxusWjTg%2F6H0K6hjMvkMR1E1yuJUiwUMisbvW7kYC4qP3WtR5NF303WJsAv%2FENQhpQIIR5i9YafIuAoYmx93mbFdztZFzP%2F%2FAiJ0W95DXOhundSyIiFLwfLRDgAB%2FI08zCn0U9uAIiwtlp83mwRyMD2e7ZSa6g2cgizbjQ0402QaU3m6PYpjMjwvKfMRyKXlnvLhX3MKaO4c0Ysvf8Bkh%2FBJQIVzBz8CJZ1eWLcvGMFEa0R9AijVNBDq3aGxOiZAqD4kuslASK1wIWFeWgVTCoOkFfnGOK88XyKsabUzVolYEgbSsoCMQo3gcINWqCFxrXsGYzU5KCAvs3k%2FH34bvBC67kE9GtmAT7SZGwk5bJVWcBEhv276YSceJBJeLlEpBRR45Q%3D%3D&opt-hmac=ZTwIbojfiYmI6k61%2FqGR9SrC%2BRdPCZyzIoaH2Forww0%3D HTTP/1.1
Host: gateway.mondiapay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Date: Fri, 31 Mar 2023 22:59:46 GMT
X-MM-CORRELATION-ID: 2C7D7FF7-04AD-A557-2A14-DE055D80CFEE, 2C7D7FF7-04AD-A557-2A14-DE055D80CFEE
Location: http://35.200.222.172/v2/cgredirection/cgReturnTelenorNorwayMM.php?trans_id=20230401042943478345322746&status=403&message=PERMISSION_DENIED
Transfer-Encoding: chunked
Server: unknown
35.200.222.172/v2/cgredirection/cgReturnTelenorNorwayMM.php?trans_id=20230401042943478345322746&status=403&message=PERMISSION_DENIED
302 Found 0 B URL HTTP/1.1 35.200.222.172/v2/cgredirection/cgReturnTelenorNorwayMM.php?trans_id=20230401042943478345322746&status=403&message=PERMISSION_DENIED
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /v2/cgredirection/cgReturnTelenorNorwayMM.php?trans_id=20230401042943478345322746&status=403&message=PERMISSION_DENIED HTTP/1.1
Host: 35.200.222.172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Fri, 31 Mar 2023 22:59:48 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/8.0.9
Location: https://p.hungama.com/norway_mm_play/index.php/plan/norway_mm_play_consent_return/?&mdn=99999999999&message=&rescode=H199
track.greentropolo.com/g/4625709cd492e17ee2?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F326d521b-7b78-4208-9854-e117bbd176c1%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=LjsYBRcassS6HaymCJoBqoabvXD4y-l-FmHA7xGRcDg&external_id=326d521b-7b78-4208-9854-e117bbd176c1&var1=7714&var2=77140001&var3=Hungama+Play+-+Weekly
200 OK 0 B URL HTTP/1.1 track.greentropolo.com/g/4625709cd492e17ee2?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F326d521b-7b78-4208-9854-e117bbd176c1%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=LjsYBRcassS6HaymCJoBqoabvXD4y-l-FmHA7xGRcDg&external_id=326d521b-7b78-4208-9854-e117bbd176c1&var1=7714&var2=77140001&var3=Hungama+Play+-+Weekly
IP
ASN #60781 LeaseWeb Netherlands B.V.
GET /g/4625709cd492e17ee2?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F326d521b-7b78-4208-9854-e117bbd176c1%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=LjsYBRcassS6HaymCJoBqoabvXD4y-l-FmHA7xGRcDg&external_id=326d521b-7b78-4208-9854-e117bbd176c1&var1=7714&var2=77140001&var3=Hungama+Play+-+Weekly HTTP/1.1
Host: track.greentropolo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gateway.mondiapay.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: close
Date: Fri, 31 Mar 2023 22:59:46 GMT
ETag: 7d5e27e0642765e23f2893fa65fa9ef3--gzip
Cache-Control: private, max-age=0, no-cache, must-revalidate
Pragma: no-cache
Accept-CH: Width, Viewport-Width, Viewport-Height, Device-Memory, Content-DPR, DPR, Save-Data, Downlink, ECT, RTT, Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
Content-Type: text/html;charset=utf-8
Vary: Accept-Encoding, User-Agent
Content-Encoding: gzip
track.greentropolo.com/l/4625709cd492e17ee2?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F326d521b-7b78-4208-9854-e117bbd176c1%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=LjsYBRcassS6HaymCJoBqoabvXD4y-l-FmHA7xGRcDg&external_id=326d521b-7b78-4208-9854-e117bbd176c1&var1=7714&var2=77140001&var3=Hungama+Play+-+Weekly&&_tdf=130&_opt9WST89e2a7D7=a9c565e4&_m=1uc
303 See Other 0 B URL HTTP/1.1 track.greentropolo.com/l/4625709cd492e17ee2?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F326d521b-7b78-4208-9854-e117bbd176c1%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=LjsYBRcassS6HaymCJoBqoabvXD4y-l-FmHA7xGRcDg&external_id=326d521b-7b78-4208-9854-e117bbd176c1&var1=7714&var2=77140001&var3=Hungama+Play+-+Weekly&&_tdf=130&_opt9WST89e2a7D7=a9c565e4&_m=1uc
IP
ASN #60781 LeaseWeb Netherlands B.V.
POST /l/4625709cd492e17ee2?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F326d521b-7b78-4208-9854-e117bbd176c1%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=LjsYBRcassS6HaymCJoBqoabvXD4y-l-FmHA7xGRcDg&external_id=326d521b-7b78-4208-9854-e117bbd176c1&var1=7714&var2=77140001&var3=Hungama+Play+-+Weekly&&_tdf=130&_opt9WST89e2a7D7=a9c565e4&_m=1uc HTTP/1.1
Host: track.greentropolo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3370
Origin: https://track.greentropolo.com
Connection: keep-alive
Referer: https://track.greentropolo.com/g/4625709cd492e17ee2?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F326d521b-7b78-4208-9854-e117bbd176c1%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=LjsYBRcassS6HaymCJoBqoabvXD4y-l-FmHA7xGRcDg&external_id=326d521b-7b78-4208-9854-e117bbd176c1&var1=7714&var2=77140001&var3=Hungama+Play+-+Weekly
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
Connection: close
Date: Fri, 31 Mar 2023 22:59:47 GMT
Location: http://gateway.mondiapay.com/mondiapay-strex-no-v1/web/purchase/subscription/326d521b-7b78-4208-9854-e117bbd176c1?clickid=track_20230331225946_7461175d_5999_4781_bdd7_0df8591c255a&opt=1gVTUtlhW%2B0UP%2FA99BEVvgd970ADx0jISaYUUCoQA5jsf6TV0FTUGc%2Fzfnu42EqWEJJwwcHcXW94Mbds4RNLfBo465BbjeEyh5%2FfMzsqYvmaLQDsghxn9%2FzUCMN8NKHWn%2FsomkNg8%2B6cHuSqADm0SeonZrRcdI0SC8xGwuA2uL7uUSM0y7oDPAZfW6IdTtpbE8puLEA6GnCVAyCypxusWjTg%2F6H0K6hjMvkMR1E1yuJUiwUMisbvW7kYC4qP3WtR5NF303WJsAv%2FENQhpQIIR5i9YafIuAoYmx93mbFdztZFzP%2F%2FAiJ0W95DXOhundSyIiFLwfLRDgAB%2FI08zCn0U9uAIiwtlp83mwRyMD2e7ZSa6g2cgizbjQ0402QaU3m6PYpjMjwvKfMRyKXlnvLhX3MKaO4c0Ysvf8Bkh%2FBJQIVzBz8CJZ1eWLcvGMFEa0R9AijVNBDq3aGxOiZAqD4kuslASK1wIWFeWgVTCoOkFfnGOK88XyKsabUzVolYEgbSsoCMQo3gcINWqCFxrXsGYzU5KCAvs3k%2FH34bvBC67kE9GtmAT7SZGwk5bJVWcBEhv276YSceJBJeLlEpBRR45Q%3D%3D&opt-hmac=ZTwIbojfiYmI6k61%2FqGR9SrC%2BRdPCZyzIoaH2Forww0%3D
104.21.95.231
103.56.211.129
172.67.149.12
84.17.170.222
62.212.87.244
23.36.77.32