GET ravin-hbs.com/favicon.ico
404 Not Found 82 B URL GET ravin-hbs.com/favicon.ico
IP
Requested by https://ravin-hbs.com/zclkvisitor/b82e6380-58b8-11f0-8b51-0affcf832b43/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
Certificate IssuerAmazon
Subjectravin-hbs.com
Fingerprint8A:92:4D:D9:7E:E0:7E:82:21:D2:63:3F:F9:BF:DB:04:52:77:0B:F7
ValidityMon, 12 May 2025 00:00:00 GMT - Wed, 10 Jun 2026 23:59:59 GMT
Hash b3558185ae78cce692c08fa75c927217
df63883f4bd93fa9b70ec9f3fd3e579733d9d807
681306060d8fccee846acbc9df6d64a071026ac2e369e6903540f20466866443
GET /favicon.ico HTTP/1.1
Host: ravin-hbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ravin-hbs.com/zclkvisitor/b82e6380-58b8-11f0-8b51-0affcf832b43/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 04 Jul 2025 09:24:45 GMT
content-type: application/json
X-Firefox-Spdy: h2
GET dd.prod.captcha-delivery.com/image/2025-07-04/3245ffdca039ef1b9f016bb2e7779ef9.frag.png
200 OK 6.4 kB URL GET dd.prod.captcha-delivery.com/image/2025-07-04/3245ffdca039ef1b9f016bb2e7779ef9.frag.png
IP
Requested by https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAFVjmtvVbPEYAW1oqmg==&cid=8KEmPbEhXag3uKYfhp1ofoG0k4qXsY2nrFK6wmta18llBiY~QxpDzNEzfdpLJTe2zPxr5mUIFIzBX9mStE8urUOy7nT7wXkccWmxx7nFP~XKhirOgO51rDxJjDxd5PI6&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=cbfd789aa2e6f0bfa121546797e4c18cd6e8040705a7db5e3fe384abdb3cdf5c&ir=36%2C20%2C676&dm=dc_ir
Certificate IssuerAmazon
Subjectdd.prod.captcha-delivery.com
Fingerprint78:DE:FA:F7:3D:63:84:2A:F7:68:BE:5E:19:5C:02:C6:7A:A4:A2:DA
ValidityMon, 27 Jan 2025 00:00:00 GMT - Wed, 25 Feb 2026 23:59:59 GMT
File type PNG image data, 63 x 155, 8-bit/color RGBA, non-interlaced
Hash 111c615ef6838b0b5dceb501d08c6e23
add327dd3697cbc4740c5525e4597ea64ee730fa
a4464e5e2919a39d3c936a0dae1d8b4ebc3f88ccfa6fe2418fe57e78cd664c74
GET /image/2025-07-04/3245ffdca039ef1b9f016bb2e7779ef9.frag.png HTTP/1.1
Host: dd.prod.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 6366
date: Fri, 04 Jul 2025 00:14:25 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3600
last-modified: Mon, 30 Jun 2025 05:08:20 GMT
x-amz-expiration: expiry-date="Tue, 08 Jul 2025 00:00:00 GMT", rule-id="auto-clean old captchas image (7 days)"
etag: "111c615ef6838b0b5dceb501d08c6e23"
x-amz-server-side-encryption: AES256
x-amz-version-id: vAVxR4rMta2zdDRkF6TMKqC9UdVjKUIE
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uc7QovjQpGeYfwZ-rgxXksp-gQLA0hLd5S8KXh0pVxalY2u6znCs2Q==
age: 33026
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
GET static.captcha-delivery.com/common/fonts/roboto/roboto.woff2
200 OK 16 kB URL GET static.captcha-delivery.com/common/fonts/roboto/roboto.woff2
IP
Requested by https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAFVjmtvVbPEYAW1oqmg==&cid=8KEmPbEhXag3uKYfhp1ofoG0k4qXsY2nrFK6wmta18llBiY~QxpDzNEzfdpLJTe2zPxr5mUIFIzBX9mStE8urUOy7nT7wXkccWmxx7nFP~XKhirOgO51rDxJjDxd5PI6&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=cbfd789aa2e6f0bfa121546797e4c18cd6e8040705a7db5e3fe384abdb3cdf5c&ir=36%2C20%2C676&dm=dc_ir
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 15688, version 1.0
Hash aa23b7b4bcf2b8f0e876106bb3de69c6
106ac454ba4e503e0a1cd15e1275130918049182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
GET /common/fonts/roboto/roboto.woff2 HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://static.captcha-delivery.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: font/woff2
content-length: 15688
access-control-allow-origin: https://geo.captcha-delivery.com
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
access-control-allow-credentials: true
last-modified: Fri, 06 May 2022 16:47:07 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 04 Jul 2025 01:17:22 GMT
etag: "aa23b7b4bcf2b8f0e876106bb3de69c6"
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XaR-g2K5bYcftneQi6nc6D1OIIiAWkMKVXljJKyKpyyieoAWlL53dA==
age: 29587
X-Firefox-Spdy: h2
GET static.captcha-delivery.com/common/fonts/roboto/roboto.woff2
200 OK 16 kB URL GET static.captcha-delivery.com/common/fonts/roboto/roboto.woff2
IP
Requested by https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAFVjmtvVbPEYAW1oqmg==&cid=8KEmPbEhXag3uKYfhp1ofoG0k4qXsY2nrFK6wmta18llBiY~QxpDzNEzfdpLJTe2zPxr5mUIFIzBX9mStE8urUOy7nT7wXkccWmxx7nFP~XKhirOgO51rDxJjDxd5PI6&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=cbfd789aa2e6f0bfa121546797e4c18cd6e8040705a7db5e3fe384abdb3cdf5c&ir=36%2C20%2C676&dm=dc_ir
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 15688, version 1.0
Hash aa23b7b4bcf2b8f0e876106bb3de69c6
106ac454ba4e503e0a1cd15e1275130918049182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
GET /common/fonts/roboto/roboto.woff2 HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://static.captcha-delivery.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: font/woff2
content-length: 15688
access-control-allow-origin: https://geo.captcha-delivery.com
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
access-control-allow-credentials: true
last-modified: Fri, 06 May 2022 16:47:07 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 04 Jul 2025 01:17:22 GMT
etag: "aa23b7b4bcf2b8f0e876106bb3de69c6"
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4NF_Di4ZGn-Xk-FY3xrcCcCwsjqWZrkAyzk2pNBeSztB1fuEdkXPzw==
age: 29594
X-Firefox-Spdy: h2
GET no-go.kelkoogroup.net/permanentLinkGo?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fwww.farmasiet.no&custom1=c38ce8e8e783fde5724b4d30c0cc0f410f817956eb99693e4d2ea9e7d4c4855f&publisherSubId=Sde46opRHJDX&publisherTrafficType=publishernetwork&originReferer=https%253A%252F%252Fwww.yadore.com
200 OK 180 kB URL User Request GET no-go.kelkoogroup.net/permanentLinkGo?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fwww.farmasiet.no&custom1=c38ce8e8e783fde5724b4d30c0cc0f410f817956eb99693e4d2ea9e7d4c4855f&publisherSubId=Sde46opRHJDX&publisherTrafficType=publishernetwork&originReferer=https%253A%252F%252Fwww.yadore.com
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document, ASCII text, with very long lines (30650)
Size 180 kB (180262 bytes)
Hash 863b945724a6cf877d6b2c2a5f62b6a8
24dcdaa0e71a622fe9ee9d58d2a46626baf28d7f
e3482c339ced2f56e77172fb78f3c70a785ae20b85a8794a61289acd1f940401
Analyzer Verdict Alert Public Nextron YARA rules malware Code and strings of plugins from the Tetris framework loaded by Swid
GET /permanentLinkGo?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fwww.farmasiet.no&custom1=c38ce8e8e783fde5724b4d30c0cc0f410f817956eb99693e4d2ea9e7d4c4855f&publisherSubId=Sde46opRHJDX&publisherTrafficType=publishernetwork&originReferer=https%253A%252F%252Fwww.yadore.com HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
leadId: 62B801JZAC1BTMGZ0T7KXZC7FNXBV8
Pragma: no-cache
X-DD-B: 3
Charset: utf-8
clickId: 107698154_1751621087042_2618322
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Set-Cookie: datadome=PF~6kEZTn57_vZuTEbM4Rm9m1l~1uSPuSyRPurdi57aMgbqO7Cm4xTPeIw16uR_Cjzy_l5u7bnzVqz7PFKCxvBljMxLkdGcU7NuQlaczOtQo9GcW4VMTfnCLRlVHlD4y; Max-Age=31104000; Expires=Mon, 29 Jun 2026 09:24:47 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c629a-197d4c0af42-3632e; Max-Age=31536000; Expires=Sat, 04 Jul 2026 09:24:47 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
X-DataDome: protected
Request-Time: PT0.026764173S
X-Robots-Tag: noindex,nofollow
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
X-DataDome-CID: AHrlqAAAAAMAFVjmtvVbPEYAW1oqmg==
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Fri, 04 Jul 2025 09:24:46 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 180262
GET static.captcha-delivery.com/common/fonts/roboto/font-face.css
200 OK 519 B URL GET static.captcha-delivery.com/common/fonts/roboto/font-face.css
IP
Requested by https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAFVjmtvVbPEYAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=8KEmPbEhXag3uKYfhp1ofpchCFVWuYewRienwpkFZFAjYB2OX_E7wZPxfdrYto5dXffzyt7cxWvB3rmaU00Vh5L4C6NPv_jDEBg6QLjrTiKstdGt2ugHNGGDgRgqRh6T&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=32286&dm=cd
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
Hash e4f77074c0ffbfab377011e19283eb13
9160259165ca1ef84209d4dd675c3ed367babff1
66599c34190f7a6a402b38664a30a9b564fc22510f51fa3c5f027fb91e7a0e51
GET /common/fonts/roboto/font-face.css HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
content-length: 519
last-modified: Fri, 19 Jul 2024 12:42:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 04 Jul 2025 00:58:02 GMT
etag: "e4f77074c0ffbfab377011e19283eb13"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7UvP6DHElfWK-NXdPjgMz53IH8Xywwgt3M9BPgib5n5_fPpmyPb_Zw==
age: 30406
X-Firefox-Spdy: h2
GET ravin-hbs.com/zclkredirect?visitid=b82e6380-58b8-11f0-8b51-0affcf832b43&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false&gpu=Mesa%3B%20llvmpipe&timezone=UTC%2B00%3A00&timezoneName=UTC
302 Found 1.0 kB URL User Request GET ravin-hbs.com/zclkredirect?visitid=b82e6380-58b8-11f0-8b51-0affcf832b43&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false&gpu=Mesa%3B%20llvmpipe&timezone=UTC%2B00%3A00&timezoneName=UTC
IP
Certificate IssuerAmazon
Subjectravin-hbs.com
Fingerprint8A:92:4D:D9:7E:E0:7E:82:21:D2:63:3F:F9:BF:DB:04:52:77:0B:F7
ValidityMon, 12 May 2025 00:00:00 GMT - Wed, 10 Jun 2026 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zclkredirect?visitid=b82e6380-58b8-11f0-8b51-0affcf832b43&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false&gpu=Mesa%3B%20llvmpipe&timezone=UTC%2B00%3A00&timezoneName=UTC HTTP/1.1
Host: ravin-hbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ravin-hbs.com/zclkvisitor/b82e6380-58b8-11f0-8b51-0affcf832b43/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 04 Jul 2025 09:24:45 GMT
content-length: 0
location: https://geotrkclknow.com/rot/CoXC1ug9UP3UrzbI?extid=zrb82e638058b811f08b510affcf832b43f88cbae45c964e27bb9b1ac6e62793fe092097bb2dffa84f79&cost=0.005000&targid=mike-boy-1x99w3l4pj&sczp=lateritious-falcon
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type
X-Firefox-Spdy: h2
GET api.yadore.com/v2/d?url=https%3A%2F%2Fwww.farmasiet.no&market=no&projectId=Sde46opRHJDX&placementId=7nyTGKuK06yF
302 Found 180 kB URL User Request GET api.yadore.com/v2/d?url=https%3A%2F%2Fwww.farmasiet.no&market=no&projectId=Sde46opRHJDX&placementId=7nyTGKuK06yF
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subjectyadore.com
Fingerprint34:12:9F:8C:15:06:29:A3:3E:0E:BB:48:95:EE:B1:CE:72:5A:BE:21
ValiditySun, 08 Jun 2025 08:46:26 GMT - Sat, 06 Sep 2025 08:46:25 GMT
Size 180 kB (180262 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/d?url=https%3A%2F%2Fwww.farmasiet.no&market=no&projectId=Sde46opRHJDX&placementId=7nyTGKuK06yF HTTP/1.1
Host: api.yadore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://storesearch.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, API-Key
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: *
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
date: Fri, 04 Jul 2025 09:24:46 GMT
location: https://no-go.kelkoogroup.net/permanentLinkGo?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fwww.farmasiet.no&custom1=c38ce8e8e783fde5724b4d30c0cc0f410f817956eb99693e4d2ea9e7d4c4855f&publisherSubId=Sde46opRHJDX&publisherTrafficType=publishernetwork&originReferer=https%253A%252F%252Fwww.yadore.com
referrer-policy: no-referrer
server: nginx
x-powered-by: PHP/8.3.22
X-Firefox-Spdy: h2
GET static.captcha-delivery.com/captcha/assets/tpl/device-check/index.css
200 OK 3.7 kB URL GET static.captcha-delivery.com/captcha/assets/tpl/device-check/index.css
IP
Requested by https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAFVjmtvVbPEYAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=8KEmPbEhXag3uKYfhp1ofpchCFVWuYewRienwpkFZFAjYB2OX_E7wZPxfdrYto5dXffzyt7cxWvB3rmaU00Vh5L4C6NPv_jDEBg6QLjrTiKstdGt2ugHNGGDgRgqRh6T&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=32286&dm=cd
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
Hash d24f433ae1916185b0e4e20ed76cb64b
e0c8d4c58b7d0983f9b4042bea94c014cd5ec668
f40a7b02a8a2d420aa9d4cb5b0b26a92468828984fdc4b0d1202de4e24f59859
GET /captcha/assets/tpl/device-check/index.css HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 08 Feb 2024 08:41:29 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
date: Fri, 04 Jul 2025 01:11:05 GMT
etag: W/"d24f433ae1916185b0e4e20ed76cb64b"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0S-aa6izfPiUGGQqLCxy8yQsvg5iCv-hYew3d7JR4qoYsaAu72k-wg==
age: 29624
X-Firefox-Spdy: h2
GET static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/index.css
200 OK 6.2 kB URL GET static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/index.css
IP
Requested by https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAFVjmtvVbPEYAW1oqmg==&cid=8KEmPbEhXag3uKYfhp1ofoG0k4qXsY2nrFK6wmta18llBiY~QxpDzNEzfdpLJTe2zPxr5mUIFIzBX9mStE8urUOy7nT7wXkccWmxx7nFP~XKhirOgO51rDxJjDxd5PI6&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=cbfd789aa2e6f0bfa121546797e4c18cd6e8040705a7db5e3fe384abdb3cdf5c&ir=36%2C20%2C676&dm=dc_ir
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 1f113f0b6d6855568c684e354bb853d1
2a2fbd27d5408fa3e53c74f04b7790ab1aea9b2c
d49fce4d3745c6d9f755f6be625eb218238baec337cfdb30be0e87d8c0ff6653
GET /captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/index.css HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 11 Apr 2024 08:21:58 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
date: Fri, 04 Jul 2025 01:16:33 GMT
etag: W/"1f113f0b6d6855568c684e354bb853d1"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zx59JF2mLk5IK4E_1tdNtclSnXdTej9F81EzXKJmvy0Ov176jefCJQ==
age: 29297
X-Firefox-Spdy: h2
GET d38psrni17bvxu.cloudfront.net/scripts/js3.js
200 OK 1.1 kB URL GET d38psrni17bvxu.cloudfront.net/scripts/js3.js
IP
Requested by https://ww12.trifms.com/?usid=107&utid=edfbd0661b41ed7f057db2e304651982
Certificate IssuerAmazon
Subject*.cloudfront.net
Fingerprint8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72
ValidityMon, 05 May 2025 00:00:00 GMT - Thu, 23 Apr 2026 23:59:59 GMT
File type ASCII text, with very long lines (475)
Hash f0efa0cdd18cbb4afaf3ba408af8d9c9
7bd63f94c5356df9b7c49344459a6e527490c458
1ea543e1c0e8e7656a0846a397055ed10469c05c5ab555076f850df0b557d3f9
GET /scripts/js3.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.trifms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 453
server: nginx
date: Fri, 04 Jul 2025 05:46:47 GMT
content-encoding: gzip
last-modified: Wed, 29 Jan 2025 07:52:18 GMT
etag: "d7ee6y3j8oz5uy-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7a83657ba338d5960d8d5abdbe0a3136.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: VhNPMVaVB_XJz9H2KkK6OpkRnj-Shuktbe0g9h4FJ9HAQqyzz_j_JA==
age: 13076
X-Firefox-Spdy: h2
GET arveaoy.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3N0b3Jlc2VhcmNoLm5ldC9saW5rcz9pZHc9MzM5MjlcdTAwMjZzdWJpZD03bnlUR0t1SzA2eUZcdTAwMjZ2YXI2PSIsIlJlZGlyZWN0V29yZGluZyI6IiAiLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiICIsIkluc3RhbGxJZCI6MH0=
200 OK 660 B URL User Request GET arveaoy.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3N0b3Jlc2VhcmNoLm5ldC9saW5rcz9pZHc9MzM5MjlcdTAwMjZzdWJpZD03bnlUR0t1SzA2eUZcdTAwMjZ2YXI2PSIsIlJlZGlyZWN0V29yZGluZyI6IiAiLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiICIsIkluc3RhbGxJZCI6MH0=
IP
Certificate IssuerLet's Encrypt
Subjectarveaoy.com
Fingerprint3A:CE:79:68:16:7F:04:E7:A2:1A:FF:F0:2C:38:07:0B:67:9D:8C:71
ValidityMon, 16 Jun 2025 03:39:13 GMT - Sun, 14 Sep 2025 03:39:12 GMT
File type HTML document, ASCII text
Hash 528efb4729761efc63b45a657df9d26b
52f783326567c5b939179fd1dedb9f901e8f2e68
a23f29dd10bcbf2f2f8d41fe2939b0af81f2e6db614f5e393616734e4c504f42
GET /double?t=2&d=eyJVUkwiOiJodHRwczovL3N0b3Jlc2VhcmNoLm5ldC9saW5rcz9pZHc9MzM5MjlcdTAwMjZzdWJpZD03bnlUR0t1SzA2eUZcdTAwMjZ2YXI2PSIsIlJlZGlyZWN0V29yZGluZyI6IiAiLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiICIsIkluc3RhbGxJZCI6MH0= HTTP/1.1
Host: arveaoy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ClickDataNG=H4sIAAAAAAAA_7RUTW_bOBD9K8KcdgFFJvVliYVRpC5aLNokCyTdXvZCUSObG5oUSEqx0va_LyipqQ-59mKaMw8z8x7f6BuMaJ00GhjQhCQEYvBTj8BIDG5oHn7-F0aPaD22wDquHMYglBSPf7XAYKunh4-fhk-knD5ADC33CIxuC1qmlFRFDIKfei4POqDzvEhpDNLt_75-qWWN516aGUDLIqtjsIPCcCUxWGylReFv0B9NC6yIwZnBijmfZTEorlupDyt8vX2xChhADKbr0IZcmmY0i6GxXIvjCp6TC_Tofe_YZuO8seiQW3FMNPqNkvrRvZXt0y7L6rT-dyAkLd3QyHZ3yXyJj9yWOwh6OQ-MJIQUgcCIeliE7PlkBv-r936wFrWYgMGX-_cQw2DlxTDcjsjNlAhz2syKv_V2lO1ulnFpiWcv292zbaoUy6wiRdVUlHakagpKeNeJrsrSJs-6qhINx7wQdZljum2auqFclFim2zrrkNQpqbdNk7Zdx6u8265UA5XdzIQQsoQ8twfZ7k7yEa8aM13Rc10_ZSrv_1vVEc_9TnGPVnppBnfVcSWMhhhkf922Fp0DBjVNapLkaUKL_DJVLu82OLTXB9QeGNyYZ6kU3xQJif74KnVrnlx0-xBRkpA30Vepy_xNdA4_dmQ0yxPyZ_QRxaPZpIQSQgmNPkiLnTlv5iyER-nQogUGlo9SXx0bF1QOBsZRCnyxvgmzrj2Dndw_v1YmFGqseXJzobXFS4l3lut2IbMEbkyL6jJwy0-43MXSD_a8Ubh5f_85KOJ6YPBOyXN0b9QQNsTN3hq0t8Ext3czkcMyze3d9-93TploHwBTQEo_XSQg2M-i9vvgpHU7rDxI_bm_CHnLteNiWUgHTA9KxSAG580J2LfV2_DTEhADnj1azdX8OfgdToQYRrJMN1Jg8IrzQipdIRkweNV-Y74iivVcvTZu17NazzqcP378HwAA__8dogBIIAUAAA==; ClickDataNgFall=H4sIAAAAAAAA_7RUTW_bOBD9K8KcdgFFJvVliYVRpC5aLNokCyTdXvZCUSObG5oUSEqx0va_LyipqQ-59mKaMw8z8x7f6BuMaJ00GhjQhCQEYvBTj8BIDG5oHn7-F0aPaD22wDquHMYglBSPf7XAYKunh4-fhk-knD5ADC33CIxuC1qmlFRFDIKfei4POqDzvEhpDNLt_75-qWWN516aGUDLIqtjsIPCcCUxWGylReFv0B9NC6yIwZnBijmfZTEorlupDyt8vX2xChhADKbr0IZcmmY0i6GxXIvjCp6TC_Tofe_YZuO8seiQW3FMNPqNkvrRvZXt0y7L6rT-dyAkLd3QyHZ3yXyJj9yWOwh6OQ-MJIQUgcCIeliE7PlkBv-r936wFrWYgMGX-_cQw2DlxTDcjsjNlAhz2syKv_V2lO1ulnFpiWcv292zbaoUy6wiRdVUlHakagpKeNeJrsrSJs-6qhINx7wQdZljum2auqFclFim2zrrkNQpqbdNk7Zdx6u8265UA5XdzIQQsoQ8twfZ7k7yEa8aM13Rc10_ZSrv_1vVEc_9TnGPVnppBnfVcSWMhhhkf922Fp0DBjVNapLkaUKL_DJVLu82OLTXB9QeGNyYZ6kU3xQJif74KnVrnlx0-xBRkpA30Vepy_xNdA4_dmQ0yxPyZ_QRxaPZpIQSQgmNPkiLnTlv5iyER-nQogUGlo9SXx0bF1QOBsZRCnyxvgmzrj2Dndw_v1YmFGqseXJzobXFS4l3lut2IbMEbkyL6jJwy0-43MXSD_a8Ubh5f_85KOJ6YPBOyXN0b9QQNsTN3hq0t8Ext3czkcMyze3d9-93TploHwBTQEo_XSQg2M-i9vvgpHU7rDxI_bm_CHnLteNiWUgHTA9KxSAG580J2LfV2_DTEhADnj1azdX8OfgdToQYRrJMN1Jg8IrzQipdIRkweNV-Y74iivVcvTZu17NazzqcP378HwAA__8dogBIIAUAAA==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 04 Jul 2025 09:24:46 GMT
content-type: text/html; charset=utf-8
content-length: 660
cache-control: no-store, no-cache, must-revalidate
content-security-policy: referrer no-referrer
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
referrer-policy: no-referrer
X-Firefox-Spdy: h2
GET storesearch.net/links?idw=33929&subid=7nyTGKuK06yF&var6=
200 OK 608 B URL User Request GET storesearch.net/links?idw=33929&subid=7nyTGKuK06yF&var6=
IP
Certificate IssuerGoogle Trust Services
Subjectstoresearch.net
FingerprintAD:40:6B:81:53:72:BF:89:07:A6:8C:3D:7F:52:3B:5F:3C:B3:B4:A8
ValiditySat, 28 Jun 2025 14:45:55 GMT - Fri, 26 Sep 2025 15:45:47 GMT
File type HTML document, ASCII text
Hash ff57e2308064048508baa80f224d5aa9
8e4be6d9742e1009ee5dd9dd95c415b35a1690cc
cb615185e90558f118233cfbdc3f67d7517f25dfcdf5c6c4b50553baa9af7a22
GET /links?idw=33929&subid=7nyTGKuK06yF&var6= HTTP/1.1
Host: storesearch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 09:24:46 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, private
vary: accept-encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=kSZg%2FX9k6ZPWQDYR9bHqB3P2Odu6DhJCX8T7qfuIDOBf0%2BBvuxV2XxC%2BefTSEDp39kuzEkmtlzCOtbcYD8XiguxYxRMoHdmJ4tGFv98%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: XSRF-TOKEN=eyJpdiI6IlA0cllYbHlrUVBHQUpnb0ttQVE3aUE9PSIsInZhbHVlIjoiUzduMFNuQ1p3SXlubnNCTzJra0UxSEV4WnRQOWVXaElNM1doWmxlSmNiNHlMYXF3RWxjUWVqT3lmeW1weERCNXNnMWZUa3R5OVVMNHdmZGRYL2ZVVlU4SWxVUUozeEgxeEcxS0dLc2NFcW9aUndROWI2enZpSjl5cE5DN3V0MVMiLCJtYWMiOiI1ZDhlYTkxNmVhNTZiNjBmOWIyMjU1N2JkMmNjZmIzZGM4ZmQ1ZGNlYzRhOWI2NThmZmM2ODk1OWY3ZGIyZjNkIn0%3D; SameSite=Lax; Path=/; Max-Age=7200; Expires=Fri, 04 Jul 2025 11:24:46 GMT
vipesearches_session=eyJpdiI6IjRZalBLeUFRZ2crSnlCNWhjY01lQVE9PSIsInZhbHVlIjoiY25LNTZuUW1GQXBlbkVORXkrZy9Yc1Jab3RrOE0yaHc0cXZEci9ydlgrS2dxckpxYzNBcFN2WUhmR2xzd2lHbDNSbXJXcSt6NFdxQmx5dmxzYURpcTZod21MZ2xZTjlwaXd2ZkhWZzRLRTI4RU9uTXdmdVVMZlJlWE9jZERoQm0iLCJtYWMiOiI0YjliYmM1Y2IzNzk3OWI0OTUwYTc3YzY1ODZmY2MyNzAxMzkzYTM5MTc0NjA0YTliMmM0OTI2ZDE1ZGViMDVlIn0%3D; HttpOnly; SameSite=Lax; Path=/; Max-Age=7200; Expires=Fri, 04 Jul 2025 11:24:46 GMT
cf-ray: 959d924cce72b500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
403 Forbidden 744 B URL User Request GET no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
IP
ASN #60781 LeaseWeb Netherlands B.V.
Certificate IssuerDigiCert Inc
Subject*.kelkoogroup.net
FingerprintAB:7F:31:B1:66:46:76:99:39:20:8C:5B:A4:03:6B:DE:E6:6B:F4:17
ValidityThu, 26 Sep 2024 00:00:00 GMT - Fri, 10 Oct 2025 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (744), with no line terminators
Hash 5f88db3911600a0101613c70306abe42
2277332b2d46ac83eda910ee7d7bc3933691dacc
c780d7681b174f8816bb0825b366a224196c1e77e6f905481bf4d9e024eddc8a
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/permanentLinkGo?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fwww.farmasiet.no&custom1=c38ce8e8e783fde5724b4d30c0cc0f410f817956eb99693e4d2ea9e7d4c4855f&publisherSubId=Sde46opRHJDX&publisherTrafficType=publishernetwork&originReferer=https%253A%252F%252Fwww.yadore.com
DNT: 1
Connection: keep-alive
Cookie: datadome=PF~6kEZTn57_vZuTEbM4Rm9m1l~1uSPuSyRPurdi57aMgbqO7Cm4xTPeIw16uR_Cjzy_l5u7bnzVqz7PFKCxvBljMxLkdGcU7NuQlaczOtQo9GcW4VMTfnCLRlVHlD4y; kelkooID=a4c629a-197d4c0af42-3632e
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Pragma: no-cache
X-DD-B: 3
Charset: utf-8
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Set-Cookie: datadome=8KEmPbEhXag3uKYfhp1ofpchCFVWuYewRienwpkFZFAjYB2OX_E7wZPxfdrYto5dXffzyt7cxWvB3rmaU00Vh5L4C6NPv_jDEBg6QLjrTiKstdGt2ugHNGGDgRgqRh6T; Max-Age=31104000; Expires=Mon, 29 Jun 2026 09:24:47 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
X-DataDome: protected
Request-Time: PT0.030129762S
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
X-DataDome-CID: AHrlqAAAAAMAFVjmtvVbPEYAW1oqmg==
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Fri, 04 Jul 2025 09:24:47 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 744
GET static.captcha-delivery.com/common/fonts/roboto/roboto.woff2
200 OK 16 kB URL GET static.captcha-delivery.com/common/fonts/roboto/roboto.woff2
IP
Requested by https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAFVjmtvVbPEYAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=8KEmPbEhXag3uKYfhp1ofpchCFVWuYewRienwpkFZFAjYB2OX_E7wZPxfdrYto5dXffzyt7cxWvB3rmaU00Vh5L4C6NPv_jDEBg6QLjrTiKstdGt2ugHNGGDgRgqRh6T&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=32286&dm=cd
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 15688, version 1.0
Hash aa23b7b4bcf2b8f0e876106bb3de69c6
106ac454ba4e503e0a1cd15e1275130918049182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
GET /common/fonts/roboto/roboto.woff2 HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://static.captcha-delivery.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: font/woff2
content-length: 15688
access-control-allow-origin: https://geo.captcha-delivery.com
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
access-control-allow-credentials: true
last-modified: Fri, 06 May 2022 16:47:07 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 04 Jul 2025 01:17:22 GMT
etag: "aa23b7b4bcf2b8f0e876106bb3de69c6"
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mlhu7zRUycN_039YJOT5RUyEu0ClBQNSjSqN_-y_YozqKDCowV_TUw==
age: 29584
X-Firefox-Spdy: h2
GET geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAFVjmtvVbPEYAW1oqmg==&cid=8KEmPbEhXag3uKYfhp1ofoG0k4qXsY2nrFK6wmta18llBiY~QxpDzNEzfdpLJTe2zPxr5mUIFIzBX9mStE8urUOy7nT7wXkccWmxx7nFP~XKhirOgO51rDxJjDxd5PI6&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=cbfd789aa2e6f0bfa121546797e4c18cd6e8040705a7db5e3fe384abdb3cdf5c&ir=36%2C20%2C676&dm=dc_ir
200 OK 661 kB URL GET geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAFVjmtvVbPEYAW1oqmg==&cid=8KEmPbEhXag3uKYfhp1ofoG0k4qXsY2nrFK6wmta18llBiY~QxpDzNEzfdpLJTe2zPxr5mUIFIzBX9mStE8urUOy7nT7wXkccWmxx7nFP~XKhirOgO51rDxJjDxd5PI6&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=cbfd789aa2e6f0bfa121546797e4c18cd6e8040705a7db5e3fe384abdb3cdf5c&ir=36%2C20%2C676&dm=dc_ir
IP
Requested by https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
Certificate IssuerAmazon
Subject*.captcha-delivery.com
FingerprintF2:9E:7E:72:25:57:E3:AF:B6:87:61:A0:0D:B1:85:B4:85:82:E6:96
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (40803)
Size 661 kB (661256 bytes)
Hash 6bbed27ec1008a402e25af907c30fc1c
75927aa59af07769a117afe14354254aa2b9ef5b
7e608dc008870ae28c2eb611a5904dcb2129900855c2c499e36bcad7d198bb4c
GET /captcha/?initialCid=AHrlqAAAAAMAFVjmtvVbPEYAW1oqmg==&cid=8KEmPbEhXag3uKYfhp1ofoG0k4qXsY2nrFK6wmta18llBiY~QxpDzNEzfdpLJTe2zPxr5mUIFIzBX9mStE8urUOy7nT7wXkccWmxx7nFP~XKhirOgO51rDxJjDxd5PI6&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=cbfd789aa2e6f0bfa121546797e4c18cd6e8040705a7db5e3fe384abdb3cdf5c&ir=36%2C20%2C676&dm=dc_ir HTTP/1.1
Host: geo.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAFVjmtvVbPEYAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=8KEmPbEhXag3uKYfhp1ofpchCFVWuYewRienwpkFZFAjYB2OX_E7wZPxfdrYto5dXffzyt7cxWvB3rmaU00Vh5L4C6NPv_jDEBg6QLjrTiKstdGt2ugHNGGDgRgqRh6T&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=32286&dm=cd
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 04 Jul 2025 09:24:50 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
GET static.captcha-delivery.com/common/fonts/roboto/font-face.css
200 OK 519 B URL GET static.captcha-delivery.com/common/fonts/roboto/font-face.css
IP
Requested by https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAFVjmtvVbPEYAW1oqmg==&cid=8KEmPbEhXag3uKYfhp1ofoG0k4qXsY2nrFK6wmta18llBiY~QxpDzNEzfdpLJTe2zPxr5mUIFIzBX9mStE8urUOy7nT7wXkccWmxx7nFP~XKhirOgO51rDxJjDxd5PI6&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=cbfd789aa2e6f0bfa121546797e4c18cd6e8040705a7db5e3fe384abdb3cdf5c&ir=36%2C20%2C676&dm=dc_ir
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
Hash e4f77074c0ffbfab377011e19283eb13
9160259165ca1ef84209d4dd675c3ed367babff1
66599c34190f7a6a402b38664a30a9b564fc22510f51fa3c5f027fb91e7a0e51
GET /common/fonts/roboto/font-face.css HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
content-length: 519
last-modified: Fri, 19 Jul 2024 12:42:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 04 Jul 2025 00:58:02 GMT
etag: "e4f77074c0ffbfab377011e19283eb13"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x2rSW7pQYQh5FjrzKzWkO1ivWT1MyPmCQSotVealWJ-3wRlt4IKp7A==
age: 30408
X-Firefox-Spdy: h2
GET storesearch.net/farmasiet-no?q=https%3A%2F%2Ffarmasiet.no
200 OK 626 B URL User Request GET storesearch.net/farmasiet-no?q=https%3A%2F%2Ffarmasiet.no
IP
Certificate IssuerGoogle Trust Services
Subjectstoresearch.net
FingerprintAD:40:6B:81:53:72:BF:89:07:A6:8C:3D:7F:52:3B:5F:3C:B3:B4:A8
ValiditySat, 28 Jun 2025 14:45:55 GMT - Fri, 26 Sep 2025 15:45:47 GMT
File type HTML document, ASCII text
Hash 7639a8cf323b42ed21c653ee142a7a91
7c62a33a05a8db136d6e0f72c0f751d592cceb45
4b6d8564e45d1e307480a0380970a4fd1f101ae5360c26fbad8fe24a81c5b05f
GET /farmasiet-no?q=https%3A%2F%2Ffarmasiet.no HTTP/1.1
Host: storesearch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlA0cllYbHlrUVBHQUpnb0ttQVE3aUE9PSIsInZhbHVlIjoiUzduMFNuQ1p3SXlubnNCTzJra0UxSEV4WnRQOWVXaElNM1doWmxlSmNiNHlMYXF3RWxjUWVqT3lmeW1weERCNXNnMWZUa3R5OVVMNHdmZGRYL2ZVVlU4SWxVUUozeEgxeEcxS0dLc2NFcW9aUndROWI2enZpSjl5cE5DN3V0MVMiLCJtYWMiOiI1ZDhlYTkxNmVhNTZiNjBmOWIyMjU1N2JkMmNjZmIzZGM4ZmQ1ZGNlYzRhOWI2NThmZmM2ODk1OWY3ZGIyZjNkIn0%3D; vipesearches_session=eyJpdiI6IjRZalBLeUFRZ2crSnlCNWhjY01lQVE9PSIsInZhbHVlIjoiY25LNTZuUW1GQXBlbkVORXkrZy9Yc1Jab3RrOE0yaHc0cXZEci9ydlgrS2dxckpxYzNBcFN2WUhmR2xzd2lHbDNSbXJXcSt6NFdxQmx5dmxzYURpcTZod21MZ2xZTjlwaXd2ZkhWZzRLRTI4RU9uTXdmdVVMZlJlWE9jZERoQm0iLCJtYWMiOiI0YjliYmM1Y2IzNzk3OWI0OTUwYTc3YzY1ODZmY2MyNzAxMzkzYTM5MTc0NjA0YTliMmM0OTI2ZDE1ZGViMDVlIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 09:24:46 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, private
vary: accept-encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=zbPUKJ5rg0qOnUgBdMgTxYBiVy9sbdn0Af2nWLR4867RfbqgMXAwet%2BHzmI0VRHhYL4N3%2Fcwd6BQ%2B%2BdpzTznOikpaELU%2F%2BHJIJJ9KIs%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: XSRF-TOKEN=eyJpdiI6IjdHZCt0SGxQWTV1UnFkM2Z4Z3dXQmc9PSIsInZhbHVlIjoiSG1Wek9XL2NMeFlIY2RJcjJaQ3JpZ3o5OTVTc3JwL0xrV0g1eE5uWjhYaCtCNGFiT3lnQnVzV1JkZkU3dGh2cjNUaUxrL3YxOFhXSDFROG1XWkZydHJXNjlrcTEvM0NFTzI3d1pWcDZxa3pFaUhDQk52WWw3aU1WVjUzUEx6SngiLCJtYWMiOiJiYWE3NDRjN2FkNWJlNWEyYjdlODY1ZjA3ZjNkYTgyNWUyNTZkOTUxZDIyNDkxYTlhMDczNjZmZWMzNDIxYTQzIn0%3D; SameSite=Lax; Path=/; Max-Age=7200; Expires=Fri, 04 Jul 2025 11:24:46 GMT
vipesearches_session=eyJpdiI6IkFNNk1VbEhnblIzQ1JRSnpRVmxvM2c9PSIsInZhbHVlIjoiOURLamZQbk1OelQ0NVdDTHN3eldmTE44NDZOV2ZYb0tpOEhwMEMrMk1CRFpaUmVOL3Vhb1cvMXdUTmJlRFYzK1ZBeXBvUE1KbGhmeW1nWWtER0Z0Q3djeDlmOEhUMFNkUXRhR0NnRnE0VGtJSXNaQzFnKzBPM1JRVjV3cXhvMk0iLCJtYWMiOiIwYjJkODE1ZDE2Mjc2MmQ3OGY0ZGI3ZTljZGJlZmUzOGRjZDVkYmI5MWFmOWJjMzEwODgxNTI5MjI1ZWMzMGU2In0%3D; HttpOnly; SameSite=Lax; Path=/; Max-Age=7200; Expires=Fri, 04 Jul 2025 11:24:46 GMT
cf-ray: 959d924edac1b500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAFVjmtvVbPEYAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=8KEmPbEhXag3uKYfhp1ofpchCFVWuYewRienwpkFZFAjYB2OX_E7wZPxfdrYto5dXffzyt7cxWvB3rmaU00Vh5L4C6NPv_jDEBg6QLjrTiKstdGt2ugHNGGDgRgqRh6T&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=32286&dm=cd
200 OK 554 kB URL GET geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAFVjmtvVbPEYAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=8KEmPbEhXag3uKYfhp1ofpchCFVWuYewRienwpkFZFAjYB2OX_E7wZPxfdrYto5dXffzyt7cxWvB3rmaU00Vh5L4C6NPv_jDEBg6QLjrTiKstdGt2ugHNGGDgRgqRh6T&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=32286&dm=cd
IP
Requested by https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
Certificate IssuerAmazon
Subject*.captcha-delivery.com
FingerprintF2:9E:7E:72:25:57:E3:AF:B6:87:61:A0:0D:B1:85:B4:85:82:E6:96
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (61855)
Size 554 kB (553912 bytes)
Hash 252e7e3efc3752f131a11117bdabeb32
accab4a008f855c1c056f40858435109fcbb52aa
5e0c736654322d4e69ed7d9e1b70bcf5101bee226ebb9c8cb8de3db4ae672c75
GET /interstitial/?initialCid=AHrlqAAAAAMAFVjmtvVbPEYAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=8KEmPbEhXag3uKYfhp1ofpchCFVWuYewRienwpkFZFAjYB2OX_E7wZPxfdrYto5dXffzyt7cxWvB3rmaU00Vh5L4C6NPv_jDEBg6QLjrTiKstdGt2ugHNGGDgRgqRh6T&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=32286&dm=cd HTTP/1.1
Host: geo.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 04 Jul 2025 09:24:48 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
GET dd.prod.captcha-delivery.com/image/2025-07-04/3245ffdca039ef1b9f016bb2e7779ef9.jpg
200 OK 11 kB URL GET dd.prod.captcha-delivery.com/image/2025-07-04/3245ffdca039ef1b9f016bb2e7779ef9.jpg
IP
Requested by https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAFVjmtvVbPEYAW1oqmg==&cid=8KEmPbEhXag3uKYfhp1ofoG0k4qXsY2nrFK6wmta18llBiY~QxpDzNEzfdpLJTe2zPxr5mUIFIzBX9mStE8urUOy7nT7wXkccWmxx7nFP~XKhirOgO51rDxJjDxd5PI6&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=cbfd789aa2e6f0bfa121546797e4c18cd6e8040705a7db5e3fe384abdb3cdf5c&ir=36%2C20%2C676&dm=dc_ir
Certificate IssuerAmazon
Subjectdd.prod.captcha-delivery.com
Fingerprint78:DE:FA:F7:3D:63:84:2A:F7:68:BE:5E:19:5C:02:C6:7A:A4:A2:DA
ValidityMon, 27 Jan 2025 00:00:00 GMT - Wed, 25 Feb 2026 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 280x155, components 3
Hash a007360575736c54a7b0690c79460944
7e031b9fa4234c20ccd9138b5935541185d1f52d
7ac3684430decd665d2f3e553241fbed9113e97fe478a51507438d249ca34ada
GET /image/2025-07-04/3245ffdca039ef1b9f016bb2e7779ef9.jpg HTTP/1.1
Host: dd.prod.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 10868
date: Fri, 04 Jul 2025 00:14:25 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3600
last-modified: Mon, 30 Jun 2025 05:08:20 GMT
x-amz-expiration: expiry-date="Tue, 08 Jul 2025 00:00:00 GMT", rule-id="auto-clean old captchas image (7 days)"
etag: "a007360575736c54a7b0690c79460944"
x-amz-server-side-encryption: AES256
x-amz-version-id: 95gIMRLKxgSnCKvTKtm2mWSjTYL.j4yN
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HvwTdo3icDOjIBbj2MwwIpGg1HL2_WwAVoyqx3ZZHWvopt6MYZWhWg==
age: 33026
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
GET tracking.eu.trifms.com/rtb/feedimpression
200 OK 4.4 kB URL User Request GET tracking.eu.trifms.com/rtb/feedimpression
IP
ASN #63949 Akamai Connected Cloud
Certificate IssuerLet's Encrypt
Subjecttracking.eu.trifms.com
FingerprintA7:E6:65:FF:A7:7D:5A:7F:7C:A8:8B:03:97:7F:A4:3E:AF:F5:77:E0
ValidityThu, 03 Jul 2025 11:19:03 GMT - Wed, 01 Oct 2025 11:19:02 GMT
File type JavaScript source, ASCII text, with very long lines (4448), with no line terminators
Hash 2dd58407f4ae54291fd8db946a066928
2db94e1c620c52e326de5e19283c5b7647137ef5
f7d91acfb27e732d8a29c0bd3babbfa53b5c069857a3f56a808b32282cb03a17
GET /rtb/feedimpression HTTP/1.1
Host: tracking.eu.trifms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 09:24:41 GMT
content-type: text/html
cache-control: no-store, max-age=0
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
permissions-policy: ch-ua=(self "https://*.parklogic.com"), ch-ua-arch=(self "https://*.parklogic.com"), ch-ua-bitness=(self "https://*.parklogic.com"), ch-ua-full-version=(self "https://*.parklogic.com"), ch-ua-full-version-list=(self "https://*.parklogic.com"), ch-ua-mobile=(self "https://*.parklogic.com"), ch-ua-model=(self "https://*.parklogic.com"), ch-ua-platform=(self "https://*.parklogic.com"), ch-ua-platform-version=(self "https://*.parklogic.com"), ch-ua-wow64=(self "https://*.parklogic.com")
content-encoding: gzip
X-Firefox-Spdy: h2
GET tracking.eu.trifms.com/favicon.ico
0 B URL GET tracking.eu.trifms.com/favicon.ico
IP
Requested by https://tracking.eu.trifms.com/rtb/feedimpression
Certificate IssuerLet's Encrypt
Subjecttracking.eu.trifms.com
FingerprintA7:E6:65:FF:A7:7D:5A:7F:7C:A8:8B:03:97:7F:A4:3E:AF:F5:77:E0
ValidityThu, 03 Jul 2025 11:19:03 GMT - Wed, 01 Oct 2025 11:19:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: tracking.eu.trifms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tracking.eu.trifms.com/rtb/feedimpression
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
POST router.parklogic.com/rtb/feedimpression
200 OK 70 B URL POST router.parklogic.com/rtb/feedimpression
IP
ASN #63949 Akamai Connected Cloud
Requested by https://tracking.eu.trifms.com/rtb/feedimpression
Certificate IssuerLet's Encrypt
Subjectrouter-lb01.parklogic.com
Fingerprint85:E3:F4:EB:CD:63:9B:0A:3D:3A:5F:C3:4A:6C:65:01:DB:CA:C3:9C
ValiditySat, 28 Jun 2025 21:31:25 GMT - Fri, 26 Sep 2025 21:31:24 GMT
File type ASCII text, with no line terminators
Hash 82af784ef3d5e22f292454ea9f0d16c7
8609aada16e6a455ad2b935f3091570f372c44df
a8d2b32fe705be1b09ae935f86857378d5d897545399962d7a5eebb47b0b4c0e
POST /rtb/feedimpression HTTP/1.1
Host: router.parklogic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 455
Origin: https://tracking.eu.trifms.com
DNT: 1
Connection: keep-alive
Referer: https://tracking.eu.trifms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 09:24:43 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET ww12.trifms.com/?usid=107&utid=edfbd0661b41ed7f057db2e304651982
200 OK 2.9 kB URL User Request GET ww12.trifms.com/?usid=107&utid=edfbd0661b41ed7f057db2e304651982
IP
Certificate IssuerLet's Encrypt
Subjectww12.trifms.com
Fingerprint78:9C:D9:76:A4:2E:D3:F0:4B:ED:BB:B7:78:DF:99:CD:15:0B:55:B7
ValidityMon, 26 May 2025 21:21:34 GMT - Sun, 24 Aug 2025 21:21:33 GMT
File type HTML document, ASCII text, with very long lines (850)
Hash e7697ce525e19ded115236dfcd515000
cf6a0e5dd74cb021f7f5889fd0f3ff11cc45ea78
602deeec585ac27ba17e1386ff2e33e5f6793170ac1f715213c329872a8b57ef
GET /?usid=107&utid=edfbd0661b41ed7f057db2e304651982 HTTP/1.1
Host: ww12.trifms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
alt-svc: h3=":50944"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 04 Jul 2025 09:24:43 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 Caddy, 0.0 Caddy
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Nhkr6G7qqmYnSXmZUSAozByKDkWHKa7kaeiwS1JoXl/EevCARnmg96VZDV4RTO0RZ4YiFK2W3B20U9xiKX7AtA==
x-buckets: bucket003,bucket077
x-domain: trifms.com
x-language: norwegian
x-pcrew-blocked-reason: hosting network
x-pcrew-ip-organization: Blix Solutions
x-redirect: zcd
x-subdomain: ww12
x-template: tpl_CleanPeppermintBlack_twoclick
content-length: 1775
X-Firefox-Spdy: h2
GET ww12.trifms.com/munin/a/tr/browserjs?domain=trifms.com&toggle=browserjs&uid=MTc1MTYyMTA4My40MjEzOjEyNGVkYWI2YTk4NWM5ZmJmNzJhYTBmMDljZDYzY2IyNjZjODcxY2Y1NGE0Y2IxODE3Yjk0NGNkNGVjYTk4ZjE6Njg2NzlkZGI2NmQ4Nw%3D%3D
200 OK 0 B URL GET ww12.trifms.com/munin/a/tr/browserjs?domain=trifms.com&toggle=browserjs&uid=MTc1MTYyMTA4My40MjEzOjEyNGVkYWI2YTk4NWM5ZmJmNzJhYTBmMDljZDYzY2IyNjZjODcxY2Y1NGE0Y2IxODE3Yjk0NGNkNGVjYTk4ZjE6Njg2NzlkZGI2NmQ4Nw%3D%3D
IP
Requested by https://ww12.trifms.com/?usid=107&utid=edfbd0661b41ed7f057db2e304651982
Certificate IssuerLet's Encrypt
Subjectww12.trifms.com
Fingerprint78:9C:D9:76:A4:2E:D3:F0:4B:ED:BB:B7:78:DF:99:CD:15:0B:55:B7
ValidityMon, 26 May 2025 21:21:34 GMT - Sun, 24 Aug 2025 21:21:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /munin/a/tr/browserjs?domain=trifms.com&toggle=browserjs&uid=MTc1MTYyMTA4My40MjEzOjEyNGVkYWI2YTk4NWM5ZmJmNzJhYTBmMDljZDYzY2IyNjZjODcxY2Y1NGE0Y2IxODE3Yjk0NGNkNGVjYTk4ZjE6Njg2NzlkZGI2NmQ4Nw%3D%3D HTTP/1.1
Host: ww12.trifms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.trifms.com/?usid=107&utid=edfbd0661b41ed7f057db2e304651982
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
access-control-allow-origin: *
alt-svc: h3=":50944"; ma=2592000
content-type: text/html; charset=UTF-8
date: Fri, 04 Jul 2025 09:24:44 GMT
server: nginx
via: 1.1 Caddy, 0.0 Caddy
x-custom-track: browserjs
content-length: 0
X-Firefox-Spdy: h2
GET ww12.trifms.com/munin/a/ls?t=68679ddb&token=d5887f54ce010acd546415130546fbeda8c99296
201 Created 0 B URL GET ww12.trifms.com/munin/a/ls?t=68679ddb&token=d5887f54ce010acd546415130546fbeda8c99296
IP
Requested by https://ww12.trifms.com/?usid=107&utid=edfbd0661b41ed7f057db2e304651982
Certificate IssuerLet's Encrypt
Subjectww12.trifms.com
Fingerprint78:9C:D9:76:A4:2E:D3:F0:4B:ED:BB:B7:78:DF:99:CD:15:0B:55:B7
ValidityMon, 26 May 2025 21:21:34 GMT - Sun, 24 Aug 2025 21:21:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /munin/a/ls?t=68679ddb&token=d5887f54ce010acd546415130546fbeda8c99296 HTTP/1.1
Host: ww12.trifms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.trifms.com/?usid=107&utid=edfbd0661b41ed7f057db2e304651982
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 201 Created
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin:
access-control-max-age: 86400
alt-svc: h3=":50944"; ma=2592000
charset: utf-8
content-type: text/javascript;charset=UTF-8
date: Fri, 04 Jul 2025 09:24:44 GMT
server: nginx
status: 201 Created
via: 1.1 Caddy, 0.0 Caddy
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_SjW3yLoPMTdi60D2kazMsUx5mzcTmLLSQX94/y7MtL1dcSGngmVr5ykJRI4IP7BOf6wpSstWLlKyhyEs0hBM8Q==
x-log-success: 68679ddc2f10dd6561014802
content-length: 0
X-Firefox-Spdy: h2
GET ww12.trifms.com/favicon.ico
200 OK 0 B URL GET ww12.trifms.com/favicon.ico
IP
Requested by https://ww12.trifms.com/?usid=107&utid=edfbd0661b41ed7f057db2e304651982
Certificate IssuerLet's Encrypt
Subjectww12.trifms.com
Fingerprint78:9C:D9:76:A4:2E:D3:F0:4B:ED:BB:B7:78:DF:99:CD:15:0B:55:B7
ValidityMon, 26 May 2025 21:21:34 GMT - Sun, 24 Aug 2025 21:21:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ww12.trifms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.trifms.com/?usid=107&utid=edfbd0661b41ed7f057db2e304651982
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
alt-svc: h3=":50944"; ma=2592000
content-type: image/x-icon
date: Fri, 04 Jul 2025 09:24:44 GMT
etag: "670f7248-0"
last-modified: Wed, 16 Oct 2024 07:59:04 GMT
server: nginx
via: 1.1 Caddy
content-length: 0
X-Firefox-Spdy: h2
GET ravin-hbs.com/zclkvisitor/b82e6380-58b8-11f0-8b51-0affcf832b43/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
200 OK 3.1 kB URL User Request GET ravin-hbs.com/zclkvisitor/b82e6380-58b8-11f0-8b51-0affcf832b43/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
IP
Certificate IssuerAmazon
Subjectravin-hbs.com
Fingerprint8A:92:4D:D9:7E:E0:7E:82:21:D2:63:3F:F9:BF:DB:04:52:77:0B:F7
ValidityMon, 12 May 2025 00:00:00 GMT - Wed, 10 Jun 2026 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (409)
Hash aaeb4eda2f349d80575e3b5857462461
66847324b4d2738777484be59884e9f3251f808f
a495d9995c2404efe1f1d8c8470185f7f3ae7649f673b0501092884906221f2b
GET /zclkvisitor/b82e6380-58b8-11f0-8b51-0affcf832b43/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381 HTTP/1.1
Host: ravin-hbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.trifms.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 04 Jul 2025 09:24:45 GMT
content-type: text/html;charset=UTF-8
content-length: 3088
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type
X-Firefox-Spdy: h2
POST geo.captcha-delivery.com/interstitial/
200 OK 1.8 kB URL POST geo.captcha-delivery.com/interstitial/
IP
Requested by https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAFVjmtvVbPEYAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=8KEmPbEhXag3uKYfhp1ofpchCFVWuYewRienwpkFZFAjYB2OX_E7wZPxfdrYto5dXffzyt7cxWvB3rmaU00Vh5L4C6NPv_jDEBg6QLjrTiKstdGt2ugHNGGDgRgqRh6T&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=32286&dm=cd
Certificate IssuerAmazon
Subject*.captcha-delivery.com
FingerprintF2:9E:7E:72:25:57:E3:AF:B6:87:61:A0:0D:B1:85:B4:85:82:E6:96
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
Hash ccc9b47f7ceec1a6abf30aae5aeb0018
ff1c20f786e85f0164209bf742cb35ef6ac101d4
f8760653682e7f7032f6bd5225fe04b98505ce1c217606d62646ae9015e155bf
POST /interstitial/ HTTP/1.1
Host: geo.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 7720
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAFVjmtvVbPEYAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=8KEmPbEhXag3uKYfhp1ofpchCFVWuYewRienwpkFZFAjYB2OX_E7wZPxfdrYto5dXffzyt7cxWvB3rmaU00Vh5L4C6NPv_jDEBg6QLjrTiKstdGt2ugHNGGDgRgqRh6T&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=32286&dm=cd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 04 Jul 2025 09:24:50 GMT
Content-Type: application/json;charset=utf-8
Content-Length: 1797
Connection: keep-alive
GET ww12.trifms.com/munin/a/tr/click?click=31ca739dde436b64c5300d92447fd14859a5b333&domain=trifms.com&uid=MTc1MTYyMTA4My40MjEzOjEyNGVkYWI2YTk4NWM5ZmJmNzJhYTBmMDljZDYzY2IyNjZjODcxY2Y1NGE0Y2IxODE3Yjk0NGNkNGVjYTk4ZjE6Njg2NzlkZGI2NmQ4Nw%3D%3D&ts=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.Fs2SY7aAIox_ICmSUfThunLcf2rWFa88VNy3TNe6wFYVt8xuqX2_iA.jzB553IoOLrmYIGF0VjP7g.A1Oh5HdzK8p98UFqU87t8y_fiCbBMoOWPdtomUDp_FHpIQuoZeejDo_v6orKteBR668Mgm_e9Umk5J_t5wo6eB1TMClBi6syyhXq3cTk0uvQ7SFTymZ5ll24_f9xt2hetEqo9vXGYDWby6EiPqa9g6a0sEVzKG884uYX5FvJM-sgZrWfo8eeWyp9VN7ZFhhJNt4n8aJieiraNVUsA4FBcjNgVHPhko8nN6fFJydaPC_j1nq2hQ9s_Y6cehFA7FnwYXQ385lR8zrqdiuIhIxhSaLyKKEMzLDS68FrB1JSm2_G51Iyn01Hieq4hDHUz-omt_v6iWz-Iorr0cRkECRo_HfvUzLxkTtN2c3l-f2mHM4Eo9RqPImNCC3X344YacNJIo5yP01_GyQd4aYvdSOGBaKBO9F8SptqHZwWVQiNFUr8gD3Ju1WSbq0xgLFbrPHSCz314WDF2KD7LQX1GVOMm9768esRSGENoNHmoZTEQJAAX6jg8ts5c9qhmasPawabHIgbW6hZ6iKQkUhXaw70OQMYvoZ0QCt38pOUhoadbCKhqMQaWM11es29XiTSRtAQH-XbLFVdVA8SIenDYnaK722TrA_NHoZfBs8dLS-XfjZw5skb4V6jjQVQ0Pf15CaO.vXk9s0CR5r5BjjvuMrzvVA&kw=&search=&pcat=&bucket=&clientID=&adtest=off
200 OK 0 B URL GET ww12.trifms.com/munin/a/tr/click?click=31ca739dde436b64c5300d92447fd14859a5b333&domain=trifms.com&uid=MTc1MTYyMTA4My40MjEzOjEyNGVkYWI2YTk4NWM5ZmJmNzJhYTBmMDljZDYzY2IyNjZjODcxY2Y1NGE0Y2IxODE3Yjk0NGNkNGVjYTk4ZjE6Njg2NzlkZGI2NmQ4Nw%3D%3D&ts=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.Fs2SY7aAIox_ICmSUfThunLcf2rWFa88VNy3TNe6wFYVt8xuqX2_iA.jzB553IoOLrmYIGF0VjP7g.A1Oh5HdzK8p98UFqU87t8y_fiCbBMoOWPdtomUDp_FHpIQuoZeejDo_v6orKteBR668Mgm_e9Umk5J_t5wo6eB1TMClBi6syyhXq3cTk0uvQ7SFTymZ5ll24_f9xt2hetEqo9vXGYDWby6EiPqa9g6a0sEVzKG884uYX5FvJM-sgZrWfo8eeWyp9VN7ZFhhJNt4n8aJieiraNVUsA4FBcjNgVHPhko8nN6fFJydaPC_j1nq2hQ9s_Y6cehFA7FnwYXQ385lR8zrqdiuIhIxhSaLyKKEMzLDS68FrB1JSm2_G51Iyn01Hieq4hDHUz-omt_v6iWz-Iorr0cRkECRo_HfvUzLxkTtN2c3l-f2mHM4Eo9RqPImNCC3X344YacNJIo5yP01_GyQd4aYvdSOGBaKBO9F8SptqHZwWVQiNFUr8gD3Ju1WSbq0xgLFbrPHSCz314WDF2KD7LQX1GVOMm9768esRSGENoNHmoZTEQJAAX6jg8ts5c9qhmasPawabHIgbW6hZ6iKQkUhXaw70OQMYvoZ0QCt38pOUhoadbCKhqMQaWM11es29XiTSRtAQH-XbLFVdVA8SIenDYnaK722TrA_NHoZfBs8dLS-XfjZw5skb4V6jjQVQ0Pf15CaO.vXk9s0CR5r5BjjvuMrzvVA&kw=&search=&pcat=&bucket=&clientID=&adtest=off
IP
Requested by https://ww12.trifms.com/?usid=107&utid=edfbd0661b41ed7f057db2e304651982
Certificate IssuerLet's Encrypt
Subjectww12.trifms.com
Fingerprint78:9C:D9:76:A4:2E:D3:F0:4B:ED:BB:B7:78:DF:99:CD:15:0B:55:B7
ValidityMon, 26 May 2025 21:21:34 GMT - Sun, 24 Aug 2025 21:21:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /munin/a/tr/click?click=31ca739dde436b64c5300d92447fd14859a5b333&domain=trifms.com&uid=MTc1MTYyMTA4My40MjEzOjEyNGVkYWI2YTk4NWM5ZmJmNzJhYTBmMDljZDYzY2IyNjZjODcxY2Y1NGE0Y2IxODE3Yjk0NGNkNGVjYTk4ZjE6Njg2NzlkZGI2NmQ4Nw%3D%3D&ts=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.Fs2SY7aAIox_ICmSUfThunLcf2rWFa88VNy3TNe6wFYVt8xuqX2_iA.jzB553IoOLrmYIGF0VjP7g.A1Oh5HdzK8p98UFqU87t8y_fiCbBMoOWPdtomUDp_FHpIQuoZeejDo_v6orKteBR668Mgm_e9Umk5J_t5wo6eB1TMClBi6syyhXq3cTk0uvQ7SFTymZ5ll24_f9xt2hetEqo9vXGYDWby6EiPqa9g6a0sEVzKG884uYX5FvJM-sgZrWfo8eeWyp9VN7ZFhhJNt4n8aJieiraNVUsA4FBcjNgVHPhko8nN6fFJydaPC_j1nq2hQ9s_Y6cehFA7FnwYXQ385lR8zrqdiuIhIxhSaLyKKEMzLDS68FrB1JSm2_G51Iyn01Hieq4hDHUz-omt_v6iWz-Iorr0cRkECRo_HfvUzLxkTtN2c3l-f2mHM4Eo9RqPImNCC3X344YacNJIo5yP01_GyQd4aYvdSOGBaKBO9F8SptqHZwWVQiNFUr8gD3Ju1WSbq0xgLFbrPHSCz314WDF2KD7LQX1GVOMm9768esRSGENoNHmoZTEQJAAX6jg8ts5c9qhmasPawabHIgbW6hZ6iKQkUhXaw70OQMYvoZ0QCt38pOUhoadbCKhqMQaWM11es29XiTSRtAQH-XbLFVdVA8SIenDYnaK722TrA_NHoZfBs8dLS-XfjZw5skb4V6jjQVQ0Pf15CaO.vXk9s0CR5r5BjjvuMrzvVA&kw=&search=&pcat=&bucket=&clientID=&adtest=off HTTP/1.1
Host: ww12.trifms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww12.trifms.com/?usid=107&utid=edfbd0661b41ed7f057db2e304651982
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
access-control-allow-origin: *
alt-svc: h3=":50944"; ma=2592000
content-type: text/html; charset=UTF-8
date: Fri, 04 Jul 2025 09:24:44 GMT
server: nginx
via: 1.1 Caddy, 0.0 Caddy
x-custom-track: none
x-view-match: true
content-length: 0
X-Firefox-Spdy: h2
GET ct.captcha-delivery.com/i.js
200 OK 14 kB URL GET ct.captcha-delivery.com/i.js
IP
Requested by https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text
Hash 4d8b19e144663a4b0a34e2030e9d1cc8
5b9eaf949689ac7820c221a5911f4fff98c5ab02
d5c4c11916c7bd5f5ad25bb4647f735d4a0704aa63f59835017ff625f82363dd
GET /i.js HTTP/1.1
Host: ct.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 13786
date: Thu, 03 Jul 2025 12:24:05 GMT
last-modified: Wed, 25 Jun 2025 12:23:22 GMT
etag: "4d8b19e144663a4b0a34e2030e9d1cc8"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: R0kHb-Q8YI9wAQqmqTggeQZcImh8YR4LOIZcBLDi-w4-qJHdHm-SCQ==
age: 75643
X-Firefox-Spdy: h2
GET no-go.kelkoogroup.net/favicon.ico
404 Not Found 1.1 kB URL GET no-go.kelkoogroup.net/favicon.ico
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
Certificate IssuerDigiCert Inc
Subject*.kelkoogroup.net
FingerprintAB:7F:31:B1:66:46:76:99:39:20:8C:5B:A4:03:6B:DE:E6:6B:F4:17
ValidityThu, 26 Sep 2024 00:00:00 GMT - Fri, 10 Oct 2025 23:59:59 GMT
File type HTML document, ASCII text
Hash 8560de521c4990c7c870121fc9643508
0cacf7a6b96cceeb6ceae74d5f14dc87406a6f39
73a434285c3a752bc8c44aebd50e10f1a766853cbc7184e78d5c934c7b52b620
GET /favicon.ico HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22f9dab6e7cb04a278bcf0f4168ba6deed0c72bbcd4c29a9c1827c630f4a6045d84c0c8e324d171e08922d076fb49d73140b4029b3c5bbd03e59b2d927aa9854ebee756916eac55a63ec9800bd8e843b69d4e3121b2e2b6eef91c6c1f825d529be46aeed8d3efefdb5aba8bc766b7ed1eb261c2a5ced932f6508c7f503486f83b8d97a56ee663a1eb18d4b06b31dbc66fcc011de3f325400dad5e3fee045a70f1bd8580dbc09909541ef1b6b0e3a088534fab5c7e686a9b98df023a26c68f079d202127253a4628e101b33c700de04e3e2b0866915f4d9790bddd8617679e7f97e1471bbedad4c498a4295fbee1ac244ae7e6197ddcaa80b674fc71369461ee845a98d69727e8ac5d6505073fbe4c06c9b4c96eac7674a1f18305522575c829ee189d5b503789173ed4255116c74bdc964aa6dc2dcc076fc6e5cecac1c85a6b54ae183b720f755756683e88102f33ca3eeda5fc67544148a741670d4c485d8095a9afee318322126c7170199e536d86740&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D62B801JZAC1BTMGZ0T7KXZC7FNXBV8%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
DNT: 1
Connection: keep-alive
Cookie: datadome=8KEmPbEhXag3uKYfhp1ofpchCFVWuYewRienwpkFZFAjYB2OX_E7wZPxfdrYto5dXffzyt7cxWvB3rmaU00Vh5L4C6NPv_jDEBg6QLjrTiKstdGt2ugHNGGDgRgqRh6T; kelkooID=a4c629a-197d4c0af42-3632e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Request-Time: PT0.001051551S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'none'
X-Permitted-Cross-Domain-Policies: master-only
Date: Fri, 04 Jul 2025 09:24:47 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1144
172.233.219.123
95.211.116.26
88.99.112.6
104.21.64.1
13.50.216.15