GET analyticsstar.com/rd2/?flow=hn1&rp2=na&rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabhe58luwcvmu15tbu9fiakq%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser
200 OK 363 B URL GET analyticsstar.com/rd2/?flow=hn1&rp2=na&rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabhe58luwcvmu15tbu9fiakq%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subjectanalyticsstar.com
Fingerprint0E:63:3B:9F:9C:B1:AC:4D:4C:7F:68:FB:D9:96:D2:FC:87:FB:62:21
ValidityThu, 12 Jun 2025 04:23:38 GMT - Wed, 10 Sep 2025 05:21:51 GMT
File type HTML document, ASCII text, with very long lines (363), with no line terminators
Hash c4144524d1b3b8e6ef4a11b15f97c5fa
3405d8bfac0f28065c85952c2a5a00f695fd3d2b
d1c69518f2fb1896b2910dba972a0f6fc0213c28c5ca3ab7e4e0ff3e06db66de
GET /rd2/?flow=hn1&rp2=na&rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabhe58luwcvmu15tbu9fiakq%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser HTTP/1.1
Host: analyticsstar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 02:31:02 GMT
content-type: text/html
content-encoding: br
referrer-policy: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xf%2FEUywN0IeCmER7JE%2Fmjjhz3qu16uorZuioTzxOB9tNq9B6dfIHnK4crNCwDtg5wuyrDz1HqxYeeFULItIBLsrSZJLJzzDuGmstt%2F5e1l5JjySUoYP9Y9%2Bz9MhDTdzUq%2BCQMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 959b3441ce5356b7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1129&min_rtt=460&rtt_var=1299&sent=9&recv=13&lost=0&retrans=1&sent_bytes=4158&recv_bytes=1720&delivery_rate=7412969&cwnd=256&unsent_bytes=0&cid=3d45ed11c37db67c&ts=99&x=0"
X-Firefox-Spdy: h2
GET analyticsstar.com/rd2/?flow=hn2&rp2=na&rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabhe58luwcvmu15tbu9fiakq%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser
302 Found 1.6 kB URL GET analyticsstar.com/rd2/?flow=hn2&rp2=na&rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabhe58luwcvmu15tbu9fiakq%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subjectanalyticsstar.com
Fingerprint0E:63:3B:9F:9C:B1:AC:4D:4C:7F:68:FB:D9:96:D2:FC:87:FB:62:21
ValidityThu, 12 Jun 2025 04:23:38 GMT - Wed, 10 Sep 2025 05:21:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd2/?flow=hn2&rp2=na&rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabhe58luwcvmu15tbu9fiakq%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser HTTP/1.1
Host: analyticsstar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Fri, 04 Jul 2025 02:31:03 GMT
content-length: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=saoiUtcXYfXKkJJb4bUpaTbp13umezaToISTtNllnbQ6I4isiMHlJ97PCK8vQcWLCSV2xrrMp6V9S8lvgkeyipva3OTtbO9ZiQd3e57CYy%2B7SzNiqctZ1%2Fouc4Yw41Mmq%2FBshw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://r.linksprf.com/v1/redirect?yk_tag=abhe58luwcvmu15tbu9fiakq&type=linkId&id=724995c67e2e411bb0c1993c92ff0ead&api_key=9fc4e996309a71593ec11abc32134106&site_id=73e8ce88e6254cc8a21b08494c7f252f&dch=feed&ad_t=advertiser
cf-ray: 959b3443f8695688-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7869&min_rtt=2375&rtt_var=4814&sent=33&recv=32&lost=0&retrans=0&sent_bytes=6209&recv_bytes=2678&delivery_rate=328095&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=18083&unsent_bytes=0&cid=6e9abef6ec7ddc9b&ts=369&inflight_dur=12&x=40"
GET imgsct.cookiebot.com/1.gif?dgi=46c9e9e9-aa9a-4daa-a318-f334626e1c36
200 OK 35 B URL GET imgsct.cookiebot.com/1.gif?dgi=46c9e9e9-aa9a-4daa-a318-f334626e1c36
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerDigiCert Inc
Subject*.cookiebot.com
Fingerprint09:D4:1E:A2:E6:1A:0F:56:67:3D:FB:CB:A2:73:77:10:6C:92:98:B2
ValiditySun, 29 Dec 2024 00:00:00 GMT - Wed, 07 Jan 2026 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /1.gif?dgi=46c9e9e9-aa9a-4daa-a318-f334626e1c36 HTTP/1.1
Host: imgsct.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABgVH88cO4ERDQiPq9ndjwj7sVxIbKfp2HtYBJizHUCmyuK4B1sIBst0H6-X_42WuO_Dr1IMhonm4lU
x-goog-generation: 1698061172769999
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 35
x-goog-hash: crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 35
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
last-modified: Mon, 23 Oct 2023 11:39:32 GMT
etag: "c2196de8ba412c60c22ab491af7b1409"
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Fri, 04 Jul 2025 02:31:05 GMT
cache-control: public,max-age=1800
X-Firefox-Spdy: h2
GET my.rtmark.net/gid.js
200 OK 65 B IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint89:E0:23:FC:5B:0F:07:0F:7E:EC:B8:4F:B5:1D:3B:1F:6B:5C:22:0B
ValidityMon, 30 Jun 2025 12:11:05 GMT - Sun, 28 Sep 2025 13:11:03 GMT
Hash ad12c088f861c997cc4c11dd6a812995
094a4548bd7b51262dbd85e2768923bd172ab006
6260cd30f7302a83d30d3b193537278f0e160ff75fcf117ce44c42f13b04158d
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 02:30:57 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://urly.lat
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0801fccf7c2b4be1fe4c96b214fc90c5; expires=Sat, 04 Jul 2026 02:30:57 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 959b341e4f0e56a4-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
POST bt2pt.com/5/9431067/?oo=1&js_build=iclick-v1.1478.0&dmn=al5sm.com&tt=2&ix=0
204 No Content 0 B URL POST bt2pt.com/5/9431067/?oo=1&js_build=iclick-v1.1478.0&dmn=al5sm.com&tt=2&ix=0
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerLet's Encrypt
Subjectbt2pt.com
Fingerprint97:1D:CA:8E:B7:63:6B:9E:D4:BE:40:9E:F4:26:6F:F6:8C:73:02:06
ValidityTue, 22 Apr 2025 14:38:50 GMT - Mon, 21 Jul 2025 14:38:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /5/9431067/?oo=1&js_build=iclick-v1.1478.0&dmn=al5sm.com&tt=2&ix=0 HTTP/1.1
Host: bt2pt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2581
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx
date: Fri, 04 Jul 2025 02:30:57 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://urly.lat
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
POST firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&gsessionid=IQydNVI8hKhSlOw9RQVjV9LoXrkIgHBqHX4-SCYHLak&SID=dnOsibzmBAkRa8NAelWAfA&RID=98404&AID=5&zx=kliydr9a1e23&t=1
200 OK 10 B URL POST firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&gsessionid=IQydNVI8hKhSlOw9RQVjV9LoXrkIgHBqHX4-SCYHLak&SID=dnOsibzmBAkRa8NAelWAfA&RID=98404&AID=5&zx=kliydr9a1e23&t=1
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subjectedgecert.googleapis.com
FingerprintAC:5A:C7:DF:4B:A5:8A:68:3F:CA:99:41:E6:43:4F:96:27:E8:9B:38
ValidityMon, 02 Jun 2025 08:39:28 GMT - Mon, 25 Aug 2025 08:39:27 GMT
Hash e7b7fa0fe1208843cd1c69ae04bb6067
2e524c03db3f3360daf37fb172b7c50081d387e7
59e985a6b4503260116c50d3342d7b5bd34879a05f2a77521710b9caffd1f23d
POST /google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&gsessionid=IQydNVI8hKhSlOw9RQVjV9LoXrkIgHBqHX4-SCYHLak&SID=dnOsibzmBAkRa8NAelWAfA&RID=98404&AID=5&zx=kliydr9a1e23&t=1 HTTP/1.1
Host: firestore.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 128
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/plain; charset=utf-8
content-encoding: gzip
date: Fri, 04 Jul 2025 02:31:00 GMT
server: ESF
content-length: 30
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://urly.lat
vary: origin
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET analyticsstar.com/rd1/?rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabhe58luwcvmu15tbu9fiakq%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser
302 Found 363 B URL GET analyticsstar.com/rd1/?rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabhe58luwcvmu15tbu9fiakq%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subjectanalyticsstar.com
Fingerprint0E:63:3B:9F:9C:B1:AC:4D:4C:7F:68:FB:D9:96:D2:FC:87:FB:62:21
ValidityThu, 12 Jun 2025 04:23:38 GMT - Wed, 10 Sep 2025 05:21:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd1/?rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabhe58luwcvmu15tbu9fiakq%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser HTTP/1.1
Host: analyticsstar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 04 Jul 2025 02:31:02 GMT
content-type: text/html
cf-ray: 959b34415e4456b7-OSL
location: /rd2/?flow=hn1&rp2=na&rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabhe58luwcvmu15tbu9fiakq%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser
referrer-policy: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gnbe3aY55pEnRqA%2FeRqfycoOnCWQElBniUwMLFp9K4uoBrC4IzG9rdBwniKrcKpHnGCZRuy6jSY5jhq6Zx8WOZ33AXC9lIXcjyFE8pErE%2BJRkUcj9yFuKsZLTa2nHMdXPrsQ6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=576&min_rtt=460&rtt_var=257&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3291&recv_bytes=1448&delivery_rate=7412969&cwnd=254&unsent_bytes=0&cid=3d45ed11c37db67c&ts=41&x=0"
X-Firefox-Spdy: h2
GET glp8.net/redirect/global.php?dai_url_domain=https%3A%2F%2Fwww.platekompaniet.no%2F&dai_url_add=utm_campaign%3Ddaisycon_YieldKit+GmbH%26utm_source%3Ddaisycon%26utm_medium%3Daffiliate&dai_url_rebuild&dai_url=
301 Moved Permanently 63 kB URL GET glp8.net/redirect/global.php?dai_url_domain=https%3A%2F%2Fwww.platekompaniet.no%2F&dai_url_add=utm_campaign%3Ddaisycon_YieldKit+GmbH%26utm_source%3Ddaisycon%26utm_medium%3Daffiliate&dai_url_rebuild&dai_url=
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subjectglp8.net
Fingerprint60:0A:82:88:22:96:95:C7:56:6D:60:38:51:A3:9D:25:B0:F6:AD:2D
ValiditySun, 01 Jun 2025 12:32:10 GMT - Sat, 30 Aug 2025 13:26:58 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/global.php?dai_url_domain=https%3A%2F%2Fwww.platekompaniet.no%2F&dai_url_add=utm_campaign%3Ddaisycon_YieldKit+GmbH%26utm_source%3Ddaisycon%26utm_medium%3Daffiliate&dai_url_rebuild&dai_url= HTTP/1.1
Host: glp8.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://r.linksprf.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 04 Jul 2025 02:31:03 GMT
content-type: text/html; charset=UTF-8
location: https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit GmbH&utm_source=daisycon&utm_medium=affiliate
server: cloudflare
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-expose-headers: Cache-Control, Expires, Pragma, Content-Length, Content-Type
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-xss-protection: 0
x-ds: 1
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=LQjZLoQHEch8iM%2BE1tDrBcHby1Aat3f8vf8yl7MwwE4hkboNhZc5FA6UHY0RqHipSUepSFpY9YdAWxGQfPeunLI4LD6XQQ%3D%3D"}]}
cf-ray: 959b3449183c0afa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.platekompaniet.no/17.cc77a70e683da006bb5f.js
200 OK 11 kB URL GET www.platekompaniet.no/17.cc77a70e683da006bb5f.js
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerLet's Encrypt
Subjectplatekompaniet.no
FingerprintF0:8B:97:31:84:4A:61:8A:AA:85:C9:9B:AB:C2:F5:D0:E6:7C:43:31
ValidityThu, 22 May 2025 18:02:49 GMT - Wed, 20 Aug 2025 18:02:48 GMT
File type JavaScript source, ASCII text, with very long lines (2300)
Hash 910a0e3125f661ca9e4ff9b2b26bf035
dfbda2ffd2c8de2d06adbc79d6454a9f9ca281ec
fbaf30ae3d79e291e55ad5be256b06c972c0402f60683e2d7db83b1e5cd022be
GET /17.cc77a70e683da006bb5f.js HTTP/1.1
Host: www.platekompaniet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 12 Jun 2025 05:16:40 GMT
etag: W/"684a62b8-2a08"
expires: Sat, 13 Jun 2026 00:07:07 GMT
cache-control: max-age=31536000
content-encoding: gzip
accept-ranges: bytes
age: 1823038
date: Fri, 04 Jul 2025 02:31:05 GMT
x-served-by: cache-bma-essb1270049-BMA, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 3106, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 3314
X-Firefox-Spdy: h2
GET www.gstatic.com/firebasejs/11.7.0/firebase-app.js
200 OK 103 kB URL GET www.gstatic.com/firebasejs/11.7.0/firebase-app.js
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT
File type JavaScript source, ASCII text
Size 103 kB (103050 bytes)
Hash 1f96c2cd902057a177433036ee99f5af
2f2485e4c1e7122185e2fa8aaad5843ceed56813
70947e12b4e7a5a9ae5542ba8b531052bc8147d4a7bc3c0a41be5f927d7deac1
GET /firebasejs/11.7.0/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 23275
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jun 2025 10:44:53 GMT
expires: Sat, 27 Jun 2026 10:44:53 GMT
cache-control: public, max-age=31536000
age: 575163
last-modified: Wed, 07 May 2025 18:11:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
POST firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&RID=98403&CVER=22&X-HTTP-Session-Id=gsessionid&zx=js2j5dy82e2s&t=1
200 OK 54 B URL POST firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&RID=98403&CVER=22&X-HTTP-Session-Id=gsessionid&zx=js2j5dy82e2s&t=1
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subjectedgecert.googleapis.com
FingerprintAC:5A:C7:DF:4B:A5:8A:68:3F:CA:99:41:E6:43:4F:96:27:E8:9B:38
ValidityMon, 02 Jun 2025 08:39:28 GMT - Mon, 25 Aug 2025 08:39:27 GMT
Hash e4f56bc21c0aea1b0c1592bb0c8c654a
5779dc6d4f28bfee8a7cd718d99395e5feeb3107
4688c58b41796b88559c11e5902b5d5945722a7dbad9c0b39092406fb2f6b304
POST /google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&RID=98403&CVER=22&X-HTTP-Session-Id=gsessionid&zx=js2j5dy82e2s&t=1 HTTP/1.1
Host: firestore.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 443
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-client-wire-protocol: h2
x-http-session-id: IQydNVI8hKhSlOw9RQVjV9LoXrkIgHBqHX4-SCYHLak
content-type: text/plain; charset=utf-8
content-encoding: gzip
date: Fri, 04 Jul 2025 02:30:59 GMT
server: ESF
content-length: 71
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://urly.lat
vary: origin
access-control-allow-credentials: true
access-control-expose-headers: x-client-wire-protocol,x-http-session-id
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.frayedperformance.pro/test2/37d0ec2624dc.js
200 OK 102 kB URL GET www.frayedperformance.pro/test2/37d0ec2624dc.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerLet's Encrypt
Subjectwww.frayedperformance.pro
Fingerprint95:B5:9B:D5:74:00:02:37:30:C5:BC:71:80:B8:44:FC:62:65:AC:7A
ValidityMon, 30 Jun 2025 07:07:48 GMT - Sun, 28 Sep 2025 07:07:47 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 102 kB (101519 bytes)
Hash b222dffeb7bbcd9d7120a430a85ca228
94490374570376e779612a3b7454ce7903c2cb4c
3e98aec5c7eee57ce742c381c209b3903d9fbabfc7f95ee4a73c84df54858ca9
GET /test2/37d0ec2624dc.js HTTP/1.1
Host: www.frayedperformance.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 02:30:56 GMT
content-type: application/javascript; charset=utf-8
server: nginx
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
cache-control: max-age=172800
content-encoding: gzip
expires: Sun, 06 Jul 2025 02:30:56 GMT
x-cdn-host-id: ah0543
x-proxy-cache: HIT
X-Firefox-Spdy: h2
GET www.platekompaniet.no/vendors.c6c1debb30da63da373d.js
200 OK 418 kB URL GET www.platekompaniet.no/vendors.c6c1debb30da63da373d.js
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerLet's Encrypt
Subjectplatekompaniet.no
FingerprintF0:8B:97:31:84:4A:61:8A:AA:85:C9:9B:AB:C2:F5:D0:E6:7C:43:31
ValidityThu, 22 May 2025 18:02:49 GMT - Wed, 20 Aug 2025 18:02:48 GMT
File type JavaScript source, ASCII text, with very long lines (1296), with escape sequences
Size 418 kB (418431 bytes)
Hash 4c24800e42a5d13cfd43ec54f0160ce8
b89e73b47085cec96de3f572fead0e889c2ffcce
943fb4bc319592b4d5fa548d91fe8c4ffa256d8c410c08771fa5f32afca0ec5e
GET /vendors.c6c1debb30da63da373d.js HTTP/1.1
Host: www.platekompaniet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 12 Jun 2025 05:18:45 GMT
etag: W/"684a6335-6627f"
expires: Wed, 17 Jun 2026 08:03:55 GMT
cache-control: max-age=31536000
content-encoding: gzip
accept-ranges: bytes
date: Fri, 04 Jul 2025 02:31:04 GMT
age: 1448829
x-served-by: cache-bma-essb1270062-BMA, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 305, 247
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 118959
X-Firefox-Spdy: h2
GET www.platekompaniet.no/client.266d99e5d8dc45f10cbd.js
200 OK 1.5 MB URL GET www.platekompaniet.no/client.266d99e5d8dc45f10cbd.js
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerLet's Encrypt
Subjectplatekompaniet.no
FingerprintF0:8B:97:31:84:4A:61:8A:AA:85:C9:9B:AB:C2:F5:D0:E6:7C:43:31
ValidityThu, 22 May 2025 18:02:49 GMT - Wed, 20 Aug 2025 18:02:48 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (3997), with LF, NEL line terminators
Size 1.5 MB (1504775 bytes)
Hash 4a3ad829147a21d863afa536f91ddcb0
3becc292ef25b35c86f69a2e4bfd52cb36cb488e
c666ff9f0ef8051a92284ba9a613039bd6a18075768f16905449939a6a3118b6
GET /client.266d99e5d8dc45f10cbd.js HTTP/1.1
Host: www.platekompaniet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 03 Jul 2025 10:31:40 GMT
etag: W/"68665c0c-16f607"
expires: Fri, 03 Jul 2026 10:59:24 GMT
cache-control: max-age=31536000
content-encoding: gzip
accept-ranges: bytes
age: 55900
date: Fri, 04 Jul 2025 02:31:04 GMT
x-served-by: cache-bma-essb1270037-BMA, cache-hel1410024-HEL
x-cache: MISS, HIT
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 412780
X-Firefox-Spdy: h2
GET static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
206 Partial Content 20 kB URL GET static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
IP
ASN #209242 Cloudflare London, LLC
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerGoogle Trust Services
Subjectzdassets.com
Fingerprint40:8A:EF:A0:E5:D7:93:B0:A2:76:16:9F:1A:F5:8A:75:A4:23:77:BB
ValidityFri, 27 Jun 2025 15:36:10 GMT - Thu, 25 Sep 2025 16:36:08 GMT
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo
Hash f11ce9e8f40a392830217253fe75d6de
89ba57fcc360da34756c127acba15a8b23267fc6
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
GET /web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Fri, 04 Jul 2025 02:31:08 GMT
content-type: audio/mpeg; charset=utf-8
content-length: 19698
x-amz-id-2: EwJG3MvmG7Pkb5y9hUBk4MwamVqWrqiQe71DZz17bkR58PbYfvj3naftpBxvqzxSV4pbertktEmsnVOaCXKkjOjWGfPlrv1D
x-amz-request-id: S86B5DGWRSV3981T
x-amz-replication-status: COMPLETED
last-modified: Fri, 27 Dec 2024 08:59:09 GMT
etag: "f11ce9e8f40a392830217253fe75d6de"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 13 May 2026 13:40:39 GMT
x-amz-version-id: SbGCIJ2SN2UNtezVUBsPz6twHS7ItMYi
cf-cache-status: HIT
age: 1748059
content-range: bytes 0-19697/19698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wO5sm4sXVnptZuAAiAkbGB7IHJ2bjm37ppzJHK%2FfgNq%2B%2Bo3lUp%2Bvd84Ks1KFrAcqprZ7MjJzDK6laP3RFIESqOVLBzCqHhVf%2FBxxdX8nnhY4TKLEYig9QqgWCj2yx03yhqG9duM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 959b3465c9e81d06-CPH
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
200 OK 102 kB URL GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
File type ASCII text, with very long lines (52276)
Size 102 kB (102025 bytes)
Hash ded1c367363e8b20bdc6a19b8350a737
8c06d82739d14b094ff6d9036021a252bd1d985d
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 02:30:55 GMT
content-type: text/css; charset=utf-8
content-length: 18752
cf-ray: 959b34179dd8568e-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6421d693-4940"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 107685
expires: Wed, 24 Jun 2026 02:30:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4abf9l941%2F2Dnvm39MCTYvLbHQ9%2BspUad4pZkiLoxYcYkxtKgoITn31LIG%2BpEOMugDQdgkZggCsOUGh3DTuxm0vVsmMwtswsmxM%2Fpp%2F92q1ZaYEuWy0O3AP4Met60CKFmQCDasCB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
POST fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=b0c484e1-24a6-4a42-a2a4-a42b4681238a
200 OK 0 B URL POST fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=b0c484e1-24a6-4a42-a2a4-a42b4681238a
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0
ValidityWed, 11 Dec 2024 00:00:00 GMT - Sun, 11 Jan 2026 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=b0c484e1-24a6-4a42-a2a4-a42b4681238a HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 451
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Fri, 04 Jul 2025 02:30:58 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://urly.lat
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
GET firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?gsessionid=vhYaB9bJSvyO4XePb0o0Xsa6jhXdLUQr_L0-9lDsYvc&VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&RID=rpc&SID=cbrFx5KmknrbOrX8dcCYIw&AID=0&CI=1&TYPE=xmlhttp&zx=doi6e5tm7it&t=1
200 OK 79 B URL GET firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?gsessionid=vhYaB9bJSvyO4XePb0o0Xsa6jhXdLUQr_L0-9lDsYvc&VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&RID=rpc&SID=cbrFx5KmknrbOrX8dcCYIw&AID=0&CI=1&TYPE=xmlhttp&zx=doi6e5tm7it&t=1
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subjectedgecert.googleapis.com
FingerprintAC:5A:C7:DF:4B:A5:8A:68:3F:CA:99:41:E6:43:4F:96:27:E8:9B:38
ValidityMon, 02 Jun 2025 08:39:28 GMT - Mon, 25 Aug 2025 08:39:27 GMT
Hash 324b16be44fd13584f3125af672ffd79
a08e3584fae95d3345db78d4f8b635f89d6ef6d9
f8f1143c5892a562d850a4ac1b17c33257f7f5da43f16ba66aeebea376142376
GET /google.firestore.v1.Firestore/Write/channel?gsessionid=vhYaB9bJSvyO4XePb0o0Xsa6jhXdLUQr_L0-9lDsYvc&VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&RID=rpc&SID=cbrFx5KmknrbOrX8dcCYIw&AID=0&CI=1&TYPE=xmlhttp&zx=doi6e5tm7it&t=1 HTTP/1.1
Host: firestore.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
cache-control: private, max-age=0
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
content-encoding: gzip
date: Fri, 04 Jul 2025 02:31:01 GMT
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://urly.lat
vary: origin
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET ekr.zdassets.com/compose/aecfae2c-d58c-4312-9c4d-590429da92a5
200 OK 1.1 kB URL GET ekr.zdassets.com/compose/aecfae2c-d58c-4312-9c4d-590429da92a5
IP
ASN #209242 Cloudflare London, LLC
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerGoogle Trust Services
Subjectzdassets.com
Fingerprint40:8A:EF:A0:E5:D7:93:B0:A2:76:16:9F:1A:F5:8A:75:A4:23:77:BB
ValidityFri, 27 Jun 2025 15:36:10 GMT - Thu, 25 Sep 2025 16:36:08 GMT
Hash 165f478c56959ba9cf3b283736f1e490
d10c4da071602b21345cefd97d81ed6c38631e43
34943f775ffe226e843caf75cc4ee947f11d3d295bdf90b7bfcc5a2099557641
GET /compose/aecfae2c-d58c-4312-9c4d-590429da92a5 HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.platekompaniet.no/
Origin: https://www.platekompaniet.no
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 02:31:05 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
etag: W/"34943f775ffe226e843caf75cc4ee947"
x-request-id: 957dc6ff2c24c8cb-SEA
x-runtime: 0.014071
x-envoy-upstream-service-time: 16
x-zendesk-zorg: yes
content-encoding: gzip
via: zorg
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7nCqZRYTMFRAFsxPflvNOLgcNwXzTEWdzWCB%2FsBUPSSj%2BGqtGsOrrJ4oes0JsGoKse4HhJM3R953DEUT60ft1%2BcRX92uNwewLQMrHBTCfj8tAqdjLknXqfr1vJV85Xz27uc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 959b3450dc5e3570-CPH
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtm.js?id=GTM-T3QSTG
200 OK 446 kB URL GET www.googletagmanager.com/gtm.js?id=GTM-T3QSTG
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint79:AA:03:D4:F6:6B:0F:61:E5:C5:AB:19:F4:A5:5D:DC:97:80:AF:DA
ValidityMon, 02 Jun 2025 08:35:30 GMT - Mon, 25 Aug 2025 08:35:29 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (26489)
Size 446 kB (446280 bytes)
Hash 3614811c5bd33fb4baa1ecdcba5cf9bf
11907e38b37b5b0bd688172aece9535e4642ccb7
9b0cfc8ecc7602c837dffd1cf49561d784d402332d42056603d50e8a08285401
GET /gtm.js?id=GTM-T3QSTG HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 04 Jul 2025 02:31:05 GMT
expires: Fri, 04 Jul 2025 02:31:05 GMT
cache-control: private, max-age=900
last-modified: Fri, 04 Jul 2025 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1319:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1319:0
report-to: {"group":"ascgcycc:1319:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1319:0"}],}
server: Google Tag Manager
content-length: 142145
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-c704a3f.js
200 OK 236 B URL GET static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-c704a3f.js
IP
ASN #209242 Cloudflare London, LLC
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerGoogle Trust Services
Subjectzdassets.com
Fingerprint40:8A:EF:A0:E5:D7:93:B0:A2:76:16:9F:1A:F5:8A:75:A4:23:77:BB
ValidityFri, 27 Jun 2025 15:36:10 GMT - Thu, 25 Sep 2025 16:36:08 GMT
File type JavaScript source, ASCII text, with no line terminators
Hash e9d8b92096016dfd74d2f2500556464e
0db4e74b955611b21791405af062346f34ac2eee
eb2902ff32366de00d3afa351aeceb1357d5a468eacbb2fd92cf115276d626cb
GET /web_widget/classic/latest/web-widget-chat-incoming-message-notification-c704a3f.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 02:31:08 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: MHOzPDAQP7io6FdtAeUJIsQ0RlGGMMjuOcMQKrNBwIDwHttLGF+9BiUTWFipAOmn3xu4d4Xr/us=
x-amz-request-id: YFQKBJAK33TS37PT
x-amz-replication-status: COMPLETED
last-modified: Mon, 30 Jun 2025 11:13:28 GMT
etag: W/"e9d8b92096016dfd74d2f2500556464e"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 30 Jun 2026 11:13:27 GMT
x-amz-version-id: 6Pptk15PQYWIAlYS.2VrulGD0Edv25aG
cf-cache-status: HIT
age: 308591
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NB6XLKdiHvmf9%2Ft5n%2BvYA8yHnEAO5mjnBEPUeIIc5ttbyLVlD0ilUQWAaupha3Oi5nM5PzLoTLuQbBtEg2S6zp%2BRMs7cWyAABxc3TQDSwZHkVvt4BRmsvTbM6bprTn6ZfHlQVug%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 959b346519da1d06-CPH
content-encoding: br
X-Firefox-Spdy: h2
GET fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap
200 OK 6.0 kB URL GET fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint58:09:05:96:27:31:E2:3D:AB:89:AD:1C:2E:C3:03:82:B0:27:3D:86
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT
Hash ad4adb190041d04e6164c90fbb8760ae
1eaa231c33964ad82a8391543bb074bbfb682dc9
bbdc0a431c4cc4d77f5ac24eb9233cef584e4d15702683b84b76a57eade5e712
GET /css2?family=Poppins:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 04 Jul 2025 02:30:56 GMT
date: Fri, 04 Jul 2025 02:30:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2
200 OK 7.9 kB URL GET fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Jul 2025 21:38:34 GMT
expires: Thu, 02 Jul 2026 21:38:34 GMT
cache-control: public, max-age=31536000
age: 103942
last-modified: Wed, 23 Apr 2025 16:05:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?gsessionid=vhYaB9bJSvyO4XePb0o0Xsa6jhXdLUQr_L0-9lDsYvc&VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&RID=rpc&SID=cbrFx5KmknrbOrX8dcCYIw&AID=2&CI=1&TYPE=xmlhttp&zx=hqqjh0dk83i3&t=1
200 OK 369 B URL GET firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?gsessionid=vhYaB9bJSvyO4XePb0o0Xsa6jhXdLUQr_L0-9lDsYvc&VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&RID=rpc&SID=cbrFx5KmknrbOrX8dcCYIw&AID=2&CI=1&TYPE=xmlhttp&zx=hqqjh0dk83i3&t=1
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subjectedgecert.googleapis.com
FingerprintAC:5A:C7:DF:4B:A5:8A:68:3F:CA:99:41:E6:43:4F:96:27:E8:9B:38
ValidityMon, 02 Jun 2025 08:39:28 GMT - Mon, 25 Aug 2025 08:39:27 GMT
Hash 8d5813ea5d4b76cd3c9801fa1a08c7ff
6935c45f3f07a2220970bbbb4bb3e92eb37bbec6
8bf95abced8bad8ef429437a7d39f5d69b3118ffeb22765eb55941aa805acdc0
GET /google.firestore.v1.Firestore/Write/channel?gsessionid=vhYaB9bJSvyO4XePb0o0Xsa6jhXdLUQr_L0-9lDsYvc&VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&RID=rpc&SID=cbrFx5KmknrbOrX8dcCYIw&AID=2&CI=1&TYPE=xmlhttp&zx=hqqjh0dk83i3&t=1 HTTP/1.1
Host: firestore.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
cache-control: private, max-age=0
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
content-encoding: gzip
date: Fri, 04 Jul 2025 02:31:01 GMT
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://urly.lat
vary: origin
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET event.getblue.io/p/?cId=D498E373-F05F-EE07-A7D3CD331092DEE4&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=2b3afdb2-7859-41d8-a192-94fbf473f9c0&ulc=daisycon&v=29092023-1023&tcs=&nocache=8127288412553.919
200 OK 0 B URL GET event.getblue.io/p/?cId=D498E373-F05F-EE07-A7D3CD331092DEE4&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=2b3afdb2-7859-41d8-a192-94fbf473f9c0&ulc=daisycon&v=29092023-1023&tcs=&nocache=8127288412553.919
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerAmazon
Subject*.getblue.io
Fingerprint0D:0B:C6:C1:FA:B5:66:5D:63:CA:70:6F:11:B1:90:39:FB:38:48:4A
ValidityThu, 28 Nov 2024 00:00:00 GMT - Sun, 28 Dec 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/?cId=D498E373-F05F-EE07-A7D3CD331092DEE4&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=2b3afdb2-7859-41d8-a192-94fbf473f9c0&ulc=daisycon&v=29092023-1023&tcs=&nocache=8127288412553.919 HTTP/1.1
Host: event.getblue.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 02:31:07 GMT
content-type: text/html;charset=UTF-8
content-length: 0
tagcontainer-version: 1224-26062025-1008
cache-control: no-cache
set-cookie: ckid=E520509B-67DC-4275-9FDC1C19478E040A; expires=Sat, 04 Jul 2026 02:31:07 -0000; domain=.getblue.io; path=/; secure; samesite=None
X-Firefox-Spdy: h2
GET impossibleentry.com/cXD.9j6ybn2I5ilCSIWrQ-9fNaj/QV3TMKzLY/w/O-SJ0L2/N/DtcxzWNjjUENwn
200 OK 36 kB URL GET impossibleentry.com/cXD.9j6ybn2I5ilCSIWrQ-9fNaj/QV3TMKzLY/w/O-SJ0L2/N/DtcxzWNjjUENwn
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerLet's Encrypt
Subjectimpossibleentry.com
FingerprintE0:CE:B0:15:B5:C6:B1:AC:B2:A5:68:92:73:16:5F:A5:A9:34:B6:EF
ValidityWed, 28 May 2025 14:04:45 GMT - Tue, 26 Aug 2025 14:04:44 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (21538)
Hash 0bf2f9c5f39ea85db39b047a0740ac87
5220efedf56644bc94a3084059fbac1f6a798065
f9ab91894dd3b3d31911c71546badf3dbbad6c47f2093e3193a05723131091e3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cXD.9j6ybn2I5ilCSIWrQ-9fNaj/QV3TMKzLY/w/O-SJ0L2/N/DtcxzWNjjUENwn HTTP/1.1
Host: impossibleentry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 04 Jul 2025 02:30:56 GMT
content-type: application/javascript
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
last-modified: Fri, 04 Jul 2025 02:30:56 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
set-cookie: kadSlcJ=eyJ0aW1lU3RhbXAiOjE3NTE1OTMyNTUsInpvbmVzIjp7IjYyODQ4NDYiOls2Mjg0ODQ2LDEsMTc1MTU5MzI1NV0sIjY0NzM2MDkiOls2NDczNjA5LDEsMTc1MTU5NjI1Nl19fQ==; max-age=1783132256; path=/
uniqCookie=767a580b9083a6adaecbbfc774446c21; max-age=1754188256; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
GET static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/no-json-c704a3f.js
200 OK 27 kB URL GET static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/no-json-c704a3f.js
IP
ASN #209242 Cloudflare London, LLC
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerGoogle Trust Services
Subjectzdassets.com
Fingerprint40:8A:EF:A0:E5:D7:93:B0:A2:76:16:9F:1A:F5:8A:75:A4:23:77:BB
ValidityFri, 27 Jun 2025 15:36:10 GMT - Thu, 25 Sep 2025 16:36:08 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (26938), with no line terminators
Hash 834ba844da5f67e222e4da955084269c
7e241614a881b7e4056d212f27e0ba89d69f2517
27ef9145a73516e55d5e82ae9980ab7f0f4e368f41ab77570f9181237152c680
GET /web_widget/classic/latest/web-widget-locales/classic/no-json-c704a3f.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 02:31:07 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: P/Ie/TR5GLKqpFq8Vsh6Jr6oB/lo9zkM+Kl2pY4rdQfB1eOVeAZiNFqbA1g4Lo0neeHhaFou0vOQl8DmEP0bsg==
x-amz-request-id: TY5H3X0P9WTPKPW8
x-amz-replication-status: COMPLETED
last-modified: Mon, 30 Jun 2025 11:13:32 GMT
etag: W/"ba1665babd220ec10f43f7002b642ac0"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 30 Jun 2026 11:13:31 GMT
x-amz-version-id: bNTpmXKYk_yO_4qWwYTQTUrqh1JoR4p.
cf-cache-status: HIT
age: 308588
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7R7u2kHuW0wdEezHBlorDVpR85XqWN9%2Bj2%2BTdx7%2FzaIs14Ne%2FyvpoR8mcV%2B6OcH%2FD2ygi%2FXx4EBeD6O4vBmfheqh2NUmLz08Ee8OW7y1WjBy6drjzCCF63dL1BYTAddZ2isiY1g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 959b345d094f1d06-CPH
content-encoding: br
X-Firefox-Spdy: h2
GET www.gstatic.com/firebasejs/11.7.0/firebase-firestore.js
200 OK 443 kB URL GET www.gstatic.com/firebasejs/11.7.0/firebase-firestore.js
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 443 kB (443302 bytes)
Hash a53578e6ffdfef679b79a2f2c07a274f
d30b8cd4ee54f7f4a257c95262883ff380e17dc3
38c4506ce8ff7d30ed8f1ef0fbd75e45e65b508e349ab3c52a0ac54d85fbd17c
GET /firebasejs/11.7.0/firebase-firestore.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 115230
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Jul 2025 17:15:10 GMT
expires: Fri, 03 Jul 2026 17:15:10 GMT
cache-control: public, max-age=31536000
age: 33346
last-modified: Wed, 07 May 2025 18:11:42 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET tzegilo.com/stattag.js
200 OK 18 kB IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subjecttzegilo.com
FingerprintBD:3B:17:0D:E4:BF:2D:A2:D2:DE:AD:AD:5B:4E:50:C8:BC:18:2A:3A
ValiditySat, 17 May 2025 12:47:13 GMT - Fri, 15 Aug 2025 13:41:30 GMT
File type JavaScript source, ASCII text, with very long lines (17229)
Hash 01227f5edc20e0ff4ed643b27cb8bb68
d71a88f7341f2b1bdaa7deb9a66888607bd52598
75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 02:30:57 GMT
content-type: application/javascript
server: cloudflare
last-modified: Thu, 11 Jul 2024 10:23:58 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=biJ66ohdE6KVV0EbW%2BfG%2Bs3zSkPKytb6sem%2BKwTqpopzKsQHFBaplloYeuHMvBEM6jot4qBUoGTb6ONBhVjaPa1%2BcTLC187C%2Fg%3D%3D"}]}
age: 1112
cache-control: max-age=14400
cf-cache-status: HIT
etag: W/"668fb2be-45d7"
content-encoding: br
cf-ray: 959b341f8bee712a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET wss://widget-mediator.zopim.com/s/W/ws/-tdZQ5z2+9cctO5g/c/1751596267569
101 Switching Protocols 0 B URL GET wss://widget-mediator.zopim.com/s/W/ws/-tdZQ5z2+9cctO5g/c/1751596267569
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerAmazon
Subject*.zopim.com
FingerprintF5:6D:E7:00:23:72:09:7B:2A:4D:A3:95:64:A6:78:46:FF:D5:69:C1
ValiditySun, 08 Sep 2024 00:00:00 GMT - Wed, 08 Oct 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/W/ws/-tdZQ5z2+9cctO5g/c/1751596267569 HTTP/1.1
Host: widget-mediator.zopim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.platekompaniet.no
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: A0lBwnvC6QXdYCgpE8XaDg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 04 Jul 2025 02:31:07 GMT
Connection: upgrade
Set-Cookie: AWSALB=p9015X3jwaJKPTe+Q9F5bAod54T+je4FoseaaDYK2CZvLByEN/eesBdEcc+KdQ2BCeUTFPNM9mVk5vH+JicDpTBTK3wgy5CBMR/pUQrOr8iqb1kDjDhK/JJbbm0T; Expires=Fri, 11 Jul 2025 02:31:07 GMT; Path=/
AWSALBCORS=p9015X3jwaJKPTe+Q9F5bAod54T+je4FoseaaDYK2CZvLByEN/eesBdEcc+KdQ2BCeUTFPNM9mVk5vH+JicDpTBTK3wgy5CBMR/pUQrOr8iqb1kDjDhK/JJbbm0T; Expires=Fri, 11 Jul 2025 02:31:07 GMT; Path=/; SameSite=None; Secure
Upgrade: websocket
Sec-WebSocket-Accept: 3FB8vorS1d7XrhH28fUL0Tz2u48=
POST fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=b0c484e1-24a6-4a42-a2a4-a42b4681238a
200 OK 12 B URL POST fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=b0c484e1-24a6-4a42-a2a4-a42b4681238a
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0
ValidityWed, 11 Dec 2024 00:00:00 GMT - Sun, 11 Jan 2026 23:59:59 GMT
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=b0c484e1-24a6-4a42-a2a4-a42b4681238a HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1405
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Fri, 04 Jul 2025 02:30:58 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://urly.lat
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
GET static.zdassets.com/ekr/snippet.js?key=aecfae2c-d58c-4312-9c4d-590429da92a5
200 OK 10 kB URL GET static.zdassets.com/ekr/snippet.js?key=aecfae2c-d58c-4312-9c4d-590429da92a5
IP
ASN #209242 Cloudflare London, LLC
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerGoogle Trust Services
Subjectzdassets.com
Fingerprint40:8A:EF:A0:E5:D7:93:B0:A2:76:16:9F:1A:F5:8A:75:A4:23:77:BB
ValidityFri, 27 Jun 2025 15:36:10 GMT - Thu, 25 Sep 2025 16:36:08 GMT
File type JavaScript source, ASCII text, with very long lines (10215), with no line terminators
Hash c88d625098ddb649cf216dba2e52435c
1385fd033122892210b8bbe0970b723bc873d38d
c7631939bbc2c74fc9a5fb1ee9565250a15bf95cc0e364da7fc5f15e3db41427
GET /ekr/snippet.js?key=aecfae2c-d58c-4312-9c4d-590429da92a5 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 02:31:04 GMT
content-type: application/javascript
x-amz-id-2: PXe4KVIgt95Iav7LbW5p99TBz1RS7hdlXqXzidpqdgRPVSSW0vtL1hki9u+SbsR/12/jaHk/O6FtS71Log0EegH0RBbdAr/4ox5ODzjUOVs=
x-amz-request-id: 5VMKGD2Q67VVKH9C
x-amz-replication-status: COMPLETED
last-modified: Mon, 04 Nov 2024 09:45:04 GMT
etag: W/"c88d625098ddb649cf216dba2e52435c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: C4qpYKgeT8.DeRlre_wbz3El4DCj0uok
cf-cache-status: HIT
age: 11
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BUU8GDMKq7FORq7p3Vc4CIp6E1SDJdPNN24kJvyt5oFC3gmSMr9fOlUs2B5cAG%2Bole1InPO5W0FqnlJC0JXsCMLejabj9HlvlMm8MpRK7CXqh1v3fZotX%2BhUJpBTkI8zBy%2FNVhA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 959b344ea86e1d06-CPH
content-encoding: br
X-Firefox-Spdy: h2
200 OK 24 kB IP
Certificate IssuerLet's Encrypt
Subjecturly.lat
Fingerprint7A:3E:AE:E2:93:78:9D:CE:27:F8:0A:5D:B5:48:2C:1A:F2:27:35:C7
ValidityTue, 01 Jul 2025 21:24:04 GMT - Mon, 29 Sep 2025 21:24:03 GMT
File type HTML document, Unicode text, UTF-8 text
Hash 82dd6b8c831763350215bfab474b81c1
7d658a9cc56026ec0e1d7c982b5cb051b88230ab
eec9e8ca1e09dcc7f7ce18b6466479bab904f4e52237107b359a0e54db329902
GET /r/y5kf5c HTTP/1.1
Host: urly.lat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
age: 29109
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 04 Jul 2025 02:30:55 GMT
etag: "35a4c52dac828434851bbfa33bc669d4-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01JZ9MBJD44A5HFW69T03NMN3A
content-length: 5941
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
200 OK 7.7 kB URL GET fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Jul 2025 21:38:58 GMT
expires: Thu, 02 Jul 2026 21:38:58 GMT
cache-control: public, max-age=31536000
age: 103918
last-modified: Wed, 23 Apr 2025 16:07:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET urly.lat/favicon.ico
200 OK 15 kB IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerLet's Encrypt
Subjecturly.lat
Fingerprint7A:3E:AE:E2:93:78:9D:CE:27:F8:0A:5D:B5:48:2C:1A:F2:27:35:C7
ValidityTue, 01 Jul 2025 21:24:04 GMT - Mon, 29 Sep 2025 21:24:03 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Hash edf236404af2e7eebb748d1187632386
46852f604a420c73cd33276c823bd5d6b4f9a273
e475e71dcf67b9332db0148b74f31506a585aaf356cfdaea96b095f1a5c5a7a8
GET /favicon.ico HTTP/1.1
Host: urly.lat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://urly.lat/r/y5kf5c
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
age: 43150
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/vnd.microsoft.icon
date: Fri, 04 Jul 2025 02:30:57 GMT
etag: "7a034c1e22849921aedb70fbaabef8e1-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01JZ9MBKTYBTKQWXND1AFDABPP
content-length: 15406
X-Firefox-Spdy: h2
GET consentcdn.cookiebot.com/consentconfig/46c9e9e9-aa9a-4daa-a318-f334626e1c36/state.js
200 OK 30 B URL GET consentcdn.cookiebot.com/consentconfig/46c9e9e9-aa9a-4daa-a318-f334626e1c36/state.js
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerDigiCert Inc
Subject*.cookiebot.com
Fingerprint09:D4:1E:A2:E6:1A:0F:56:67:3D:FB:CB:A2:73:77:10:6C:92:98:B2
ValiditySun, 29 Dec 2024 00:00:00 GMT - Wed, 07 Jan 2026 23:59:59 GMT
File type ASCII text, with no line terminators
Hash de49a87f336eb551f8c307a0e7b2c51c
4f672557720012ee693501df7f5341e4ed13e3dc
45a66e8922a9de33628e8b416ab06b22e439077537c2892d342eabd37090a162
GET /consentconfig/46c9e9e9-aa9a-4daa-a318-f334626e1c36/state.js HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "de49a87f336eb551f8c307a0e7b2c51c:1708511726.325948"
last-modified: Wed, 21 Feb 2024 10:35:26 GMT
server: AkamaiNetStorage
content-encoding: gzip
content-length: 50
cache-control: max-age=10401
expires: Fri, 04 Jul 2025 05:24:27 GMT
date: Fri, 04 Jul 2025 02:31:06 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1751596266244_388255494_419431191_18_619_7_0_21";dur=1
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
GET event.getblue.io/js/blue-tag.min.js
200 OK 9.3 kB URL GET event.getblue.io/js/blue-tag.min.js
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerAmazon
Subject*.getblue.io
Fingerprint0D:0B:C6:C1:FA:B5:66:5D:63:CA:70:6F:11:B1:90:39:FB:38:48:4A
ValidityThu, 28 Nov 2024 00:00:00 GMT - Sun, 28 Dec 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (9302), with no line terminators
Hash 80dc2ec9bdd504dbda92e8db9ab31223
48a83fe1009b3252c1e842a7edb3f1a26304cd2a
e93d3ddd95df3718056879b69c0220cc64ee2da9daf106317549ba4dc02f9677
GET /js/blue-tag.min.js HTTP/1.1
Host: event.getblue.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 02:31:06 GMT
content-type: application/javascript
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
etag: W/"9302-1751586123285"
last-modified: Thu, 03 Jul 2025 23:42:03 GMT
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
GET firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?gsessionid=vhYaB9bJSvyO4XePb0o0Xsa6jhXdLUQr_L0-9lDsYvc&VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&RID=rpc&SID=cbrFx5KmknrbOrX8dcCYIw&AID=0&CI=0&TYPE=xmlhttp&zx=m864fhc49s4w&t=1
200 OK 83 B URL GET firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?gsessionid=vhYaB9bJSvyO4XePb0o0Xsa6jhXdLUQr_L0-9lDsYvc&VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&RID=rpc&SID=cbrFx5KmknrbOrX8dcCYIw&AID=0&CI=0&TYPE=xmlhttp&zx=m864fhc49s4w&t=1
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subjectedgecert.googleapis.com
FingerprintAC:5A:C7:DF:4B:A5:8A:68:3F:CA:99:41:E6:43:4F:96:27:E8:9B:38
ValidityMon, 02 Jun 2025 08:39:28 GMT - Mon, 25 Aug 2025 08:39:27 GMT
Hash 0bafbbf784aba7ed4a35ccefc90be28b
e891aa24334e5727b56ea36520dc223683f76870
87faf9d531c6703d042b098eb42ae6c25a5df1a49c619fe5360ed442cd03d8fb
GET /google.firestore.v1.Firestore/Write/channel?gsessionid=vhYaB9bJSvyO4XePb0o0Xsa6jhXdLUQr_L0-9lDsYvc&VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&RID=rpc&SID=cbrFx5KmknrbOrX8dcCYIw&AID=0&CI=0&TYPE=xmlhttp&zx=m864fhc49s4w&t=1 HTTP/1.1
Host: firestore.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
x-debug-tracking-id: 5954482176620463741;o=0
vary: Referer, origin
cache-control: private, max-age=0
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
content-encoding: gzip
date: Fri, 04 Jul 2025 02:31:01 GMT
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://urly.lat
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET groleegni.net/impression/j_mpQ0WjlkbaW13PhMPVKT1dsWdhfX1etNbTTn7PeYkFKepsphsGC8TvJJYQEFICbNAu2QOoa_HCULj7UexaJ3fp0VH7V80GW49gP_Ig1UQxxhgsKXbWuBq7gsrnGH7mXwOGMGYtLXy-baFil9-4LswzS-BMH_KkWAV45aDgOV69S9nVUc2L6FUiLdeYIhAmmukIZlbQeG6vDdGkKyYcqMfly-L2bJHZtOYj2qAiqTpTejGlVVC01rMmHx6AmxKoWUoEOqUH2P37Y9pFRjL8X0yiQREAYi3dbw9klPp1hN2jzfVPrSxF0xs9RVkfJIpWlcCLPaaCtnu_bRp7ud7hfyXzrGMExm_EI2paxQzBOmcDkkaek-8Alg2VEBIA5yJK2C7vzJGwIj5LKgEFNNcyDlSUKe6x2lks2kbVsHue_Xl_dNYeJvGArpmW70YfYO23UFF3RVkVqrAc_ULfoY8E4fbEjaUJ0qnM5MBOMeM-QLoPmqDXAZZ95IGf1Q-WVIPCQSA_we8P8vTpmr94B-3Os3Is8t26JiFLPxbxyo8y7y5Pn914tfanReAQNlIrNsWwN5YTtUo0kaVtjkHEpzEMvUVQZboozMUVC9SxMofhgTPp2LJU-MBjobG949ZH7JBq6lU_nZ1pA7TSpKFEpCrco1Yp1UrBnuIf0srSjjDk-FQgQ9WhV5nzsUXk_JjwVr115vU72E2_ykbX_DSMH9um7k3A9pnH3Eern-_bpPa-uGj2a1QKJSaczugR0HsWG5Kua_-3k_e5v3zWdOvHUNaadfe6_i2QiMZK462BMeCtc9ID7QNFEA2JiS7NDF0h2NLXq_TaM5_ffJA7cvpr1si5cxQnDiH4H3I44NDYYG9_Xskq3wZt1-Rv6NO--Oc=?_z=9519021&js_build=8&sw_version=v1.659.0&dmn=groleegni.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Furly.lat%2Fr%2Fy5kf5c&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&bto=0&btz=UTC&jsp=1
200 OK 43 B URL GET groleegni.net/impression/j_mpQ0WjlkbaW13PhMPVKT1dsWdhfX1etNbTTn7PeYkFKepsphsGC8TvJJYQEFICbNAu2QOoa_HCULj7UexaJ3fp0VH7V80GW49gP_Ig1UQxxhgsKXbWuBq7gsrnGH7mXwOGMGYtLXy-baFil9-4LswzS-BMH_KkWAV45aDgOV69S9nVUc2L6FUiLdeYIhAmmukIZlbQeG6vDdGkKyYcqMfly-L2bJHZtOYj2qAiqTpTejGlVVC01rMmHx6AmxKoWUoEOqUH2P37Y9pFRjL8X0yiQREAYi3dbw9klPp1hN2jzfVPrSxF0xs9RVkfJIpWlcCLPaaCtnu_bRp7ud7hfyXzrGMExm_EI2paxQzBOmcDkkaek-8Alg2VEBIA5yJK2C7vzJGwIj5LKgEFNNcyDlSUKe6x2lks2kbVsHue_Xl_dNYeJvGArpmW70YfYO23UFF3RVkVqrAc_ULfoY8E4fbEjaUJ0qnM5MBOMeM-QLoPmqDXAZZ95IGf1Q-WVIPCQSA_we8P8vTpmr94B-3Os3Is8t26JiFLPxbxyo8y7y5Pn914tfanReAQNlIrNsWwN5YTtUo0kaVtjkHEpzEMvUVQZboozMUVC9SxMofhgTPp2LJU-MBjobG949ZH7JBq6lU_nZ1pA7TSpKFEpCrco1Yp1UrBnuIf0srSjjDk-FQgQ9WhV5nzsUXk_JjwVr115vU72E2_ykbX_DSMH9um7k3A9pnH3Eern-_bpPa-uGj2a1QKJSaczugR0HsWG5Kua_-3k_e5v3zWdOvHUNaadfe6_i2QiMZK462BMeCtc9ID7QNFEA2JiS7NDF0h2NLXq_TaM5_ffJA7cvpr1si5cxQnDiH4H3I44NDYYG9_Xskq3wZt1-Rv6NO--Oc=?_z=9519021&js_build=8&sw_version=v1.659.0&dmn=groleegni.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Furly.lat%2Fr%2Fy5kf5c&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&bto=0&btz=UTC&jsp=1
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerLet's Encrypt
Subjectgroleegni.net
Fingerprint28:1C:F0:34:3B:7F:25:68:FC:46:BF:94:D2:EE:CE:00:1B:63:61:00
ValidityWed, 23 Apr 2025 05:47:49 GMT - Tue, 22 Jul 2025 05:47:48 GMT
File type GIF image data, version 89a, 1 x 1
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impression/j_mpQ0WjlkbaW13PhMPVKT1dsWdhfX1etNbTTn7PeYkFKepsphsGC8TvJJYQEFICbNAu2QOoa_HCULj7UexaJ3fp0VH7V80GW49gP_Ig1UQxxhgsKXbWuBq7gsrnGH7mXwOGMGYtLXy-baFil9-4LswzS-BMH_KkWAV45aDgOV69S9nVUc2L6FUiLdeYIhAmmukIZlbQeG6vDdGkKyYcqMfly-L2bJHZtOYj2qAiqTpTejGlVVC01rMmHx6AmxKoWUoEOqUH2P37Y9pFRjL8X0yiQREAYi3dbw9klPp1hN2jzfVPrSxF0xs9RVkfJIpWlcCLPaaCtnu_bRp7ud7hfyXzrGMExm_EI2paxQzBOmcDkkaek-8Alg2VEBIA5yJK2C7vzJGwIj5LKgEFNNcyDlSUKe6x2lks2kbVsHue_Xl_dNYeJvGArpmW70YfYO23UFF3RVkVqrAc_ULfoY8E4fbEjaUJ0qnM5MBOMeM-QLoPmqDXAZZ95IGf1Q-WVIPCQSA_we8P8vTpmr94B-3Os3Is8t26JiFLPxbxyo8y7y5Pn914tfanReAQNlIrNsWwN5YTtUo0kaVtjkHEpzEMvUVQZboozMUVC9SxMofhgTPp2LJU-MBjobG949ZH7JBq6lU_nZ1pA7TSpKFEpCrco1Yp1UrBnuIf0srSjjDk-FQgQ9WhV5nzsUXk_JjwVr115vU72E2_ykbX_DSMH9um7k3A9pnH3Eern-_bpPa-uGj2a1QKJSaczugR0HsWG5Kua_-3k_e5v3zWdOvHUNaadfe6_i2QiMZK462BMeCtc9ID7QNFEA2JiS7NDF0h2NLXq_TaM5_ffJA7cvpr1si5cxQnDiH4H3I44NDYYG9_Xskq3wZt1-Rv6NO--Oc=?_z=9519021&js_build=8&sw_version=v1.659.0&dmn=groleegni.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Furly.lat%2Fr%2Fy5kf5c&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&bto=0&btz=UTC&jsp=1 HTTP/1.1
Host: groleegni.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Cookie: OAID=0801fccf7c2b4be1fe4c96b214fc90c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 04 Jul 2025 02:31:03 GMT
content-type: image/gif
content-length: 43
x-trace-id: 973152c3348e72ca90bf1ab915727168
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
GET www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
200 OK 63 kB URL GET www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerLet's Encrypt
Subjectplatekompaniet.no
FingerprintF0:8B:97:31:84:4A:61:8A:AA:85:C9:9B:AB:C2:F5:D0:E6:7C:43:31
ValidityThu, 22 May 2025 18:02:49 GMT - Wed, 20 Aug 2025 18:02:48 GMT
File type HTML document, ASCII text, with very long lines (53049)
Hash f2a48b383deb689ee748012e9286d7a8
55792566fb393c3fd07fd118579d2f7652196db8
405591f8c96c51eaa4111c9dbdf27a4d88d598b13ca7a5a150001c7ec029b81f
GET /?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate HTTP/1.1
Host: www.platekompaniet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://r.linksprf.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
etag: W/"f5e3-VXklZvs5PD/Qf9EYV50vdlIZbbg"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 04 Jul 2025 02:31:04 GMT
x-served-by: cache-bma-essb1270043-BMA, cache-hel1410024-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
vary: Accept-Encoding,Cookie
strict-transport-security: max-age=31557600
X-Firefox-Spdy: h2
GET static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-c704a3f.js
200 OK 222 kB URL GET static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-c704a3f.js
IP
ASN #209242 Cloudflare London, LLC
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerGoogle Trust Services
Subjectzdassets.com
Fingerprint40:8A:EF:A0:E5:D7:93:B0:A2:76:16:9F:1A:F5:8A:75:A4:23:77:BB
ValidityFri, 27 Jun 2025 15:36:10 GMT - Thu, 25 Sep 2025 16:36:08 GMT
File type JavaScript source, ASCII text, with very long lines (65307)
Size 222 kB (222450 bytes)
Hash 08a68a7308737a004b2991aa3dd00688
40fe1ddf2616c7017f645c08bc6cab484d082a4b
f33c7bd75e8107b0e2c531d98af84d90780d913f9246e796ea633d948d91f709
GET /web_widget/classic/latest/web-widget-chat-sdk-c704a3f.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 02:31:07 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: 3/fBxMSkXfBG/HCdQHdupn3CIg1/AFeXZs1qKHYCChGaJsWUQxa7VNP7Nd/FBLi+o4yWS4bDgTY=
x-amz-request-id: AGGN5F935CATGJH0
x-amz-replication-status: COMPLETED
last-modified: Mon, 30 Jun 2025 11:13:29 GMT
etag: W/"08a68a7308737a004b2991aa3dd00688"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 30 Jun 2026 11:13:27 GMT
x-amz-version-id: 4UxWLW4NkvtK.XIPYw2142R28oxvSBf2
cf-cache-status: HIT
age: 308591
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DltOTbQiSuQSljRDuXQ2I8DwDwD%2Fz5arYxt%2B4e6N3VZ5fXahONLNS95ePKAG1b5CXhZvjjXzFzWHxNICvkGFTOOtvlEjDMAKOoJ80Vl0dS2HKquUOMmzOhDE5exJLW4C5puKUlM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 959b345d29501d06-CPH
content-encoding: br
X-Firefox-Spdy: h2
GET widget.getblue.io/event/?cId=D498E373-F05F-EE07-A7D3CD331092DEE4&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=2b3afdb2-7859-41d8-a192-94fbf473f9c0&ulc=daisycon&v=29092023-1023&if=1&nocache=2173100889933.367
200 OK 0 B URL GET widget.getblue.io/event/?cId=D498E373-F05F-EE07-A7D3CD331092DEE4&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=2b3afdb2-7859-41d8-a192-94fbf473f9c0&ulc=daisycon&v=29092023-1023&if=1&nocache=2173100889933.367
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerAmazon
Subject*.getblue.io
Fingerprint0D:0B:C6:C1:FA:B5:66:5D:63:CA:70:6F:11:B1:90:39:FB:38:48:4A
ValidityThu, 28 Nov 2024 00:00:00 GMT - Sun, 28 Dec 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event/?cId=D498E373-F05F-EE07-A7D3CD331092DEE4&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=2b3afdb2-7859-41d8-a192-94fbf473f9c0&ulc=daisycon&v=29092023-1023&if=1&nocache=2173100889933.367 HTTP/1.1
Host: widget.getblue.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 02:31:07 GMT
content-type: text/html;charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2
200 OK 150 kB URL GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
File type Web Open Font Format (Version 2), TrueType, length 150124, version 772.256
Size 150 kB (150124 bytes)
Hash c64278386c2bbb5e293e11b94ca2f6d1
6b99aa650bd12a36caa14e0127435d8f4cd3ba73
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 04 Jul 2025 02:30:56 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150124
cf-ray: 959b341a392356b4-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-24a6c"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 68255
expires: Wed, 24 Jun 2026 02:30:56 GMT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Otr6iBfW8LMmp7MnXNM9OIAQVQiReicmajyx9vKMWqTO5DB7WJpaEByHnltN0FAEz2PYh%2FMjBsI%2Fs5vdyvyU6%2BaqwSoIkwTnuy3NXydwq2IuYZ1jgdgd2Of6i1Hvbyf4iNFADiad"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET www.platekompaniet.no/buildid.json?1751596264566
200 OK 20 B URL GET www.platekompaniet.no/buildid.json?1751596264566
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerLet's Encrypt
Subjectplatekompaniet.no
FingerprintF0:8B:97:31:84:4A:61:8A:AA:85:C9:9B:AB:C2:F5:D0:E6:7C:43:31
ValidityThu, 22 May 2025 18:02:49 GMT - Wed, 20 Aug 2025 18:02:48 GMT
Hash 3a6943a54202538a25943792176f66d9
945a59018ddd90a0f566c1ffd56d9b1d4051cff1
454507597c1290d504d96a0d143cfe8264d12ca9cc779ce9fe4c2f1e619a20c6
GET /buildid.json?1751596264566 HTTP/1.1
Host: www.platekompaniet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM1ODY4MzkiLCJhcCI6IjExMjAxNTgxODAiLCJpZCI6IjMzZWE1NzYwOTc4YTZlMWIiLCJ0ciI6ImQ5MDk3MzhmNzQwODUwNDM3YjEwNTkyOTlmNjg4NDAwIiwidGkiOjE3NTE1OTYyNjQ1NjcsInRrIjoiMTMyMjg0MCJ9fQ==
traceparent: 00-d909738f740850437b1059299f688400-33ea5760978a6e1b-01
tracestate: 1322840@nr=0-1-3586839-1120158180-33ea5760978a6e1b----1751596264567
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
last-modified: Thu, 03 Jul 2025 10:33:37 GMT
etag: W/"68665c81-14"
expires: Sat, 04 Jul 2026 02:31:04 GMT
cache-control: max-age=31536000
content-encoding: gzip
accept-ranges: bytes
age: 0
date: Fri, 04 Jul 2025 02:31:04 GMT
x-served-by: cache-bma-essb1270031-BMA, cache-hel1410024-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 40
X-Firefox-Spdy: h2
POST sentry2.integrations.convert.no/api/3/store/?sentry_key=805805f9164247f9aaa30ee3f2ab5528&sentry_version=7
200 OK 41 B URL POST sentry2.integrations.convert.no/api/3/store/?sentry_key=805805f9164247f9aaa30ee3f2ab5528&sentry_version=7
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerAmazon
Subject*.integrations.convert.no
Fingerprint72:C6:B4:50:67:F4:68:A3:56:39:C6:7D:69:3F:76:70:EC:63:00:A3
ValidityWed, 23 Apr 2025 00:00:00 GMT - Sat, 23 May 2026 23:59:59 GMT
Hash 55f2f8581b3a97b89422f9df663aa74f
46f0bb79aab39dff0f903b235f74075c2a57b97e
23cfb7553f7a18c69cc9dbc35cfcdcd692959c1ceb9ebeeeaaad16c5e08253b3
POST /api/3/store/?sentry_key=805805f9164247f9aaa30ee3f2ab5528&sentry_version=7 HTTP/1.1
Host: sentry2.integrations.convert.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.platekompaniet.no/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1087
Origin: https://www.platekompaniet.no
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 02:31:06 GMT
content-type: application/json
content-length: 41
access-control-allow-origin: https://www.platekompaniet.no
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
vary: Origin
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
POST firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&gsessionid=vhYaB9bJSvyO4XePb0o0Xsa6jhXdLUQr_L0-9lDsYvc&SID=cbrFx5KmknrbOrX8dcCYIw&RID=96558&AID=2&zx=wddb5uya8a7r&t=1
200 OK 10 B URL POST firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&gsessionid=vhYaB9bJSvyO4XePb0o0Xsa6jhXdLUQr_L0-9lDsYvc&SID=cbrFx5KmknrbOrX8dcCYIw&RID=96558&AID=2&zx=wddb5uya8a7r&t=1
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subjectedgecert.googleapis.com
FingerprintAC:5A:C7:DF:4B:A5:8A:68:3F:CA:99:41:E6:43:4F:96:27:E8:9B:38
ValidityMon, 02 Jun 2025 08:39:28 GMT - Mon, 25 Aug 2025 08:39:27 GMT
Hash ace1abe40e27362d2652a27491b7d8a6
7dff6d210871c666e0cfc6b449105ba7e72a7803
af99f1eb4753a5af2ca76ec10624055514fc0dd9662f5a2b057ace7a97edf280
POST /google.firestore.v1.Firestore/Write/channel?VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&gsessionid=vhYaB9bJSvyO4XePb0o0Xsa6jhXdLUQr_L0-9lDsYvc&SID=cbrFx5KmknrbOrX8dcCYIw&RID=96558&AID=2&zx=wddb5uya8a7r&t=1 HTTP/1.1
Host: firestore.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 537
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/plain; charset=utf-8
content-encoding: gzip
date: Fri, 04 Jul 2025 02:31:01 GMT
server: ESF
content-length: 30
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://urly.lat
vary: origin
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET consent.cookiebot.com/uc.js
200 OK 114 kB URL GET consent.cookiebot.com/uc.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerDigiCert Inc
Subjectconsent.cookiebot.com
Fingerprint7E:96:84:41:5E:20:EB:F3:ED:7D:A0:AD:B1:20:27:63:EE:D6:CD:48
ValidityMon, 30 Dec 2024 00:00:00 GMT - Wed, 07 Jan 2026 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65499)
Size 114 kB (113942 bytes)
Hash 1c3989d533584a23cf7fa9a7670e0571
d685b68d361e9b1ba0610bf2fbf45aab4d061619
69fb2cba2483f1cf198fe20dae521667262877382a82d14145c40bc31a4fb579
GET /uc.js HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 27 Jun 2025 10:04:30 GMT
accept-ranges: bytes
etag: "2af0abdf4ae7db1:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 34775
cache-control: public, max-age=1189
expires: Fri, 04 Jul 2025 02:50:53 GMT
date: Fri, 04 Jul 2025 02:31:04 GMT
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
GET consentcdn.cookiebot.com/sdk/bc-v4.min.html
200 OK 627 B URL GET consentcdn.cookiebot.com/sdk/bc-v4.min.html
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerDigiCert Inc
Subject*.cookiebot.com
Fingerprint09:D4:1E:A2:E6:1A:0F:56:67:3D:FB:CB:A2:73:77:10:6C:92:98:B2
ValiditySun, 29 Dec 2024 00:00:00 GMT - Wed, 07 Jan 2026 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (627), with no line terminators
Hash 3d08665fa4c7bcf9fa2dcbbc7efe1d0f
ba57ecee011a4b99d4bb56707325c8e4d0fb8a2b
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Sat, 04 Jul 2026 02:31:05 GMT
date: Fri, 04 Jul 2025 02:31:05 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1751596265170_388255494_419431050_25_861_10_28_21";dur=1
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
GET www.platekompaniet.no/fonts/Averta%20Regular.woff2
200 OK 67 kB URL GET www.platekompaniet.no/fonts/Averta%20Regular.woff2
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerLet's Encrypt
Subjectplatekompaniet.no
FingerprintF0:8B:97:31:84:4A:61:8A:AA:85:C9:9B:AB:C2:F5:D0:E6:7C:43:31
ValidityThu, 22 May 2025 18:02:49 GMT - Wed, 20 Aug 2025 18:02:48 GMT
File type Web Open Font Format (Version 2), TrueType, length 66796, version 1.524
Hash ac872d5af76e8e5d81a1e8cdce8f8aa9
fa94fe0ae7f7534598f31c5b801d5b15c579dca7
505d3098711b423a47b1652cfa6586b04f36580a6c814543c7d2a4b96688b5de
GET /fonts/Averta%20Regular.woff2 HTTP/1.1
Host: www.platekompaniet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Mon, 24 Apr 2023 17:01:55 GMT
etag: "6446b603-104ec"
expires: Tue, 30 Jun 2026 09:01:57 GMT
cache-control: max-age=31536000
accept-ranges: bytes
date: Fri, 04 Jul 2025 02:31:05 GMT
age: 322148
x-served-by: cache-bma-essb1270077-BMA, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 16, 6
vary:
strict-transport-security: max-age=31557600
content-length: 66796
X-Firefox-Spdy: h2
GET al5sm.com/tag.min.js
200 OK 108 kB IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subjectal5sm.com
FingerprintFC:50:A0:98:8E:C7:B9:52:E4:7A:F9:78:1A:74:FE:90:E9:1C:06:78
ValidityWed, 14 May 2025 10:24:48 GMT - Tue, 12 Aug 2025 11:22:30 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 108 kB (107974 bytes)
Hash e9686cc9714c32e2910d6f703e954e40
a84ce292400e59d19ebe4d82212a31276a47bdf7
ab785235d0443f023c4d9ec4afa356d04bc5f343571d1e578a56b854635d5796
GET /tag.min.js HTTP/1.1
Host: al5sm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 02:30:56 GMT
content-type: application/javascript
server: cloudflare
x-trace-id: ae7113ed077185954e6a48f74293f6fe
cache-control: public, max-age=600, s-maxage=1800
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
age: 819
cf-cache-status: HIT
last-modified: Fri, 04 Jul 2025 02:17:16 GMT
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=F9YBi2tCmTDlYG5ynwGiZqDYWy1KlJycn1fxEDNrgA%2FmJkVElKLlCRA51HzG7bA2uLhoyu0bio3TL9k6BqvVVb8HXnj8Vqs%3D"}]}
cf-ray: 959b341a0de2b500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
200 OK 8.0 kB URL GET fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Jul 2025 21:38:15 GMT
expires: Thu, 02 Jul 2026 21:38:15 GMT
cache-control: public, max-age=31536000
age: 103961
last-modified: Wed, 23 Apr 2025 16:07:17 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
POST klmmnd.com/v1/634b77cf-84a0-477c-a91b-c4ce534e22ff
204 No Content 0 B URL POST klmmnd.com/v1/634b77cf-84a0-477c-a91b-c4ce534e22ff
IP
ASN #60068 Datacamp Limited
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerLet's Encrypt
Subjectklmmnd.com
Fingerprint61:A0:2D:9B:1F:C5:6B:60:E3:93:C4:81:D2:36:07:30:A9:7D:6F:01
ValidityFri, 06 Jun 2025 09:37:41 GMT - Thu, 04 Sep 2025 09:37:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/634b77cf-84a0-477c-a91b-c4ce534e22ff HTTP/1.1
Host: klmmnd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 106
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 04 Jul 2025 02:30:56 GMT
server: BunnyCDN-DE1-864
cdn-pullzone: 3663465
cdn-uid: 5ceed8e7-cd08-4fa9-9fd5-2c309512d291
cdn-requestcountrycode: NO
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: public, max-age=0
cdn-proxyver: 1.31
cdn-requestpullsuccess: True
cdn-requestpullcode: 204
cdn-cachedat: 07/04/2025 02:30:56
cdn-edgestorageid: 864
cdn-requestid: 6d3137275fd5eb6a226cf35d271dda2c
cdn-requesttime: 0
X-Firefox-Spdy: h2
GET r.linksprf.com/v1/redirect?yk_tag=abhe58luwcvmu15tbu9fiakq&type=linkId&id=724995c67e2e411bb0c1993c92ff0ead&api_key=9fc4e996309a71593ec11abc32134106&site_id=73e8ce88e6254cc8a21b08494c7f252f&dch=feed&ad_t=advertiser
302 Found 1.6 kB URL GET r.linksprf.com/v1/redirect?yk_tag=abhe58luwcvmu15tbu9fiakq&type=linkId&id=724995c67e2e411bb0c1993c92ff0ead&api_key=9fc4e996309a71593ec11abc32134106&site_id=73e8ce88e6254cc8a21b08494c7f252f&dch=feed&ad_t=advertiser
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerLet's Encrypt
Subjectlinksprf.com
FingerprintAB:C3:2C:B3:64:8F:9E:65:81:53:CD:46:B2:C2:83:47:62:7F:99:4D
ValiditySat, 17 May 2025 04:43:47 GMT - Fri, 15 Aug 2025 04:43:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/redirect?yk_tag=abhe58luwcvmu15tbu9fiakq&type=linkId&id=724995c67e2e411bb0c1993c92ff0ead&api_key=9fc4e996309a71593ec11abc32134106&site_id=73e8ce88e6254cc8a21b08494c7f252f&dch=feed&ad_t=advertiser HTTP/1.1
Host: r.linksprf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 04 Jul 2025 02:31:03 GMT
content-length: 0
set-cookie: ykuid=6654e77d0b6349cca1d36b5035124d3c; Path=/; Secure; Domain=.linksprf.com; Max-Age=31536000; SameSite=None
JSESSIONID=CBB3E5F19C7B815EDF38CC3B488FFE18; Path=/; HttpOnly
location: /v2/go?t=mtcpr%3At%2Fscipyaaeao3pwnfe5.focc9%3F8ib12280cl5%3D6887e78%263i%3D2s5%2679%267s2v73c440c1b8584d82d23c867c169a760d06010d%3D4w38e9w52%3D7we5c382e12i4%26c8a91%3D0s4%2F4%2F7n2t2i%26asm%3Dkntllt.cds%2Fas.toh&e=1&ai=395de5ec606c470eadb8cfa029f1439c&sct=0&ct=1751596263188&cu=1d72823cd68c465ab6cd46c17d24739e&cs=872b518f0360506234b51bdabd26ecd2
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
GET groleegni.net/401/9519021
200 OK 173 kB URL GET groleegni.net/401/9519021
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerLet's Encrypt
Subjectgroleegni.net
Fingerprint28:1C:F0:34:3B:7F:25:68:FC:46:BF:94:D2:EE:CE:00:1B:63:61:00
ValidityWed, 23 Apr 2025 05:47:49 GMT - Tue, 22 Jul 2025 05:47:48 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 173 kB (173429 bytes)
Hash 52c8b4965407cb3b9a571321db5a1d46
23aa007703d821371a260d123b3976d757c1a82b
1f5cd6d575028ad4c03af078033ee16b9659313b630a3d9e484bf9a997d0f40c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /401/9519021 HTTP/1.1
Host: groleegni.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 04 Jul 2025 02:30:56 GMT
content-type: application/javascript
x-trace-id: a3a50dfe66627b8140c7c0947e61d815
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0301fce9cc7a415eeee02986a2fb87ed; expires=Sat, 04 Jul 2026 02:30:56 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
POST impossibleentry.com/Y.2-xzpAZBWC5_0EZFGGFH0-YJTK9LyMc_mOlPkQPRT-AT5UNV2WF_mYNZjaIb0-YdTeEfxgY_jiljhkYlz-UnzoMpGqZ_msMtzuAvy-ZxDykz4AM_zCAD4EMFW-RHmI
200 OK 0 B URL POST impossibleentry.com/Y.2-xzpAZBWC5_0EZFGGFH0-YJTK9LyMc_mOlPkQPRT-AT5UNV2WF_mYNZjaIb0-YdTeEfxgY_jiljhkYlz-UnzoMpGqZ_msMtzuAvy-ZxDykz4AM_zCAD4EMFW-RHmI
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerLet's Encrypt
Subjectimpossibleentry.com
FingerprintE0:CE:B0:15:B5:C6:B1:AC:B2:A5:68:92:73:16:5F:A5:A9:34:B6:EF
ValidityWed, 28 May 2025 14:04:45 GMT - Tue, 26 Aug 2025 14:04:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /Y.2-xzpAZBWC5_0EZFGGFH0-YJTK9LyMc_mOlPkQPRT-AT5UNV2WF_mYNZjaIb0-YdTeEfxgY_jiljhkYlz-UnzoMpGqZ_msMtzuAvy-ZxDykz4AM_zCAD4EMFW-RHmI HTTP/1.1
Host: impossibleentry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 48
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 04 Jul 2025 02:30:56 GMT
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
X-Firefox-Spdy: h2
OPTIONS groleegni.net/500/9519021?excludes=&oaid=0801fccf7c2b4be1fe4c96b214fc90c5&var=&ymid=&tgp=&js_build=8&sw_version=v1.659.0&dmn=groleegni.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Furly.lat%2Fr%2Fy5kf5c&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&bto=0&btz=UTC&jsp=1
200 OK 0 B URL OPTIONS groleegni.net/500/9519021?excludes=&oaid=0801fccf7c2b4be1fe4c96b214fc90c5&var=&ymid=&tgp=&js_build=8&sw_version=v1.659.0&dmn=groleegni.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Furly.lat%2Fr%2Fy5kf5c&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&bto=0&btz=UTC&jsp=1
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerLet's Encrypt
Subjectgroleegni.net
Fingerprint28:1C:F0:34:3B:7F:25:68:FC:46:BF:94:D2:EE:CE:00:1B:63:61:00
ValidityWed, 23 Apr 2025 05:47:49 GMT - Tue, 22 Jul 2025 05:47:48 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /500/9519021?excludes=&oaid=0801fccf7c2b4be1fe4c96b214fc90c5&var=&ymid=&tgp=&js_build=8&sw_version=v1.659.0&dmn=groleegni.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Furly.lat%2Fr%2Fy5kf5c&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&bto=0&btz=UTC&jsp=1 HTTP/1.1
Host: groleegni.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://urly.lat/
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 04 Jul 2025 02:30:57 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://urly.lat
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=G-3X8HTC7CJ3&cx=c>m=45He5710v6759650za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684208~104684211~104718208~104839054~104839056~104885889~104885891
200 OK 480 kB URL GET www.googletagmanager.com/gtag/js?id=G-3X8HTC7CJ3&cx=c>m=45He5710v6759650za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684208~104684211~104718208~104839054~104839056~104885889~104885891
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint79:AA:03:D4:F6:6B:0F:61:E5:C5:AB:19:F4:A5:5D:DC:97:80:AF:DA
ValidityMon, 02 Jun 2025 08:35:30 GMT - Mon, 25 Aug 2025 08:35:29 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (22103)
Size 480 kB (479626 bytes)
Hash a0dd192162978791a5d97a60428004ed
f38c828683b2771c6cd15a23e9d082f45eee6a7d
6e1f8e68dddd66446fd1cc5e5c27cab86f6f07a33d9fa942907d6f39a93f6fe7
GET /gtag/js?id=G-3X8HTC7CJ3&cx=c>m=45He5710v6759650za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684208~104684211~104718208~104839054~104839056~104885889~104885891 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 04 Jul 2025 02:31:06 GMT
expires: Fri, 04 Jul 2025 02:31:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 150744
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-c704a3f.js
200 OK 26 kB URL GET static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-c704a3f.js
IP
ASN #209242 Cloudflare London, LLC
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerGoogle Trust Services
Subjectzdassets.com
Fingerprint40:8A:EF:A0:E5:D7:93:B0:A2:76:16:9F:1A:F5:8A:75:A4:23:77:BB
ValidityFri, 27 Jun 2025 15:36:10 GMT - Thu, 25 Sep 2025 16:36:08 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (25882), with no line terminators
Hash ab9bdda3847e8d3b65353203cfa2118a
2afc6f4f6400dc58aa45e14eb3cb75194b351646
b9cc9a0c33e8f0a92ae6b066dffd5f6f1dbb8da33010b8898297e44e4a66334a
GET /web_widget/classic/latest/web-widget-locales/classic/en-us-json-c704a3f.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 02:31:06 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: vq12NrxD10KTPNiPB7ZZNKfjCDJFi19cvlIK2Ot/svBwnrHQ22MEAY3SK5ovnmLNJzy0yFRIaeY=
x-amz-request-id: RYKX4VZ96PSQD8P9
x-amz-replication-status: COMPLETED
last-modified: Mon, 30 Jun 2025 11:13:31 GMT
etag: W/"ab9bdda3847e8d3b65353203cfa2118a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 30 Jun 2026 11:13:29 GMT
x-amz-version-id: 8D7WZ35w7tJo8NGF6zyp0_M2E9edJVkU
cf-cache-status: HIT
age: 308589
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XQwznDCy4CDz9ycMAA4fUOlekXktEn84Tdr6nX8pzAjKgIlPiasA2iuvc81KyMmlPHEm0IBDpyqXh2J6uFP3VRBnmWNc6pAfRgr80M0MniZeyRws8BiPExaWh57ab8mSa5s4r%2BY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 959b345c694b1d06-CPH
content-encoding: br
X-Firefox-Spdy: h2
GET ss.mrmnd.com/dynamic.js
200 OK 15 kB IP
ASN #60068 Datacamp Limited
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerLet's Encrypt
Subjectss.mrmnd.com
FingerprintDE:94:27:6F:89:42:6A:C9:1E:6D:2C:FA:4C:45:94:EE:B2:4E:AC:3D
ValidityWed, 02 Jul 2025 05:13:48 GMT - Tue, 30 Sep 2025 05:13:47 GMT
File type JavaScript source, ASCII text, with very long lines (15216)
Hash 7c5cc02bafec6812891cf2b58e07fa82
e4cced8de425f5e4fe72d6635c705f1287f94ca2
40930a406c59ebc60478f08a95ac266f5e218af8f506e1c329fa7090f818db3a
GET /dynamic.js HTTP/1.1
Host: ss.mrmnd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 02:30:56 GMT
content-type: application/javascript
server: BunnyCDN-DE1-864
cdn-pullzone: 1495838
cdn-uid: 5ceed8e7-cd08-4fa9-9fd5-2c309512d291
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
content-encoding: br
etag: "68073843-3b71"
last-modified: Tue, 22 Apr 2025 06:33:39 GMT
cdn-proxyver: 1.23
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/23/2025 14:02:04
cdn-edgestorageid: 1075
cdn-requestid: 15c61ad5f139d6dc238b95567e137237
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 0
X-Firefox-Spdy: h2
GET r.linksprf.com/v2/go?t=mtcpr%3At%2Fscipyaaeao3pwnfe5.focc9%3F8ib12280cl5%3D6887e78%263i%3D2s5%2679%267s2v73c440c1b8584d82d23c867c169a760d06010d%3D4w38e9w52%3D7we5c382e12i4%26c8a91%3D0s4%2F4%2F7n2t2i%26asm%3Dkntllt.cds%2Fas.toh&e=1&ai=395de5ec606c470eadb8cfa029f1439c&sct=0&ct=1751596263188&cu=1d72823cd68c465ab6cd46c17d24739e&cs=872b518f0360506234b51bdabd26ecd2
200 OK 1.6 kB URL GET r.linksprf.com/v2/go?t=mtcpr%3At%2Fscipyaaeao3pwnfe5.focc9%3F8ib12280cl5%3D6887e78%263i%3D2s5%2679%267s2v73c440c1b8584d82d23c867c169a760d06010d%3D4w38e9w52%3D7we5c382e12i4%26c8a91%3D0s4%2F4%2F7n2t2i%26asm%3Dkntllt.cds%2Fas.toh&e=1&ai=395de5ec606c470eadb8cfa029f1439c&sct=0&ct=1751596263188&cu=1d72823cd68c465ab6cd46c17d24739e&cs=872b518f0360506234b51bdabd26ecd2
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerLet's Encrypt
Subjectlinksprf.com
FingerprintAB:C3:2C:B3:64:8F:9E:65:81:53:CD:46:B2:C2:83:47:62:7F:99:4D
ValiditySat, 17 May 2025 04:43:47 GMT - Fri, 15 Aug 2025 04:43:46 GMT
File type HTML document, ASCII text, with very long lines (333)
Hash 8ca16f0026e30cc198c5d5a313a742a8
56a5f32bd9368379ee6d80ca005a70ea876b0a32
3a3cb8b99ccffdc839304f0f51cf4457b21341011daad94538dd52bbe932c94d
GET /v2/go?t=mtcpr%3At%2Fscipyaaeao3pwnfe5.focc9%3F8ib12280cl5%3D6887e78%263i%3D2s5%2679%267s2v73c440c1b8584d82d23c867c169a760d06010d%3D4w38e9w52%3D7we5c382e12i4%26c8a91%3D0s4%2F4%2F7n2t2i%26asm%3Dkntllt.cds%2Fas.toh&e=1&ai=395de5ec606c470eadb8cfa029f1439c&sct=0&ct=1751596263188&cu=1d72823cd68c465ab6cd46c17d24739e&cs=872b518f0360506234b51bdabd26ecd2 HTTP/1.1
Host: r.linksprf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ykuid=6654e77d0b6349cca1d36b5035124d3c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 02:31:03 GMT
content-type: text/html;charset=UTF-8
content-length: 1580
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
GET dc.platekompaniet.no/c/?si=19280&li=1827375&wi=255978&ws=v0304000178981d72823cd68c465ab6cd46c17d24739e&ws2=73e8ce88e6254cc8a21b08494c7f252f&ws3=analyticsstar.com
301 Moved Permanently 63 kB URL GET dc.platekompaniet.no/c/?si=19280&li=1827375&wi=255978&ws=v0304000178981d72823cd68c465ab6cd46c17d24739e&ws2=73e8ce88e6254cc8a21b08494c7f252f&ws3=analyticsstar.com
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subjectdc.platekompaniet.no
Fingerprint91:62:83:52:47:F6:30:5D:D0:F2:17:D2:42:7B:2A:80:B6:50:82:7F
ValiditySat, 28 Jun 2025 06:30:46 GMT - Fri, 26 Sep 2025 07:30:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?si=19280&li=1827375&wi=255978&ws=v0304000178981d72823cd68c465ab6cd46c17d24739e&ws2=73e8ce88e6254cc8a21b08494c7f252f&ws3=analyticsstar.com HTTP/1.1
Host: dc.platekompaniet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.linksprf.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 04 Jul 2025 02:31:03 GMT
content-type: text/html; charset=UTF-8
location: https://glp8.net/redirect/global.php?dai_url_domain=https%3A%2F%2Fwww.platekompaniet.no%2F&dai_url_add=utm_campaign%3Ddaisycon_YieldKit+GmbH%26utm_source%3Ddaisycon%26utm_medium%3Daffiliate&dai_url_rebuild&dai_url=
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-expose-headers: Cache-Control, Expires, Pragma, Content-Length, Content-Type
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-xss-protection: 0
x-ds: 1
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=lK6BEEfYP2HF7u0LQDaLoC3Xo7H744Aui6YWCl16f50BSFcB2hIFdLUodIm3AJAoLKmd0zNeyd6AKUPorJxvHP4Xs00%2B6ijQK0Ok7vK01FJRiQ%3D%3D"}]}
set-cookie: dci=meth0xfwrzc4cfnq0s9ftxnv; HttpOnly; SameSite=None; Secure; Path=/; Domain=dc.platekompaniet.no; Max-Age=31622400; Expires=Sun, 05 Jul 2026 02:31:03 GMT
cf-ray: 959b34471a30568f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.gstatic.com/firebasejs/11.7.0/firebase-auth.js
200 OK 158 kB URL GET www.gstatic.com/firebasejs/11.7.0/firebase-auth.js
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 158 kB (158389 bytes)
Hash f5fdeb768f56fc22c8b590f146fe8077
1571a1fa06eb5598c7eef5888888e50fc218e4ce
1cd7e6ba8999ad30b27217f70b5987270d56662e302ac86b77772c4a06c7f2a0
GET /firebasejs/11.7.0/firebase-auth.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 42005
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Jul 2025 13:02:22 GMT
expires: Fri, 03 Jul 2026 13:02:22 GMT
cache-control: public, max-age=31536000
age: 48514
last-modified: Wed, 07 May 2025 18:11:59 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET groleegni.net/500/9519021?excludes=&oaid=0801fccf7c2b4be1fe4c96b214fc90c5&var=&ymid=&tgp=&js_build=8&sw_version=v1.659.0&dmn=groleegni.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Furly.lat%2Fr%2Fy5kf5c&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&bto=0&btz=UTC&jsp=1
200 OK 6.1 kB URL GET groleegni.net/500/9519021?excludes=&oaid=0801fccf7c2b4be1fe4c96b214fc90c5&var=&ymid=&tgp=&js_build=8&sw_version=v1.659.0&dmn=groleegni.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Furly.lat%2Fr%2Fy5kf5c&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&bto=0&btz=UTC&jsp=1
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerLet's Encrypt
Subjectgroleegni.net
Fingerprint28:1C:F0:34:3B:7F:25:68:FC:46:BF:94:D2:EE:CE:00:1B:63:61:00
ValidityWed, 23 Apr 2025 05:47:49 GMT - Tue, 22 Jul 2025 05:47:48 GMT
Hash 7a51b51afd148330d2f803f1ee0be3ec
662cc8b7721394550d070fe6663741a9f259221e
8ead089cfc120e962937307442edc9e29f1f11f95fb2fc80bd63936fa4b7bd54
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /500/9519021?excludes=&oaid=0801fccf7c2b4be1fe4c96b214fc90c5&var=&ymid=&tgp=&js_build=8&sw_version=v1.659.0&dmn=groleegni.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Furly.lat%2Fr%2Fy5kf5c&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&bto=0&btz=UTC&jsp=1 HTTP/1.1
Host: groleegni.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Cookie: OAID=0301fce9cc7a415eeee02986a2fb87ed
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 04 Jul 2025 02:30:58 GMT
content-type: application/javascript
x-trace-id: 19a02759e1d92485f8fbb51e03832130
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://urly.lat
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0801fccf7c2b4be1fe4c96b214fc90c5; expires=Sat, 04 Jul 2026 02:30:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
GET fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
200 OK 27 kB URL GET fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint58:09:05:96:27:31:E2:3D:AB:89:AD:1C:2E:C3:03:82:B0:27:3D:86
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT
File type ASCII text, with very long lines (1572)
Hash c1dfd96443eb2be2a1f91f6adb6f9dbb
34fcc9ca9febd9112aeeb81b053d0d2bb6ab4b9c
59e10836dc5089dc4aa2f54b882ceb39184f2970d915a5de1a594d502876143a
GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 04 Jul 2025 02:31:02 GMT
date: Fri, 04 Jul 2025 02:31:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&RID=96557&CVER=22&X-HTTP-Session-Id=gsessionid&zx=1yv3ljz3gewt&t=1
200 OK 54 B URL POST firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&RID=96557&CVER=22&X-HTTP-Session-Id=gsessionid&zx=1yv3ljz3gewt&t=1
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subjectedgecert.googleapis.com
FingerprintAC:5A:C7:DF:4B:A5:8A:68:3F:CA:99:41:E6:43:4F:96:27:E8:9B:38
ValidityMon, 02 Jun 2025 08:39:28 GMT - Mon, 25 Aug 2025 08:39:27 GMT
Hash 917558fa542ab095c2dfdd4469d6ae39
bcd58b18eb6ec424208264df6996873490049ebb
b954f25450cb7335ad4e73f2998fbd2a0bc4e31d18d7a4cf2b7fb1ec1faa619a
POST /google.firestore.v1.Firestore/Write/channel?VER=8&database=projects%2Fnk3io-fba5a%2Fdatabases%2F(default)&RID=96557&CVER=22&X-HTTP-Session-Id=gsessionid&zx=1yv3ljz3gewt&t=1 HTTP/1.1
Host: firestore.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 267
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
x-client-wire-protocol: h3
x-http-session-id: vhYaB9bJSvyO4XePb0o0Xsa6jhXdLUQr_L0-9lDsYvc
content-type: text/plain; charset=utf-8
content-encoding: gzip
date: Fri, 04 Jul 2025 02:31:00 GMT
server: ESF
content-length: 71
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://urly.lat
vary: origin
access-control-allow-credentials: true
access-control-expose-headers: x-client-wire-protocol,x-http-session-id
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET trk.trk4u.com/r/2cb27e5e-4392-4570-85c7-0d7460a731bd/?conversion=964827241011228677&cost=0.004557&campaignid=9216582&country=NO&zone=9519021&subzone=&device=&os=windows&isp=blix+group+as&browser=firefox&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0
302 Found 363 B URL GET trk.trk4u.com/r/2cb27e5e-4392-4570-85c7-0d7460a731bd/?conversion=964827241011228677&cost=0.004557&campaignid=9216582&country=NO&zone=9519021&subzone=&device=&os=windows&isp=blix+group+as&browser=firefox&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subjecttrk.trk4u.com
Fingerprint64:04:06:DA:27:5A:0F:7D:9D:4E:01:E9:34:97:AC:E3:D7:F2:3E:1F
ValiditySat, 17 May 2025 20:51:39 GMT - Fri, 15 Aug 2025 21:41:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/2cb27e5e-4392-4570-85c7-0d7460a731bd/?conversion=964827241011228677&cost=0.004557&campaignid=9216582&country=NO&zone=9519021&subzone=&device=&os=windows&isp=blix+group+as&browser=firefox&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0 HTTP/1.1
Host: trk.trk4u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
location: https://analyticsstar.com/rd1/?rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabhe58luwcvmu15tbu9fiakq%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser
vary: Accept
content-type: text/html; charset=utf-8
x-cloud-trace-context: a2b1c481bad55dbad005fa856129c4a9
date: Fri, 04 Jul 2025 02:31:02 GMT
server: Google Frontend
content-length: 322
X-Firefox-Spdy: h2
GET www.platekompaniet.no/runtime.1bea2f8e839250323b3f.js
200 OK 7.2 kB URL GET www.platekompaniet.no/runtime.1bea2f8e839250323b3f.js
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerLet's Encrypt
Subjectplatekompaniet.no
FingerprintF0:8B:97:31:84:4A:61:8A:AA:85:C9:9B:AB:C2:F5:D0:E6:7C:43:31
ValidityThu, 22 May 2025 18:02:49 GMT - Wed, 20 Aug 2025 18:02:48 GMT
File type JavaScript source, ASCII text, with very long lines (4280)
Hash a5f99ee33b51b8f810df0c074832e6e1
9a469931e2e06aa5372935f3683c126f16ae0dc9
be205f94eb8bb6531132070a7d2cd69dd5cce3a6839771d2e38f654be385bac8
GET /runtime.1bea2f8e839250323b3f.js HTTP/1.1
Host: www.platekompaniet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 03 Jul 2025 10:33:37 GMT
etag: W/"68665c81-1c43"
expires: Fri, 03 Jul 2026 10:59:24 GMT
cache-control: max-age=31536000
content-encoding: gzip
accept-ranges: bytes
age: 55900
date: Fri, 04 Jul 2025 02:31:04 GMT
x-served-by: cache-bma-essb1270075-BMA, cache-hel1410024-HEL
x-cache: MISS, HIT
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 3739
X-Firefox-Spdy: h2
GET static.zdassets.com/web_widget/classic/latest/web-widget-main-c704a3f.js
200 OK 850 kB URL GET static.zdassets.com/web_widget/classic/latest/web-widget-main-c704a3f.js
IP
ASN #209242 Cloudflare London, LLC
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerGoogle Trust Services
Subjectzdassets.com
Fingerprint40:8A:EF:A0:E5:D7:93:B0:A2:76:16:9F:1A:F5:8A:75:A4:23:77:BB
ValidityFri, 27 Jun 2025 15:36:10 GMT - Thu, 25 Sep 2025 16:36:08 GMT
File type JavaScript source, ASCII text, with very long lines (65307)
Size 850 kB (850374 bytes)
Hash 36effe832f697b1bce46648d73736199
9e752a6ba88e830a436cb4fb879a3669c84737fd
34ea0cf20f599b88dd923cd5c5ccef7be66bac9ba88d9a09b9c8ce2050fbe020
GET /web_widget/classic/latest/web-widget-main-c704a3f.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 02:31:05 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: 31QfKMrRyN/DAjntaXuAjPV+HWtikDaF7LVUPsaKxl0iQO0dvLnlhqQhZ7kjqhq8qWkORnoJXuw=
x-amz-request-id: RYKX5N17P7F72NJC
x-amz-replication-status: COMPLETED
last-modified: Mon, 30 Jun 2025 11:13:29 GMT
etag: W/"36effe832f697b1bce46648d73736199"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 30 Jun 2026 11:13:27 GMT
x-amz-version-id: 1vyGCqPBAphFfJtrAavzfB2j8Cx_p6Q4
cf-cache-status: HIT
age: 161671
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pigKj5Z7XR6F7x37Ush1Kz2D32BWqNUTycXDwxH%2BTfz5lvFTq2ouNyx55LKk1BAG%2FBI9hk5lxuGNnu%2FfnT2JBG3QjmoA2MQCJFWm%2FVnoIKb42WQmyeC9NqZU66Y%2BgfdYOzsLaZU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 959b345608e51d06-CPH
content-encoding: br
X-Firefox-Spdy: h2
GET urly.lat/js/firebase.js
200 OK 793 B IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerLet's Encrypt
Subjecturly.lat
Fingerprint7A:3E:AE:E2:93:78:9D:CE:27:F8:0A:5D:B5:48:2C:1A:F2:27:35:C7
ValidityTue, 01 Jul 2025 21:24:04 GMT - Mon, 29 Sep 2025 21:24:03 GMT
File type JavaScript source, ASCII text
Hash 7d02bd1df8b13273a41bf5ef8a4355f3
3e621e82f189310f69675a364cecd2c0fff7674c
c41f71e6b8ad6b00d9d7025038d14d12355adcaeb6e226819d94b6976914efc8
GET /js/firebase.js HTTP/1.1
Host: urly.lat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://urly.lat/r/y5kf5c
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
age: 35266
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: application/javascript; charset=UTF-8
date: Fri, 04 Jul 2025 02:30:56 GMT
etag: "4ad4cd20262a4ce28bed8ab5aa595555-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01JZ9MBK1P6MWPBCARH3S1E2E5
content-length: 793
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
200 OK 7.8 kB URL GET fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v23/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://urly.lat
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Jul 2025 21:40:00 GMT
expires: Thu, 02 Jul 2026 21:40:00 GMT
cache-control: public, max-age=31536000
age: 103856
last-modified: Wed, 23 Apr 2025 16:07:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.frayedperformance.pro/test2/37d0ec2624dc.js
200 OK 102 kB URL GET www.frayedperformance.pro/test2/37d0ec2624dc.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://urly.lat/r/y5kf5c
Certificate IssuerLet's Encrypt
Subjectwww.frayedperformance.pro
Fingerprint95:B5:9B:D5:74:00:02:37:30:C5:BC:71:80:B8:44:FC:62:65:AC:7A
ValidityMon, 30 Jun 2025 07:07:48 GMT - Sun, 28 Sep 2025 07:07:47 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 102 kB (101519 bytes)
Hash b222dffeb7bbcd9d7120a430a85ca228
94490374570376e779612a3b7454ce7903c2cb4c
3e98aec5c7eee57ce742c381c209b3903d9fbabfc7f95ee4a73c84df54858ca9
GET /test2/37d0ec2624dc.js HTTP/1.1
Host: www.frayedperformance.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urly.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 02:30:56 GMT
content-type: application/javascript; charset=utf-8
server: nginx
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
cache-control: max-age=172800
content-encoding: gzip
expires: Sun, 06 Jul 2025 02:30:56 GMT
x-cdn-host-id: ah0543
x-proxy-cache: HIT
X-Firefox-Spdy: h2
63.176.8.218
95.101.10.153
63.33.119.172
142.250.178.83
172.64.146.234
88.85.68.219
52.67.91.212
139.45.195.252
13.50.127.54