GET ravin-hbs.com/zclkvisitor/6c126fa2-3252-11f0-8c6a-0affecbaabc5/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
200 OK 3.1 kB URL User Request GET ravin-hbs.com/zclkvisitor/6c126fa2-3252-11f0-8c6a-0affecbaabc5/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
IP
Certificate IssuerAmazon
Subjectravin-hbs.com
Fingerprint8A:92:4D:D9:7E:E0:7E:82:21:D2:63:3F:F9:BF:DB:04:52:77:0B:F7
ValidityMon, 12 May 2025 00:00:00 GMT - Wed, 10 Jun 2026 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (409)
Hash 57dc4131c4acdd3a0cf3373b20867dfb
fbcf9e59e7256464340601209b93f41957796421
fb3f5c8701764880561b19d13686fba2fe01733197c991cec62e5b523cf37423
GET /zclkvisitor/6c126fa2-3252-11f0-8c6a-0affecbaabc5/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381 HTTP/1.1
Host: ravin-hbs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww38.random.claimroblox.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 16 May 2025 12:36:44 GMT
content-type: text/html;charset=UTF-8
content-length: 3088
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type
X-Firefox-Spdy: h2
GET ravin-hbs.com/favicon.ico
404 Not Found 82 B URL GET ravin-hbs.com/favicon.ico
IP
Requested by https://ravin-hbs.com/zclkvisitor/6c126fa2-3252-11f0-8c6a-0affecbaabc5/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
Certificate IssuerAmazon
Subjectravin-hbs.com
Fingerprint8A:92:4D:D9:7E:E0:7E:82:21:D2:63:3F:F9:BF:DB:04:52:77:0B:F7
ValidityMon, 12 May 2025 00:00:00 GMT - Wed, 10 Jun 2026 23:59:59 GMT
Hash 31ee38904600c4ec8f55e2bbbf94085a
7cf5b2d87efacf7d7986693e60dda8e67168f2dc
ee75ce2e51cde57127c0b574d381b1c3f2529b9f54587c4f113b1a43e61bb531
GET /favicon.ico HTTP/1.1
Host: ravin-hbs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ravin-hbs.com/zclkvisitor/6c126fa2-3252-11f0-8c6a-0affecbaabc5/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 16 May 2025 12:36:45 GMT
content-type: application/json
X-Firefox-Spdy: h2
GET dd.prod.captcha-delivery.com/image/2025-05-16/58d6a04efffb06048b301c5693c3e97b.frag.png
200 OK 7.1 kB URL GET dd.prod.captcha-delivery.com/image/2025-05-16/58d6a04efffb06048b301c5693c3e97b.frag.png
IP
Requested by https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAFRTxcPaYSLkAW1oqmg==&cid=Rxrc3QkWOB_wlaks6rASpOZETbcVMxpktDJymeWJkS9m7YJSenF_J2axXP~uPhpqfpV8f4NbGEUz~~TKNxJP0j1IJE65bYs1pd6WyY5DqX_9HgbwXSSsip7Z_znfLQd5&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01JVCHHPGWZD81VS1RESFZ67QW%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=223011d41b379ffdacd9106c7a3349e903efc78022f36d0a6a64e5861c3f8646&ir=36%2C20&dm=dc_ir
Certificate IssuerAmazon
Subjectdd.prod.captcha-delivery.com
Fingerprint78:DE:FA:F7:3D:63:84:2A:F7:68:BE:5E:19:5C:02:C6:7A:A4:A2:DA
ValidityMon, 27 Jan 2025 00:00:00 GMT - Wed, 25 Feb 2026 23:59:59 GMT
File type PNG image data, 63 x 155, 8-bit/color RGBA, non-interlaced
Hash 2f0ea73bd5b6e4f1b9b1760e2df8c481
dbdb9fb5eb31c675f00243952d61caf1f618e071
8dbafde43dc4f072355635eaa92de2907c05d562ca7219e02e2bf8c3ae8a7150
GET /image/2025-05-16/58d6a04efffb06048b301c5693c3e97b.frag.png HTTP/1.1
Host: dd.prod.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 7067
date: Fri, 16 May 2025 00:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3600
last-modified: Mon, 12 May 2025 05:00:16 GMT
x-amz-expiration: expiry-date="Tue, 20 May 2025 00:00:00 GMT", rule-id="auto-clean old captchas image (7 days)"
etag: "2f0ea73bd5b6e4f1b9b1760e2df8c481"
x-amz-server-side-encryption: AES256
x-amz-version-id: jpR1bYbpPFwzOPwg2O2._HVefwFacU4h
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Aux_gqZlRLpvsGMF9_evvV10UagzXsI-doaLsaIdh2Vg7zFGLl2wGQ==
age: 45396
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
GET ww38.random.claimroblox.com/
200 OK 2.9 kB URL User Request GET ww38.random.claimroblox.com/
IP
ASN #61969 Team Internet AG
Certificate IssuerLet's Encrypt
Subjectww38.random.claimroblox.com
Fingerprint4D:D9:73:DA:3A:B2:42:DE:6D:79:06:45:8B:2E:C9:1E:52:F9:F7:9F
ValidityFri, 16 May 2025 02:19:40 GMT - Thu, 14 Aug 2025 02:19:39 GMT
File type HTML document, ASCII text, with very long lines (850)
Hash e68a808cce1d6eb62e1f7ce0d8a3f41b
5cf5ca58e2732dec757833e88107d09663a8aae2
0612f10d282ed526bb18037ae7b58f95a37717d2c4db38f66329e5de7e3c4222
GET / HTTP/1.1
Host: ww38.random.claimroblox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
alt-svc: h3=":8443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 16 May 2025 12:36:43 GMT
server: Caddy, Caddy
vary: Accept-Encoding
x-buckets: bucket003,bucket077
x-domain: claimroblox.com
x-language: norwegian
x-pcrew-blocked-reason: hosting network
x-pcrew-ip-organization: Blix Solutions
x-redirect: zeropark_zeroclick
x-subdomain: ww38.random
x-template: tpl_CleanPeppermintBlack_twoclick
content-length: 1779
X-Firefox-Spdy: h2
GET ww38.random.claimroblox.com/favicon.ico
200 OK 0 B URL GET ww38.random.claimroblox.com/favicon.ico
IP
ASN #61969 Team Internet AG
Requested by https://ww38.random.claimroblox.com/
Certificate IssuerLet's Encrypt
Subjectww38.random.claimroblox.com
Fingerprint4D:D9:73:DA:3A:B2:42:DE:6D:79:06:45:8B:2E:C9:1E:52:F9:F7:9F
ValidityFri, 16 May 2025 02:19:40 GMT - Thu, 14 Aug 2025 02:19:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ww38.random.claimroblox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww38.random.claimroblox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
alt-svc: h3=":8443"; ma=2592000
content-type: image/vnd.microsoft.icon
date: Fri, 16 May 2025 12:36:44 GMT
etag: "d9u66u0hml3k0"
last-modified: Mon, 12 May 2025 12:10:36 GMT
server: Caddy, Caddy
vary: Accept-Encoding
content-length: 0
X-Firefox-Spdy: h2
GET no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D629D01JVCHHPGWZD81VS1RESFZ67QW%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
403 Forbidden 746 B URL User Request GET no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D629D01JVCHHPGWZD81VS1RESFZ67QW%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
IP
ASN #60781 LeaseWeb Netherlands B.V.
Certificate IssuerDigiCert Inc
Subject*.kelkoogroup.net
FingerprintAB:7F:31:B1:66:46:76:99:39:20:8C:5B:A4:03:6B:DE:E6:6B:F4:17
ValidityThu, 26 Sep 2024 00:00:00 GMT - Fri, 10 Oct 2025 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (746), with no line terminators
Hash d84c9438490c2b9227ed71908a6d6dfd
51ed6d4f5af3772e62641fb6b2f733e6e4a2e7fc
c75ab5868123ec4094b6392ae567837432085b7a218b3102dc86a095f4359122
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D629D01JVCHHPGWZD81VS1RESFZ67QW%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kelkoogroup.net/
DNT: 1
Connection: keep-alive
Cookie: kelkooID=a4c6295-196d918da09-3fdd8e
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Pragma: no-cache
X-DD-B: 3
Charset: utf-8
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Set-Cookie: datadome=Rxrc3QkWOB_wlaks6rASpP3UJabeCw5AKK8uNES8xP6vU7rJ4VYLET6AlKP4EPNhme39DAYkvNfmFlzylg_rh2DTIrF0KrL_paxB_gofyJONS~xDmY6yfyz9BFsYp4iY; Max-Age=31104000; Expires=Mon, 11 May 2026 12:36:47 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
X-DataDome: protected
Request-Time: PT0.013632734S
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
X-DataDome-CID: AHrlqAAAAAMAFRTxcPaYSLkAW1oqmg==
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Fri, 16 May 2025 12:36:47 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 746
GET geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAFRTxcPaYSLkAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=Rxrc3QkWOB_wlaks6rASpP3UJabeCw5AKK8uNES8xP6vU7rJ4VYLET6AlKP4EPNhme39DAYkvNfmFlzylg_rh2DTIrF0KrL_paxB_gofyJONS~xDmY6yfyz9BFsYp4iY&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01JVCHHPGWZD81VS1RESFZ67QW%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=1441348&dm=cd
200 OK 550 kB URL GET geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAFRTxcPaYSLkAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=Rxrc3QkWOB_wlaks6rASpP3UJabeCw5AKK8uNES8xP6vU7rJ4VYLET6AlKP4EPNhme39DAYkvNfmFlzylg_rh2DTIrF0KrL_paxB_gofyJONS~xDmY6yfyz9BFsYp4iY&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01JVCHHPGWZD81VS1RESFZ67QW%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=1441348&dm=cd
IP
Requested by https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D629D01JVCHHPGWZD81VS1RESFZ67QW%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
Certificate IssuerAmazon
Subject*.captcha-delivery.com
FingerprintF2:9E:7E:72:25:57:E3:AF:B6:87:61:A0:0D:B1:85:B4:85:82:E6:96
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (61853)
Size 550 kB (550004 bytes)
Hash 9fc79c48fcb92172d2fd9024144e9ef3
a1977af51e7f5097acb5f74a4b6206753a672d88
4098e17ba3ec75d0e2a56a60c4aacce75d91786f39d427294ba623f07fff899e
GET /interstitial/?initialCid=AHrlqAAAAAMAFRTxcPaYSLkAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=Rxrc3QkWOB_wlaks6rASpP3UJabeCw5AKK8uNES8xP6vU7rJ4VYLET6AlKP4EPNhme39DAYkvNfmFlzylg_rh2DTIrF0KrL_paxB_gofyJONS~xDmY6yfyz9BFsYp4iY&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01JVCHHPGWZD81VS1RESFZ67QW%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=1441348&dm=cd HTTP/1.1
Host: geo.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 16 May 2025 12:36:47 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
GET static.captcha-delivery.com/common/fonts/roboto/roboto.woff2
200 OK 16 kB URL GET static.captcha-delivery.com/common/fonts/roboto/roboto.woff2
IP
Requested by https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAFRTxcPaYSLkAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=Rxrc3QkWOB_wlaks6rASpP3UJabeCw5AKK8uNES8xP6vU7rJ4VYLET6AlKP4EPNhme39DAYkvNfmFlzylg_rh2DTIrF0KrL_paxB_gofyJONS~xDmY6yfyz9BFsYp4iY&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01JVCHHPGWZD81VS1RESFZ67QW%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=1441348&dm=cd
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 15688, version 1.0
Hash aa23b7b4bcf2b8f0e876106bb3de69c6
106ac454ba4e503e0a1cd15e1275130918049182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
GET /common/fonts/roboto/roboto.woff2 HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://static.captcha-delivery.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: font/woff2
content-length: 15688
access-control-allow-origin: https://geo.captcha-delivery.com
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
access-control-allow-credentials: true
last-modified: Fri, 06 May 2022 16:47:07 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 May 2025 02:14:37 GMT
etag: "aa23b7b4bcf2b8f0e876106bb3de69c6"
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Z6YMPVmyxNTCFFEOWADcjFW7jUvMCEA0SRoPFGjZheYvmVUNav7kZA==
age: 38226
X-Firefox-Spdy: h2
GET ww38.random.claimroblox.com/munin/a/ls?t=6827315b&token=c3be5de41509b1d0ff716d99d1c833120de09bec
201 Created 0 B URL GET ww38.random.claimroblox.com/munin/a/ls?t=6827315b&token=c3be5de41509b1d0ff716d99d1c833120de09bec
IP
ASN #61969 Team Internet AG
Requested by https://ww38.random.claimroblox.com/
Certificate IssuerLet's Encrypt
Subjectww38.random.claimroblox.com
Fingerprint4D:D9:73:DA:3A:B2:42:DE:6D:79:06:45:8B:2E:C9:1E:52:F9:F7:9F
ValidityFri, 16 May 2025 02:19:40 GMT - Thu, 14 Aug 2025 02:19:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /munin/a/ls?t=6827315b&token=c3be5de41509b1d0ff716d99d1c833120de09bec HTTP/1.1
Host: ww38.random.claimroblox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww38.random.claimroblox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 201 Created
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin:
access-control-max-age: 86400
alt-svc: h3=":8443"; ma=2592000
charset: utf-8
content-type: text/javascript;charset=UTF-8
date: Fri, 16 May 2025 12:36:44 GMT
server: Caddy, Caddy
status: 201 Created
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_NpKUWFDTHfPtIGOVv6B8vOyPwrljd6GuxVlOiqi4DO6Z0Hy8UHMg/YskYT7VivPR5lci7n1AJ7QvHnifSjG2FA==
x-log-success: 6827315c31722247ed06aac1
content-length: 0
X-Firefox-Spdy: h2
GET static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/index.css
200 OK 6.2 kB URL GET static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/index.css
IP
Requested by https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAFRTxcPaYSLkAW1oqmg==&cid=Rxrc3QkWOB_wlaks6rASpOZETbcVMxpktDJymeWJkS9m7YJSenF_J2axXP~uPhpqfpV8f4NbGEUz~~TKNxJP0j1IJE65bYs1pd6WyY5DqX_9HgbwXSSsip7Z_znfLQd5&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01JVCHHPGWZD81VS1RESFZ67QW%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=223011d41b379ffdacd9106c7a3349e903efc78022f36d0a6a64e5861c3f8646&ir=36%2C20&dm=dc_ir
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 1f113f0b6d6855568c684e354bb853d1
2a2fbd27d5408fa3e53c74f04b7790ab1aea9b2c
d49fce4d3745c6d9f755f6be625eb218238baec337cfdb30be0e87d8c0ff6653
GET /captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/index.css HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 11 Apr 2024 08:21:58 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
date: Fri, 16 May 2025 00:51:48 GMT
etag: W/"1f113f0b6d6855568c684e354bb853d1"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YcQ9ddoceYXyftfoq1O3ojBuoVBCoV7Sg3pyg6OMThhjVKIt6ay6-A==
age: 42304
X-Firefox-Spdy: h2
GET static.captcha-delivery.com/common/fonts/roboto/roboto.woff2
200 OK 16 kB URL GET static.captcha-delivery.com/common/fonts/roboto/roboto.woff2
IP
Requested by https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAFRTxcPaYSLkAW1oqmg==&cid=Rxrc3QkWOB_wlaks6rASpOZETbcVMxpktDJymeWJkS9m7YJSenF_J2axXP~uPhpqfpV8f4NbGEUz~~TKNxJP0j1IJE65bYs1pd6WyY5DqX_9HgbwXSSsip7Z_znfLQd5&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01JVCHHPGWZD81VS1RESFZ67QW%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=223011d41b379ffdacd9106c7a3349e903efc78022f36d0a6a64e5861c3f8646&ir=36%2C20&dm=dc_ir
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 15688, version 1.0
Hash aa23b7b4bcf2b8f0e876106bb3de69c6
106ac454ba4e503e0a1cd15e1275130918049182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
GET /common/fonts/roboto/roboto.woff2 HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://static.captcha-delivery.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: font/woff2
content-length: 15688
access-control-allow-origin: https://geo.captcha-delivery.com
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
access-control-allow-credentials: true
last-modified: Fri, 06 May 2022 16:47:07 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 May 2025 02:14:37 GMT
etag: "aa23b7b4bcf2b8f0e876106bb3de69c6"
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Huc412WF8pzjbT9_TYBgB1znG5QU4JO8itRBPiJ8eN-7Q2fVicUhlA==
age: 38230
X-Firefox-Spdy: h2
GET d38psrni17bvxu.cloudfront.net/scripts/js3.js
200 OK 1.1 kB URL GET d38psrni17bvxu.cloudfront.net/scripts/js3.js
IP
Requested by https://ww38.random.claimroblox.com/
Certificate IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT
File type ASCII text, with very long lines (475)
Hash f0efa0cdd18cbb4afaf3ba408af8d9c9
7bd63f94c5356df9b7c49344459a6e527490c458
1ea543e1c0e8e7656a0846a397055ed10469c05c5ab555076f850df0b557d3f9
GET /scripts/js3.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww38.random.claimroblox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 453
server: nginx
date: Fri, 16 May 2025 03:57:25 GMT
content-encoding: gzip
last-modified: Wed, 29 Jan 2025 07:52:18 GMT
etag: "d7ee6y3j8oz5uy-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193fe983778f7496cce206a132f2e55a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: w_OWBIrC31laSix3jVGO6G5uXPaFeFb4v3t_RDGIr6kztJl2wcOiug==
age: 31158
X-Firefox-Spdy: h2
GET ct.captcha-delivery.com/i.js
200 OK 13 kB URL GET ct.captcha-delivery.com/i.js
IP
Requested by https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D629D01JVCHHPGWZD81VS1RESFZ67QW%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type JavaScript source, ASCII text
Hash c289d6c8b0e743fd024d52618d546f20
cd29405db7518c6943bacc943ac35c3d314ac722
8d973ba5eafa4328ff1feaefd70cccd0472b8af0c006285ba63eed00977935cc
GET /i.js HTTP/1.1
Host: ct.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 12996
date: Thu, 15 May 2025 14:01:19 GMT
last-modified: Mon, 17 Feb 2025 09:53:49 GMT
etag: "c289d6c8b0e743fd024d52618d546f20"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1mkhVRkYyGxdvXIa0s3CnmdMI9yOI_rVWzPwRXI40ZNm8cOKuB07Yg==
age: 81329
X-Firefox-Spdy: h2
GET static.captcha-delivery.com/captcha/assets/tpl/device-check/index.css
200 OK 3.7 kB URL GET static.captcha-delivery.com/captcha/assets/tpl/device-check/index.css
IP
Requested by https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAFRTxcPaYSLkAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=Rxrc3QkWOB_wlaks6rASpP3UJabeCw5AKK8uNES8xP6vU7rJ4VYLET6AlKP4EPNhme39DAYkvNfmFlzylg_rh2DTIrF0KrL_paxB_gofyJONS~xDmY6yfyz9BFsYp4iY&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01JVCHHPGWZD81VS1RESFZ67QW%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=1441348&dm=cd
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
Hash d24f433ae1916185b0e4e20ed76cb64b
e0c8d4c58b7d0983f9b4042bea94c014cd5ec668
f40a7b02a8a2d420aa9d4cb5b0b26a92468828984fdc4b0d1202de4e24f59859
GET /captcha/assets/tpl/device-check/index.css HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 08 Feb 2024 08:41:29 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
date: Fri, 16 May 2025 01:20:03 GMT
etag: W/"d24f433ae1916185b0e4e20ed76cb64b"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mDX63Ya1n6KLJ0dTWMW6v5MgqU8Cn4mOm0OiQCfpMXe1CG0pRMLYrQ==
age: 40643
X-Firefox-Spdy: h2
GET geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAFRTxcPaYSLkAW1oqmg==&cid=Rxrc3QkWOB_wlaks6rASpOZETbcVMxpktDJymeWJkS9m7YJSenF_J2axXP~uPhpqfpV8f4NbGEUz~~TKNxJP0j1IJE65bYs1pd6WyY5DqX_9HgbwXSSsip7Z_znfLQd5&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01JVCHHPGWZD81VS1RESFZ67QW%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=223011d41b379ffdacd9106c7a3349e903efc78022f36d0a6a64e5861c3f8646&ir=36%2C20&dm=dc_ir
200 OK 644 kB URL GET geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAFRTxcPaYSLkAW1oqmg==&cid=Rxrc3QkWOB_wlaks6rASpOZETbcVMxpktDJymeWJkS9m7YJSenF_J2axXP~uPhpqfpV8f4NbGEUz~~TKNxJP0j1IJE65bYs1pd6WyY5DqX_9HgbwXSSsip7Z_znfLQd5&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01JVCHHPGWZD81VS1RESFZ67QW%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=223011d41b379ffdacd9106c7a3349e903efc78022f36d0a6a64e5861c3f8646&ir=36%2C20&dm=dc_ir
IP
Requested by https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D629D01JVCHHPGWZD81VS1RESFZ67QW%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
Certificate IssuerAmazon
Subject*.captcha-delivery.com
FingerprintF2:9E:7E:72:25:57:E3:AF:B6:87:61:A0:0D:B1:85:B4:85:82:E6:96
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (40954)
Size 644 kB (643707 bytes)
Hash bb59435e1040cdac2534fd03f8823d94
6fa69322f01cc3efde8e8a2d87bd8d1770f29264
4cf6183ba5d605d547d8e96dcce40f3d8e4a1e85ff31ec287687835fbafa8a9d
GET /captcha/?initialCid=AHrlqAAAAAMAFRTxcPaYSLkAW1oqmg==&cid=Rxrc3QkWOB_wlaks6rASpOZETbcVMxpktDJymeWJkS9m7YJSenF_J2axXP~uPhpqfpV8f4NbGEUz~~TKNxJP0j1IJE65bYs1pd6WyY5DqX_9HgbwXSSsip7Z_znfLQd5&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01JVCHHPGWZD81VS1RESFZ67QW%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=223011d41b379ffdacd9106c7a3349e903efc78022f36d0a6a64e5861c3f8646&ir=36%2C20&dm=dc_ir HTTP/1.1
Host: geo.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAFRTxcPaYSLkAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=Rxrc3QkWOB_wlaks6rASpP3UJabeCw5AKK8uNES8xP6vU7rJ4VYLET6AlKP4EPNhme39DAYkvNfmFlzylg_rh2DTIrF0KrL_paxB_gofyJONS~xDmY6yfyz9BFsYp4iY&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01JVCHHPGWZD81VS1RESFZ67QW%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=1441348&dm=cd
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 16 May 2025 12:36:50 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
GET static.captcha-delivery.com/common/fonts/roboto/roboto.woff2
200 OK 16 kB URL GET static.captcha-delivery.com/common/fonts/roboto/roboto.woff2
IP
Requested by https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAFRTxcPaYSLkAW1oqmg==&cid=Rxrc3QkWOB_wlaks6rASpOZETbcVMxpktDJymeWJkS9m7YJSenF_J2axXP~uPhpqfpV8f4NbGEUz~~TKNxJP0j1IJE65bYs1pd6WyY5DqX_9HgbwXSSsip7Z_znfLQd5&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01JVCHHPGWZD81VS1RESFZ67QW%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=223011d41b379ffdacd9106c7a3349e903efc78022f36d0a6a64e5861c3f8646&ir=36%2C20&dm=dc_ir
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 15688, version 1.0
Hash aa23b7b4bcf2b8f0e876106bb3de69c6
106ac454ba4e503e0a1cd15e1275130918049182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
GET /common/fonts/roboto/roboto.woff2 HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://static.captcha-delivery.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: font/woff2
content-length: 15688
access-control-allow-origin: https://geo.captcha-delivery.com
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
access-control-allow-credentials: true
last-modified: Fri, 06 May 2022 16:47:07 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 May 2025 02:14:37 GMT
etag: "aa23b7b4bcf2b8f0e876106bb3de69c6"
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zjByz_SEzmAtqAMpZaCQuPwW38PUJC9Fv5HjiufAUuWB0BKY5BIN2Q==
age: 38235
X-Firefox-Spdy: h2
GET ww38.random.claimroblox.com/munin/a/tr/click?click=578ce0114747e1cba306c81e0b743acb70ceefa5&domain=claimroblox.com&uid=MTc0NzM5OTAwMi44Nzc4OjM0MzBhMTZkZDQyMzJkNGU1NDVjNWE5NGI5M2QwODM1Mjg3MGU0NTM4ZTI0NmU3YzI0NTg0MTFjZDBhNWJlNjY6NjgyNzMxNWFkNjUwNw%3D%3D&ts=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.bLticrA31IoVXqdB99vk1amOfyr9DkpD8yaV1p0q4WF-ipLEuoSGvw.i6x0dCIQ1nlqClFjPGItuA.hJeN9tGaD8RWHLk6bjSqIeSBTj6lxEOBhTJ-hZg1KCe1ANtfd-vO1_rAQOd-fvlnaqaBYWpy13oV1teOWQNzIcBcgHM1Eeh_cQpNUnzHYXZbuulhTvvdWX_QRb0atavdjXTpNCVE5_rlwAHRIfdA88nqFDEtWxv5GaCTBM3QgpQVPE3AQLpT0mKXtAun61huEv7dJDpfLVq34CM-jc6W69A7Aev8gyWE_4TugPYxITtFWh69cEeOtVNCuPLzCFwAB2cYF4lVqlrZs3zqe-0RivjwQz0WcUbJ5LSp8rpSJkoQsSLfRUBUgYQH613zm8N4fo_4XIAOaQlY-cqKbDEXzIiLrOrgAk7uUqt-VIBWQrdMl6lOnbjPRHPYMxZr-q9or8loIK6m3e2O7dz6jC2F8LILsGXT84BM9uf215c6W41EN4ChP1S91A-6lhwpUXxJvreekFKLU1DSTN_Sn8XQeHUB4zBVMQdeL9oqEqgerNqeOFCLB2tKXBT-6JkN4-IgOrytxWftv-Njnq5PXEnpu3eftp2XPBKl_fdW-wJFEHFB8I_P54MUZNgQjVAVe8gX_mLPbmHLomyEfrXXBcJyiq0HcaV1XVY_SmNvUFeUpYyKkZ671tcEB4Nv1doSktbA.xOaygB1QeE-0Ubx5FlAVSw&kw=&search=&pcat=&bucket=&clientID=&adtest=off
200 OK 0 B URL GET ww38.random.claimroblox.com/munin/a/tr/click?click=578ce0114747e1cba306c81e0b743acb70ceefa5&domain=claimroblox.com&uid=MTc0NzM5OTAwMi44Nzc4OjM0MzBhMTZkZDQyMzJkNGU1NDVjNWE5NGI5M2QwODM1Mjg3MGU0NTM4ZTI0NmU3YzI0NTg0MTFjZDBhNWJlNjY6NjgyNzMxNWFkNjUwNw%3D%3D&ts=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.bLticrA31IoVXqdB99vk1amOfyr9DkpD8yaV1p0q4WF-ipLEuoSGvw.i6x0dCIQ1nlqClFjPGItuA.hJeN9tGaD8RWHLk6bjSqIeSBTj6lxEOBhTJ-hZg1KCe1ANtfd-vO1_rAQOd-fvlnaqaBYWpy13oV1teOWQNzIcBcgHM1Eeh_cQpNUnzHYXZbuulhTvvdWX_QRb0atavdjXTpNCVE5_rlwAHRIfdA88nqFDEtWxv5GaCTBM3QgpQVPE3AQLpT0mKXtAun61huEv7dJDpfLVq34CM-jc6W69A7Aev8gyWE_4TugPYxITtFWh69cEeOtVNCuPLzCFwAB2cYF4lVqlrZs3zqe-0RivjwQz0WcUbJ5LSp8rpSJkoQsSLfRUBUgYQH613zm8N4fo_4XIAOaQlY-cqKbDEXzIiLrOrgAk7uUqt-VIBWQrdMl6lOnbjPRHPYMxZr-q9or8loIK6m3e2O7dz6jC2F8LILsGXT84BM9uf215c6W41EN4ChP1S91A-6lhwpUXxJvreekFKLU1DSTN_Sn8XQeHUB4zBVMQdeL9oqEqgerNqeOFCLB2tKXBT-6JkN4-IgOrytxWftv-Njnq5PXEnpu3eftp2XPBKl_fdW-wJFEHFB8I_P54MUZNgQjVAVe8gX_mLPbmHLomyEfrXXBcJyiq0HcaV1XVY_SmNvUFeUpYyKkZ671tcEB4Nv1doSktbA.xOaygB1QeE-0Ubx5FlAVSw&kw=&search=&pcat=&bucket=&clientID=&adtest=off
IP
ASN #61969 Team Internet AG
Requested by https://ww38.random.claimroblox.com/
Certificate IssuerLet's Encrypt
Subjectww38.random.claimroblox.com
Fingerprint4D:D9:73:DA:3A:B2:42:DE:6D:79:06:45:8B:2E:C9:1E:52:F9:F7:9F
ValidityFri, 16 May 2025 02:19:40 GMT - Thu, 14 Aug 2025 02:19:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /munin/a/tr/click?click=578ce0114747e1cba306c81e0b743acb70ceefa5&domain=claimroblox.com&uid=MTc0NzM5OTAwMi44Nzc4OjM0MzBhMTZkZDQyMzJkNGU1NDVjNWE5NGI5M2QwODM1Mjg3MGU0NTM4ZTI0NmU3YzI0NTg0MTFjZDBhNWJlNjY6NjgyNzMxNWFkNjUwNw%3D%3D&ts=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.bLticrA31IoVXqdB99vk1amOfyr9DkpD8yaV1p0q4WF-ipLEuoSGvw.i6x0dCIQ1nlqClFjPGItuA.hJeN9tGaD8RWHLk6bjSqIeSBTj6lxEOBhTJ-hZg1KCe1ANtfd-vO1_rAQOd-fvlnaqaBYWpy13oV1teOWQNzIcBcgHM1Eeh_cQpNUnzHYXZbuulhTvvdWX_QRb0atavdjXTpNCVE5_rlwAHRIfdA88nqFDEtWxv5GaCTBM3QgpQVPE3AQLpT0mKXtAun61huEv7dJDpfLVq34CM-jc6W69A7Aev8gyWE_4TugPYxITtFWh69cEeOtVNCuPLzCFwAB2cYF4lVqlrZs3zqe-0RivjwQz0WcUbJ5LSp8rpSJkoQsSLfRUBUgYQH613zm8N4fo_4XIAOaQlY-cqKbDEXzIiLrOrgAk7uUqt-VIBWQrdMl6lOnbjPRHPYMxZr-q9or8loIK6m3e2O7dz6jC2F8LILsGXT84BM9uf215c6W41EN4ChP1S91A-6lhwpUXxJvreekFKLU1DSTN_Sn8XQeHUB4zBVMQdeL9oqEqgerNqeOFCLB2tKXBT-6JkN4-IgOrytxWftv-Njnq5PXEnpu3eftp2XPBKl_fdW-wJFEHFB8I_P54MUZNgQjVAVe8gX_mLPbmHLomyEfrXXBcJyiq0HcaV1XVY_SmNvUFeUpYyKkZ671tcEB4Nv1doSktbA.xOaygB1QeE-0Ubx5FlAVSw&kw=&search=&pcat=&bucket=&clientID=&adtest=off HTTP/1.1
Host: ww38.random.claimroblox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww38.random.claimroblox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
access-control-allow-origin: *
alt-svc: h3=":8443"; ma=2592000
content-type: text/html; charset=UTF-8
date: Fri, 16 May 2025 12:36:44 GMT
server: Caddy, Caddy
x-custom-track: none
x-view-match: true
content-length: 0
X-Firefox-Spdy: h2
GET arveaoy.com/double?t=2&d=eyJVUkwiOiJodHRwczovL2FwaS55YWRvcmUuY29tL3YyL2Q_dXJsPWh0dHBzJTNBJTJGJTJGd3d3LmZhcm1hc2lldC5ub1x1MDAyNm1hcmtldD1ub1x1MDAyNnByb2plY3RJZD1TZGU0Nm9wUkhKRFhcdTAwMjZwbGFjZW1lbnRJZD01Q0tUdHlobkVoY0giLCJSZWRpcmVjdFdvcmRpbmciOiIgIiwiUmVkaXJlY3RUaXRsZSI6IlJlZGlyZWN0aW9uLi4uIiwiUmVkaXJlY3RMaW5rVGV4dCI6IiAiLCJJbnN0YWxsSWQiOjIwMDF9
200 OK 780 B URL User Request GET arveaoy.com/double?t=2&d=eyJVUkwiOiJodHRwczovL2FwaS55YWRvcmUuY29tL3YyL2Q_dXJsPWh0dHBzJTNBJTJGJTJGd3d3LmZhcm1hc2lldC5ub1x1MDAyNm1hcmtldD1ub1x1MDAyNnByb2plY3RJZD1TZGU0Nm9wUkhKRFhcdTAwMjZwbGFjZW1lbnRJZD01Q0tUdHlobkVoY0giLCJSZWRpcmVjdFdvcmRpbmciOiIgIiwiUmVkaXJlY3RUaXRsZSI6IlJlZGlyZWN0aW9uLi4uIiwiUmVkaXJlY3RMaW5rVGV4dCI6IiAiLCJJbnN0YWxsSWQiOjIwMDF9
IP
Certificate IssuerLet's Encrypt
Subjectarveaoy.com
Fingerprint18:24:ED:D6:E3:2E:3D:5B:DD:F8:09:47:D2:D7:9D:37:8D:B0:30:09
ValidityFri, 18 Apr 2025 00:17:54 GMT - Thu, 17 Jul 2025 00:17:53 GMT
File type HTML document, ASCII text
Hash 40298acb7cd26575480ed85b028fb1c1
85f554390311d91954153e09fd5ebcd29a24e0da
73ece8b19bfd2b8a2ae8f892c73ad36c2f4750b9df90fa3aada30153267a7aaa
GET /double?t=2&d=eyJVUkwiOiJodHRwczovL2FwaS55YWRvcmUuY29tL3YyL2Q_dXJsPWh0dHBzJTNBJTJGJTJGd3d3LmZhcm1hc2lldC5ub1x1MDAyNm1hcmtldD1ub1x1MDAyNnByb2plY3RJZD1TZGU0Nm9wUkhKRFhcdTAwMjZwbGFjZW1lbnRJZD01Q0tUdHlobkVoY0giLCJSZWRpcmVjdFdvcmRpbmciOiIgIiwiUmVkaXJlY3RUaXRsZSI6IlJlZGlyZWN0aW9uLi4uIiwiUmVkaXJlY3RMaW5rVGV4dCI6IiAiLCJJbnN0YWxsSWQiOjIwMDF9 HTTP/1.1
Host: arveaoy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ClickDataNG=H4sIAAAAAAAA_7RUbW_bNhD-K8YBATZAkalXWyqMInWWtVtehqUd-mHAQJMnmwtNakdKsdP2vw-UlMwY8rWfznfP4-O9PKcv0CM5ZQ3UkMQsZhCBP7YINYvAdZuPz7-FNT2SRwl1w7XDCIRW4uGDhBqK9a8f_XFnftqJ9xCB5B6hThb5IqsqxooIBN-3XG1NYOd5kVQRKLf-7eIlF1nPvbIDISmLbBkBdRqDyyIglIpQ-Bv0OyuhLiJwtiMx4FkWgeZGKrOd6JP3iTTUABHYpkEKWJpmSRbBhrgRu4k8gCN1533r6vmctyo-cmkJY2H38z6dy7cd6dWAn2UXZ-nVWXr1-PgYN5z23Cn0sbF_doyl5Z7TA_rVs9uS_RuF_yBX9xLz0ra_v__l8vOEaS5wjyag_5ugsM5DzeJheIQ9mm7cQsuPtvP_Fb7uiNCII9Tw6f4SIuhInXZCPXJ7HNoY1vXWU6_katjBWAUevJKrJypFkpYNT7O0SJOkYUtRcsabBsWG840oZJNjlojlclEu8rTkleRywzHLN4ulwHLBKlaluVwuRZOUXCYpH_OHVlZDJ4yxMeQ5bZVcKSMVP1fm4bxnRfHPgZFejAQnntqV5h5JeWU7d95wLayBCFR7ISWhc1BDlcQVi_M0Tor8FCrHrXcO6WKLxkMNN_ZJac3nRcxmP3xOkjeza2W6w-ywLP8q8zcz6uuqjNmPs59RPNh5yhLGEpbMrhRhYw_zAELYRIOEBDUQ75U5321cGG2QPPZK4Mux2FDf8ESQn_vj5cQgqM8-uiHJlP3l7--IGzmSxsCNlahPA7d8j6MvxrdgzTca55f312ECroUa3ml1mN1b3YV7coOYOuMpSOT2bmhiO9Zye_f1653TdrYOhGNgKn88ASDojdD4dZDOdEuktspctychT9w4LsbzdVCbTusIROe83UP9ZRIzPGsAIsCDRzJcDx-P7yE9iKBnY3V9AjW8JrWApRMngxpe1VufT4xispO4-sVkl5Otgv327d8AAAD__-Qr6lxPBQAA; ClickDataNgFall=H4sIAAAAAAAA_7RUbW_bNhD-K8YBATZAkalXWyqMInWWtVtehqUd-mHAQJMnmwtNakdKsdP2vw-UlMwY8rWfznfP4-O9PKcv0CM5ZQ3UkMQsZhCBP7YINYvAdZuPz7-FNT2SRwl1w7XDCIRW4uGDhBqK9a8f_XFnftqJ9xCB5B6hThb5IqsqxooIBN-3XG1NYOd5kVQRKLf-7eIlF1nPvbIDISmLbBkBdRqDyyIglIpQ-Bv0OyuhLiJwtiMx4FkWgeZGKrOd6JP3iTTUABHYpkEKWJpmSRbBhrgRu4k8gCN1533r6vmctyo-cmkJY2H38z6dy7cd6dWAn2UXZ-nVWXr1-PgYN5z23Cn0sbF_doyl5Z7TA_rVs9uS_RuF_yBX9xLz0ra_v__l8vOEaS5wjyag_5ugsM5DzeJheIQ9mm7cQsuPtvP_Fb7uiNCII9Tw6f4SIuhInXZCPXJ7HNoY1vXWU6_katjBWAUevJKrJypFkpYNT7O0SJOkYUtRcsabBsWG840oZJNjlojlclEu8rTkleRywzHLN4ulwHLBKlaluVwuRZOUXCYpH_OHVlZDJ4yxMeQ5bZVcKSMVP1fm4bxnRfHPgZFejAQnntqV5h5JeWU7d95wLayBCFR7ISWhc1BDlcQVi_M0Tor8FCrHrXcO6WKLxkMNN_ZJac3nRcxmP3xOkjeza2W6w-ywLP8q8zcz6uuqjNmPs59RPNh5yhLGEpbMrhRhYw_zAELYRIOEBDUQ75U5321cGG2QPPZK4Mux2FDf8ESQn_vj5cQgqM8-uiHJlP3l7--IGzmSxsCNlahPA7d8j6MvxrdgzTca55f312ECroUa3ml1mN1b3YV7coOYOuMpSOT2bmhiO9Zye_f1653TdrYOhGNgKn88ASDojdD4dZDOdEuktspctychT9w4LsbzdVCbTusIROe83UP9ZRIzPGsAIsCDRzJcDx-P7yE9iKBnY3V9AjW8JrWApRMngxpe1VufT4xispO4-sVkl5Otgv327d8AAAD__-Qr6lxPBQAA
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 16 May 2025 12:36:46 GMT
content-type: text/html; charset=utf-8
content-length: 780
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
X-Firefox-Spdy: h2
GET api.yadore.com/v2/d?url=https%3A%2F%2Fwww.farmasiet.no&market=no&projectId=Sde46opRHJDX&placementId=5CKTtyhnEhcH
302 Found 249 kB URL User Request GET api.yadore.com/v2/d?url=https%3A%2F%2Fwww.farmasiet.no&market=no&projectId=Sde46opRHJDX&placementId=5CKTtyhnEhcH
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subjectyadore.com
FingerprintF7:B8:AC:53:49:AE:DB:B0:9F:2A:35:37:6D:D6:7A:A1:47:57:B1:7F
ValidityWed, 09 Apr 2025 08:46:45 GMT - Tue, 08 Jul 2025 08:46:44 GMT
Size 249 kB (248564 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/d?url=https%3A%2F%2Fwww.farmasiet.no&market=no&projectId=Sde46opRHJDX&placementId=5CKTtyhnEhcH HTTP/1.1
Host: api.yadore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, API-Key
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: *
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
date: Fri, 16 May 2025 12:36:46 GMT
location: https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fwww.farmasiet.no&custom1=1ae866aec493ae5110e12cc730ef62852e28d3ba063ef7adf70629a706117943&publisherSubId=Sde46opRHJDX&publisherTrafficType=publishernetwork&originReferer=https%253A%252F%252Fwww.yadore.com
referrer-policy: no-referrer
server: nginx
x-powered-by: PHP/8.3.21
X-Firefox-Spdy: h2
GET static.captcha-delivery.com/common/fonts/roboto/font-face.css
200 OK 519 B URL GET static.captcha-delivery.com/common/fonts/roboto/font-face.css
IP
Requested by https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAFRTxcPaYSLkAW1oqmg==&cid=Rxrc3QkWOB_wlaks6rASpOZETbcVMxpktDJymeWJkS9m7YJSenF_J2axXP~uPhpqfpV8f4NbGEUz~~TKNxJP0j1IJE65bYs1pd6WyY5DqX_9HgbwXSSsip7Z_znfLQd5&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01JVCHHPGWZD81VS1RESFZ67QW%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=223011d41b379ffdacd9106c7a3349e903efc78022f36d0a6a64e5861c3f8646&ir=36%2C20&dm=dc_ir
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
Hash e4f77074c0ffbfab377011e19283eb13
9160259165ca1ef84209d4dd675c3ed367babff1
66599c34190f7a6a402b38664a30a9b564fc22510f51fa3c5f027fb91e7a0e51
GET /common/fonts/roboto/font-face.css HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
content-length: 519
last-modified: Fri, 19 Jul 2024 12:42:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 May 2025 00:51:43 GMT
etag: "e4f77074c0ffbfab377011e19283eb13"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RSTcHV18OPHTLLPKyp7yT07H6sBSX9NPcrA4aNVi3L1vuQz4I43YSA==
age: 42308
X-Firefox-Spdy: h2
GET ww38.random.claimroblox.com/munin/a/tr/browserjs?domain=claimroblox.com&toggle=browserjs&uid=MTc0NzM5OTAwMi44Nzc4OjM0MzBhMTZkZDQyMzJkNGU1NDVjNWE5NGI5M2QwODM1Mjg3MGU0NTM4ZTI0NmU3YzI0NTg0MTFjZDBhNWJlNjY6NjgyNzMxNWFkNjUwNw%3D%3D
200 OK 0 B URL GET ww38.random.claimroblox.com/munin/a/tr/browserjs?domain=claimroblox.com&toggle=browserjs&uid=MTc0NzM5OTAwMi44Nzc4OjM0MzBhMTZkZDQyMzJkNGU1NDVjNWE5NGI5M2QwODM1Mjg3MGU0NTM4ZTI0NmU3YzI0NTg0MTFjZDBhNWJlNjY6NjgyNzMxNWFkNjUwNw%3D%3D
IP
ASN #61969 Team Internet AG
Requested by https://ww38.random.claimroblox.com/
Certificate IssuerLet's Encrypt
Subjectww38.random.claimroblox.com
Fingerprint4D:D9:73:DA:3A:B2:42:DE:6D:79:06:45:8B:2E:C9:1E:52:F9:F7:9F
ValidityFri, 16 May 2025 02:19:40 GMT - Thu, 14 Aug 2025 02:19:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /munin/a/tr/browserjs?domain=claimroblox.com&toggle=browserjs&uid=MTc0NzM5OTAwMi44Nzc4OjM0MzBhMTZkZDQyMzJkNGU1NDVjNWE5NGI5M2QwODM1Mjg3MGU0NTM4ZTI0NmU3YzI0NTg0MTFjZDBhNWJlNjY6NjgyNzMxNWFkNjUwNw%3D%3D HTTP/1.1
Host: ww38.random.claimroblox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww38.random.claimroblox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime: 30
access-control-allow-origin: *
alt-svc: h3=":8443"; ma=2592000
content-type: text/html; charset=UTF-8
date: Fri, 16 May 2025 12:36:44 GMT
server: Caddy, Caddy
x-custom-track: browserjs
content-length: 0
X-Firefox-Spdy: h2
GET static.captcha-delivery.com/common/fonts/roboto/font-face.css
200 OK 519 B URL GET static.captcha-delivery.com/common/fonts/roboto/font-face.css
IP
Requested by https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAFRTxcPaYSLkAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=Rxrc3QkWOB_wlaks6rASpP3UJabeCw5AKK8uNES8xP6vU7rJ4VYLET6AlKP4EPNhme39DAYkvNfmFlzylg_rh2DTIrF0KrL_paxB_gofyJONS~xDmY6yfyz9BFsYp4iY&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01JVCHHPGWZD81VS1RESFZ67QW%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=1441348&dm=cd
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
Hash e4f77074c0ffbfab377011e19283eb13
9160259165ca1ef84209d4dd675c3ed367babff1
66599c34190f7a6a402b38664a30a9b564fc22510f51fa3c5f027fb91e7a0e51
GET /common/fonts/roboto/font-face.css HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
content-length: 519
last-modified: Fri, 19 Jul 2024 12:42:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 May 2025 00:51:43 GMT
etag: "e4f77074c0ffbfab377011e19283eb13"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5PMx09iwmKWg8ewDsSsrIY2nIV8lED8FbYyr6IMXd2fxkTDqgI7V3A==
age: 42306
X-Firefox-Spdy: h2
GET api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fwww.farmasiet.no&custom1=1ae866aec493ae5110e12cc730ef62852e28d3ba063ef7adf70629a706117943&publisherSubId=Sde46opRHJDX&publisherTrafficType=publishernetwork&originReferer=https%253A%252F%252Fwww.yadore.com
200 OK 249 kB URL User Request GET api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fwww.farmasiet.no&custom1=1ae866aec493ae5110e12cc730ef62852e28d3ba063ef7adf70629a706117943&publisherSubId=Sde46opRHJDX&publisherTrafficType=publishernetwork&originReferer=https%253A%252F%252Fwww.yadore.com
IP
Certificate IssuerAmazon
Subjectapi.kelkoogroup.net
FingerprintDE:F8:09:ED:61:51:96:48:CB:23:37:6D:A6:4F:C8:7C:0C:15:69:2D
ValidityMon, 18 Nov 2024 00:00:00 GMT - Tue, 16 Dec 2025 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (31608)
Size 249 kB (248564 bytes)
Hash cb88f976ef63913a03042c144b040406
d8a6d38aaa10878c7531ce14dad0a65cb5f1f97a
ab5d77178c0c5cc7c58f37e76cff46d809a44a2396240f3a4f01b8ad6e160f50
GET /publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fwww.farmasiet.no&custom1=1ae866aec493ae5110e12cc730ef62852e28d3ba063ef7adf70629a706117943&publisherSubId=Sde46opRHJDX&publisherTrafficType=publishernetwork&originReferer=https%253A%252F%252Fwww.yadore.com HTTP/1.1
Host: api.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 248564
leadid: 629D01JVCHHPGWZD81VS1RESFZ67QW
pragma: no-cache
x-dd-b: 3
charset: utf-8
clickid: 107698149_1747399006729_36109893
country: no
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
set-cookie: datadome=WAS1P7Fo03j8CL4pD2~6Vm1DQFTz3UDCQFz6dqkrLYQiaxAWJzKdORrFwPiC8CXqON1fG9zmA_9bGQjEQ1vYSERqQuJgBpO1WwelrT4UHzk~W3ydzkfcQ1zuVxCJUQtU; Max-Age=31104000; Expires=Mon, 11 May 2026 12:36:46 GMT; SameSite=Lax; Path=/; Domain=.kelkoo.net; Secure
kelkooID=a4c6295-196d918da09-3fdd8e; Max-Age=31536000; Expires=Sat, 16 May 2026 12:36:46 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
x-datadome: protected
request-time: PT0.035598678S
x-robots-tag: noindex,nofollow
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
x-datadome-cid: AHrlqAAAAAMA1ISqbZIxS84AW1oqmg==
referrer-policy: origin-when-cross-origin
x-frame-options: ALLOWALL
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
date: Fri, 16 May 2025 12:36:46 GMT
x-gravitee-transaction-id: 5dd24765-ec1f-44a2-9247-65ec1f04a2e8
x-gravitee-request-id: 5dd24765-ec1f-44a2-9247-65ec1f04a2e8
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: z-ff0pG_0s6khivyTVnA8Peytr4LS2XMYAkvsOAtDRDpaK9vfB_XAA==
X-Firefox-Spdy: h2
GET no-go.kelkoogroup.net/favicon.ico
404 Not Found 1.1 kB URL GET no-go.kelkoogroup.net/favicon.ico
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D629D01JVCHHPGWZD81VS1RESFZ67QW%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
Certificate IssuerDigiCert Inc
Subject*.kelkoogroup.net
FingerprintAB:7F:31:B1:66:46:76:99:39:20:8C:5B:A4:03:6B:DE:E6:6B:F4:17
ValidityThu, 26 Sep 2024 00:00:00 GMT - Fri, 10 Oct 2025 23:59:59 GMT
File type HTML document, ASCII text
Hash 8560de521c4990c7c870121fc9643508
0cacf7a6b96cceeb6ceae74d5f14dc87406a6f39
73a434285c3a752bc8c44aebd50e10f1a766853cbc7184e78d5c934c7b52b620
GET /favicon.ico HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D629D01JVCHHPGWZD81VS1RESFZ67QW%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
DNT: 1
Connection: keep-alive
Cookie: kelkooID=a4c6295-196d918da09-3fdd8e; datadome=Rxrc3QkWOB_wlaks6rASpP3UJabeCw5AKK8uNES8xP6vU7rJ4VYLET6AlKP4EPNhme39DAYkvNfmFlzylg_rh2DTIrF0KrL_paxB_gofyJONS~xDmY6yfyz9BFsYp4iY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Request-Time: PT0.000620189S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'none'
X-Permitted-Cross-Domain-Policies: master-only
Date: Fri, 16 May 2025 12:36:47 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1144
POST geo.captcha-delivery.com/interstitial/
200 OK 1.8 kB URL POST geo.captcha-delivery.com/interstitial/
IP
Requested by https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAFRTxcPaYSLkAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=Rxrc3QkWOB_wlaks6rASpP3UJabeCw5AKK8uNES8xP6vU7rJ4VYLET6AlKP4EPNhme39DAYkvNfmFlzylg_rh2DTIrF0KrL_paxB_gofyJONS~xDmY6yfyz9BFsYp4iY&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01JVCHHPGWZD81VS1RESFZ67QW%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=1441348&dm=cd
Certificate IssuerAmazon
Subject*.captcha-delivery.com
FingerprintF2:9E:7E:72:25:57:E3:AF:B6:87:61:A0:0D:B1:85:B4:85:82:E6:96
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
Hash 4aa1f4f61349566987c587cb69da6524
a1dcd8e7cfee37b5424e863318f93b4d523d359b
2c7d363429b683e00468a582d90f71c18ac5aee8809de989631f45579fe57fce
POST /interstitial/ HTTP/1.1
Host: geo.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 7407
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAFRTxcPaYSLkAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=Rxrc3QkWOB_wlaks6rASpP3UJabeCw5AKK8uNES8xP6vU7rJ4VYLET6AlKP4EPNhme39DAYkvNfmFlzylg_rh2DTIrF0KrL_paxB_gofyJONS~xDmY6yfyz9BFsYp4iY&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01JVCHHPGWZD81VS1RESFZ67QW%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=1441348&dm=cd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 16 May 2025 12:36:50 GMT
Content-Type: application/json;charset=utf-8
Content-Length: 1791
Connection: keep-alive
GET dd.prod.captcha-delivery.com/image/2025-05-16/58d6a04efffb06048b301c5693c3e97b.jpg
200 OK 13 kB URL GET dd.prod.captcha-delivery.com/image/2025-05-16/58d6a04efffb06048b301c5693c3e97b.jpg
IP
Requested by https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAFRTxcPaYSLkAW1oqmg==&cid=Rxrc3QkWOB_wlaks6rASpOZETbcVMxpktDJymeWJkS9m7YJSenF_J2axXP~uPhpqfpV8f4NbGEUz~~TKNxJP0j1IJE65bYs1pd6WyY5DqX_9HgbwXSSsip7Z_znfLQd5&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af22a2b95fb08c69fa1a72e6baf32d2472e0e6a476793df6bb3e0b1ccae7090b66fc11d2b4c8f3c9d70e2ac88f06b17bd74d60fda59126cfff487d3c31f383134b5c7fcbdc09517133e657d079b8c8f86cceb35471d4d4de2fe5c3a04c0f53d355a95d5b3d036deea1df8d9ad1ce743b2a71e0fb6a543fb14b10f6c65cf5ba275be35fd101e7903fae6b4ae03d25cd869318adc123dbd4c18b84ddf04b65e082b14c66d53c91bf5228ddeddce6129b9ffb4ce6f156483f0a6a1b702bd740fd244290beecd185d01a27b6b9f7b7c3498d0af0ca0deffcab9dba583ba1fed97ae7efd70426ffadc482c6b3d54f907cd2f24843731d16a1c10964cfd709c7ca5963436de4340842660549a8f37670d1684b6a132d6d77055ae050b21b554165c059e1d48e5e6e65e17d941b20148fa401246f9ebcff810e0ca37517959455b0c5d8b33305db06c9f1be03e33033bd77bbfe4e0c866cca4cfa108623b1209f051f4abf136566b25f4d4fe0df8335f20abd90f0d8%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01JVCHHPGWZD81VS1RESFZ67QW%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=223011d41b379ffdacd9106c7a3349e903efc78022f36d0a6a64e5861c3f8646&ir=36%2C20&dm=dc_ir
Certificate IssuerAmazon
Subjectdd.prod.captcha-delivery.com
Fingerprint78:DE:FA:F7:3D:63:84:2A:F7:68:BE:5E:19:5C:02:C6:7A:A4:A2:DA
ValidityMon, 27 Jan 2025 00:00:00 GMT - Wed, 25 Feb 2026 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 280x155, components 3
Hash fb8bcc6890ee25bdf65e46f68591e88d
dcd7abc3ed73ea1e23ef6679b6f3d55f3edeb482
98f9baf10998dc3ce0169a9b90a0ed59e81926a45338db174093f331884295a9
GET /image/2025-05-16/58d6a04efffb06048b301c5693c3e97b.jpg HTTP/1.1
Host: dd.prod.captcha-delivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 13157
date: Fri, 16 May 2025 00:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3600
last-modified: Mon, 12 May 2025 05:00:16 GMT
x-amz-expiration: expiry-date="Tue, 20 May 2025 00:00:00 GMT", rule-id="auto-clean old captchas image (7 days)"
etag: "fb8bcc6890ee25bdf65e46f68591e88d"
x-amz-server-side-encryption: AES256
x-amz-version-id: jOZGe2ji0fJtW_tlLfkEII76VUsCtANy
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ncJIpakgAGBWf8xupwJT2O_5JlsMKy8AEY0DRlw3o1CRiUup-L9B2Q==
age: 45396
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
185.53.177.54
54.240.174.110
95.211.116.26
13.50.6.43