GET mwoukrkskillso.com/dm5lQWtZUQYyVhUCLyAyGyAjGzw4DDMELRgPVDUJJVw/MT0gHUM1AhJTUnheR1tXZxsfClhwTQUaBDUeBVNUZwIYCAp8TQBTVG9YQkBWd0VCSBB8WlAaFSAMS19DMR8CAlhwXEJZXHFSRVdXd1JG
204 No Content 0 B URL GET mwoukrkskillso.com/dm5lQWtZUQYyVhUCLyAyGyAjGzw4DDMELRgPVDUJJVw/MT0gHUM1AhJTUnheR1tXZxsfClhwTQUaBDUeBVNUZwIYCAp8TQBTVG9YQkBWd0VCSBB8WlAaFSAMS19DMR8CAlhwXEJZXHFSRVdXd1JG
IP
Certificate IssuerGoogle Trust Services
Subjectmwoukrkskillso.com
Fingerprint9A:D5:82:05:E2:9D:19:29:EC:FD:5B:FF:46:97:3D:6B:1A:C2:8A:71
ValidityTue, 22 Apr 2025 10:32:56 GMT - Mon, 21 Jul 2025 11:31:25 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dm5lQWtZUQYyVhUCLyAyGyAjGzw4DDMELRgPVDUJJVw/MT0gHUM1AhJTUnheR1tXZxsfClhwTQUaBDUeBVNUZwIYCAp8TQBTVG9YQkBWd0VCSBB8WlAaFSAMS19DMR8CAlhwXEJZXHFSRVdXd1JG HTTP/1.1
Host: mwoukrkskillso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 22 May 2025 10:23:12 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=NX%2BcopHdY%2F3YLRmqSJW1Y1AoUjH482mHoa7VAfq56hI%2FZmC5Vi2VA1kzmKXJpe5pFAs8lEheryA%2Fz1YTqgRq0KQzWwmsRw4UC2Rqo%2FkSCUM%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 943b98c8fe0b1c02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
200 OK 93 kB URL GET ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
IP
Requested by https://strimsy.top/layout/chat2.php
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7A:29:E6:A8:BE:59:2C:AE:82:2D:CA:8E:15:89:41:BE:EC:D2:0D:EA
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65480)
Hash 0b6ecf17e30037994d3ffee51b525914
d09d3a99ed25d0f1fbe6856de9e14ffd33557256
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
GET /ajax/libs/jquery/1.8.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33621
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 May 2025 17:22:25 GMT
expires: Fri, 15 May 2026 17:22:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 579648
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET ust.chatango.com/groupinfo/s/t/strimiworld/gprofile.xml
200 OK 57 B URL GET ust.chatango.com/groupinfo/s/t/strimiworld/gprofile.xml
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerSectigo Limited
Subject*.chatango.com
FingerprintCA:CB:28:83:0F:25:6F:8E:F9:1B:D1:C9:48:5C:78:14:83:32:65:7A
ValidityMon, 24 Jun 2024 00:00:00 GMT - Thu, 24 Jul 2025 23:59:59 GMT
File type XML 1.0 document, ASCII text, with no line terminators
Hash 75cd495a20073e6036616edbe0732990
54f9fc13ca1d7cbbf7c75b8ebd4e3e1ba6ba8e68
fc866559091221e234b06cf006060f827e92a25be843f97cc85e6f422fb21903
GET /groupinfo/s/t/strimiworld/gprofile.xml HTTP/1.1
Host: ust.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://st.chatango.com
DNT: 1
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 May 2025 10:23:16 GMT
Content-Type: text/xml
Content-Length: 57
Last-Modified: Tue, 26 Oct 2021 22:16:54 GMT
Connection: keep-alive
Expires: Thu, 22 May 2025 10:23:16 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
GET fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
200 OK 27 kB URL GET fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7A:29:E6:A8:BE:59:2C:AE:82:2D:CA:8E:15:89:41:BE:EC:D2:0D:EA
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT
File type ASCII text, with very long lines (1572)
Hash da8ad2595d78edf21895319e7d02fe73
d707ec9d6f68fbcfc0e2ebe711b97ad7d67e9aa9
95bce9ed84dcd1e30d88c5e2b2368d24c4e6c60ca58210293d28b3394d1d629a
GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 May 2025 10:23:19 GMT
date: Thu, 22 May 2025 10:23:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET ust.chatango.com/profileimg/d/r/drimszou/thumb.jpg
200 OK 1.3 kB URL GET ust.chatango.com/profileimg/d/r/drimszou/thumb.jpg
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerSectigo Limited
Subject*.chatango.com
FingerprintCA:CB:28:83:0F:25:6F:8E:F9:1B:D1:C9:48:5C:78:14:83:32:65:7A
ValidityMon, 24 Jun 2024 00:00:00 GMT - Thu, 24 Jul 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3
Hash 58a289716772b87d5be0eaa1dcb4ba97
618c4ca1d9ec81d382c5102e8b7691ca6a82af6f
989c72cd760912ca961fbdd0483c9d973d94c8943ca696746c1f9e4c4f9ae42e
GET /profileimg/d/r/drimszou/thumb.jpg HTTP/1.1
Host: ust.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 May 2025 10:23:17 GMT
Content-Type: image/jpeg
Content-Length: 1263
Last-Modified: Thu, 04 Apr 2024 13:21:42 GMT
Connection: keep-alive
Expires: Thu, 22 May 2025 10:23:17 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
GET tzegilo.com/stattag.js
200 OK 18 kB IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerGoogle Trust Services
Subjecttzegilo.com
FingerprintBD:3B:17:0D:E4:BF:2D:A2:D2:DE:AD:AD:5B:4E:50:C8:BC:18:2A:3A
ValiditySat, 17 May 2025 12:47:13 GMT - Fri, 15 Aug 2025 13:41:30 GMT
File type JavaScript source, ASCII text, with very long lines (17229)
Hash 01227f5edc20e0ff4ed643b27cb8bb68
d71a88f7341f2b1bdaa7deb9a66888607bd52598
75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:18 GMT
content-type: application/javascript
server: cloudflare
last-modified: Thu, 11 Jul 2024 10:23:58 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=uUIhLnH5ZNuNlOsodYwYdfCaupp463EQgGadlPK54nGCkipkkZmbMxH5IuaQXDcGZbpJ%2Fi%2Bme45giWQooqxVkB3NnkeJMTUa0Q%3D%3D"}]}
age: 5890
cache-control: max-age=14400
cf-cache-status: HIT
etag: W/"668fb2be-45d7"
content-encoding: br
cf-ray: 943b98ee6e33569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET trk.trk4u.com/r/2cb27e5e-4392-4570-85c7-0d7460a731bd/?conversion=949363432897388623&cost=0.004558&campaignid=9461803&country=NO&zone=9283842&subzone=&device=&os=windows&isp=blix+group+as&browser=firefox&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0
302 Found 363 B URL GET trk.trk4u.com/r/2cb27e5e-4392-4570-85c7-0d7460a731bd/?conversion=949363432897388623&cost=0.004558&campaignid=9461803&country=NO&zone=9283842&subzone=&device=&os=windows&isp=blix+group+as&browser=firefox&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerGoogle Trust Services
Subjecttrk.trk4u.com
Fingerprint64:04:06:DA:27:5A:0F:7D:9D:4E:01:E9:34:97:AC:E3:D7:F2:3E:1F
ValiditySat, 17 May 2025 20:51:39 GMT - Fri, 15 Aug 2025 21:41:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/2cb27e5e-4392-4570-85c7-0d7460a731bd/?conversion=949363432897388623&cost=0.004558&campaignid=9461803&country=NO&zone=9283842&subzone=&device=&os=windows&isp=blix+group+as&browser=firefox&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0 HTTP/1.1
Host: trk.trk4u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
location: https://analyticsstar.com/rd1/?rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabfwwpib68oilgigym1h5ymk%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser
vary: Accept
content-type: text/html; charset=utf-8
x-cloud-trace-context: c5853e431b0ac3fda98ef7a680a12228
date: Thu, 22 May 2025 10:23:20 GMT
server: Google Frontend
content-length: 322
X-Firefox-Spdy: h2
GET www.flashscore.com/res/_fs/build/it.f6dbaba.png
200 OK 374 B URL GET www.flashscore.com/res/_fs/build/it.f6dbaba.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subject*.flashscore.com
FingerprintCB:42:C5:76:17:A6:51:DE:FD:22:A5:BF:57:AF:7C:79:C1:63:F2:F2
ValiditySun, 18 May 2025 05:06:32 GMT - Sat, 16 Aug 2025 05:06:31 GMT
File type PNG image data, 48 x 32, 8-bit/color RGB, non-interlaced
Hash 257955a10165e493f9716723a89ca258
61e40342156e0d75afcbb558a6e0ed73148f7de7
8521ebf4d043b54e6dd9abdd99caad8f22981edbaffb3d84ac38b0a17aa9e3e9
GET /res/_fs/build/it.f6dbaba.png HTTP/1.1
Host: www.flashscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://strimsy.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
server: nginx
content-type: image/png
etag: "176-6358cdb960700"
cache-control: max-age=31104000, immutable
expires: Fri, 15 May 2026 17:33:42 GMT
vary: Accept-Encoding
content-length: 374
x-ttlset: FPH[P]|FPH[A]|FPH[P]|FPH[A]
age: 146968
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: *
x-times: 1747909392737|1747909392737
x-age: 146968[P]|143027[A]|88503[P]|60013[A]
x-pc: HIT[P]|HIT[A]|HIT[P]|HIT[A]
x-vname: lsproxy-6bdb6645ff-qgvxg/varnish1[P]|lsbproxy-0/varnish1[A]|fsproxy7-tt2/varnish1[P]|fsbproxy5-tt2/varnish1[A]
date: Thu, 22 May 2025 10:23:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET mwoukrkskillso.com/VURBWkx6eyIpcRsRdBAuOCMPPn9gIRkbfWAhLSoqFAw5bxpkcGcuJTF5eGh5YXFxfDw8IHxraiYwIC45JnlwfCU7Ii5naiN5cHR/YWpybGJhYjRnfXMwMTsraHVnKjghKHxre2FzeGp1Zn1zbX1t
204 No Content 0 B URL GET mwoukrkskillso.com/VURBWkx6eyIpcRsRdBAuOCMPPn9gIRkbfWAhLSoqFAw5bxpkcGcuJTF5eGh5YXFxfDw8IHxraiYwIC45JnlwfCU7Ii5naiN5cHR/YWpybGJhYjRnfXMwMTsraHVnKjghKHxre2FzeGp1Zn1zbX1t
IP
Certificate IssuerGoogle Trust Services
Subjectmwoukrkskillso.com
Fingerprint9A:D5:82:05:E2:9D:19:29:EC:FD:5B:FF:46:97:3D:6B:1A:C2:8A:71
ValidityTue, 22 Apr 2025 10:32:56 GMT - Mon, 21 Jul 2025 11:31:25 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /VURBWkx6eyIpcRsRdBAuOCMPPn9gIRkbfWAhLSoqFAw5bxpkcGcuJTF5eGh5YXFxfDw8IHxraiYwIC45JnlwfCU7Ii5naiN5cHR/YWpybGJhYjRnfXMwMTsraHVnKjghKHxre2FzeGp1Zn1zbX1t HTTP/1.1
Host: mwoukrkskillso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 22 May 2025 10:23:12 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=WwUvSbPBq0Qmu99ZER17vWMCBBmlA%2B0EXl9E8o1%2BI%2FtUSk8J8AizsXeYbGDIOaApKd%2BVL0fVxdCL30dGA6p%2FM2iORJLmtmdXF6M5KwJnyPQ%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 943b98c90e331c02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
POST sentry2.integrations.convert.no/api/3/store/?sentry_key=805805f9164247f9aaa30ee3f2ab5528&sentry_version=7
200 OK 41 B URL POST sentry2.integrations.convert.no/api/3/store/?sentry_key=805805f9164247f9aaa30ee3f2ab5528&sentry_version=7
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerAmazon
Subject*.integrations.convert.no
Fingerprint72:C6:B4:50:67:F4:68:A3:56:39:C6:7D:69:3F:76:70:EC:63:00:A3
ValidityWed, 23 Apr 2025 00:00:00 GMT - Sat, 23 May 2026 23:59:59 GMT
Hash c673f05921a3b090fcbb02aa75974521
526331817718591397c3b8f887862ee28938040d
7214c2695742bc0a05b7ceea2e929facd19f0ddd32b0aedb5026202d79b1ab11
POST /api/3/store/?sentry_key=805805f9164247f9aaa30ee3f2ab5528&sentry_version=7 HTTP/1.1
Host: sentry2.integrations.convert.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.platekompaniet.no/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1087
Origin: https://www.platekompaniet.no
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:22 GMT
content-type: application/json
content-length: 41
access-control-allow-origin: https://www.platekompaniet.no
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
vary: Origin
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=UA-128182457-1
200 OK 277 kB URL GET www.googletagmanager.com/gtag/js?id=UA-128182457-1
IP
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint02:7D:56:C0:B9:20:0C:27:A4:AC:B9:8F:9D:45:1D:85:2A:30:50:AD
ValidityMon, 21 Apr 2025 08:40:41 GMT - Mon, 14 Jul 2025 08:40:40 GMT
File type JavaScript source, ASCII text, with very long lines (5432)
Size 277 kB (276919 bytes)
Hash bbff573672deaa9ae2431588e93f7501
88f8acb59085ff0b8c246de49bbccb01711f634a
d3303204973d55c7c0e13a1b3c88fd1b98fda18308715e0dfc3c5cfa57be4e47
GET /gtag/js?id=UA-128182457-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 May 2025 10:23:12 GMT
expires: Thu, 22 May 2025 10:23:12 GMT
cache-control: private, max-age=900
last-modified: Thu, 22 May 2025 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
server: Google Tag Manager
content-length: 97934
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET my.rtmark.net/gid.js
200 OK 65 B IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint61:93:FB:BF:25:C3:CE:7B:CB:69:5D:87:04:AA:ED:1B:35:8D:44:82
ValidityFri, 02 May 2025 11:10:51 GMT - Thu, 31 Jul 2025 12:10:47 GMT
Hash bce8b1dac48e37563615caf2dcaf91ab
9916fb7186f18f7a06a805bd3adf64e8cb2a99cf
b0fc0eb0d5b4d394402b796e8b500e8d2b93cd0968bd85089489cc140006a0d7
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://st.chatango.com
DNT: 1
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:18 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://st.chatango.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0801d149bf2c4842ff28d9b370dbc248; expires=Fri, 22 May 2026 10:23:18 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 943b98ecca7d5684-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.platekompaniet.no/buildid.json?1747909401440
200 OK 20 B URL GET www.platekompaniet.no/buildid.json?1747909401440
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerLet's Encrypt
Subjectplatekompaniet.no
FingerprintCC:04:4D:D3:C7:E8:88:B3:4A:E2:3F:61:DD:01:83:E1:A5:B5:6D:BC
ValiditySun, 23 Mar 2025 16:59:19 GMT - Sat, 21 Jun 2025 16:59:18 GMT
Hash 86777d1f75952aaecc9cd2df57823a3d
7dddb676100f0e77961022db12766b571ec93346
91386c33342196e25094100199c876f1e7b394b351801463ba8f1fcaf314061f
GET /buildid.json?1747909401440 HTTP/1.1
Host: www.platekompaniet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM1ODY4MzkiLCJhcCI6IjExMjAxNTgxODAiLCJpZCI6IjJiNWI0ZjZkYjhjZmNhZjYiLCJ0ciI6Ijk5ODYwMDFjMjYyMTg1YjE3YjRjNjY5YzQxOGFlMjAwIiwidGkiOjE3NDc5MDk0MDE0NDEsInRrIjoiMTMyMjg0MCJ9fQ==
traceparent: 00-9986001c262185b17b4c669c418ae200-2b5b4f6db8cfcaf6-01
tracestate: 1322840@nr=0-1-3586839-1120158180-2b5b4f6db8cfcaf6----1747909401441
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
last-modified: Wed, 21 May 2025 11:47:54 GMT
etag: "682dbd6a-14"
expires: Fri, 22 May 2026 10:23:21 GMT
cache-control: max-age=31536000
content-encoding: br
accept-ranges: bytes
age: 0
date: Thu, 22 May 2025 10:23:21 GMT
x-served-by: cache-bma1624-BMA, cache-hel1410021-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 25
X-Firefox-Spdy: h2
GET st.chatango.com/cfg/nc/r.json?c248630020000211905098382
200 OK 20 B URL GET st.chatango.com/cfg/nc/r.json?c248630020000211905098382
IP
Requested by https://strimsy.top/layout/chat2.php
Certificate IssuerSectigo Limited
Subject*.chatango.com
FingerprintCA:CB:28:83:0F:25:6F:8E:F9:1B:D1:C9:48:5C:78:14:83:32:65:7A
ValidityMon, 24 Jun 2024 00:00:00 GMT - Thu, 24 Jul 2025 23:59:59 GMT
Hash 74e4af124e8ebd5951cb32013a8fac98
390a4a7abe2694bf43fc7fdc836534644b61b49c
4761b6134a2f23cc496f288c0312c337c9b535905c8ee191823a7c2384f21fb4
GET /cfg/nc/r.json?c248630020000211905098382 HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://strimsy.top
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 May 2025 10:23:07 GMT
Content-Type: application/octet-stream
Content-Length: 20
Last-Modified: Wed, 21 May 2025 13:16:52 GMT
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
POST fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=06824e20-686c-4266-9d21-e0775f502c28
200 OK 12 B URL POST fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=06824e20-686c-4266-9d21-e0775f502c28
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0
ValidityWed, 11 Dec 2024 00:00:00 GMT - Sun, 11 Jan 2026 23:59:59 GMT
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=06824e20-686c-4266-9d21-e0775f502c28 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1448
Origin: https://st.chatango.com
DNT: 1
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Thu, 22 May 2025 10:23:19 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://st.chatango.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
GET www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
200 OK 63 kB URL GET www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerLet's Encrypt
Subjectplatekompaniet.no
FingerprintCC:04:4D:D3:C7:E8:88:B3:4A:E2:3F:61:DD:01:83:E1:A5:B5:6D:BC
ValiditySun, 23 Mar 2025 16:59:19 GMT - Sat, 21 Jun 2025 16:59:18 GMT
File type HTML document, ASCII text, with very long lines (53049)
Hash a58e37f84746672b09feb24a77464225
d36a09c84399e2f446526c1f47bdb41c28ccdae7
72832c5f6143c8df8f235daec1dba70da0b04166fb7fd1c46fd7815794f3e251
GET /?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate HTTP/1.1
Host: www.platekompaniet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://r.linksprf.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
etag: W/"f5e3-02oJyEOZ4vRGUmwfR720HCjM2uc"
accept-ranges: bytes
date: Thu, 22 May 2025 10:23:21 GMT
x-served-by: cache-bma1671-BMA, cache-hel1410021-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
vary: Accept-Encoding,Cookie
strict-transport-security: max-age=31557600
content-length: 62947
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtm.js?id=GTM-T3QSTG
200 OK 436 kB URL GET www.googletagmanager.com/gtm.js?id=GTM-T3QSTG
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint02:7D:56:C0:B9:20:0C:27:A4:AC:B9:8F:9D:45:1D:85:2A:30:50:AD
ValidityMon, 21 Apr 2025 08:40:41 GMT - Mon, 14 Jul 2025 08:40:40 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (26489)
Size 436 kB (435635 bytes)
Hash 277ec270296cf868038dc03151511077
2fb03d0ff71fb2a1137ff18d627cb03a93048eb4
05e7d24e7424c199220b2cfec1549f6d52b17fae7ce835a8877d1baf8aeebdc8
GET /gtm.js?id=GTM-T3QSTG HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 May 2025 10:23:21 GMT
expires: Thu, 22 May 2025 10:23:21 GMT
cache-control: private, max-age=900
last-modified: Thu, 22 May 2025 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1317:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1317:0
report-to: {"group":"ascgcycc:1317:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1317:0"}],}
server: Google Tag Manager
content-length: 138917
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET event.getblue.io/js/blue-tag.min.js
200 OK 9.1 kB URL GET event.getblue.io/js/blue-tag.min.js
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerAmazon
Subject*.getblue.io
Fingerprint0D:0B:C6:C1:FA:B5:66:5D:63:CA:70:6F:11:B1:90:39:FB:38:48:4A
ValidityThu, 28 Nov 2024 00:00:00 GMT - Sun, 28 Dec 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (9113), with no line terminators
Hash 5c8f4a46a21dff724a763101b646b4f3
fbe7c978e0c99d1a22be935d266da915a2d400b0
a2be364e2921857c3e1415e1e9e74e5628a02318662a25da27a23da90929c84a
GET /js/blue-tag.min.js HTTP/1.1
Host: event.getblue.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:23 GMT
content-type: application/javascript
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
etag: W/"9113-1747894872314"
last-modified: Thu, 22 May 2025 06:21:12 GMT
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
GET static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/no-json-f5a540e.js
200 OK 27 kB URL GET static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/no-json-f5a540e.js
IP
ASN #209242 Cloudflare London, LLC
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerGoogle Trust Services
Subjectzdassets.com
FingerprintB1:E6:DA:3B:72:D6:E1:65:15:89:8B:31:FB:31:4B:DF:A6:6C:62:0D
ValidityTue, 29 Apr 2025 15:02:32 GMT - Mon, 28 Jul 2025 16:02:31 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (26747), with no line terminators
Hash a4972b8c1288821ef67ab0495b09daf8
db7c58d57324146196de46dfa2d8a8fb8750b408
1aeb1a0263fde2e6ef04f475b31def9b32072282bfb44986dba316b8e9529551
GET /web_widget/classic/latest/web-widget-locales/classic/no-json-f5a540e.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:23 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: brVaLExxNBGrhU40vNvej1hbE5Vd2zqdtbt5vp3iwrdZ33Hw9v/v1b7oXbIT9BgtDGk8jUmnPE4MtW70KRW/gw==
x-amz-request-id: QQ4WBJHQEB4Q5ZFX
x-amz-replication-status: COMPLETED
last-modified: Mon, 19 May 2025 10:39:46 GMT
etag: W/"0c1c3d6bae6a4b96f7ecebec7ea61d8f"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 19 May 2026 10:39:45 GMT
x-amz-version-id: KG6EMHJR5IekfGj5RJavlPu8Gr2Br7Fl
cf-cache-status: HIT
age: 174807
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9M%2F0p9HSrydEsghfFo%2FxWbmUdb5tBr2lTBYpgyKJRuVqQ3nXmKDO0%2FH3nr%2Fatsd1HiZQEERzQ02zjyDIsP0X%2FieZok9cGFMc%2BP4tOcyfqYuSfMjGqNxZciHGusK0jcMuDbrHRuE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 943b9909ee7992c7-CPH
content-encoding: br
X-Firefox-Spdy: h2
GET i.imgur.com/JqgVon6.png
200 OK 234 kB IP
Certificate IssuerSectigo Limited
Subject*.imgur.com
FingerprintE4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D
ValidityWed, 29 Jan 2025 00:00:00 GMT - Sat, 14 Feb 2026 23:59:59 GMT
File type PNG image data, 686 x 214, 8-bit/color RGBA, non-interlaced
Size 234 kB (234218 bytes)
Hash d1d3ef335ab65153f20b05867e720e66
50e5313a3af061ae1e11129d5ec1ec85065b9462
7fa2ffe58caae2f62591d504491761ad84d9d990a9f67ad4ce084bab7743c068
GET /JqgVon6.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
last-modified: Sun, 27 Oct 2024 18:09:06 GMT
etag: "d1d3ef335ab65153f20b05867e720e66"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: vlO6SeqnkY1k2COKs7mMazfGkcfNxY0wxgzDjs3VjodGPVJXYzf16Q==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 22 May 2025 10:23:12 GMT
age: 3817712
x-served-by: cache-iad-kjyo7100128-IAD, cache-hel1410020-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 1416, 184
x-timer: S1747909392.271592,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 234218
X-Firefox-Spdy: h2
GET ust.chatango.com/profileimg/g/l/glucihno/thumb.jpg
200 OK 1.5 kB URL GET ust.chatango.com/profileimg/g/l/glucihno/thumb.jpg
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerSectigo Limited
Subject*.chatango.com
FingerprintCA:CB:28:83:0F:25:6F:8E:F9:1B:D1:C9:48:5C:78:14:83:32:65:7A
ValidityMon, 24 Jun 2024 00:00:00 GMT - Thu, 24 Jul 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3
Hash f947341c297a80fe29b07c9d97d5f01b
a3a651d0d5dab12a1f8681a30827391170acfc4c
90538e2138194af2554d8e1f2ec99f193b60a09a57671c03133c0daef0b1e832
GET /profileimg/g/l/glucihno/thumb.jpg HTTP/1.1
Host: ust.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 May 2025 10:23:18 GMT
Content-Type: image/jpeg
Content-Length: 1538
Last-Modified: Fri, 16 May 2025 19:01:54 GMT
Connection: keep-alive
Expires: Thu, 22 May 2025 10:23:18 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
GET mwoukrkskillso.com/cUhvNXRedwxGSTx4NQYgJAUnVkQ/cQxkJkEaNwxCMCYpchIpJ0lBHRV1Vw1AQ39bEwQYLFIETFc7G1QABDtSBFIYJglaSVc+UgRaQWZdG0FXPVIEUgU4DlJJQG4fQQAddV4CQEZxXwxHSHpYBkA
204 No Content 0 B URL GET mwoukrkskillso.com/cUhvNXRedwxGSTx4NQYgJAUnVkQ/cQxkJkEaNwxCMCYpchIpJ0lBHRV1Vw1AQ39bEwQYLFIETFc7G1QABDtSBFIYJglaSVc+UgRaQWZdG0FXPVIEUgU4DlJJQG4fQQAddV4CQEZxXwxHSHpYBkA
IP
Certificate IssuerGoogle Trust Services
Subjectmwoukrkskillso.com
Fingerprint9A:D5:82:05:E2:9D:19:29:EC:FD:5B:FF:46:97:3D:6B:1A:C2:8A:71
ValidityTue, 22 Apr 2025 10:32:56 GMT - Mon, 21 Jul 2025 11:31:25 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cUhvNXRedwxGSTx4NQYgJAUnVkQ/cQxkJkEaNwxCMCYpchIpJ0lBHRV1Vw1AQ39bEwQYLFIETFc7G1QABDtSBFIYJglaSVc+UgRaQWZdG0FXPVIEUgU4DlJJQG4fQQAddV4CQEZxXwxHSHpYBkA HTTP/1.1
Host: mwoukrkskillso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 22 May 2025 10:23:12 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=aBnFYX%2BLvy4AOipjBY5WH5BgyGf6eBkTyx2YOqj7xFOA%2FGi9Evupgcxhit5ue3V5MGTbmNgXcAKHq%2FSVc39Mq4ViFCwxf2t%2Bc8zZriVfKMQ%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 943b98c8fe0f1c02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET event.getblue.io/p/?cId=D498E373-F05F-EE07-A7D3CD331092DEE4&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=9fe0c95b-7985-4017-8c26-fa6df81d7187&ulc=daisycon&v=29092023-1023&nocache=5348371623515.02
200 OK 0 B URL GET event.getblue.io/p/?cId=D498E373-F05F-EE07-A7D3CD331092DEE4&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=9fe0c95b-7985-4017-8c26-fa6df81d7187&ulc=daisycon&v=29092023-1023&nocache=5348371623515.02
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerAmazon
Subject*.getblue.io
Fingerprint0D:0B:C6:C1:FA:B5:66:5D:63:CA:70:6F:11:B1:90:39:FB:38:48:4A
ValidityThu, 28 Nov 2024 00:00:00 GMT - Sun, 28 Dec 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/?cId=D498E373-F05F-EE07-A7D3CD331092DEE4&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=9fe0c95b-7985-4017-8c26-fa6df81d7187&ulc=daisycon&v=29092023-1023&nocache=5348371623515.02 HTTP/1.1
Host: event.getblue.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:23 GMT
content-type: text/html;charset=UTF-8
content-length: 0
tagcontainer-version: 1211-16092024-1120
cache-control: no-cache
set-cookie: ckid=71CC61B6-F8B8-4A69-82179C2A0284AF31; expires=Fri, 22 May 2026 10:23:23 -0000; domain=.getblue.io; path=/; secure; samesite=None
X-Firefox-Spdy: h2
GET accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKV5MirWzKSP00LvRrXsvhz9JFCLtCIar_rSL2t1yvG9M5QeDC9F4-PoMfj2tou-bpV79XaRQ8qAw
302 Found 0 B URL GET accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKV5MirWzKSP00LvRrXsvhz9JFCLtCIar_rSL2t1yvG9M5QeDC9F4-PoMfj2tou-bpV79XaRQ8qAw
IP
Certificate IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintC1:23:6B:8B:E9:B9:28:BB:DE:15:E9:38:B1:9E:50:AA:7D:13:C9:E9
ValidityTue, 29 Apr 2025 19:30:06 GMT - Tue, 22 Jul 2025 19:30:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKV5MirWzKSP00LvRrXsvhz9JFCLtCIar_rSL2t1yvG9M5QeDC9F4-PoMfj2tou-bpV79XaRQ8qAw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://strimsy.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:K8mc5G7eflsf99Zdf2AidEHbNiv9Hw:mWCNstsqYorSvq8e;Path=/;Expires=Sat, 22-May-2027 10:23:13 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 22 May 2025 10:23:13 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKV5Mj_aA1rVquKSR6kU_y-sBrQK4rerknNd1LJXyQVE6AWEa9_vOnMdvJHe2FXQ-tE8Ma8PKuA8A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-603154486%3A1747909393623292
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-qHbPET3b5pl4koU8fmjTJg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 416
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET unpkg.com/ionicons@5.5.2/dist/ionicons/ionicons.esm.js
200 OK 399 B URL GET unpkg.com/ionicons@5.5.2/dist/ionicons/ionicons.esm.js
IP
Certificate IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint6A:50:E9:D4:F9:DB:BA:3A:76:D2:D3:E2:A2:6D:16:12:07:9D:D4:DA
ValidityTue, 29 Apr 2025 07:12:06 GMT - Mon, 28 Jul 2025 08:12:03 GMT
File type ASCII text, with very long lines (399), with no line terminators
Hash 3c2f72e3e470fd7237908de7df8ce464
07ecc65136d0d6e56c1bccb5b9ffb9dd07709ded
20193736d900f0b602a678f804676349764578ab2adcd07ffebb6d06df1afd96
GET /ionicons@5.5.2/dist/ionicons/ionicons.esm.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://strimsy.top
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:12 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 943b98c52eb20b31-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 1242182
cache-control: public, max-age=31536000
expires: Fri, 22 May 2026 10:23:12 GMT
last-modified: Tue, 29 Apr 2025 17:16:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 fly.io, 1.1 fly.io
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-expose-headers: *
content-digest: sha256=:IBk3NtkA8LYCpnj4BGdjSXZFeKsq3NB//rttBt8a/ZY=:
cross-origin-resource-policy: cross-origin
fly-request-id: 01JT18S72SG3S6A94DEJMTK4QP-ord
x-content-type-options: nosniff
server: cloudflare
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET flashscore.com/res/_fs/build/es.4dc0e44.png
301 Moved Permanently 840 B URL GET flashscore.com/res/_fs/build/es.4dc0e44.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subject*.flashscore.com
FingerprintCB:42:C5:76:17:A6:51:DE:FD:22:A5:BF:57:AF:7C:79:C1:63:F2:F2
ValiditySun, 18 May 2025 05:06:32 GMT - Sat, 16 Aug 2025 05:06:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /res/_fs/build/es.4dc0e44.png HTTP/1.1
Host: flashscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: Varnish
access-control-allow-origin: *
access-control-expose-headers: *
x-times: 1747909392288|1747909392288
x-age: [P]
x-pc: 0[P]
x-vname: lsproxy-6bdb6645ff-9qt5d/varnish1[P]
date: Thu, 22 May 2025 10:23:12 GMT
location: https://www.flashscore.com/res/_fs/build/es.4dc0e44.png
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET ukankingwithea.com/
200 OK 27 B IP
Certificate IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:15:28:2A:F2:F8:5D:3A:DE:6D:1D:DC:CF:6D:06:BA:00:3A:63:70
ValidityTue, 29 Apr 2025 13:46:48 GMT - Mon, 28 Jul 2025 14:44:24 GMT
File type ASCII text, with no line terminators
Hash ea3b6b5666dc19be446c383d1664f5ba
0dda4b4a14ead49cc2b7d3ff496909c7801a35e7
4e13d8ae9a548fb2da2a7291c3fcfa428275d2eaae26ab765f51eabe0c95c7dc
GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://strimsy.top/
Origin: https://strimsy.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:13 GMT
content-type: text/plain
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: https://strimsy.top
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=mhZZs0j0ZJh9uJlTggQHQVi9Y25tdqkmyVJCi%2B%2FJSrTvrhkL1B1Ms1NGC25NSj%2B2sugUnH2h7LmqTV2qi2W78imczY9Z8v7AuV1dn8ECEVw%3D"}]}
content-encoding: br
set-cookie: csu=1633962814024624@1@1747909393; SameSite=None; Secure; Max-Age=31104000
cf-ray: 943b98cc6dfb7128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET analyticsstar.com/rd1/?rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabfwwpib68oilgigym1h5ymk%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser
302 Found 363 B URL GET analyticsstar.com/rd1/?rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabfwwpib68oilgigym1h5ymk%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerGoogle Trust Services
Subjectanalyticsstar.com
Fingerprint8B:E2:F6:7C:AE:76:79:CD:78:04:8C:B2:26:A2:C9:3F:F3:80:7A:FD
ValiditySun, 13 Apr 2025 23:19:58 GMT - Sun, 13 Jul 2025 00:18:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd1/?rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabfwwpib68oilgigym1h5ymk%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser HTTP/1.1
Host: analyticsstar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 22 May 2025 10:23:20 GMT
content-type: text/html
server: cloudflare
vary: Accept-Encoding
cf-ray: 943b98f7290a56af-OSL
location: /rd2/?flow=hn1&rp2=na&rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabfwwpib68oilgigym1h5ymk%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser
referrer-policy: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VusgQT%2FVH8G8rguz0XX5%2BhhYahZMtQfwUNknzyc4sfB2f8Lvi%2Ft2icbgr3kkR6D9rE2O%2FvvyGfcfEca7pyzzvpTvmtE4SOKbGRPTOs2FdaNnfQbKQOtaUFAPdhYudNBQh8Kxsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=549&min_rtt=419&rtt_var=277&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3293&recv_bytes=1448&delivery_rate=7040518&cwnd=254&unsent_bytes=0&cid=c745392326984d18&ts=37&x=0"
X-Firefox-Spdy: h2
200 OK 29 kB IP
Certificate IssuerGoogle Trust Services
Subjectstrimsy.top
Fingerprint43:5A:78:B0:70:9C:3B:9C:1F:B7:A7:AD:DE:77:BA:9E:6F:8C:DA:8A
ValidityMon, 21 Apr 2025 13:46:50 GMT - Sun, 20 Jul 2025 14:45:11 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (879), with CRLF, LF line terminators
Hash 1d107c98cd8b97c5dbc79ea1d154c0c7
0c21bf527ab4f25fd1e075efc9fdb9e2596ad125
b5c6cd871aa5d074240ed1f96fb96cc82d6c72e4a8467f6b81f9c1ad7dff3f58
GET / HTTP/1.1
Host: strimsy.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:11 GMT
content-type: text/html; charset=UTF-8
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=3g8vts%2BB%2B4GOg0YoKN5IdiC6EPolw3XtMmf2Szm2pk%2F9DJYgXlWol97ydP7NZz3Km8GAbiNUnO0KZA1vTozLTunvchzWgVZHuQ%3D%3D"}]}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
cf-ray: 943b98c1787fb517-OSL
X-Firefox-Spdy: h2
GET i.imgur.com/xc0srlf.png
200 OK 604 B IP
Certificate IssuerSectigo Limited
Subject*.imgur.com
FingerprintE4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D
ValidityWed, 29 Jan 2025 00:00:00 GMT - Sat, 14 Feb 2026 23:59:59 GMT
File type PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced
Hash 0f47eb673cf558ca1b93ad898014c5d7
9e0581b6f8ce5877b58ce971210a5613c42847ed
445e60b76bd60f502009518d5335ce48da01e4f8160e00d49a20b5a26c010603
GET /xc0srlf.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 01 Mar 2024 00:07:46 GMT
etag: "0f47eb673cf558ca1b93ad898014c5d7"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: UnTeFo2-ysIVK6eEWWu2udAoh_cFoL_c59EXgPudWVFy3of9S5tlHw==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 22 May 2025 10:23:12 GMT
age: 771692
x-served-by: cache-iad-kiad7000161-IAD, cache-hel1410020-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 46, 7
x-timer: S1747909393.631266,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 604
X-Firefox-Spdy: h2
GET www.flashscore.com/res/_fs/build/pl.4e85471.png
200 OK 359 B URL GET www.flashscore.com/res/_fs/build/pl.4e85471.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subject*.flashscore.com
FingerprintCB:42:C5:76:17:A6:51:DE:FD:22:A5:BF:57:AF:7C:79:C1:63:F2:F2
ValiditySun, 18 May 2025 05:06:32 GMT - Sat, 16 Aug 2025 05:06:31 GMT
File type PNG image data, 48 x 32, 8-bit/color RGB, non-interlaced
Hash a85589f6310c846e5d96ca3df8433d46
67aefc4cd5589cc92caa2fd09031e4271aff874c
06cdcabeb8423874b24fd000f56f52bee34f934ad954fadaa8f1f42823cefc18
GET /res/_fs/build/pl.4e85471.png HTTP/1.1
Host: www.flashscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://strimsy.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
server: nginx
content-type: image/png
etag: "167-6358cdb960700"
cache-control: max-age=31104000, immutable
expires: Fri, 15 May 2026 20:56:38 GMT
vary: Accept-Encoding
content-length: 359
x-ttlset: FPH[P]|FPH[A]|FPH[P]|FPH[A]
age: 134792
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: *
x-times: 1747909392737|1747909392737
x-age: 134792[P]|129804[A]|77348[P]|63503[A]
x-pc: HIT[P]|HIT[A]|HIT[P]|HIT[A]
x-vname: lsproxy-6bdb6645ff-9qt5d/varnish1[P]|lsbproxy-1/varnish1[A]|fsproxy6-tt2/varnish1[P]|fsbproxy1-tt2/varnish2[A]
date: Thu, 22 May 2025 10:23:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKV5Mj_aA1rVquKSR6kU_y-sBrQK4rerknNd1LJXyQVE6AWEa9_vOnMdvJHe2FXQ-tE8Ma8PKuA8A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-603154486%3A1747909393623292
403 Forbidden 0 B URL GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKV5Mj_aA1rVquKSR6kU_y-sBrQK4rerknNd1LJXyQVE6AWEa9_vOnMdvJHe2FXQ-tE8Ma8PKuA8A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-603154486%3A1747909393623292
IP
Certificate IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintC1:23:6B:8B:E9:B9:28:BB:DE:15:E9:38:B1:9E:50:AA:7D:13:C9:E9
ValidityTue, 29 Apr 2025 19:30:06 GMT - Tue, 22 Jul 2025 19:30:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKV5Mj_aA1rVquKSR6kU_y-sBrQK4rerknNd1LJXyQVE6AWEa9_vOnMdvJHe2FXQ-tE8Ma8PKuA8A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-603154486%3A1747909393623292 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://strimsy.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 22 May 2025 10:23:13 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-UlmI_aqBAGCN6YtkvtzgeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.m0mx3aNiCTo.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.platekompaniet.no/client.af4460f59db7a384db09.js
200 OK 1.5 MB URL GET www.platekompaniet.no/client.af4460f59db7a384db09.js
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerLet's Encrypt
Subjectplatekompaniet.no
FingerprintCC:04:4D:D3:C7:E8:88:B3:4A:E2:3F:61:DD:01:83:E1:A5:B5:6D:BC
ValiditySun, 23 Mar 2025 16:59:19 GMT - Sat, 21 Jun 2025 16:59:18 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (3997), with LF, NEL line terminators
Size 1.5 MB (1504634 bytes)
Hash 7ff0ee10a65b124f980231e869a1f9d8
6246b7192d67c2e34f7aadce1dac6b800e1adf5d
0a40dc1fa0a8fcb72f05919f98b4dcc99b926cba1c4db0f0e013b6fcd7374688
GET /client.af4460f59db7a384db09.js HTTP/1.1
Host: www.platekompaniet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 21 May 2025 11:45:51 GMT
etag: "682dbcef-16f57a"
expires: Thu, 21 May 2026 11:47:33 GMT
cache-control: max-age=31536000
content-encoding: br
accept-ranges: bytes
age: 81348
date: Thu, 22 May 2025 10:23:21 GMT
x-served-by: cache-bma1651-BMA, cache-hel1410021-HEL
x-cache: MISS, HIT
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 340686
X-Firefox-Spdy: h2
GET ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
200 OK 93 kB URL GET ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
IP
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7A:29:E6:A8:BE:59:2C:AE:82:2D:CA:8E:15:89:41:BE:EC:D2:0D:EA
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65480)
Hash 0b6ecf17e30037994d3ffee51b525914
d09d3a99ed25d0f1fbe6856de9e14ffd33557256
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
GET /ajax/libs/jquery/1.8.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33621
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 May 2025 17:22:25 GMT
expires: Fri, 15 May 2026 17:22:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 579647
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKV5MhV9jFKaGYnkwZ_GEMWWuX983bO9GbaXPKr7WiEr2H5VP52LtMJQMItqKbW9Om2gJIaqzmlUw
302 Found 0 B URL GET accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKV5MhV9jFKaGYnkwZ_GEMWWuX983bO9GbaXPKr7WiEr2H5VP52LtMJQMItqKbW9Om2gJIaqzmlUw
IP
Certificate IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintC1:23:6B:8B:E9:B9:28:BB:DE:15:E9:38:B1:9E:50:AA:7D:13:C9:E9
ValidityTue, 29 Apr 2025 19:30:06 GMT - Tue, 22 Jul 2025 19:30:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKV5MhV9jFKaGYnkwZ_GEMWWuX983bO9GbaXPKr7WiEr2H5VP52LtMJQMItqKbW9Om2gJIaqzmlUw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://strimsy.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:fKUaQJ6nn7L2ff_VeWltNvY45mRnRA:lSIW4D_QszZzvU3N;Path=/;Expires=Sat, 22-May-2027 10:23:13 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 22 May 2025 10:23:13 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKV5Mgd7QyqWzo8PCpdO8Jp-q6lmxqfGh8evHjf9bBApFNfUlmEpltEACoi-Q9NgZApUbrgEZK6_Q&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1093033341%3A1747909393669486
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-m1LmgaBR4abgIvNCMHGK9Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 420
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET consent.cookiebot.com/uc.js
200 OK 114 kB URL GET consent.cookiebot.com/uc.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerDigiCert Inc
Subjectconsent.cookiebot.com
Fingerprint7E:96:84:41:5E:20:EB:F3:ED:7D:A0:AD:B1:20:27:63:EE:D6:CD:48
ValidityMon, 30 Dec 2024 00:00:00 GMT - Wed, 07 Jan 2026 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65499)
Size 114 kB (113675 bytes)
Hash d20fc4473e74de121ad9d60936ff1f2f
40c0c4d33708bb0b132dcd3a7d4ada026ae9de4b
7ece79388f1fba7c18ff514c9e1a046c325d22d003577371a5ab6ae9c1688477
GET /uc.js HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 20 May 2025 09:11:22 GMT
accept-ranges: bytes
etag: "fc96bf2767c9db1:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 34694
cache-control: public, max-age=358
expires: Thu, 22 May 2025 10:29:19 GMT
date: Thu, 22 May 2025 10:23:21 GMT
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
GET i.imgur.com/JsQFCUg.png
200 OK 28 kB IP
Certificate IssuerSectigo Limited
Subject*.imgur.com
FingerprintE4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D
ValidityWed, 29 Jan 2025 00:00:00 GMT - Sat, 14 Feb 2026 23:59:59 GMT
File type PNG image data, 572 x 88, 8-bit/color RGBA, non-interlaced
Hash 87767aa70e5fe08be282b77f2ae71962
34cdfee3de2377cec7960d64d9c5183012608249
0581025b149187b705e1927a67507e4f00bd4d766ab79c73527e410d8d900e92
GET /JsQFCUg.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 26 Dec 2024 16:28:52 GMT
etag: "87767aa70e5fe08be282b77f2ae71962"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: TAcpCRE2hnZcfvgjYfLttmPLgXSFedSyzJf0X8VkU2UL62ene1hXUA==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 22 May 2025 10:23:12 GMT
age: 3207269
x-served-by: cache-iad-kiad7000109-IAD, cache-hel1410020-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 15, 234
x-timer: S1747909392.271795,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 27518
X-Firefox-Spdy: h2
GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 0 B URL GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
Certificate IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintC1:23:6B:8B:E9:B9:28:BB:DE:15:E9:38:B1:9E:50:AA:7D:13:C9:E9
ValidityTue, 29 Apr 2025 19:30:06 GMT - Tue, 22 Jul 2025 19:30:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:I8p8jXU8-QQRR2dpyLNycgTMRtqj8w:I2ogTOm_Ondg1EE5; Expires=Sat, 22-May-2027 10:23:13 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 22 May 2025 10:23:13 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKV5MirWzKSP00LvRrXsvhz9JFCLtCIar_rSL2t1yvG9M5QeDC9F4-PoMfj2tou-bpV79XaRQ8qAw
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-JN5E9EjP7HGDxDHhK_ulaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET wss://s69.chatango.com:8081/
101 Switching Protocols 0 B URL GET wss://s69.chatango.com:8081/
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerSectigo Limited
Subject*.chatango.com
FingerprintCA:CB:28:83:0F:25:6F:8E:F9:1B:D1:C9:48:5C:78:14:83:32:65:7A
ValidityMon, 24 Jun 2024 00:00:00 GMT - Thu, 24 Jul 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: s69.chatango.com:8081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://st.chatango.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IHRsdwhOGtsuwMe+89q95Q==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: AQzIRt2vKlOlV8soH3AAj2Pu1bE=
GET i.imgur.com/3ZBLAk4.jpeg
200 OK 12 kB IP
Certificate IssuerSectigo Limited
Subject*.imgur.com
FingerprintE4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D
ValidityWed, 29 Jan 2025 00:00:00 GMT - Sat, 14 Feb 2026 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 606x101, components 3
Hash 60b3ceb402bb43cb9236b8cbd624c338
5ee795b77c315af649fd14852ce897d57ca0ad14
38e6ca97b4c4c5d6dc9c395a2a98a7d3031b0a403b08d26092ebd5273fd3d0c7
GET /3ZBLAk4.jpeg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Tue, 07 Jan 2025 15:54:55 GMT
etag: "60b3ceb402bb43cb9236b8cbd624c338"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: nqIGKNkQTMSCK0DHLBhia4wC7QNSBB7n6pgzhlBSC8I42XeYHObPLA==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 22 May 2025 10:23:12 GMT
age: 3208876
x-served-by: cache-iad-kcgs7200161-IAD, cache-hel1410020-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 1982, 215
x-timer: S1747909392.271657,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 12175
X-Firefox-Spdy: h2
GET i.imgur.com/35AiChV.jpeg
200 OK 702 B IP
Certificate IssuerSectigo Limited
Subject*.imgur.com
FingerprintE4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D
ValidityWed, 29 Jan 2025 00:00:00 GMT - Sat, 14 Feb 2026 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 114x28, components 3
Hash eb85e6ab5d0b917a292c41e80c595bf2
7caf4a38b13acf0414c6c29de2bbbd61c68b2911
08e5700a8f133f77057cb66978185cd2c1515df3bbc076162153df30059ea353
GET /35AiChV.jpeg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 01 Mar 2024 00:11:29 GMT
etag: "eb85e6ab5d0b917a292c41e80c595bf2"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: ssl0Ar22o6PfgUun9IY-MU3hkQoFhWDWF3j6qrvun6gBu8BnJRnYGA==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 22 May 2025 10:23:12 GMT
age: 3806186
x-served-by: cache-iad-kiad7000073-IAD, cache-hel1410020-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 4, 215
x-timer: S1747909392.273649,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 702
X-Firefox-Spdy: h2
GET www.flashscore.com/res/_fs/build/en.e20b07c.png
200 OK 417 B URL GET www.flashscore.com/res/_fs/build/en.e20b07c.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subject*.flashscore.com
FingerprintCB:42:C5:76:17:A6:51:DE:FD:22:A5:BF:57:AF:7C:79:C1:63:F2:F2
ValiditySun, 18 May 2025 05:06:32 GMT - Sat, 16 Aug 2025 05:06:31 GMT
File type PNG image data, 48 x 32, 8-bit colormap, non-interlaced
Hash de0c861b601878519bc20f176ba05f11
a3e11394d4f8f9021559ce79c436074ac8fd1aaf
235d5897c5a0289029ad7a290e5139042302d943e560cbdd2e79164d862c5b8a
GET /res/_fs/build/en.e20b07c.png HTTP/1.1
Host: www.flashscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://strimsy.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
server: nginx
content-type: image/png
content-length: 417
etag: "1a1-6358cdb960700"
cache-control: max-age=31104000, immutable
expires: Fri, 15 May 2026 17:47:05 GMT
vary: Accept-Encoding
x-ttlset: FPH[P]|FPH[A]|FPH[P]|FPH[A]
age: 146164
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: *
x-times: 1747909392737|1747909392737
x-age: 146164[P]|141181[A]|87700[P]|85463[A]
x-pc: HIT[P]|HIT[A]|HIT[P]|HIT[A]
x-vname: lsproxy-6bdb6645ff-9qt5d/varnish1[P]|lsbproxy-0/varnish1[A]|fsproxy23-tt2/varnish1[P]|fsbproxy4-tt2/varnish1[A]
date: Thu, 22 May 2025 10:23:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.platekompaniet.no/17.cc77a70e683da006bb5f.js
200 OK 11 kB URL GET www.platekompaniet.no/17.cc77a70e683da006bb5f.js
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerLet's Encrypt
Subjectplatekompaniet.no
FingerprintCC:04:4D:D3:C7:E8:88:B3:4A:E2:3F:61:DD:01:83:E1:A5:B5:6D:BC
ValiditySun, 23 Mar 2025 16:59:19 GMT - Sat, 21 Jun 2025 16:59:18 GMT
File type JavaScript source, ASCII text, with very long lines (2300)
Hash a1fc3142f00e2412230248c196e937fb
af7d55ee1fd2ca6ba2de1b7e17929a4d17236a56
7077e25a489a255108e3dec3e4bdc18dd96d0afe7525f92ed6d99354485dde79
GET /17.cc77a70e683da006bb5f.js HTTP/1.1
Host: www.platekompaniet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 12 May 2025 08:40:39 GMT
etag: "6821b407-2a08"
expires: Wed, 13 May 2026 05:22:00 GMT
cache-control: max-age=31536000
content-encoding: br
accept-ranges: bytes
age: 795681
date: Thu, 22 May 2025 10:23:22 GMT
x-served-by: cache-bma1669-BMA, cache-hel1410021-HEL
x-cache: HIT, HIT
x-cache-hits: 72, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 3109
X-Firefox-Spdy: h2
GET static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-f5a540e.js
200 OK 236 B URL GET static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-f5a540e.js
IP
ASN #209242 Cloudflare London, LLC
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerGoogle Trust Services
Subjectzdassets.com
FingerprintB1:E6:DA:3B:72:D6:E1:65:15:89:8B:31:FB:31:4B:DF:A6:6C:62:0D
ValidityTue, 29 Apr 2025 15:02:32 GMT - Mon, 28 Jul 2025 16:02:31 GMT
File type JavaScript source, ASCII text, with no line terminators
Hash e9d8b92096016dfd74d2f2500556464e
0db4e74b955611b21791405af062346f34ac2eee
eb2902ff32366de00d3afa351aeceb1357d5a468eacbb2fd92cf115276d626cb
GET /web_widget/classic/latest/web-widget-chat-incoming-message-notification-f5a540e.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:23 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: Vm8+vc9LM1INohjuPuLS77Vj5btHa5hfrZlStwVgB8LlF/l7y8umEIFgy4POG8IsAFHbM44ixdYhQgD+agUhLw==
x-amz-request-id: GFSGMFS06K0477A2
x-amz-replication-status: COMPLETED
last-modified: Mon, 19 May 2025 10:39:43 GMT
etag: W/"e9d8b92096016dfd74d2f2500556464e"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 19 May 2026 10:39:42 GMT
x-amz-version-id: EXHQr9ex7VEjHcbHh75j_FpTXY2_M9dq
cf-cache-status: HIT
age: 174808
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qsPjg01lNe95xi%2BrZNkMslUmJ84x5%2Fa86lIN0uraiNUsvejiD40%2FT81R1XqLOxtRFvdVtUudc8BAQP6lb3vcUgo%2F74elQL6Jfp661l6D5qw6iCYz12szMB2S8nhZ3%2BhFTuw9N9Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 943b990e19c192c7-CPH
content-encoding: br
X-Firefox-Spdy: h2
GET fnyfiexpectth.org/ek5uQXQbLA0sSxtzDGcBCCJTZEY8a1wHEBgvVzgAESFbMUNIPEAiGBU7CicGFSAabxofOktzMjscAAM6NH0jLTwDADwVMDMUJRAEPyheF0w7JSgmNT53PQcsCQohFCEbBRkMRD0fDTE1PToKADcRKz4QG0wCFnEXLSQ7BCYifzQAHigGD3E5MAcFcE0/HFYvPBMhJRcnNysiJgQ5FywEBCwbWzgiECImCTdLAD4XPTkCLCYGKww/cDEtOi0EGgkqJypEGwUGNgc/JSsAJi0DJhcaKA80FDUbBSwQHSsPLCslFH80A0Y0DQgQLj4vKwMbOAooKyUUY18AMxMmKSQmMA8sByJffCgDAw45PAYTPwM5DzccGzsHLUoDIwMfODc2L0QfGAATNTEiJxA4KHcBAyAsfj8JAzIfXSU1HAwkAxASFwUTJiMpJjshKR8/AzYcKSAlEBYXWgIfM2gEMhsUPlMIHRcfAwc2T34AMAZN
200 OK 3.1 kB URL GET fnyfiexpectth.org/ek5uQXQbLA0sSxtzDGcBCCJTZEY8a1wHEBgvVzgAESFbMUNIPEAiGBU7CicGFSAabxofOktzMjscAAM6NH0jLTwDADwVMDMUJRAEPyheF0w7JSgmNT53PQcsCQohFCEbBRkMRD0fDTE1PToKADcRKz4QG0wCFnEXLSQ7BCYifzQAHigGD3E5MAcFcE0/HFYvPBMhJRcnNysiJgQ5FywEBCwbWzgiECImCTdLAD4XPTkCLCYGKww/cDEtOi0EGgkqJypEGwUGNgc/JSsAJi0DJhcaKA80FDUbBSwQHSsPLCslFH80A0Y0DQgQLj4vKwMbOAooKyUUY18AMxMmKSQmMA8sByJffCgDAw45PAYTPwM5DzccGzsHLUoDIwMfODc2L0QfGAATNTEiJxA4KHcBAyAsfj8JAzIfXSU1HAwkAxASFwUTJiMpJjshKR8/AzYcKSAlEBYXWgIfM2gEMhsUPlMIHRcfAwc2T34AMAZN
IP
Certificate IssuerAmazon
Subjectfnyfiexpectth.org
FingerprintC7:A9:4F:F7:DD:89:AB:AD:9E:B3:C4:74:2D:52:83:00:2D:6A:4C:0A
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (3066), with no line terminators
Hash 2dd1189a7d7302adad3c318bc716d35d
42d1d511c9dca02362dcd28505b35c9aaa70cd7a
941ef1a4905a60e3c26ea90ba4204ca4edb422a2f812452e8110f5f711e5585f
GET /ek5uQXQbLA0sSxtzDGcBCCJTZEY8a1wHEBgvVzgAESFbMUNIPEAiGBU7CicGFSAabxofOktzMjscAAM6NH0jLTwDADwVMDMUJRAEPyheF0w7JSgmNT53PQcsCQohFCEbBRkMRD0fDTE1PToKADcRKz4QG0wCFnEXLSQ7BCYifzQAHigGD3E5MAcFcE0/HFYvPBMhJRcnNysiJgQ5FywEBCwbWzgiECImCTdLAD4XPTkCLCYGKww/cDEtOi0EGgkqJypEGwUGNgc/JSsAJi0DJhcaKA80FDUbBSwQHSsPLCslFH80A0Y0DQgQLj4vKwMbOAooKyUUY18AMxMmKSQmMA8sByJffCgDAw45PAYTPwM5DzccGzsHLUoDIwMfODc2L0QfGAATNTEiJxA4KHcBAyAsfj8JAzIfXSU1HAwkAxASFwUTJiMpJjshKR8/AzYcKSAlEBYXWgIfM2gEMhsUPlMIHRcfAwc2T34AMAZN HTTP/1.1
Host: fnyfiexpectth.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1211
date: Thu, 22 May 2025 10:23:13 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=MhW6sBTaas1Bganb/7UWbm1eoqOfHFsjc8IovPHh31tmQm91zg2D9cdPKz3T1V27VQVWNXMkHA3G7SRtyvKSJ9hUp6jhMWKE5e7Pkm5p1KW4vR/FEtukkRr92vg+; Expires=Thu, 29 May 2025 10:23:13 GMT; Path=/
AWSALBCORS=MhW6sBTaas1Bganb/7UWbm1eoqOfHFsjc8IovPHh31tmQm91zg2D9cdPKz3T1V27VQVWNXMkHA3G7SRtyvKSJ9hUp6jhMWKE5e7Pkm5p1KW4vR/FEtukkRr92vg+; Expires=Thu, 29 May 2025 10:23:13 GMT; Path=/; SameSite=None
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: abmXg2KoGL8ZjwFQdvUJnBNM4sKEdYHZDyHajg5-QKGGutlUmQo83w==
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=G-1GQ8FM4VF3&cx=c>m=457e55k1h1za200&tag_exp=101509157~103116026~103130495~103130497~103136993~103136995~103200004~103233427~103252644~103252646~103301114~103301116
200 OK 335 kB URL GET www.googletagmanager.com/gtag/js?id=G-1GQ8FM4VF3&cx=c>m=457e55k1h1za200&tag_exp=101509157~103116026~103130495~103130497~103136993~103136995~103200004~103233427~103252644~103252646~103301114~103301116
IP
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint02:7D:56:C0:B9:20:0C:27:A4:AC:B9:8F:9D:45:1D:85:2A:30:50:AD
ValidityMon, 21 Apr 2025 08:40:41 GMT - Mon, 14 Jul 2025 08:40:40 GMT
File type JavaScript source, ASCII text, with very long lines (6125)
Size 335 kB (335108 bytes)
Hash d35079b1b5540d6eb30531f05fbe2ea9
b522d86617025677698fdd0af83e370dc89f9ead
f5246c64d2c37ab42677a78e02d6f598f62905527a3faa66d90f7cf45b5ae7ab
GET /gtag/js?id=G-1GQ8FM4VF3&cx=c>m=457e55k1h1za200&tag_exp=101509157~103116026~103130495~103130497~103136993~103136995~103200004~103233427~103252644~103252646~103301114~103301116 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 May 2025 10:23:13 GMT
expires: Thu, 22 May 2025 10:23:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
server: Google Tag Manager
content-length: 117313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET flashscore.com/res/_fs/build/pl.4e85471.png
301 Moved Permanently 359 B URL GET flashscore.com/res/_fs/build/pl.4e85471.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subject*.flashscore.com
FingerprintCB:42:C5:76:17:A6:51:DE:FD:22:A5:BF:57:AF:7C:79:C1:63:F2:F2
ValiditySun, 18 May 2025 05:06:32 GMT - Sat, 16 Aug 2025 05:06:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /res/_fs/build/pl.4e85471.png HTTP/1.1
Host: flashscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: Varnish
access-control-allow-origin: *
access-control-expose-headers: *
x-times: 1747909392290|1747909392290
x-age: [P]
x-pc: 0[P]
x-vname: lsproxy-6bdb6645ff-9qt5d/varnish1[P]
date: Thu, 22 May 2025 10:23:12 GMT
location: https://www.flashscore.com/res/_fs/build/pl.4e85471.png
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.flashscore.com/res/_fs/build/de.ae030da.png
200 OK 378 B URL GET www.flashscore.com/res/_fs/build/de.ae030da.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subject*.flashscore.com
FingerprintCB:42:C5:76:17:A6:51:DE:FD:22:A5:BF:57:AF:7C:79:C1:63:F2:F2
ValiditySun, 18 May 2025 05:06:32 GMT - Sat, 16 Aug 2025 05:06:31 GMT
File type PNG image data, 48 x 32, 8-bit/color RGB, non-interlaced
Hash 8295ad983b8f696fa6c9baf3a3dbebd6
ab430ab6b1019fb84a8a44cefcb78bfb7dc8ae86
1bcd0567ec52f548d529cd7eda0f76a1d90235914dbb0369681b8ca7d8a2337a
GET /res/_fs/build/de.ae030da.png HTTP/1.1
Host: www.flashscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://strimsy.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
server: nginx
content-type: image/png
content-length: 378
etag: "17a-6358cdb960700"
cache-control: max-age=31104000, immutable
expires: Fri, 15 May 2026 19:52:42 GMT
vary: Accept-Encoding
x-ttlset: FPH[P]|FPH[A]|FPH[P]|FPH[A]
age: 138629
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: *
x-times: 1747909392737|1747909392737
x-age: 138629[P]|134688[A]|80163[P]|46513[A]
x-pc: HIT[P]|HIT[A]|HIT[P]|HIT[A]
x-vname: lsproxy-6bdb6645ff-qgvxg/varnish1[P]|lsbproxy-0/varnish1[A]|fsproxy10-tt2/varnish1[P]|fsbproxy4-tt2/varnish1[A]
date: Thu, 22 May 2025 10:23:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.platekompaniet.no/fonts/Averta%20Regular.woff2
200 OK 67 kB URL GET www.platekompaniet.no/fonts/Averta%20Regular.woff2
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerLet's Encrypt
Subjectplatekompaniet.no
FingerprintCC:04:4D:D3:C7:E8:88:B3:4A:E2:3F:61:DD:01:83:E1:A5:B5:6D:BC
ValiditySun, 23 Mar 2025 16:59:19 GMT - Sat, 21 Jun 2025 16:59:18 GMT
File type Web Open Font Format (Version 2), TrueType, length 66796, version 1.524
Hash ac872d5af76e8e5d81a1e8cdce8f8aa9
fa94fe0ae7f7534598f31c5b801d5b15c579dca7
505d3098711b423a47b1652cfa6586b04f36580a6c814543c7d2a4b96688b5de
GET /fonts/Averta%20Regular.woff2 HTTP/1.1
Host: www.platekompaniet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Mon, 24 Apr 2023 17:01:55 GMT
etag: "6446b603-104ec"
expires: Fri, 22 May 2026 07:35:20 GMT
cache-control: max-age=31536000
accept-ranges: bytes
date: Thu, 22 May 2025 10:23:22 GMT
age: 10082
x-served-by: cache-bma1673-BMA, cache-hel1410021-HEL
x-cache: HIT, HIT
x-cache-hits: 2, 2
vary:
strict-transport-security: max-age=31557600
content-length: 66796
X-Firefox-Spdy: h2
GET static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-f5a540e.js
200 OK 26 kB URL GET static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-f5a540e.js
IP
ASN #209242 Cloudflare London, LLC
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerGoogle Trust Services
Subjectzdassets.com
FingerprintB1:E6:DA:3B:72:D6:E1:65:15:89:8B:31:FB:31:4B:DF:A6:6C:62:0D
ValidityTue, 29 Apr 2025 15:02:32 GMT - Mon, 28 Jul 2025 16:02:31 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (25701), with no line terminators
Hash ef48436bf7997a9fed0856cd3df28c0f
413d809a8680f59bc72ee16fb46df88350055c67
b87b92cd9b2943bcc97a64011eb833ef4205009327eaffe17db1cd001ae9ecc8
GET /web_widget/classic/latest/web-widget-locales/classic/en-us-json-f5a540e.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:23 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: J2BxVWf6eaHKkaLzzncB0rX0AWCU6Vp2/W53h6k1USCR6JabJkMM1MU6kMrlERYbSaw8hJUOf48K3NFDWwLQNSbe9MLdiW0h0J3cKiKYSmk=
x-amz-request-id: 2EAJ7Y54XSR3AFV0
x-amz-replication-status: COMPLETED
last-modified: Mon, 19 May 2025 10:39:45 GMT
etag: W/"ef48436bf7997a9fed0856cd3df28c0f"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 19 May 2026 10:39:44 GMT
x-amz-version-id: zdDnFSv7cclzwfw0QIrGX7_zEZEfZfvg
cf-cache-status: HIT
age: 174808
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4uu08kKA%2Fz2TuzuF0ayzPmm7uSWmpNA%2BhaEr7JY4kXPczNqaMeUKECNAhI1LCnf2p5Lbs1tl88CDvKjej34Ppe76TkkmncZEWFfxzzZHJAJ7%2FscrJqYqqLHuX%2BOsm3VLuTEkeDM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 943b99098e1692c7-CPH
content-encoding: br
X-Firefox-Spdy: h2
GET wss://widget-mediator.zopim.com/s/W/ws/8I8XYe0e7zjPnv-s/c/1747909403357
101 Switching Protocols 0 B URL GET wss://widget-mediator.zopim.com/s/W/ws/8I8XYe0e7zjPnv-s/c/1747909403357
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerAmazon
Subject*.zopim.com
FingerprintF5:6D:E7:00:23:72:09:7B:2A:4D:A3:95:64:A6:78:46:FF:D5:69:C1
ValiditySun, 08 Sep 2024 00:00:00 GMT - Wed, 08 Oct 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/W/ws/8I8XYe0e7zjPnv-s/c/1747909403357 HTTP/1.1
Host: widget-mediator.zopim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.platekompaniet.no
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FdKdAOiEqZLVRDyuspcqBg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Thu, 22 May 2025 10:23:23 GMT
Connection: upgrade
Set-Cookie: AWSALB=1B/twZIbYBkkzsnYRetWHv/g4XsS6wDlpyUW5XuK6S31yulidKb4+fogEPS1lEMBUi5hVWBkeKXcbN/OeUV5Wy4vPDA7RkrnzoxJVCaTjtDDm3kCtF8lsqwsEKKs; Expires=Thu, 29 May 2025 10:23:23 GMT; Path=/
AWSALBCORS=1B/twZIbYBkkzsnYRetWHv/g4XsS6wDlpyUW5XuK6S31yulidKb4+fogEPS1lEMBUi5hVWBkeKXcbN/OeUV5Wy4vPDA7RkrnzoxJVCaTjtDDm3kCtF8lsqwsEKKs; Expires=Thu, 29 May 2025 10:23:23 GMT; Path=/; SameSite=None; Secure
Upgrade: websocket
Sec-WebSocket-Accept: eJl2+ktRNuOyedTDKLornra3yrE=
GET strimsy.top/layout/style.css?v=060920227
200 OK 4.3 kB URL GET strimsy.top/layout/style.css?v=060920227
IP
Certificate IssuerGoogle Trust Services
Subjectstrimsy.top
Fingerprint43:5A:78:B0:70:9C:3B:9C:1F:B7:A7:AD:DE:77:BA:9E:6F:8C:DA:8A
ValidityMon, 21 Apr 2025 13:46:50 GMT - Sun, 20 Jul 2025 14:45:11 GMT
File type ASCII text, with CRLF line terminators
Hash 48f4ae1de0d90590f1580421f0cdd9be
8d161db0798fdd2d8d42651e62810b7bb87dbe5b
42aa9fe1d35ba022aef9fa91de6a803a152c2ea1ef52508a5d5ef602bcd8ebb5
GET /layout/style.css?v=060920227 HTTP/1.1
Host: strimsy.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 22 May 2025 10:23:12 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=63jS78hkea1TQSqqrjXMVXzuHAXxkiUKbBoLxBb3oHxhXYNLkWaRsFT4cUviTNfq2M7UCFae3LbuYsje49D%2BnfhiTF%2BmbK67KNPCgFItWInC6zvPItChMTx0qEDqmg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Mon, 26 May 2025 00:09:38 GMT
last-modified: Sat, 19 Apr 2025 15:38:29 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
age: 296013
cf-cache-status: HIT
content-encoding: br
cf-ray: 943b98c4eb367131-OSL
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=1999&min_rtt=568&rtt_var=1591&sent=145&recv=240&lost=0&retrans=0&sent_bytes=11048&recv_bytes=13297&delivery_rate=753390&cwnd=12000&unsent_bytes=0&cid=a0fb6bbedac4cfc3&ts=304&x=80"
POST fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=06824e20-686c-4266-9d21-e0775f502c28
200 OK 0 B URL POST fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=06824e20-686c-4266-9d21-e0775f502c28
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0
ValidityWed, 11 Dec 2024 00:00:00 GMT - Sun, 11 Jan 2026 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=06824e20-686c-4266-9d21-e0775f502c28 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 450
Origin: https://st.chatango.com
DNT: 1
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Thu, 22 May 2025 10:23:19 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://st.chatango.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
GET analyticsstar.com/rd2/?flow=hn2&rp2=na&rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabfwwpib68oilgigym1h5ymk%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser
302 Found 1.5 kB URL GET analyticsstar.com/rd2/?flow=hn2&rp2=na&rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabfwwpib68oilgigym1h5ymk%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerGoogle Trust Services
Subjectanalyticsstar.com
Fingerprint8B:E2:F6:7C:AE:76:79:CD:78:04:8C:B2:26:A2:C9:3F:F3:80:7A:FD
ValiditySun, 13 Apr 2025 23:19:58 GMT - Sun, 13 Jul 2025 00:18:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd2/?flow=hn2&rp2=na&rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabfwwpib68oilgigym1h5ymk%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser HTTP/1.1
Host: analyticsstar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Thu, 22 May 2025 10:23:20 GMT
content-length: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2vS9uo%2FET9kmlzd%2BMov%2Fa1KHq%2BvJKB3fBIEaXErGT24vJgEJbwOHJOhwrREYv69N8dpJpjWyH7RSSmgdpOCThTM4jpOsamPrmB6G8xxyh1sWIaIp1oD0X6%2BeoHLbWzJdJaLr9A%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://r.linksprf.com/v1/redirect?yk_tag=abfwwpib68oilgigym1h5ymk&type=linkId&id=724995c67e2e411bb0c1993c92ff0ead&api_key=9fc4e996309a71593ec11abc32134106&site_id=73e8ce88e6254cc8a21b08494c7f252f&dch=feed&ad_t=advertiser
cf-ray: 943b98f84a031c12-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5360&min_rtt=2240&rtt_var=5572&sent=25&recv=35&lost=0&retrans=0&sent_bytes=4464&recv_bytes=2812&delivery_rate=543653&cwnd=12000&unsent_bytes=0&cid=d1b029a30f033cb9&ts=170&x=80"
GET flashscore.com/res/_fs/build/en.e20b07c.png
301 Moved Permanently 417 B URL GET flashscore.com/res/_fs/build/en.e20b07c.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subject*.flashscore.com
FingerprintCB:42:C5:76:17:A6:51:DE:FD:22:A5:BF:57:AF:7C:79:C1:63:F2:F2
ValiditySun, 18 May 2025 05:06:32 GMT - Sat, 16 Aug 2025 05:06:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /res/_fs/build/en.e20b07c.png HTTP/1.1
Host: flashscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: Varnish
access-control-allow-origin: *
access-control-expose-headers: *
x-times: 1747909392289|1747909392289
x-age: [P]
x-pc: 0[P]
x-vname: lsproxy-6bdb6645ff-9qt5d/varnish1[P]
date: Thu, 22 May 2025 10:23:12 GMT
location: https://www.flashscore.com/res/_fs/build/en.e20b07c.png
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.flashscore.com/res/_fs/build/es.4dc0e44.png
200 OK 840 B URL GET www.flashscore.com/res/_fs/build/es.4dc0e44.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subject*.flashscore.com
FingerprintCB:42:C5:76:17:A6:51:DE:FD:22:A5:BF:57:AF:7C:79:C1:63:F2:F2
ValiditySun, 18 May 2025 05:06:32 GMT - Sat, 16 Aug 2025 05:06:31 GMT
File type PNG image data, 48 x 32, 8-bit/color RGB, non-interlaced
Hash e080eddf012b073a9c6969b95c59f054
52bf6b05c3a760cf99681f4630e00469554b8bdf
2c28484d48bc5ef943f164183e21899c277b69e305a346c28a9484f9ca059e47
GET /res/_fs/build/es.4dc0e44.png HTTP/1.1
Host: www.flashscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://strimsy.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
server: nginx
content-type: image/png
content-length: 840
etag: "348-6358cd88bd440"
cache-control: max-age=31104000, immutable
expires: Sat, 16 May 2026 17:14:42 GMT
vary: Accept-Encoding
x-ttlset: FPH[P]|FPH[A]|FPH[P]|FPH[A]
age: 61709
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: *
x-times: 1747909392737|1747909392737
x-age: 61709[P]|56729[A]|8385[P]|8385[A]
x-pc: HIT[P]|HIT[A]|MISS[P]|HIT[A]
x-vname: lsproxy-6bdb6645ff-9qt5d/varnish1[P]|lsbproxy-0/varnish1[A]|fsproxy21-tt2/varnish1[P]|fsbproxy3-tt2/varnish2[A]
date: Thu, 22 May 2025 10:23:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.flashscore.com/res/_fs/build/fr.8e1768e.png
200 OK 374 B URL GET www.flashscore.com/res/_fs/build/fr.8e1768e.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subject*.flashscore.com
FingerprintCB:42:C5:76:17:A6:51:DE:FD:22:A5:BF:57:AF:7C:79:C1:63:F2:F2
ValiditySun, 18 May 2025 05:06:32 GMT - Sat, 16 Aug 2025 05:06:31 GMT
File type PNG image data, 48 x 32, 8-bit/color RGB, non-interlaced
Hash 313d9efa8b4d5cc34384740fbd882a74
5bbb2be1cce7ab0b0694d2c0c019b436d986df8b
bfaab64b76bf88d218b89730b4fcd3a16782b061a5e4ae409a89f84c4461fd4b
GET /res/_fs/build/fr.8e1768e.png HTTP/1.1
Host: www.flashscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://strimsy.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
server: nginx
content-type: image/png
content-length: 374
etag: "176-6358cdb960700"
cache-control: max-age=31104000, immutable
expires: Fri, 15 May 2026 19:34:56 GMT
vary: Accept-Encoding
x-ttlset: FPH[P]|FPH[A]|FPH[P]|FPH[A]
age: 139693
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: *
x-times: 1747909392736|1747909392736
x-age: 139693[P]|134716[A]|85364[P]|77007[A]
x-pc: HIT[P]|HIT[A]|HIT[P]|HIT[A]
x-vname: lsproxy-6bdb6645ff-9qt5d/varnish1[P]|lsbproxy-1/varnish1[A]|fsproxy15-tt2/varnish1[P]|fsbproxy4-tt2/varnish2[A]
date: Thu, 22 May 2025 10:23:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET i.imgur.com/E6l7Icy.jpeg
200 OK 38 kB IP
Certificate IssuerSectigo Limited
Subject*.imgur.com
FingerprintE4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D
ValidityWed, 29 Jan 2025 00:00:00 GMT - Sat, 14 Feb 2026 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 285x420, components 3
Hash 8347a8505cd934e7eff637f1bdb6d66e
2ef503e080ec12be3c6af20abed483945263aab8
62ebaf2554384bb05bb87f148db14f781faa49373a966ca767a39dd5c9d04b50
GET /E6l7Icy.jpeg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Tue, 10 Sep 2024 10:35:40 GMT
etag: "8347a8505cd934e7eff637f1bdb6d66e"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: xjw0sEoCyGuDTqCGQAYRXTNlHe-zoW7r-Cj_ZP9eEO65rUGYAmjYGA==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 22 May 2025 10:23:12 GMT
age: 4389274
x-served-by: cache-iad-kiad7000139-IAD, cache-hel1410020-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 1065, 224
x-timer: S1747909392.271901,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 38264
X-Firefox-Spdy: h2
GET i.imgur.com/k2dQdRP.jpeg
200 OK 2.4 kB IP
Certificate IssuerSectigo Limited
Subject*.imgur.com
FingerprintE4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D
ValidityWed, 29 Jan 2025 00:00:00 GMT - Sat, 14 Feb 2026 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 205x31, components 3
Hash 4c649e38ffb0c8a720f5f8164d68becf
a93dea69593e02ef2f1e8f9c2d6822689ef8d3ca
037ac235c79d66d056eae3e4676449f40786f923c3d2dc1495f36a138c5f9673
GET /k2dQdRP.jpeg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 01 Mar 2024 00:11:29 GMT
etag: "4c649e38ffb0c8a720f5f8164d68becf"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: aqgL1y95oaLwCnTrSe2yY7t8nCUG2SLbZFX3XZo0RhYShgBmLupX0Q==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 22 May 2025 10:23:12 GMT
age: 3318696
x-served-by: cache-iad-kjyo7100103-IAD, cache-hel1410020-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 2348, 221
x-timer: S1747909392.273258,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 2407
X-Firefox-Spdy: h2
GET fnyfiexpectth.org/OHc0ZndZFVcLSFlKVkACShsJQ0V+UgYgE1oWDR8DUxgBFkAKBRoFG1cCUAAFVxlASBldAxFUMU0gYwo7aUR9UDVRIlgyJAg2eFVCdBYFHlIKMVANPR1FciEjUxpyISZZJ04jFXY1Wx8VaS4GISAIB3UyLnA4B1IQdzRXAzppOmwkNmkwYiVHbDsHUzReAGEXO2ohXzIODANxMSVhFWcvIHdGZkNFfi1lPwd6HnZDRXo2XhEucSRHMztfQwAvG2kEdy4uTT9nKzZyDgwyEX4EegIbQAdgLhtCIF1SNnIkVwI7UAdBBSJxRHwxQkAmWQ4tYi96PhZRA0EFInECdSVabkZmCA9ZNGM8Nlklcl8TCRNFLUUND2UPBF4VWicNWTFEQ0V+FWEsAGw/WBwxbAB/LzRAL1UfTg0UBCgHby9EHCYLD1YDDm0VfxEATDt1Fk9vAAUfJm9GfANFbT9uIBAeHUcJGUhKZgc5bQVFKBp3Mg
200 OK 3.1 kB URL GET fnyfiexpectth.org/OHc0ZndZFVcLSFlKVkACShsJQ0V+UgYgE1oWDR8DUxgBFkAKBRoFG1cCUAAFVxlASBldAxFUMU0gYwo7aUR9UDVRIlgyJAg2eFVCdBYFHlIKMVANPR1FciEjUxpyISZZJ04jFXY1Wx8VaS4GISAIB3UyLnA4B1IQdzRXAzppOmwkNmkwYiVHbDsHUzReAGEXO2ohXzIODANxMSVhFWcvIHdGZkNFfi1lPwd6HnZDRXo2XhEucSRHMztfQwAvG2kEdy4uTT9nKzZyDgwyEX4EegIbQAdgLhtCIF1SNnIkVwI7UAdBBSJxRHwxQkAmWQ4tYi96PhZRA0EFInECdSVabkZmCA9ZNGM8Nlklcl8TCRNFLUUND2UPBF4VWicNWTFEQ0V+FWEsAGw/WBwxbAB/LzRAL1UfTg0UBCgHby9EHCYLD1YDDm0VfxEATDt1Fk9vAAUfJm9GfANFbT9uIBAeHUcJGUhKZgc5bQVFKBp3Mg
IP
Certificate IssuerAmazon
Subjectfnyfiexpectth.org
FingerprintC7:A9:4F:F7:DD:89:AB:AD:9E:B3:C4:74:2D:52:83:00:2D:6A:4C:0A
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (3059), with no line terminators
Hash 3005c0a8f9130037547278e576200831
15275c582cc224ef15cc5dc35d56f671c98fdaee
ed7a8e1df71776e3575357383ebe6da33301d9f9ccefa7857751b046fd68e35f
GET /OHc0ZndZFVcLSFlKVkACShsJQ0V+UgYgE1oWDR8DUxgBFkAKBRoFG1cCUAAFVxlASBldAxFUMU0gYwo7aUR9UDVRIlgyJAg2eFVCdBYFHlIKMVANPR1FciEjUxpyISZZJ04jFXY1Wx8VaS4GISAIB3UyLnA4B1IQdzRXAzppOmwkNmkwYiVHbDsHUzReAGEXO2ohXzIODANxMSVhFWcvIHdGZkNFfi1lPwd6HnZDRXo2XhEucSRHMztfQwAvG2kEdy4uTT9nKzZyDgwyEX4EegIbQAdgLhtCIF1SNnIkVwI7UAdBBSJxRHwxQkAmWQ4tYi96PhZRA0EFInECdSVabkZmCA9ZNGM8Nlklcl8TCRNFLUUND2UPBF4VWicNWTFEQ0V+FWEsAGw/WBwxbAB/LzRAL1UfTg0UBCgHby9EHCYLD1YDDm0VfxEATDt1Fk9vAAUfJm9GfANFbT9uIBAeHUcJGUhKZgc5bQVFKBp3Mg HTTP/1.1
Host: fnyfiexpectth.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1206
date: Thu, 22 May 2025 10:23:13 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=nIu+0aE+bqgyD9Q67B3R43Cxynk1Umo1oNCGHABk1BQd72DHMScS3JfEUWIfXFEQK+YZpfwLxJEZT4hgdf/IsT7l2c6k7dS6/pHofwfqzhFE32S3ZeFolU12vs2V; Expires=Thu, 29 May 2025 10:23:13 GMT; Path=/
AWSALBCORS=nIu+0aE+bqgyD9Q67B3R43Cxynk1Umo1oNCGHABk1BQd72DHMScS3JfEUWIfXFEQK+YZpfwLxJEZT4hgdf/IsT7l2c6k7dS6/pHofwfqzhFE32S3ZeFolU12vs2V; Expires=Thu, 29 May 2025 10:23:13 GMT; Path=/; SameSite=None
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: H2b18fqW1_kApkyeQuXa048Addfi36Sp1FAlpmnx8zDddficyT7v3g==
X-Firefox-Spdy: h2
GET ukankingwithea.com/
200 OK 27 B IP
Certificate IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:15:28:2A:F2:F8:5D:3A:DE:6D:1D:DC:CF:6D:06:BA:00:3A:63:70
ValidityTue, 29 Apr 2025 13:46:48 GMT - Mon, 28 Jul 2025 14:44:24 GMT
File type ASCII text, with no line terminators
Hash 9432d8ef1cc76d649df1c9e2b8cfd970
01854675a48b5b824243d1eeac3c38a36d409569
ad5021e99f7d1bf06d8e0d9ec0a40328547367204b911b91ff68b169ce3b18f9
GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://strimsy.top/
Origin: https://strimsy.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:13 GMT
content-type: text/plain
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: https://strimsy.top
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=U602kEFXeVnx6X4hEoCiESa%2FW3tkc%2BcRgJzo6A%2B1O9kesdHZL5eOZr0OpPc%2FtoqNsBU58gHkAcsKIqrpyMq%2FRAADUydOgMmFrSy8bpPmYZ8%3D"}]}
content-encoding: br
set-cookie: csu=1218150940530933@1@1747909393; SameSite=None; Secure; Max-Age=31104000
cf-ray: 943b98cc3dab7128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET st.chatango.com/h5/gz/r0521250612/id.html
200 OK 697 kB URL GET st.chatango.com/h5/gz/r0521250612/id.html
IP
Requested by https://strimsy.top/layout/chat2.php
Certificate IssuerSectigo Limited
Subject*.chatango.com
FingerprintCA:CB:28:83:0F:25:6F:8E:F9:1B:D1:C9:48:5C:78:14:83:32:65:7A
ValidityMon, 24 Jun 2024 00:00:00 GMT - Thu, 24 Jul 2025 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (54430), with CRLF, LF line terminators
Size 697 kB (697286 bytes)
Hash 42cf7478ee282e8aad01468a4754877a
61156b326e1c997030d10906934c5835bccbbf52
984075ea4326073ef4e759851d760ad8d025ee617ca71a571a9621a380eae182
GET /h5/gz/r0521250612/id.html HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 May 2025 10:23:14 GMT
Content-Type: text/html
Content-Length: 224088
Last-Modified: Wed, 21 May 2025 13:16:52 GMT
Connection: keep-alive
Expires: Fri, 22 May 2026 10:23:14 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
P3P: CP="Chatango does not have a P3P policy. Please see our privacy policy: http://chatango.com/page?full_privacy"
Accept-Ranges: bytes
GET ust.chatango.com/profileimg/a/z/azari123/thumb.jpg
200 OK 1.5 kB URL GET ust.chatango.com/profileimg/a/z/azari123/thumb.jpg
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerSectigo Limited
Subject*.chatango.com
FingerprintCA:CB:28:83:0F:25:6F:8E:F9:1B:D1:C9:48:5C:78:14:83:32:65:7A
ValidityMon, 24 Jun 2024 00:00:00 GMT - Thu, 24 Jul 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3
Hash 1a93a62d893ccea875a06903731ab454
6738fbfe7894cc187f968591788bc852177a7874
fb9c1e8a6d261ebb5867f7850ca85d9aa9f2973386c6d7faa10a9f4844ba7020
GET /profileimg/a/z/azari123/thumb.jpg HTTP/1.1
Host: ust.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 May 2025 10:23:18 GMT
Content-Type: image/jpeg
Content-Length: 1470
Last-Modified: Mon, 13 Jan 2025 04:12:59 GMT
Connection: keep-alive
ETag: "678492cb-5be"
Expires: Thu, 22 May 2025 10:23:18 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
GET gizokraijaw.net/impression/gQ74Kyg36KEyaq-VUMLKUHXz97Xuuo2seK7FeoYwtem22uVvzmujvt0iHvYSHdwjvlNgTZ9LG5J9DRJYOfwF-IXrVHAvjh8UXHNev9BFXHp0HRMwe8iGUrhLoArEW-PWlLKiv7FYvrIWThfcnllb3pRAk-2CGAqdbpcHUnvtpyvwftdZCf_k2-WtD2ABdRNFqrc8MUK86O7Jo6NoSclUCirR07ICJjM07uDL4_3gkLHpSGQIfnD_tqcaEphJhAl1Bc37OQrbX1roe19n9K5DNm40C4S9FQksUqmRDiREhZrbv5MHWS6dh1CkeaOQGVcYThHAyaK637WhWqLtFTYYFNe23YHAyDiRkh84qTY1081U23sd-Bl6rBUE-rzCPoiag8-w4jma5kUh4AzxmiMb6DqQiigX3Rfl8iyLPBjuMhJlsSGFIQFz4pCoNcakFQXMus1grcCEoMV78Lck9891yqoia3fpPCprZyCY1-Jrc3P5_o6V90wLHTPdyFq5EjMG-kiYsMBfWoH0AkrTf9IYOiLftITgsLPL_PDg8Mt6P6I_Vh1v7vv8INjnk3Ll0zbdJLQ2wX7f2eJocHYsMMrIVA==?_z=9283842&js_build=8&sw_version=v1.626.0&dmn=gizokraijaw.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=282&wiw=282&wih=620&wfc=2&pl=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0521250612%2Fid.html&drf=https%3A%2F%2Fstrimsy.top%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
200 OK 43 B URL GET gizokraijaw.net/impression/gQ74Kyg36KEyaq-VUMLKUHXz97Xuuo2seK7FeoYwtem22uVvzmujvt0iHvYSHdwjvlNgTZ9LG5J9DRJYOfwF-IXrVHAvjh8UXHNev9BFXHp0HRMwe8iGUrhLoArEW-PWlLKiv7FYvrIWThfcnllb3pRAk-2CGAqdbpcHUnvtpyvwftdZCf_k2-WtD2ABdRNFqrc8MUK86O7Jo6NoSclUCirR07ICJjM07uDL4_3gkLHpSGQIfnD_tqcaEphJhAl1Bc37OQrbX1roe19n9K5DNm40C4S9FQksUqmRDiREhZrbv5MHWS6dh1CkeaOQGVcYThHAyaK637WhWqLtFTYYFNe23YHAyDiRkh84qTY1081U23sd-Bl6rBUE-rzCPoiag8-w4jma5kUh4AzxmiMb6DqQiigX3Rfl8iyLPBjuMhJlsSGFIQFz4pCoNcakFQXMus1grcCEoMV78Lck9891yqoia3fpPCprZyCY1-Jrc3P5_o6V90wLHTPdyFq5EjMG-kiYsMBfWoH0AkrTf9IYOiLftITgsLPL_PDg8Mt6P6I_Vh1v7vv8INjnk3Ll0zbdJLQ2wX7f2eJocHYsMMrIVA==?_z=9283842&js_build=8&sw_version=v1.626.0&dmn=gizokraijaw.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=282&wiw=282&wih=620&wfc=2&pl=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0521250612%2Fid.html&drf=https%3A%2F%2Fstrimsy.top%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerLet's Encrypt
Subjectgizokraijaw.net
Fingerprint3C:B9:3D:09:48:90:DC:27:96:45:F4:C3:E1:D2:D5:02:53:B9:6B:E6
ValidityTue, 15 Apr 2025 05:31:47 GMT - Mon, 14 Jul 2025 05:31:46 GMT
File type GIF image data, version 89a, 1 x 1
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impression/gQ74Kyg36KEyaq-VUMLKUHXz97Xuuo2seK7FeoYwtem22uVvzmujvt0iHvYSHdwjvlNgTZ9LG5J9DRJYOfwF-IXrVHAvjh8UXHNev9BFXHp0HRMwe8iGUrhLoArEW-PWlLKiv7FYvrIWThfcnllb3pRAk-2CGAqdbpcHUnvtpyvwftdZCf_k2-WtD2ABdRNFqrc8MUK86O7Jo6NoSclUCirR07ICJjM07uDL4_3gkLHpSGQIfnD_tqcaEphJhAl1Bc37OQrbX1roe19n9K5DNm40C4S9FQksUqmRDiREhZrbv5MHWS6dh1CkeaOQGVcYThHAyaK637WhWqLtFTYYFNe23YHAyDiRkh84qTY1081U23sd-Bl6rBUE-rzCPoiag8-w4jma5kUh4AzxmiMb6DqQiigX3Rfl8iyLPBjuMhJlsSGFIQFz4pCoNcakFQXMus1grcCEoMV78Lck9891yqoia3fpPCprZyCY1-Jrc3P5_o6V90wLHTPdyFq5EjMG-kiYsMBfWoH0AkrTf9IYOiLftITgsLPL_PDg8Mt6P6I_Vh1v7vv8INjnk3Ll0zbdJLQ2wX7f2eJocHYsMMrIVA==?_z=9283842&js_build=8&sw_version=v1.626.0&dmn=gizokraijaw.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=282&wiw=282&wih=620&wfc=2&pl=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0521250612%2Fid.html&drf=https%3A%2F%2Fstrimsy.top%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: gizokraijaw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://st.chatango.com/
Cookie: OAID=0801d149bf2c4842ff28d9b370dbc248
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 22 May 2025 10:23:20 GMT
content-type: image/gif
content-length: 43
x-trace-id: 8ee26efb3cbbd2a927b5aabf74624637
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
GET strimsy.top/layout/chat2.php
200 OK 4.8 kB URL GET strimsy.top/layout/chat2.php
IP
Certificate IssuerGoogle Trust Services
Subjectstrimsy.top
Fingerprint43:5A:78:B0:70:9C:3B:9C:1F:B7:A7:AD:DE:77:BA:9E:6F:8C:DA:8A
ValidityMon, 21 Apr 2025 13:46:50 GMT - Sun, 20 Jul 2025 14:45:11 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (426)
Hash 40c5063ce2f372269106f7eca7ac8e01
2c50ec0ebcf7fb5045bf0f2ab68b2d0d178a9dbd
168ec4286532388ab740495caccec954344d68fff34f3e329ddbcc2c1d8fc41a
GET /layout/chat2.php HTTP/1.1
Host: strimsy.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 22 May 2025 10:23:13 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dv0eAC0HeNw3Esi3Bl971Xxo2Xg0YU7LxPuCT4GRWO2TSovBKWzAfP9EDiYvuC1x3Brk47fCkWK1cOyYAaDt3i%2Byr%2FICGIJVWBWQtr7Jzu2wpRek0HTaFOaKPEQwWw%3D%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 943b98ca3b4b7131-OSL
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=2441&min_rtt=568&rtt_var=2077&sent=148&recv=242&lost=0&retrans=0&sent_bytes=12966&recv_bytes=13668&delivery_rate=753390&cwnd=12000&unsent_bytes=0&cid=a0fb6bbedac4cfc3&ts=1344&x=80"
GET ust.chatango.com/um/d/r/drimszou/img/t_365.jpg
200 OK 27 kB URL GET ust.chatango.com/um/d/r/drimszou/img/t_365.jpg
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerSectigo Limited
Subject*.chatango.com
FingerprintCA:CB:28:83:0F:25:6F:8E:F9:1B:D1:C9:48:5C:78:14:83:32:65:7A
ValidityMon, 24 Jun 2024 00:00:00 GMT - Thu, 24 Jul 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 240x300, components 3
Hash 832e708237136f42484d2e1dbef4b4dc
326594d1c9db589a06d2900a82a5067c3d177c16
b1b95d1c4f1897ef5207d9423710d1445e3da87f66ead0e25c6dc5b5fea03e19
GET /um/d/r/drimszou/img/t_365.jpg HTTP/1.1
Host: ust.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 May 2025 10:23:18 GMT
Content-Type: image/jpeg
Content-Length: 27348
Last-Modified: Thu, 22 May 2025 10:14:36 GMT
Connection: keep-alive
Expires: Thu, 22 May 2025 10:33:18 GMT
Cache-Control: max-age=600
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
OPTIONS gizokraijaw.net/500/9283842?excludes=&oaid=0801d149bf2c4842ff28d9b370dbc248&var=&ymid=&tgp=&js_build=8&sw_version=v1.626.0&dmn=gizokraijaw.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=282&wiw=282&wih=620&wfc=2&pl=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0521250612%2Fid.html&drf=https%3A%2F%2Fstrimsy.top%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
200 OK 0 B URL OPTIONS gizokraijaw.net/500/9283842?excludes=&oaid=0801d149bf2c4842ff28d9b370dbc248&var=&ymid=&tgp=&js_build=8&sw_version=v1.626.0&dmn=gizokraijaw.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=282&wiw=282&wih=620&wfc=2&pl=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0521250612%2Fid.html&drf=https%3A%2F%2Fstrimsy.top%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerLet's Encrypt
Subjectgizokraijaw.net
Fingerprint3C:B9:3D:09:48:90:DC:27:96:45:F4:C3:E1:D2:D5:02:53:B9:6B:E6
ValidityTue, 15 Apr 2025 05:31:47 GMT - Mon, 14 Jul 2025 05:31:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /500/9283842?excludes=&oaid=0801d149bf2c4842ff28d9b370dbc248&var=&ymid=&tgp=&js_build=8&sw_version=v1.626.0&dmn=gizokraijaw.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=282&wiw=282&wih=620&wfc=2&pl=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0521250612%2Fid.html&drf=https%3A%2F%2Fstrimsy.top%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: gizokraijaw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://st.chatango.com/
Origin: https://st.chatango.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 22 May 2025 10:23:18 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://st.chatango.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
GET ust.chatango.com/profileimg/s/z/szar936/thumb.jpg
200 OK 1.3 kB URL GET ust.chatango.com/profileimg/s/z/szar936/thumb.jpg
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerSectigo Limited
Subject*.chatango.com
FingerprintCA:CB:28:83:0F:25:6F:8E:F9:1B:D1:C9:48:5C:78:14:83:32:65:7A
ValidityMon, 24 Jun 2024 00:00:00 GMT - Thu, 24 Jul 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3
Hash 9dddbeee0177689aeac9379ee6a058cd
b5ab77b3cbaf5961241104754da933d7b31562f0
6637a233ee1b0c73d14cc7fe654c0c5348d9ce5560240a56ad5f77b991dce2e0
GET /profileimg/s/z/szar936/thumb.jpg HTTP/1.1
Host: ust.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 May 2025 10:23:17 GMT
Content-Type: image/jpeg
Content-Length: 1287
Last-Modified: Thu, 24 Apr 2025 13:59:56 GMT
Connection: keep-alive
Expires: Thu, 22 May 2025 10:23:17 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
GET gizokraijaw.net/500/9283842?excludes=&oaid=0801d149bf2c4842ff28d9b370dbc248&var=&ymid=&tgp=&js_build=8&sw_version=v1.626.0&dmn=gizokraijaw.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=282&wiw=282&wih=620&wfc=2&pl=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0521250612%2Fid.html&drf=https%3A%2F%2Fstrimsy.top%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
200 OK 5.8 kB URL GET gizokraijaw.net/500/9283842?excludes=&oaid=0801d149bf2c4842ff28d9b370dbc248&var=&ymid=&tgp=&js_build=8&sw_version=v1.626.0&dmn=gizokraijaw.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=282&wiw=282&wih=620&wfc=2&pl=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0521250612%2Fid.html&drf=https%3A%2F%2Fstrimsy.top%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerLet's Encrypt
Subjectgizokraijaw.net
Fingerprint3C:B9:3D:09:48:90:DC:27:96:45:F4:C3:E1:D2:D5:02:53:B9:6B:E6
ValidityTue, 15 Apr 2025 05:31:47 GMT - Mon, 14 Jul 2025 05:31:46 GMT
Hash 68828b56be1b55454c2261d5ed57aa42
f657e3405b7d6773aafe5965a7e723a74ad7ac0b
d3f96862b7379f4c222fa866b85c765b367b82d40049478de28613e90e4a4967
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /500/9283842?excludes=&oaid=0801d149bf2c4842ff28d9b370dbc248&var=&ymid=&tgp=&js_build=8&sw_version=v1.626.0&dmn=gizokraijaw.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=282&wiw=282&wih=620&wfc=2&pl=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0521250612%2Fid.html&drf=https%3A%2F%2Fstrimsy.top%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: gizokraijaw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://st.chatango.com
DNT: 1
Connection: keep-alive
Referer: https://st.chatango.com/
Cookie: OAID=0301d1317a744c78e156fdce0e8f91f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 22 May 2025 10:23:19 GMT
content-type: application/javascript
x-trace-id: 4879a22ae4eed8680f667886cfbcf191
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://st.chatango.com
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0801d149bf2c4842ff28d9b370dbc248; expires=Fri, 22 May 2026 10:23:18 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=G-3X8HTC7CJ3&cx=c>m=45He55l0h2v6759650za200&tag_exp=101509157~103116026~103130498~103130500~103136993~103136995~103200004~103233427~103252644~103252646~103301114~103301116
200 OK 471 kB URL GET www.googletagmanager.com/gtag/js?id=G-3X8HTC7CJ3&cx=c>m=45He55l0h2v6759650za200&tag_exp=101509157~103116026~103130498~103130500~103136993~103136995~103200004~103233427~103252644~103252646~103301114~103301116
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint02:7D:56:C0:B9:20:0C:27:A4:AC:B9:8F:9D:45:1D:85:2A:30:50:AD
ValidityMon, 21 Apr 2025 08:40:41 GMT - Mon, 14 Jul 2025 08:40:40 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (22103)
Size 471 kB (470777 bytes)
Hash d069c7a5a6fe4ecffa5696407bf10bb1
f6060548d51d514d3aa4927d1b5fd80279966e6f
b2ca4bcbf44c60676dc09a5ad9c27918469ab670a8df56d94bff31f3025493b0
GET /gtag/js?id=G-3X8HTC7CJ3&cx=c>m=45He55l0h2v6759650za200&tag_exp=101509157~103116026~103130498~103130500~103136993~103136995~103200004~103233427~103252644~103252646~103301114~103301116 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 May 2025 10:23:21 GMT
expires: Thu, 22 May 2025 10:23:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
server: Google Tag Manager
content-length: 148793
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET widget.getblue.io/event/?cId=D498E373-F05F-EE07-A7D3CD331092DEE4&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=9fe0c95b-7985-4017-8c26-fa6df81d7187&ulc=daisycon&v=29092023-1023&if=1&nocache=7298576414699.296
200 OK 0 B URL GET widget.getblue.io/event/?cId=D498E373-F05F-EE07-A7D3CD331092DEE4&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=9fe0c95b-7985-4017-8c26-fa6df81d7187&ulc=daisycon&v=29092023-1023&if=1&nocache=7298576414699.296
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerAmazon
Subject*.getblue.io
Fingerprint0D:0B:C6:C1:FA:B5:66:5D:63:CA:70:6F:11:B1:90:39:FB:38:48:4A
ValidityThu, 28 Nov 2024 00:00:00 GMT - Sun, 28 Dec 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event/?cId=D498E373-F05F-EE07-A7D3CD331092DEE4&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=9fe0c95b-7985-4017-8c26-fa6df81d7187&ulc=daisycon&v=29092023-1023&if=1&nocache=7298576414699.296 HTTP/1.1
Host: widget.getblue.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:23 GMT
content-type: text/html;charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2
GET gizokraijaw.net/401/9283842
200 OK 148 kB URL GET gizokraijaw.net/401/9283842
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerLet's Encrypt
Subjectgizokraijaw.net
Fingerprint3C:B9:3D:09:48:90:DC:27:96:45:F4:C3:E1:D2:D5:02:53:B9:6B:E6
ValidityTue, 15 Apr 2025 05:31:47 GMT - Mon, 14 Jul 2025 05:31:46 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 148 kB (147476 bytes)
Hash 275c6609c181d9d28c8ef217759d685a
497518697a9725be9cc2678590acdbed1bd84ed0
c630c0d476c436106eb9836303934a979ee69bc7c2cb7e994acdb4771c9a850d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /401/9283842 HTTP/1.1
Host: gizokraijaw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 22 May 2025 10:23:17 GMT
content-type: application/javascript
x-trace-id: 5320064bd26438b03664fcf8d20a1f2d
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0301d1317a744c78e156fdce0e8f91f1; expires=Fri, 22 May 2026 10:23:17 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
GET www.platekompaniet.no/vendors.c6c1debb30da63da373d.js
200 OK 418 kB URL GET www.platekompaniet.no/vendors.c6c1debb30da63da373d.js
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerLet's Encrypt
Subjectplatekompaniet.no
FingerprintCC:04:4D:D3:C7:E8:88:B3:4A:E2:3F:61:DD:01:83:E1:A5:B5:6D:BC
ValiditySun, 23 Mar 2025 16:59:19 GMT - Sat, 21 Jun 2025 16:59:18 GMT
File type JavaScript source, ASCII text, with very long lines (1296), with escape sequences
Size 418 kB (418431 bytes)
Hash d32b46d09777f33eaf0c332be3397584
a3d36137e7e62c110b43bd0dfb6402bc78d95af0
0689c30f2f2c9452cbd4e7cd10fd5b497972002e85076564235501a0dd3b206b
GET /vendors.c6c1debb30da63da373d.js HTTP/1.1
Host: www.platekompaniet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 12 May 2025 08:38:23 GMT
etag: "6821b37f-6627f"
expires: Thu, 21 May 2026 00:46:01 GMT
cache-control: max-age=31536000
content-encoding: br
accept-ranges: bytes
date: Thu, 22 May 2025 10:23:21 GMT
age: 121040
x-served-by: cache-bma1622-BMA, cache-hel1410021-HEL
x-cache: MISS, HIT
x-cache-hits: 0, 9
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 106483
X-Firefox-Spdy: h2
GET www.platekompaniet.no/runtime.90e44fcb54073a650eef.js
200 OK 7.2 kB URL GET www.platekompaniet.no/runtime.90e44fcb54073a650eef.js
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerLet's Encrypt
Subjectplatekompaniet.no
FingerprintCC:04:4D:D3:C7:E8:88:B3:4A:E2:3F:61:DD:01:83:E1:A5:B5:6D:BC
ValiditySun, 23 Mar 2025 16:59:19 GMT - Sat, 21 Jun 2025 16:59:18 GMT
File type JavaScript source, ASCII text, with very long lines (4280)
Hash 75ea3e9aadce00e8ef495af9b5b11095
6772d0813a272f5fbd54215e024329fe2f703af9
52735ee1e7f74563c4fa3158b6a2fc969c8b3aa70f85e0c9adbc6a7ff7a2b524
GET /runtime.90e44fcb54073a650eef.js HTTP/1.1
Host: www.platekompaniet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 12 May 2025 08:17:54 GMT
etag: "6821aeb2-1c43"
expires: Tue, 12 May 2026 08:17:55 GMT
cache-control: max-age=31536000
content-encoding: br
accept-ranges: bytes
date: Thu, 22 May 2025 10:23:21 GMT
age: 871527
x-served-by: cache-bma1660-BMA, cache-hel1410021-HEL
x-cache: HIT, HIT
x-cache-hits: 139, 37
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 3499
X-Firefox-Spdy: h2
GET glp8.net/redirect/global.php?dai_url_domain=https%3A%2F%2Fwww.platekompaniet.no%2F&dai_url_add=utm_campaign%3Ddaisycon_YieldKit+GmbH%26utm_source%3Ddaisycon%26utm_medium%3Daffiliate&dai_url_rebuild&dai_url=
301 Moved Permanently 63 kB URL GET glp8.net/redirect/global.php?dai_url_domain=https%3A%2F%2Fwww.platekompaniet.no%2F&dai_url_add=utm_campaign%3Ddaisycon_YieldKit+GmbH%26utm_source%3Ddaisycon%26utm_medium%3Daffiliate&dai_url_rebuild&dai_url=
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerGoogle Trust Services
Subjectglp8.net
Fingerprint2B:FD:8F:27:95:37:57:A3:CB:A4:C6:39:B3:38:FC:BA:6D:9B:A5:C8
ValidityThu, 03 Apr 2025 10:58:28 GMT - Wed, 02 Jul 2025 11:53:37 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/global.php?dai_url_domain=https%3A%2F%2Fwww.platekompaniet.no%2F&dai_url_add=utm_campaign%3Ddaisycon_YieldKit+GmbH%26utm_source%3Ddaisycon%26utm_medium%3Daffiliate&dai_url_rebuild&dai_url= HTTP/1.1
Host: glp8.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://r.linksprf.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 22 May 2025 10:23:21 GMT
content-type: text/html; charset=UTF-8
location: https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit GmbH&utm_source=daisycon&utm_medium=affiliate
server: cloudflare
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-expose-headers: Cache-Control, Expires, Pragma, Content-Length, Content-Type
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-xss-protection: 0
x-ds: 1
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=1uxkHIq843GQENOlTJdDBzjfHDvzp34RPHXS%2FUCTAQFjXE3vFtM7Ty%2BQSFju7y9hTPsTV03xpcRwdvkY7ovDXHNrcicnZg%3D%3D"}]}
cf-ray: 943b98fc7a4456be-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET flashscore.com/res/_fs/build/it.f6dbaba.png
301 Moved Permanently 374 B URL GET flashscore.com/res/_fs/build/it.f6dbaba.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subject*.flashscore.com
FingerprintCB:42:C5:76:17:A6:51:DE:FD:22:A5:BF:57:AF:7C:79:C1:63:F2:F2
ValiditySun, 18 May 2025 05:06:32 GMT - Sat, 16 Aug 2025 05:06:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /res/_fs/build/it.f6dbaba.png HTTP/1.1
Host: flashscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: Varnish
access-control-allow-origin: *
access-control-expose-headers: *
x-times: 1747909392288|1747909392288
x-age: [P]
x-pc: 0[P]
x-vname: lsproxy-6bdb6645ff-qgvxg/varnish1[P]
date: Thu, 22 May 2025 10:23:12 GMT
location: https://www.flashscore.com/res/_fs/build/it.f6dbaba.png
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET bvtpk.com/tag.min.js
200 OK 103 kB IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerGoogle Trust Services
Subjectbvtpk.com
Fingerprint80:D6:91:C2:8E:83:24:9B:4F:8D:6D:D8:9F:ED:C8:E8:4F:95:41:F8
ValidityWed, 14 May 2025 10:17:51 GMT - Tue, 12 Aug 2025 11:16:09 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 103 kB (102565 bytes)
Hash 0f89038c35ac27a803440611d28f88b5
33596d73280979eb166d8cd8e1ca962168767bcf
8be87a5c8d0049bfc73efc29d2d3b757aeaa130c064a647c86cd70b37e06651a
GET /tag.min.js HTTP/1.1
Host: bvtpk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:17 GMT
content-type: application/javascript
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-trace-id: f17c0f5269424425dbc5565b8189f943
cache-control: public, max-age=600, s-maxage=1800
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
age: 1026
cf-cache-status: HIT
last-modified: Thu, 22 May 2025 10:06:10 GMT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=1Xu60sg4UFjH1ENxgTmIgVMlDBSmvBpkLN37mTPxj%2FFMW7448W6TJMzRn8J3jt4G3ACEguGABrBB6jjwX5YBu8%2F9VeVVSRM%3D"}]}
cf-ray: 943b98e76d895690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
POST amt3.com/5/9353294/?oo=1&js_build=iclick-v1.1137.0&dmn=bvtpk.com&tt=2&ix=1
204 No Content 0 B URL POST amt3.com/5/9353294/?oo=1&js_build=iclick-v1.1137.0&dmn=bvtpk.com&tt=2&ix=1
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerLet's Encrypt
Subjectamt3.com
Fingerprint43:21:E7:4D:37:2F:41:62:BA:2C:30:7C:C8:2E:21:7B:69:99:34:D4
ValidityTue, 22 Apr 2025 14:23:01 GMT - Mon, 21 Jul 2025 14:23:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /5/9353294/?oo=1&js_build=iclick-v1.1137.0&dmn=bvtpk.com&tt=2&ix=1 HTTP/1.1
Host: amt3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2625
Origin: https://st.chatango.com
DNT: 1
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx
date: Thu, 22 May 2025 10:23:18 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://st.chatango.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
GET analyticsstar.com/rd2/?flow=hn1&rp2=na&rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabfwwpib68oilgigym1h5ymk%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser
200 OK 363 B URL GET analyticsstar.com/rd2/?flow=hn1&rp2=na&rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabfwwpib68oilgigym1h5ymk%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerGoogle Trust Services
Subjectanalyticsstar.com
Fingerprint8B:E2:F6:7C:AE:76:79:CD:78:04:8C:B2:26:A2:C9:3F:F3:80:7A:FD
ValiditySun, 13 Apr 2025 23:19:58 GMT - Sun, 13 Jul 2025 00:18:31 GMT
File type HTML document, ASCII text, with very long lines (363), with no line terminators
Hash f4cc0993ca99aacd4789d39714043f75
fb331ef9032793c7cbc3e09c4230d2b3d9f53df3
3496601260c32b0d4adce02a22c15a1acd290561cf23632f4d8ff484b0df1601
GET /rd2/?flow=hn1&rp2=na&rp=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Fyk_tag%3Dabfwwpib68oilgigym1h5ymk%26type%3DlinkId%26id%3D724995c67e2e411bb0c1993c92ff0ead%26api_key%3D9fc4e996309a71593ec11abc32134106%26site_id%3D73e8ce88e6254cc8a21b08494c7f252f%26dch%3Dfeed%26ad_t%3Dadvertiser HTTP/1.1
Host: analyticsstar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:20 GMT
content-type: text/html
cf-ray: 943b98f7594756af-OSL
server: cloudflare
content-encoding: br
referrer-policy: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PEyTKDGkTnh88KuAxv0ifHTydtFBD8iymp5XYV0o%2BoeHONJI8hxC9UE9H4Dk1PXG4tfetrL5fJ38raPKQnSVfLWXSa5TvINz2XXtdiBCIkAsg6YhdM%2BRPedPGj3ed4BCjbArKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=597&min_rtt=419&rtt_var=303&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4129&recv_bytes=1720&delivery_rate=7040518&cwnd=256&unsent_bytes=0&cid=c745392326984d18&ts=65&x=0"
X-Firefox-Spdy: h2
GET static.zdassets.com/ekr/snippet.js?key=aecfae2c-d58c-4312-9c4d-590429da92a5
200 OK 10 kB URL GET static.zdassets.com/ekr/snippet.js?key=aecfae2c-d58c-4312-9c4d-590429da92a5
IP
ASN #209242 Cloudflare London, LLC
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerGoogle Trust Services
Subjectzdassets.com
FingerprintB1:E6:DA:3B:72:D6:E1:65:15:89:8B:31:FB:31:4B:DF:A6:6C:62:0D
ValidityTue, 29 Apr 2025 15:02:32 GMT - Mon, 28 Jul 2025 16:02:31 GMT
File type JavaScript source, ASCII text, with very long lines (10215), with no line terminators
Hash c88d625098ddb649cf216dba2e52435c
1385fd033122892210b8bbe0970b723bc873d38d
c7631939bbc2c74fc9a5fb1ee9565250a15bf95cc0e364da7fc5f15e3db41427
GET /ekr/snippet.js?key=aecfae2c-d58c-4312-9c4d-590429da92a5 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:21 GMT
content-type: application/javascript
x-amz-id-2: +k3BT6ortg7zuMSL7VokgXCYRFC7eFnqgAOXp4eMJVI0+c0ouN/4+km2svixM6hpQfXKAsO1Vlz+AJ2Yf9gP7LgPHiY9giuQ
x-amz-request-id: 8A3TE66VKBRQP8MH
x-amz-replication-status: COMPLETED
last-modified: Mon, 04 Nov 2024 09:45:04 GMT
etag: W/"c88d625098ddb649cf216dba2e52435c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: C4qpYKgeT8.DeRlre_wbz3El4DCj0uok
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1JOBYETQ528i9DIzt%2FT%2BHxBWFMA4HRmUaF8W%2B9K9JrVHNNU0d2q2qfkSZ2m60hoJXwVmjAHK%2BuoLnEayPwvHVrsuK4gHkUq8wihC5HsEETW9jsfuvozVYNo6YVfPssMXiiQ5PsQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 943b98ffce6492c7-CPH
content-encoding: br
X-Firefox-Spdy: h2
GET ekr.zdassets.com/compose/aecfae2c-d58c-4312-9c4d-590429da92a5
200 OK 1.1 kB URL GET ekr.zdassets.com/compose/aecfae2c-d58c-4312-9c4d-590429da92a5
IP
ASN #209242 Cloudflare London, LLC
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerGoogle Trust Services
Subjectzdassets.com
FingerprintB1:E6:DA:3B:72:D6:E1:65:15:89:8B:31:FB:31:4B:DF:A6:6C:62:0D
ValidityTue, 29 Apr 2025 15:02:32 GMT - Mon, 28 Jul 2025 16:02:31 GMT
Hash 74a2015d6b2583f1641569b6ba2fd33c
fedd140db993b509695efc60917c7470fbc1cbbd
67051be9570d922a96f8bd134147a0a5b05ef5e96e65edd5bb4dc031931a54a4
GET /compose/aecfae2c-d58c-4312-9c4d-590429da92a5 HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.platekompaniet.no/
Origin: https://www.platekompaniet.no
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:22 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
etag: W/"67051be9570d922a96f8bd134147a0a5"
x-request-id: 942aeebdefb5dccc-SEA
x-runtime: 0.003434
x-envoy-upstream-service-time: 4
x-zendesk-zorg: yes
content-encoding: gzip
via: zorg
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AVXTrsyeQGfKwUZA7f5NuHuD98jMnHI8S0s%2BLn0D%2BDw6STs80ALaj%2BtVg67KQshdp1abeQ29J1LvZK2EBrP04DkrFk6eJjDzidDWcF%2Fec8Y284YNZembM%2BXFt30eCUbJc2g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 943b99010ebd92d3-CPH
X-Firefox-Spdy: h2
GET imgsct.cookiebot.com/1.gif?dgi=46c9e9e9-aa9a-4daa-a318-f334626e1c36
200 OK 35 B URL GET imgsct.cookiebot.com/1.gif?dgi=46c9e9e9-aa9a-4daa-a318-f334626e1c36
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerDigiCert Inc
Subject*.cookiebot.com
Fingerprint09:D4:1E:A2:E6:1A:0F:56:67:3D:FB:CB:A2:73:77:10:6C:92:98:B2
ValiditySun, 29 Dec 2024 00:00:00 GMT - Wed, 07 Jan 2026 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /1.gif?dgi=46c9e9e9-aa9a-4daa-a318-f334626e1c36 HTTP/1.1
Host: imgsct.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: AAO2VwoR3LUJRFzidXSEgWQfNxlEBb6P-1HKuezKhk6xL83VnA_hc_OiZDUVM5FKWCBWURWO5jDlKgc
x-goog-generation: 1698061172769999
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 35
x-goog-hash: crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
last-modified: Mon, 23 Oct 2023 11:39:32 GMT
etag: "c2196de8ba412c60c22ab491af7b1409"
content-type: image/gif
content-length: 35
cross-origin-resource-policy: cross-origin
date: Thu, 22 May 2025 10:23:22 GMT
cache-control: public,max-age=1800
X-Firefox-Spdy: h2
GET consentcdn.cookiebot.com/consentconfig/46c9e9e9-aa9a-4daa-a318-f334626e1c36/state.js
200 OK 30 B URL GET consentcdn.cookiebot.com/consentconfig/46c9e9e9-aa9a-4daa-a318-f334626e1c36/state.js
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerDigiCert Inc
Subject*.cookiebot.com
Fingerprint09:D4:1E:A2:E6:1A:0F:56:67:3D:FB:CB:A2:73:77:10:6C:92:98:B2
ValiditySun, 29 Dec 2024 00:00:00 GMT - Wed, 07 Jan 2026 23:59:59 GMT
File type ASCII text, with no line terminators
Hash de49a87f336eb551f8c307a0e7b2c51c
4f672557720012ee693501df7f5341e4ed13e3dc
45a66e8922a9de33628e8b416ab06b22e439077537c2892d342eabd37090a162
GET /consentconfig/46c9e9e9-aa9a-4daa-a318-f334626e1c36/state.js HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "de49a87f336eb551f8c307a0e7b2c51c:1708511726.325948"
last-modified: Wed, 21 Feb 2024 10:35:26 GMT
server: AkamaiNetStorage
content-encoding: gzip
content-length: 50
cache-control: max-age=81630
expires: Fri, 23 May 2025 09:03:52 GMT
date: Thu, 22 May 2025 10:23:22 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1747909402452_388255494_938079075_18_564_1_0_21";dur=1
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
GET r.linksprf.com/v2/go?t=ft5pf%3Ac%2F9c8pba2e8ocp5n6e8.eo8c3%3F%3Dis1%262d0el7%3Dd837c76%26aic245c72%26dscve3f4907108080908%3D3w2899754%3D7we56322e14i9%26e899w%3D2s7%2Fe%2Fcn8tei2a4mckat1l0.4d4%2F7s2t2h&e=1&ai=395de5ec606c470eadb8cfa029f1439c&sct=0&ct=1747909400520&cu=f9e8c3d229c744c7ae66c23ed479eed9&cs=7849afcba56e8d8309a0be6c5e3a1aec
200 OK 1.5 kB URL GET r.linksprf.com/v2/go?t=ft5pf%3Ac%2F9c8pba2e8ocp5n6e8.eo8c3%3F%3Dis1%262d0el7%3Dd837c76%26aic245c72%26dscve3f4907108080908%3D3w2899754%3D7we56322e14i9%26e899w%3D2s7%2Fe%2Fcn8tei2a4mckat1l0.4d4%2F7s2t2h&e=1&ai=395de5ec606c470eadb8cfa029f1439c&sct=0&ct=1747909400520&cu=f9e8c3d229c744c7ae66c23ed479eed9&cs=7849afcba56e8d8309a0be6c5e3a1aec
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerLet's Encrypt
Subjectlinksprf.com
FingerprintAB:C3:2C:B3:64:8F:9E:65:81:53:CD:46:B2:C2:83:47:62:7F:99:4D
ValiditySat, 17 May 2025 04:43:47 GMT - Fri, 15 Aug 2025 04:43:46 GMT
File type HTML document, ASCII text, with very long lines (311)
Hash b36a2b4d897f1cdc12716440901d9a1a
0408c29cdd1f2908fbe3df5a93e7dff1fa463245
39ad403f2cec0adf00c0ee3afa077e2bf6668b06b4dc9c7db27c4b5c5ef20c08
GET /v2/go?t=ft5pf%3Ac%2F9c8pba2e8ocp5n6e8.eo8c3%3F%3Dis1%262d0el7%3Dd837c76%26aic245c72%26dscve3f4907108080908%3D3w2899754%3D7we56322e14i9%26e899w%3D2s7%2Fe%2Fcn8tei2a4mckat1l0.4d4%2F7s2t2h&e=1&ai=395de5ec606c470eadb8cfa029f1439c&sct=0&ct=1747909400520&cu=f9e8c3d229c744c7ae66c23ed479eed9&cs=7849afcba56e8d8309a0be6c5e3a1aec HTTP/1.1
Host: r.linksprf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ykuid=60cde5bfc3c347c287915ec7223557f6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:20 GMT
content-type: text/html;charset=UTF-8
content-length: 1514
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
GET flashscore.com/res/_fs/build/fr.8e1768e.png
301 Moved Permanently 374 B URL GET flashscore.com/res/_fs/build/fr.8e1768e.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subject*.flashscore.com
FingerprintCB:42:C5:76:17:A6:51:DE:FD:22:A5:BF:57:AF:7C:79:C1:63:F2:F2
ValiditySun, 18 May 2025 05:06:32 GMT - Sat, 16 Aug 2025 05:06:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /res/_fs/build/fr.8e1768e.png HTTP/1.1
Host: flashscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: Varnish
access-control-allow-origin: *
access-control-expose-headers: *
x-times: 1747909392288|1747909392288
x-age: [P]
x-pc: 0[P]
x-vname: lsproxy-6bdb6645ff-9qt5d/varnish1[P]
date: Thu, 22 May 2025 10:23:12 GMT
location: https://www.flashscore.com/res/_fs/build/fr.8e1768e.png
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET dba9ytko5p72r.cloudfront.net/?tyabd=795152
200 OK 384 kB URL GET dba9ytko5p72r.cloudfront.net/?tyabd=795152
IP
Certificate IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (38488)
Size 384 kB (384294 bytes)
Hash f8eef68dc7ae335841d35cf62280230b
b013fc8e18d9a9465e0cbd75514e62a6e36917cb
d2631298424a7497f5e4a203ac140c67f09181064d0fd9f926bb0274b132a84c
GET /?tyabd=795152 HTTP/1.1
Host: dba9ytko5p72r.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 126789
date: Thu, 22 May 2025 10:23:12 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aZUoWmPJnnvJeJWRn7XAZMNbMC1Jji-xdhrtNX2B0bAoHi-0v9Acjw==
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=G-XJYZP8W276
200 OK 327 kB URL GET www.googletagmanager.com/gtag/js?id=G-XJYZP8W276
IP
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint02:7D:56:C0:B9:20:0C:27:A4:AC:B9:8F:9D:45:1D:85:2A:30:50:AD
ValidityMon, 21 Apr 2025 08:40:41 GMT - Mon, 14 Jul 2025 08:40:40 GMT
File type JavaScript source, ASCII text, with very long lines (6125)
Size 327 kB (327318 bytes)
Hash 35c0f259b2235d8cf011daf025378f21
489f93407b6d4fa941da1ff36761accd4e0a3794
9c2160bbe5f98e8394f2622b9173edb8aeb7a0ea8f89a1d5c642bbd1ec42d82a
GET /gtag/js?id=G-XJYZP8W276 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 May 2025 10:23:12 GMT
expires: Thu, 22 May 2025 10:23:12 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
server: Google Tag Manager
content-length: 115286
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET ust.chatango.com/profileimg/a/s/asterixiobeliks/thumb.jpg
200 OK 1.6 kB URL GET ust.chatango.com/profileimg/a/s/asterixiobeliks/thumb.jpg
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerSectigo Limited
Subject*.chatango.com
FingerprintCA:CB:28:83:0F:25:6F:8E:F9:1B:D1:C9:48:5C:78:14:83:32:65:7A
ValidityMon, 24 Jun 2024 00:00:00 GMT - Thu, 24 Jul 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3
Hash 1bea511826a79e6fe43e4e558166bfe4
a754311dcddec80c1d221b945266535ae003a2c6
c612ab84c3b28a3d690692f5d9aed468a149f707669313e58c2a078f0f854a63
GET /profileimg/a/s/asterixiobeliks/thumb.jpg HTTP/1.1
Host: ust.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 May 2025 10:23:17 GMT
Content-Type: image/jpeg
Content-Length: 1596
Last-Modified: Fri, 05 Apr 2024 19:30:20 GMT
Connection: keep-alive
Expires: Thu, 22 May 2025 10:23:17 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
GET ust.chatango.com/profileimg/h/u/hubinho260893/thumb.jpg
200 OK 1.6 kB URL GET ust.chatango.com/profileimg/h/u/hubinho260893/thumb.jpg
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerSectigo Limited
Subject*.chatango.com
FingerprintCA:CB:28:83:0F:25:6F:8E:F9:1B:D1:C9:48:5C:78:14:83:32:65:7A
ValidityMon, 24 Jun 2024 00:00:00 GMT - Thu, 24 Jul 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3
Hash 640b95aad95b06a1d43cd8399a43960a
454a2146a258c2bf313b8e5820816e6be920082a
edf6f6d6a3573ab99babaea7130eecd58f023e490ef1f651f7fde2cfa9428030
GET /profileimg/h/u/hubinho260893/thumb.jpg HTTP/1.1
Host: ust.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 May 2025 10:23:18 GMT
Content-Type: image/jpeg
Content-Length: 1567
Last-Modified: Sun, 05 Jan 2025 16:05:48 GMT
Connection: keep-alive
ETag: "677aaddc-61f"
Expires: Thu, 22 May 2025 10:23:18 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
GET r.linksprf.com/v1/redirect?yk_tag=abfwwpib68oilgigym1h5ymk&type=linkId&id=724995c67e2e411bb0c1993c92ff0ead&api_key=9fc4e996309a71593ec11abc32134106&site_id=73e8ce88e6254cc8a21b08494c7f252f&dch=feed&ad_t=advertiser
302 Found 1.5 kB URL GET r.linksprf.com/v1/redirect?yk_tag=abfwwpib68oilgigym1h5ymk&type=linkId&id=724995c67e2e411bb0c1993c92ff0ead&api_key=9fc4e996309a71593ec11abc32134106&site_id=73e8ce88e6254cc8a21b08494c7f252f&dch=feed&ad_t=advertiser
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerLet's Encrypt
Subjectlinksprf.com
FingerprintAB:C3:2C:B3:64:8F:9E:65:81:53:CD:46:B2:C2:83:47:62:7F:99:4D
ValiditySat, 17 May 2025 04:43:47 GMT - Fri, 15 Aug 2025 04:43:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/redirect?yk_tag=abfwwpib68oilgigym1h5ymk&type=linkId&id=724995c67e2e411bb0c1993c92ff0ead&api_key=9fc4e996309a71593ec11abc32134106&site_id=73e8ce88e6254cc8a21b08494c7f252f&dch=feed&ad_t=advertiser HTTP/1.1
Host: r.linksprf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 22 May 2025 10:23:20 GMT
content-length: 0
set-cookie: ykuid=60cde5bfc3c347c287915ec7223557f6; Path=/; Secure; Domain=.linksprf.com; Max-Age=31536000; SameSite=None
JSESSIONID=23CD1F943B2927522DCA9F5D595714E2; Path=/; HttpOnly
location: /v2/go?t=ft5pf%3Ac%2F9c8pba2e8ocp5n6e8.eo8c3%3F%3Dis1%262d0el7%3Dd837c76%26aic245c72%26dscve3f4907108080908%3D3w2899754%3D7we56322e14i9%26e899w%3D2s7%2Fe%2Fcn8tei2a4mckat1l0.4d4%2F7s2t2h&e=1&ai=395de5ec606c470eadb8cfa029f1439c&sct=0&ct=1747909400520&cu=f9e8c3d229c744c7ae66c23ed479eed9&cs=7849afcba56e8d8309a0be6c5e3a1aec
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
GET static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-f5a540e.js
200 OK 222 kB URL GET static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-f5a540e.js
IP
ASN #209242 Cloudflare London, LLC
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerGoogle Trust Services
Subjectzdassets.com
FingerprintB1:E6:DA:3B:72:D6:E1:65:15:89:8B:31:FB:31:4B:DF:A6:6C:62:0D
ValidityTue, 29 Apr 2025 15:02:32 GMT - Mon, 28 Jul 2025 16:02:31 GMT
File type JavaScript source, ASCII text, with very long lines (65307)
Size 222 kB (222450 bytes)
Hash 08a68a7308737a004b2991aa3dd00688
40fe1ddf2616c7017f645c08bc6cab484d082a4b
f33c7bd75e8107b0e2c531d98af84d90780d913f9246e796ea633d948d91f709
GET /web_widget/classic/latest/web-widget-chat-sdk-f5a540e.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:23 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: h/4/kcIZRtX7Jrs3yl4l+eW7VMhb1WqQqwIDRrnLlO8XXki4JJRlOMaIs17snCtTjPYVkcQhQHGsfeeD8VKv9g==
x-amz-request-id: 2EASRKJFQ0T2GCZY
x-amz-replication-status: COMPLETED
last-modified: Mon, 19 May 2025 10:39:43 GMT
etag: W/"08a68a7308737a004b2991aa3dd00688"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 19 May 2026 10:39:42 GMT
x-amz-version-id: 2vgZ2JDdnoZIx77r9CSrlvdu30ZjdC9j
cf-cache-status: HIT
age: 174808
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w9cwqt%2BL6EUHk4okjX9B2j5%2BxEO5ggON%2B72vo6JMMAazJZK5rRSKDVgm3kuVAR0bxaZlIje%2FjgdKOfNu1KGJdEyOB%2BLTqVHvg0U24fZ9GZnpUMsR2M1HargVBArD5eE52yzauaU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 943b9909fe8192c7-CPH
content-encoding: br
X-Firefox-Spdy: h2
GET flashscore.com/res/_fs/build/de.ae030da.png
301 Moved Permanently 378 B URL GET flashscore.com/res/_fs/build/de.ae030da.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subject*.flashscore.com
FingerprintCB:42:C5:76:17:A6:51:DE:FD:22:A5:BF:57:AF:7C:79:C1:63:F2:F2
ValiditySun, 18 May 2025 05:06:32 GMT - Sat, 16 Aug 2025 05:06:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /res/_fs/build/de.ae030da.png HTTP/1.1
Host: flashscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: Varnish
access-control-allow-origin: *
access-control-expose-headers: *
x-times: 1747909392288|1747909392288
x-age: [P]
x-pc: 0[P]
x-vname: lsproxy-6bdb6645ff-9qt5d/varnish1[P]
date: Thu, 22 May 2025 10:23:12 GMT
location: https://www.flashscore.com/res/_fs/build/de.ae030da.png
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET st.chatango.com/js/gz/emb.js
200 OK 70 kB URL GET st.chatango.com/js/gz/emb.js
IP
Requested by https://strimsy.top/layout/chat2.php
Certificate IssuerSectigo Limited
Subject*.chatango.com
FingerprintCA:CB:28:83:0F:25:6F:8E:F9:1B:D1:C9:48:5C:78:14:83:32:65:7A
ValidityMon, 24 Jun 2024 00:00:00 GMT - Thu, 24 Jul 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (1651)
Hash 18fc87ba7ac8b9139db2ba5460a50d93
020cfa090d55c30983e0fd821b0ab7f659e6fc32
cf54f2234eaec42433d9584e5a1136948421681afa0a21459f97dae8a25eb529
GET /js/gz/emb.js HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 May 2025 10:23:14 GMT
Content-Type: application/x-javascript
Content-Length: 23804
Last-Modified: Wed, 21 May 2025 13:16:52 GMT
Connection: keep-alive
Expires: Thu, 22 May 2025 10:23:14 GMT
Cache-Control: max-age=0
Content-Encoding: gzip
Accept-Ranges: bytes
GET consentcdn.cookiebot.com/sdk/bc-v4.min.html
200 OK 627 B URL GET consentcdn.cookiebot.com/sdk/bc-v4.min.html
IP
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerDigiCert Inc
Subject*.cookiebot.com
Fingerprint09:D4:1E:A2:E6:1A:0F:56:67:3D:FB:CB:A2:73:77:10:6C:92:98:B2
ValiditySun, 29 Dec 2024 00:00:00 GMT - Wed, 07 Jan 2026 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (627), with no line terminators
Hash 3d08665fa4c7bcf9fa2dcbbc7efe1d0f
ba57ecee011a4b99d4bb56707325c8e4d0fb8a2b
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.platekompaniet.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Fri, 22 May 2026 10:23:21 GMT
date: Thu, 22 May 2025 10:23:21 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1747909401766_388255494_938078613_28_998_1_11_21";dur=1
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
GET unpkg.com/ionicons@5.5.2/dist/ionicons/p-e26ac56f.js
200 OK 7.5 kB URL GET unpkg.com/ionicons@5.5.2/dist/ionicons/p-e26ac56f.js
IP
Certificate IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint6A:50:E9:D4:F9:DB:BA:3A:76:D2:D3:E2:A2:6D:16:12:07:9D:D4:DA
ValidityTue, 29 Apr 2025 07:12:06 GMT - Mon, 28 Jul 2025 08:12:03 GMT
File type JavaScript source, ASCII text, with very long lines (7510), with no line terminators
Hash c821896e54e9c393b950b3aa426406ef
8031dd3d2658b9cda1f0c7fd623ffc9df4a54bda
411ebf3f42ff97b8fdcb02ef60f534e0fd011b86878ec33abf2509b4bfe58037
GET /ionicons@5.5.2/dist/ionicons/p-e26ac56f.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://strimsy.top
DNT: 1
Connection: keep-alive
Referer: https://unpkg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:12 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 943b98c5cf710b31-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 1962386
cache-control: public, max-age=31536000
expires: Fri, 22 May 2026 10:23:12 GMT
last-modified: Tue, 29 Apr 2025 17:16:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 fly.io, 1.1 fly.io
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-expose-headers: *
content-digest: sha256=:QR6/P0L/l7j9ywLvYPU04P0BG4aHjsM6vyUJtL/lgDc=:
cross-origin-resource-policy: cross-origin
fly-request-id: 01JT18S7555F03QCAGBE8GBX8P-ord
x-content-type-options: nosniff
server: cloudflare
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET st.chatango.com/js/gz/r0521250612/CommonUIModule.js
200 OK 21 kB URL GET st.chatango.com/js/gz/r0521250612/CommonUIModule.js
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerSectigo Limited
Subject*.chatango.com
FingerprintCA:CB:28:83:0F:25:6F:8E:F9:1B:D1:C9:48:5C:78:14:83:32:65:7A
ValidityMon, 24 Jun 2024 00:00:00 GMT - Thu, 24 Jul 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (1121)
Hash de596e036384e84d0cdae9176c9d4124
641a1b7a9de320faecce04c18afbf29d00214a54
55d7307421bb432ded380f78607b7d5cbfde4e950d70da0de685c36353171956
GET /js/gz/r0521250612/CommonUIModule.js HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://st.chatango.com/h5/gz/r0521250612/id.html
Cookie: session_id=4033448394145288
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 May 2025 10:23:17 GMT
Content-Type: application/x-javascript
Content-Length: 7607
Last-Modified: Wed, 21 May 2025 13:16:52 GMT
Connection: keep-alive
Expires: Fri, 22 May 2026 10:23:17 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
Accept-Ranges: bytes
GET static.zdassets.com/web_widget/classic/latest/web-widget-main-f5a540e.js
200 OK 850 kB URL GET static.zdassets.com/web_widget/classic/latest/web-widget-main-f5a540e.js
IP
ASN #209242 Cloudflare London, LLC
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerGoogle Trust Services
Subjectzdassets.com
FingerprintB1:E6:DA:3B:72:D6:E1:65:15:89:8B:31:FB:31:4B:DF:A6:6C:62:0D
ValidityTue, 29 Apr 2025 15:02:32 GMT - Mon, 28 Jul 2025 16:02:31 GMT
File type JavaScript source, ASCII text, with very long lines (65307)
Size 850 kB (850029 bytes)
Hash e1a3a9d54f5292f110277858d188171e
8b4ecd20317cf4d907d155a33df53a513228b656
4c923eef0880b2962169fdf48a67e9af79d7f178b81dbe55c56aefe807506d76
GET /web_widget/classic/latest/web-widget-main-f5a540e.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 22 May 2025 10:23:22 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: ku+wkCMHr3pV+97AZRrfLVsgA/w06S96O0/5iz47bXBpirKQvfeVYjgg+CEpcZd7GkKNEu4xzEFOtLrWWZcWbiJgWHSXnEwnpa69rMmmuiU=
x-amz-request-id: K30EKMAR7G6M679M
x-amz-replication-status: COMPLETED
last-modified: Mon, 19 May 2025 10:39:43 GMT
etag: W/"e1a3a9d54f5292f110277858d188171e"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 19 May 2026 10:39:42 GMT
x-amz-version-id: OrLzZ.1C1HlAL93ynBinsBSpBjkivn68
cf-cache-status: HIT
age: 174808
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rKhORU7m%2BfZ9e15uX%2FZLXYLcLLvzyYafHlE0uX9912oGmM%2Fm8CDy%2Bfek%2BnwsXiS5eVXnFnfd6FR4Le9gQsw7fOCBFidJq5SqgzcEINyE7yVbrkC%2B%2Bnsdj2%2FQhpPzB5ddc3%2FcGdk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 943b99060b6692c7-CPH
content-encoding: br
X-Firefox-Spdy: h2
GET i.imgur.com/5xKbS9t.png
200 OK 17 kB IP
Certificate IssuerSectigo Limited
Subject*.imgur.com
FingerprintE4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D
ValidityWed, 29 Jan 2025 00:00:00 GMT - Sat, 14 Feb 2026 23:59:59 GMT
File type PNG image data, 107 x 107, 8-bit/color RGBA, non-interlaced
Hash db40f7dafecbd4607fbc30ba01a410c0
b71e2dd62790a064653bdd8d293f166e33158b14
4304f29ea1a88d3219c8d0448c354d1d467323b72b61dba2027cf0c58bd81614
GET /5xKbS9t.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 01 Mar 2024 00:07:08 GMT
etag: "db40f7dafecbd4607fbc30ba01a410c0"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD12-P2
x-amz-cf-id: TdBHEPR6Aga-PM_umoLt4D0HL6-PEye44oiOghNzCZzdGXpgDcEarQ==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 22 May 2025 10:23:13 GMT
age: 796170
x-served-by: cache-iad-kiad7000057-IAD, cache-hel1410020-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 2916, 212
x-timer: S1747909393.238758,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 17127
X-Firefox-Spdy: h2
GET static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
206 Partial Content 20 kB URL GET static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
IP
ASN #209242 Cloudflare London, LLC
Requested by https://www.platekompaniet.no/?utm_campaign=daisycon_YieldKit%20GmbH&utm_source=daisycon&utm_medium=affiliate
Certificate IssuerGoogle Trust Services
Subjectzdassets.com
FingerprintB1:E6:DA:3B:72:D6:E1:65:15:89:8B:31:FB:31:4B:DF:A6:6C:62:0D
ValidityTue, 29 Apr 2025 15:02:32 GMT - Mon, 28 Jul 2025 16:02:31 GMT
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo
Hash f11ce9e8f40a392830217253fe75d6de
89ba57fcc360da34756c127acba15a8b23267fc6
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
GET /web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Thu, 22 May 2025 10:23:23 GMT
content-type: audio/mpeg; charset=utf-8
content-length: 19698
x-amz-id-2: EwJG3MvmG7Pkb5y9hUBk4MwamVqWrqiQe71DZz17bkR58PbYfvj3naftpBxvqzxSV4pbertktEmsnVOaCXKkjOjWGfPlrv1D
x-amz-request-id: S86B5DGWRSV3981T
x-amz-replication-status: COMPLETED
last-modified: Fri, 27 Dec 2024 08:59:09 GMT
etag: "f11ce9e8f40a392830217253fe75d6de"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Fri, 17 Apr 2026 12:38:06 GMT
x-amz-version-id: SbGCIJ2SN2UNtezVUBsPz6twHS7ItMYi
cf-cache-status: HIT
age: 898081
content-range: bytes 0-19697/19698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xiUI8np%2FHI%2BtInYzoD%2FQRLlFoaqd%2Ft7jHUXUynV7wPxgnXGs0hsDDjyw807PdXQs09dL%2FiwIubAjad8vC1TuETdN1TQCR3J%2BQzqcABWjiwLYDKtRoO03fqKWAB%2Foc3o5pZDDUUc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 943b990e79eb92c7-CPH
X-Firefox-Spdy: h2
GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 0 B URL GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
Certificate IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintC1:23:6B:8B:E9:B9:28:BB:DE:15:E9:38:B1:9E:50:AA:7D:13:C9:E9
ValidityTue, 29 Apr 2025 19:30:06 GMT - Tue, 22 Jul 2025 19:30:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:6V53BNDy-Lbicj8L0I8KQbuqqHlf3w:fKwE-8WVT-Wv9mLN; Expires=Sat, 22-May-2027 10:23:13 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 22 May 2025 10:23:13 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKV5MhV9jFKaGYnkwZ_GEMWWuX983bO9GbaXPKr7WiEr2H5VP52LtMJQMItqKbW9Om2gJIaqzmlUw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-FOZCx1KwocDDQo7m63ycTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKV5Mgd7QyqWzo8PCpdO8Jp-q6lmxqfGh8evHjf9bBApFNfUlmEpltEACoi-Q9NgZApUbrgEZK6_Q&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1093033341%3A1747909393669486
403 Forbidden 0 B URL GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKV5Mgd7QyqWzo8PCpdO8Jp-q6lmxqfGh8evHjf9bBApFNfUlmEpltEACoi-Q9NgZApUbrgEZK6_Q&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1093033341%3A1747909393669486
IP
Certificate IssuerGoogle Trust Services
Subject*.google.com
FingerprintFB:A6:1D:0D:68:F3:93:B4:34:F8:25:60:BF:1D:20:2E:15:8E:7D:2A
ValidityTue, 29 Apr 2025 19:28:10 GMT - Tue, 22 Jul 2025 19:28:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKV5Mgd7QyqWzo8PCpdO8Jp-q6lmxqfGh8evHjf9bBApFNfUlmEpltEACoi-Q9NgZApUbrgEZK6_Q&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1093033341%3A1747909393669486 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://strimsy.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 22 May 2025 10:23:13 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-2aoBdxqtFwQpLteYHY3jBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.m0mx3aNiCTo.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET st.chatango.com/js/gz/r0521250612/RklModule.js
200 OK 2.3 kB URL GET st.chatango.com/js/gz/r0521250612/RklModule.js
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerSectigo Limited
Subject*.chatango.com
FingerprintCA:CB:28:83:0F:25:6F:8E:F9:1B:D1:C9:48:5C:78:14:83:32:65:7A
ValidityMon, 24 Jun 2024 00:00:00 GMT - Thu, 24 Jul 2025 23:59:59 GMT
File type ASCII text, with very long lines (542)
Hash 10c095b06a9a0524db4782fb8b962fe0
3f77efbb704be4144280dbf672765cb1cac19938
afd54740511ca55299ceff2eee49b248d4f02b0a37bcc0bcc090550fa0e1d6e3
GET /js/gz/r0521250612/RklModule.js HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://st.chatango.com/h5/gz/r0521250612/id.html
Cookie: session_id=4033448394145288
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 May 2025 10:23:17 GMT
Content-Type: application/x-javascript
Content-Length: 894
Last-Modified: Wed, 21 May 2025 13:16:52 GMT
Connection: keep-alive
Expires: Fri, 22 May 2026 10:23:17 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
Accept-Ranges: bytes
GET dc.platekompaniet.no/c/?si=19280&li=1827375&wi=255978&ws=v030400017898f9e8c3d229c744c7ae66c23ed479eed9&ws2=73e8ce88e6254cc8a21b08494c7f252f
301 Moved Permanently 63 kB URL GET dc.platekompaniet.no/c/?si=19280&li=1827375&wi=255978&ws=v030400017898f9e8c3d229c744c7ae66c23ed479eed9&ws2=73e8ce88e6254cc8a21b08494c7f252f
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerGoogle Trust Services
Subjectdc.platekompaniet.no
FingerprintF9:8B:A6:8D:40:21:84:46:C1:82:EE:A1:3D:DA:5A:BE:0A:6C:44:5C
ValidityWed, 30 Apr 2025 02:30:39 GMT - Tue, 29 Jul 2025 03:30:24 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?si=19280&li=1827375&wi=255978&ws=v030400017898f9e8c3d229c744c7ae66c23ed479eed9&ws2=73e8ce88e6254cc8a21b08494c7f252f HTTP/1.1
Host: dc.platekompaniet.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.linksprf.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 22 May 2025 10:23:20 GMT
content-type: text/html; charset=UTF-8
location: https://glp8.net/redirect/global.php?dai_url_domain=https%3A%2F%2Fwww.platekompaniet.no%2F&dai_url_add=utm_campaign%3Ddaisycon_YieldKit+GmbH%26utm_source%3Ddaisycon%26utm_medium%3Daffiliate&dai_url_rebuild&dai_url=
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-expose-headers: Cache-Control, Expires, Pragma, Content-Length, Content-Type
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-xss-protection: 0
x-ds: 1
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=jWqmxzEijpLXnC0QkShaQ9HREVVJGa2t8j9t8WBrUlLZV3MemPufc3Yp57hgN0peVI9ByIAlaz4r9pkxMYGcc%2FsMbSX5cFnP6JUhslIq9QbF4w%3D%3D"}]}
set-cookie: dci=meth0prk2c4su8r30gdzzhnn; HttpOnly; SameSite=None; Secure; Path=/; Domain=dc.platekompaniet.no; Max-Age=31622400; Expires=Sat, 23 May 2026 10:23:20 GMT
cf-ray: 943b98fb3d71568f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET undefined/cnhiV2UTGgE6WhNFAHEQABRfclc0XVARARAZWy4RGRdXJ1JACkw0CR0NBjEXHRYWeQsXDEdlIzc2JTMvJRUwDyYxG1oAVTM3LgABETwkGVIQLiMEIwgLR2UjMx8JAjUhHywANyMPBhUnED5QbxI0SREdKiUbNQ42QhEkFiwwNCpnVDo/VxU1ITkjFDMWDiwwMxM5KgVdMy4NEgE1DCEBND8KOGYkIT0LPwsxLhEzLDYhKwEwOE8qESATLlAvCiQ6FQYsNikjAB0zTgRmPDc7NmZAQD40MDclHToFMDcuMxsDQyEnEiYzSDcwJzEdCj8nMBQBLwc0OTABJF8MR2UjJB8zATVBQTozMyhOADwKNywPLwokPi8ULhg9LhIzJygDETQ0LlE7FyQ5NBQAQBchDzcnCzIWET8pDCQGJCkGAz9ACCEGMwJMRD0WHRYSahcnMgkZA0czVjgdKA
0 B URL GET undefined/cnhiV2UTGgE6WhNFAHEQABRfclc0XVARARAZWy4RGRdXJ1JACkw0CR0NBjEXHRYWeQsXDEdlIzc2JTMvJRUwDyYxG1oAVTM3LgABETwkGVIQLiMEIwgLR2UjMx8JAjUhHywANyMPBhUnED5QbxI0SREdKiUbNQ42QhEkFiwwNCpnVDo/VxU1ITkjFDMWDiwwMxM5KgVdMy4NEgE1DCEBND8KOGYkIT0LPwsxLhEzLDYhKwEwOE8qESATLlAvCiQ6FQYsNikjAB0zTgRmPDc7NmZAQD40MDclHToFMDcuMxsDQyEnEiYzSDcwJzEdCj8nMBQBLwc0OTABJF8MR2UjJB8zATVBQTozMyhOADwKNywPLwokPi8ULhg9LhIzJygDETQ0LlE7FyQ5NBQAQBchDzcnCzIWET8pDCQGJCkGAz9ACCEGMwJMRD0WHRYSahcnMgkZA0czVjgdKA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cnhiV2UTGgE6WhNFAHEQABRfclc0XVARARAZWy4RGRdXJ1JACkw0CR0NBjEXHRYWeQsXDEdlIzc2JTMvJRUwDyYxG1oAVTM3LgABETwkGVIQLiMEIwgLR2UjMx8JAjUhHywANyMPBhUnED5QbxI0SREdKiUbNQ42QhEkFiwwNCpnVDo/VxU1ITkjFDMWDiwwMxM5KgVdMy4NEgE1DCEBND8KOGYkIT0LPwsxLhEzLDYhKwEwOE8qESATLlAvCiQ6FQYsNikjAB0zTgRmPDc7NmZAQD40MDclHToFMDcuMxsDQyEnEiYzSDcwJzEdCj8nMBQBLwc0OTABJF8MR2UjJB8zATVBQTozMyhOADwKNywPLwokPi8ULhg9LhIzJygDETQ0LlE7FyQ5NBQAQBchDzcnCzIWET8pDCQGJCkGAz9ACCEGMwJMRD0WHRYSahcnMgkZA0czVjgdKA HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://strimsy.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET ust.chatango.com/profileimg/p/r/przemasabstynent/thumb.jpg
200 OK 1.4 kB URL GET ust.chatango.com/profileimg/p/r/przemasabstynent/thumb.jpg
IP
Requested by https://st.chatango.com/h5/gz/r0521250612/id.html
Certificate IssuerSectigo Limited
Subject*.chatango.com
FingerprintCA:CB:28:83:0F:25:6F:8E:F9:1B:D1:C9:48:5C:78:14:83:32:65:7A
ValidityMon, 24 Jun 2024 00:00:00 GMT - Thu, 24 Jul 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3
Hash e2c037a4960ca62a9281385f51506ab6
7b171a9462b8d1016c7f43b3c9a2bfc7e78f65c4
3c0ccb1251a09c843aecfc61736ef424708a27a01fae9358b4128d81c66b8479
GET /profileimg/p/r/przemasabstynent/thumb.jpg HTTP/1.1
Host: ust.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 May 2025 10:23:18 GMT
Content-Type: image/jpeg
Content-Length: 1367
Last-Modified: Wed, 07 May 2025 16:47:24 GMT
Connection: keep-alive
Expires: Thu, 22 May 2025 10:23:18 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
172.67.166.140
142.250.178.83
54.207.78.179
23.33.119.40
139.45.195.9
13.51.20.12
35.157.143.56
54.154.136.171
0.0.0.0